diff --git a/go.mod b/go.mod index d1ba5ad6..52b54c88 100644 --- a/go.mod +++ b/go.mod @@ -6,8 +6,6 @@ require ( github.com/cilium/ipam v0.0.0-20230509084518-fd66eae7909b github.com/containerd/containerd v1.7.27 github.com/containernetworking/cni v1.1.2 - github.com/coredns/caddy v1.1.2-0.20241029205200-8de985351a98 - github.com/coredns/coredns v1.12.1 github.com/distribution/reference v0.6.0 github.com/docker/cli v27.5.1+incompatible github.com/docker/docker v27.5.1+incompatible @@ -48,7 +46,6 @@ require ( golang.org/x/oauth2 v0.28.0 golang.org/x/sys v0.32.0 golang.org/x/term v0.31.0 - golang.org/x/text v0.24.0 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 golang.zx2c4.com/wireguard v0.0.0-20220920152132-bb719d3a6e2c golang.zx2c4.com/wireguard/windows v0.5.3 @@ -72,39 +69,12 @@ require ( require ( cel.dev/expr v0.19.1 // indirect - cloud.google.com/go/auth v0.15.0 // indirect - cloud.google.com/go/auth/oauth2adapt v0.2.7 // indirect - cloud.google.com/go/compute/metadata v0.6.0 // indirect dario.cat/mergo v1.0.1 // indirect filippo.io/edwards25519 v1.1.0 // indirect github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect - github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect - github.com/Azure/go-autorest v14.2.0+incompatible // indirect - github.com/Azure/go-autorest/autorest v0.11.30 // indirect - github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect - github.com/Azure/go-autorest/autorest/azure/auth v0.5.13 // indirect - github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 // indirect - github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect - github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect - github.com/Azure/go-autorest/logger v0.2.1 // indirect - github.com/Azure/go-autorest/tracing v0.6.0 // indirect github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c // indirect - github.com/DataDog/appsec-internal-go v1.9.0 // indirect - github.com/DataDog/datadog-agent/pkg/obfuscate v0.58.0 // indirect - github.com/DataDog/datadog-agent/pkg/proto v0.58.0 // indirect - github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.58.0 // indirect - github.com/DataDog/datadog-agent/pkg/trace v0.58.0 // indirect - github.com/DataDog/datadog-agent/pkg/util/log v0.58.0 // indirect - github.com/DataDog/datadog-agent/pkg/util/scrubber v0.58.0 // indirect - github.com/DataDog/datadog-go/v5 v5.5.0 // indirect - github.com/DataDog/go-libddwaf/v3 v3.5.1 // indirect - github.com/DataDog/go-runtime-metrics-internal v0.0.4-0.20241206090539-a14610dc22b6 // indirect - github.com/DataDog/go-sqllexer v0.0.14 // indirect - github.com/DataDog/go-tuf v1.1.0-0.5.2 // indirect - github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes v0.20.0 // indirect - github.com/DataDog/sketches-go v1.4.5 // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/Masterminds/goutils v1.1.1 // indirect github.com/Masterminds/semver/v3 v3.3.0 // indirect @@ -114,23 +84,7 @@ require ( github.com/Microsoft/hcsshim v0.12.9 // indirect github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa // indirect github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // indirect - github.com/apparentlymart/go-cidr v1.1.0 // indirect github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect - github.com/aws/aws-sdk-go v1.55.6 // indirect - github.com/aws/aws-sdk-go-v2 v1.36.3 // indirect - github.com/aws/aws-sdk-go-v2/config v1.29.9 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.17.62 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 // indirect - github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.35.2 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.25.1 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.29.1 // indirect - github.com/aws/aws-sdk-go-v2/service/sts v1.33.17 // indirect - github.com/aws/smithy-go v1.22.2 // indirect github.com/beorn7/perks v1.0.1 // indirect github.com/bits-and-blooms/bitset v1.13.0 // indirect github.com/blang/semver/v4 v4.0.0 // indirect @@ -141,27 +95,20 @@ require ( github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/chai2010/gettext-go v1.0.2 // indirect github.com/chmduquesne/rollinghash v4.0.0+incompatible // indirect - github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575 // indirect github.com/cilium/ebpf v0.16.0 // indirect github.com/cncf/xds/go v0.0.0-20241223141626-cff3c89139a3 // indirect github.com/containerd/log v0.1.0 // indirect github.com/containerd/platforms v0.2.1 // indirect github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6 // indirect - github.com/coreos/go-semver v0.3.1 // indirect - github.com/coreos/go-systemd/v22 v22.5.0 // indirect github.com/cyphar/filepath-securejoin v0.4.1 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/dblohm7/wingoes v0.0.0-20240119213807-a09d6be7affa // indirect - github.com/dimchansky/utfbom v1.1.1 // indirect - github.com/dnstap/golang-dnstap v0.4.0 // indirect github.com/docker/distribution v2.8.3+incompatible // indirect github.com/docker/docker-credential-helpers v0.8.2 // indirect github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c // indirect github.com/docker/go-events v0.0.0-20250114142523-c867878c5e32 // indirect github.com/docker/go-metrics v0.0.1 // indirect github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 // indirect - github.com/dustin/go-humanize v1.0.1 // indirect - github.com/eapache/queue/v2 v2.0.0-20230407133247-75960ed334e4 // indirect github.com/ebitengine/purego v0.8.3 // indirect github.com/emicklei/go-restful/v3 v3.12.2 // indirect github.com/envoyproxy/go-control-plane/ratelimit v0.1.0 // indirect @@ -169,12 +116,9 @@ require ( github.com/evanphx/json-patch v5.9.11+incompatible // indirect github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect - github.com/expr-lang/expr v1.17.2 // indirect - github.com/farsightsec/golang-framestream v0.3.0 // indirect github.com/fatih/camelcase v1.0.0 // indirect github.com/fatih/color v1.18.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect - github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 // indirect github.com/fvbommel/sortorder v1.1.0 // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/gaissmai/bart v0.11.1 // indirect @@ -194,7 +138,6 @@ require ( github.com/gobwas/glob v0.2.3 // indirect github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang-jwt/jwt/v4 v4.5.2 // indirect github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/golang/snappy v0.0.4 // indirect github.com/google/btree v1.1.3 // indirect @@ -202,36 +145,29 @@ require ( github.com/google/gofuzz v1.2.0 // indirect github.com/google/nftables v0.2.1-0.20240414091927-5e242ec57806 // indirect github.com/google/pprof v0.0.0-20250202011525-fc3143867406 // indirect - github.com/google/s2a-go v0.1.9 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect - github.com/googleapis/enterprise-certificate-proxy v0.3.6 // indirect - github.com/googleapis/gax-go/v2 v2.14.1 // indirect github.com/gorilla/mux v1.8.1 // indirect github.com/gorilla/websocket v1.5.3 // indirect github.com/gosuri/uitable v0.0.4 // indirect github.com/greatroar/blobloom v0.8.0 // indirect github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.25.1 // indirect - github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 // indirect - github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect - github.com/hashicorp/go-sockaddr v1.0.2 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect + github.com/hashicorp/hcl v1.0.1-vault-5 // indirect github.com/hdevalence/ed25519consensus v0.2.0 // indirect github.com/huandu/xstrings v1.5.0 // indirect github.com/illarion/gonotify/v2 v2.0.3 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect - github.com/infobloxopen/go-trees v0.0.0-20221216143356-66ceba885ebc // indirect github.com/jackpal/gateway v1.0.16 // indirect github.com/jackpal/go-nat-pmp v1.0.2 // indirect github.com/jcmturner/aescts/v2 v2.0.0 // indirect github.com/jcmturner/dnsutils/v2 v2.0.0 // indirect github.com/jcmturner/goidentity/v6 v6.0.1 // indirect github.com/jcmturner/rpc/v2 v2.0.3 // indirect - github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/jinzhu/gorm v1.9.16 // indirect github.com/jmoiron/sqlx v1.4.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/josharian/native v1.1.1-0.20230202152459-5c7d0dd6ab86 // indirect @@ -248,14 +184,12 @@ require ( github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/mdlayher/netlink v1.7.2 // indirect github.com/mdlayher/socket v0.5.0 // indirect github.com/miekg/pkcs11 v1.1.1 // indirect github.com/miscreant/miscreant.go v0.0.0-20200214223636-26d376326b75 // indirect github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db // indirect github.com/mitchellh/copystructure v1.2.0 // indirect - github.com/mitchellh/go-homedir v1.1.0 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c // indirect github.com/mitchellh/reflectwalk v1.0.2 // indirect @@ -270,15 +204,9 @@ require ( github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect github.com/onsi/ginkgo/v2 v2.22.2 // indirect github.com/opencontainers/go-digest v1.0.0 // indirect - github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492 // indirect github.com/opentracing/opentracing-go v1.2.0 // indirect - github.com/openzipkin-contrib/zipkin-go-opentracing v0.5.0 // indirect - github.com/openzipkin/zipkin-go v0.4.3 // indirect - github.com/oschwald/geoip2-golang v1.11.0 // indirect - github.com/oschwald/maxminddb-golang v1.13.1 // indirect - github.com/outcaste-io/ristretto v0.2.3 // indirect + github.com/pelletier/go-toml/v2 v2.0.9 // indirect github.com/peterbourgon/diskv v2.0.1+incompatible // indirect - github.com/philhofer/fwd v1.1.3-0.20240612014219-fbbf4953d986 // indirect github.com/pierrec/lz4/v4 v4.1.22 // indirect github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect @@ -292,11 +220,7 @@ require ( github.com/rivo/uniseg v0.4.7 // indirect github.com/rubenv/sql-migrate v1.7.1 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/ryanuber/go-glob v1.0.0 // indirect - github.com/secure-systems-lab/go-securesystemslib v0.8.0 // indirect - github.com/shirou/gopsutil/v3 v3.24.4 // indirect github.com/shirou/gopsutil/v4 v4.25.1 // indirect - github.com/shoenig/go-m1cpu v0.1.6 // indirect github.com/shopspring/decimal v1.4.0 // indirect github.com/spf13/cast v1.7.0 // indirect github.com/stretchr/objx v0.5.2 // indirect @@ -305,7 +229,6 @@ require ( github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect github.com/tailscale/netlink v1.1.1-0.20240822203006-4d49adab4de7 // indirect github.com/theupdateframework/notary v0.7.0 // indirect - github.com/tinylib/msgp v1.2.1 // indirect github.com/tklauser/go-sysconf v0.3.14 // indirect github.com/tklauser/numcpus v0.9.0 // indirect github.com/ulikunitz/xz v0.5.12 // indirect @@ -317,15 +240,7 @@ require ( github.com/xeipuuv/gojsonschema v1.2.0 // indirect github.com/xlab/treeprint v1.2.0 // indirect github.com/yusufpapurcu/wmi v1.2.4 // indirect - go.etcd.io/etcd/api/v3 v3.5.20 // indirect - go.etcd.io/etcd/client/pkg/v3 v3.5.20 // indirect - go.etcd.io/etcd/client/v3 v3.5.20 // indirect go.opentelemetry.io/auto/sdk v1.1.0 // indirect - go.opentelemetry.io/collector/component v0.104.0 // indirect - go.opentelemetry.io/collector/config/configtelemetry v0.104.0 // indirect - go.opentelemetry.io/collector/pdata v1.11.0 // indirect - go.opentelemetry.io/collector/pdata/pprofile v0.104.0 // indirect - go.opentelemetry.io/collector/semconv v0.104.0 // indirect go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect go.opentelemetry.io/otel v1.35.0 // indirect go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.34.0 // indirect @@ -336,27 +251,21 @@ require ( go.opentelemetry.io/otel/sdk/metric v1.35.0 // indirect go.opentelemetry.io/otel/trace v1.35.0 // indirect go.opentelemetry.io/proto/otlp v1.5.0 // indirect - go.uber.org/atomic v1.11.0 // indirect go.uber.org/mock v0.5.0 // indirect - go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.27.0 // indirect go4.org/mem v0.0.0-20220726221520-4f986261bf13 // indirect go4.org/netipx v0.0.0-20231129151722-fdeea329fbba // indirect golang.org/x/exp v0.0.0-20250207012021-f9890c6ad9f3 // indirect golang.org/x/mod v0.23.0 // indirect golang.org/x/sync v0.13.0 // indirect + golang.org/x/text v0.24.0 // indirect golang.org/x/time v0.11.0 // indirect golang.org/x/tools v0.30.0 // indirect - golang.org/x/xerrors v0.0.0-20240716161551-93cc26a95ae9 // indirect gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect - google.golang.org/api v0.227.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20250409194420-de1ac958c67a // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e // indirect - gopkg.in/DataDog/dd-trace-go.v1 v1.72.2 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/fsnotify.v1 v1.4.7 // indirect gopkg.in/inf.v0 v0.9.1 // indirect - gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index 4a9f4661..e63fcf3a 100644 --- a/go.sum +++ b/go.sum @@ -1,45 +1,13 @@ cel.dev/expr v0.19.1 h1:NciYrtDRIR0lNCnH1LFJegdjspNx9fI59O7TWcua/W4= cel.dev/expr v0.19.1/go.mod h1:MrpN08Q+lEBs+bGYdLxxHkZoUSsCp0nSKTs0nTymJgw= -cloud.google.com/go/auth v0.15.0 h1:Ly0u4aA5vG/fsSsxu98qCQBemXtAtJf+95z9HK+cxps= -cloud.google.com/go/auth v0.15.0/go.mod h1:WJDGqZ1o9E9wKIL+IwStfyn/+s59zl4Bi+1KQNVXLZ8= -cloud.google.com/go/auth/oauth2adapt v0.2.7 h1:/Lc7xODdqcEw8IrZ9SvwnlLX6j9FHQM74z6cBk9Rw6M= -cloud.google.com/go/auth/oauth2adapt v0.2.7/go.mod h1:NTbTTzfvPl1Y3V1nPpOgl2w6d/FjO7NNUQaWSox6ZMc= -cloud.google.com/go/compute/metadata v0.6.0 h1:A6hENjEsCDtC1k8byVsgwvVcioamEHvZ4j01OwKxG9I= -cloud.google.com/go/compute/metadata v0.6.0/go.mod h1:FjyFAW1MW0C203CEOMDTu3Dk1FlqW3Rga40jzHL4hfg= dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA= filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4= github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 h1:He8afgbRMd7mFxO99hRNu+6tazq8nFF9lIwo9JFroBk= github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6/go.mod h1:8o94RPi1/7XTJvwPpRSzSUedZrtlirdB3r9Z20bi2f8= -github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU= -github.com/Azure/azure-sdk-for-go v68.0.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg= github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= -github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= -github.com/Azure/go-autorest v14.2.0+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.11.28/go.mod h1:MrkzG3Y3AH668QyF9KRk5neJnGgmhQ6krbhR8Q5eMvA= -github.com/Azure/go-autorest/autorest v0.11.30 h1:iaZ1RGz/ALZtN5eq4Nr1SOFSlf2E4pDI3Tcsl+dZPVE= -github.com/Azure/go-autorest/autorest v0.11.30/go.mod h1:t1kpPIOpIVX7annvothKvb0stsrXa37i7b+xpmBW8Fs= -github.com/Azure/go-autorest/autorest/adal v0.9.18/go.mod h1:XVVeme+LZwABT8K5Lc3hA4nAe8LDBVle26gTrguhhPQ= -github.com/Azure/go-autorest/autorest/adal v0.9.22/go.mod h1:XuAbAEUv2Tta//+voMI038TrJBqjKam0me7qR+L8Cmk= -github.com/Azure/go-autorest/autorest/adal v0.9.23 h1:Yepx8CvFxwNKpH6ja7RZ+sKX+DWYNldbLiALMC3BTz8= -github.com/Azure/go-autorest/autorest/adal v0.9.23/go.mod h1:5pcMqFkdPhviJdlEy3kC/v1ZLnQl0MH6XA5YCcMhy4c= -github.com/Azure/go-autorest/autorest/azure/auth v0.5.13 h1:Ov8avRZi2vmrE2JcXw+tu5K/yB41r7xK9GZDiBF7NdM= -github.com/Azure/go-autorest/autorest/azure/auth v0.5.13/go.mod h1:5BAVfWLWXihP47vYrPuBKKf4cS0bXI+KM9Qx6ETDJYo= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.6 h1:w77/uPk80ZET2F+AfQExZyEWtn+0Rk/uw17m9fv5Ajc= -github.com/Azure/go-autorest/autorest/azure/cli v0.4.6/go.mod h1:piCfgPho7BiIDdEQ1+g4VmKyD5y+p/XtSNqE6Hc4QD0= -github.com/Azure/go-autorest/autorest/date v0.3.0 h1:7gUk1U5M/CQbp9WoqinNzJar+8KY+LPI6wiWrP/myHw= -github.com/Azure/go-autorest/autorest/date v0.3.0/go.mod h1:BI0uouVdmngYNUzGWeSYnokU+TrmwEsOqdt8Y6sso74= -github.com/Azure/go-autorest/autorest/mocks v0.4.1/go.mod h1:LTp+uSrOhSkaKrUy935gNZuuIPPVsHlr9DSOxSayd+k= -github.com/Azure/go-autorest/autorest/mocks v0.4.2 h1:PGN4EDXnuQbojHbU0UWoNvmu9AGVwYHG9/fkDYhtAfw= -github.com/Azure/go-autorest/autorest/mocks v0.4.2/go.mod h1:Vy7OitM9Kei0i1Oj+LvyAWMXJHeKH1MVlzFugfVrmyU= -github.com/Azure/go-autorest/autorest/to v0.4.0 h1:oXVqrxakqqV1UZdSazDOPOLvOIz+XA683u8EctwboHk= -github.com/Azure/go-autorest/autorest/to v0.4.0/go.mod h1:fE8iZBn7LQR7zH/9XU2NcPR4o9jEImooCeWJcYV/zLE= -github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+ZtXWSmf4Tg= -github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= -github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= -github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+s7s0MwaRv9igoPqLRdzOLzw/8Xvq8= github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= @@ -47,36 +15,6 @@ github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c h1:pxW6RcqyfI9/k github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= github.com/DATA-DOG/go-sqlmock v1.5.2 h1:OcvFkGmslmlZibjAjaHm3L//6LiuBgolP7OputlJIzU= github.com/DATA-DOG/go-sqlmock v1.5.2/go.mod h1:88MAG/4G7SMwSE3CeA0ZKzrT5CiOU3OJ+JlNzwDqpNU= -github.com/DataDog/appsec-internal-go v1.9.0 h1:cGOneFsg0JTRzWl5U2+og5dbtyW3N8XaYwc5nXe39Vw= -github.com/DataDog/appsec-internal-go v1.9.0/go.mod h1:wW0cRfWBo4C044jHGwYiyh5moQV2x0AhnwqMuiX7O/g= -github.com/DataDog/datadog-agent/pkg/obfuscate v0.58.0 h1:nOrRNCHyriM/EjptMrttFOQhRSmvfagESdpyknb5VPg= -github.com/DataDog/datadog-agent/pkg/obfuscate v0.58.0/go.mod h1:MfDvphBMmEMwE3a30h27AtPO7OzmvdoVTiGY1alEmo4= -github.com/DataDog/datadog-agent/pkg/proto v0.58.0 h1:JX2Q0C5QnKcYqnYHWUcP0z7R0WB8iiQz3aWn+kT5DEc= -github.com/DataDog/datadog-agent/pkg/proto v0.58.0/go.mod h1:0wLYojGxRZZFQ+SBbFjay9Igg0zbP88l03TfZaVZ6Dc= -github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.58.0 h1:5hGO0Z8ih0bRojuq+1ZwLFtdgsfO3TqIjbwJAH12sOQ= -github.com/DataDog/datadog-agent/pkg/remoteconfig/state v0.58.0/go.mod h1:jN5BsZI+VilHJV1Wac/efGxS4TPtXa1Lh9SiUyv93F4= -github.com/DataDog/datadog-agent/pkg/trace v0.58.0 h1:4AjohoBWWN0nNaeD/0SDZ8lRTYmnJ48CqREevUfSets= -github.com/DataDog/datadog-agent/pkg/trace v0.58.0/go.mod h1:MFnhDW22V5M78MxR7nv7abWaGc/B4L42uHH1KcIKxZs= -github.com/DataDog/datadog-agent/pkg/util/log v0.58.0 h1:2MENBnHNw2Vx/ebKRyOPMqvzWOUps2Ol2o/j8uMvN4U= -github.com/DataDog/datadog-agent/pkg/util/log v0.58.0/go.mod h1:1KdlfcwhqtYHS1szAunsgSfvgoiVsf3mAJc+WvNTnIE= -github.com/DataDog/datadog-agent/pkg/util/scrubber v0.58.0 h1:Jkf91q3tuIer4Hv9CLJIYjlmcelAsoJRMmkHyz+p1Dc= -github.com/DataDog/datadog-agent/pkg/util/scrubber v0.58.0/go.mod h1:krOxbYZc4KKE7bdEDu10lLSQBjdeSFS/XDSclsaSf1Y= -github.com/DataDog/datadog-go/v5 v5.5.0 h1:G5KHeB8pWBNXT4Jtw0zAkhdxEAWSpWH00geHI6LDrKU= -github.com/DataDog/datadog-go/v5 v5.5.0/go.mod h1:K9kcYBlxkcPP8tvvjZZKs/m1edNAUFzBbdpTUKfCsuw= -github.com/DataDog/go-libddwaf/v3 v3.5.1 h1:GWA4ln4DlLxiXm+X7HA/oj0ZLcdCwOS81KQitegRTyY= -github.com/DataDog/go-libddwaf/v3 v3.5.1/go.mod h1:n98d9nZ1gzenRSk53wz8l6d34ikxS+hs62A31Fqmyi4= -github.com/DataDog/go-runtime-metrics-internal v0.0.4-0.20241206090539-a14610dc22b6 h1:bpitH5JbjBhfcTG+H2RkkiUXpYa8xSuIPnyNtTaSPog= -github.com/DataDog/go-runtime-metrics-internal v0.0.4-0.20241206090539-a14610dc22b6/go.mod h1:quaQJ+wPN41xEC458FCpTwyROZm3MzmTZ8q8XOXQiPs= -github.com/DataDog/go-sqllexer v0.0.14 h1:xUQh2tLr/95LGxDzLmttLgTo/1gzFeOyuwrQa/Iig4Q= -github.com/DataDog/go-sqllexer v0.0.14/go.mod h1:KwkYhpFEVIq+BfobkTC1vfqm4gTi65skV/DpDBXtexc= -github.com/DataDog/go-tuf v1.1.0-0.5.2 h1:4CagiIekonLSfL8GMHRHcHudo1fQnxELS9g4tiAupQ4= -github.com/DataDog/go-tuf v1.1.0-0.5.2/go.mod h1:zBcq6f654iVqmkk8n2Cx81E1JnNTMOAx1UEO/wZR+P0= -github.com/DataDog/gostackparse v0.7.0 h1:i7dLkXHvYzHV308hnkvVGDL3BR4FWl7IsXNPz/IGQh4= -github.com/DataDog/gostackparse v0.7.0/go.mod h1:lTfqcJKqS9KnXQGnyQMCugq3u1FP6UZMfWR0aitKFMM= -github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes v0.20.0 h1:fKv05WFWHCXQmUTehW1eEZvXJP65Qv00W4V01B1EqSA= -github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes v0.20.0/go.mod h1:dvIWN9pA2zWNTw5rhDWZgzZnhcfpH++d+8d1SWW6xkY= -github.com/DataDog/sketches-go v1.4.5 h1:ki7VfeNz7IcNafq7yI/j5U/YCkO3LJiMDtXz9OMQbyE= -github.com/DataDog/sketches-go v1.4.5/go.mod h1:7Y8GN8Jf66DLyDhc94zuWA3uHEt/7ttt8jHOBWWrSOg= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= @@ -87,62 +25,29 @@ github.com/Masterminds/sprig/v3 v3.3.0 h1:mQh0Yrg1XPo6vjYXgtf5OtijNAKJRNcTdOOGZe github.com/Masterminds/sprig/v3 v3.3.0/go.mod h1:Zy1iXRYNqNLUolqCpL4uhk6SHUMAOSCzdgBfDb35Lz0= github.com/Masterminds/squirrel v1.5.4 h1:uUcX/aBc8O7Fg9kaISIUsHXdKuqehiXAMQTYX8afzqM= github.com/Masterminds/squirrel v1.5.4/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10= -github.com/Microsoft/go-winio v0.5.0/go.mod h1:JPGBdM1cNvN/6ISo+n8V5iA4v8pBzdOpzfwIujj1a84= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= github.com/Microsoft/hcsshim v0.12.9 h1:2zJy5KA+l0loz1HzEGqyNnjd3fyZA31ZBCGKacp6lLg= github.com/Microsoft/hcsshim v0.12.9/go.mod h1:fJ0gkFAna6ukt0bLdKB8djt4XIJhF/vEPuoIWYVvZ8Y= +github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc= github.com/Shopify/logrus-bugsnag v0.0.0-20170309145241-6dbc35f2c30d h1:hi6J4K6DKrR4/ljxn6SF6nURyu785wKMuQcjt7H3VCQ= github.com/Shopify/logrus-bugsnag v0.0.0-20170309145241-6dbc35f2c30d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa h1:LHTHcTQiSGT7VVbI0o4wBRNQIgn917usHWOd6VAffYI= github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4= +github.com/andybalholm/cascadia v1.1.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9PqHO0sqidkEA4Y= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= -github.com/apparentlymart/go-cidr v1.1.0 h1:2mAhrMoF+nhXqxTzSZMUzDHkLjmIHC+Zzn4tdgBZjnU= -github.com/apparentlymart/go-cidr v1.1.0/go.mod h1:EBcsNrHc3zQeuaeCeCtQruQm+n9/YjEn/vI25Lg7Gwc= -github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/aws/aws-sdk-go v1.55.6 h1:cSg4pvZ3m8dgYcgqB97MrcdjUmZ1BeMYKUxMMB89IPk= -github.com/aws/aws-sdk-go v1.55.6/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= -github.com/aws/aws-sdk-go-v2 v1.36.3 h1:mJoei2CxPutQVxaATCzDUjcZEjVRdpsiiXi2o38yqWM= -github.com/aws/aws-sdk-go-v2 v1.36.3/go.mod h1:LLXuLpgzEbD766Z5ECcRmi8AzSwfZItDtmABVkRLGzg= -github.com/aws/aws-sdk-go-v2/config v1.29.9 h1:Kg+fAYNaJeGXp1vmjtidss8O2uXIsXwaRqsQJKXVr+0= -github.com/aws/aws-sdk-go-v2/config v1.29.9/go.mod h1:oU3jj2O53kgOU4TXq/yipt6ryiooYjlkqqVaZk7gY/U= -github.com/aws/aws-sdk-go-v2/credentials v1.17.62 h1:fvtQY3zFzYJ9CfixuAQ96IxDrBajbBWGqjNTCa79ocU= -github.com/aws/aws-sdk-go-v2/credentials v1.17.62/go.mod h1:ElETBxIQqcxej++Cs8GyPBbgMys5DgQPTwo7cUPDKt8= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 h1:x793wxmUWVDhshP8WW2mlnXuFrO4cOd3HLBroh1paFw= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30/go.mod h1:Jpne2tDnYiFascUEs2AWHJL9Yp7A5ZVy3TNyxaAjD6M= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 h1:ZK5jHhnrioRkUNOc+hOgQKlUL5JeC3S6JgLxtQ+Rm0Q= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34/go.mod h1:p4VfIceZokChbA9FzMbRGz5OV+lekcVtHlPKEO0gSZY= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 h1:SZwFm17ZUNNg5Np0ioo/gq8Mn6u9w19Mri8DnJ15Jf0= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34/go.mod h1:dFZsC0BLo346mvKQLWmoJxT+Sjp+qcVR1tRVHQGOH9Q= -github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 h1:bIqFDwgGXXN1Kpp99pDOdKMTTb5d2KyU5X/BZxjOkRo= -github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3/go.mod h1:H5O/EsxDWyU+LP/V8i5sm8cxoZgc2fdNR9bxlOFrQTo= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 h1:eAh2A4b5IzM/lum78bZ590jy36+d/aFLgKF/4Vd1xPE= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3/go.mod h1:0yKJC/kb8sAnmlYa6Zs3QVYqaC8ug2AbnNChv5Ox3uA= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 h1:dM9/92u2F1JbDaGooxTq18wmmFzbJRfXfVfy96/1CXM= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15/go.mod h1:SwFBy2vjtA0vZbjjaFtfN045boopadnoVPhu4Fv66vY= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.35.2 h1:vlYXbindmagyVA3RS2SPd47eKZ00GZZQcr+etTviHtc= -github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.35.2/go.mod h1:yGhDiLKguA3iFJYxbrQkQiNzuy+ddxesSZYWVeeEH5Q= -github.com/aws/aws-sdk-go-v2/service/sso v1.25.1 h1:8JdC7Gr9NROg1Rusk25IcZeTO59zLxsKgE0gkh5O6h0= -github.com/aws/aws-sdk-go-v2/service/sso v1.25.1/go.mod h1:qs4a9T5EMLl/Cajiw2TcbNt2UNo/Hqlyp+GiuG4CFDI= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.29.1 h1:KwuLovgQPcdjNMfFt9OhUd9a2OwcOKhxfvF4glTzLuA= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.29.1/go.mod h1:MlYRNmYu/fGPoxBQVvBYr9nyr948aY/WLUvwBMBJubs= -github.com/aws/aws-sdk-go-v2/service/sts v1.33.17 h1:PZV5W8yk4OtH1JAuhV2PXwwO9v5G5Aoj+eMCn4T+1Kc= -github.com/aws/aws-sdk-go-v2/service/sts v1.33.17/go.mod h1:cQnB8CUnxbMU82JvlqjKR2HBOm3fe9pWorWBza6MBJ4= -github.com/aws/smithy-go v1.22.2 h1:6D9hW43xKFrRx/tXXfAlIZc4JI+yQe6snnWcQyxSyLQ= -github.com/aws/smithy-go v1.22.2/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg= github.com/beorn7/perks v0.0.0-20150223135152-b965b613227f/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bitly/go-hostpool v0.1.0/go.mod h1:4gOCgp6+NZnVqlKyZ/iBZFTAJKembaVENUpMkpg42fw= github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= github.com/bits-and-blooms/bitset v1.13.0 h1:bAQ9OPNFYbGHV6Nez0tmNI0RiEu7/hxlYJRUA0wFAVE= @@ -166,7 +71,6 @@ github.com/ccding/go-stun v0.1.5 h1:qEM367nnezmj7dv+SdT52prv5x6HUTG3nlrjX5aitlo= github.com/ccding/go-stun v0.1.5/go.mod h1:cCZjJ1J3WFSJV6Wj8Y9Di8JMTsEXh6uv2eNmLzKaUeM= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= -github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk= @@ -176,8 +80,6 @@ github.com/chmduquesne/rollinghash v4.0.0+incompatible/go.mod h1:Uc2I36RRfTAf7Dg github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= -github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575 h1:kHaBemcxl8o/pQ5VM1c8PVE1PubbNx3mjUr09OqWGCs= -github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575/go.mod h1:9d6lWj8KzO/fd/NrVaLscBKmPigpZpn5YawRPw+e3Yo= github.com/cilium/ebpf v0.16.0 h1:+BiEnHL6Z7lXnlGUsXQPPAE7+kenAd4ES8MQ5min0Ok= github.com/cilium/ebpf v0.16.0/go.mod h1:L7u2Blt2jMM/vLAVgjxluxtBKlz3/GWjB0dMOEngfwE= github.com/cilium/ipam v0.0.0-20230509084518-fd66eae7909b h1:yTDNdo6hd8ABJYeLUvmqKAYj3jaRzLYx3UwM+/jSeBY= @@ -194,14 +96,9 @@ github.com/containerd/platforms v0.2.1 h1:zvwtM3rz2YHPQsF2CHYM8+KtB5dvhISiXh5ZpS github.com/containerd/platforms v0.2.1/go.mod h1:XHCb+2/hzowdiut9rkudds9bE5yJ7npe7dG/wG+uFPw= github.com/containernetworking/cni v1.1.2 h1:wtRGZVv7olUHMOqouPpn3cXJWpJgM6+EUl31EQbXALQ= github.com/containernetworking/cni v1.1.2/go.mod h1:sDpYKmGVENF3s6uvMvGgldDWeG8dMxakj/u+i9ht9vw= -github.com/coredns/caddy v1.1.2-0.20241029205200-8de985351a98 h1:c+Epklw9xk6BZ1OFBPWLA2PcL8QalKvl3if8CP9x8uw= -github.com/coredns/caddy v1.1.2-0.20241029205200-8de985351a98/go.mod h1:A6ntJQlAWuQfFlsd9hvigKbo2WS0VUs2l1e2F+BawD4= -github.com/coredns/coredns v1.12.1 h1:haptbGscSbdWU46xrjdPj1vp3wvH1Z2FgCSQKEdgN5s= -github.com/coredns/coredns v1.12.1/go.mod h1:V26ngiKdNvAiEre5PTAvklrvTjnNjl6lakq1nbE/NbU= github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6 h1:8h5+bWd7R6AYUslN6c6iuZWTKsKxUFDlpnmilO6R2n0= github.com/coreos/go-iptables v0.7.1-0.20240112124308-65c67c9f46e6/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= -github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4= -github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec= +github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf h1:iW4rZ826su+pqaw19uhpSCzhj44qo35pNgKFGqzDKkU= github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= @@ -218,20 +115,14 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dblohm7/wingoes v0.0.0-20240119213807-a09d6be7affa h1:h8TfIT1xc8FWbwwpmHn1J5i43Y0uZP97GqasGCzSRJk= github.com/dblohm7/wingoes v0.0.0-20240119213807-a09d6be7affa/go.mod h1:Nx87SkVqTKd8UtT+xu7sM/l+LgXs6c0aHrlKusR+2EQ= +github.com/denisenkom/go-mssqldb v0.0.0-20191124224453-732737034ffd/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= github.com/denisenkom/go-mssqldb v0.0.0-20191128021309-1d7a30a10f73/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= -github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= -github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13 h1:fAjc9m62+UWV/WAFKLNi6ZS0675eEUC9y3AlwSbQu1Y= -github.com/dgryski/go-farm v0.0.0-20200201041132-a6ae2369ad13/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78= github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc= -github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= -github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= github.com/distribution/distribution/v3 v3.0.0-rc.3 h1:JRJso9IVLoooKX76oWR+DWCCdZlK5m4nRtDWvzB1ITg= github.com/distribution/distribution/v3 v3.0.0-rc.3/go.mod h1:offoOgrnYs+CFwis8nE0hyzYZqRCZj5EFc5kgfszwiE= github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= -github.com/dnstap/golang-dnstap v0.4.0 h1:KRHBoURygdGtBjDI2w4HifJfMAhhOqDuktAokaSa234= -github.com/dnstap/golang-dnstap v0.4.0/go.mod h1:FqsSdH58NAmkAvKcpyxht7i4FoBjKu8E4JUPt8ipSUs= github.com/docker/cli v27.5.1+incompatible h1:JB9cieUT9YNiMITtIsguaN55PLOHhBSz3LKVc6cqWaY= github.com/docker/cli v27.5.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= @@ -257,12 +148,7 @@ github.com/docker/libcontainer v2.2.1+incompatible h1:++SbbkCw+X8vAd4j2gOCzZ2Nn7 github.com/docker/libcontainer v2.2.1+incompatible/go.mod h1:osvj61pYsqhNCMLGX31xr7klUBhHb/ZBuXS0o1Fvwbw= github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7 h1:UhxFibDNY/bfvqU5CAUmr9zpesgbU6SWc8/B4mflAE4= github.com/docker/libtrust v0.0.0-20160708172513-aabc10ec26b7/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= -github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= -github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= github.com/dvsekhvalnov/jose2go v0.0.0-20170216131308-f21a8cedbbae/go.mod h1:7BvyPhdbLxMXIYTFPLsyJRFMsKmOZnQmzh6Gb+uquuM= -github.com/eapache/queue/v2 v2.0.0-20230407133247-75960ed334e4 h1:8EXxF+tCLqaVk8AOC29zl2mnhQjwyLxxOTuhUazWRsg= -github.com/eapache/queue/v2 v2.0.0-20230407133247-75960ed334e4/go.mod h1:I5sHm0Y0T1u5YjlyqC5GVArM7aNZRUYtTjmJ8mPJFds= github.com/ebitengine/purego v0.8.3 h1:K+0AjQp63JEZTEMZiwsI9g0+hAMNohwUOtY0RPGexmc= github.com/ebitengine/purego v0.8.3/go.mod h1:iIjxzd6CiRiOG0UyXP+V1+jWqUXVjPKLAI0mRfJZTmQ= github.com/emicklei/go-restful/v3 v3.12.2 h1:DhwDP0vY3k8ZzE0RunuJy8GhNpPL6zqLkDf9B/a0/xU= @@ -282,19 +168,12 @@ github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjT github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc= -github.com/expr-lang/expr v1.17.2 h1:o0A99O/Px+/DTjEnQiodAgOIK9PPxL8DtXhBRKC+Iso= -github.com/expr-lang/expr v1.17.2/go.mod h1:8/vRC7+7HBzESEqt5kKpYXxrxkr31SaO8r40VO/1IT4= -github.com/farsightsec/golang-framestream v0.3.0 h1:/spFQHucTle/ZIPkYqrfshQqPe2VQEzesH243TjIwqA= -github.com/farsightsec/golang-framestream v0.3.0/go.mod h1:eNde4IQyEiA5br02AouhEHCu3p3UzrCdFR4LuQHklMI= github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= -github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= github.com/fatih/color v1.18.0/go.mod h1:4FelSpRwEGDpQ12mAdzqdOukCy4u8WUtOY6lkT/6HfU= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 h1:BHsljHzVlRcyQhjrss6TZTdY2VfCqZPbv5k3iBFa2ZQ= -github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= github.com/foxcpp/go-mockdns v1.1.0 h1:jI0rD8M0wuYAxL7r/ynTrCQQq0BVqfB99Vgk7DlmewI= github.com/foxcpp/go-mockdns v1.1.0/go.mod h1:IhLeSFGed3mJIAXPH2aiRQB+kqz7oqu8ld2qVbOu7Wk= github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= @@ -342,6 +221,7 @@ github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDsl github.com/go-openapi/swag v0.23.1 h1:lpsStH0n2ittzTnbaSloVZLuB5+fvSY/+hnagBjSNZU= github.com/go-openapi/swag v0.23.1/go.mod h1:STZs8TbRvEQQKUA+JZNAm3EWlgaOBGpyFDqQnDHMef0= github.com/go-sql-driver/mysql v1.3.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= +github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= @@ -352,22 +232,15 @@ github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIx github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= -github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 h1:sQspH8M4niEijh3PFscJRLDnkL547IeP7kpPe3uUhEg= github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466/go.mod h1:ZiQxhyQ+bbbfxUKVvjfO498oPYvtYhZzycal3G/NHmU= github.com/gogo/protobuf v1.0.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= -github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= -github.com/golang-jwt/jwt/v4 v4.5.2 h1:YtQM7lnr8iZ+j5q71MGKkNw9Mn7AjHM68uc9g5fXeUI= -github.com/golang-jwt/jwt/v4 v4.5.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ= github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw= -github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -394,7 +267,6 @@ github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= @@ -409,17 +281,10 @@ github.com/google/nftables v0.2.1-0.20240414091927-5e242ec57806/go.mod h1:Beg6V6 github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20250202011525-fc3143867406 h1:wlQI2cYY0BsWmmPPAnxfQ8SDW0S3Jasn+4B8kXFxprg= github.com/google/pprof v0.0.0-20250202011525-fc3143867406/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= -github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0= -github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= -github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/enterprise-certificate-proxy v0.3.6 h1:GW/XbdyBFQ8Qe+YAmFU9uHLo7OnF5tL52HFAgMmyrf4= -github.com/googleapis/enterprise-certificate-proxy v0.3.6/go.mod h1:MkHOF77EYAE7qfSuSS9PU6g4Nt4e11cnsDUowfwewLA= -github.com/googleapis/gax-go/v2 v2.14.1 h1:hb0FFeiPaQskmvakKu5EbCbpntQn48jyHuvrkurSS/Q= -github.com/googleapis/gax-go/v2 v2.14.1/go.mod h1:Hb/NubMaVM88SrNkvl8X/o8XWwDJEPqouaLeN2IUxoA= github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE= github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w= github.com/gorilla/mux v1.7.0/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= @@ -440,29 +305,18 @@ github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJr github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= github.com/grpc-ecosystem/grpc-gateway/v2 v2.25.1 h1:VNqngBF40hVlDloBruUehVYC3ArSgIyScOAyMRqBxRg= github.com/grpc-ecosystem/grpc-gateway/v2 v2.25.1/go.mod h1:RBRO7fro65R6tjKzYgLAFo0t1QEXY1Dp+i/bvpRiqiQ= -github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU= -github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645/go.mod h1:6iZfnjpejD4L/4DwD7NryNaJyCQdzwWwH2MWhCA90Kw= github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed h1:5upAirOpQc1Q53c0bnx2ufif5kANL7bfZWcc6VJWJd8= github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7 h1:UpiO20jno/eV1eVZcxqWnUohyKRe1g8FPV/xH1s/2qs= -github.com/hashicorp/go-secure-stdlib/parseutil v0.1.7/go.mod h1:QmrqtbKuxxSWTN3ETMPuB+VtEiBJ/A9XhoYGv8E1uD8= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.1/go.mod h1:gKOamz3EwoIoJq7mlMIRBpVTAUn8qPCrEclOKKWhD3U= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 h1:kes8mmyCpxJsI7FTwtzRqEy9CdjCtrXrXGuOpxEA7Ts= -github.com/hashicorp/go-secure-stdlib/strutil v0.1.2/go.mod h1:Gou2R9+il93BqX25LAKCLuM+y9U2T4hlwvT1yprcna4= -github.com/hashicorp/go-sockaddr v1.0.2 h1:ztczhD1jLxIRjVejw8gFomI1BQZOe2WoVOu0SyteCQc= -github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.7.0 h1:5tqGy27NaOTB8yJKUZELlFAS/LTKJkrmONwQKeRZfjY= github.com/hashicorp/go-version v1.7.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c= github.com/hashicorp/golang-lru/arc/v2 v2.0.5 h1:l2zaLDubNhW4XO3LnliVj0GXO3+/CGNJAg1dcN2Fpfw= github.com/hashicorp/golang-lru/arc/v2 v2.0.5/go.mod h1:ny6zBSQZi2JxIeYcv7kt2sH2PXJtirBN7RDhRpxPkxU= github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= @@ -481,8 +335,6 @@ github.com/illarion/gonotify/v2 v2.0.3/go.mod h1:38oIJTgFqupkEydkkClkbL6i5lXV/bx github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/infobloxopen/go-trees v0.0.0-20221216143356-66ceba885ebc h1:RhT2pjLo3EVRmldbEcBdeRA7CGPWsNEJC+Y/N1aXQbg= -github.com/infobloxopen/go-trees v0.0.0-20221216143356-66ceba885ebc/go.mod h1:BaIJzjD2ZnHmx2acPF6XfGLPzNCMiBbMRqJr+8/8uRI= github.com/jackpal/gateway v1.0.16 h1:mTBRuHSW8qviVqX7kXnxKevqlfS/OA01ys6k6fxSX7w= github.com/jackpal/gateway v1.0.16/go.mod h1:IOn1OUbso/cGYmnCBZbCEqhNCLSz0xxdtIpUpri5/nA= github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus= @@ -505,11 +357,8 @@ github.com/jinzhu/gorm v1.9.16/go.mod h1:G3LB3wezTOWM2ITLzPxEXgSkOXAntiLHS7UdBef github.com/jinzhu/inflection v0.0.0-20170102125226-1c35d901db3d/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E= github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc= +github.com/jinzhu/now v1.0.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= github.com/jinzhu/now v1.1.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= -github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= -github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= -github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= -github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/jmoiron/sqlx v1.4.0 h1:1PLqN7S1UYp5t4SrVVnt4nUVNemrDAtxlulVe+Qgm3o= github.com/jmoiron/sqlx v1.4.0/go.mod h1:ZrZ7UsYB/weZdl2Bxg6jCRO9c3YHl8r3ahlKmRT4JLY= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= @@ -552,6 +401,7 @@ github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtB github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk= github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw= github.com/lib/pq v0.0.0-20150723085316-0dad96c0b94f/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= +github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/libp2p/go-netroute v0.2.1 h1:V8kVrpD8GK0Riv15/7VN6RbUQ3URNZVosw7H2v9tksU= @@ -560,7 +410,6 @@ github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhn github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= github.com/lithammer/dedent v1.1.0 h1:VNzHMVCBNG1j0fh3OrsFRkVUwStdDArbgBWoPAffktY= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= -github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0/go.mod h1:zJYVVT2jmtg6P3p1VtQj7WsuWi/y4VnjVBn7F8KPB3I= github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683 h1:7UMa6KCCMjZEMDtTVdcGu0B1GmmC7QJKiCCjyTAWQy0= github.com/lufia/plan9stats v0.0.0-20240909124753-873cd0166683/go.mod h1:ilwx/Dta8jXAgpFYFvSWEMwxmbWXyiUHkd5FwyKhb5k= github.com/magiconair/properties v1.5.3/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= @@ -570,26 +419,22 @@ github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4 github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/mattbaird/jsonpatch v0.0.0-20240118010651-0ba75a80ca38 h1:hQWBtNqRYrI7CWIaUSXXtNKR90KzcUA5uiuxFVWw7sU= github.com/mattbaird/jsonpatch v0.0.0-20240118010651-0ba75a80ca38/go.mod h1:M1qoD/MqPgTZIk0EWKB38wE28ACRfVcn+cU08jyArI0= -github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mattn/go-sqlite3 v1.6.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= +github.com/mattn/go-sqlite3 v1.14.0/go.mod h1:JIl7NbARA7phWnGvh0LKTyg7S9BA+6gx71ShQilpsus= github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU= github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/mdlayher/netlink v1.7.2 h1:/UtM3ofJap7Vl4QWCPDGXY8d3GIY2UGSDbK+QWmY8/g= github.com/mdlayher/netlink v1.7.2/go.mod h1:xraEF7uJbxLhc5fpHL4cPe221LI2bdttWlU+ZGLfQSw= github.com/mdlayher/socket v0.5.0 h1:ilICZmJcQz70vrWVes1MFera4jGiWNocSkykwwoy3XI= github.com/mdlayher/socket v0.5.0/go.mod h1:WkcBFfvyG8QENs5+hfQPl1X6Jpd2yeLIYgrGFmJiJxI= -github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/miekg/dns v1.1.64 h1:wuZgD9wwCE6XMT05UU/mlSko71eRSXEAm2EbjQXLKnQ= github.com/miekg/dns v1.1.64/go.mod h1:Dzw9769uoKVaLuODMDZz9M6ynFU6Em65csPuoi8G0ck= github.com/miekg/pkcs11 v1.0.2/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= @@ -597,18 +442,13 @@ github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU= github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= github.com/miscreant/miscreant.go v0.0.0-20200214223636-26d376326b75 h1:cUVxyR+UfmdEAZGJ8IiKld1O0dbGotEnkMolG5hfMSY= github.com/miscreant/miscreant.go v0.0.0-20200214223636-26d376326b75/go.mod h1:pBbZyGwC5i16IBkjVKoy/sznA8jPD/K9iedwe1ESE6w= -github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db h1:62I3jR2EmQ4l5rM/4FEfDWcRD+abF5XlKShorW5LRoQ= github.com/mitchellh/colorstring v0.0.0-20190213212951-d06e56a500db/go.mod h1:l0dey0ia/Uv7NcFFVbCLtqEBQbrT4OCwCSKTEv6enCw= github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= -github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= github.com/mitchellh/mapstructure v0.0.0-20150613213606-2caf8efc9366/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c h1:cqn374mizHuIWj+OSJCajGr/phAmuMug9qIX3l9CflE= github.com/mitchellh/mapstructure v1.5.1-0.20231216201459-8508981c8b6c/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= @@ -666,30 +506,15 @@ github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3I github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040= github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M= -github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492 h1:lM6RxxfUMrYL/f8bWEUqdXrANWtrL7Nndbm9iFN0DlU= -github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis= github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= -github.com/openzipkin-contrib/zipkin-go-opentracing v0.5.0 h1:uhcF5Jd7rP9DVEL10Siffyepr6SvlKbUsjH5JpNCRi8= -github.com/openzipkin-contrib/zipkin-go-opentracing v0.5.0/go.mod h1:+oCZ5GXXr7KPI/DNOQORPTq5AWHfALJj9c72b0+YsEY= -github.com/openzipkin/zipkin-go v0.4.3 h1:9EGwpqkgnwdEIJ+Od7QVSEIH+ocmm5nPat0G7sjsSdg= -github.com/openzipkin/zipkin-go v0.4.3/go.mod h1:M9wCJZFWCo2RiY+o1eBCEMe0Dp2S5LDHcMZmk3RmK7c= -github.com/oschwald/geoip2-golang v1.11.0 h1:hNENhCn1Uyzhf9PTmquXENiWS6AlxAEnBII6r8krA3w= -github.com/oschwald/geoip2-golang v1.11.0/go.mod h1:P9zG+54KPEFOliZ29i7SeYZ/GM6tfEL+rgSn03hYuUo= -github.com/oschwald/maxminddb-golang v1.13.1 h1:G3wwjdN9JmIK2o/ermkHM+98oX5fS+k5MbwsmL4MRQE= -github.com/oschwald/maxminddb-golang v1.13.1/go.mod h1:K4pgV9N/GcK694KSTmVSDTODk4IsCNThNdTmnaBZ/F8= -github.com/outcaste-io/ristretto v0.2.3 h1:AK4zt/fJ76kjlYObOeNwh4T3asEuaCmp26pOvUOL9w0= -github.com/outcaste-io/ristretto v0.2.3/go.mod h1:W8HywhmtlopSB1jeMg3JtdIhf+DYkLAr0VN/s4+MHac= -github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml/v2 v2.0.9 h1:uH2qQXheeefCCkuBBSLi7jCiSmj3VRh2+Goq2N7Xxu0= github.com/pelletier/go-toml/v2 v2.0.9/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5 h1:Ii+DKncOVM8Cu1Hc+ETb5K+23HdAMvESYE3ZJ5b5cMI= github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= -github.com/philhofer/fwd v1.1.3-0.20240612014219-fbbf4953d986 h1:jYi87L8j62qkXzaYHAQAhEapgukhenIMZRBKTNRLHJ4= -github.com/philhofer/fwd v1.1.3-0.20240612014219-fbbf4953d986/go.mod h1:RqIHx9QI14HlwKwm98g9Re5prTQ6LdeRQn+gXJFxsJM= github.com/pierrec/lz4/v4 v4.1.22 h1:cKFw6uJDK+/gfw5BcDL0JL5aBsAFdsIT18eRtLj7VIU= github.com/pierrec/lz4/v4 v4.1.22/go.mod h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -701,8 +526,6 @@ github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10/go.mod h1 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= -github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE= github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU= github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE= github.com/poy/onpar v1.1.2 h1:QaNrNiZx0+Nar5dLgTVp5mXkyoVFIbepjyEoGSnhbAY= @@ -745,10 +568,6 @@ github.com/redis/go-redis/v9 v9.1.0 h1:137FnGdk+EQdCbye1FW+qOEcY5S+SpY9T0Niuqvtf github.com/redis/go-redis/v9 v9.1.0/go.mod h1:urWj3He21Dj5k4TK1y59xH8Uj6ATueP8AH1cY3lZl4c= github.com/regclient/regclient v0.8.0 h1:xNAMDlADcyMvFAlGXoqDOxlSUBG4mqWBFgjQqVTP8Og= github.com/regclient/regclient v0.8.0/go.mod h1:h9+Y6dBvqBkdlrj6EIhbTOv0xUuIFl7CdI1bZvEB42g= -github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= -github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= -github.com/richardartoul/molecule v1.0.1-0.20240531184615-7ca0df43c0b3 h1:4+LEVOB87y175cLJC/mbsgKmoDOjrBldtXvioEy96WY= -github.com/richardartoul/molecule v1.0.1-0.20240531184615-7ca0df43c0b3/go.mod h1:vl5+MqJ1nBINuSsUI2mGgH79UweUT/B5Fy8857PqyyI= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ= github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= @@ -758,33 +577,19 @@ github.com/rubenv/sql-migrate v1.7.1 h1:f/o0WgfO/GqNuVg+6801K/KW3WdDSupzSjDYODmi github.com/rubenv/sql-migrate v1.7.1/go.mod h1:Ob2Psprc0/3ggbM6wCzyYVFFuc6FyZrb2AS+ezLDFb4= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= -github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/schollz/progressbar/v3 v3.14.2 h1:EducH6uNLIWsr560zSV1KrTeUb/wZGAHqyMFIEa99ks= github.com/schollz/progressbar/v3 v3.14.2/go.mod h1:aQAZQnhF4JGFtRJiw/eobaXpsqpVQAftEQ+hLGXaRc4= -github.com/secure-systems-lab/go-securesystemslib v0.8.0 h1:mr5An6X45Kb2nddcFlbmfHkLguCE9laoZCUzEEpIZXA= -github.com/secure-systems-lab/go-securesystemslib v0.8.0/go.mod h1:UH2VZVuJfCYR8WgMlCU1uFsOUU+KeyrTWcSS73NBOzU= github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8= github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I= -github.com/shirou/gopsutil/v3 v3.24.4 h1:dEHgzZXt4LMNm+oYELpzl9YCqV65Yr/6SfrvgRBtXeU= -github.com/shirou/gopsutil/v3 v3.24.4/go.mod h1:lTd2mdiOspcqLgAnr9/nGi71NkeMpWKdmhuxm9GusH8= github.com/shirou/gopsutil/v4 v4.25.1 h1:QSWkTc+fu9LTAWfkZwZ6j8MSUk4A2LV7rbH0ZqmLjXs= github.com/shirou/gopsutil/v4 v4.25.1/go.mod h1:RoUCUpndaJFtT+2zsZzzmhvbfGoDCJ7nFXKJf8GqJbI= -github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM= -github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ= -github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU= -github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k= github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k= github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME= github.com/sirupsen/logrus v1.0.6/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= -github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= -github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.10.0 h1:EaGW2JJh15aKOejeuJ+wpFSHnbd7GE6Wvp3TsNhb6LY= github.com/spf13/afero v1.10.0/go.mod h1:UBogFpq8E9Hx+xc5CNTTEpTnuHVmXDwZcZcE1eb/UhQ= github.com/spf13/cast v0.0.0-20150508191742-4d07383ffe94/go.mod h1:r2rcYCSwa1IExKTDiTfzaxqT2FNHs8hODu4LnUfgKEg= @@ -819,9 +624,7 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/subosito/gotenv v1.4.2 h1:X1TuBLAMDFbaTAChgCBLu3DU3UPyELpnF2jjJ2cz/S8= @@ -838,12 +641,8 @@ github.com/thejerf/suture/v4 v4.0.6 h1:QsuCEsCqb03xF9tPAsWAj8QOAJBgQI1c0VqJNaing github.com/thejerf/suture/v4 v4.0.6/go.mod h1:gu9Y4dXNUWFrByqRt30Rm9/UZ0wzRSt9AJS6xu/ZGxU= github.com/theupdateframework/notary v0.7.0 h1:QyagRZ7wlSpjT5N2qQAh/pN+DVqgekv4DzbAiAiEL3c= github.com/theupdateframework/notary v0.7.0/go.mod h1:c9DRxcmhHmVLDay4/2fUYdISnHqbFDGRSlXPO0AhYWw= -github.com/tinylib/msgp v1.2.1 h1:6ypy2qcCznxpP4hpORzhtXyTqrBs7cfM9MCCWY8zsmU= -github.com/tinylib/msgp v1.2.1/go.mod h1:2vIGs3lcUo8izAATNobrCHevYZC/LMsJtw4JPiYPHro= -github.com/tklauser/go-sysconf v0.3.12/go.mod h1:Ho14jnntGE1fpdOqQEEaiKRpvIavV0hSfmBq8nJbHYI= github.com/tklauser/go-sysconf v0.3.14 h1:g5vzr9iPFFz24v2KZXs/pvpvh8/V9Fw6vQK5ZZb78yU= github.com/tklauser/go-sysconf v0.3.14/go.mod h1:1ym4lWMLUOhuBOPGtRcJm7tEGX4SCYNEEEtghGG/8uY= -github.com/tklauser/numcpus v0.6.1/go.mod h1:1XfjsgE2zo8GVw7POkMbHENHzVg3GzmoZ9fESEdAacY= github.com/tklauser/numcpus v0.9.0 h1:lmyCHtANi8aRUgkckBgoDk1nHCux3n2cgkJLXdQGPDo= github.com/tklauser/numcpus v0.9.0/go.mod h1:SN6Nq1O3VychhC1npsWostA+oW+VOQTxZrS604NSRyI= github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc= @@ -853,10 +652,6 @@ github.com/vishvananda/netns v0.0.4 h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1Y github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM= github.com/vitrun/qart v0.0.0-20160531060029-bf64b92db6b0 h1:okhMind4q9H1OxF44gNegWkiP4H/gsTFLalHFa4OOUI= github.com/vitrun/qart v0.0.0-20160531060029-bf64b92db6b0/go.mod h1:TTbGUfE+cXXceWtbTHq6lqcTvYPBKLNejBEbnUsQJtU= -github.com/vmihailenco/msgpack/v4 v4.3.12 h1:07s4sz9IReOgdikxLTKNbBdqDMLsjPKXwvCazn8G65U= -github.com/vmihailenco/msgpack/v4 v4.3.12/go.mod h1:gborTTJjAo/GWTqqRjrLCn9pgNN+NXzzngzBKDPIqw4= -github.com/vmihailenco/tagparser v0.1.2 h1:gnjoVuB/kljJ5wICEEOpx98oXMWPLj22G67Vbd1qPqc= -github.com/vmihailenco/tagparser v0.1.2/go.mod h1:OeAg3pn3UbLjkWt+rN9oFYB6u/cQgqMEUPoW2WPyhdI= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= @@ -870,28 +665,11 @@ github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ= github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0= github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= -go.etcd.io/etcd/api/v3 v3.5.20 h1:aKfz3nPZECWoZJXMSH9y6h2adXjtOHaHTGEVCuCmaz0= -go.etcd.io/etcd/api/v3 v3.5.20/go.mod h1:QqKGViq4KTgOG43dr/uH0vmGWIaoJY3ggFi6ZH0TH/U= -go.etcd.io/etcd/client/pkg/v3 v3.5.20 h1:sZIAtra+xCo56gdf6BR62to/hiie5Bwl7hQIqMzVTEM= -go.etcd.io/etcd/client/pkg/v3 v3.5.20/go.mod h1:qaOi1k4ZA9lVLejXNvyPABrVEe7VymMF2433yyRQ7O0= -go.etcd.io/etcd/client/v3 v3.5.20 h1:jMT2MwQEhyvhQg49Cec+1ZHJzfUf6ZgcmV0GjPv0tIQ= -go.etcd.io/etcd/client/v3 v3.5.20/go.mod h1:J5lbzYRMUR20YolS5UjlqqMcu3/wdEvG5VNBhzyo3m0= go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA= go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A= -go.opentelemetry.io/collector/component v0.104.0 h1:jqu/X9rnv8ha0RNZ1a9+x7OU49KwSMsPbOuIEykHuQE= -go.opentelemetry.io/collector/component v0.104.0/go.mod h1:1C7C0hMVSbXyY1ycCmaMUAR9fVwpgyiNQqxXtEWhVpw= -go.opentelemetry.io/collector/config/configtelemetry v0.104.0 h1:eHv98XIhapZA8MgTiipvi+FDOXoFhCYOwyKReOt+E4E= -go.opentelemetry.io/collector/config/configtelemetry v0.104.0/go.mod h1:WxWKNVAQJg/Io1nA3xLgn/DWLE/W1QOB2+/Js3ACi40= -go.opentelemetry.io/collector/pdata v1.11.0 h1:rzYyV1zfTQQz1DI9hCiaKyyaczqawN75XO9mdXmR/hE= -go.opentelemetry.io/collector/pdata v1.11.0/go.mod h1:IHxHsp+Jq/xfjORQMDJjSH6jvedOSTOyu3nbxqhWSYE= -go.opentelemetry.io/collector/pdata/pprofile v0.104.0 h1:MYOIHvPlKEJbWLiBKFQWGD0xd2u22xGVLt4jPbdxP4Y= -go.opentelemetry.io/collector/pdata/pprofile v0.104.0/go.mod h1:7WpyHk2wJZRx70CGkBio8klrYTTXASbyIhf+rH4FKnA= -go.opentelemetry.io/collector/semconv v0.104.0 h1:dUvajnh+AYJLEW/XOPk0T0BlwltSdi3vrjO7nSOos3k= -go.opentelemetry.io/collector/semconv v0.104.0/go.mod h1:yMVUCNoQPZVq/IPfrHrnntZTWsLf5YGZ7qwKulIl5hw= go.opentelemetry.io/contrib/bridges/prometheus v0.57.0 h1:UW0+QyeyBVhn+COBec3nGhfnFe5lwB0ic1JBVjzhk0w= go.opentelemetry.io/contrib/bridges/prometheus v0.57.0/go.mod h1:ppciCHRLsyCio54qbzQv0E4Jyth/fLWDTJYfvWpcSVk= go.opentelemetry.io/contrib/exporters/autoexport v0.57.0 h1:jmTVJ86dP60C01K3slFQa2NQ/Aoi7zA+wy7vMOKD9H4= @@ -936,9 +714,6 @@ go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc= go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4= go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4= -go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= -go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= -go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs= go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= @@ -957,14 +732,13 @@ golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20191205180655-e7c4368fe9dd/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= @@ -976,7 +750,6 @@ golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPI golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= @@ -984,20 +757,20 @@ golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.23.0 h1:Zb7khfcRGKk+kqfxFaP5tZqCnDZMjC5VtUBs87Hr6QM= golang.org/x/mod v0.23.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= +golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200114155413-6afb5195e5aa/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= @@ -1018,7 +791,6 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= @@ -1027,7 +799,6 @@ golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610= golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= -golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180926160741-c2ed4eda69e7/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1037,7 +808,6 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1049,16 +819,12 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220627191245-f75cf1eec38b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -1068,11 +834,8 @@ golang.org/x/sys v0.4.1-0.20230131160137-e7d7f63158de/go.mod h1:oPkhp1MJrh7nUepC golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20= @@ -1084,7 +847,6 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= @@ -1106,12 +868,10 @@ golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0= golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= @@ -1123,8 +883,6 @@ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20220517211312-f3a8303e98df/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8= -golang.org/x/xerrors v0.0.0-20240716161551-93cc26a95ae9 h1:LLhsEBxRTBLuKlQxFBYUOU8xyFgXv6cOTp2HASDlsDk= -golang.org/x/xerrors v0.0.0-20240716161551-93cc26a95ae9/go.mod h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90= golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeunTOisW56dUokqW/FOteYJJ/yg= golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2/go.mod h1:deeaetjYA+DHMHg+sMSMI58GrEteJUUzzw7en6TJQcI= golang.zx2c4.com/wireguard v0.0.0-20220920152132-bb719d3a6e2c h1:Okh6a1xpnJslG9Mn84pId1Mn+Q8cvpo4HCeeFWHo0cA= @@ -1133,10 +891,6 @@ golang.zx2c4.com/wireguard/windows v0.5.3 h1:On6j2Rpn3OEMXqBq00QEDC7bWSZrPIHKIus golang.zx2c4.com/wireguard/windows v0.5.3/go.mod h1:9TEe8TJmtwyQebdFwAkEWOPr3prrtqm+REGFifP60hI= gomodules.xyz/jsonpatch/v2 v2.5.0 h1:JELs8RLM12qJGXU4u/TO3V25KW8GreMKl9pdkk14RM0= gomodules.xyz/jsonpatch/v2 v2.5.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/api v0.227.0 h1:QvIHF9IuyG6d6ReE+BNd11kIB8hZvjN8Z5xY5t21zYc= -google.golang.org/api v0.227.0/go.mod h1:EIpaG6MbTgQarWF5xJvX0eOJPK9n/5D4Bynb9j2HXvQ= -google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM= -google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds= google.golang.org/genproto/googleapis/api v0.0.0-20250409194420-de1ac958c67a h1:OQ7sHVzkx6L57dQpzUS4ckfWJ51KDH74XHTDe23xWAs= google.golang.org/genproto/googleapis/api v0.0.0-20250409194420-de1ac958c67a/go.mod h1:2R6XrVC8Oc08GlNh8ujEpc7HkLiEZ16QeY7FxIs20ac= google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e h1:ztQaXfzEXTmCBvbtWYRhJxW+0iJcz2qXfd38/e9l7bA= @@ -1154,8 +908,6 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= -gopkg.in/DataDog/dd-trace-go.v1 v1.72.2 h1:SLcih9LB+I1l76Wd7aUSpzISemewzjq6djntMnBnzkA= -gopkg.in/DataDog/dd-trace-go.v1 v1.72.2/go.mod h1:XqDhDqsLpThFnJc4z0FvAEItISIAUka+RHwmQ6EfN1U= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/cenkalti/backoff.v2 v2.2.1 h1:eJ9UAg01/HIHG987TwxvnzK2MgxXq97YY6rYDpY9aII= @@ -1217,26 +969,6 @@ k8s.io/kubectl v0.32.3 h1:VMi584rbboso+yjfv0d8uBHwwxbC438LKq+dXd5tOAI= k8s.io/kubectl v0.32.3/go.mod h1:6Euv2aso5GKzo/UVMacV6C7miuyevpfI91SvBvV9Zdg= k8s.io/utils v0.0.0-20250321185631-1f6e0b77f77e h1:KqK5c/ghOm8xkHYhlodbp6i6+r+ChV2vuAuVRdFbLro= k8s.io/utils v0.0.0-20250321185631-1f6e0b77f77e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -lukechampine.com/uint128 v1.3.0 h1:cDdUVfRwDUDovz610ABgFD17nXD4/uDgVHl2sC3+sbo= -lukechampine.com/uint128 v1.3.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= -modernc.org/cc/v3 v3.41.0 h1:QoR1Sn3YWlmA1T4vLaKZfawdVtSiGx8H+cEojbC7v1Q= -modernc.org/cc/v3 v3.41.0/go.mod h1:Ni4zjJYJ04CDOhG7dn640WGfwBzfE0ecX8TyMB0Fv0Y= -modernc.org/ccgo/v3 v3.16.15 h1:KbDR3ZAVU+wiLyMESPtbtE/Add4elztFyfsWoNTgxS0= -modernc.org/ccgo/v3 v3.16.15/go.mod h1:yT7B+/E2m43tmMOT51GMoM98/MtHIcQQSleGnddkUNI= -modernc.org/libc v1.37.6 h1:orZH3c5wmhIQFTXF+Nt+eeauyd+ZIt2BX6ARe+kD+aw= -modernc.org/libc v1.37.6/go.mod h1:YAXkAZ8ktnkCKaN9sw/UDeUVkGYJ/YquGO4FTi5nmHE= -modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4= -modernc.org/mathutil v1.6.0/go.mod h1:Ui5Q9q1TR2gFm0AQRqQUaBWFLAhQpCwNcuhBOSedWPo= -modernc.org/memory v1.7.2 h1:Klh90S215mmH8c9gO98QxQFsY+W451E8AnzjoE2ee1E= -modernc.org/memory v1.7.2/go.mod h1:NO4NVCQy0N7ln+T9ngWqOQfi7ley4vpwvARR+Hjw95E= -modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4= -modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0= -modernc.org/sqlite v1.28.0 h1:Zx+LyDDmXczNnEQdvPuEfcFVA2ZPyaD7UCZDjef3BHQ= -modernc.org/sqlite v1.28.0/go.mod h1:Qxpazz0zH8Z1xCFyi5GSL3FzbtZ3fvbjmywNogldEW0= -modernc.org/strutil v1.2.0 h1:agBi9dp1I+eOnxXeiZawM8F4LawKv4NzGWSaLfyeNZA= -modernc.org/strutil v1.2.0/go.mod h1:/mdcBmfOibveCTBxUl5B5l6W+TTH1FXPLHZE6bTosX0= -modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y= -modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM= oras.land/oras-go/v2 v2.5.0 h1:o8Me9kLY74Vp5uw07QXPiitjsw7qNXi8Twd+19Zf02c= oras.land/oras-go/v2 v2.5.0/go.mod h1:z4eisnLP530vwIOUOJeBIj0aGI0L1C3d53atvCBqZHg= sigs.k8s.io/controller-runtime v0.20.4 h1:X3c+Odnxz+iPTRobG4tp092+CvBU9UK0t/bRf+n0DGU= diff --git a/go.work.sum b/go.work.sum index 6ea4ac60..f6fea2cb 100644 --- a/go.work.sum +++ b/go.work.sum @@ -1,670 +1,7 @@ -4d63.com/gocheckcompilerdirectives v1.2.1/go.mod h1:yjDJSxmDTtIHHCqX0ufRYZDL6vQtMG7tJdKVeWwsqvs= -4d63.com/gochecknoglobals v0.2.1/go.mod h1:KRE8wtJB3CXCsb1xy421JfTHIIbmT3U5ruxw2Qu8fSU= -cloud.google.com/go v0.112.2 h1:ZaGT6LiG7dBzi6zNOvVZwacaXlmf3lRqnC4DQzqyRQw= -cloud.google.com/go v0.112.2/go.mod h1:iEqjp//KquGIJV/m+Pk3xecgKNhV+ry+vVTsy4TbDms= -cloud.google.com/go v0.120.0 h1:wc6bgG9DHyKqF5/vQvX1CiZrtHnxJjBlKUyF9nP6meA= -cloud.google.com/go v0.120.0/go.mod h1:/beW32s8/pGRuj4IILWQNd4uuebeT4dkOhKmkfit64Q= -cloud.google.com/go/accessapproval v1.8.5/go.mod h1:aO61iJuMRAaugpD0rWgpwj9aXvWimCWTEbA/kYAFddE= -cloud.google.com/go/accesscontextmanager v1.9.5/go.mod h1:i6WSokkuePCT3jWwRzhge/pZicoErUBbDWjAUd8AoQU= -cloud.google.com/go/aiplatform v1.81.0/go.mod h1:uwLaCFXLvVnKzxl3OXQRw1Hry3KJOIgpofYorq0ZMPk= -cloud.google.com/go/analytics v0.27.1/go.mod h1:2itQDvSWyGiBvs80ocjFjfu/ZUIo25fC93hsEX4fnoU= -cloud.google.com/go/apigateway v1.7.5/go.mod h1:iJ9zoE4KMNF1CHBFV4pZDCJRZzonqKj4BECymhvAwWk= -cloud.google.com/go/apigeeconnect v1.7.5/go.mod h1:XAGnQGiFakRMV3H6bawRb5JAIXIbFSfzGKLDqL1dYgQ= -cloud.google.com/go/apigeeregistry v0.9.5/go.mod h1:e6oNKW1utj+A1fpTw+YUpPkFusNT8gfFbqx/8upsgCY= -cloud.google.com/go/appengine v1.9.5/go.mod h1:x4zKNF1qRX++Joni0nQFJoNobodzWX1bieiGRMWx+4U= -cloud.google.com/go/area120 v0.9.5/go.mod h1:1rAIWfyOiCXk/kuTqFU//pfrHiA8GM8LziM79Lm0zxk= -cloud.google.com/go/artifactregistry v1.16.3/go.mod h1:eiLO70Qh5Z9Jbwctl0KdW5VzJ5HncWgNaYN0NdF8lmM= -cloud.google.com/go/asset v1.20.5/go.mod h1:0pbY+F3Pr3teQLK1ZXpUjGPNBPfUiL1tpxRxRmLCV/c= -cloud.google.com/go/assuredworkloads v1.12.5/go.mod h1:OHjBWxs611PdU/VkGDoNQ/SFZHIYQTPtZlfDAUWN8K0= -cloud.google.com/go/automl v1.14.6/go.mod h1:mEn1QHZmPTnmrq6zj33gyKX1K7L32izry14I6LQCO5M= -cloud.google.com/go/baremetalsolution v1.3.5/go.mod h1:FfLWTwf9g7MVh0jhomxs1ErK9J/E9GBALdsunmFo50Q= -cloud.google.com/go/batch v1.12.1/go.mod h1:hB6jwKyX2zoFoIXw6/pT2CPIbvo0ya7mpQXFJ9QbnAY= -cloud.google.com/go/beyondcorp v1.1.5/go.mod h1:C77HvHG9ntYvI3+/WXht0tqx/fNxfD4MahSutTOkJYg= -cloud.google.com/go/bigquery v1.67.0/go.mod h1:HQeP1AHFuAz0Y55heDSb0cjZIhnEkuwFRBGo6EEKHug= -cloud.google.com/go/bigtable v1.36.0/go.mod h1:u98oqNAXiAufepkRGAd95lq2ap4kHGr3wLeFojvJwew= -cloud.google.com/go/billing v1.20.3/go.mod h1:DJt75ird7g3zrTODh2Eo8ZT2d3jtoEI5L6qNXIHwOY0= -cloud.google.com/go/binaryauthorization v1.9.4/go.mod h1:LimAql4UPC7B/F+RW9rQpsUpzDFNO+VKwVRyHG9txKU= -cloud.google.com/go/certificatemanager v1.9.4/go.mod h1:KneWp8OAhBVD4fqMUB6daOA90MHh9xVB8E3ZFN8w2dc= -cloud.google.com/go/channel v1.19.4/go.mod h1:W82e3qLLe9wvZShy3aAg/6frvMYOdHKSaIwTLJT2Yxs= -cloud.google.com/go/cloudbuild v1.22.1/go.mod h1:/3syBgG56xUK1UD8dXAOSnPWF4Cs0ZZ/eXhoTIBipwg= -cloud.google.com/go/clouddms v1.8.6/go.mod h1:++xrkEPp1mAKZKFk3MMD63UkK7KpnSBt9kRLRSOYliE= -cloud.google.com/go/cloudtasks v1.13.5/go.mod h1:AReQFk11yF7sHEOKHXP3/SufAeiHn4yXWpqQGds9Of0= -cloud.google.com/go/compute v1.25.1 h1:ZRpHJedLtTpKgr3RV1Fx23NuaAEN1Zfx9hw1u4aJdjU= -cloud.google.com/go/compute v1.25.1/go.mod h1:oopOIR53ly6viBYxaDhBfJwzUAxf1zE//uf3IB011ls= -cloud.google.com/go/compute v1.36.0 h1:QzLrJRxytIGE8OJWzmMweIdiu2pIlRVq9kSi7+xnDkU= -cloud.google.com/go/compute v1.36.0/go.mod h1:+GZuz5prSWFLquViP55zcjRrOm7vRpIllx2MaYpzuiI= -cloud.google.com/go/contactcenterinsights v1.17.2/go.mod h1:9yuX5Y7KFqsQgNydM7WeuGcYWWs/0dBCElXaOF6ltmo= -cloud.google.com/go/container v1.42.3/go.mod h1:8ZT9RBJXjWXqRMM/sEW8dxolZUofxKJUaO9mMXSkDz0= -cloud.google.com/go/containeranalysis v0.14.0/go.mod h1:vct7OEtK07Azaiyo6aCyae4teFL28t7JZQkr1DlTC5s= -cloud.google.com/go/datacatalog v1.25.0/go.mod h1:Bodb/U9ZV549+0sQPoX6WtYnbFwqayuYldw5p6PmbH4= -cloud.google.com/go/dataflow v0.10.5/go.mod h1:rLRbgv1ZK34XW72xrmJysN7z0PCwgsh0wtjWx5Yavoc= -cloud.google.com/go/dataform v0.11.1/go.mod h1:2TYH+Dmqnx9ewr/YG8HbMpcNQBX5gdCyP8W/8GwprWk= -cloud.google.com/go/datafusion v1.8.5/go.mod h1:xMoW16ciCOQpS8rNUDU1tWgHkhbQ3KKaV9o7UTggEtQ= -cloud.google.com/go/datalabeling v0.9.5/go.mod h1:xJzHTfjCvPeF87QreDSFTl98mRS/vp47EWwDBHvQiMU= -cloud.google.com/go/dataplex v1.24.0/go.mod h1:rNqsuS0Yag0NDGybhNpCaeqU/Jq8z4gFqqF0MUajHwE= -cloud.google.com/go/dataproc/v2 v2.11.1/go.mod h1:KDbkJUYjcz+t8nfapg0upz665P0SrsDW7I9RC9GZf4o= -cloud.google.com/go/dataqna v0.9.5/go.mod h1:UFRToVzSTCgwDkeSa4J0WE6bmbemdOZhUCUfs+DlJFc= -cloud.google.com/go/datastore v1.20.0/go.mod h1:uFo3e+aEpRfHgtp5pp0+6M0o147KoPaYNaPAKpfh8Ew= -cloud.google.com/go/datastream v1.14.0/go.mod h1:H0luYVOhiyUrzE2efbv1OHFRjzgZfHO9snDuBXmnQXE= -cloud.google.com/go/deploy v1.26.4/go.mod h1:MaPXP4rU984LmRF+DmJ1qNEZrTI7Rez+hfku0oRudTk= -cloud.google.com/go/dialogflow v1.68.1/go.mod h1:CpfTOpLjhM9ZXu+VzJ56xrX9GMBJt1aIjPMChiLUGso= -cloud.google.com/go/dlp v1.22.0/go.mod h1:2cMTKdeReZI64BDsYzsBZFtXdDqb3nhDKHRsRUl7J9Y= -cloud.google.com/go/documentai v1.36.0/go.mod h1:LsX1RO08WDd8mFBviYB03jgCytz2oIcwIZ9lBw5bKiM= -cloud.google.com/go/domains v0.10.5/go.mod h1:VP7djhZJy47uxUoJGfDilXpUnAaIExcHL86vv3yfaQs= -cloud.google.com/go/edgecontainer v1.4.2/go.mod h1:MhrgxorZIp/4myFe2a/Y0OHSx8PCxeyHBRZATvcTTZs= -cloud.google.com/go/errorreporting v0.3.2/go.mod h1:s5kjs5r3l6A8UUyIsgvAhGq6tkqyBCUss0FRpsoVTww= -cloud.google.com/go/essentialcontacts v1.7.5/go.mod h1:AzwvwPKMUnf8bwfLP0R/+BjzC7bi3OTaLABtUF/q428= -cloud.google.com/go/eventarc v1.15.4/go.mod h1:E5vNWMxaZOwfMfQlQOsoE5TY07tKtOiMLF9s99/btyo= -cloud.google.com/go/filestore v1.10.1/go.mod h1:uZfxcuSzAK8NZGflw9bvB0YOT2O8vhyfEVaFAG+vTkg= -cloud.google.com/go/firestore v1.18.0/go.mod h1:5ye0v48PhseZBdcl0qbl3uttu7FIEwEYVaWm0UIEOEU= -cloud.google.com/go/functions v1.19.4/go.mod h1:qmx3Yrm8ZdwQrWplvnpoL4tHW7s8ULNKwP2SjfX9zSM= -cloud.google.com/go/gkebackup v1.6.4/go.mod h1:ZYY7CdiOKobk3gzEKBbRymaEo22bkR1EPkwZ7Tvts/U= -cloud.google.com/go/gkeconnect v0.12.3/go.mod h1:Ra5w3QcA+ybM2hopIz4ZsQQsDqzoYws3Zn21CLGzfrw= -cloud.google.com/go/gkehub v0.15.5/go.mod h1:hIIoZAGNuiKWp6y4fW9JCEPg9xM7OX9sZwgiJrozrWQ= -cloud.google.com/go/gkemulticloud v1.5.2/go.mod h1:THwE0upZyYmgjEZtgbvGkf0VRkEdPkML9dF/J3lSahg= -cloud.google.com/go/gsuiteaddons v1.7.6/go.mod h1:TPlgcxjwv+L3fx9S6El4dDWItBxJpIyYTs4YPk6Zc48= -cloud.google.com/go/iam v1.1.7/go.mod h1:J4PMPg8TtyurAUvSmPj8FF3EDgY1SPRZxcUGrn7WXGA= -cloud.google.com/go/iam v1.5.0/go.mod h1:U+DOtKQltF/LxPEtcDLoobcsZMilSRwR7mgNL7knOpo= -cloud.google.com/go/iap v1.10.5/go.mod h1:Sal3oNlcIiv9YWkXWLD9fYzbSCbnrqOD4Pm8JyaiZZY= -cloud.google.com/go/ids v1.5.5/go.mod h1:XHNjg7KratNBxruoiG2Mfx2lFMnRQZWCr/p7T7AV724= -cloud.google.com/go/iot v1.8.5/go.mod h1:BlwypQBsnaiVRCy2+49Zz4ClJLDidldn05+Fp1uGFOs= -cloud.google.com/go/kms v1.21.1/go.mod h1:s0wCyByc9LjTdCjG88toVs70U9W+cc6RKFc8zAqX7nE= -cloud.google.com/go/language v1.14.4/go.mod h1:EqwoMieV6UsNeqHV2tRxuhmfDyC3YqEu1er53CrRkeA= -cloud.google.com/go/lifesciences v0.10.5/go.mod h1:p+vxvHLx0/4QeVp3DU5Gcnyoi+kKNFWRqfgn2d8HuNc= -cloud.google.com/go/logging v1.13.0/go.mod h1:36CoKh6KA/M0PbhPKMq6/qety2DCAErbhXT62TuXALA= -cloud.google.com/go/longrunning v0.5.6/go.mod h1:vUaDrWYOMKRuhiv6JBnn49YxCPz2Ayn9GqyjaBT8/mA= -cloud.google.com/go/longrunning v0.6.6/go.mod h1:hyeGJUrPHcx0u2Uu1UFSoYZLn4lkMrccJig0t4FI7yw= -cloud.google.com/go/managedidentities v1.7.5/go.mod h1:cD8aai2c7nWdOzBMP48wJUM9zsdIu1VbdojGSlLGqjM= -cloud.google.com/go/maps v1.20.1/go.mod h1:aMmv5a4nJBF3WpbPoGathd05Wbl4uuHEw2/bXX+2gZ4= -cloud.google.com/go/mediatranslation v0.9.5/go.mod h1:JGsL9cldTUtRi3u6Q+BMXzY1zZFOWdbmZLf1C69G2Zs= -cloud.google.com/go/memcache v1.11.5/go.mod h1:SYrG9bR51Q82rGpj04gA5YwL0aZGdDcqPvxfQiaxio4= -cloud.google.com/go/metastore v1.14.5/go.mod h1:mWHoEHrIFMv4yjKxczc1S6LIwhDQ7rTcAIix2BEIad8= -cloud.google.com/go/monitoring v1.24.1/go.mod h1:Z05d1/vn9NaujqY2voG6pVQXoJGbp+r3laV+LySt9K0= -cloud.google.com/go/networkconnectivity v1.17.0/go.mod h1:RiX351sXmQ/iScNWUBLN+4L9HJeP3etBCIsXCt366Mc= -cloud.google.com/go/networkmanagement v1.18.2/go.mod h1:QOOTm+LgXEPeA9u9bAeDETBYkibzMVTYH4mIi9GJATc= -cloud.google.com/go/networksecurity v0.10.5/go.mod h1:CqJMtLG67gxHEAjGjccwEm5a7Tb6h0kPtHK5SEHnwMc= -cloud.google.com/go/notebooks v1.12.5/go.mod h1:265WkAl2d3YKqxB+nFFkI+xwnc9CWDdvHs+Pl3TUhLM= -cloud.google.com/go/optimization v1.7.5/go.mod h1:/nM8SUgl5C43X8Bb/AzEZdCL9CrUv9JtOVx6Ql4Ohg8= -cloud.google.com/go/orchestration v1.11.7/go.mod h1:0u82lPJh6P5DpeaLtoeyrYafLEBAQ6m7gZwdhVSM1Ag= -cloud.google.com/go/orgpolicy v1.14.3/go.mod h1:bc5nFdnE+4vwCLvv3uNFWUtsywFf6Szv+eW8SmAbQlQ= -cloud.google.com/go/osconfig v1.14.4/go.mod h1:WQ5UV8yf1yhqrFrMD//dsqF/dqpepo9nzSF34aQ4vC8= -cloud.google.com/go/oslogin v1.14.5/go.mod h1:H/wQ2JrheJ/NqGomDgRGj7YwRUKPl/EqQYUse5z+eCU= -cloud.google.com/go/phishingprotection v0.9.5/go.mod h1:9eflfOQ/ZBWXzjX7Y5GCEDgK3KzpQafnFuGzdwt/AFM= -cloud.google.com/go/policytroubleshooter v1.11.5/go.mod h1:/AnSQG4qCijhusdepnPROvb34cqvwZozTpnPmLt09Uk= -cloud.google.com/go/privatecatalog v0.10.6/go.mod h1:rXuTtOfEicEN2bZRBkz/KTdDJndzvc4zb1b2Jaxkc8w= -cloud.google.com/go/pubsub v1.37.0/go.mod h1:YQOQr1uiUM092EXwKs56OPT650nwnawc+8/IjoUeGzQ= -cloud.google.com/go/pubsub v1.49.0/go.mod h1:K1FswTWP+C1tI/nfi3HQecoVeFvL4HUOB1tdaNXKhUY= -cloud.google.com/go/pubsublite v1.8.2/go.mod h1:4r8GSa9NznExjuLPEJlF1VjOPOpgf3IT6k8x/YgaOPI= -cloud.google.com/go/recaptchaenterprise/v2 v2.20.2/go.mod h1:BuZevlArTGydeIvlO3Mp4nQwLWPsnzUDUF/84+1bmfc= -cloud.google.com/go/recommendationengine v0.9.5/go.mod h1:7Ngg07UK3Ix45dwj/DXgWJa0661YyKfE84XKXnM6qo0= -cloud.google.com/go/recommender v1.13.4/go.mod h1:2xpcTYCOy2JlePWcMcVqS+dNiiMNCNGT/PtsjGP1BTQ= -cloud.google.com/go/redis v1.18.1/go.mod h1:lZQIhkqbhlmqGlFws6yzxSt2qNrAsPDHozWYGvXywqM= -cloud.google.com/go/resourcemanager v1.10.5/go.mod h1:3h1p8//AxBksoqJR/sD5AeGKVuuhZi805WC9nGogRGE= -cloud.google.com/go/resourcesettings v1.8.3/go.mod h1:BzgfXFHIWOOmHe6ZV9+r3OWfpHJgnqXy8jqwx4zTMLw= -cloud.google.com/go/retail v1.19.3/go.mod h1:o34bfr78e/gDLbHeDp0jiXKkXK7onYCJc86qrTM4Pac= -cloud.google.com/go/run v1.9.2/go.mod h1:QD5H5hNuz900FYLQGtbMlA0dqZogy/Wj0xpLwTzK2+Q= -cloud.google.com/go/scheduler v1.11.6/go.mod h1:gb8qfU07hAyXXtwrKXs7nbc9ar/R8vNsaRHswZpgPyM= -cloud.google.com/go/secretmanager v1.14.6/go.mod h1:0OWeM3qpJ2n71MGgNfKsgjC/9LfVTcUqXFUlGxo5PzY= -cloud.google.com/go/security v1.18.4/go.mod h1:+oNVB34sloqG2K3IpoT2KUDgNAbAJ9A2uENjAUvgzRQ= -cloud.google.com/go/securitycenter v1.36.1/go.mod h1:SxE1r7Y5V9AVPa+DU0d+4QAOIJzcKglO3Vc4zvcQtPo= -cloud.google.com/go/servicedirectory v1.12.5/go.mod h1:v/sr/Z4lbZzJBSn5H7bObu8FKoS6NZZ0ysQ3gi0vMMM= -cloud.google.com/go/shell v1.8.5/go.mod h1:vuRxgLhy5pR9TZVqWvR/7lfSiMCLv6ucuoYDtQKKuJ8= -cloud.google.com/go/spanner v1.79.0/go.mod h1:224ub0ngSaiy7SJI7QZ1pu9zoVPt6CgfwDGBNhUUuzU= -cloud.google.com/go/speech v1.26.1/go.mod h1:YTt2qy3GFlzxNJmWj7aDEZjTqESvP2pWpExdOqtCQ6k= -cloud.google.com/go/storagetransfer v1.12.3/go.mod h1:JzyP1ymNdy+F0VjyVCKzuk1WjLJ1yZGhtXcBlzBkPjk= -cloud.google.com/go/talent v1.8.2/go.mod h1:SAIKGqmpKBCOf1LZLtL/7yzNqY2YTYHk0CgMlEWBXMY= -cloud.google.com/go/texttospeech v1.12.0/go.mod h1:BdrVnsA7LnGe9v+zY3nfNJ2veaqLFbpkpBz3U+jsY34= -cloud.google.com/go/tpu v1.8.2/go.mod h1:W/fW8HHjrzx1Ae5ahXiWnc/O0FNAQCbXdGdE7Hac3dc= -cloud.google.com/go/trace v1.11.5/go.mod h1:TwblCcqNInriu5/qzaeYEIH7wzUcchSdeY2l5wL3Eec= -cloud.google.com/go/translate v1.10.3/go.mod h1:GW0vC1qvPtd3pgtypCv4k4U8B7EdgK9/QEF2aJEUovs= -cloud.google.com/go/translate v1.12.4/go.mod h1:u3NmYPWGXeNVz94QYzdd8kI7Rvi3wyp2jsjN3qAciCY= -cloud.google.com/go/video v1.23.4/go.mod h1:G95szckwF/7LatG9fGfNXceMzLf7W0UhKTZi6zXKHPs= -cloud.google.com/go/videointelligence v1.12.5/go.mod h1:OFaZL0H53vQl/uyz/8gqXMJ5nr69RIC3ffPGJwKCNww= -cloud.google.com/go/vision/v2 v2.9.4/go.mod h1:VotOrCFm0DbWKU7KvtyuAm72okClHDoERxrgeeQNPN4= -cloud.google.com/go/vmmigration v1.8.5/go.mod h1:6/VVofjrSGi14/0ZcaoSoZcy9VHDhJ6fNFxnYAPxuLg= -cloud.google.com/go/vmwareengine v1.3.4/go.mod h1:2W2NdtnfEe/0rEKoDfGOpBPtbAAf9ZN/SecH1WwLX6w= -cloud.google.com/go/vpcaccess v1.8.5/go.mod h1:R/oMa0mkPbi5GuIascldW5g/IHXq9YX0TBxJyOzyy28= -cloud.google.com/go/webrisk v1.10.5/go.mod h1:Cd8ce1mCt1fbiufmVkHeZZlPGfe4LQVHw006MtBIxvk= -cloud.google.com/go/websecurityscanner v1.7.5/go.mod h1:QGRxdN0ihdyjwDPaLf96O+ks4u+SBG7/bPNs+fc+LR0= -cloud.google.com/go/workflows v1.14.0/go.mod h1:kjar2tf4qQu7VoCTFX+L3yy+2dIFTWr6R4i52DN6ySk= -filippo.io/mkcert v1.4.4/go.mod h1:VyvOchVuAye3BoUsPUOOofKygVwLV2KQMVFJNRq+1dA= -fyne.io/systray v1.11.0/go.mod h1:RVwqP9nYMo7h5zViCBHri2FgjXF7H2cub7MAq4NSoLs= -github.com/99designs/gqlgen v0.17.36/go.mod h1:6RdyY8puhCoWAQVr2qzF2OMVfudQzc8ACxzpzluoQm4= -github.com/Abirdcfly/dupword v0.0.11/go.mod h1:wH8mVGuf3CP5fsBTkfWwwwKTjDnVVCxtU8d8rgeVYXA= -github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0/go.mod h1:OahwfttHWG6eJ0clwcfBAHoDI6X/LV/15hx/wlMZSrU= -github.com/AlekSi/pointer v1.2.0/go.mod h1:gZGfd3dpW4vEc/UlyfKKi1roIqcCgwOIvb0tSNSBle0= -github.com/Antonboom/errname v0.1.9/go.mod h1:nLTcJzevREuAsgTbG85UsuiWpMpAqbKD1HNZ29OzE58= -github.com/Antonboom/nilnil v0.1.4/go.mod h1:iOov/7gRcXkeEU+EMGpBu2ORih3iyVEiWjeste1SJm8= -github.com/AudriusButkevicius/recli v0.0.7-0.20220911121932-d000ce8fbf0f/go.mod h1:Nhfib1j/VFnLrXL9cHgA+/n2O6P5THuWelOnbfPNd78= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0/go.mod h1:XCW7KnZet0Opnr7HccfUw1PLc4CjHqpcaxW8DHklNkQ= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0/go.mod h1:iZDifYGJTIgIIkYRNWPENUnqx6bJ2xnSDFI2tjwZNuY= -github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.6.0/go.mod h1:cTvi54pg19DoT07ekoeMgE/taAwNtCShVeZqA+Iv2xI= -github.com/DataDog/datadog-agent/comp/trace/compression/def v0.58.0/go.mod h1:samFXdP0HVSwD223LPLzcPKUjRQ6/uwr/1wMPo2HhRg= -github.com/DataDog/datadog-agent/comp/trace/compression/impl-gzip v0.58.0/go.mod h1:FTweq0EZjbOgeWgV7+3R1Zx9l2b9de7LwceYSNNdZvM= -github.com/DataDog/datadog-agent/comp/trace/compression/impl-zstd v0.58.0/go.mod h1:wIlhI+gwxKQzDQFr4PjvXXuKHUsx3QWY2TbwDv1yaDs= -github.com/DataDog/datadog-agent/pkg/util/cgroups v0.58.0/go.mod h1:XjTdv3Kb7EqpPnMlmmQK1MV6EFOArwoa6wSVB+P7TdU= -github.com/DataDog/datadog-agent/pkg/util/pointer v0.58.0/go.mod h1:t1DlnUEMltkvwPLc7zCtP1u5cBDu+30daR2VhQO5bvA= -github.com/DataDog/zstd v1.5.5/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw= -github.com/Djarvur/go-err113 v0.1.0/go.mod h1:4UJr5HIiMZrwgkSPdsjy2uOQExX/WEILpIrO9UPGuXs= -github.com/GaijinEntertainment/go-exhaustruct/v2 v2.3.0/go.mod h1:b3g59n2Y+T5xmcxJL+UEG2f8cQploZm1mR/v6BW0mU0= -github.com/GoogleCloudPlatform/gke-networking-api v0.1.2-0.20240904205008-bc15495fd43f/go.mod h1:YnoYXo/cwpqFmIXKblHOV5jFEpsSL3PZeo0zaR3oGTI= -github.com/GoogleCloudPlatform/k8s-cloud-provider v1.25.0/go.mod h1:UTfhBnADaj2rybPT049NScSh7Eall3u2ib43wmz3deg= -github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp v1.25.0/go.mod h1:obipzmGjfSjam60XLwGfqUkJsfiheAl+TUjG+4yzyPM= -github.com/IBM/sarama v1.43.1/go.mod h1:GG5q1RURtDNPz8xxJs3mgX6Ytak8Z9eLhAkJPObe2xE= github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= -github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60= -github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= -github.com/Masterminds/vcs v1.13.3/go.mod h1:TiE7xuEjl1N4j016moRd6vezp6e6Lz23gypeXfzXeW8= -github.com/Microsoft/cosesign1go v1.2.0/go.mod h1:1La/HcGw19rRLhPW0S6u55K6LKfti+GQSgGCtrfhVe8= -github.com/Microsoft/didx509go v0.0.3/go.mod h1:wWt+iQsLzn3011+VfESzznLIp/Owhuj7rLF7yLglYbk= -github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= -github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= -github.com/OpenPeeDeeP/depguard v1.1.1/go.mod h1:JtAMzWkmFEzDPyAd+W0NHl1lvpQKTvT9jnRVsohBKpc= -github.com/ProtonMail/go-crypto v1.0.0/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= -github.com/Shopify/sarama v1.38.1/go.mod h1:iwv9a67Ha8VNa+TifujYoWGxWnu2kNVAQdSdZ4X2o5g= -github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo= -github.com/akavel/rsrc v0.10.2/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkKq+c= -github.com/akutz/memconn v0.1.0/go.mod h1:Jo8rI7m0NieZyLI5e2CDlRdRqRRB4S7Xp77ukDjH+Fw= -github.com/alecthomas/kingpin/v2 v2.4.0/go.mod h1:0gyi0zQnjuFk8xrkNKamJoyUo382HRL7ATRpFZCw6tE= -github.com/alecthomas/kong v1.6.0/go.mod h1:p2vqieVMeTAnaC83txKtXe8FLke2X07aruPWXyMPQrU= -github.com/alecthomas/kong v1.10.0/go.mod h1:p2vqieVMeTAnaC83txKtXe8FLke2X07aruPWXyMPQrU= -github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= -github.com/alexkohler/prealloc v1.0.0/go.mod h1:VetnK3dIgFBBKmg0YnD9F9x6Icjd+9cvfHR56wJVlKE= -github.com/alingse/asasalint v0.0.11/go.mod h1:nCaoMhw7a9kSJObvQyVzNTPBDbNpdocqrSP7t/cW5+I= -github.com/andybalholm/brotli v1.1.0/go.mod h1:sms7XGricyQI9K10gOSf56VKKWS4oLer58Q+mhRPtnY= -github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/antlr4-go/antlr/v4 v4.13.0/go.mod h1:pfChB/xh/Unjila75QW7+VU4TSnWnnk9UTnmpPaOR2g= -github.com/antlr4-go/antlr/v4 v4.13.1/go.mod h1:GKmUxMtwp6ZgGwZSva4eWPC5mS6vUAmOABFgjdkM7Nw= -github.com/armon/go-metrics v0.4.1/go.mod h1:E6amYzXo6aW1tqzoZGT755KkbgrJsSdpwZ+3JqfkOG4= -github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/ashanbrown/forbidigo v1.5.1/go.mod h1:Y8j9jy9ZYAEHXdu723cUlraTqbzjKF1MUyfOKL+AjcU= -github.com/ashanbrown/makezero v1.1.1/go.mod h1:i1bJLCRSCHOcOa9Y6MyF2FTfMZMFdHvxKHxgO5Z1axI= -github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.13/go.mod h1:gpAbvyDGQFozTEmlTFO8XcQKHzubdq0LzRyJpG6MiXM= -github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.64/go.mod h1:4Q7R9MFpXRdjO3YnAfUTdnuENs32WzBkASt6VxSYDYQ= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.1.3/go.mod h1:jYLMm3Dh0wbeV3lxth5ryks/O2M/omVXWyYm3YcEVqQ= -github.com/aws/aws-sdk-go-v2/service/dynamodb v1.21.4/go.mod h1:aryF4jxgjhbqpdhj8QybUZI3xYrX8MQIKm4WbOv8Whg= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.93.2/go.mod h1:VX22JN3HQXDtQ3uS4h4TtM+K11vydq58tpHTlsm8TL8= -github.com/aws/aws-sdk-go-v2/service/eventbridge v1.20.4/go.mod h1:XlbY5AGZhlipCdhRorT18/HEThKAxo51hMmhixreJoM= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.35/go.mod h1:YVHrksq36j0sbXCT6rSuQafpfYkMYqy0QTk7JTCTBIU= -github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.7.34/go.mod h1:CDPcT6pljRaqz1yLsOgPUvOPOczFvXuJxOKzDzAbF0c= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.15.3/go.mod h1:TXBww3ANB+QRj+/dUoYDvI8d/u4F4WzTxD4mxtDoxrg= -github.com/aws/aws-sdk-go-v2/service/kinesis v1.18.4/go.mod h1:HnjgmL8TNmYtGcrA3N6EeCnDvlX6CteCdUbZ1wV8QWQ= -github.com/aws/aws-sdk-go-v2/service/s3 v1.33.0/go.mod h1:J9kLNzEiHSeGMyN7238EjJmBpCniVzFda75Gxl/NqB8= -github.com/aws/aws-sdk-go-v2/service/sfn v1.19.4/go.mod h1:uWCH4ATwNrkRO40j8Dmy7u/Y1/BVWgCM+YjBNYZeOro= -github.com/aws/aws-sdk-go-v2/service/sns v1.21.4/go.mod h1:bbB779DXXOnPXvB7F3dP7AjuV1Eyr7fNyrA058ExuzY= -github.com/aws/aws-sdk-go-v2/service/sqs v1.24.4/go.mod h1:c1AF/ac4k4xz32FprEk6AqqGFH/Fkub9VUPSrASlllA= -github.com/aws/aws-sdk-go-v2/service/ssm v1.44.7/go.mod h1:Q7XIWsMo0JcMpI/6TGD6XXcXcV1DbTj6e9BKNntIMIM= -github.com/bazelbuild/rules_go v0.44.2/go.mod h1:Dhcz716Kqg1RHNWos+N6MlXNkjNP2EwZQ0LukRKJfMs= -github.com/bkielbasa/cyclop v1.2.0/go.mod h1:qOI0yy6A7dYC4Zgsa72Ppm9kONl0RoIlPbzot9mhmeI= -github.com/blakesmith/ar v0.0.0-20190502131153-809d4375e1fb/go.mod h1:PkYb9DJNAwrSvRx5DYA+gUcOIgTGVMNkfSCbZM8cWpI= -github.com/blizzy78/varnamelen v0.8.0/go.mod h1:V9TzQZ4fLJ1DSrjVDfl89H7aMnTvKkApdHeyESmyR7k= -github.com/bombsimon/wsl/v3 v3.4.0/go.mod h1:KkIB+TXkqy6MvK9BDZVbZxKNYsE1/oLRJbIFtf14qqo= -github.com/bradfitz/gomemcache v0.0.0-20230611145640-acc696258285/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA= -github.com/bramvdbogaerde/go-scp v1.4.0/go.mod h1:on2aH5AxaFb2G0N5Vsdy6B0Ml7k9HuHSwfo1y0QzAbQ= -github.com/breml/bidichk v0.2.4/go.mod h1:7Zk0kRFt1LIZxtQdl9W9JwGAcLTTkOs+tN7wuEYGJ3s= -github.com/breml/errchkjson v0.3.1/go.mod h1:XroxrzKjdiutFyW3nWhw34VGg7kiMsDQox73yWCGI2U= -github.com/butuzov/ireturn v0.2.0/go.mod h1:Wh6Zl3IMtTpaIKbmwzqi6olnM9ptYQxxVacMsOEFPoc= -github.com/bytedance/sonic v1.12.0/go.mod h1:B8Gt/XvtZ3Fqj+iSKMypzymZxw/FVwgIGKzMzT9r/rk= -github.com/bytedance/sonic/loader v0.2.0/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU= -github.com/cavaliergopher/cpio v1.0.1/go.mod h1:pBdaqQjnvXxdS/6CvNDwIANIFSP0xRKI16PX4xejRQc= github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4= -github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= -github.com/cenkalti/backoff/v3 v3.2.2/go.mod h1:cIeZDE3IrqwwJl6VUwCN6trj1oXrTS4rc0ij+ULvLYs= -github.com/certifi/gocertifi v0.0.0-20210507211836-431795d63e8d/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA= -github.com/charithe/durationcheck v0.0.10/go.mod h1:bCWXb7gYRysD1CU3C+u4ceO49LoGOY1C1L6uouGNreQ= -github.com/chavacava/garif v0.0.0-20230227094218-b8c73b2037b8/go.mod h1:gakxgyXaaPkxvLw1XQxNGK4I37ys9iBRzNUx/B7pUCo= -github.com/chzyer/readline v1.5.1/go.mod h1:Eh+b79XXUwfKfcPLepksvw2tcLE/Ct21YObkaSkeBlk= -github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA= -github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w= -github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY= -github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb/go.mod h1:ZjrT6AXHbDs86ZSdt/osfBi5qfexBrKUdONk989Wnk4= -github.com/coder/websocket v1.8.12/go.mod h1:LNVeNrXQZfe5qhS9ALED3uA+l5pPqvwXg3CKoDBB2gs= -github.com/confluentinc/confluent-kafka-go v1.9.2/go.mod h1:ptXNqsuDfYbAE/LBW6pnwWZElUoWxHoV8E43DCrliyo= -github.com/confluentinc/confluent-kafka-go/v2 v2.4.0/go.mod h1:E1dEQy50ZLfqs7T9luxz0rLxaeFZJZE92XvApJOr/Rk= -github.com/containerd/aufs v1.0.0/go.mod h1:kL5kd6KM5TzQjR79jljyi4olc1Vrx6XBlcyj3gNv2PU= -github.com/containerd/btrfs/v2 v2.0.0/go.mod h1:swkD/7j9HApWpzl8OHfrHNxppPd9l44DFZdF94BUj9k= -github.com/containerd/cgroups v1.1.0/go.mod h1:6ppBcbh/NOOUU+dMKrykgaBnK9lCIBxHqJDGwsa1mIw= -github.com/containerd/cgroups/v3 v3.0.3/go.mod h1:8HBe7V3aWGLFPd/k03swSIsGjZhHI2WzJmticMgVuz0= -github.com/containerd/console v1.0.4/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk= -github.com/containerd/containerd/api v1.8.0/go.mod h1:dFv4lt6S20wTu/hMcP4350RL87qPWLVa/OHOwmmdnYc= -github.com/containerd/continuity v0.4.4/go.mod h1:/lNJvtJKUQStBzpVQ1+rasXO1LAWtUQssk28EZvJ3nE= -github.com/containerd/errdefs v0.3.0/go.mod h1:+YBYIdtsnF4Iw6nWZhJcqGSg/dwvV7tyJ/kCkyJ2k+M= -github.com/containerd/errdefs/pkg v0.3.0/go.mod h1:NJw6s9HwNuRhnjJhM7pylWwMyAkmCQvQ4GpJHEqRLVk= -github.com/containerd/fifo v1.1.0/go.mod h1:bmC4NWMbXlt2EZ0Hc7Fx7QzTFxgPID13eH0Qu+MAb2o= -github.com/containerd/go-cni v1.1.9/go.mod h1:XYrZJ1d5W6E2VOvjffL3IZq0Dz6bsVlERHbekNK90PM= -github.com/containerd/go-runc v1.0.0/go.mod h1:cNU0ZbCgCQVZK4lgG3P+9tn9/PaJNmoDXPpoJhDR+Ok= -github.com/containerd/imgcrypt v1.1.8/go.mod h1:x6QvFIkMyO2qGIY2zXc88ivEzcbgvLdWjoZyGqDap5U= -github.com/containerd/nri v0.8.0/go.mod h1:uSkgBrCdEtAiEz4vnrq8gmAC4EnVAM5Klt0OuK5rZYQ= -github.com/containerd/protobuild v0.3.0/go.mod h1:5mNMFKKAwCIAkFBPiOdtRx2KiQlyEJeMXnL5R1DsWu8= -github.com/containerd/stargz-snapshotter/estargz v0.15.1/go.mod h1:gr2RNwukQ/S9Nv33Lt6UC7xEx58C+LHRdoqbEKjz1Kk= -github.com/containerd/ttrpc v1.2.7/go.mod h1:YCXHsb32f+Sq5/72xHubdiJRQY9inL4a4ZQrAbN1q9o= -github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s= -github.com/containerd/typeurl/v2 v2.2.0/go.mod h1:8XOOxnyatxSWuG8OfsZXVnAF4iZfedjS/8UHSPJnX4g= -github.com/containerd/zfs v1.1.0/go.mod h1:oZF9wBnrnQjpWLaPKEinrx3TQ9a+W/RJO7Zb41d8YLE= -github.com/containernetworking/plugins v1.2.0/go.mod h1:/VjX4uHecW5vVimFa1wkG4s+r/s9qIfPdqlLF4TW8c4= -github.com/containers/ocicrypt v1.1.10/go.mod h1:YfzSSr06PTHQwSTUKqDSjish9BeW1E4HUmreluQcMd8= -github.com/coreos/go-oidc v2.2.1+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= -github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf h1:iW4rZ826su+pqaw19uhpSCzhj44qo35pNgKFGqzDKkU= -github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= -github.com/curioswitch/go-reassign v0.2.0/go.mod h1:x6OpXuWvgfQaMGks2BZybTngWjT84hqJfKoO8Tt/Roc= -github.com/daixiang0/gci v0.10.1/go.mod h1:xtHP9N7AHdNvtRNfcx9gwTDfw7FRJx4bZUsiEfiNNAI= -github.com/danieljoos/wincred v1.2.1/go.mod h1:uGaFL9fDn3OLTvzCGulzE+SzjEe5NGlh5FdCcyfPwps= -github.com/dave/astrid v0.0.0-20170323122508-8c2895878b14/go.mod h1:Sth2QfxfATb/nW4EsrSi2KyJmbcniZ8TgTaji17D6ms= -github.com/dave/brenda v1.1.0/go.mod h1:4wCUr6gSlu5/1Tk7akE5X7UorwiQ8Rij0SKH3/BGMOM= -github.com/dave/courtney v0.4.0/go.mod h1:3WSU3yaloZXYAxRuWt8oRyVb9SaRiMBt5Kz/2J227tM= -github.com/dave/patsy v0.0.0-20210517141501-957256f50cba/go.mod h1:qfR88CgEGLoiqDaE+xxDCi5QA5v4vUoW0UCX2Nd5Tlc= -github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0/go.mod h1:v57UDF4pDQJcEfFUCRop3lJL149eHGSe9Jvczhzjo/0= -github.com/denis-tingaikin/go-header v0.4.3/go.mod h1:0wOCWuN71D5qIgE2nz9KrKmuYBAC2Mra5RassOIQ2/c= -github.com/denisenkom/go-mssqldb v0.11.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= -github.com/digitalocean/go-smbios v0.0.0-20180907143718-390a4f403a8e/go.mod h1:YTIHhz/QFSYnu/EhlF2SpU2Uk+32abacUYA5ZPljz1A= -github.com/dimfeld/httptreemux/v5 v5.5.0/go.mod h1:QeEylH57C0v3VO0tkKraVz9oD3Uu93CKPnTLbsidvSw= -github.com/djherbis/times v1.6.0/go.mod h1:gOHeRAz2h+VJNZ5Gmc/o7iD9k4wW7NMVqieYCY99oc0= -github.com/dsnet/try v0.0.3/go.mod h1:WBM8tRpUmnXXhY1U6/S8dt6UWdHTQ7y8A5YSkRCkq40= -github.com/dvyukov/go-fuzz v0.0.0-20210103155950-6a8e9d1f2415/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw= -github.com/eapache/go-resiliency v1.6.0/go.mod h1:5yPzW0MIvSe0JDsv0v+DvcjEv2FyD6iZYSs1ZI+iQho= -github.com/eapache/go-xerial-snappy v0.0.0-20230731223053-c322873962e3/go.mod h1:YvSRo5mw33fLEx1+DlK6L2VV43tJt5Eyel9n9XBcR+0= -github.com/eapache/queue v1.1.0 h1:YOEu7KNc61ntiQlcEeUIoDTJ2o8mQznoNvUhiigpIqc= -github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= -github.com/elastic/crd-ref-docs v0.0.12/go.mod h1:X83mMBdJt05heJUYiS3T0yJ/JkCuliuhSUNav5Gjo/U= -github.com/elastic/elastic-transport-go/v8 v8.1.0/go.mod h1:87Tcz8IVNe6rVSLdBux1o/PEItLtyabHU3naC7IoqKI= -github.com/elastic/go-elasticsearch/v6 v6.8.5/go.mod h1:UwaDJsD3rWLM5rKNFzv9hgox93HoX8utj1kxD9aFUcI= -github.com/elastic/go-elasticsearch/v7 v7.17.1/go.mod h1:OJ4wdbtDNk5g503kvlHLyErCgQwwzmDtaFC4XyOxXA4= -github.com/elastic/go-elasticsearch/v8 v8.4.0/go.mod h1:yY52i2Vj0unLz+N3Nwx1gM5LXwoj3h2dgptNGBYkMLA= -github.com/emicklei/go-restful v2.16.0+incompatible h1:rgqiKNjTnFQA6kkhFe16D8epTksy9HQ1MyrbDXSdYhM= -github.com/emicklei/go-restful v2.16.0+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= -github.com/esimonov/ifshort v1.0.4/go.mod h1:Pe8zjlRrJ80+q2CxHLfEOfTwxCZ4O+MuhcHcfgNWTk0= -github.com/ettle/strcase v0.1.1/go.mod h1:hzDLsPC7/lwKyBOywSHEP89nt2pDgdy+No1NBA9o9VY= -github.com/evanw/esbuild v0.19.11/go.mod h1:D2vIQZqV/vIf/VRHtViaUtViZmG7o+kKmlBfVQuRi48= -github.com/fatih/structtag v1.2.0/go.mod h1:mBJUNpUnHmRKrKlQQlmCrh5PuhftFbNv8Ys4/aAZl94= -github.com/firefart/nonamedreturns v1.0.4/go.mod h1:TDhe/tjI1BXo48CmYbUduTV7BdIga8MAO/xbKdcVsGI= -github.com/flynn/go-docopt v0.0.0-20140912013429-f6dd2ebbb31e/go.mod h1:HyVoz1Mz5Co8TFO8EupIdlcpwShBmY98dkT2xeHkvEI= -github.com/fogleman/gg v1.3.0/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= -github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY= -github.com/fzipp/gocyclo v0.6.0/go.mod h1:rXPyn8fnlpa0R2csP/31uerbiVBugk5whMdlyaLkLoA= -github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA= -github.com/garyburd/redigo v1.6.4/go.mod h1:rTb6epsqigu3kYKBnaF028A7Tf/Aw5s0cqA47doKKqw= -github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= -github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= -github.com/gin-gonic/gin v1.9.1/go.mod h1:hPrL7YrpYKXt5YId3A/Tnip5kqbEAP+KLuI3SUcPTeU= -github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/go-chi/chi v1.5.4/go.mod h1:uaf8YgoFazUOkPBG7fxPftUylNumIev9awIWOENIuEg= -github.com/go-chi/chi/v5 v5.0.10/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= -github.com/go-critic/go-critic v0.8.0/go.mod h1:5TjdkPI9cu/yKbYS96BTsslihjKd6zg6vd8O9RZXj2s= -github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= -github.com/go-git/go-billy/v5 v5.5.0/go.mod h1:hmexnoNsr2SJU1Ju67OaNz5ASJY3+sHgFRpCtpDCKow= -github.com/go-git/go-git/v5 v5.11.0/go.mod h1:6GFcX2P3NM7FPBfpePbpLd21XxsgdAt+lKqXmCUiUCY= -github.com/go-ini/ini v1.67.0/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= -github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ= -github.com/go-logfmt/logfmt v0.6.0/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= -github.com/go-pg/pg/v10 v10.11.1/go.mod h1:ExJWndhDNNftBdw1Ow83xqpSf4WMSJK8urmXD5VXS1I= -github.com/go-pg/zerochecker v0.2.0/go.mod h1:NJZ4wKL0NmTtz0GKCoJ8kym6Xn/EQzXRl2OnAe7MmDo= -github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= -github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= -github.com/go-playground/validator/v10 v10.15.1/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU= -github.com/go-quicktest/qt v1.101.0/go.mod h1:14Bz/f7NwaXPtdYEgzsx46kqSxVwTbzVZsDC26tQJow= -github.com/go-redis/redis v6.15.9+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA= -github.com/go-redis/redis/v7 v7.4.1/go.mod h1:JDNMw23GTyLNC4GZu9njt15ctBQVn7xjRfnwdHj/Dcg= -github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= -github.com/go-toolsmith/astcast v1.1.0/go.mod h1:qdcuFWeGGS2xX5bLM/c3U9lewg7+Zu4mr+xPwZIB4ZU= -github.com/go-toolsmith/astcopy v1.1.0/go.mod h1:hXM6gan18VA1T/daUEHCFcYiW8Ai1tIwIzHY6srfEAw= -github.com/go-toolsmith/astequal v1.1.0/go.mod h1:sedf7VIdCL22LD8qIvv7Nn9MuWJruQA/ysswh64lffQ= -github.com/go-toolsmith/astfmt v1.1.0/go.mod h1:OrcLlRwu0CuiIBp/8b5PYF9ktGVZUjlNMV634mhwuQ4= -github.com/go-toolsmith/astp v1.1.0/go.mod h1:0T1xFGz9hicKs8Z5MfAqSUitoUYS30pDMsRVIDHs8CA= -github.com/go-toolsmith/strparse v1.1.0/go.mod h1:7ksGy58fsaQkGQlY8WVoBFNyEPMGuJin1rfoPS4lBSQ= -github.com/go-toolsmith/typep v1.1.0/go.mod h1:fVIw+7zjdsMxDA3ITWnH1yOiw1rnTQKCsF/sk2H/qig= -github.com/go-xmlfmt/xmlfmt v1.1.2/go.mod h1:aUCEOzzezBEjDBbFBoSiya/gduyIiWYRP6CnSFIV8AM= -github.com/gobuffalo/flect v1.0.2/go.mod h1:A5msMlrHtLqh9umBSnvabjsMrCcCpAyzglnDvkbYKHs= -github.com/gobuffalo/flect v1.0.3/go.mod h1:A5msMlrHtLqh9umBSnvabjsMrCcCpAyzglnDvkbYKHs= -github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= -github.com/goccy/go-yaml v1.12.0/go.mod h1:wKnAMd44+9JAAnGQpWVEgBzGt3YuTaQ4uXoHvE4m7WU= -github.com/gocql/gocql v1.6.0/go.mod h1:3gM2c4D3AnkISwBxGnMMsS8Oy4y2lhbPRsH4xnJrHG8= -github.com/godror/godror v0.40.4/go.mod h1:i8YtVTHUJKfFT3wTat4A9UoqScUtZXiYB9Rf3SVARgc= -github.com/godror/knownpb v0.1.1/go.mod h1:4nRFbQo1dDuwKnblRXDxrfCFYeT4hjg3GjMqef58eRE= -github.com/gofiber/fiber/v2 v2.52.5/go.mod h1:KEOE+cXMhXG0zHc9d8+E38hoX+ZN7bhOtgeF2oT6jrQ= -github.com/gofrs/flock v0.12.1/go.mod h1:9zxTsyu5xtJ9DK+1tFZyibEV7y3uwDxPPfbxeeHCoD0= -github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= -github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= -github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI= -github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= -github.com/golang/glog v1.2.4/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w= -github.com/golang/mock v1.7.0-rc.1/go.mod h1:s42URUywIqd+OcERslBJvOjepvNymP31m3q8d/GkuRs= -github.com/golangci/check v0.0.0-20180506172741-cfe4005ccda2/go.mod h1:k9Qvh+8juN+UKMCS/3jFtGICgW8O96FVaZsaxdzDkR4= -github.com/golangci/dupl v0.0.0-20180902072040-3e9179ac440a/go.mod h1:ryS0uhF+x9jgbj/N71xsEqODy9BN81/GonCZiOzirOk= -github.com/golangci/go-misc v0.0.0-20220329215616-d24fe342adfe/go.mod h1:gjqyPShc/m8pEMpk0a3SeagVb0kaqvhscv+i9jI5ZhQ= -github.com/golangci/gofmt v0.0.0-20220901101216-f2edd75033f2/go.mod h1:9wOXstvyDRshQ9LggQuzBCGysxs3b6Uo/1MvYCR2NMs= -github.com/golangci/golangci-lint v1.52.2/go.mod h1:S5fhC5sHM5kE22/HcATKd1XLWQxX+y7mHj8B5H91Q/0= -github.com/golangci/lint-1 v0.0.0-20191013205115-297bf364a8e0/go.mod h1:66R6K6P6VWk9I95jvqGxkqJxVWGFy9XlDwLwVz1RCFg= -github.com/golangci/maligned v0.0.0-20180506175553-b1d89398deca/go.mod h1:tvlJhZqDe4LMs4ZHD0oMUlt9G2LWuDGoisJTBzLMV9o= -github.com/golangci/misspell v0.4.0/go.mod h1:W6O/bwV6lGDxUCChm2ykw9NQdd5bYd1Xkjo88UcWyJc= -github.com/golangci/revgrep v0.0.0-20220804021717-745bb2f7c2e6/go.mod h1:0AKcRCkMoKvUvlf89F6O7H2LYdhr1zBh736mBItOdRs= -github.com/golangci/unconvert v0.0.0-20180507085042-28b1c447d1f4/go.mod h1:Izgrg8RkN3rCIMLGE9CyYmU9pY2Jer6DgANEnZ/L/cQ= -github.com/gomodule/redigo v1.8.9/go.mod h1:7ArFNvsTjH8GMMzB4uy1snslv2BwmginuMs06a1uzZE= -github.com/google/cel-go v0.22.0/go.mod h1:BuznPXXfQDpXKWQ9sPW3TzlAJN5zzFe+i9tIs0yC4s8= -github.com/google/gnostic v0.5.7-v3refs/go.mod h1:73MKFl6jIHelAJNaBGFzt3SPtZULs9dYrGFt8OiIsHQ= -github.com/google/go-containerregistry v0.20.1/go.mod h1:YCMFNQeeXeLF+dnhhWkqDItx/JSkH01j1Kis4PsjzFI= -github.com/google/go-github/v56 v56.0.0/go.mod h1:D8cdcX98YWJvi7TLo7zM4/h8ZTx6u6fwGEkCdisopo0= -github.com/google/go-pkcs11 v0.3.0/go.mod h1:6eQoGcuNJpa7jnd5pMGdkSaQpNDYvPlXWMcjXXThLlY= -github.com/google/goterm v0.0.0-20200907032337-555d40f16ae2/go.mod h1:nOFQdrUlIlx6M6ODdSpBj1NVA+VgLC6kmw60mkw34H4= -github.com/google/rpmpack v0.5.0/go.mod h1:uqVAUVQLq8UY2hCDfmJ/+rtO3aw7qyhc90rCVEabEfI= -github.com/google/subcommands v1.0.2-0.20190508160503-636abe8753b8/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk= -github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= -github.com/gordonklaus/ineffassign v0.0.0-20230107090616-13ace0543b28/go.mod h1:Qcp2HIAYhR7mNUVSIxZww3Guk4it82ghYcEXIAk+QT0= -github.com/goreleaser/chglog v0.5.0/go.mod h1:Ri46M3lrMuv76FHszs3vtABR8J8k1w9JHYAzxeeOl28= -github.com/goreleaser/fileglob v1.3.0/go.mod h1:Jx6BoXv3mbYkEzwm9THo7xbr5egkAraxkGorbJb4RxU= -github.com/goreleaser/nfpm/v2 v2.33.1/go.mod h1:8wwWWvJWmn84xo/Sqiv0aMvEGTHlHZTXTEuVSgQpkIM= -github.com/gorilla/csrf v1.7.2/go.mod h1:F1Fj3KG23WYHE6gozCmBAezKookxbIvUJT+121wTuLk= -github.com/gostaticanalysis/analysisutil v0.7.1/go.mod h1:v21E3hY37WKMGSnbsw2S/ojApNWb6C1//mXO48CXbVc= -github.com/gostaticanalysis/comment v1.4.2/go.mod h1:KLUTGDv6HOCotCH8h2erHKmpci2ZoR8VPu34YA2uzdM= -github.com/gostaticanalysis/forcetypeassert v0.1.0/go.mod h1:qZEedyP/sY1lTGV1uJ3VhWZ2mqag3IkWsDHVbplHXak= -github.com/gostaticanalysis/nilerr v0.1.1/go.mod h1:wZYb6YI5YAxxq0i1+VJbY0s2YONW0HU0GPE3+5PWN4A= -github.com/graph-gophers/graphql-go v1.5.0/go.mod h1:YtmJZDLbF1YYNrlNAuiO5zAStUWc3XZT07iGsVqe1Os= -github.com/graphql-go/graphql v0.8.1/go.mod h1:nKiHzRM0qopJEwCITUuIsxk9PlVlwIiiI8pnJEhordQ= -github.com/graphql-go/handler v0.2.3/go.mod h1:leLF6RpV5uZMN1CdImAxuiayrYYhOk33bZciaUGaXeU= -github.com/grpc-ecosystem/go-grpc-middleware v1.3.0/go.mod h1:z0ButlSOZa5vEBq9m2m2hlwIgKw+rp3sdCBRoJY+30Y= -github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4M0+kPpLofRdBo= -github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= -github.com/hanwen/go-fuse/v2 v2.3.0/go.mod h1:xKwi1cF7nXAOBCXujD5ie0ZKsxc8GGSA1rlMJc+8IJs= -github.com/hashicorp/consul/api v1.24.0/go.mod h1:NZJGRFYruc/80wYowkPFCp1LbGmJC9L8izrwfyVx/Wg= -github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-hclog v1.6.3/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= -github.com/hashicorp/go-immutable-radix v1.3.1/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-retryablehttp v0.7.7/go.mod h1:pkQpWZeYWskR+D1tR2O5OcBFOxfA7DoAO6xtkuQnHTk= -github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= -github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/hashicorp/serf v0.10.1/go.mod h1:yL2t6BqATOLGc5HF7qbFkTfXoPIY0WZdWHfEvMqbG+4= -github.com/hashicorp/vault/api v1.9.2/go.mod h1:jo5Y/ET+hNyz+JnKDt8XLAdKs+AM0G5W0Vp1IrFI8N8= -github.com/hashicorp/vault/sdk v0.9.2/go.mod h1:gG0lA7P++KefplzvcD3vrfCmgxVAM7Z/SqX5NeOL/98= -github.com/hexops/gotextdiff v1.0.3/go.mod h1:pSWU5MAI3yDq+fZBTazCSJysOMbxWL1BSow5/V2vxeg= -github.com/iancoleman/strcase v0.3.0/go.mod h1:iwCmte+B7n89clKwxIoIXy/HfoL7AsD47ZCWhYzw7ho= -github.com/ianlancetaylor/demangle v0.0.0-20240312041847-bd984b5ce465/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw= -github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= -github.com/inetaf/tcpproxy v0.0.0-20240214030015-3ce58045626c/go.mod h1:Di7LXRyUcnvAcLicFhtM9/MlZl/TNgRSDHORM2c6CMI= -github.com/insomniacslk/dhcp v0.0.0-20231206064809-8c70d406f6d2/go.mod h1:3A9PQ1cunSDF/1rbTq99Ts4pVnycWg+vlPkfeD2NLFI= -github.com/intel/goresctrl v0.5.0/go.mod h1:mIe63ggylWYr0cU/l8n11FAkesqfvuP3oktIsxvu0T0= -github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg= -github.com/jackc/pgservicefile v0.0.0-20221227161230-091c0ba34f0a/go.mod h1:5TJZWKEWniPve33vlWYSoGYefn3gLQRzjfDlhSJ9ZKM= -github.com/jackc/pgx/v5 v5.6.0/go.mod h1:DNZ/vlrUnhWCoFGxHAG8U2ljioxukquj7utPDgtQdTw= -github.com/jackc/puddle/v2 v2.2.1/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4= -github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jellydator/ttlcache/v3 v3.1.0/go.mod h1:hi7MGFdMAwZna5n2tuvh63DvFLzVKySzCVW6+0gA2n4= -github.com/jessevdk/go-flags v1.6.1/go.mod h1:Mk8T1hIAWpOiJiHa9rJASDK2UGWji0EuPGBnNLMooyc= -github.com/jgautheron/goconst v1.5.1/go.mod h1:aAosetZ5zaeC/2EfMeRswtxUFBpe2Hr7HzkgX4fanO4= -github.com/jingyugao/rowserrcheck v1.1.1/go.mod h1:4yvlZSDb3IyDTUZJUmpZfm2Hwok+Dtp+nu2qOq+er9c= -github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8= -github.com/jirfag/go-printf-func-name v0.0.0-20200119135958-7558a9eaa5af/go.mod h1:HEWGJkRDzjJY2sqdDwxccsGicWEf9BQOZsq2tV+xzM0= -github.com/jonboulle/clockwork v0.4.0/go.mod h1:xgRqUGwRcjKCO1vbZUEtSLrqKoPSsUpK7fnezOII0kc= -github.com/josephspurrier/goversioninfo v1.4.0/go.mod h1:JWzv5rKQr+MmW+LvM412ToT/IkYDZjaclF2pKDss8IY= -github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= -github.com/jsimonetti/rtnetlink/v2 v2.0.1/go.mod h1:7MoNYNbb3UaDHtF8udiJo/RH6VsTKP1pqKLUTVCvToE= -github.com/julz/importas v0.1.0/go.mod h1:oSFU2R4XK/P7kNBrnL/FEQlDGN1/6WoxXEjSSXO0DV0= -github.com/junk1tm/musttag v0.5.0/go.mod h1:PcR7BA+oREQYvHwgjIDmw3exJeds5JzRcvEJTfjrA0M= -github.com/karrick/godirwalk v1.17.0/go.mod h1:j4mkqPuvaLI8mp1DroR3P6ad7cyYd4c1qeJ3RV7ULlk= -github.com/kisielk/errcheck v1.6.3/go.mod h1:nXw/i/MfnvRHqXa7XXmQMUB0oNFGuBrNI8d8NLy0LPw= -github.com/kkHAIKE/contextcheck v1.1.4/go.mod h1:1+i/gWqokIa+dm31mqGLZhZJ7Uh44DJGZVmr6QRBNJg= -github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= -github.com/klauspost/pgzip v1.2.6/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= -github.com/knadh/koanf/maps v0.1.1/go.mod h1:npD/QZY3V6ghQDdcQzl1W4ICNVTkohC8E73eI2xW4yI= -github.com/knadh/koanf/providers/confmap v0.1.0/go.mod h1:2uLhxQzJnyHKfxG927awZC7+fyHFdQkd697K4MdLnIU= -github.com/knadh/koanf/v2 v2.0.2/go.mod h1:HN9uZ+qFAejH1e4G41gnoffIanINWQuONLXiV7kir6k= -github.com/kortschak/wol v0.0.0-20200729010619-da482cc4850a/go.mod h1:YTtCCM3ryyfiu4F7t8HQ1mxvp1UBdWM2r6Xa+nGWvDk= -github.com/kr/fs v0.1.0/go.mod h1:FFnZGqtBN9Gxj7eW1uZ42v5BccTP0vu6NEaFoC2HwRg= -github.com/kulti/thelper v0.6.3/go.mod h1:DsqKShOvP40epevkFrvIwkCMNYxMeTNjdWL4dqWHZ6I= -github.com/kunwardeep/paralleltest v1.0.6/go.mod h1:Y0Y0XISdZM5IKm3TREQMZ6iteqn1YuwCsJO/0kL9Zes= -github.com/kyoh86/exportloopref v0.1.11/go.mod h1:qkV4UF1zGl6EkF1ox8L5t9SwyeBAZ3qLMd6up458uqA= -github.com/labstack/echo v3.3.10+incompatible/go.mod h1:0INS7j/VjnFxD4E2wkz67b8cVwCLbBmJyDaka6Cmk1s= -github.com/labstack/echo/v4 v4.11.1/go.mod h1:YuYRTSM3CHs2ybfrL8Px48bO6BAnYIN4l8wSTMP6BDQ= -github.com/labstack/gommon v0.4.0/go.mod h1:uW6kP17uPlLJsD3ijUYn3/M5bAxtlZhMI6m3MFxTMTM= -github.com/ldez/gomoddirectives v0.2.3/go.mod h1:cpgBogWITnCfRq2qGoDkKMEVSaarhdBr6g8G04uz6d0= -github.com/ldez/tagliatelle v0.5.0/go.mod h1:rj1HmWiL1MiKQuOONhd09iySTEkUuE/8+5jtPYz9xa4= -github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= -github.com/leonklingele/grouper v1.1.1/go.mod h1:uk3I3uDfi9B6PeUjsCKi6ndcf63Uy7snXgR4yDYQVDY= -github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y= -github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU= -github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E= -github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4= -github.com/lestrrat-go/jwx v1.2.29/go.mod h1:hU8k2l6WF0ncx20uQdOmik/Gjg6E3/wIRtXSNFeZuB8= -github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I= -github.com/linuxkit/virtsock v0.0.0-20201010232012-f8cee7dfc7a3/go.mod h1:3r6x7q95whyfWQpmGZTu3gk3v2YkMi05HEzl7Tf7YEo= -github.com/lufeee/execinquery v1.2.1/go.mod h1:EC7DrEKView09ocscGHC+apXMIaorh4xqSxS/dy8SbM= -github.com/lxn/walk v0.0.0-20210112085537-c389da54e794/go.mod h1:E23UucZGqpuUANJooIbHWCufXvOcT6E7Stq81gU+CSQ= -github.com/lxn/win v0.0.0-20210218163916-a377121e959e/go.mod h1:KxxjdtRkfNoYDCUP5ryK7XJJNTnpC8atvtmTheChOtk= -github.com/lyft/protoc-gen-star/v2 v2.0.4-0.20230330145011-496ad1ac90a4/go.mod h1:amey7yeodaJhXSbf/TlLvWiqQfLOSpEk//mLlc+axEk= -github.com/maratori/testableexamples v1.0.0/go.mod h1:4rhjL1n20TUTT4vdh3RDqSizKLyXp7K2u6HgraZCGzE= -github.com/maratori/testpackage v1.1.1/go.mod h1:s4gRK/ym6AMrqpOa/kEbQTV4Q4jb7WeLZzVhVVVOQMc= -github.com/maruel/panicparse/v2 v2.4.0/go.mod h1:nOY2OKe8csO3F3SA5+hsxot05JLgukrF54B9x88fVp4= -github.com/maruel/panicparse/v2 v2.5.0/go.mod h1:DA2fDiBk63bKfBf4CVZP9gb4fuvzdPbLDsSI873hweQ= -github.com/matoous/godox v0.0.0-20230222163458-006bad1f9d26/go.mod h1:1BELzlh859Sh1c6+90blK8lbYy0kwQf1bYlBhBysy1s= -github.com/mattn/go-oci8 v0.1.1/go.mod h1:wjDx6Xm9q7dFtHJvIlrI99JytznLw5wQ4R+9mNXJwGI= -github.com/mattn/go-shellwords v1.0.12/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= -github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1/go.mod h1:eyp4DdUJAKkr9tvxR3jWhw2mDK7CWABMG5r9uyaKC7I= -github.com/maxbrunsfeld/counterfeiter/v6 v6.11.2/go.mod h1:VzB2VoMh1Y32/QqDfg9ZJYHj99oM4LiGtqPZydTiQSQ= -github.com/maxmind/geoipupdate/v6 v6.1.0/go.mod h1:cZYCDzfMzTY4v6dKRdV7KTB6SStxtn3yFkiJ1btTGGc= -github.com/mbilski/exhaustivestruct v1.2.0/go.mod h1:OeTBVxQWoEmB2J2JCHmXWPJ0aksxSUOUy+nvtVEfzXc= -github.com/mdlayher/genetlink v1.3.2/go.mod h1:tcC3pkCrPUGIKKsCsp0B3AdaaKuHtaxoJRz3cc+528o= -github.com/mdlayher/sdnotify v1.0.0/go.mod h1:HQUmpM4XgYkhDLtd+Uad8ZFK1T9D5+pNxnXQjCeJlGE= -github.com/mgechev/revive v1.3.1/go.mod h1:YlD6TTWl2B8A103R9KWJSPVI9DrEf+oqr15q21Ld+5I= -github.com/microsoft/go-mssqldb v0.21.0/go.mod h1:+4wZTUnz/SV6nffv+RRRB/ss8jPng5Sho2SmM1l2ts4= -github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM= -github.com/mistifyio/go-zfs/v3 v3.0.1/go.mod h1:CzVgeB0RvF2EGzQnytKVvVSDwmKJXxkOTUGbNrTja/k= -github.com/mitchellh/cli v1.1.5/go.mod h1:v8+iFts2sPIKUV1ltktPXMCC8fumSKFItNcD2cLtRR4= -github.com/mitchellh/go-ps v1.0.0/go.mod h1:J4lOc8z8yJs6vUwklHw2XEIiT4z4C40KtWVN3nvg8Pg= -github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= -github.com/moby/sys/mountinfo v0.6.2/go.mod h1:IJb6JQeOklcdMU9F5xQ8ZALD+CUr5VlGpwtX+VE0rpI= -github.com/moby/sys/signal v0.7.0/go.mod h1:GQ6ObYZfqacOwTtlXvcmh9A26dVRul/hbOZn88Kg8Tg= -github.com/moby/sys/symlink v0.2.0/go.mod h1:7uZVF2dqJjG/NsClqul95CqKOBRQyYSNnJ6BMgR/gFs= -github.com/moby/sys/user v0.3.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs= -github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28= -github.com/mohae/deepcopy v0.0.0-20170308212314-bb9b5e7adda9/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= -github.com/montanaflynn/stats v0.6.6/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow= -github.com/moricho/tparallel v0.3.1/go.mod h1:leENX2cUv7Sv2qDgdi0D0fCftN8fRC67Bcn8pqzeYNI= -github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/nakabonne/nestif v0.3.1/go.mod h1:9EtoZochLn5iUprVDmDjqGKPofoUEBL8U4Ngq6aY7OE= -github.com/natefinch/atomic v1.0.1/go.mod h1:N/D/ELrljoqDyT3rZrsUmtsuzvHkeB/wWjHV22AZRbM= -github.com/nbutton23/zxcvbn-go v0.0.0-20210217022336-fa2cb2858354/go.mod h1:KSVJerMDfblTH7p5MZaTt+8zaT2iEk3AkVb9PQdZuE8= -github.com/nelsam/hel/v2 v2.3.3/go.mod h1:1ZTGfU2PFTOd5mx22i5O0Lc2GY933lQ2wb/ggy+rL3w= -github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8= -github.com/nishanths/exhaustive v0.10.0/go.mod h1:IbwrGdVMizvDcIxPYGVdQn5BqWJaOwpCvg4RGb8r/TA= -github.com/nishanths/predeclared v0.2.2/go.mod h1:RROzoN6TnGQupbC+lqggsOlcgysk3LMK/HI84Mp280c= -github.com/nunnatsa/ginkgolinter v0.11.2/go.mod h1:dJIGXYXbkBswqa/pIzG0QlVTTDSBMxDoCFwhsl4Uras= -github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= -github.com/open-policy-agent/opa v0.68.0/go.mod h1:5E5SvaPwTpwt2WM177I9Z3eT7qUpmOGjk1ZdHs+TZ4w= -github.com/open-telemetry/opentelemetry-collector-contrib/pkg/sampling v0.104.0/go.mod h1:4bLfc6BnVKRp3yY+ueEUEeyNWjW/InCGbFs9ZA7o/ko= -github.com/open-telemetry/opentelemetry-collector-contrib/processor/probabilisticsamplerprocessor v0.104.0/go.mod h1:I2so4Vn+ROaCECo0bdQXNxyUjY9tbq1JvcyuWPETLcM= -github.com/opencontainers/runc v1.1.14/go.mod h1:E4C2z+7BxR7GHXp0hAY53mek+x49X1LjPNeMTfRGvOA= -github.com/opencontainers/runtime-spec v1.2.0/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-tools v0.9.1-0.20221107090550-2e043c6bd626/go.mod h1:BRHJJd0E+cx42OybVYSgUvZmU0B8P9gZuRXlZUP7TKI= -github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= -github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= -github.com/peterbourgon/ff/v3 v3.4.0/go.mod h1:zjJVUhx+twciwfDl0zBcFzl4dW8axCRyXE/eKY9RztQ= -github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= -github.com/pkg/sftp v1.13.6/go.mod h1:tz1ryNURKu77RL+GuCzmoJYxQczL3wLNNpPWagdg4Qk= -github.com/polyfloyd/go-errorlint v1.4.1/go.mod h1:k6fU/+fQe38ednoZS51T7gSIGQW1y94d6TkSr35OzH8= -github.com/posener/complete v1.2.3/go.mod h1:WZIdtGGp+qx0sLrYKtIRAruyNpv6hFCicSgv7Sy7s/s= -github.com/pquerna/cachecontrol v0.1.0/go.mod h1:NrUG3Z7Rdu85UNR3vm7SOsl1nFIeSiQnrHV5K9mBcUI= -github.com/prometheus/prometheus v0.49.2-0.20240125131847-c3b8ef1694ff/go.mod h1:FvE8dtQ1Ww63IlyKBn1V4s+zMwF9kHkVNkQBR1pM4CU= -github.com/puzpuzpuz/xsync/v3 v3.4.0/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA= -github.com/puzpuzpuz/xsync/v3 v3.5.1/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA= -github.com/quasilyte/go-ruleguard v0.3.19/go.mod h1:lHSn69Scl48I7Gt9cX3VrbsZYvYiBYszZOZW4A+oTEw= -github.com/quasilyte/gogrep v0.5.0/go.mod h1:Cm9lpz9NZjEoL1tgZ2OgeUKPIxL1meE7eo60Z6Sk+Ng= -github.com/quasilyte/regex/syntax v0.0.0-20210819130434-b3f0c404a727/go.mod h1:rlzQ04UMyJXu/aOvhd8qT+hvDrFpiwqp8MRXDY9szc0= -github.com/quasilyte/stdinfo v0.0.0-20220114132959-f7386bf02567/go.mod h1:DWNGW8A4Y+GyBgPuaQJuWiy0XYftx4Xm/y5Jqk9I6VQ= -github.com/quic-go/qpack v0.5.1/go.mod h1:+PC4XFrEskIVkcLzpEkbLqq1uCoxPhQuvK5rH1ZgaEg= -github.com/rabbitmq/amqp091-go v1.10.0/go.mod h1:Hy4jKW5kQART1u+JkDTF9YYOQUHXqMuhrgxOEeS7G4o= -github.com/rcrowley/go-metrics v0.0.0-20250401214520-65e299d6c5c9/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= -github.com/riywo/loginshell v0.0.0-20200815045211-7d26008be1ab/go.mod h1:/PfPXh0EntGc3QAAyUaviy4S9tzy4Zp0e2ilq4voC6E= -github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/russross/blackfriday v1.6.0 h1:KqfZb0pUVN2lYqZUYRddxF4OR8ZMURnJIG5Y3VRLtww= -github.com/russross/blackfriday v1.6.0/go.mod h1:ti0ldHuxg49ri4ksnFxlkCfN+hvslNlmVHqNRXXJNAY= -github.com/ryancurrah/gomodguard v1.3.0/go.mod h1:ggBxb3luypPEzqVtq33ee7YSN35V28XeGnid8dnni50= -github.com/ryanrolds/sqlclosecheck v0.4.0/go.mod h1:TBRRjzL31JONc9i4XMinicuo+s+E8yKZ5FN8X3G6CKQ= -github.com/safchain/ethtool v0.3.0/go.mod h1:SA9BwrgyAqNo7M+uaL6IYbxpm5wk3L7Mm6ocLW+CJUs= -github.com/sanposhiho/wastedassign/v2 v2.0.7/go.mod h1:KyZ0MWTwxxBmfwn33zh3k1dmsbF2ud9pAAGfoLfjhtI= -github.com/santhosh-tekuri/jsonschema/v5 v5.3.1/go.mod h1:uToXkOrWAZ6/Oc07xWQrPOhJotwFIyu2bBVN41fcDUY= -github.com/sashamelentyev/interfacebloat v1.1.0/go.mod h1:+Y9yU5YdTkrNvoX0xHc84dxiN1iBi9+G8zZIhPVoNjQ= -github.com/sashamelentyev/usestdlibvars v1.23.0/go.mod h1:YPwr/Y1LATzHI93CqoPUN/2BzGQ/6N/cl/KwgR0B/aU= -github.com/securego/gosec/v2 v2.15.0/go.mod h1:VOjTrZOkUtSDt2QLSJmQBMWnvwiQPEjg0l+5juIqGk8= -github.com/segmentio/kafka-go v0.4.42/go.mod h1:d0g15xPMqoUookug0OU75DhGZxXwCFxSLeJ4uphwJzg= -github.com/shazow/go-diff v0.0.0-20160112020656-b6b7b6733b8c/go.mod h1:/PevMnwAxekIXwN8qQyfc5gl2NlkB3CQlkizAbOkeBs= -github.com/shirou/gopsutil/v4 v4.25.3/go.mod h1:xbuxyoZj+UsgnZrENu3lQivsngRR5BdjbJwf2fv4szA= -github.com/sivchari/containedctx v1.0.3/go.mod h1:c1RDvCbnJLtH4lLcYD/GqwiBSSf4F5Qk0xld2rBqzJ4= -github.com/sivchari/nosnakecase v1.7.0/go.mod h1:CwDzrzPea40/GB6uynrNLiorAlgFRvRbFSgJx2Gs+QY= -github.com/sivchari/tenv v1.7.1/go.mod h1:64yStXKSOxDfX47NlhVwND4dHwfZDdbp2Lyl018Icvg= -github.com/skeema/knownhosts v1.2.1/go.mod h1:xYbVRSPxqBZFrdmDyMmsOs+uX1UZC3nTN3ThzgDxUwo= -github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M= -github.com/soheilhy/cmux v0.1.5/go.mod h1:T7TcVDs9LWfQgPlPsdngu6I6QIoyIFZDDC6sNE1GqG0= -github.com/sonatard/noctx v0.0.2/go.mod h1:kzFz+CzWSjQ2OzIm46uJZoXuBpa2+0y3T36U18dWqIo= -github.com/sourcegraph/go-diff v0.7.0/go.mod h1:iBszgVvyxdc8SFZ7gm69go2KDdt3ag071iBaWPF6cjs= -github.com/ssgreg/nlreturn/v2 v2.2.1/go.mod h1:E/iiPB78hV7Szg2YfRgyIrk1AD6JVMTRkkxBiELzh2I= -github.com/stbenjam/no-sprintf-host-port v0.1.1/go.mod h1:TLhvtIvONRzdmkFiio4O8LHsN9N74I+PhRquPsxpL0I= -github.com/stefanberger/go-pkcs11uri v0.0.0-20230803200340-78284954bff6/go.mod h1:39R/xuhNgVhi+K0/zst4TLrJrVmbm6LVgl4A0+ZFS5M= -github.com/stoewer/go-strcase v1.3.0/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= -github.com/studio-b12/gowebdav v0.9.0/go.mod h1:bHA7t77X/QFExdeAnDzK6vKM34kEZAcE1OX4MfiwjkE= -github.com/syncthing/notify v0.0.0-20250207082249-f0fa8f99c2bc/go.mod h1:J0q59IWjLtpRIJulohwqEZvjzwOfTEPp8SVhDJl+y0Y= -github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/t-yuki/gocover-cobertura v0.0.0-20180217150009-aaee18c8195c/go.mod h1:SbErYREK7xXdsRiigaQiQkI9McGRzYMvlKYaP3Nimdk= -github.com/tailscale/certstore v0.1.1-0.20231202035212-d3fa0460f47e/go.mod h1:XrBNfAFN+pwoWuksbFS9Ccxnopa15zJGgXRFN90l3K4= -github.com/tailscale/depaware v0.0.0-20210622194025-720c4b409502/go.mod h1:p9lPsd+cx33L3H9nNoecRRxPssFKUwwI50I3pZ0yT+8= -github.com/tailscale/go-winio v0.0.0-20231025203758-c4f33415bf55/go.mod h1:4k4QO+dQ3R5FofL+SanAUZe+/QfeK0+OIuwDIRu2vSg= -github.com/tailscale/goexpect v0.0.0-20210902213824-6e8c725cea41/go.mod h1:/roCdA6gg6lQyw/Oz6gIIGu3ggJKYhF+WC/AQReE5XQ= -github.com/tailscale/golang-x-crypto v0.0.0-20240604161659-3fde5e568aa4/go.mod h1:ikbF+YT089eInTp9f2vmvy4+ZVnW5hzX1q2WknxSprQ= -github.com/tailscale/goupnp v1.0.1-0.20210804011211-c64d0f06ea05/go.mod h1:PdCqy9JzfWMJf1H5UJW2ip33/d4YkoKN0r67yKH1mG8= -github.com/tailscale/hujson v0.0.0-20221223112325-20486734a56a/go.mod h1:DFSS3NAGHthKo1gTlmEcSBiZrRJXi28rLNd/1udP1c8= -github.com/tailscale/mkctr v0.0.0-20240628074852-17ca944da6ba/go.mod h1:DxnqIXBplij66U2ZkL688xy07q97qQ83P+TVueLiHq4= -github.com/tailscale/peercred v0.0.0-20240214030740-b535050b2aa4/go.mod h1:phI29ccmHQBc+wvroosENp1IF9195449VDnFDhJ4rJU= -github.com/tailscale/web-client-prebuilt v0.0.0-20240226180453-5db17b287bf1/go.mod h1:agQPE6y6ldqCOui2gkIh7ZMztTkIQKH049tv8siLuNQ= -github.com/tailscale/wf v0.0.0-20240214030419-6fbb0a674ee6/go.mod h1:ZXRML051h7o4OcI0d3AaILDIad/Xw0IkXaHM17dic1Y= -github.com/tailscale/wireguard-go v0.0.0-20240905161824-799c1978fafc/go.mod h1:BOm5fXUBFM+m9woLNBoxI9TaBXXhGNP50LX/TGIvGb4= -github.com/tailscale/xnet v0.0.0-20240729143630-8497ac4dab2e/go.mod h1:orPd6JZXXRyuDusYilywte7k094d7dycXXU5YnWsrwg= -github.com/tc-hib/winres v0.2.1/go.mod h1:C/JaNhH3KBvhNKVbvdlDWkbMDO9H4fKKDaN7/07SSuk= -github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k= -github.com/tcnksm/go-httpstat v0.2.0/go.mod h1:s3JVJFtQxtBEBC9dwcdTTXS9xFnM3SXAZwPG41aurT8= -github.com/tdakkota/asciicheck v0.2.0/go.mod h1:Qb7Y9EgjCLJGup51gDHFzbI08/gbGhL/UVhYIPWG2rg= -github.com/tetafro/godot v1.4.11/go.mod h1:LR3CJpxDVGlYOWn3ZZg1PgNZdTUvzsZWu8xaEohUpn8= -github.com/tidwall/btree v1.6.0/go.mod h1:twD9XRA5jj9VUQGELzDO4HPQTNJsoWWfYEL+EUQ2cKY= -github.com/tidwall/buntdb v1.3.0/go.mod h1:lZZrZUWzlyDJKlLQ6DKAy53LnG7m5kHyrEHvvcDmBpU= -github.com/tidwall/gjson v1.16.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk= -github.com/tidwall/grect v0.1.4/go.mod h1:9FBsaYRaR0Tcy4UwefBX/UDcDcDy9V5jUcxHzv2jd5Q= -github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM= -github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU= -github.com/tidwall/rtred v0.1.2/go.mod h1:hd69WNXQ5RP9vHd7dqekAz+RIdtfBogmglkZSRxCHFQ= -github.com/tidwall/tinyqueue v0.1.1/go.mod h1:O/QNHwrnjqr6IHItYrzoHAKYhBkLI67Q096fQP5zMYw= -github.com/timakin/bodyclose v0.0.0-20230421092635-574207250966/go.mod h1:27bSVNWSBOHm+qRp1T9qzaIpsWEP6TbUnei/43HK+PQ= -github.com/timonwong/loggercheck v0.9.4/go.mod h1:caz4zlPcgvpEkXgVnAJGowHAMW2NwHaNlpS8xDbVhTg= -github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75/go.mod h1:KO6IkyS8Y3j8OdNO85qEYBsRPuteD+YciPomcXdrMnk= -github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc/go.mod h1:bciPuU6GHm1iF1pBvUfxfsH0Wmnc2VbpgvbI9ZWuIRs= -github.com/tomarrell/wrapcheck/v2 v2.8.1/go.mod h1:/n2Q3NZ4XFT50ho6Hbxg+RV1uyo2Uow/Vdm9NQcl5SE= -github.com/tommy-muehle/go-mnd/v2 v2.5.1/go.mod h1:WsUAkMJMYww6l/ufffCD3m+P7LEvr8TnZn9lwVDlgzw= -github.com/toqueteos/webbrowser v1.2.0/go.mod h1:XWoZq4cyp9WeUeak7w7LXRUQf1F1ATJMir8RTqb4ayM= -github.com/twitchtv/twirp v8.1.3+incompatible/go.mod h1:RRJoFSAmTEh2weEqWtpPE3vFK5YBhA6bqp2l1kfCC5A= -github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= -github.com/u-root/u-root v0.12.0/go.mod h1:FYjTOh4IkIZHhjsd17lb8nYW6udgXdJhG1c0r6u0arI= -github.com/u-root/uio v0.0.0-20240118234441-a3c409a6018e/go.mod h1:eLL9Nub3yfAho7qB0MzZizFhTU2QkLeoVsWdHtDW264= -github.com/ugorji/go/codec v1.2.11/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= -github.com/ultraware/funlen v0.0.3/go.mod h1:Dp4UiAus7Wdb9KUZsYWZEWiRzGuM2kXM1lPbfaF6xhA= -github.com/ultraware/whitespace v0.0.5/go.mod h1:aVMh/gQve5Maj9hQ/hg+F75lr/X5A89uZnzAmWSineA= -github.com/uptrace/bun v1.1.17/go.mod h1:hATAzivtTIRsSJR4B8AXR+uABqnQxr3myKDKEf5iQ9U= -github.com/uptrace/bun/dialect/sqlitedialect v1.1.17/go.mod h1:YF0FO4VVnY9GHNH6rM4r3STlVEBxkOc6L88Bm5X5mzA= -github.com/urfave/cli v1.22.16/go.mod h1:EeJR6BKodywf4zciqrdw6hpCPk68JO9z5LazXZMn5Po= -github.com/urfave/negroni v1.0.0/go.mod h1:Meg73S6kFm/4PpbYdq35yYWoCZ9mS/YSx+lKnmiohz4= -github.com/uudashr/gocognit v1.0.6/go.mod h1:nAIUuVBnYU7pcninia3BHOvQkpQCeO76Uscky5BOwcY= -github.com/valkey-io/valkey-go v1.0.52/go.mod h1:BXlVAPIL9rFQinSFM+N32JfWzfCaUAqBpZkc4vPY6fM= -github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= -github.com/valyala/fasthttp v1.51.0/go.mod h1:oI2XroL+lI7vdXyYoQk03bXBThfFl2cVdIA3Xl7cH8g= -github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= -github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc= -github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk= -github.com/vektah/gqlparser/v2 v2.5.16/go.mod h1:1lz1OeCqgQbQepsGxPVywrjdBHW2T08PUS3pJqepRww= -github.com/veraison/go-cose v1.1.0/go.mod h1:7ziE85vSq4ScFTg6wyoMXjucIGOf4JkFEZi/an96Ct4= -github.com/vishvananda/netlink v1.3.0/go.mod h1:i6NetklAujEcC6fK0JPjT8qSwWyO0HLn4UKG+hGqeJs= -github.com/vmihailenco/bufpool v0.1.11/go.mod h1:AFf/MOy3l2CFTKbxwt0mp2MwnqjNEs5H/UxrkA5jxTQ= -github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok= -github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds= -github.com/willabides/kongplete v0.4.0/go.mod h1:0P0jtWD9aTsqPSUAl4de35DLghrr57XcayPyvqSi2X8= -github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw= -github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= -github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4= -github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM= -github.com/xhit/go-str2duration/v2 v2.1.0/go.mod h1:ohY8p+0f07DiV6Em5LKB0s2YpLtXVyJfNt1+BlmyAsU= -github.com/xiang90/probing v0.0.0-20221125231312-a49e3df8f510/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= -github.com/yagipy/maintidx v1.0.0/go.mod h1:0qNf/I/CCZXSMhsRsrEPDZ+DkekpKLXAJfsTACwgXLk= -github.com/yashtewari/glob-intersection v0.2.0/go.mod h1:LK7pIC3piUjovexikBbJ26Yml7g8xa5bsjfx2v1fwok= -github.com/yeya24/promlinter v0.2.0/go.mod h1:u54lkmBOZrpEbQQ6gox2zWKKLKu2SGe+2KOiextY+IA= -github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA= -github.com/yuin/gopher-lua v1.1.1/go.mod h1:GBR0iDaNXjAgGg9zfCvksxSRnQx76gclCIb7kdAd1Pw= -github.com/zenazn/goji v1.0.1/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q= -gitlab.com/bosi/decorder v0.2.3/go.mod h1:9K1RB5+VPNQYtXtTDAzd2OEftsZb1oV0IrJrzChSdGE= -gitlab.com/digitalxero/go-conventional-commit v1.0.7/go.mod h1:05Xc2BFsSyC5tKhK0y+P3bs0AwUtNuTp+mTpbCU/DZ0= -go.einride.tech/aip v0.66.0/go.mod h1:qAhMsfT7plxBX+Oy7Huol6YUvZ0ZzdUz26yZsQwfl1M= -go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I= -go.etcd.io/etcd/client/v2 v2.305.16/go.mod h1:h9YxWCzcdvZENbfzBTFCnoNumr2ax3F19sKMqHFmXHE= -go.etcd.io/etcd/pkg/v3 v3.5.16/go.mod h1:+lutCZHG5MBBFI/U4eYT5yL7sJfnexsoM20Y0t2uNuY= -go.etcd.io/etcd/raft/v3 v3.5.16/go.mod h1:P4UP14AxofMJ/54boWilabqqWoW9eLodl6I5GdGzazI= -go.etcd.io/etcd/server/v3 v3.5.16/go.mod h1:ynhyZZpdDp1Gq49jkUg5mfkDWZwXnn3eIqCqtJnrD/s= -go.mongodb.org/mongo-driver v1.12.1/go.mod h1:/rGBTebI3XYboVmgz+Wv3Bcbl3aD0QF9zl6kDDw18rQ= -go.mozilla.org/pkcs7 v0.0.0-20200128120323-432b2356ecb1/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk= -go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= -go.opentelemetry.io/collector v0.104.0 h1:R3zjM4O3K3+ttzsjPV75P80xalxRbwYTURlK0ys7uyo= -go.opentelemetry.io/collector v0.104.0/go.mod h1:Tm6F3na9ajnOm6I5goU9dURKxq1fSBK1yA94nvUix3k= -go.opentelemetry.io/collector/confmap v0.94.1/go.mod h1:pCT5UtcHaHVJ5BIILv1Z2VQyjZzmT9uTdBmC9+Z0AgA= -go.opentelemetry.io/collector/consumer v0.104.0/go.mod h1:60zcIb0W9GW0z9uJCv6NmjpSbCfBOeRUyrtEwqK6Hzo= -go.opentelemetry.io/collector/pdata/testdata v0.104.0/go.mod h1:3SnYKu8gLfxURJMWS/cFEUFs+jEKS6jvfqKXnOZsdkQ= -go.opentelemetry.io/collector/processor v0.104.0/go.mod h1:qU2/xCCYdvVORkN6aq0H/WUWkvo505VGYg2eOwPvaTg= -go.opentelemetry.io/contrib/detectors/gcp v1.34.0/go.mod h1:cV4BMFcscUR/ckqLkbfQmF0PRsq8w/lMGzdbCSveBHo= -go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.59.0/go.mod h1:ijPqXp5P6IRRByFVVg9DY8P5HkxkHE5ARIa+86aXPf4= -golang.org/x/arch v0.4.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= -golang.org/x/exp/typeparams v0.0.0-20240119083558-1b970713d09a/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= -golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E= -golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww= -golang.org/x/telemetry v0.0.0-20240521205824-bda55230c457/go.mod h1:pRgIJT+bRLFKnoM1ldnzKoxTIn14Yxz928LQRYYgIN0= -golang.org/x/tools v0.31.0/go.mod h1:naFTU+Cev749tSJRXJlna0T3WxKvb1kWEx15xA4SdmQ= -google.golang.org/genproto v0.0.0-20240325203815-454cdb8f5daa h1:ePqxpG3LVx+feAUOx8YmR5T7rc0rdzK8DyxM8cQ9zq0= -google.golang.org/genproto v0.0.0-20240325203815-454cdb8f5daa/go.mod h1:CnZenrTdRJb7jc+jOm0Rkywq+9wh0QC4U8tyiRbEPPM= -google.golang.org/genproto v0.0.0-20240924160255-9d4c2d233b61 h1:KipVMxePgXPFBzXOvpKbny3RVdVmJOD64R/Ob7GPWEs= -google.golang.org/genproto v0.0.0-20240924160255-9d4c2d233b61/go.mod h1:HiAZQz/G7n0EywFjmncAwsfnmFm2bjm7qPjwl8hyzjM= -google.golang.org/genproto/googleapis/bytestream v0.0.0-20250313205543-e70fdf4c4cb4/go.mod h1:WkJpQl6Ujj3ElX4qZaNm5t6cT95ffI4K+HKQ0+1NyMw= -google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.5.1/go.mod h1:5KF+wpkbTSbGcR9zteSqZV6fqFOWBl4Yde8En8MryZA= -gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= -gopkg.in/jinzhu/gorm.v1 v1.9.2/go.mod h1:56JJPUzbikvTVnoyP1nppSkbJ2L8sunqTBDY2fDrmFg= -gopkg.in/olivere/elastic.v3 v3.0.75/go.mod h1:yDEuSnrM51Pc8dM5ov7U8aI/ToR3PG0llA8aRv2qmw0= -gopkg.in/olivere/elastic.v5 v5.0.84/go.mod h1:LXF6q9XNBxpMqrcgax95C6xyARXWbbCXUrtTxrNrxJI= -gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= -gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI= -gorm.io/driver/mysql v1.0.1/go.mod h1:KtqSthtg55lFp3S5kUXqlGaelnWpKitn4k1xZTnoiPw= -gorm.io/driver/postgres v1.4.6/go.mod h1:UJChCNLFKeBqQRE+HrkFUbKbq9idPXmTOk2u4Wok8S4= -gorm.io/driver/sqlserver v1.4.2/go.mod h1:XHwBuB4Tlh7DqO0x7Ema8dmyWsQW7wi38VQOAFkrbXY= -gorm.io/gorm v1.25.3/go.mod h1:L4uxeKpfBml98NYqVqwAdmV1a2nBtAec/cf3fpucW/k= -honnef.co/go/tools v0.5.1/go.mod h1:e9irvo83WDG9/irijV44wr3tbhcFeRnfpVlRqVwpzMs= -howett.net/plist v1.0.0/go.mod h1:lqaXoTrLY4hg8tnEzNru53gicrbv7rrk+2xJA/7hw9g= -k8s.io/cloud-provider v0.32.2/go.mod h1:2s8TeAXhVezp5VISaTxM6vW3yDonOZXoN4Aryz1p1PQ= -k8s.io/code-generator v0.32.3/go.mod h1:+mbiYID5NLsBuqxjQTygKM/DAdKpAjvBzrJd64NU1G8= -k8s.io/component-helpers v0.32.3/go.mod h1:utTBXk8lhkJewBKNuNf32Xl3KT/0VV19DmiXU/SV4Ao= -k8s.io/controller-manager v0.32.2/go.mod h1:o5uo2tLCQhuoMt0RfKcQd0eqaNmSKOKiT+0YELCqXOk= -k8s.io/cri-api v0.27.1/go.mod h1:+Ts/AVYbIo04S86XbTD73UPp/DkTiYxtsFeOFEu32L0= -k8s.io/gengo/v2 v2.0.0-20240911193312-2b36238f13e9/go.mod h1:EJykeLsmFC60UQbYJezXkEsG2FLrt0GPNkU5iK5GWxU= -k8s.io/gengo/v2 v2.0.0-20250207200755-1244d31929d7/go.mod h1:EJykeLsmFC60UQbYJezXkEsG2FLrt0GPNkU5iK5GWxU= -k8s.io/kms v0.32.3/go.mod h1:Bk2evz/Yvk0oVrvm4MvZbgq8BD34Ksxs2SRHn4/UiOM= -k8s.io/kube-controller-manager v0.32.2/go.mod h1:x7998ZLC+2lYnoizUwvVtHVPuoLeb7BhQEneeiNyVOg= -k8s.io/kubelet v0.32.2/go.mod h1:cC1ms5RS+lu0ckVr6AviCQXHLSPKEBC3D5oaCBdTGkI= -k8s.io/kubernetes v1.32.2/go.mod h1:tiIKO63GcdPRBHW2WiUFm3C0eoLczl3f7qi56Dm1W8I= -k8s.io/metrics v0.32.3/go.mod h1:9R1Wk5cb+qJpCQon9h52mgkVCcFeYxcY+YkumfwHVCU= -mellium.im/sasl v0.3.1/go.mod h1:xm59PUYpZHhgQ9ZqoJ5QaCqzWMi8IeS49dhp6plPCzw= -mvdan.cc/gofumpt v0.5.0/go.mod h1:HBeVDtMKRZpXyxFciAirzdKklDlGu8aAy1wEbH5Y9js= -mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed/go.mod h1:Xkxe497xwlCKkIaQYRfC7CSLworTXY9RMqwhhCm+8Nc= -mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b/go.mod h1:2odslEg/xrtNQqCYg2/jCoyKnw3vv5biOc3JnIcYfL4= -mvdan.cc/unparam v0.0.0-20230312165513-e84e2d14e3b8/go.mod h1:Oh/d7dEtzsNHGOq1Cdv8aMm3KdKhVvPbRQcM8WFpBR8= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.1/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= -sigs.k8s.io/controller-tools v0.15.1-0.20240618033008-7824932b0cab/go.mod h1:egedX5jq2KrZ3A2zaOz3e2DSsh5BhFyyjvNcBRIQel8= -sigs.k8s.io/controller-tools v0.17.2/go.mod h1:4q5tZG2JniS5M5bkiXY2/potOiXyhoZVw/U48vLkXk0= -sigs.k8s.io/kustomize/kustomize/v5 v5.5.0/go.mod h1:AeFCmgCrXzmvjWWaeZCyBp6XzG1Y0w1svYus8GhJEOE= -software.sslmate.com/src/go-pkcs12 v0.4.0/go.mod h1:Qiz0EyvDRJjjxGyUQa2cCNZn/wMyzrRJ/qcDXOQazLI= -tags.cncf.io/container-device-interface v0.8.1/go.mod h1:Apb7N4VdILW0EVdEMRYXIDVRZfNJZ+kmEUss2kRRQ6Y= -tags.cncf.io/container-device-interface/specs-go v0.8.0/go.mod h1:BhJIkjjPh4qpys+qm4DAYtUyryaTDg9zris+AczXyws= +google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 h1:KAeGQVN3M9nD0/bQXnr/ClcEMJ968gUXJQ9pwfSynuQ= diff --git a/pkg/dns/coredns.go b/pkg/dns/coredns.go deleted file mode 100644 index 1d68fd4f..00000000 --- a/pkg/dns/coredns.go +++ /dev/null @@ -1,60 +0,0 @@ -package dns - -import ( - "bytes" - "text/template" -) - -type CoreFile struct { - Content []byte -} - -// Body Gets the Caddyfile contents -func (c *CoreFile) Body() []byte { - return c.Content -} - -// Path Gets the path to the origin file -func (c *CoreFile) Path() string { - return "CoreFile" -} - -// ServerType The type of server this input is intended for -func (c *CoreFile) ServerType() string { - return "dns" -} - -type CoreFileTmpl struct { - UpstreamDNS string - Nameservers string -} - -func BuildCoreFile(corefileTmpl CoreFileTmpl) (*CoreFile, error) { - tplText := ` -.:53 { - bind 127.0.0.1 - forward cluster.local {{ .UpstreamDNS }} - forward . {{ .Nameservers }} {{ .UpstreamDNS }} { - policy sequential - max_concurrent 1 - } - cache 30 - log - errors - reload -}` - - tpl, err := template.New("corefile").Parse(tplText) - if err != nil { - return nil, err - } - - data := bytes.NewBuffer(nil) - if err := tpl.Execute(data, corefileTmpl); err != nil { - return nil, err - } - - return &CoreFile{ - Content: data.Bytes(), - }, nil -} diff --git a/pkg/dns/dns_linux.go b/pkg/dns/dns_linux.go index 7bfc535f..7f9db4db 100644 --- a/pkg/dns/dns_linux.go +++ b/pkg/dns/dns_linux.go @@ -13,9 +13,6 @@ import ( "os/exec" "strings" - "github.com/coredns/caddy" - _ "github.com/coredns/coredns/core/dnsserver" - _ "github.com/coredns/coredns/core/plugin" "github.com/docker/docker/libnetwork/resolvconf" miekgdns "github.com/miekg/dns" "k8s.io/apimachinery/pkg/util/sets" @@ -31,24 +28,7 @@ func (c *Config) SetupDNS(ctx context.Context) error { config := c.Config tunName := c.TunName - // 1) setup dns by magicDNS - plog.G(ctx).Debugf("Use library to setup DNS...") - // https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables - if _, found := os.LookupEnv("GITHUB_ACTIONS"); !found { - err := c.UseLibraryDNS(tunName, config) - if err == nil { - plog.G(ctx).Debugf("Use library to setup DNS done") - return nil - } else if errors.Is(err, ErrorNotSupportSplitDNS) { - plog.G(ctx).Debugf("Library not support on current OS") - err = nil - } else { - plog.G(ctx).Errorf("Setup DNS by library failed: %v", err) - err = nil - } - } - - // 2) use systemctl or resolvectl to setup dns + // 1) use systemctl or resolvectl to setup dns plog.G(ctx).Debugf("Use systemd to setup DNS...") // TODO consider use https://wiki.debian.org/NetworkManager and nmcli to config DNS // try to solve: @@ -66,20 +46,30 @@ func (c *Config) SetupDNS(ctx context.Context) error { _, err := exec.LookPath(cmd) return err == nil } - var success bool plog.G(ctx).Debugf("Try to setup DNS by resolvectl or systemd-resolve...") if exists("resolvectl") { if setupDnsByCmdResolvectl(ctx, tunName, config) == nil { - success = true + return nil } } if exists("systemd-resolve") { if setupDNSbyCmdSystemdResolve(ctx, tunName, config) == nil { - success = true + return nil } } - if success { + + // 2) setup dns by magicDNS + plog.G(ctx).Debugf("Use library to setup DNS...") + err := c.UseLibraryDNS(tunName, config) + if err == nil { + plog.G(ctx).Debugf("Use library to setup DNS done") return nil + } else if errors.Is(err, ErrorNotSupportSplitDNS) { + plog.G(ctx).Debugf("Library not support on current OS") + err = nil + } else { + plog.G(ctx).Errorf("Setup DNS by library failed: %v", err) + err = nil } // 3) write dns info to file: /etc/resolv.conf @@ -164,32 +154,6 @@ func (c *Config) UseLibraryDNS(tunName string, clientConfig *miekgdns.ClientConf return c.OSConfigurator.SetDNS(config) } -func SetupLocalDNS(ctx context.Context, clientConfig *miekgdns.ClientConfig, existNameservers []string) error { - corefile, err := BuildCoreFile(CoreFileTmpl{ - UpstreamDNS: clientConfig.Servers[0], - Nameservers: strings.Join(existNameservers, " "), - }) - if err != nil { - return err - } - - plog.G(ctx).Debugf("Corefile content: %s", string(corefile.Body())) - - // Start your engines - instance, err := caddy.Start(corefile) - if err != nil { - return err - } - - // Twiddle your thumbs - go instance.Wait() - go func() { - <-ctx.Done() - instance.Stop() - }() - return nil -} - func (c *Config) CancelDNS() { c.removeHosts(sets.New[Entry]().Insert(c.Hosts...).UnsortedList()) if c.OSConfigurator != nil { diff --git a/pkg/dns/forwardserver.go b/pkg/dns/forward_server.go similarity index 100% rename from pkg/dns/forwardserver.go rename to pkg/dns/forward_server.go diff --git a/pkg/dns/forwardserver_test.go b/pkg/dns/forward_server_test.go similarity index 100% rename from pkg/dns/forwardserver_test.go rename to pkg/dns/forward_server_test.go diff --git a/pkg/handler/function_test.go b/pkg/handler/function_test.go index 2d09a65d..04b1e364 100644 --- a/pkg/handler/function_test.go +++ b/pkg/handler/function_test.go @@ -393,7 +393,7 @@ func udpClient(t *testing.T, ip string, port int) error { func udpServer(t *testing.T, port int) { // 创建监听 udpConn, err := net.ListenUDP("udp4", &net.UDPAddr{ - IP: net.IPv4(0, 0, 0, 0), + IP: net.ParseIP("127.0.0.1"), Port: port, }) if err != nil { diff --git a/vendor/cloud.google.com/go/auth/CHANGES.md b/vendor/cloud.google.com/go/auth/CHANGES.md deleted file mode 100644 index 500c34cf..00000000 --- a/vendor/cloud.google.com/go/auth/CHANGES.md +++ /dev/null @@ -1,396 +0,0 @@ -# Changelog - -## [0.15.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.14.1...auth/v0.15.0) (2025-02-19) - - -### Features - -* **auth:** Add hard-bound token request to compute token provider. ([#11588](https://github.com/googleapis/google-cloud-go/issues/11588)) ([0e608bb](https://github.com/googleapis/google-cloud-go/commit/0e608bb5ac3d694c8ad36ca4340071d3a2c78699)) - -## [0.14.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.14.0...auth/v0.14.1) (2025-01-24) - - -### Documentation - -* **auth:** Add warning about externally-provided credentials ([#11462](https://github.com/googleapis/google-cloud-go/issues/11462)) ([49fb6ff](https://github.com/googleapis/google-cloud-go/commit/49fb6ff4d754895f82c9c4d502fc7547d3b5a941)) - -## [0.14.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.13.0...auth/v0.14.0) (2025-01-08) - - -### Features - -* **auth:** Add universe domain support to idtoken ([#11059](https://github.com/googleapis/google-cloud-go/issues/11059)) ([72add7e](https://github.com/googleapis/google-cloud-go/commit/72add7e9f8f455af695e8ef79212a4bd3122fb3a)) - - -### Bug Fixes - -* **auth/oauth2adapt:** Update golang.org/x/net to v0.33.0 ([e9b0b69](https://github.com/googleapis/google-cloud-go/commit/e9b0b69644ea5b276cacff0a707e8a5e87efafc9)) -* **auth:** Fix copy of delegates in impersonate.NewIDTokenCredentials ([#11386](https://github.com/googleapis/google-cloud-go/issues/11386)) ([ff7ef8e](https://github.com/googleapis/google-cloud-go/commit/ff7ef8e7ade7171bce3e4f30ff10a2e9f6c27ca0)), refs [#11379](https://github.com/googleapis/google-cloud-go/issues/11379) -* **auth:** Update golang.org/x/net to v0.33.0 ([e9b0b69](https://github.com/googleapis/google-cloud-go/commit/e9b0b69644ea5b276cacff0a707e8a5e87efafc9)) - -## [0.13.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.12.1...auth/v0.13.0) (2024-12-13) - - -### Features - -* **auth:** Add logging support ([#11079](https://github.com/googleapis/google-cloud-go/issues/11079)) ([c80e31d](https://github.com/googleapis/google-cloud-go/commit/c80e31df5ecb33a810be3dfb9d9e27ac531aa91d)) -* **auth:** Pass logger from auth layer to metadata package ([#11288](https://github.com/googleapis/google-cloud-go/issues/11288)) ([b552efd](https://github.com/googleapis/google-cloud-go/commit/b552efd6ab34e5dfded18438e0fbfd925805614f)) - - -### Bug Fixes - -* **auth:** Check compute cred type before non-default flag for DP ([#11255](https://github.com/googleapis/google-cloud-go/issues/11255)) ([4347ca1](https://github.com/googleapis/google-cloud-go/commit/4347ca141892be8ae813399b4b437662a103bc90)) - -## [0.12.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.12.0...auth/v0.12.1) (2024-12-10) - - -### Bug Fixes - -* **auth:** Correct typo in link ([#11160](https://github.com/googleapis/google-cloud-go/issues/11160)) ([af6fb46](https://github.com/googleapis/google-cloud-go/commit/af6fb46d7cd694ddbe8c9d63bc4cdcd62b9fb2c1)) - -## [0.12.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.11.0...auth/v0.12.0) (2024-12-04) - - -### Features - -* **auth:** Add support for providing custom certificate URL ([#11006](https://github.com/googleapis/google-cloud-go/issues/11006)) ([ebf3657](https://github.com/googleapis/google-cloud-go/commit/ebf36579724afb375d3974cf1da38f703e3b7dbc)), refs [#11005](https://github.com/googleapis/google-cloud-go/issues/11005) - - -### Bug Fixes - -* **auth:** Ensure endpoints are present in Validator ([#11209](https://github.com/googleapis/google-cloud-go/issues/11209)) ([106cd53](https://github.com/googleapis/google-cloud-go/commit/106cd53309facaef1b8ea78376179f523f6912b9)), refs [#11006](https://github.com/googleapis/google-cloud-go/issues/11006) [#11190](https://github.com/googleapis/google-cloud-go/issues/11190) [#11189](https://github.com/googleapis/google-cloud-go/issues/11189) [#11188](https://github.com/googleapis/google-cloud-go/issues/11188) - -## [0.11.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.10.2...auth/v0.11.0) (2024-11-21) - - -### Features - -* **auth:** Add universe domain support to mTLS ([#11159](https://github.com/googleapis/google-cloud-go/issues/11159)) ([117748b](https://github.com/googleapis/google-cloud-go/commit/117748ba1cfd4ae62a6a4feb7e30951cb2bc9344)) - -## [0.10.2](https://github.com/googleapis/google-cloud-go/compare/auth/v0.10.1...auth/v0.10.2) (2024-11-12) - - -### Bug Fixes - -* **auth:** Restore use of grpc.Dial ([#11118](https://github.com/googleapis/google-cloud-go/issues/11118)) ([2456b94](https://github.com/googleapis/google-cloud-go/commit/2456b943b7b8aaabd4d8bfb7572c0f477ae0db45)), refs [#7556](https://github.com/googleapis/google-cloud-go/issues/7556) - -## [0.10.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.10.0...auth/v0.10.1) (2024-11-06) - - -### Bug Fixes - -* **auth:** Restore Application Default Credentials support to idtoken ([#11083](https://github.com/googleapis/google-cloud-go/issues/11083)) ([8771f2e](https://github.com/googleapis/google-cloud-go/commit/8771f2ea9807ab822083808e0678392edff3b4f2)) -* **auth:** Skip impersonate universe domain check if empty ([#11086](https://github.com/googleapis/google-cloud-go/issues/11086)) ([87159c1](https://github.com/googleapis/google-cloud-go/commit/87159c1059d4a18d1367ce62746a838a94964ab6)) - -## [0.10.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.9...auth/v0.10.0) (2024-10-30) - - -### Features - -* **auth:** Add universe domain support to credentials/impersonate ([#10953](https://github.com/googleapis/google-cloud-go/issues/10953)) ([e06cb64](https://github.com/googleapis/google-cloud-go/commit/e06cb6499f7eda3aef08ab18ff197016f667684b)) - -## [0.9.9](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.8...auth/v0.9.9) (2024-10-22) - - -### Bug Fixes - -* **auth:** Fallback cert lookups for missing files ([#11013](https://github.com/googleapis/google-cloud-go/issues/11013)) ([bd76695](https://github.com/googleapis/google-cloud-go/commit/bd766957ec238b7c40ddbabb369e612dc9b07313)), refs [#10844](https://github.com/googleapis/google-cloud-go/issues/10844) -* **auth:** Replace MDS endpoint universe_domain with universe-domain ([#11000](https://github.com/googleapis/google-cloud-go/issues/11000)) ([6a1586f](https://github.com/googleapis/google-cloud-go/commit/6a1586f2ce9974684affaea84e7b629313b4d114)) - -## [0.9.8](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.7...auth/v0.9.8) (2024-10-09) - - -### Bug Fixes - -* **auth:** Restore OpenTelemetry handling in transports ([#10968](https://github.com/googleapis/google-cloud-go/issues/10968)) ([08c6d04](https://github.com/googleapis/google-cloud-go/commit/08c6d04901c1a20e219b2d86df41dbaa6d7d7b55)), refs [#10962](https://github.com/googleapis/google-cloud-go/issues/10962) -* **auth:** Try talk to plaintext S2A if credentials can not be found for mTLS-S2A ([#10941](https://github.com/googleapis/google-cloud-go/issues/10941)) ([0f0bf2d](https://github.com/googleapis/google-cloud-go/commit/0f0bf2d18c97dd8b65bcf0099f0802b5631c6287)) - -## [0.9.7](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.6...auth/v0.9.7) (2024-10-01) - - -### Bug Fixes - -* **auth:** Restore support for non-default service accounts for DirectPath ([#10937](https://github.com/googleapis/google-cloud-go/issues/10937)) ([a38650e](https://github.com/googleapis/google-cloud-go/commit/a38650edbf420223077498cafa537aec74b37aad)), refs [#10907](https://github.com/googleapis/google-cloud-go/issues/10907) - -## [0.9.6](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.5...auth/v0.9.6) (2024-09-30) - - -### Bug Fixes - -* **auth:** Make aws credentials provider retrieve fresh credentials ([#10920](https://github.com/googleapis/google-cloud-go/issues/10920)) ([250fbf8](https://github.com/googleapis/google-cloud-go/commit/250fbf87d858d865e399a241b7e537c4ff0c3dd8)) - -## [0.9.5](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.4...auth/v0.9.5) (2024-09-25) - - -### Bug Fixes - -* **auth:** Restore support for GOOGLE_CLOUD_UNIVERSE_DOMAIN env ([#10915](https://github.com/googleapis/google-cloud-go/issues/10915)) ([94caaaa](https://github.com/googleapis/google-cloud-go/commit/94caaaa061362d0e00ef6214afcc8a0a3e7ebfb2)) -* **auth:** Skip directpath credentials overwrite when it's not on GCE ([#10833](https://github.com/googleapis/google-cloud-go/issues/10833)) ([7e5e8d1](https://github.com/googleapis/google-cloud-go/commit/7e5e8d10b761b0a6e43e19a028528db361bc07b1)) -* **auth:** Use new context for non-blocking token refresh ([#10919](https://github.com/googleapis/google-cloud-go/issues/10919)) ([cf7102d](https://github.com/googleapis/google-cloud-go/commit/cf7102d33a21be1e5a9d47a49456b3a57c43b350)) - -## [0.9.4](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.3...auth/v0.9.4) (2024-09-11) - - -### Bug Fixes - -* **auth:** Enable self-signed JWT for non-GDU universe domain ([#10831](https://github.com/googleapis/google-cloud-go/issues/10831)) ([f9869f7](https://github.com/googleapis/google-cloud-go/commit/f9869f7903cfd34d1b97c25d0dc5669d2c5138e6)) - -## [0.9.3](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.2...auth/v0.9.3) (2024-09-03) - - -### Bug Fixes - -* **auth:** Choose quota project envvar over file when both present ([#10807](https://github.com/googleapis/google-cloud-go/issues/10807)) ([2d8dd77](https://github.com/googleapis/google-cloud-go/commit/2d8dd7700eff92d4b95027be55e26e1e7aa79181)), refs [#10804](https://github.com/googleapis/google-cloud-go/issues/10804) - -## [0.9.2](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.1...auth/v0.9.2) (2024-08-30) - - -### Bug Fixes - -* **auth:** Handle non-Transport DefaultTransport ([#10733](https://github.com/googleapis/google-cloud-go/issues/10733)) ([98d91dc](https://github.com/googleapis/google-cloud-go/commit/98d91dc8316b247498fab41ab35e57a0446fe556)), refs [#10742](https://github.com/googleapis/google-cloud-go/issues/10742) -* **auth:** Make sure quota option takes precedence over env/file ([#10797](https://github.com/googleapis/google-cloud-go/issues/10797)) ([f1b050d](https://github.com/googleapis/google-cloud-go/commit/f1b050d56d804b245cab048c2980d32b0eaceb4e)), refs [#10795](https://github.com/googleapis/google-cloud-go/issues/10795) - - -### Documentation - -* **auth:** Fix Go doc comment link ([#10751](https://github.com/googleapis/google-cloud-go/issues/10751)) ([015acfa](https://github.com/googleapis/google-cloud-go/commit/015acfab4d172650928bb1119bc2cd6307b9a437)) - -## [0.9.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.9.0...auth/v0.9.1) (2024-08-22) - - -### Bug Fixes - -* **auth:** Setting expireEarly to default when the value is 0 ([#10732](https://github.com/googleapis/google-cloud-go/issues/10732)) ([5e67869](https://github.com/googleapis/google-cloud-go/commit/5e67869a31e9e8ecb4eeebd2cfa11a761c3b1948)) - -## [0.9.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.8.1...auth/v0.9.0) (2024-08-16) - - -### Features - -* **auth:** Auth library can talk to S2A over mTLS ([#10634](https://github.com/googleapis/google-cloud-go/issues/10634)) ([5250a13](https://github.com/googleapis/google-cloud-go/commit/5250a13ec95b8d4eefbe0158f82857ff2189cb45)) - -## [0.8.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.8.0...auth/v0.8.1) (2024-08-13) - - -### Bug Fixes - -* **auth:** Make default client creation more lenient ([#10669](https://github.com/googleapis/google-cloud-go/issues/10669)) ([1afb9ee](https://github.com/googleapis/google-cloud-go/commit/1afb9ee1ee9de9810722800018133304a0ca34d1)), refs [#10638](https://github.com/googleapis/google-cloud-go/issues/10638) - -## [0.8.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.7.3...auth/v0.8.0) (2024-08-07) - - -### Features - -* **auth:** Adds support for X509 workload identity federation ([#10373](https://github.com/googleapis/google-cloud-go/issues/10373)) ([5d07505](https://github.com/googleapis/google-cloud-go/commit/5d075056cbe27bb1da4072a26070c41f8999eb9b)) - -## [0.7.3](https://github.com/googleapis/google-cloud-go/compare/auth/v0.7.2...auth/v0.7.3) (2024-08-01) - - -### Bug Fixes - -* **auth/oauth2adapt:** Update dependencies ([257c40b](https://github.com/googleapis/google-cloud-go/commit/257c40bd6d7e59730017cf32bda8823d7a232758)) -* **auth:** Disable automatic universe domain check for MDS ([#10620](https://github.com/googleapis/google-cloud-go/issues/10620)) ([7cea5ed](https://github.com/googleapis/google-cloud-go/commit/7cea5edd5a0c1e6bca558696f5607879141910e8)) -* **auth:** Update dependencies ([257c40b](https://github.com/googleapis/google-cloud-go/commit/257c40bd6d7e59730017cf32bda8823d7a232758)) - -## [0.7.2](https://github.com/googleapis/google-cloud-go/compare/auth/v0.7.1...auth/v0.7.2) (2024-07-22) - - -### Bug Fixes - -* **auth:** Use default client for universe metadata lookup ([#10551](https://github.com/googleapis/google-cloud-go/issues/10551)) ([d9046fd](https://github.com/googleapis/google-cloud-go/commit/d9046fdd1435d1ce48f374806c1def4cb5ac6cd3)), refs [#10544](https://github.com/googleapis/google-cloud-go/issues/10544) - -## [0.7.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.7.0...auth/v0.7.1) (2024-07-10) - - -### Bug Fixes - -* **auth:** Bump google.golang.org/grpc@v1.64.1 ([8ecc4e9](https://github.com/googleapis/google-cloud-go/commit/8ecc4e9622e5bbe9b90384d5848ab816027226c5)) - -## [0.7.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.6.1...auth/v0.7.0) (2024-07-09) - - -### Features - -* **auth:** Add workload X509 cert provider as a default cert provider ([#10479](https://github.com/googleapis/google-cloud-go/issues/10479)) ([c51ee6c](https://github.com/googleapis/google-cloud-go/commit/c51ee6cf65ce05b4d501083e49d468c75ac1ea63)) - - -### Bug Fixes - -* **auth/oauth2adapt:** Bump google.golang.org/api@v0.187.0 ([8fa9e39](https://github.com/googleapis/google-cloud-go/commit/8fa9e398e512fd8533fd49060371e61b5725a85b)) -* **auth:** Bump google.golang.org/api@v0.187.0 ([8fa9e39](https://github.com/googleapis/google-cloud-go/commit/8fa9e398e512fd8533fd49060371e61b5725a85b)) -* **auth:** Check len of slices, not non-nil ([#10483](https://github.com/googleapis/google-cloud-go/issues/10483)) ([0a966a1](https://github.com/googleapis/google-cloud-go/commit/0a966a183e5f0e811977216d736d875b7233e942)) - -## [0.6.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.6.0...auth/v0.6.1) (2024-07-01) - - -### Bug Fixes - -* **auth:** Support gRPC API keys ([#10460](https://github.com/googleapis/google-cloud-go/issues/10460)) ([daa6646](https://github.com/googleapis/google-cloud-go/commit/daa6646d2af5d7fb5b30489f4934c7db89868c7c)) -* **auth:** Update http and grpc transports to support token exchange over mTLS ([#10397](https://github.com/googleapis/google-cloud-go/issues/10397)) ([c6dfdcf](https://github.com/googleapis/google-cloud-go/commit/c6dfdcf893c3f971eba15026c12db0a960ae81f2)) - -## [0.6.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.5.2...auth/v0.6.0) (2024-06-25) - - -### Features - -* **auth:** Add non-blocking token refresh for compute MDS ([#10263](https://github.com/googleapis/google-cloud-go/issues/10263)) ([9ac350d](https://github.com/googleapis/google-cloud-go/commit/9ac350da11a49b8e2174d3fc5b1a5070fec78b4e)) - - -### Bug Fixes - -* **auth:** Return error if envvar detected file returns an error ([#10431](https://github.com/googleapis/google-cloud-go/issues/10431)) ([e52b9a7](https://github.com/googleapis/google-cloud-go/commit/e52b9a7c45468827f5d220ab00965191faeb9d05)) - -## [0.5.2](https://github.com/googleapis/google-cloud-go/compare/auth/v0.5.1...auth/v0.5.2) (2024-06-24) - - -### Bug Fixes - -* **auth:** Fetch initial token when CachedTokenProviderOptions.DisableAutoRefresh is true ([#10415](https://github.com/googleapis/google-cloud-go/issues/10415)) ([3266763](https://github.com/googleapis/google-cloud-go/commit/32667635ca2efad05cd8c087c004ca07d7406913)), refs [#10414](https://github.com/googleapis/google-cloud-go/issues/10414) - -## [0.5.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.5.0...auth/v0.5.1) (2024-05-31) - - -### Bug Fixes - -* **auth:** Pass through client to 2LO and 3LO flows ([#10290](https://github.com/googleapis/google-cloud-go/issues/10290)) ([685784e](https://github.com/googleapis/google-cloud-go/commit/685784ea84358c15e9214bdecb307d37aa3b6d2f)) - -## [0.5.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.4.2...auth/v0.5.0) (2024-05-28) - - -### Features - -* **auth:** Adds X509 workload certificate provider ([#10233](https://github.com/googleapis/google-cloud-go/issues/10233)) ([17a9db7](https://github.com/googleapis/google-cloud-go/commit/17a9db73af35e3d1a7a25ac4fd1377a103de6150)) - -## [0.4.2](https://github.com/googleapis/google-cloud-go/compare/auth/v0.4.1...auth/v0.4.2) (2024-05-16) - - -### Bug Fixes - -* **auth:** Enable client certificates by default only for GDU ([#10151](https://github.com/googleapis/google-cloud-go/issues/10151)) ([7c52978](https://github.com/googleapis/google-cloud-go/commit/7c529786275a39b7e00525f7d5e7be0d963e9e15)) -* **auth:** Handle non-Transport DefaultTransport ([#10162](https://github.com/googleapis/google-cloud-go/issues/10162)) ([fa3bfdb](https://github.com/googleapis/google-cloud-go/commit/fa3bfdb23aaa45b34394a8b61e753b3587506782)), refs [#10159](https://github.com/googleapis/google-cloud-go/issues/10159) -* **auth:** Have refresh time match docs ([#10147](https://github.com/googleapis/google-cloud-go/issues/10147)) ([bcb5568](https://github.com/googleapis/google-cloud-go/commit/bcb5568c07a54dd3d2e869d15f502b0741a609e8)) -* **auth:** Update compute token fetching error with named prefix ([#10180](https://github.com/googleapis/google-cloud-go/issues/10180)) ([4573504](https://github.com/googleapis/google-cloud-go/commit/4573504828d2928bebedc875d87650ba227829ea)) - -## [0.4.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.4.0...auth/v0.4.1) (2024-05-09) - - -### Bug Fixes - -* **auth:** Don't try to detect default creds it opt configured ([#10143](https://github.com/googleapis/google-cloud-go/issues/10143)) ([804632e](https://github.com/googleapis/google-cloud-go/commit/804632e7c5b0b85ff522f7951114485e256eb5bc)) - -## [0.4.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.3.0...auth/v0.4.0) (2024-05-07) - - -### Features - -* **auth:** Enable client certificates by default ([#10102](https://github.com/googleapis/google-cloud-go/issues/10102)) ([9013e52](https://github.com/googleapis/google-cloud-go/commit/9013e5200a6ec0f178ed91acb255481ffb073a2c)) - - -### Bug Fixes - -* **auth:** Get s2a logic up to date ([#10093](https://github.com/googleapis/google-cloud-go/issues/10093)) ([4fe9ae4](https://github.com/googleapis/google-cloud-go/commit/4fe9ae4b7101af2a5221d6d6b2e77b479305bb06)) - -## [0.3.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.2.2...auth/v0.3.0) (2024-04-23) - - -### Features - -* **auth/httptransport:** Add ability to customize transport ([#10023](https://github.com/googleapis/google-cloud-go/issues/10023)) ([72c7f6b](https://github.com/googleapis/google-cloud-go/commit/72c7f6bbec3136cc7a62788fc7186bc33ef6c3b3)), refs [#9812](https://github.com/googleapis/google-cloud-go/issues/9812) [#9814](https://github.com/googleapis/google-cloud-go/issues/9814) - - -### Bug Fixes - -* **auth/credentials:** Error on bad file name if explicitly set ([#10018](https://github.com/googleapis/google-cloud-go/issues/10018)) ([55beaa9](https://github.com/googleapis/google-cloud-go/commit/55beaa993aaf052d8be39766afc6777c3c2a0bdd)), refs [#9809](https://github.com/googleapis/google-cloud-go/issues/9809) - -## [0.2.2](https://github.com/googleapis/google-cloud-go/compare/auth/v0.2.1...auth/v0.2.2) (2024-04-19) - - -### Bug Fixes - -* **auth:** Add internal opt to skip validation on transports ([#9999](https://github.com/googleapis/google-cloud-go/issues/9999)) ([9e20ef8](https://github.com/googleapis/google-cloud-go/commit/9e20ef89f6287d6bd03b8697d5898dc43b4a77cf)), refs [#9823](https://github.com/googleapis/google-cloud-go/issues/9823) -* **auth:** Set secure flag for gRPC conn pools ([#10002](https://github.com/googleapis/google-cloud-go/issues/10002)) ([14e3956](https://github.com/googleapis/google-cloud-go/commit/14e3956dfd736399731b5ee8d9b178ae085cf7ba)), refs [#9833](https://github.com/googleapis/google-cloud-go/issues/9833) - -## [0.2.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.2.0...auth/v0.2.1) (2024-04-18) - - -### Bug Fixes - -* **auth:** Default gRPC token type to Bearer if not set ([#9800](https://github.com/googleapis/google-cloud-go/issues/9800)) ([5284066](https://github.com/googleapis/google-cloud-go/commit/5284066670b6fe65d79089cfe0199c9660f87fc7)) - -## [0.2.0](https://github.com/googleapis/google-cloud-go/compare/auth/v0.1.1...auth/v0.2.0) (2024-04-15) - -### Breaking Changes - -In the below mentioned commits there were a few large breaking changes since the -last release of the module. - -1. The `Credentials` type has been moved to the root of the module as it is - becoming the core abstraction for the whole module. -2. Because of the above mentioned change many functions that previously - returned a `TokenProvider` now return `Credentials`. Similarly, these - functions have been renamed to be more specific. -3. Most places that used to take an optional `TokenProvider` now accept - `Credentials`. You can make a `Credentials` from a `TokenProvider` using the - constructor found in the `auth` package. -4. The `detect` package has been renamed to `credentials`. With this change some - function signatures were also updated for better readability. -5. Derivative auth flows like `impersonate` and `downscope` have been moved to - be under the new `credentials` package. - -Although these changes are disruptive we think that they are for the best of the -long-term health of the module. We do not expect any more large breaking changes -like these in future revisions, even before 1.0.0. This version will be the -first version of the auth library that our client libraries start to use and -depend on. - -### Features - -* **auth/credentials/externalaccount:** Add default TokenURL ([#9700](https://github.com/googleapis/google-cloud-go/issues/9700)) ([81830e6](https://github.com/googleapis/google-cloud-go/commit/81830e6848ceefd055aa4d08f933d1154455a0f6)) -* **auth:** Add downscope.Options.UniverseDomain ([#9634](https://github.com/googleapis/google-cloud-go/issues/9634)) ([52cf7d7](https://github.com/googleapis/google-cloud-go/commit/52cf7d780853594291c4e34302d618299d1f5a1d)) -* **auth:** Add universe domain to grpctransport and httptransport ([#9663](https://github.com/googleapis/google-cloud-go/issues/9663)) ([67d353b](https://github.com/googleapis/google-cloud-go/commit/67d353beefe3b607c08c891876fbd95ab89e5fe3)), refs [#9670](https://github.com/googleapis/google-cloud-go/issues/9670) -* **auth:** Add UniverseDomain to DetectOptions ([#9536](https://github.com/googleapis/google-cloud-go/issues/9536)) ([3618d3f](https://github.com/googleapis/google-cloud-go/commit/3618d3f7061615c0e189f376c75abc201203b501)) -* **auth:** Make package externalaccount public ([#9633](https://github.com/googleapis/google-cloud-go/issues/9633)) ([a0978d8](https://github.com/googleapis/google-cloud-go/commit/a0978d8e96968399940ebd7d092539772bf9caac)) -* **auth:** Move credentials to base auth package ([#9590](https://github.com/googleapis/google-cloud-go/issues/9590)) ([1a04baf](https://github.com/googleapis/google-cloud-go/commit/1a04bafa83c27342b9308d785645e1e5423ea10d)) -* **auth:** Refactor public sigs to use Credentials ([#9603](https://github.com/googleapis/google-cloud-go/issues/9603)) ([69cb240](https://github.com/googleapis/google-cloud-go/commit/69cb240c530b1f7173a9af2555c19e9a1beb56c5)) - - -### Bug Fixes - -* **auth/oauth2adapt:** Update protobuf dep to v1.33.0 ([30b038d](https://github.com/googleapis/google-cloud-go/commit/30b038d8cac0b8cd5dd4761c87f3f298760dd33a)) -* **auth:** Fix uint32 conversion ([9221c7f](https://github.com/googleapis/google-cloud-go/commit/9221c7fa12cef9d5fb7ddc92f41f1d6204971c7b)) -* **auth:** Port sts expires fix ([#9618](https://github.com/googleapis/google-cloud-go/issues/9618)) ([7bec97b](https://github.com/googleapis/google-cloud-go/commit/7bec97b2f51ed3ac4f9b88bf100d301da3f5d1bd)) -* **auth:** Read universe_domain from all credentials files ([#9632](https://github.com/googleapis/google-cloud-go/issues/9632)) ([16efbb5](https://github.com/googleapis/google-cloud-go/commit/16efbb52e39ea4a319e5ee1e95c0e0305b6d9824)) -* **auth:** Remove content-type header from idms get requests ([#9508](https://github.com/googleapis/google-cloud-go/issues/9508)) ([8589f41](https://github.com/googleapis/google-cloud-go/commit/8589f41599d265d7c3d46a3d86c9fab2329cbdd9)) -* **auth:** Update protobuf dep to v1.33.0 ([30b038d](https://github.com/googleapis/google-cloud-go/commit/30b038d8cac0b8cd5dd4761c87f3f298760dd33a)) - -## [0.1.1](https://github.com/googleapis/google-cloud-go/compare/auth/v0.1.0...auth/v0.1.1) (2024-03-10) - - -### Bug Fixes - -* **auth/impersonate:** Properly send default detect params ([#9529](https://github.com/googleapis/google-cloud-go/issues/9529)) ([5b6b8be](https://github.com/googleapis/google-cloud-go/commit/5b6b8bef577f82707e51f5cc5d258d5bdf90218f)), refs [#9136](https://github.com/googleapis/google-cloud-go/issues/9136) -* **auth:** Update grpc-go to v1.56.3 ([343cea8](https://github.com/googleapis/google-cloud-go/commit/343cea8c43b1e31ae21ad50ad31d3b0b60143f8c)) -* **auth:** Update grpc-go to v1.59.0 ([81a97b0](https://github.com/googleapis/google-cloud-go/commit/81a97b06cb28b25432e4ece595c55a9857e960b7)) - -## 0.1.0 (2023-10-18) - - -### Features - -* **auth:** Add base auth package ([#8465](https://github.com/googleapis/google-cloud-go/issues/8465)) ([6a45f26](https://github.com/googleapis/google-cloud-go/commit/6a45f26b809b64edae21f312c18d4205f96b180e)) -* **auth:** Add cert support to httptransport ([#8569](https://github.com/googleapis/google-cloud-go/issues/8569)) ([37e3435](https://github.com/googleapis/google-cloud-go/commit/37e3435f8e98595eafab481bdfcb31a4c56fa993)) -* **auth:** Add Credentials.UniverseDomain() ([#8654](https://github.com/googleapis/google-cloud-go/issues/8654)) ([af0aa1e](https://github.com/googleapis/google-cloud-go/commit/af0aa1ed8015bc8fe0dd87a7549ae029107cbdb8)) -* **auth:** Add detect package ([#8491](https://github.com/googleapis/google-cloud-go/issues/8491)) ([d977419](https://github.com/googleapis/google-cloud-go/commit/d977419a3269f6acc193df77a2136a6eb4b4add7)) -* **auth:** Add downscope package ([#8532](https://github.com/googleapis/google-cloud-go/issues/8532)) ([dda9bff](https://github.com/googleapis/google-cloud-go/commit/dda9bff8ec70e6d104901b4105d13dcaa4e2404c)) -* **auth:** Add grpctransport package ([#8625](https://github.com/googleapis/google-cloud-go/issues/8625)) ([69a8347](https://github.com/googleapis/google-cloud-go/commit/69a83470bdcc7ed10c6c36d1abc3b7cfdb8a0ee5)) -* **auth:** Add httptransport package ([#8567](https://github.com/googleapis/google-cloud-go/issues/8567)) ([6898597](https://github.com/googleapis/google-cloud-go/commit/6898597d2ea95d630fcd00fd15c58c75ea843bff)) -* **auth:** Add idtoken package ([#8580](https://github.com/googleapis/google-cloud-go/issues/8580)) ([a79e693](https://github.com/googleapis/google-cloud-go/commit/a79e693e97e4e3e1c6742099af3dbc58866d88fe)) -* **auth:** Add impersonate package ([#8578](https://github.com/googleapis/google-cloud-go/issues/8578)) ([e29ba0c](https://github.com/googleapis/google-cloud-go/commit/e29ba0cb7bd3888ab9e808087027dc5a32474c04)) -* **auth:** Add support for external accounts in detect ([#8508](https://github.com/googleapis/google-cloud-go/issues/8508)) ([62210d5](https://github.com/googleapis/google-cloud-go/commit/62210d5d3e56e8e9f35db8e6ac0defec19582507)) -* **auth:** Port external account changes ([#8697](https://github.com/googleapis/google-cloud-go/issues/8697)) ([5823db5](https://github.com/googleapis/google-cloud-go/commit/5823db5d633069999b58b9131a7f9cd77e82c899)) - - -### Bug Fixes - -* **auth/oauth2adapt:** Update golang.org/x/net to v0.17.0 ([174da47](https://github.com/googleapis/google-cloud-go/commit/174da47254fefb12921bbfc65b7829a453af6f5d)) -* **auth:** Update golang.org/x/net to v0.17.0 ([174da47](https://github.com/googleapis/google-cloud-go/commit/174da47254fefb12921bbfc65b7829a453af6f5d)) diff --git a/vendor/cloud.google.com/go/auth/LICENSE b/vendor/cloud.google.com/go/auth/LICENSE deleted file mode 100644 index d6456956..00000000 --- a/vendor/cloud.google.com/go/auth/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/cloud.google.com/go/auth/README.md b/vendor/cloud.google.com/go/auth/README.md deleted file mode 100644 index 6fe4f076..00000000 --- a/vendor/cloud.google.com/go/auth/README.md +++ /dev/null @@ -1,40 +0,0 @@ -# Google Auth Library for Go - -[![Go Reference](https://pkg.go.dev/badge/cloud.google.com/go/auth.svg)](https://pkg.go.dev/cloud.google.com/go/auth) - -## Install - -``` bash -go get cloud.google.com/go/auth@latest -``` - -## Usage - -The most common way this library is used is transitively, by default, from any -of our Go client libraries. - -### Notable use-cases - -- To create a credential directly please see examples in the - [credentials](https://pkg.go.dev/cloud.google.com/go/auth/credentials) - package. -- To create a authenticated HTTP client please see examples in the - [httptransport](https://pkg.go.dev/cloud.google.com/go/auth/httptransport) - package. -- To create a authenticated gRPC connection please see examples in the - [grpctransport](https://pkg.go.dev/cloud.google.com/go/auth/grpctransport) - package. -- To create an ID token please see examples in the - [idtoken](https://pkg.go.dev/cloud.google.com/go/auth/credentials/idtoken) - package. - -## Contributing - -Contributions are welcome. Please, see the -[CONTRIBUTING](https://github.com/GoogleCloudPlatform/google-cloud-go/blob/main/CONTRIBUTING.md) -document for details. - -Please note that this project is released with a Contributor Code of Conduct. -By participating in this project you agree to abide by its terms. -See [Contributor Code of Conduct](https://github.com/GoogleCloudPlatform/google-cloud-go/blob/main/CONTRIBUTING.md#contributor-code-of-conduct) -for more information. diff --git a/vendor/cloud.google.com/go/auth/auth.go b/vendor/cloud.google.com/go/auth/auth.go deleted file mode 100644 index cd5e9886..00000000 --- a/vendor/cloud.google.com/go/auth/auth.go +++ /dev/null @@ -1,618 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package auth provides utilities for managing Google Cloud credentials, -// including functionality for creating, caching, and refreshing OAuth2 tokens. -// It offers customizable options for different OAuth2 flows, such as 2-legged -// (2LO) and 3-legged (3LO) OAuth, along with support for PKCE and automatic -// token management. -package auth - -import ( - "context" - "encoding/json" - "errors" - "fmt" - "log/slog" - "net/http" - "net/url" - "strings" - "sync" - "time" - - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/jwt" - "github.com/googleapis/gax-go/v2/internallog" -) - -const ( - // Parameter keys for AuthCodeURL method to support PKCE. - codeChallengeKey = "code_challenge" - codeChallengeMethodKey = "code_challenge_method" - - // Parameter key for Exchange method to support PKCE. - codeVerifierKey = "code_verifier" - - // 3 minutes and 45 seconds before expiration. The shortest MDS cache is 4 minutes, - // so we give it 15 seconds to refresh it's cache before attempting to refresh a token. - defaultExpiryDelta = 225 * time.Second - - universeDomainDefault = "googleapis.com" -) - -// tokenState represents different states for a [Token]. -type tokenState int - -const ( - // fresh indicates that the [Token] is valid. It is not expired or close to - // expired, or the token has no expiry. - fresh tokenState = iota - // stale indicates that the [Token] is close to expired, and should be - // refreshed. The token can be used normally. - stale - // invalid indicates that the [Token] is expired or invalid. The token - // cannot be used for a normal operation. - invalid -) - -var ( - defaultGrantType = "urn:ietf:params:oauth:grant-type:jwt-bearer" - defaultHeader = &jwt.Header{Algorithm: jwt.HeaderAlgRSA256, Type: jwt.HeaderType} - - // for testing - timeNow = time.Now -) - -// TokenProvider specifies an interface for anything that can return a token. -type TokenProvider interface { - // Token returns a Token or an error. - // The Token returned must be safe to use - // concurrently. - // The returned Token must not be modified. - // The context provided must be sent along to any requests that are made in - // the implementing code. - Token(context.Context) (*Token, error) -} - -// Token holds the credential token used to authorized requests. All fields are -// considered read-only. -type Token struct { - // Value is the token used to authorize requests. It is usually an access - // token but may be other types of tokens such as ID tokens in some flows. - Value string - // Type is the type of token Value is. If uninitialized, it should be - // assumed to be a "Bearer" token. - Type string - // Expiry is the time the token is set to expire. - Expiry time.Time - // Metadata may include, but is not limited to, the body of the token - // response returned by the server. - Metadata map[string]interface{} // TODO(codyoss): maybe make a method to flatten metadata to avoid []string for url.Values -} - -// IsValid reports that a [Token] is non-nil, has a [Token.Value], and has not -// expired. A token is considered expired if [Token.Expiry] has passed or will -// pass in the next 225 seconds. -func (t *Token) IsValid() bool { - return t.isValidWithEarlyExpiry(defaultExpiryDelta) -} - -// MetadataString is a convenience method for accessing string values in the -// token's metadata. Returns an empty string if the metadata is nil or the value -// for the given key cannot be cast to a string. -func (t *Token) MetadataString(k string) string { - if t.Metadata == nil { - return "" - } - s, ok := t.Metadata[k].(string) - if !ok { - return "" - } - return s -} - -func (t *Token) isValidWithEarlyExpiry(earlyExpiry time.Duration) bool { - if t.isEmpty() { - return false - } - if t.Expiry.IsZero() { - return true - } - return !t.Expiry.Round(0).Add(-earlyExpiry).Before(timeNow()) -} - -func (t *Token) isEmpty() bool { - return t == nil || t.Value == "" -} - -// Credentials holds Google credentials, including -// [Application Default Credentials]. -// -// [Application Default Credentials]: https://developers.google.com/accounts/docs/application-default-credentials -type Credentials struct { - json []byte - projectID CredentialsPropertyProvider - quotaProjectID CredentialsPropertyProvider - // universeDomain is the default service domain for a given Cloud universe. - universeDomain CredentialsPropertyProvider - - TokenProvider -} - -// JSON returns the bytes associated with the the file used to source -// credentials if one was used. -func (c *Credentials) JSON() []byte { - return c.json -} - -// ProjectID returns the associated project ID from the underlying file or -// environment. -func (c *Credentials) ProjectID(ctx context.Context) (string, error) { - if c.projectID == nil { - return internal.GetProjectID(c.json, ""), nil - } - v, err := c.projectID.GetProperty(ctx) - if err != nil { - return "", err - } - return internal.GetProjectID(c.json, v), nil -} - -// QuotaProjectID returns the associated quota project ID from the underlying -// file or environment. -func (c *Credentials) QuotaProjectID(ctx context.Context) (string, error) { - if c.quotaProjectID == nil { - return internal.GetQuotaProject(c.json, ""), nil - } - v, err := c.quotaProjectID.GetProperty(ctx) - if err != nil { - return "", err - } - return internal.GetQuotaProject(c.json, v), nil -} - -// UniverseDomain returns the default service domain for a given Cloud universe. -// The default value is "googleapis.com". -func (c *Credentials) UniverseDomain(ctx context.Context) (string, error) { - if c.universeDomain == nil { - return universeDomainDefault, nil - } - v, err := c.universeDomain.GetProperty(ctx) - if err != nil { - return "", err - } - if v == "" { - return universeDomainDefault, nil - } - return v, err -} - -// CredentialsPropertyProvider provides an implementation to fetch a property -// value for [Credentials]. -type CredentialsPropertyProvider interface { - GetProperty(context.Context) (string, error) -} - -// CredentialsPropertyFunc is a type adapter to allow the use of ordinary -// functions as a [CredentialsPropertyProvider]. -type CredentialsPropertyFunc func(context.Context) (string, error) - -// GetProperty loads the properly value provided the given context. -func (p CredentialsPropertyFunc) GetProperty(ctx context.Context) (string, error) { - return p(ctx) -} - -// CredentialsOptions are used to configure [Credentials]. -type CredentialsOptions struct { - // TokenProvider is a means of sourcing a token for the credentials. Required. - TokenProvider TokenProvider - // JSON is the raw contents of the credentials file if sourced from a file. - JSON []byte - // ProjectIDProvider resolves the project ID associated with the - // credentials. - ProjectIDProvider CredentialsPropertyProvider - // QuotaProjectIDProvider resolves the quota project ID associated with the - // credentials. - QuotaProjectIDProvider CredentialsPropertyProvider - // UniverseDomainProvider resolves the universe domain with the credentials. - UniverseDomainProvider CredentialsPropertyProvider -} - -// NewCredentials returns new [Credentials] from the provided options. -func NewCredentials(opts *CredentialsOptions) *Credentials { - creds := &Credentials{ - TokenProvider: opts.TokenProvider, - json: opts.JSON, - projectID: opts.ProjectIDProvider, - quotaProjectID: opts.QuotaProjectIDProvider, - universeDomain: opts.UniverseDomainProvider, - } - - return creds -} - -// CachedTokenProviderOptions provides options for configuring a cached -// [TokenProvider]. -type CachedTokenProviderOptions struct { - // DisableAutoRefresh makes the TokenProvider always return the same token, - // even if it is expired. The default is false. Optional. - DisableAutoRefresh bool - // ExpireEarly configures the amount of time before a token expires, that it - // should be refreshed. If unset, the default value is 3 minutes and 45 - // seconds. Optional. - ExpireEarly time.Duration - // DisableAsyncRefresh configures a synchronous workflow that refreshes - // tokens in a blocking manner. The default is false. Optional. - DisableAsyncRefresh bool -} - -func (ctpo *CachedTokenProviderOptions) autoRefresh() bool { - if ctpo == nil { - return true - } - return !ctpo.DisableAutoRefresh -} - -func (ctpo *CachedTokenProviderOptions) expireEarly() time.Duration { - if ctpo == nil || ctpo.ExpireEarly == 0 { - return defaultExpiryDelta - } - return ctpo.ExpireEarly -} - -func (ctpo *CachedTokenProviderOptions) blockingRefresh() bool { - if ctpo == nil { - return false - } - return ctpo.DisableAsyncRefresh -} - -// NewCachedTokenProvider wraps a [TokenProvider] to cache the tokens returned -// by the underlying provider. By default it will refresh tokens asynchronously -// a few minutes before they expire. -func NewCachedTokenProvider(tp TokenProvider, opts *CachedTokenProviderOptions) TokenProvider { - if ctp, ok := tp.(*cachedTokenProvider); ok { - return ctp - } - return &cachedTokenProvider{ - tp: tp, - autoRefresh: opts.autoRefresh(), - expireEarly: opts.expireEarly(), - blockingRefresh: opts.blockingRefresh(), - } -} - -type cachedTokenProvider struct { - tp TokenProvider - autoRefresh bool - expireEarly time.Duration - blockingRefresh bool - - mu sync.Mutex - cachedToken *Token - // isRefreshRunning ensures that the non-blocking refresh will only be - // attempted once, even if multiple callers enter the Token method. - isRefreshRunning bool - // isRefreshErr ensures that the non-blocking refresh will only be attempted - // once per refresh window if an error is encountered. - isRefreshErr bool -} - -func (c *cachedTokenProvider) Token(ctx context.Context) (*Token, error) { - if c.blockingRefresh { - return c.tokenBlocking(ctx) - } - return c.tokenNonBlocking(ctx) -} - -func (c *cachedTokenProvider) tokenNonBlocking(ctx context.Context) (*Token, error) { - switch c.tokenState() { - case fresh: - c.mu.Lock() - defer c.mu.Unlock() - return c.cachedToken, nil - case stale: - // Call tokenAsync with a new Context because the user-provided context - // may have a short timeout incompatible with async token refresh. - c.tokenAsync(context.Background()) - // Return the stale token immediately to not block customer requests to Cloud services. - c.mu.Lock() - defer c.mu.Unlock() - return c.cachedToken, nil - default: // invalid - return c.tokenBlocking(ctx) - } -} - -// tokenState reports the token's validity. -func (c *cachedTokenProvider) tokenState() tokenState { - c.mu.Lock() - defer c.mu.Unlock() - t := c.cachedToken - now := timeNow() - if t == nil || t.Value == "" { - return invalid - } else if t.Expiry.IsZero() { - return fresh - } else if now.After(t.Expiry.Round(0)) { - return invalid - } else if now.After(t.Expiry.Round(0).Add(-c.expireEarly)) { - return stale - } - return fresh -} - -// tokenAsync uses a bool to ensure that only one non-blocking token refresh -// happens at a time, even if multiple callers have entered this function -// concurrently. This avoids creating an arbitrary number of concurrent -// goroutines. Retries should be attempted and managed within the Token method. -// If the refresh attempt fails, no further attempts are made until the refresh -// window expires and the token enters the invalid state, at which point the -// blocking call to Token should likely return the same error on the main goroutine. -func (c *cachedTokenProvider) tokenAsync(ctx context.Context) { - fn := func() { - c.mu.Lock() - c.isRefreshRunning = true - c.mu.Unlock() - t, err := c.tp.Token(ctx) - c.mu.Lock() - defer c.mu.Unlock() - c.isRefreshRunning = false - if err != nil { - // Discard errors from the non-blocking refresh, but prevent further - // attempts. - c.isRefreshErr = true - return - } - c.cachedToken = t - } - c.mu.Lock() - defer c.mu.Unlock() - if !c.isRefreshRunning && !c.isRefreshErr { - go fn() - } -} - -func (c *cachedTokenProvider) tokenBlocking(ctx context.Context) (*Token, error) { - c.mu.Lock() - defer c.mu.Unlock() - c.isRefreshErr = false - if c.cachedToken.IsValid() || (!c.autoRefresh && !c.cachedToken.isEmpty()) { - return c.cachedToken, nil - } - t, err := c.tp.Token(ctx) - if err != nil { - return nil, err - } - c.cachedToken = t - return t, nil -} - -// Error is a error associated with retrieving a [Token]. It can hold useful -// additional details for debugging. -type Error struct { - // Response is the HTTP response associated with error. The body will always - // be already closed and consumed. - Response *http.Response - // Body is the HTTP response body. - Body []byte - // Err is the underlying wrapped error. - Err error - - // code returned in the token response - code string - // description returned in the token response - description string - // uri returned in the token response - uri string -} - -func (e *Error) Error() string { - if e.code != "" { - s := fmt.Sprintf("auth: %q", e.code) - if e.description != "" { - s += fmt.Sprintf(" %q", e.description) - } - if e.uri != "" { - s += fmt.Sprintf(" %q", e.uri) - } - return s - } - return fmt.Sprintf("auth: cannot fetch token: %v\nResponse: %s", e.Response.StatusCode, e.Body) -} - -// Temporary returns true if the error is considered temporary and may be able -// to be retried. -func (e *Error) Temporary() bool { - if e.Response == nil { - return false - } - sc := e.Response.StatusCode - return sc == http.StatusInternalServerError || sc == http.StatusServiceUnavailable || sc == http.StatusRequestTimeout || sc == http.StatusTooManyRequests -} - -func (e *Error) Unwrap() error { - return e.Err -} - -// Style describes how the token endpoint wants to receive the ClientID and -// ClientSecret. -type Style int - -const ( - // StyleUnknown means the value has not been initiated. Sending this in - // a request will cause the token exchange to fail. - StyleUnknown Style = iota - // StyleInParams sends client info in the body of a POST request. - StyleInParams - // StyleInHeader sends client info using Basic Authorization header. - StyleInHeader -) - -// Options2LO is the configuration settings for doing a 2-legged JWT OAuth2 flow. -type Options2LO struct { - // Email is the OAuth2 client ID. This value is set as the "iss" in the - // JWT. - Email string - // PrivateKey contains the contents of an RSA private key or the - // contents of a PEM file that contains a private key. It is used to sign - // the JWT created. - PrivateKey []byte - // TokenURL is th URL the JWT is sent to. Required. - TokenURL string - // PrivateKeyID is the ID of the key used to sign the JWT. It is used as the - // "kid" in the JWT header. Optional. - PrivateKeyID string - // Subject is the used for to impersonate a user. It is used as the "sub" in - // the JWT.m Optional. - Subject string - // Scopes specifies requested permissions for the token. Optional. - Scopes []string - // Expires specifies the lifetime of the token. Optional. - Expires time.Duration - // Audience specifies the "aud" in the JWT. Optional. - Audience string - // PrivateClaims allows specifying any custom claims for the JWT. Optional. - PrivateClaims map[string]interface{} - - // Client is the client to be used to make the underlying token requests. - // Optional. - Client *http.Client - // UseIDToken requests that the token returned be an ID token if one is - // returned from the server. Optional. - UseIDToken bool - // Logger is used for debug logging. If provided, logging will be enabled - // at the loggers configured level. By default logging is disabled unless - // enabled by setting GOOGLE_SDK_GO_LOGGING_LEVEL in which case a default - // logger will be used. Optional. - Logger *slog.Logger -} - -func (o *Options2LO) client() *http.Client { - if o.Client != nil { - return o.Client - } - return internal.DefaultClient() -} - -func (o *Options2LO) validate() error { - if o == nil { - return errors.New("auth: options must be provided") - } - if o.Email == "" { - return errors.New("auth: email must be provided") - } - if len(o.PrivateKey) == 0 { - return errors.New("auth: private key must be provided") - } - if o.TokenURL == "" { - return errors.New("auth: token URL must be provided") - } - return nil -} - -// New2LOTokenProvider returns a [TokenProvider] from the provided options. -func New2LOTokenProvider(opts *Options2LO) (TokenProvider, error) { - if err := opts.validate(); err != nil { - return nil, err - } - return tokenProvider2LO{opts: opts, Client: opts.client(), logger: internallog.New(opts.Logger)}, nil -} - -type tokenProvider2LO struct { - opts *Options2LO - Client *http.Client - logger *slog.Logger -} - -func (tp tokenProvider2LO) Token(ctx context.Context) (*Token, error) { - pk, err := internal.ParseKey(tp.opts.PrivateKey) - if err != nil { - return nil, err - } - claimSet := &jwt.Claims{ - Iss: tp.opts.Email, - Scope: strings.Join(tp.opts.Scopes, " "), - Aud: tp.opts.TokenURL, - AdditionalClaims: tp.opts.PrivateClaims, - Sub: tp.opts.Subject, - } - if t := tp.opts.Expires; t > 0 { - claimSet.Exp = time.Now().Add(t).Unix() - } - if aud := tp.opts.Audience; aud != "" { - claimSet.Aud = aud - } - h := *defaultHeader - h.KeyID = tp.opts.PrivateKeyID - payload, err := jwt.EncodeJWS(&h, claimSet, pk) - if err != nil { - return nil, err - } - v := url.Values{} - v.Set("grant_type", defaultGrantType) - v.Set("assertion", payload) - req, err := http.NewRequestWithContext(ctx, "POST", tp.opts.TokenURL, strings.NewReader(v.Encode())) - if err != nil { - return nil, err - } - req.Header.Set("Content-Type", "application/x-www-form-urlencoded") - tp.logger.DebugContext(ctx, "2LO token request", "request", internallog.HTTPRequest(req, []byte(v.Encode()))) - resp, body, err := internal.DoRequest(tp.Client, req) - if err != nil { - return nil, fmt.Errorf("auth: cannot fetch token: %w", err) - } - tp.logger.DebugContext(ctx, "2LO token response", "response", internallog.HTTPResponse(resp, body)) - if c := resp.StatusCode; c < http.StatusOK || c >= http.StatusMultipleChoices { - return nil, &Error{ - Response: resp, - Body: body, - } - } - // tokenRes is the JSON response body. - var tokenRes struct { - AccessToken string `json:"access_token"` - TokenType string `json:"token_type"` - IDToken string `json:"id_token"` - ExpiresIn int64 `json:"expires_in"` - } - if err := json.Unmarshal(body, &tokenRes); err != nil { - return nil, fmt.Errorf("auth: cannot fetch token: %w", err) - } - token := &Token{ - Value: tokenRes.AccessToken, - Type: tokenRes.TokenType, - } - token.Metadata = make(map[string]interface{}) - json.Unmarshal(body, &token.Metadata) // no error checks for optional fields - - if secs := tokenRes.ExpiresIn; secs > 0 { - token.Expiry = time.Now().Add(time.Duration(secs) * time.Second) - } - if v := tokenRes.IDToken; v != "" { - // decode returned id token to get expiry - claimSet, err := jwt.DecodeJWS(v) - if err != nil { - return nil, fmt.Errorf("auth: error decoding JWT token: %w", err) - } - token.Expiry = time.Unix(claimSet.Exp, 0) - } - if tp.opts.UseIDToken { - if tokenRes.IDToken == "" { - return nil, fmt.Errorf("auth: response doesn't have JWT token") - } - token.Value = tokenRes.IDToken - } - return token, nil -} diff --git a/vendor/cloud.google.com/go/auth/credentials/compute.go b/vendor/cloud.google.com/go/auth/credentials/compute.go deleted file mode 100644 index e4a8078f..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/compute.go +++ /dev/null @@ -1,102 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package credentials - -import ( - "context" - "encoding/json" - "errors" - "fmt" - "net/url" - "strings" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/compute/metadata" -) - -var ( - computeTokenMetadata = map[string]interface{}{ - "auth.google.tokenSource": "compute-metadata", - "auth.google.serviceAccount": "default", - } - computeTokenURI = "instance/service-accounts/default/token" -) - -// computeTokenProvider creates a [cloud.google.com/go/auth.TokenProvider] that -// uses the metadata service to retrieve tokens. -func computeTokenProvider(opts *DetectOptions, client *metadata.Client) auth.TokenProvider { - return auth.NewCachedTokenProvider(&computeProvider{ - scopes: opts.Scopes, - client: client, - tokenBindingType: opts.TokenBindingType, - }, &auth.CachedTokenProviderOptions{ - ExpireEarly: opts.EarlyTokenRefresh, - DisableAsyncRefresh: opts.DisableAsyncRefresh, - }) -} - -// computeProvider fetches tokens from the google cloud metadata service. -type computeProvider struct { - scopes []string - client *metadata.Client - tokenBindingType TokenBindingType -} - -type metadataTokenResp struct { - AccessToken string `json:"access_token"` - ExpiresInSec int `json:"expires_in"` - TokenType string `json:"token_type"` -} - -func (cs *computeProvider) Token(ctx context.Context) (*auth.Token, error) { - tokenURI, err := url.Parse(computeTokenURI) - if err != nil { - return nil, err - } - hasScopes := len(cs.scopes) > 0 - if hasScopes || cs.tokenBindingType != NoBinding { - v := url.Values{} - if hasScopes { - v.Set("scopes", strings.Join(cs.scopes, ",")) - } - switch cs.tokenBindingType { - case MTLSHardBinding: - v.Set("transport", "mtls") - v.Set("binding-enforcement", "on") - case ALTSHardBinding: - v.Set("transport", "alts") - } - tokenURI.RawQuery = v.Encode() - } - tokenJSON, err := cs.client.GetWithContext(ctx, tokenURI.String()) - if err != nil { - return nil, fmt.Errorf("credentials: cannot fetch token: %w", err) - } - var res metadataTokenResp - if err := json.NewDecoder(strings.NewReader(tokenJSON)).Decode(&res); err != nil { - return nil, fmt.Errorf("credentials: invalid token JSON from metadata: %w", err) - } - if res.ExpiresInSec == 0 || res.AccessToken == "" { - return nil, errors.New("credentials: incomplete token received from metadata") - } - return &auth.Token{ - Value: res.AccessToken, - Type: res.TokenType, - Expiry: time.Now().Add(time.Duration(res.ExpiresInSec) * time.Second), - Metadata: computeTokenMetadata, - }, nil - -} diff --git a/vendor/cloud.google.com/go/auth/credentials/detect.go b/vendor/cloud.google.com/go/auth/credentials/detect.go deleted file mode 100644 index d8f7d961..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/detect.go +++ /dev/null @@ -1,316 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package credentials - -import ( - "context" - "encoding/json" - "errors" - "fmt" - "log/slog" - "net/http" - "os" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/credsfile" - "cloud.google.com/go/compute/metadata" - "github.com/googleapis/gax-go/v2/internallog" -) - -const ( - // jwtTokenURL is Google's OAuth 2.0 token URL to use with the JWT(2LO) flow. - jwtTokenURL = "https://oauth2.googleapis.com/token" - - // Google's OAuth 2.0 default endpoints. - googleAuthURL = "https://accounts.google.com/o/oauth2/auth" - googleTokenURL = "https://oauth2.googleapis.com/token" - - // GoogleMTLSTokenURL is Google's default OAuth2.0 mTLS endpoint. - GoogleMTLSTokenURL = "https://oauth2.mtls.googleapis.com/token" - - // Help on default credentials - adcSetupURL = "https://cloud.google.com/docs/authentication/external/set-up-adc" -) - -var ( - // for testing - allowOnGCECheck = true -) - -// TokenBindingType specifies the type of binding used when requesting a token -// whether to request a hard-bound token using mTLS or an instance identity -// bound token using ALTS. -type TokenBindingType int - -const ( - // NoBinding specifies that requested tokens are not required to have a - // binding. This is the default option. - NoBinding TokenBindingType = iota - // MTLSHardBinding specifies that a hard-bound token should be requested - // using an mTLS with S2A channel. - MTLSHardBinding - // ALTSHardBinding specifies that an instance identity bound token should - // be requested using an ALTS channel. - ALTSHardBinding -) - -// OnGCE reports whether this process is running in Google Cloud. -func OnGCE() bool { - // TODO(codyoss): once all libs use this auth lib move metadata check here - return allowOnGCECheck && metadata.OnGCE() -} - -// DetectDefault searches for "Application Default Credentials" and returns -// a credential based on the [DetectOptions] provided. -// -// It looks for credentials in the following places, preferring the first -// location found: -// -// - A JSON file whose path is specified by the GOOGLE_APPLICATION_CREDENTIALS -// environment variable. For workload identity federation, refer to -// https://cloud.google.com/iam/docs/how-to#using-workload-identity-federation -// on how to generate the JSON configuration file for on-prem/non-Google -// cloud platforms. -// - A JSON file in a location known to the gcloud command-line tool. On -// Windows, this is %APPDATA%/gcloud/application_default_credentials.json. On -// other systems, $HOME/.config/gcloud/application_default_credentials.json. -// - On Google Compute Engine, Google App Engine standard second generation -// runtimes, and Google App Engine flexible environment, it fetches -// credentials from the metadata server. -func DetectDefault(opts *DetectOptions) (*auth.Credentials, error) { - if err := opts.validate(); err != nil { - return nil, err - } - if len(opts.CredentialsJSON) > 0 { - return readCredentialsFileJSON(opts.CredentialsJSON, opts) - } - if opts.CredentialsFile != "" { - return readCredentialsFile(opts.CredentialsFile, opts) - } - if filename := os.Getenv(credsfile.GoogleAppCredsEnvVar); filename != "" { - creds, err := readCredentialsFile(filename, opts) - if err != nil { - return nil, err - } - return creds, nil - } - - fileName := credsfile.GetWellKnownFileName() - if b, err := os.ReadFile(fileName); err == nil { - return readCredentialsFileJSON(b, opts) - } - - if OnGCE() { - metadataClient := metadata.NewWithOptions(&metadata.Options{ - Logger: opts.logger(), - }) - return auth.NewCredentials(&auth.CredentialsOptions{ - TokenProvider: computeTokenProvider(opts, metadataClient), - ProjectIDProvider: auth.CredentialsPropertyFunc(func(ctx context.Context) (string, error) { - return metadataClient.ProjectIDWithContext(ctx) - }), - UniverseDomainProvider: &internal.ComputeUniverseDomainProvider{ - MetadataClient: metadataClient, - }, - }), nil - } - - return nil, fmt.Errorf("credentials: could not find default credentials. See %v for more information", adcSetupURL) -} - -// DetectOptions provides configuration for [DetectDefault]. -type DetectOptions struct { - // Scopes that credentials tokens should have. Example: - // https://www.googleapis.com/auth/cloud-platform. Required if Audience is - // not provided. - Scopes []string - // TokenBindingType specifies the type of binding used when requesting a - // token whether to request a hard-bound token using mTLS or an instance - // identity bound token using ALTS. Optional. - TokenBindingType TokenBindingType - // Audience that credentials tokens should have. Only applicable for 2LO - // flows with service accounts. If specified, scopes should not be provided. - Audience string - // Subject is the user email used for [domain wide delegation](https://developers.google.com/identity/protocols/oauth2/service-account#delegatingauthority). - // Optional. - Subject string - // EarlyTokenRefresh configures how early before a token expires that it - // should be refreshed. Once the token’s time until expiration has entered - // this refresh window the token is considered valid but stale. If unset, - // the default value is 3 minutes and 45 seconds. Optional. - EarlyTokenRefresh time.Duration - // DisableAsyncRefresh configures a synchronous workflow that refreshes - // stale tokens while blocking. The default is false. Optional. - DisableAsyncRefresh bool - // AuthHandlerOptions configures an authorization handler and other options - // for 3LO flows. It is required, and only used, for client credential - // flows. - AuthHandlerOptions *auth.AuthorizationHandlerOptions - // TokenURL allows to set the token endpoint for user credential flows. If - // unset the default value is: https://oauth2.googleapis.com/token. - // Optional. - TokenURL string - // STSAudience is the audience sent to when retrieving an STS token. - // Currently this only used for GDCH auth flow, for which it is required. - STSAudience string - // CredentialsFile overrides detection logic and sources a credential file - // from the provided filepath. If provided, CredentialsJSON must not be. - // Optional. - // - // Important: If you accept a credential configuration (credential - // JSON/File/Stream) from an external source for authentication to Google - // Cloud Platform, you must validate it before providing it to any Google - // API or library. Providing an unvalidated credential configuration to - // Google APIs can compromise the security of your systems and data. For - // more information, refer to [Validate credential configurations from - // external sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). - CredentialsFile string - // CredentialsJSON overrides detection logic and uses the JSON bytes as the - // source for the credential. If provided, CredentialsFile must not be. - // Optional. - // - // Important: If you accept a credential configuration (credential - // JSON/File/Stream) from an external source for authentication to Google - // Cloud Platform, you must validate it before providing it to any Google - // API or library. Providing an unvalidated credential configuration to - // Google APIs can compromise the security of your systems and data. For - // more information, refer to [Validate credential configurations from - // external sources](https://cloud.google.com/docs/authentication/external/externally-sourced-credentials). - CredentialsJSON []byte - // UseSelfSignedJWT directs service account based credentials to create a - // self-signed JWT with the private key found in the file, skipping any - // network requests that would normally be made. Optional. - UseSelfSignedJWT bool - // Client configures the underlying client used to make network requests - // when fetching tokens. Optional. - Client *http.Client - // UniverseDomain is the default service domain for a given Cloud universe. - // The default value is "googleapis.com". This option is ignored for - // authentication flows that do not support universe domain. Optional. - UniverseDomain string - // Logger is used for debug logging. If provided, logging will be enabled - // at the loggers configured level. By default logging is disabled unless - // enabled by setting GOOGLE_SDK_GO_LOGGING_LEVEL in which case a default - // logger will be used. Optional. - Logger *slog.Logger -} - -func (o *DetectOptions) validate() error { - if o == nil { - return errors.New("credentials: options must be provided") - } - if len(o.Scopes) > 0 && o.Audience != "" { - return errors.New("credentials: both scopes and audience were provided") - } - if len(o.CredentialsJSON) > 0 && o.CredentialsFile != "" { - return errors.New("credentials: both credentials file and JSON were provided") - } - return nil -} - -func (o *DetectOptions) tokenURL() string { - if o.TokenURL != "" { - return o.TokenURL - } - return googleTokenURL -} - -func (o *DetectOptions) scopes() []string { - scopes := make([]string, len(o.Scopes)) - copy(scopes, o.Scopes) - return scopes -} - -func (o *DetectOptions) client() *http.Client { - if o.Client != nil { - return o.Client - } - return internal.DefaultClient() -} - -func (o *DetectOptions) logger() *slog.Logger { - return internallog.New(o.Logger) -} - -func readCredentialsFile(filename string, opts *DetectOptions) (*auth.Credentials, error) { - b, err := os.ReadFile(filename) - if err != nil { - return nil, err - } - return readCredentialsFileJSON(b, opts) -} - -func readCredentialsFileJSON(b []byte, opts *DetectOptions) (*auth.Credentials, error) { - // attempt to parse jsonData as a Google Developers Console client_credentials.json. - config := clientCredConfigFromJSON(b, opts) - if config != nil { - if config.AuthHandlerOpts == nil { - return nil, errors.New("credentials: auth handler must be specified for this credential filetype") - } - tp, err := auth.New3LOTokenProvider(config) - if err != nil { - return nil, err - } - return auth.NewCredentials(&auth.CredentialsOptions{ - TokenProvider: tp, - JSON: b, - }), nil - } - return fileCredentials(b, opts) -} - -func clientCredConfigFromJSON(b []byte, opts *DetectOptions) *auth.Options3LO { - var creds credsfile.ClientCredentialsFile - var c *credsfile.Config3LO - if err := json.Unmarshal(b, &creds); err != nil { - return nil - } - switch { - case creds.Web != nil: - c = creds.Web - case creds.Installed != nil: - c = creds.Installed - default: - return nil - } - if len(c.RedirectURIs) < 1 { - return nil - } - var handleOpts *auth.AuthorizationHandlerOptions - if opts.AuthHandlerOptions != nil { - handleOpts = &auth.AuthorizationHandlerOptions{ - Handler: opts.AuthHandlerOptions.Handler, - State: opts.AuthHandlerOptions.State, - PKCEOpts: opts.AuthHandlerOptions.PKCEOpts, - } - } - return &auth.Options3LO{ - ClientID: c.ClientID, - ClientSecret: c.ClientSecret, - RedirectURL: c.RedirectURIs[0], - Scopes: opts.scopes(), - AuthURL: c.AuthURI, - TokenURL: c.TokenURI, - Client: opts.client(), - Logger: opts.logger(), - EarlyTokenExpiry: opts.EarlyTokenRefresh, - AuthHandlerOpts: handleOpts, - // TODO(codyoss): refactor this out. We need to add in auto-detection - // for this use case. - AuthStyle: auth.StyleInParams, - } -} diff --git a/vendor/cloud.google.com/go/auth/credentials/doc.go b/vendor/cloud.google.com/go/auth/credentials/doc.go deleted file mode 100644 index 1dbb2866..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/doc.go +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package credentials provides support for making OAuth2 authorized and -// authenticated HTTP requests to Google APIs. It supports the Web server flow, -// client-side credentials, service accounts, Google Compute Engine service -// accounts, Google App Engine service accounts and workload identity federation -// from non-Google cloud platforms. -// -// A brief overview of the package follows. For more information, please read -// https://developers.google.com/accounts/docs/OAuth2 -// and -// https://developers.google.com/accounts/docs/application-default-credentials. -// For more information on using workload identity federation, refer to -// https://cloud.google.com/iam/docs/how-to#using-workload-identity-federation. -// -// # Credentials -// -// The [cloud.google.com/go/auth.Credentials] type represents Google -// credentials, including Application Default Credentials. -// -// Use [DetectDefault] to obtain Application Default Credentials. -// -// Application Default Credentials support workload identity federation to -// access Google Cloud resources from non-Google Cloud platforms including Amazon -// Web Services (AWS), Microsoft Azure or any identity provider that supports -// OpenID Connect (OIDC). Workload identity federation is recommended for -// non-Google Cloud environments as it avoids the need to download, manage, and -// store service account private keys locally. -// -// # Workforce Identity Federation -// -// For more information on this feature see [cloud.google.com/go/auth/credentials/externalaccount]. -package credentials diff --git a/vendor/cloud.google.com/go/auth/credentials/filetypes.go b/vendor/cloud.google.com/go/auth/credentials/filetypes.go deleted file mode 100644 index e5243e6c..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/filetypes.go +++ /dev/null @@ -1,231 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package credentials - -import ( - "errors" - "fmt" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/credentials/internal/externalaccount" - "cloud.google.com/go/auth/credentials/internal/externalaccountuser" - "cloud.google.com/go/auth/credentials/internal/gdch" - "cloud.google.com/go/auth/credentials/internal/impersonate" - internalauth "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/credsfile" -) - -func fileCredentials(b []byte, opts *DetectOptions) (*auth.Credentials, error) { - fileType, err := credsfile.ParseFileType(b) - if err != nil { - return nil, err - } - - var projectID, universeDomain string - var tp auth.TokenProvider - switch fileType { - case credsfile.ServiceAccountKey: - f, err := credsfile.ParseServiceAccount(b) - if err != nil { - return nil, err - } - tp, err = handleServiceAccount(f, opts) - if err != nil { - return nil, err - } - projectID = f.ProjectID - universeDomain = resolveUniverseDomain(opts.UniverseDomain, f.UniverseDomain) - case credsfile.UserCredentialsKey: - f, err := credsfile.ParseUserCredentials(b) - if err != nil { - return nil, err - } - tp, err = handleUserCredential(f, opts) - if err != nil { - return nil, err - } - universeDomain = f.UniverseDomain - case credsfile.ExternalAccountKey: - f, err := credsfile.ParseExternalAccount(b) - if err != nil { - return nil, err - } - tp, err = handleExternalAccount(f, opts) - if err != nil { - return nil, err - } - universeDomain = resolveUniverseDomain(opts.UniverseDomain, f.UniverseDomain) - case credsfile.ExternalAccountAuthorizedUserKey: - f, err := credsfile.ParseExternalAccountAuthorizedUser(b) - if err != nil { - return nil, err - } - tp, err = handleExternalAccountAuthorizedUser(f, opts) - if err != nil { - return nil, err - } - universeDomain = f.UniverseDomain - case credsfile.ImpersonatedServiceAccountKey: - f, err := credsfile.ParseImpersonatedServiceAccount(b) - if err != nil { - return nil, err - } - tp, err = handleImpersonatedServiceAccount(f, opts) - if err != nil { - return nil, err - } - universeDomain = resolveUniverseDomain(opts.UniverseDomain, f.UniverseDomain) - case credsfile.GDCHServiceAccountKey: - f, err := credsfile.ParseGDCHServiceAccount(b) - if err != nil { - return nil, err - } - tp, err = handleGDCHServiceAccount(f, opts) - if err != nil { - return nil, err - } - projectID = f.Project - universeDomain = f.UniverseDomain - default: - return nil, fmt.Errorf("credentials: unsupported filetype %q", fileType) - } - return auth.NewCredentials(&auth.CredentialsOptions{ - TokenProvider: auth.NewCachedTokenProvider(tp, &auth.CachedTokenProviderOptions{ - ExpireEarly: opts.EarlyTokenRefresh, - }), - JSON: b, - ProjectIDProvider: internalauth.StaticCredentialsProperty(projectID), - // TODO(codyoss): only set quota project here if there was a user override - UniverseDomainProvider: internalauth.StaticCredentialsProperty(universeDomain), - }), nil -} - -// resolveUniverseDomain returns optsUniverseDomain if non-empty, in order to -// support configuring universe-specific credentials in code. Auth flows -// unsupported for universe domain should not use this func, but should instead -// simply set the file universe domain on the credentials. -func resolveUniverseDomain(optsUniverseDomain, fileUniverseDomain string) string { - if optsUniverseDomain != "" { - return optsUniverseDomain - } - return fileUniverseDomain -} - -func handleServiceAccount(f *credsfile.ServiceAccountFile, opts *DetectOptions) (auth.TokenProvider, error) { - ud := resolveUniverseDomain(opts.UniverseDomain, f.UniverseDomain) - if opts.UseSelfSignedJWT { - return configureSelfSignedJWT(f, opts) - } else if ud != "" && ud != internalauth.DefaultUniverseDomain { - // For non-GDU universe domains, token exchange is impossible and services - // must support self-signed JWTs. - opts.UseSelfSignedJWT = true - return configureSelfSignedJWT(f, opts) - } - opts2LO := &auth.Options2LO{ - Email: f.ClientEmail, - PrivateKey: []byte(f.PrivateKey), - PrivateKeyID: f.PrivateKeyID, - Scopes: opts.scopes(), - TokenURL: f.TokenURL, - Subject: opts.Subject, - Client: opts.client(), - Logger: opts.logger(), - } - if opts2LO.TokenURL == "" { - opts2LO.TokenURL = jwtTokenURL - } - return auth.New2LOTokenProvider(opts2LO) -} - -func handleUserCredential(f *credsfile.UserCredentialsFile, opts *DetectOptions) (auth.TokenProvider, error) { - opts3LO := &auth.Options3LO{ - ClientID: f.ClientID, - ClientSecret: f.ClientSecret, - Scopes: opts.scopes(), - AuthURL: googleAuthURL, - TokenURL: opts.tokenURL(), - AuthStyle: auth.StyleInParams, - EarlyTokenExpiry: opts.EarlyTokenRefresh, - RefreshToken: f.RefreshToken, - Client: opts.client(), - Logger: opts.logger(), - } - return auth.New3LOTokenProvider(opts3LO) -} - -func handleExternalAccount(f *credsfile.ExternalAccountFile, opts *DetectOptions) (auth.TokenProvider, error) { - externalOpts := &externalaccount.Options{ - Audience: f.Audience, - SubjectTokenType: f.SubjectTokenType, - TokenURL: f.TokenURL, - TokenInfoURL: f.TokenInfoURL, - ServiceAccountImpersonationURL: f.ServiceAccountImpersonationURL, - ClientSecret: f.ClientSecret, - ClientID: f.ClientID, - CredentialSource: f.CredentialSource, - QuotaProjectID: f.QuotaProjectID, - Scopes: opts.scopes(), - WorkforcePoolUserProject: f.WorkforcePoolUserProject, - Client: opts.client(), - Logger: opts.logger(), - IsDefaultClient: opts.Client == nil, - } - if f.ServiceAccountImpersonation != nil { - externalOpts.ServiceAccountImpersonationLifetimeSeconds = f.ServiceAccountImpersonation.TokenLifetimeSeconds - } - return externalaccount.NewTokenProvider(externalOpts) -} - -func handleExternalAccountAuthorizedUser(f *credsfile.ExternalAccountAuthorizedUserFile, opts *DetectOptions) (auth.TokenProvider, error) { - externalOpts := &externalaccountuser.Options{ - Audience: f.Audience, - RefreshToken: f.RefreshToken, - TokenURL: f.TokenURL, - TokenInfoURL: f.TokenInfoURL, - ClientID: f.ClientID, - ClientSecret: f.ClientSecret, - Scopes: opts.scopes(), - Client: opts.client(), - Logger: opts.logger(), - } - return externalaccountuser.NewTokenProvider(externalOpts) -} - -func handleImpersonatedServiceAccount(f *credsfile.ImpersonatedServiceAccountFile, opts *DetectOptions) (auth.TokenProvider, error) { - if f.ServiceAccountImpersonationURL == "" || f.CredSource == nil { - return nil, errors.New("missing 'source_credentials' field or 'service_account_impersonation_url' in credentials") - } - - tp, err := fileCredentials(f.CredSource, opts) - if err != nil { - return nil, err - } - return impersonate.NewTokenProvider(&impersonate.Options{ - URL: f.ServiceAccountImpersonationURL, - Scopes: opts.scopes(), - Tp: tp, - Delegates: f.Delegates, - Client: opts.client(), - Logger: opts.logger(), - }) -} - -func handleGDCHServiceAccount(f *credsfile.GDCHServiceAccountFile, opts *DetectOptions) (auth.TokenProvider, error) { - return gdch.NewTokenProvider(f, &gdch.Options{ - STSAudience: opts.STSAudience, - Client: opts.client(), - Logger: opts.logger(), - }) -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/aws_provider.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/aws_provider.go deleted file mode 100644 index 9ecd1f64..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/aws_provider.go +++ /dev/null @@ -1,531 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccount - -import ( - "bytes" - "context" - "crypto/hmac" - "crypto/sha256" - "encoding/hex" - "encoding/json" - "errors" - "fmt" - "log/slog" - "net/http" - "net/url" - "os" - "path" - "sort" - "strings" - "time" - - "cloud.google.com/go/auth/internal" - "github.com/googleapis/gax-go/v2/internallog" -) - -var ( - // getenv aliases os.Getenv for testing - getenv = os.Getenv -) - -const ( - // AWS Signature Version 4 signing algorithm identifier. - awsAlgorithm = "AWS4-HMAC-SHA256" - - // The termination string for the AWS credential scope value as defined in - // https://docs.aws.amazon.com/general/latest/gr/sigv4-create-string-to-sign.html - awsRequestType = "aws4_request" - - // The AWS authorization header name for the security session token if available. - awsSecurityTokenHeader = "x-amz-security-token" - - // The name of the header containing the session token for metadata endpoint calls - awsIMDSv2SessionTokenHeader = "X-aws-ec2-metadata-token" - - awsIMDSv2SessionTTLHeader = "X-aws-ec2-metadata-token-ttl-seconds" - - awsIMDSv2SessionTTL = "300" - - // The AWS authorization header name for the auto-generated date. - awsDateHeader = "x-amz-date" - - defaultRegionalCredentialVerificationURL = "https://sts.{region}.amazonaws.com?Action=GetCallerIdentity&Version=2011-06-15" - - // Supported AWS configuration environment variables. - awsAccessKeyIDEnvVar = "AWS_ACCESS_KEY_ID" - awsDefaultRegionEnvVar = "AWS_DEFAULT_REGION" - awsRegionEnvVar = "AWS_REGION" - awsSecretAccessKeyEnvVar = "AWS_SECRET_ACCESS_KEY" - awsSessionTokenEnvVar = "AWS_SESSION_TOKEN" - - awsTimeFormatLong = "20060102T150405Z" - awsTimeFormatShort = "20060102" - awsProviderType = "aws" -) - -type awsSubjectProvider struct { - EnvironmentID string - RegionURL string - RegionalCredVerificationURL string - CredVerificationURL string - IMDSv2SessionTokenURL string - TargetResource string - requestSigner *awsRequestSigner - region string - securityCredentialsProvider AwsSecurityCredentialsProvider - reqOpts *RequestOptions - - Client *http.Client - logger *slog.Logger -} - -func (sp *awsSubjectProvider) subjectToken(ctx context.Context) (string, error) { - // Set Defaults - if sp.RegionalCredVerificationURL == "" { - sp.RegionalCredVerificationURL = defaultRegionalCredentialVerificationURL - } - headers := make(map[string]string) - if sp.shouldUseMetadataServer() { - awsSessionToken, err := sp.getAWSSessionToken(ctx) - if err != nil { - return "", err - } - - if awsSessionToken != "" { - headers[awsIMDSv2SessionTokenHeader] = awsSessionToken - } - } - - awsSecurityCredentials, err := sp.getSecurityCredentials(ctx, headers) - if err != nil { - return "", err - } - if sp.region, err = sp.getRegion(ctx, headers); err != nil { - return "", err - } - sp.requestSigner = &awsRequestSigner{ - RegionName: sp.region, - AwsSecurityCredentials: awsSecurityCredentials, - } - - // Generate the signed request to AWS STS GetCallerIdentity API. - // Use the required regional endpoint. Otherwise, the request will fail. - req, err := http.NewRequestWithContext(ctx, "POST", strings.Replace(sp.RegionalCredVerificationURL, "{region}", sp.region, 1), nil) - if err != nil { - return "", err - } - // The full, canonical resource name of the workload identity pool - // provider, with or without the HTTPS prefix. - // Including this header as part of the signature is recommended to - // ensure data integrity. - if sp.TargetResource != "" { - req.Header.Set("x-goog-cloud-target-resource", sp.TargetResource) - } - sp.requestSigner.signRequest(req) - - /* - The GCP STS endpoint expects the headers to be formatted as: - # [ - # {key: 'x-amz-date', value: '...'}, - # {key: 'Authorization', value: '...'}, - # ... - # ] - # And then serialized as: - # quote(json.dumps({ - # url: '...', - # method: 'POST', - # headers: [{key: 'x-amz-date', value: '...'}, ...] - # })) - */ - - awsSignedReq := awsRequest{ - URL: req.URL.String(), - Method: "POST", - } - for headerKey, headerList := range req.Header { - for _, headerValue := range headerList { - awsSignedReq.Headers = append(awsSignedReq.Headers, awsRequestHeader{ - Key: headerKey, - Value: headerValue, - }) - } - } - sort.Slice(awsSignedReq.Headers, func(i, j int) bool { - headerCompare := strings.Compare(awsSignedReq.Headers[i].Key, awsSignedReq.Headers[j].Key) - if headerCompare == 0 { - return strings.Compare(awsSignedReq.Headers[i].Value, awsSignedReq.Headers[j].Value) < 0 - } - return headerCompare < 0 - }) - - result, err := json.Marshal(awsSignedReq) - if err != nil { - return "", err - } - return url.QueryEscape(string(result)), nil -} - -func (sp *awsSubjectProvider) providerType() string { - if sp.securityCredentialsProvider != nil { - return programmaticProviderType - } - return awsProviderType -} - -func (sp *awsSubjectProvider) getAWSSessionToken(ctx context.Context) (string, error) { - if sp.IMDSv2SessionTokenURL == "" { - return "", nil - } - req, err := http.NewRequestWithContext(ctx, "PUT", sp.IMDSv2SessionTokenURL, nil) - if err != nil { - return "", err - } - req.Header.Set(awsIMDSv2SessionTTLHeader, awsIMDSv2SessionTTL) - - sp.logger.DebugContext(ctx, "aws session token request", "request", internallog.HTTPRequest(req, nil)) - resp, body, err := internal.DoRequest(sp.Client, req) - if err != nil { - return "", err - } - sp.logger.DebugContext(ctx, "aws session token response", "response", internallog.HTTPResponse(resp, body)) - if resp.StatusCode != http.StatusOK { - return "", fmt.Errorf("credentials: unable to retrieve AWS session token: %s", body) - } - return string(body), nil -} - -func (sp *awsSubjectProvider) getRegion(ctx context.Context, headers map[string]string) (string, error) { - if sp.securityCredentialsProvider != nil { - return sp.securityCredentialsProvider.AwsRegion(ctx, sp.reqOpts) - } - if canRetrieveRegionFromEnvironment() { - if envAwsRegion := getenv(awsRegionEnvVar); envAwsRegion != "" { - return envAwsRegion, nil - } - return getenv(awsDefaultRegionEnvVar), nil - } - - if sp.RegionURL == "" { - return "", errors.New("credentials: unable to determine AWS region") - } - - req, err := http.NewRequestWithContext(ctx, "GET", sp.RegionURL, nil) - if err != nil { - return "", err - } - - for name, value := range headers { - req.Header.Add(name, value) - } - sp.logger.DebugContext(ctx, "aws region request", "request", internallog.HTTPRequest(req, nil)) - resp, body, err := internal.DoRequest(sp.Client, req) - if err != nil { - return "", err - } - sp.logger.DebugContext(ctx, "aws region response", "response", internallog.HTTPResponse(resp, body)) - if resp.StatusCode != http.StatusOK { - return "", fmt.Errorf("credentials: unable to retrieve AWS region - %s", body) - } - - // This endpoint will return the region in format: us-east-2b. - // Only the us-east-2 part should be used. - bodyLen := len(body) - if bodyLen == 0 { - return "", nil - } - return string(body[:bodyLen-1]), nil -} - -func (sp *awsSubjectProvider) getSecurityCredentials(ctx context.Context, headers map[string]string) (result *AwsSecurityCredentials, err error) { - if sp.securityCredentialsProvider != nil { - return sp.securityCredentialsProvider.AwsSecurityCredentials(ctx, sp.reqOpts) - } - if canRetrieveSecurityCredentialFromEnvironment() { - return &AwsSecurityCredentials{ - AccessKeyID: getenv(awsAccessKeyIDEnvVar), - SecretAccessKey: getenv(awsSecretAccessKeyEnvVar), - SessionToken: getenv(awsSessionTokenEnvVar), - }, nil - } - - roleName, err := sp.getMetadataRoleName(ctx, headers) - if err != nil { - return - } - credentials, err := sp.getMetadataSecurityCredentials(ctx, roleName, headers) - if err != nil { - return - } - - if credentials.AccessKeyID == "" { - return result, errors.New("credentials: missing AccessKeyId credential") - } - if credentials.SecretAccessKey == "" { - return result, errors.New("credentials: missing SecretAccessKey credential") - } - - return credentials, nil -} - -func (sp *awsSubjectProvider) getMetadataSecurityCredentials(ctx context.Context, roleName string, headers map[string]string) (*AwsSecurityCredentials, error) { - var result *AwsSecurityCredentials - - req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("%s/%s", sp.CredVerificationURL, roleName), nil) - if err != nil { - return result, err - } - for name, value := range headers { - req.Header.Add(name, value) - } - sp.logger.DebugContext(ctx, "aws security credential request", "request", internallog.HTTPRequest(req, nil)) - resp, body, err := internal.DoRequest(sp.Client, req) - if err != nil { - return result, err - } - sp.logger.DebugContext(ctx, "aws security credential response", "response", internallog.HTTPResponse(resp, body)) - if resp.StatusCode != http.StatusOK { - return result, fmt.Errorf("credentials: unable to retrieve AWS security credentials - %s", body) - } - if err := json.Unmarshal(body, &result); err != nil { - return nil, err - } - return result, nil -} - -func (sp *awsSubjectProvider) getMetadataRoleName(ctx context.Context, headers map[string]string) (string, error) { - if sp.CredVerificationURL == "" { - return "", errors.New("credentials: unable to determine the AWS metadata server security credentials endpoint") - } - req, err := http.NewRequestWithContext(ctx, "GET", sp.CredVerificationURL, nil) - if err != nil { - return "", err - } - for name, value := range headers { - req.Header.Add(name, value) - } - - sp.logger.DebugContext(ctx, "aws metadata role request", "request", internallog.HTTPRequest(req, nil)) - resp, body, err := internal.DoRequest(sp.Client, req) - if err != nil { - return "", err - } - sp.logger.DebugContext(ctx, "aws metadata role response", "response", internallog.HTTPResponse(resp, body)) - if resp.StatusCode != http.StatusOK { - return "", fmt.Errorf("credentials: unable to retrieve AWS role name - %s", body) - } - return string(body), nil -} - -// awsRequestSigner is a utility class to sign http requests using a AWS V4 signature. -type awsRequestSigner struct { - RegionName string - AwsSecurityCredentials *AwsSecurityCredentials -} - -// signRequest adds the appropriate headers to an http.Request -// or returns an error if something prevented this. -func (rs *awsRequestSigner) signRequest(req *http.Request) error { - // req is assumed non-nil - signedRequest := cloneRequest(req) - timestamp := Now() - signedRequest.Header.Set("host", requestHost(req)) - if rs.AwsSecurityCredentials.SessionToken != "" { - signedRequest.Header.Set(awsSecurityTokenHeader, rs.AwsSecurityCredentials.SessionToken) - } - if signedRequest.Header.Get("date") == "" { - signedRequest.Header.Set(awsDateHeader, timestamp.Format(awsTimeFormatLong)) - } - authorizationCode, err := rs.generateAuthentication(signedRequest, timestamp) - if err != nil { - return err - } - signedRequest.Header.Set("Authorization", authorizationCode) - req.Header = signedRequest.Header - return nil -} - -func (rs *awsRequestSigner) generateAuthentication(req *http.Request, timestamp time.Time) (string, error) { - canonicalHeaderColumns, canonicalHeaderData := canonicalHeaders(req) - dateStamp := timestamp.Format(awsTimeFormatShort) - serviceName := "" - - if splitHost := strings.Split(requestHost(req), "."); len(splitHost) > 0 { - serviceName = splitHost[0] - } - credentialScope := strings.Join([]string{dateStamp, rs.RegionName, serviceName, awsRequestType}, "/") - requestString, err := canonicalRequest(req, canonicalHeaderColumns, canonicalHeaderData) - if err != nil { - return "", err - } - requestHash, err := getSha256([]byte(requestString)) - if err != nil { - return "", err - } - - stringToSign := strings.Join([]string{awsAlgorithm, timestamp.Format(awsTimeFormatLong), credentialScope, requestHash}, "\n") - signingKey := []byte("AWS4" + rs.AwsSecurityCredentials.SecretAccessKey) - for _, signingInput := range []string{ - dateStamp, rs.RegionName, serviceName, awsRequestType, stringToSign, - } { - signingKey, err = getHmacSha256(signingKey, []byte(signingInput)) - if err != nil { - return "", err - } - } - - return fmt.Sprintf("%s Credential=%s/%s, SignedHeaders=%s, Signature=%s", awsAlgorithm, rs.AwsSecurityCredentials.AccessKeyID, credentialScope, canonicalHeaderColumns, hex.EncodeToString(signingKey)), nil -} - -func getSha256(input []byte) (string, error) { - hash := sha256.New() - if _, err := hash.Write(input); err != nil { - return "", err - } - return hex.EncodeToString(hash.Sum(nil)), nil -} - -func getHmacSha256(key, input []byte) ([]byte, error) { - hash := hmac.New(sha256.New, key) - if _, err := hash.Write(input); err != nil { - return nil, err - } - return hash.Sum(nil), nil -} - -func cloneRequest(r *http.Request) *http.Request { - r2 := new(http.Request) - *r2 = *r - if r.Header != nil { - r2.Header = make(http.Header, len(r.Header)) - - // Find total number of values. - headerCount := 0 - for _, headerValues := range r.Header { - headerCount += len(headerValues) - } - copiedHeaders := make([]string, headerCount) // shared backing array for headers' values - - for headerKey, headerValues := range r.Header { - headerCount = copy(copiedHeaders, headerValues) - r2.Header[headerKey] = copiedHeaders[:headerCount:headerCount] - copiedHeaders = copiedHeaders[headerCount:] - } - } - return r2 -} - -func canonicalPath(req *http.Request) string { - result := req.URL.EscapedPath() - if result == "" { - return "/" - } - return path.Clean(result) -} - -func canonicalQuery(req *http.Request) string { - queryValues := req.URL.Query() - for queryKey := range queryValues { - sort.Strings(queryValues[queryKey]) - } - return queryValues.Encode() -} - -func canonicalHeaders(req *http.Request) (string, string) { - // Header keys need to be sorted alphabetically. - var headers []string - lowerCaseHeaders := make(http.Header) - for k, v := range req.Header { - k := strings.ToLower(k) - if _, ok := lowerCaseHeaders[k]; ok { - // include additional values - lowerCaseHeaders[k] = append(lowerCaseHeaders[k], v...) - } else { - headers = append(headers, k) - lowerCaseHeaders[k] = v - } - } - sort.Strings(headers) - - var fullHeaders bytes.Buffer - for _, header := range headers { - headerValue := strings.Join(lowerCaseHeaders[header], ",") - fullHeaders.WriteString(header) - fullHeaders.WriteRune(':') - fullHeaders.WriteString(headerValue) - fullHeaders.WriteRune('\n') - } - - return strings.Join(headers, ";"), fullHeaders.String() -} - -func requestDataHash(req *http.Request) (string, error) { - var requestData []byte - if req.Body != nil { - requestBody, err := req.GetBody() - if err != nil { - return "", err - } - defer requestBody.Close() - - requestData, err = internal.ReadAll(requestBody) - if err != nil { - return "", err - } - } - - return getSha256(requestData) -} - -func requestHost(req *http.Request) string { - if req.Host != "" { - return req.Host - } - return req.URL.Host -} - -func canonicalRequest(req *http.Request, canonicalHeaderColumns, canonicalHeaderData string) (string, error) { - dataHash, err := requestDataHash(req) - if err != nil { - return "", err - } - return fmt.Sprintf("%s\n%s\n%s\n%s\n%s\n%s", req.Method, canonicalPath(req), canonicalQuery(req), canonicalHeaderData, canonicalHeaderColumns, dataHash), nil -} - -type awsRequestHeader struct { - Key string `json:"key"` - Value string `json:"value"` -} - -type awsRequest struct { - URL string `json:"url"` - Method string `json:"method"` - Headers []awsRequestHeader `json:"headers"` -} - -// The AWS region can be provided through AWS_REGION or AWS_DEFAULT_REGION. Only one is -// required. -func canRetrieveRegionFromEnvironment() bool { - return getenv(awsRegionEnvVar) != "" || getenv(awsDefaultRegionEnvVar) != "" -} - -// Check if both AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are available. -func canRetrieveSecurityCredentialFromEnvironment() bool { - return getenv(awsAccessKeyIDEnvVar) != "" && getenv(awsSecretAccessKeyEnvVar) != "" -} - -func (sp *awsSubjectProvider) shouldUseMetadataServer() bool { - return sp.securityCredentialsProvider == nil && (!canRetrieveRegionFromEnvironment() || !canRetrieveSecurityCredentialFromEnvironment()) -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/executable_provider.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/executable_provider.go deleted file mode 100644 index d5765c47..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/executable_provider.go +++ /dev/null @@ -1,284 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccount - -import ( - "bytes" - "context" - "encoding/json" - "errors" - "fmt" - "net/http" - "os" - "os/exec" - "regexp" - "strings" - "time" - - "cloud.google.com/go/auth/internal" -) - -const ( - executableSupportedMaxVersion = 1 - executableDefaultTimeout = 30 * time.Second - executableSource = "response" - executableProviderType = "executable" - outputFileSource = "output file" - - allowExecutablesEnvVar = "GOOGLE_EXTERNAL_ACCOUNT_ALLOW_EXECUTABLES" - - jwtTokenType = "urn:ietf:params:oauth:token-type:jwt" - idTokenType = "urn:ietf:params:oauth:token-type:id_token" - saml2TokenType = "urn:ietf:params:oauth:token-type:saml2" -) - -var ( - serviceAccountImpersonationRE = regexp.MustCompile(`https://iamcredentials..+/v1/projects/-/serviceAccounts/(.*@.*):generateAccessToken`) -) - -type nonCacheableError struct { - message string -} - -func (nce nonCacheableError) Error() string { - return nce.message -} - -// environment is a contract for testing -type environment interface { - existingEnv() []string - getenv(string) string - run(ctx context.Context, command string, env []string) ([]byte, error) - now() time.Time -} - -type runtimeEnvironment struct{} - -func (r runtimeEnvironment) existingEnv() []string { - return os.Environ() -} -func (r runtimeEnvironment) getenv(key string) string { - return os.Getenv(key) -} -func (r runtimeEnvironment) now() time.Time { - return time.Now().UTC() -} - -func (r runtimeEnvironment) run(ctx context.Context, command string, env []string) ([]byte, error) { - splitCommand := strings.Fields(command) - cmd := exec.CommandContext(ctx, splitCommand[0], splitCommand[1:]...) - cmd.Env = env - - var stdout, stderr bytes.Buffer - cmd.Stdout = &stdout - cmd.Stderr = &stderr - - if err := cmd.Run(); err != nil { - if ctx.Err() == context.DeadlineExceeded { - return nil, context.DeadlineExceeded - } - if exitError, ok := err.(*exec.ExitError); ok { - return nil, exitCodeError(exitError) - } - return nil, executableError(err) - } - - bytesStdout := bytes.TrimSpace(stdout.Bytes()) - if len(bytesStdout) > 0 { - return bytesStdout, nil - } - return bytes.TrimSpace(stderr.Bytes()), nil -} - -type executableSubjectProvider struct { - Command string - Timeout time.Duration - OutputFile string - client *http.Client - opts *Options - env environment -} - -type executableResponse struct { - Version int `json:"version,omitempty"` - Success *bool `json:"success,omitempty"` - TokenType string `json:"token_type,omitempty"` - ExpirationTime int64 `json:"expiration_time,omitempty"` - IDToken string `json:"id_token,omitempty"` - SamlResponse string `json:"saml_response,omitempty"` - Code string `json:"code,omitempty"` - Message string `json:"message,omitempty"` -} - -func (sp *executableSubjectProvider) parseSubjectTokenFromSource(response []byte, source string, now int64) (string, error) { - var result executableResponse - if err := json.Unmarshal(response, &result); err != nil { - return "", jsonParsingError(source, string(response)) - } - // Validate - if result.Version == 0 { - return "", missingFieldError(source, "version") - } - if result.Success == nil { - return "", missingFieldError(source, "success") - } - if !*result.Success { - if result.Code == "" || result.Message == "" { - return "", malformedFailureError() - } - return "", userDefinedError(result.Code, result.Message) - } - if result.Version > executableSupportedMaxVersion || result.Version < 0 { - return "", unsupportedVersionError(source, result.Version) - } - if result.ExpirationTime == 0 && sp.OutputFile != "" { - return "", missingFieldError(source, "expiration_time") - } - if result.TokenType == "" { - return "", missingFieldError(source, "token_type") - } - if result.ExpirationTime != 0 && result.ExpirationTime < now { - return "", tokenExpiredError() - } - - switch result.TokenType { - case jwtTokenType, idTokenType: - if result.IDToken == "" { - return "", missingFieldError(source, "id_token") - } - return result.IDToken, nil - case saml2TokenType: - if result.SamlResponse == "" { - return "", missingFieldError(source, "saml_response") - } - return result.SamlResponse, nil - default: - return "", tokenTypeError(source) - } -} - -func (sp *executableSubjectProvider) subjectToken(ctx context.Context) (string, error) { - if token, err := sp.getTokenFromOutputFile(); token != "" || err != nil { - return token, err - } - return sp.getTokenFromExecutableCommand(ctx) -} - -func (sp *executableSubjectProvider) providerType() string { - return executableProviderType -} - -func (sp *executableSubjectProvider) getTokenFromOutputFile() (token string, err error) { - if sp.OutputFile == "" { - // This ExecutableCredentialSource doesn't use an OutputFile. - return "", nil - } - - file, err := os.Open(sp.OutputFile) - if err != nil { - // No OutputFile found. Hasn't been created yet, so skip it. - return "", nil - } - defer file.Close() - - data, err := internal.ReadAll(file) - if err != nil || len(data) == 0 { - // Cachefile exists, but no data found. Get new credential. - return "", nil - } - - token, err = sp.parseSubjectTokenFromSource(data, outputFileSource, sp.env.now().Unix()) - if err != nil { - if _, ok := err.(nonCacheableError); ok { - // If the cached token is expired we need a new token, - // and if the cache contains a failure, we need to try again. - return "", nil - } - - // There was an error in the cached token, and the developer should be aware of it. - return "", err - } - // Token parsing succeeded. Use found token. - return token, nil -} - -func (sp *executableSubjectProvider) executableEnvironment() []string { - result := sp.env.existingEnv() - result = append(result, fmt.Sprintf("GOOGLE_EXTERNAL_ACCOUNT_AUDIENCE=%v", sp.opts.Audience)) - result = append(result, fmt.Sprintf("GOOGLE_EXTERNAL_ACCOUNT_TOKEN_TYPE=%v", sp.opts.SubjectTokenType)) - result = append(result, "GOOGLE_EXTERNAL_ACCOUNT_INTERACTIVE=0") - if sp.opts.ServiceAccountImpersonationURL != "" { - matches := serviceAccountImpersonationRE.FindStringSubmatch(sp.opts.ServiceAccountImpersonationURL) - if matches != nil { - result = append(result, fmt.Sprintf("GOOGLE_EXTERNAL_ACCOUNT_IMPERSONATED_EMAIL=%v", matches[1])) - } - } - if sp.OutputFile != "" { - result = append(result, fmt.Sprintf("GOOGLE_EXTERNAL_ACCOUNT_OUTPUT_FILE=%v", sp.OutputFile)) - } - return result -} - -func (sp *executableSubjectProvider) getTokenFromExecutableCommand(ctx context.Context) (string, error) { - // For security reasons, we need our consumers to set this environment variable to allow executables to be run. - if sp.env.getenv(allowExecutablesEnvVar) != "1" { - return "", errors.New("credentials: executables need to be explicitly allowed (set GOOGLE_EXTERNAL_ACCOUNT_ALLOW_EXECUTABLES to '1') to run") - } - - ctx, cancel := context.WithDeadline(ctx, sp.env.now().Add(sp.Timeout)) - defer cancel() - - output, err := sp.env.run(ctx, sp.Command, sp.executableEnvironment()) - if err != nil { - return "", err - } - return sp.parseSubjectTokenFromSource(output, executableSource, sp.env.now().Unix()) -} - -func missingFieldError(source, field string) error { - return fmt.Errorf("credentials: %q missing %q field", source, field) -} - -func jsonParsingError(source, data string) error { - return fmt.Errorf("credentials: unable to parse %q: %v", source, data) -} - -func malformedFailureError() error { - return nonCacheableError{"credentials: response must include `error` and `message` fields when unsuccessful"} -} - -func userDefinedError(code, message string) error { - return nonCacheableError{fmt.Sprintf("credentials: response contains unsuccessful response: (%v) %v", code, message)} -} - -func unsupportedVersionError(source string, version int) error { - return fmt.Errorf("credentials: %v contains unsupported version: %v", source, version) -} - -func tokenExpiredError() error { - return nonCacheableError{"credentials: the token returned by the executable is expired"} -} - -func tokenTypeError(source string) error { - return fmt.Errorf("credentials: %v contains unsupported token type", source) -} - -func exitCodeError(err *exec.ExitError) error { - return fmt.Errorf("credentials: executable command failed with exit code %v: %w", err.ExitCode(), err) -} - -func executableError(err error) error { - return fmt.Errorf("credentials: executable command failed: %w", err) -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/externalaccount.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/externalaccount.go deleted file mode 100644 index a8220642..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/externalaccount.go +++ /dev/null @@ -1,428 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccount - -import ( - "context" - "errors" - "fmt" - "log/slog" - "net/http" - "regexp" - "strconv" - "strings" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/credentials/internal/impersonate" - "cloud.google.com/go/auth/credentials/internal/stsexchange" - "cloud.google.com/go/auth/internal/credsfile" - "github.com/googleapis/gax-go/v2/internallog" -) - -const ( - timeoutMinimum = 5 * time.Second - timeoutMaximum = 120 * time.Second - - universeDomainPlaceholder = "UNIVERSE_DOMAIN" - defaultTokenURL = "https://sts.UNIVERSE_DOMAIN/v1/token" - defaultUniverseDomain = "googleapis.com" -) - -var ( - // Now aliases time.Now for testing - Now = func() time.Time { - return time.Now().UTC() - } - validWorkforceAudiencePattern *regexp.Regexp = regexp.MustCompile(`//iam\.googleapis\.com/locations/[^/]+/workforcePools/`) -) - -// Options stores the configuration for fetching tokens with external credentials. -type Options struct { - // Audience is the Secure Token Service (STS) audience which contains the resource name for the workload - // identity pool or the workforce pool and the provider identifier in that pool. - Audience string - // SubjectTokenType is the STS token type based on the Oauth2.0 token exchange spec - // e.g. `urn:ietf:params:oauth:token-type:jwt`. - SubjectTokenType string - // TokenURL is the STS token exchange endpoint. - TokenURL string - // TokenInfoURL is the token_info endpoint used to retrieve the account related information ( - // user attributes like account identifier, eg. email, username, uid, etc). This is - // needed for gCloud session account identification. - TokenInfoURL string - // ServiceAccountImpersonationURL is the URL for the service account impersonation request. This is only - // required for workload identity pools when APIs to be accessed have not integrated with UberMint. - ServiceAccountImpersonationURL string - // ServiceAccountImpersonationLifetimeSeconds is the number of seconds the service account impersonation - // token will be valid for. - ServiceAccountImpersonationLifetimeSeconds int - // ClientSecret is currently only required if token_info endpoint also - // needs to be called with the generated GCP access token. When provided, STS will be - // called with additional basic authentication using client_id as username and client_secret as password. - ClientSecret string - // ClientID is only required in conjunction with ClientSecret, as described above. - ClientID string - // CredentialSource contains the necessary information to retrieve the token itself, as well - // as some environmental information. - CredentialSource *credsfile.CredentialSource - // QuotaProjectID is injected by gCloud. If the value is non-empty, the Auth libraries - // will set the x-goog-user-project which overrides the project associated with the credentials. - QuotaProjectID string - // Scopes contains the desired scopes for the returned access token. - Scopes []string - // WorkforcePoolUserProject should be set when it is a workforce pool and - // not a workload identity pool. The underlying principal must still have - // serviceusage.services.use IAM permission to use the project for - // billing/quota. Optional. - WorkforcePoolUserProject string - // UniverseDomain is the default service domain for a given Cloud universe. - // This value will be used in the default STS token URL. The default value - // is "googleapis.com". It will not be used if TokenURL is set. Optional. - UniverseDomain string - // SubjectTokenProvider is an optional token provider for OIDC/SAML - // credentials. One of SubjectTokenProvider, AWSSecurityCredentialProvider - // or CredentialSource must be provided. Optional. - SubjectTokenProvider SubjectTokenProvider - // AwsSecurityCredentialsProvider is an AWS Security Credential provider - // for AWS credentials. One of SubjectTokenProvider, - // AWSSecurityCredentialProvider or CredentialSource must be provided. Optional. - AwsSecurityCredentialsProvider AwsSecurityCredentialsProvider - // Client for token request. - Client *http.Client - // IsDefaultClient marks whether the client passed in is a default client that can be overriden. - // This is important for X509 credentials which should create a new client if the default was used - // but should respect a client explicitly passed in by the user. - IsDefaultClient bool - // Logger is used for debug logging. If provided, logging will be enabled - // at the loggers configured level. By default logging is disabled unless - // enabled by setting GOOGLE_SDK_GO_LOGGING_LEVEL in which case a default - // logger will be used. Optional. - Logger *slog.Logger -} - -// SubjectTokenProvider can be used to supply a subject token to exchange for a -// GCP access token. -type SubjectTokenProvider interface { - // SubjectToken should return a valid subject token or an error. - // The external account token provider does not cache the returned subject - // token, so caching logic should be implemented in the provider to prevent - // multiple requests for the same subject token. - SubjectToken(ctx context.Context, opts *RequestOptions) (string, error) -} - -// RequestOptions contains information about the requested subject token or AWS -// security credentials from the Google external account credential. -type RequestOptions struct { - // Audience is the requested audience for the external account credential. - Audience string - // Subject token type is the requested subject token type for the external - // account credential. Expected values include: - // “urn:ietf:params:oauth:token-type:jwt” - // “urn:ietf:params:oauth:token-type:id-token” - // “urn:ietf:params:oauth:token-type:saml2” - // “urn:ietf:params:aws:token-type:aws4_request” - SubjectTokenType string -} - -// AwsSecurityCredentialsProvider can be used to supply AwsSecurityCredentials -// and an AWS Region to exchange for a GCP access token. -type AwsSecurityCredentialsProvider interface { - // AwsRegion should return the AWS region or an error. - AwsRegion(ctx context.Context, opts *RequestOptions) (string, error) - // GetAwsSecurityCredentials should return a valid set of - // AwsSecurityCredentials or an error. The external account token provider - // does not cache the returned security credentials, so caching logic should - // be implemented in the provider to prevent multiple requests for the - // same security credentials. - AwsSecurityCredentials(ctx context.Context, opts *RequestOptions) (*AwsSecurityCredentials, error) -} - -// AwsSecurityCredentials models AWS security credentials. -type AwsSecurityCredentials struct { - // AccessKeyId is the AWS Access Key ID - Required. - AccessKeyID string `json:"AccessKeyID"` - // SecretAccessKey is the AWS Secret Access Key - Required. - SecretAccessKey string `json:"SecretAccessKey"` - // SessionToken is the AWS Session token. This should be provided for - // temporary AWS security credentials - Optional. - SessionToken string `json:"Token"` -} - -func (o *Options) validate() error { - if o.Audience == "" { - return fmt.Errorf("externalaccount: Audience must be set") - } - if o.SubjectTokenType == "" { - return fmt.Errorf("externalaccount: Subject token type must be set") - } - if o.WorkforcePoolUserProject != "" { - if valid := validWorkforceAudiencePattern.MatchString(o.Audience); !valid { - return fmt.Errorf("externalaccount: workforce_pool_user_project should not be set for non-workforce pool credentials") - } - } - count := 0 - if o.CredentialSource != nil { - count++ - } - if o.SubjectTokenProvider != nil { - count++ - } - if o.AwsSecurityCredentialsProvider != nil { - count++ - } - if count == 0 { - return fmt.Errorf("externalaccount: one of CredentialSource, SubjectTokenProvider, or AwsSecurityCredentialsProvider must be set") - } - if count > 1 { - return fmt.Errorf("externalaccount: only one of CredentialSource, SubjectTokenProvider, or AwsSecurityCredentialsProvider must be set") - } - return nil -} - -// client returns the http client that should be used for the token exchange. If a non-default client -// is provided, then the client configured in the options will always be returned. If a default client -// is provided and the options are configured for X509 credentials, a new client will be created. -func (o *Options) client() (*http.Client, error) { - // If a client was provided and no override certificate config location was provided, use the provided client. - if o.CredentialSource == nil || o.CredentialSource.Certificate == nil || (!o.IsDefaultClient && o.CredentialSource.Certificate.CertificateConfigLocation == "") { - return o.Client, nil - } - - // If a new client should be created, validate and use the certificate source to create a new mTLS client. - cert := o.CredentialSource.Certificate - if !cert.UseDefaultCertificateConfig && cert.CertificateConfigLocation == "" { - return nil, errors.New("credentials: \"certificate\" object must either specify a certificate_config_location or use_default_certificate_config should be true") - } - if cert.UseDefaultCertificateConfig && cert.CertificateConfigLocation != "" { - return nil, errors.New("credentials: \"certificate\" object cannot specify both a certificate_config_location and use_default_certificate_config=true") - } - return createX509Client(cert.CertificateConfigLocation) -} - -// resolveTokenURL sets the default STS token endpoint with the configured -// universe domain. -func (o *Options) resolveTokenURL() { - if o.TokenURL != "" { - return - } else if o.UniverseDomain != "" { - o.TokenURL = strings.Replace(defaultTokenURL, universeDomainPlaceholder, o.UniverseDomain, 1) - } else { - o.TokenURL = strings.Replace(defaultTokenURL, universeDomainPlaceholder, defaultUniverseDomain, 1) - } -} - -// NewTokenProvider returns a [cloud.google.com/go/auth.TokenProvider] -// configured with the provided options. -func NewTokenProvider(opts *Options) (auth.TokenProvider, error) { - if err := opts.validate(); err != nil { - return nil, err - } - opts.resolveTokenURL() - logger := internallog.New(opts.Logger) - stp, err := newSubjectTokenProvider(opts) - if err != nil { - return nil, err - } - - client, err := opts.client() - if err != nil { - return nil, err - } - - tp := &tokenProvider{ - client: client, - opts: opts, - stp: stp, - logger: logger, - } - - if opts.ServiceAccountImpersonationURL == "" { - return auth.NewCachedTokenProvider(tp, nil), nil - } - - scopes := make([]string, len(opts.Scopes)) - copy(scopes, opts.Scopes) - // needed for impersonation - tp.opts.Scopes = []string{"https://www.googleapis.com/auth/cloud-platform"} - imp, err := impersonate.NewTokenProvider(&impersonate.Options{ - Client: client, - URL: opts.ServiceAccountImpersonationURL, - Scopes: scopes, - Tp: auth.NewCachedTokenProvider(tp, nil), - TokenLifetimeSeconds: opts.ServiceAccountImpersonationLifetimeSeconds, - Logger: logger, - }) - if err != nil { - return nil, err - } - return auth.NewCachedTokenProvider(imp, nil), nil -} - -type subjectTokenProvider interface { - subjectToken(ctx context.Context) (string, error) - providerType() string -} - -// tokenProvider is the provider that handles external credentials. It is used to retrieve Tokens. -type tokenProvider struct { - client *http.Client - logger *slog.Logger - opts *Options - stp subjectTokenProvider -} - -func (tp *tokenProvider) Token(ctx context.Context) (*auth.Token, error) { - subjectToken, err := tp.stp.subjectToken(ctx) - if err != nil { - return nil, err - } - - stsRequest := &stsexchange.TokenRequest{ - GrantType: stsexchange.GrantType, - Audience: tp.opts.Audience, - Scope: tp.opts.Scopes, - RequestedTokenType: stsexchange.TokenType, - SubjectToken: subjectToken, - SubjectTokenType: tp.opts.SubjectTokenType, - } - header := make(http.Header) - header.Set("Content-Type", "application/x-www-form-urlencoded") - header.Add("x-goog-api-client", getGoogHeaderValue(tp.opts, tp.stp)) - clientAuth := stsexchange.ClientAuthentication{ - AuthStyle: auth.StyleInHeader, - ClientID: tp.opts.ClientID, - ClientSecret: tp.opts.ClientSecret, - } - var options map[string]interface{} - // Do not pass workforce_pool_user_project when client authentication is used. - // The client ID is sufficient for determining the user project. - if tp.opts.WorkforcePoolUserProject != "" && tp.opts.ClientID == "" { - options = map[string]interface{}{ - "userProject": tp.opts.WorkforcePoolUserProject, - } - } - stsResp, err := stsexchange.ExchangeToken(ctx, &stsexchange.Options{ - Client: tp.client, - Endpoint: tp.opts.TokenURL, - Request: stsRequest, - Authentication: clientAuth, - Headers: header, - ExtraOpts: options, - Logger: tp.logger, - }) - if err != nil { - return nil, err - } - - tok := &auth.Token{ - Value: stsResp.AccessToken, - Type: stsResp.TokenType, - } - // The RFC8693 doesn't define the explicit 0 of "expires_in" field behavior. - if stsResp.ExpiresIn <= 0 { - return nil, fmt.Errorf("credentials: got invalid expiry from security token service") - } - tok.Expiry = Now().Add(time.Duration(stsResp.ExpiresIn) * time.Second) - return tok, nil -} - -// newSubjectTokenProvider determines the type of credsfile.CredentialSource needed to create a -// subjectTokenProvider -func newSubjectTokenProvider(o *Options) (subjectTokenProvider, error) { - logger := internallog.New(o.Logger) - reqOpts := &RequestOptions{Audience: o.Audience, SubjectTokenType: o.SubjectTokenType} - if o.AwsSecurityCredentialsProvider != nil { - return &awsSubjectProvider{ - securityCredentialsProvider: o.AwsSecurityCredentialsProvider, - TargetResource: o.Audience, - reqOpts: reqOpts, - logger: logger, - }, nil - } else if o.SubjectTokenProvider != nil { - return &programmaticProvider{stp: o.SubjectTokenProvider, opts: reqOpts}, nil - } else if len(o.CredentialSource.EnvironmentID) > 3 && o.CredentialSource.EnvironmentID[:3] == "aws" { - if awsVersion, err := strconv.Atoi(o.CredentialSource.EnvironmentID[3:]); err == nil { - if awsVersion != 1 { - return nil, fmt.Errorf("credentials: aws version '%d' is not supported in the current build", awsVersion) - } - - awsProvider := &awsSubjectProvider{ - EnvironmentID: o.CredentialSource.EnvironmentID, - RegionURL: o.CredentialSource.RegionURL, - RegionalCredVerificationURL: o.CredentialSource.RegionalCredVerificationURL, - CredVerificationURL: o.CredentialSource.URL, - TargetResource: o.Audience, - Client: o.Client, - logger: logger, - } - if o.CredentialSource.IMDSv2SessionTokenURL != "" { - awsProvider.IMDSv2SessionTokenURL = o.CredentialSource.IMDSv2SessionTokenURL - } - - return awsProvider, nil - } - } else if o.CredentialSource.File != "" { - return &fileSubjectProvider{File: o.CredentialSource.File, Format: o.CredentialSource.Format}, nil - } else if o.CredentialSource.URL != "" { - return &urlSubjectProvider{ - URL: o.CredentialSource.URL, - Headers: o.CredentialSource.Headers, - Format: o.CredentialSource.Format, - Client: o.Client, - Logger: logger, - }, nil - } else if o.CredentialSource.Executable != nil { - ec := o.CredentialSource.Executable - if ec.Command == "" { - return nil, errors.New("credentials: missing `command` field — executable command must be provided") - } - - execProvider := &executableSubjectProvider{} - execProvider.Command = ec.Command - if ec.TimeoutMillis == 0 { - execProvider.Timeout = executableDefaultTimeout - } else { - execProvider.Timeout = time.Duration(ec.TimeoutMillis) * time.Millisecond - if execProvider.Timeout < timeoutMinimum || execProvider.Timeout > timeoutMaximum { - return nil, fmt.Errorf("credentials: invalid `timeout_millis` field — executable timeout must be between %v and %v seconds", timeoutMinimum.Seconds(), timeoutMaximum.Seconds()) - } - } - execProvider.OutputFile = ec.OutputFile - execProvider.client = o.Client - execProvider.opts = o - execProvider.env = runtimeEnvironment{} - return execProvider, nil - } else if o.CredentialSource.Certificate != nil { - cert := o.CredentialSource.Certificate - if !cert.UseDefaultCertificateConfig && cert.CertificateConfigLocation == "" { - return nil, errors.New("credentials: \"certificate\" object must either specify a certificate_config_location or use_default_certificate_config should be true") - } - if cert.UseDefaultCertificateConfig && cert.CertificateConfigLocation != "" { - return nil, errors.New("credentials: \"certificate\" object cannot specify both a certificate_config_location and use_default_certificate_config=true") - } - return &x509Provider{}, nil - } - return nil, errors.New("credentials: unable to parse credential source") -} - -func getGoogHeaderValue(conf *Options, p subjectTokenProvider) string { - return fmt.Sprintf("gl-go/%s auth/%s google-byoid-sdk source/%s sa-impersonation/%t config-lifetime/%t", - goVersion(), - "unknown", - p.providerType(), - conf.ServiceAccountImpersonationURL != "", - conf.ServiceAccountImpersonationLifetimeSeconds != 0) -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/file_provider.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/file_provider.go deleted file mode 100644 index 8186939f..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/file_provider.go +++ /dev/null @@ -1,78 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccount - -import ( - "bytes" - "context" - "encoding/json" - "errors" - "fmt" - "os" - - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/credsfile" -) - -const ( - fileProviderType = "file" -) - -type fileSubjectProvider struct { - File string - Format *credsfile.Format -} - -func (sp *fileSubjectProvider) subjectToken(context.Context) (string, error) { - tokenFile, err := os.Open(sp.File) - if err != nil { - return "", fmt.Errorf("credentials: failed to open credential file %q: %w", sp.File, err) - } - defer tokenFile.Close() - tokenBytes, err := internal.ReadAll(tokenFile) - if err != nil { - return "", fmt.Errorf("credentials: failed to read credential file: %w", err) - } - tokenBytes = bytes.TrimSpace(tokenBytes) - - if sp.Format == nil { - return string(tokenBytes), nil - } - switch sp.Format.Type { - case fileTypeJSON: - jsonData := make(map[string]interface{}) - err = json.Unmarshal(tokenBytes, &jsonData) - if err != nil { - return "", fmt.Errorf("credentials: failed to unmarshal subject token file: %w", err) - } - val, ok := jsonData[sp.Format.SubjectTokenFieldName] - if !ok { - return "", errors.New("credentials: provided subject_token_field_name not found in credentials") - } - token, ok := val.(string) - if !ok { - return "", errors.New("credentials: improperly formatted subject token") - } - return token, nil - case fileTypeText: - return string(tokenBytes), nil - default: - return "", errors.New("credentials: invalid credential_source file format type: " + sp.Format.Type) - } -} - -func (sp *fileSubjectProvider) providerType() string { - return fileProviderType -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/info.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/info.go deleted file mode 100644 index 8e4b4379..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/info.go +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccount - -import ( - "runtime" - "strings" - "unicode" -) - -var ( - // version is a package internal global variable for testing purposes. - version = runtime.Version -) - -// versionUnknown is only used when the runtime version cannot be determined. -const versionUnknown = "UNKNOWN" - -// goVersion returns a Go runtime version derived from the runtime environment -// that is modified to be suitable for reporting in a header, meaning it has no -// whitespace. If it is unable to determine the Go runtime version, it returns -// versionUnknown. -func goVersion() string { - const develPrefix = "devel +" - - s := version() - if strings.HasPrefix(s, develPrefix) { - s = s[len(develPrefix):] - if p := strings.IndexFunc(s, unicode.IsSpace); p >= 0 { - s = s[:p] - } - return s - } else if p := strings.IndexFunc(s, unicode.IsSpace); p >= 0 { - s = s[:p] - } - - notSemverRune := func(r rune) bool { - return !strings.ContainsRune("0123456789.", r) - } - - if strings.HasPrefix(s, "go1") { - s = s[2:] - var prerelease string - if p := strings.IndexFunc(s, notSemverRune); p >= 0 { - s, prerelease = s[:p], s[p:] - } - if strings.HasSuffix(s, ".") { - s += "0" - } else if strings.Count(s, ".") < 2 { - s += ".0" - } - if prerelease != "" { - // Some release candidates already have a dash in them. - if !strings.HasPrefix(prerelease, "-") { - prerelease = "-" + prerelease - } - s += prerelease - } - return s - } - return versionUnknown -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/programmatic_provider.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/programmatic_provider.go deleted file mode 100644 index be3c8735..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/programmatic_provider.go +++ /dev/null @@ -1,30 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccount - -import "context" - -type programmaticProvider struct { - opts *RequestOptions - stp SubjectTokenProvider -} - -func (pp *programmaticProvider) providerType() string { - return programmaticProviderType -} - -func (pp *programmaticProvider) subjectToken(ctx context.Context) (string, error) { - return pp.stp.SubjectToken(ctx, pp.opts) -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/url_provider.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/url_provider.go deleted file mode 100644 index 754ecf4f..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/url_provider.go +++ /dev/null @@ -1,93 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccount - -import ( - "context" - "encoding/json" - "errors" - "fmt" - "log/slog" - "net/http" - - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/credsfile" - "github.com/googleapis/gax-go/v2/internallog" -) - -const ( - fileTypeText = "text" - fileTypeJSON = "json" - urlProviderType = "url" - programmaticProviderType = "programmatic" - x509ProviderType = "x509" -) - -type urlSubjectProvider struct { - URL string - Headers map[string]string - Format *credsfile.Format - Client *http.Client - Logger *slog.Logger -} - -func (sp *urlSubjectProvider) subjectToken(ctx context.Context) (string, error) { - req, err := http.NewRequestWithContext(ctx, "GET", sp.URL, nil) - if err != nil { - return "", fmt.Errorf("credentials: HTTP request for URL-sourced credential failed: %w", err) - } - - for key, val := range sp.Headers { - req.Header.Add(key, val) - } - sp.Logger.DebugContext(ctx, "url subject token request", "request", internallog.HTTPRequest(req, nil)) - resp, body, err := internal.DoRequest(sp.Client, req) - if err != nil { - return "", fmt.Errorf("credentials: invalid response when retrieving subject token: %w", err) - } - sp.Logger.DebugContext(ctx, "url subject token response", "response", internallog.HTTPResponse(resp, body)) - if c := resp.StatusCode; c < http.StatusOK || c >= http.StatusMultipleChoices { - return "", fmt.Errorf("credentials: status code %d: %s", c, body) - } - - if sp.Format == nil { - return string(body), nil - } - switch sp.Format.Type { - case "json": - jsonData := make(map[string]interface{}) - err = json.Unmarshal(body, &jsonData) - if err != nil { - return "", fmt.Errorf("credentials: failed to unmarshal subject token file: %w", err) - } - val, ok := jsonData[sp.Format.SubjectTokenFieldName] - if !ok { - return "", errors.New("credentials: provided subject_token_field_name not found in credentials") - } - token, ok := val.(string) - if !ok { - return "", errors.New("credentials: improperly formatted subject token") - } - return token, nil - case fileTypeText: - return string(body), nil - default: - return "", errors.New("credentials: invalid credential_source file format type: " + sp.Format.Type) - } -} - -func (sp *urlSubjectProvider) providerType() string { - return urlProviderType -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/x509_provider.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/x509_provider.go deleted file mode 100644 index 115df588..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccount/x509_provider.go +++ /dev/null @@ -1,63 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccount - -import ( - "context" - "crypto/tls" - "net/http" - "time" - - "cloud.google.com/go/auth/internal/transport/cert" -) - -// x509Provider implements the subjectTokenProvider type for -// x509 workload identity credentials. Because x509 credentials -// rely on an mTLS connection to represent the 3rd party identity -// rather than a subject token, this provider will always return -// an empty string when a subject token is requested by the external account -// token provider. -type x509Provider struct { -} - -func (xp *x509Provider) providerType() string { - return x509ProviderType -} - -func (xp *x509Provider) subjectToken(ctx context.Context) (string, error) { - return "", nil -} - -// createX509Client creates a new client that is configured with mTLS, using the -// certificate configuration specified in the credential source. -func createX509Client(certificateConfigLocation string) (*http.Client, error) { - certProvider, err := cert.NewWorkloadX509CertProvider(certificateConfigLocation) - if err != nil { - return nil, err - } - trans := http.DefaultTransport.(*http.Transport).Clone() - - trans.TLSClientConfig = &tls.Config{ - GetClientCertificate: certProvider, - } - - // Create a client with default settings plus the X509 workload cert and key. - client := &http.Client{ - Transport: trans, - Timeout: 30 * time.Second, - } - - return client, nil -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccountuser/externalaccountuser.go b/vendor/cloud.google.com/go/auth/credentials/internal/externalaccountuser/externalaccountuser.go deleted file mode 100644 index ae39206e..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/externalaccountuser/externalaccountuser.go +++ /dev/null @@ -1,115 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package externalaccountuser - -import ( - "context" - "errors" - "log/slog" - "net/http" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/credentials/internal/stsexchange" - "cloud.google.com/go/auth/internal" - "github.com/googleapis/gax-go/v2/internallog" -) - -// Options stores the configuration for fetching tokens with external authorized -// user credentials. -type Options struct { - // Audience is the Secure Token Service (STS) audience which contains the - // resource name for the workforce pool and the provider identifier in that - // pool. - Audience string - // RefreshToken is the OAuth 2.0 refresh token. - RefreshToken string - // TokenURL is the STS token exchange endpoint for refresh. - TokenURL string - // TokenInfoURL is the STS endpoint URL for token introspection. Optional. - TokenInfoURL string - // ClientID is only required in conjunction with ClientSecret, as described - // below. - ClientID string - // ClientSecret is currently only required if token_info endpoint also needs - // to be called with the generated a cloud access token. When provided, STS - // will be called with additional basic authentication using client_id as - // username and client_secret as password. - ClientSecret string - // Scopes contains the desired scopes for the returned access token. - Scopes []string - - // Client for token request. - Client *http.Client - // Logger for logging. - Logger *slog.Logger -} - -func (c *Options) validate() bool { - return c.ClientID != "" && c.ClientSecret != "" && c.RefreshToken != "" && c.TokenURL != "" -} - -// NewTokenProvider returns a [cloud.google.com/go/auth.TokenProvider] -// configured with the provided options. -func NewTokenProvider(opts *Options) (auth.TokenProvider, error) { - if !opts.validate() { - return nil, errors.New("credentials: invalid external_account_authorized_user configuration") - } - - tp := &tokenProvider{ - o: opts, - } - return auth.NewCachedTokenProvider(tp, nil), nil -} - -type tokenProvider struct { - o *Options -} - -func (tp *tokenProvider) Token(ctx context.Context) (*auth.Token, error) { - opts := tp.o - - clientAuth := stsexchange.ClientAuthentication{ - AuthStyle: auth.StyleInHeader, - ClientID: opts.ClientID, - ClientSecret: opts.ClientSecret, - } - headers := make(http.Header) - headers.Set("Content-Type", "application/x-www-form-urlencoded") - stsResponse, err := stsexchange.RefreshAccessToken(ctx, &stsexchange.Options{ - Client: opts.Client, - Endpoint: opts.TokenURL, - RefreshToken: opts.RefreshToken, - Authentication: clientAuth, - Headers: headers, - Logger: internallog.New(tp.o.Logger), - }) - if err != nil { - return nil, err - } - if stsResponse.ExpiresIn < 0 { - return nil, errors.New("credentials: invalid expiry from security token service") - } - - // guarded by the wrapping with CachedTokenProvider - if stsResponse.RefreshToken != "" { - opts.RefreshToken = stsResponse.RefreshToken - } - return &auth.Token{ - Value: stsResponse.AccessToken, - Expiry: time.Now().UTC().Add(time.Duration(stsResponse.ExpiresIn) * time.Second), - Type: internal.TokenTypeBearer, - }, nil -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/gdch/gdch.go b/vendor/cloud.google.com/go/auth/credentials/internal/gdch/gdch.go deleted file mode 100644 index c2d320fd..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/gdch/gdch.go +++ /dev/null @@ -1,191 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package gdch - -import ( - "context" - "crypto" - "crypto/tls" - "crypto/x509" - "encoding/json" - "errors" - "fmt" - "log/slog" - "net/http" - "net/url" - "os" - "strings" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/credsfile" - "cloud.google.com/go/auth/internal/jwt" - "github.com/googleapis/gax-go/v2/internallog" -) - -const ( - // GrantType is the grant type for the token request. - GrantType = "urn:ietf:params:oauth:token-type:token-exchange" - requestTokenType = "urn:ietf:params:oauth:token-type:access_token" - subjectTokenType = "urn:k8s:params:oauth:token-type:serviceaccount" -) - -var ( - gdchSupportFormatVersions map[string]bool = map[string]bool{ - "1": true, - } -) - -// Options for [NewTokenProvider]. -type Options struct { - STSAudience string - Client *http.Client - Logger *slog.Logger -} - -// NewTokenProvider returns a [cloud.google.com/go/auth.TokenProvider] from a -// GDCH cred file. -func NewTokenProvider(f *credsfile.GDCHServiceAccountFile, o *Options) (auth.TokenProvider, error) { - if !gdchSupportFormatVersions[f.FormatVersion] { - return nil, fmt.Errorf("credentials: unsupported gdch_service_account format %q", f.FormatVersion) - } - if o.STSAudience == "" { - return nil, errors.New("credentials: STSAudience must be set for the GDCH auth flows") - } - signer, err := internal.ParseKey([]byte(f.PrivateKey)) - if err != nil { - return nil, err - } - certPool, err := loadCertPool(f.CertPath) - if err != nil { - return nil, err - } - - tp := gdchProvider{ - serviceIdentity: fmt.Sprintf("system:serviceaccount:%s:%s", f.Project, f.Name), - tokenURL: f.TokenURL, - aud: o.STSAudience, - signer: signer, - pkID: f.PrivateKeyID, - certPool: certPool, - client: o.Client, - logger: internallog.New(o.Logger), - } - return tp, nil -} - -func loadCertPool(path string) (*x509.CertPool, error) { - pool := x509.NewCertPool() - pem, err := os.ReadFile(path) - if err != nil { - return nil, fmt.Errorf("credentials: failed to read certificate: %w", err) - } - pool.AppendCertsFromPEM(pem) - return pool, nil -} - -type gdchProvider struct { - serviceIdentity string - tokenURL string - aud string - signer crypto.Signer - pkID string - certPool *x509.CertPool - - client *http.Client - logger *slog.Logger -} - -func (g gdchProvider) Token(ctx context.Context) (*auth.Token, error) { - addCertToTransport(g.client, g.certPool) - iat := time.Now() - exp := iat.Add(time.Hour) - claims := jwt.Claims{ - Iss: g.serviceIdentity, - Sub: g.serviceIdentity, - Aud: g.tokenURL, - Iat: iat.Unix(), - Exp: exp.Unix(), - } - h := jwt.Header{ - Algorithm: jwt.HeaderAlgRSA256, - Type: jwt.HeaderType, - KeyID: string(g.pkID), - } - payload, err := jwt.EncodeJWS(&h, &claims, g.signer) - if err != nil { - return nil, err - } - v := url.Values{} - v.Set("grant_type", GrantType) - v.Set("audience", g.aud) - v.Set("requested_token_type", requestTokenType) - v.Set("subject_token", payload) - v.Set("subject_token_type", subjectTokenType) - - req, err := http.NewRequestWithContext(ctx, "POST", g.tokenURL, strings.NewReader(v.Encode())) - if err != nil { - return nil, err - } - req.Header.Set("Content-Type", "application/x-www-form-urlencoded") - g.logger.DebugContext(ctx, "gdch token request", "request", internallog.HTTPRequest(req, []byte(v.Encode()))) - resp, body, err := internal.DoRequest(g.client, req) - if err != nil { - return nil, fmt.Errorf("credentials: cannot fetch token: %w", err) - } - g.logger.DebugContext(ctx, "gdch token response", "response", internallog.HTTPResponse(resp, body)) - if c := resp.StatusCode; c < http.StatusOK || c > http.StatusMultipleChoices { - return nil, &auth.Error{ - Response: resp, - Body: body, - } - } - - var tokenRes struct { - AccessToken string `json:"access_token"` - TokenType string `json:"token_type"` - ExpiresIn int64 `json:"expires_in"` // relative seconds from now - } - if err := json.Unmarshal(body, &tokenRes); err != nil { - return nil, fmt.Errorf("credentials: cannot fetch token: %w", err) - } - token := &auth.Token{ - Value: tokenRes.AccessToken, - Type: tokenRes.TokenType, - } - raw := make(map[string]interface{}) - json.Unmarshal(body, &raw) // no error checks for optional fields - token.Metadata = raw - - if secs := tokenRes.ExpiresIn; secs > 0 { - token.Expiry = time.Now().Add(time.Duration(secs) * time.Second) - } - return token, nil -} - -// addCertToTransport makes a best effort attempt at adding in the cert info to -// the client. It tries to keep all configured transport settings if the -// underlying transport is an http.Transport. Or else it overwrites the -// transport with defaults adding in the certs. -func addCertToTransport(hc *http.Client, certPool *x509.CertPool) { - trans, ok := hc.Transport.(*http.Transport) - if !ok { - trans = http.DefaultTransport.(*http.Transport).Clone() - } - trans.TLSClientConfig = &tls.Config{ - RootCAs: certPool, - } -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/impersonate/idtoken.go b/vendor/cloud.google.com/go/auth/credentials/internal/impersonate/idtoken.go deleted file mode 100644 index 705462c1..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/impersonate/idtoken.go +++ /dev/null @@ -1,105 +0,0 @@ -// Copyright 2025 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package impersonate - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "log/slog" - "net/http" - "strings" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/internal" - "github.com/googleapis/gax-go/v2/internallog" -) - -var ( - universeDomainPlaceholder = "UNIVERSE_DOMAIN" - iamCredentialsUniverseDomainEndpoint = "https://iamcredentials.UNIVERSE_DOMAIN" -) - -// IDTokenIAMOptions provides configuration for [IDTokenIAMOptions.Token]. -type IDTokenIAMOptions struct { - // Client is required. - Client *http.Client - // Logger is required. - Logger *slog.Logger - UniverseDomain auth.CredentialsPropertyProvider - ServiceAccountEmail string - GenerateIDTokenRequest -} - -// GenerateIDTokenRequest holds the request to the IAM generateIdToken RPC. -type GenerateIDTokenRequest struct { - Audience string `json:"audience"` - IncludeEmail bool `json:"includeEmail"` - // Delegates are the ordered, fully-qualified resource name for service - // accounts in a delegation chain. Each service account must be granted - // roles/iam.serviceAccountTokenCreator on the next service account in the - // chain. The delegates must have the following format: - // projects/-/serviceAccounts/{ACCOUNT_EMAIL_OR_UNIQUEID}. The - wildcard - // character is required; replacing it with a project ID is invalid. - // Optional. - Delegates []string `json:"delegates,omitempty"` -} - -// GenerateIDTokenResponse holds the response from the IAM generateIdToken RPC. -type GenerateIDTokenResponse struct { - Token string `json:"token"` -} - -// Token call IAM generateIdToken with the configuration provided in [IDTokenIAMOptions]. -func (o IDTokenIAMOptions) Token(ctx context.Context) (*auth.Token, error) { - universeDomain, err := o.UniverseDomain.GetProperty(ctx) - if err != nil { - return nil, err - } - endpoint := strings.Replace(iamCredentialsUniverseDomainEndpoint, universeDomainPlaceholder, universeDomain, 1) - url := fmt.Sprintf("%s/v1/%s:generateIdToken", endpoint, internal.FormatIAMServiceAccountResource(o.ServiceAccountEmail)) - - bodyBytes, err := json.Marshal(o.GenerateIDTokenRequest) - if err != nil { - return nil, fmt.Errorf("impersonate: unable to marshal request: %w", err) - } - - req, err := http.NewRequestWithContext(ctx, "POST", url, bytes.NewReader(bodyBytes)) - if err != nil { - return nil, fmt.Errorf("impersonate: unable to create request: %w", err) - } - req.Header.Set("Content-Type", "application/json") - o.Logger.DebugContext(ctx, "impersonated idtoken request", "request", internallog.HTTPRequest(req, bodyBytes)) - resp, body, err := internal.DoRequest(o.Client, req) - if err != nil { - return nil, fmt.Errorf("impersonate: unable to generate ID token: %w", err) - } - o.Logger.DebugContext(ctx, "impersonated idtoken response", "response", internallog.HTTPResponse(resp, body)) - if c := resp.StatusCode; c < 200 || c > 299 { - return nil, fmt.Errorf("impersonate: status code %d: %s", c, body) - } - - var tokenResp GenerateIDTokenResponse - if err := json.Unmarshal(body, &tokenResp); err != nil { - return nil, fmt.Errorf("impersonate: unable to parse response: %w", err) - } - return &auth.Token{ - Value: tokenResp.Token, - // Generated ID tokens are good for one hour. - Expiry: time.Now().Add(1 * time.Hour), - }, nil -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/impersonate/impersonate.go b/vendor/cloud.google.com/go/auth/credentials/internal/impersonate/impersonate.go deleted file mode 100644 index b3a99261..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/impersonate/impersonate.go +++ /dev/null @@ -1,156 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package impersonate - -import ( - "bytes" - "context" - "encoding/json" - "errors" - "fmt" - "log/slog" - "net/http" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/internal" - "github.com/googleapis/gax-go/v2/internallog" -) - -const ( - defaultTokenLifetime = "3600s" - authHeaderKey = "Authorization" -) - -// generateAccesstokenReq is used for service account impersonation -type generateAccessTokenReq struct { - Delegates []string `json:"delegates,omitempty"` - Lifetime string `json:"lifetime,omitempty"` - Scope []string `json:"scope,omitempty"` -} - -type impersonateTokenResponse struct { - AccessToken string `json:"accessToken"` - ExpireTime string `json:"expireTime"` -} - -// NewTokenProvider uses a source credential, stored in Ts, to request an access token to the provided URL. -// Scopes can be defined when the access token is requested. -func NewTokenProvider(opts *Options) (auth.TokenProvider, error) { - if err := opts.validate(); err != nil { - return nil, err - } - return opts, nil -} - -// Options for [NewTokenProvider]. -type Options struct { - // Tp is the source credential used to generate a token on the - // impersonated service account. Required. - Tp auth.TokenProvider - - // URL is the endpoint to call to generate a token - // on behalf of the service account. Required. - URL string - // Scopes that the impersonated credential should have. Required. - Scopes []string - // Delegates are the service account email addresses in a delegation chain. - // Each service account must be granted roles/iam.serviceAccountTokenCreator - // on the next service account in the chain. Optional. - Delegates []string - // TokenLifetimeSeconds is the number of seconds the impersonation token will - // be valid for. Defaults to 1 hour if unset. Optional. - TokenLifetimeSeconds int - // Client configures the underlying client used to make network requests - // when fetching tokens. Required. - Client *http.Client - // Logger is used for debug logging. If provided, logging will be enabled - // at the loggers configured level. By default logging is disabled unless - // enabled by setting GOOGLE_SDK_GO_LOGGING_LEVEL in which case a default - // logger will be used. Optional. - Logger *slog.Logger -} - -func (o *Options) validate() error { - if o.Tp == nil { - return errors.New("credentials: missing required 'source_credentials' field in impersonated credentials") - } - if o.URL == "" { - return errors.New("credentials: missing required 'service_account_impersonation_url' field in impersonated credentials") - } - return nil -} - -// Token performs the exchange to get a temporary service account token to allow access to GCP. -func (o *Options) Token(ctx context.Context) (*auth.Token, error) { - logger := internallog.New(o.Logger) - lifetime := defaultTokenLifetime - if o.TokenLifetimeSeconds != 0 { - lifetime = fmt.Sprintf("%ds", o.TokenLifetimeSeconds) - } - reqBody := generateAccessTokenReq{ - Lifetime: lifetime, - Scope: o.Scopes, - Delegates: o.Delegates, - } - b, err := json.Marshal(reqBody) - if err != nil { - return nil, fmt.Errorf("credentials: unable to marshal request: %w", err) - } - req, err := http.NewRequestWithContext(ctx, "POST", o.URL, bytes.NewReader(b)) - if err != nil { - return nil, fmt.Errorf("credentials: unable to create impersonation request: %w", err) - } - req.Header.Set("Content-Type", "application/json") - if err := setAuthHeader(ctx, o.Tp, req); err != nil { - return nil, err - } - logger.DebugContext(ctx, "impersonated token request", "request", internallog.HTTPRequest(req, b)) - resp, body, err := internal.DoRequest(o.Client, req) - if err != nil { - return nil, fmt.Errorf("credentials: unable to generate access token: %w", err) - } - logger.DebugContext(ctx, "impersonated token response", "response", internallog.HTTPResponse(resp, body)) - if c := resp.StatusCode; c < http.StatusOK || c >= http.StatusMultipleChoices { - return nil, fmt.Errorf("credentials: status code %d: %s", c, body) - } - - var accessTokenResp impersonateTokenResponse - if err := json.Unmarshal(body, &accessTokenResp); err != nil { - return nil, fmt.Errorf("credentials: unable to parse response: %w", err) - } - expiry, err := time.Parse(time.RFC3339, accessTokenResp.ExpireTime) - if err != nil { - return nil, fmt.Errorf("credentials: unable to parse expiry: %w", err) - } - return &auth.Token{ - Value: accessTokenResp.AccessToken, - Expiry: expiry, - Type: internal.TokenTypeBearer, - }, nil -} - -func setAuthHeader(ctx context.Context, tp auth.TokenProvider, r *http.Request) error { - t, err := tp.Token(ctx) - if err != nil { - return err - } - typ := t.Type - if typ == "" { - typ = internal.TokenTypeBearer - } - r.Header.Set(authHeaderKey, typ+" "+t.Value) - return nil -} diff --git a/vendor/cloud.google.com/go/auth/credentials/internal/stsexchange/sts_exchange.go b/vendor/cloud.google.com/go/auth/credentials/internal/stsexchange/sts_exchange.go deleted file mode 100644 index e1d2b150..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/internal/stsexchange/sts_exchange.go +++ /dev/null @@ -1,167 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package stsexchange - -import ( - "context" - "encoding/base64" - "encoding/json" - "fmt" - "log/slog" - "net/http" - "net/url" - "strconv" - "strings" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/internal" - "github.com/googleapis/gax-go/v2/internallog" -) - -const ( - // GrantType for a sts exchange. - GrantType = "urn:ietf:params:oauth:grant-type:token-exchange" - // TokenType for a sts exchange. - TokenType = "urn:ietf:params:oauth:token-type:access_token" - - jwtTokenType = "urn:ietf:params:oauth:token-type:jwt" -) - -// Options stores the configuration for making an sts exchange request. -type Options struct { - Client *http.Client - Logger *slog.Logger - Endpoint string - Request *TokenRequest - Authentication ClientAuthentication - Headers http.Header - // ExtraOpts are optional fields marshalled into the `options` field of the - // request body. - ExtraOpts map[string]interface{} - RefreshToken string -} - -// RefreshAccessToken performs the token exchange using a refresh token flow. -func RefreshAccessToken(ctx context.Context, opts *Options) (*TokenResponse, error) { - data := url.Values{} - data.Set("grant_type", "refresh_token") - data.Set("refresh_token", opts.RefreshToken) - return doRequest(ctx, opts, data) -} - -// ExchangeToken performs an oauth2 token exchange with the provided endpoint. -func ExchangeToken(ctx context.Context, opts *Options) (*TokenResponse, error) { - data := url.Values{} - data.Set("audience", opts.Request.Audience) - data.Set("grant_type", GrantType) - data.Set("requested_token_type", TokenType) - data.Set("subject_token_type", opts.Request.SubjectTokenType) - data.Set("subject_token", opts.Request.SubjectToken) - data.Set("scope", strings.Join(opts.Request.Scope, " ")) - if opts.ExtraOpts != nil { - opts, err := json.Marshal(opts.ExtraOpts) - if err != nil { - return nil, fmt.Errorf("credentials: failed to marshal additional options: %w", err) - } - data.Set("options", string(opts)) - } - return doRequest(ctx, opts, data) -} - -func doRequest(ctx context.Context, opts *Options, data url.Values) (*TokenResponse, error) { - opts.Authentication.InjectAuthentication(data, opts.Headers) - encodedData := data.Encode() - logger := internallog.New(opts.Logger) - - req, err := http.NewRequestWithContext(ctx, "POST", opts.Endpoint, strings.NewReader(encodedData)) - if err != nil { - return nil, fmt.Errorf("credentials: failed to properly build http request: %w", err) - - } - for key, list := range opts.Headers { - for _, val := range list { - req.Header.Add(key, val) - } - } - req.Header.Set("Content-Length", strconv.Itoa(len(encodedData))) - - logger.DebugContext(ctx, "sts token request", "request", internallog.HTTPRequest(req, []byte(encodedData))) - resp, body, err := internal.DoRequest(opts.Client, req) - if err != nil { - return nil, fmt.Errorf("credentials: invalid response from Secure Token Server: %w", err) - } - logger.DebugContext(ctx, "sts token response", "response", internallog.HTTPResponse(resp, body)) - if c := resp.StatusCode; c < http.StatusOK || c > http.StatusMultipleChoices { - return nil, fmt.Errorf("credentials: status code %d: %s", c, body) - } - var stsResp TokenResponse - if err := json.Unmarshal(body, &stsResp); err != nil { - return nil, fmt.Errorf("credentials: failed to unmarshal response body from Secure Token Server: %w", err) - } - - return &stsResp, nil -} - -// TokenRequest contains fields necessary to make an oauth2 token -// exchange. -type TokenRequest struct { - ActingParty struct { - ActorToken string - ActorTokenType string - } - GrantType string - Resource string - Audience string - Scope []string - RequestedTokenType string - SubjectToken string - SubjectTokenType string -} - -// TokenResponse is used to decode the remote server response during -// an oauth2 token exchange. -type TokenResponse struct { - AccessToken string `json:"access_token"` - IssuedTokenType string `json:"issued_token_type"` - TokenType string `json:"token_type"` - ExpiresIn int `json:"expires_in"` - Scope string `json:"scope"` - RefreshToken string `json:"refresh_token"` -} - -// ClientAuthentication represents an OAuth client ID and secret and the -// mechanism for passing these credentials as stated in rfc6749#2.3.1. -type ClientAuthentication struct { - AuthStyle auth.Style - ClientID string - ClientSecret string -} - -// InjectAuthentication is used to add authentication to a Secure Token Service -// exchange request. It modifies either the passed url.Values or http.Header -// depending on the desired authentication format. -func (c *ClientAuthentication) InjectAuthentication(values url.Values, headers http.Header) { - if c.ClientID == "" || c.ClientSecret == "" || values == nil || headers == nil { - return - } - switch c.AuthStyle { - case auth.StyleInHeader: - plainHeader := c.ClientID + ":" + c.ClientSecret - headers.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(plainHeader))) - default: - values.Set("client_id", c.ClientID) - values.Set("client_secret", c.ClientSecret) - } -} diff --git a/vendor/cloud.google.com/go/auth/credentials/selfsignedjwt.go b/vendor/cloud.google.com/go/auth/credentials/selfsignedjwt.go deleted file mode 100644 index 8d335cce..00000000 --- a/vendor/cloud.google.com/go/auth/credentials/selfsignedjwt.go +++ /dev/null @@ -1,89 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package credentials - -import ( - "context" - "crypto" - "errors" - "fmt" - "log/slog" - "strings" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/credsfile" - "cloud.google.com/go/auth/internal/jwt" -) - -var ( - // for testing - now func() time.Time = time.Now -) - -// configureSelfSignedJWT uses the private key in the service account to create -// a JWT without making a network call. -func configureSelfSignedJWT(f *credsfile.ServiceAccountFile, opts *DetectOptions) (auth.TokenProvider, error) { - if len(opts.scopes()) == 0 && opts.Audience == "" { - return nil, errors.New("credentials: both scopes and audience are empty") - } - signer, err := internal.ParseKey([]byte(f.PrivateKey)) - if err != nil { - return nil, fmt.Errorf("credentials: could not parse key: %w", err) - } - return &selfSignedTokenProvider{ - email: f.ClientEmail, - audience: opts.Audience, - scopes: opts.scopes(), - signer: signer, - pkID: f.PrivateKeyID, - logger: opts.logger(), - }, nil -} - -type selfSignedTokenProvider struct { - email string - audience string - scopes []string - signer crypto.Signer - pkID string - logger *slog.Logger -} - -func (tp *selfSignedTokenProvider) Token(context.Context) (*auth.Token, error) { - iat := now() - exp := iat.Add(time.Hour) - scope := strings.Join(tp.scopes, " ") - c := &jwt.Claims{ - Iss: tp.email, - Sub: tp.email, - Aud: tp.audience, - Scope: scope, - Iat: iat.Unix(), - Exp: exp.Unix(), - } - h := &jwt.Header{ - Algorithm: jwt.HeaderAlgRSA256, - Type: jwt.HeaderType, - KeyID: string(tp.pkID), - } - tok, err := jwt.EncodeJWS(h, c, tp.signer) - if err != nil { - return nil, fmt.Errorf("credentials: could not encode JWT: %w", err) - } - tp.logger.Debug("created self-signed JWT", "token", tok) - return &auth.Token{Value: tok, Type: internal.TokenTypeBearer, Expiry: exp}, nil -} diff --git a/vendor/cloud.google.com/go/auth/httptransport/httptransport.go b/vendor/cloud.google.com/go/auth/httptransport/httptransport.go deleted file mode 100644 index 5758e85b..00000000 --- a/vendor/cloud.google.com/go/auth/httptransport/httptransport.go +++ /dev/null @@ -1,247 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package httptransport provides functionality for managing HTTP client -// connections to Google Cloud services. -package httptransport - -import ( - "crypto/tls" - "errors" - "fmt" - "log/slog" - "net/http" - - "cloud.google.com/go/auth" - detect "cloud.google.com/go/auth/credentials" - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/transport" - "github.com/googleapis/gax-go/v2/internallog" -) - -// ClientCertProvider is a function that returns a TLS client certificate to be -// used when opening TLS connections. It follows the same semantics as -// [crypto/tls.Config.GetClientCertificate]. -type ClientCertProvider = func(*tls.CertificateRequestInfo) (*tls.Certificate, error) - -// Options used to configure a [net/http.Client] from [NewClient]. -type Options struct { - // DisableTelemetry disables default telemetry (OpenTelemetry). An example - // reason to do so would be to bind custom telemetry that overrides the - // defaults. - DisableTelemetry bool - // DisableAuthentication specifies that no authentication should be used. It - // is suitable only for testing and for accessing public resources, like - // public Google Cloud Storage buckets. - DisableAuthentication bool - // Headers are extra HTTP headers that will be appended to every outgoing - // request. - Headers http.Header - // BaseRoundTripper overrides the base transport used for serving requests. - // If specified ClientCertProvider is ignored. - BaseRoundTripper http.RoundTripper - // Endpoint overrides the default endpoint to be used for a service. - Endpoint string - // APIKey specifies an API key to be used as the basis for authentication. - // If set DetectOpts are ignored. - APIKey string - // Credentials used to add Authorization header to all requests. If set - // DetectOpts are ignored. - Credentials *auth.Credentials - // ClientCertProvider is a function that returns a TLS client certificate to - // be used when opening TLS connections. It follows the same semantics as - // crypto/tls.Config.GetClientCertificate. - ClientCertProvider ClientCertProvider - // DetectOpts configures settings for detect Application Default - // Credentials. - DetectOpts *detect.DetectOptions - // UniverseDomain is the default service domain for a given Cloud universe. - // The default value is "googleapis.com". This is the universe domain - // configured for the client, which will be compared to the universe domain - // that is separately configured for the credentials. - UniverseDomain string - // Logger is used for debug logging. If provided, logging will be enabled - // at the loggers configured level. By default logging is disabled unless - // enabled by setting GOOGLE_SDK_GO_LOGGING_LEVEL in which case a default - // logger will be used. Optional. - Logger *slog.Logger - - // InternalOptions are NOT meant to be set directly by consumers of this - // package, they should only be set by generated client code. - InternalOptions *InternalOptions -} - -func (o *Options) validate() error { - if o == nil { - return errors.New("httptransport: opts required to be non-nil") - } - if o.InternalOptions != nil && o.InternalOptions.SkipValidation { - return nil - } - hasCreds := o.APIKey != "" || - o.Credentials != nil || - (o.DetectOpts != nil && len(o.DetectOpts.CredentialsJSON) > 0) || - (o.DetectOpts != nil && o.DetectOpts.CredentialsFile != "") - if o.DisableAuthentication && hasCreds { - return errors.New("httptransport: DisableAuthentication is incompatible with options that set or detect credentials") - } - return nil -} - -// client returns the client a user set for the detect options or nil if one was -// not set. -func (o *Options) client() *http.Client { - if o.DetectOpts != nil && o.DetectOpts.Client != nil { - return o.DetectOpts.Client - } - return nil -} - -func (o *Options) logger() *slog.Logger { - return internallog.New(o.Logger) -} - -func (o *Options) resolveDetectOptions() *detect.DetectOptions { - io := o.InternalOptions - // soft-clone these so we are not updating a ref the user holds and may reuse - do := transport.CloneDetectOptions(o.DetectOpts) - - // If scoped JWTs are enabled user provided an aud, allow self-signed JWT. - if (io != nil && io.EnableJWTWithScope) || do.Audience != "" { - do.UseSelfSignedJWT = true - } - // Only default scopes if user did not also set an audience. - if len(do.Scopes) == 0 && do.Audience == "" && io != nil && len(io.DefaultScopes) > 0 { - do.Scopes = make([]string, len(io.DefaultScopes)) - copy(do.Scopes, io.DefaultScopes) - } - if len(do.Scopes) == 0 && do.Audience == "" && io != nil { - do.Audience = o.InternalOptions.DefaultAudience - } - if o.ClientCertProvider != nil { - tlsConfig := &tls.Config{ - GetClientCertificate: o.ClientCertProvider, - } - do.Client = transport.DefaultHTTPClientWithTLS(tlsConfig) - do.TokenURL = detect.GoogleMTLSTokenURL - } - if do.Logger == nil { - do.Logger = o.logger() - } - return do -} - -// InternalOptions are only meant to be set by generated client code. These are -// not meant to be set directly by consumers of this package. Configuration in -// this type is considered EXPERIMENTAL and may be removed at any time in the -// future without warning. -type InternalOptions struct { - // EnableJWTWithScope specifies if scope can be used with self-signed JWT. - EnableJWTWithScope bool - // DefaultAudience specifies a default audience to be used as the audience - // field ("aud") for the JWT token authentication. - DefaultAudience string - // DefaultEndpointTemplate combined with UniverseDomain specifies the - // default endpoint. - DefaultEndpointTemplate string - // DefaultMTLSEndpoint specifies the default mTLS endpoint. - DefaultMTLSEndpoint string - // DefaultScopes specifies the default OAuth2 scopes to be used for a - // service. - DefaultScopes []string - // SkipValidation bypasses validation on Options. It should only be used - // internally for clients that need more control over their transport. - SkipValidation bool - // SkipUniverseDomainValidation skips the verification that the universe - // domain configured for the client matches the universe domain configured - // for the credentials. It should only be used internally for clients that - // need more control over their transport. The default is false. - SkipUniverseDomainValidation bool -} - -// AddAuthorizationMiddleware adds a middleware to the provided client's -// transport that sets the Authorization header with the value produced by the -// provided [cloud.google.com/go/auth.Credentials]. An error is returned only -// if client or creds is nil. -// -// This function does not support setting a universe domain value on the client. -func AddAuthorizationMiddleware(client *http.Client, creds *auth.Credentials) error { - if client == nil || creds == nil { - return fmt.Errorf("httptransport: client and tp must not be nil") - } - base := client.Transport - if base == nil { - if dt, ok := http.DefaultTransport.(*http.Transport); ok { - base = dt.Clone() - } else { - // Directly reuse the DefaultTransport if the application has - // replaced it with an implementation of RoundTripper other than - // http.Transport. - base = http.DefaultTransport - } - } - client.Transport = &authTransport{ - creds: creds, - base: base, - } - return nil -} - -// NewClient returns a [net/http.Client] that can be used to communicate with a -// Google cloud service, configured with the provided [Options]. It -// automatically appends Authorization headers to all outgoing requests. -func NewClient(opts *Options) (*http.Client, error) { - if err := opts.validate(); err != nil { - return nil, err - } - - tOpts := &transport.Options{ - Endpoint: opts.Endpoint, - ClientCertProvider: opts.ClientCertProvider, - Client: opts.client(), - UniverseDomain: opts.UniverseDomain, - Logger: opts.logger(), - } - if io := opts.InternalOptions; io != nil { - tOpts.DefaultEndpointTemplate = io.DefaultEndpointTemplate - tOpts.DefaultMTLSEndpoint = io.DefaultMTLSEndpoint - } - clientCertProvider, dialTLSContext, err := transport.GetHTTPTransportConfig(tOpts) - if err != nil { - return nil, err - } - baseRoundTripper := opts.BaseRoundTripper - if baseRoundTripper == nil { - baseRoundTripper = defaultBaseTransport(clientCertProvider, dialTLSContext) - } - // Ensure the token exchange transport uses the same ClientCertProvider as the API transport. - opts.ClientCertProvider = clientCertProvider - trans, err := newTransport(baseRoundTripper, opts) - if err != nil { - return nil, err - } - return &http.Client{ - Transport: trans, - }, nil -} - -// SetAuthHeader uses the provided token to set the Authorization header on a -// request. If the token.Type is empty, the type is assumed to be Bearer. -func SetAuthHeader(token *auth.Token, req *http.Request) { - typ := token.Type - if typ == "" { - typ = internal.TokenTypeBearer - } - req.Header.Set("Authorization", typ+" "+token.Value) -} diff --git a/vendor/cloud.google.com/go/auth/httptransport/transport.go b/vendor/cloud.google.com/go/auth/httptransport/transport.go deleted file mode 100644 index ee215b6d..00000000 --- a/vendor/cloud.google.com/go/auth/httptransport/transport.go +++ /dev/null @@ -1,234 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package httptransport - -import ( - "context" - "crypto/tls" - "net" - "net/http" - "os" - "time" - - "cloud.google.com/go/auth" - "cloud.google.com/go/auth/credentials" - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/transport" - "cloud.google.com/go/auth/internal/transport/cert" - "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp" - "golang.org/x/net/http2" -) - -const ( - quotaProjectHeaderKey = "X-goog-user-project" -) - -func newTransport(base http.RoundTripper, opts *Options) (http.RoundTripper, error) { - var headers = opts.Headers - ht := &headerTransport{ - base: base, - headers: headers, - } - var trans http.RoundTripper = ht - trans = addOpenTelemetryTransport(trans, opts) - switch { - case opts.DisableAuthentication: - // Do nothing. - case opts.APIKey != "": - qp := internal.GetQuotaProject(nil, opts.Headers.Get(quotaProjectHeaderKey)) - if qp != "" { - if headers == nil { - headers = make(map[string][]string, 1) - } - headers.Set(quotaProjectHeaderKey, qp) - } - trans = &apiKeyTransport{ - Transport: trans, - Key: opts.APIKey, - } - default: - var creds *auth.Credentials - if opts.Credentials != nil { - creds = opts.Credentials - } else { - var err error - creds, err = credentials.DetectDefault(opts.resolveDetectOptions()) - if err != nil { - return nil, err - } - } - qp, err := creds.QuotaProjectID(context.Background()) - if err != nil { - return nil, err - } - if qp != "" { - if headers == nil { - headers = make(map[string][]string, 1) - } - // Don't overwrite user specified quota - if v := headers.Get(quotaProjectHeaderKey); v == "" { - headers.Set(quotaProjectHeaderKey, qp) - } - } - var skipUD bool - if iOpts := opts.InternalOptions; iOpts != nil { - skipUD = iOpts.SkipUniverseDomainValidation - } - creds.TokenProvider = auth.NewCachedTokenProvider(creds.TokenProvider, nil) - trans = &authTransport{ - base: trans, - creds: creds, - clientUniverseDomain: opts.UniverseDomain, - skipUniverseDomainValidation: skipUD, - } - } - return trans, nil -} - -// defaultBaseTransport returns the base HTTP transport. -// On App Engine, this is urlfetch.Transport. -// Otherwise, use a default transport, taking most defaults from -// http.DefaultTransport. -// If TLSCertificate is available, set TLSClientConfig as well. -func defaultBaseTransport(clientCertSource cert.Provider, dialTLSContext func(context.Context, string, string) (net.Conn, error)) http.RoundTripper { - defaultTransport, ok := http.DefaultTransport.(*http.Transport) - if !ok { - defaultTransport = transport.BaseTransport() - } - trans := defaultTransport.Clone() - trans.MaxIdleConnsPerHost = 100 - - if clientCertSource != nil { - trans.TLSClientConfig = &tls.Config{ - GetClientCertificate: clientCertSource, - } - } - if dialTLSContext != nil { - // If DialTLSContext is set, TLSClientConfig wil be ignored - trans.DialTLSContext = dialTLSContext - } - - // Configures the ReadIdleTimeout HTTP/2 option for the - // transport. This allows broken idle connections to be pruned more quickly, - // preventing the client from attempting to re-use connections that will no - // longer work. - http2Trans, err := http2.ConfigureTransports(trans) - if err == nil { - http2Trans.ReadIdleTimeout = time.Second * 31 - } - - return trans -} - -type apiKeyTransport struct { - // Key is the API Key to set on requests. - Key string - // Transport is the underlying HTTP transport. - // If nil, http.DefaultTransport is used. - Transport http.RoundTripper -} - -func (t *apiKeyTransport) RoundTrip(req *http.Request) (*http.Response, error) { - newReq := *req - args := newReq.URL.Query() - args.Set("key", t.Key) - newReq.URL.RawQuery = args.Encode() - return t.Transport.RoundTrip(&newReq) -} - -type headerTransport struct { - headers http.Header - base http.RoundTripper -} - -func (t *headerTransport) RoundTrip(req *http.Request) (*http.Response, error) { - rt := t.base - newReq := *req - newReq.Header = make(http.Header) - for k, vv := range req.Header { - newReq.Header[k] = vv - } - - for k, v := range t.headers { - newReq.Header[k] = v - } - - return rt.RoundTrip(&newReq) -} - -func addOpenTelemetryTransport(trans http.RoundTripper, opts *Options) http.RoundTripper { - if opts.DisableTelemetry { - return trans - } - return otelhttp.NewTransport(trans) -} - -type authTransport struct { - creds *auth.Credentials - base http.RoundTripper - clientUniverseDomain string - skipUniverseDomainValidation bool -} - -// getClientUniverseDomain returns the default service domain for a given Cloud -// universe, with the following precedence: -// -// 1. A non-empty option.WithUniverseDomain or similar client option. -// 2. A non-empty environment variable GOOGLE_CLOUD_UNIVERSE_DOMAIN. -// 3. The default value "googleapis.com". -// -// This is the universe domain configured for the client, which will be compared -// to the universe domain that is separately configured for the credentials. -func (t *authTransport) getClientUniverseDomain() string { - if t.clientUniverseDomain != "" { - return t.clientUniverseDomain - } - if envUD := os.Getenv(internal.UniverseDomainEnvVar); envUD != "" { - return envUD - } - return internal.DefaultUniverseDomain -} - -// RoundTrip authorizes and authenticates the request with an -// access token from Transport's Source. Per the RoundTripper contract we must -// not modify the initial request, so we clone it, and we must close the body -// on any errors that happens during our token logic. -func (t *authTransport) RoundTrip(req *http.Request) (*http.Response, error) { - reqBodyClosed := false - if req.Body != nil { - defer func() { - if !reqBodyClosed { - req.Body.Close() - } - }() - } - token, err := t.creds.Token(req.Context()) - if err != nil { - return nil, err - } - if !t.skipUniverseDomainValidation && token.MetadataString("auth.google.tokenSource") != "compute-metadata" { - credentialsUniverseDomain, err := t.creds.UniverseDomain(req.Context()) - if err != nil { - return nil, err - } - if err := transport.ValidateUniverseDomain(t.getClientUniverseDomain(), credentialsUniverseDomain); err != nil { - return nil, err - } - } - req2 := req.Clone(req.Context()) - SetAuthHeader(token, req2) - reqBodyClosed = true - return t.base.RoundTrip(req2) -} diff --git a/vendor/cloud.google.com/go/auth/internal/credsfile/credsfile.go b/vendor/cloud.google.com/go/auth/internal/credsfile/credsfile.go deleted file mode 100644 index 9cd4bed6..00000000 --- a/vendor/cloud.google.com/go/auth/internal/credsfile/credsfile.go +++ /dev/null @@ -1,107 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package credsfile is meant to hide implementation details from the pubic -// surface of the detect package. It should not import any other packages in -// this module. It is located under the main internal package so other -// sub-packages can use these parsed types as well. -package credsfile - -import ( - "os" - "os/user" - "path/filepath" - "runtime" -) - -const ( - // GoogleAppCredsEnvVar is the environment variable for setting the - // application default credentials. - GoogleAppCredsEnvVar = "GOOGLE_APPLICATION_CREDENTIALS" - userCredsFilename = "application_default_credentials.json" -) - -// CredentialType represents different credential filetypes Google credentials -// can be. -type CredentialType int - -const ( - // UnknownCredType is an unidentified file type. - UnknownCredType CredentialType = iota - // UserCredentialsKey represents a user creds file type. - UserCredentialsKey - // ServiceAccountKey represents a service account file type. - ServiceAccountKey - // ImpersonatedServiceAccountKey represents a impersonated service account - // file type. - ImpersonatedServiceAccountKey - // ExternalAccountKey represents a external account file type. - ExternalAccountKey - // GDCHServiceAccountKey represents a GDCH file type. - GDCHServiceAccountKey - // ExternalAccountAuthorizedUserKey represents a external account authorized - // user file type. - ExternalAccountAuthorizedUserKey -) - -// parseCredentialType returns the associated filetype based on the parsed -// typeString provided. -func parseCredentialType(typeString string) CredentialType { - switch typeString { - case "service_account": - return ServiceAccountKey - case "authorized_user": - return UserCredentialsKey - case "impersonated_service_account": - return ImpersonatedServiceAccountKey - case "external_account": - return ExternalAccountKey - case "external_account_authorized_user": - return ExternalAccountAuthorizedUserKey - case "gdch_service_account": - return GDCHServiceAccountKey - default: - return UnknownCredType - } -} - -// GetFileNameFromEnv returns the override if provided or detects a filename -// from the environment. -func GetFileNameFromEnv(override string) string { - if override != "" { - return override - } - return os.Getenv(GoogleAppCredsEnvVar) -} - -// GetWellKnownFileName tries to locate the filepath for the user credential -// file based on the environment. -func GetWellKnownFileName() string { - if runtime.GOOS == "windows" { - return filepath.Join(os.Getenv("APPDATA"), "gcloud", userCredsFilename) - } - return filepath.Join(guessUnixHomeDir(), ".config", "gcloud", userCredsFilename) -} - -// guessUnixHomeDir default to checking for HOME, but not all unix systems have -// this set, do have a fallback. -func guessUnixHomeDir() string { - if v := os.Getenv("HOME"); v != "" { - return v - } - if u, err := user.Current(); err == nil { - return u.HomeDir - } - return "" -} diff --git a/vendor/cloud.google.com/go/auth/internal/credsfile/filetype.go b/vendor/cloud.google.com/go/auth/internal/credsfile/filetype.go deleted file mode 100644 index 3be6e5bb..00000000 --- a/vendor/cloud.google.com/go/auth/internal/credsfile/filetype.go +++ /dev/null @@ -1,157 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package credsfile - -import ( - "encoding/json" -) - -// Config3LO is the internals of a client creds file. -type Config3LO struct { - ClientID string `json:"client_id"` - ClientSecret string `json:"client_secret"` - RedirectURIs []string `json:"redirect_uris"` - AuthURI string `json:"auth_uri"` - TokenURI string `json:"token_uri"` -} - -// ClientCredentialsFile representation. -type ClientCredentialsFile struct { - Web *Config3LO `json:"web"` - Installed *Config3LO `json:"installed"` - UniverseDomain string `json:"universe_domain"` -} - -// ServiceAccountFile representation. -type ServiceAccountFile struct { - Type string `json:"type"` - ProjectID string `json:"project_id"` - PrivateKeyID string `json:"private_key_id"` - PrivateKey string `json:"private_key"` - ClientEmail string `json:"client_email"` - ClientID string `json:"client_id"` - AuthURL string `json:"auth_uri"` - TokenURL string `json:"token_uri"` - UniverseDomain string `json:"universe_domain"` -} - -// UserCredentialsFile representation. -type UserCredentialsFile struct { - Type string `json:"type"` - ClientID string `json:"client_id"` - ClientSecret string `json:"client_secret"` - QuotaProjectID string `json:"quota_project_id"` - RefreshToken string `json:"refresh_token"` - UniverseDomain string `json:"universe_domain"` -} - -// ExternalAccountFile representation. -type ExternalAccountFile struct { - Type string `json:"type"` - ClientID string `json:"client_id"` - ClientSecret string `json:"client_secret"` - Audience string `json:"audience"` - SubjectTokenType string `json:"subject_token_type"` - ServiceAccountImpersonationURL string `json:"service_account_impersonation_url"` - TokenURL string `json:"token_url"` - CredentialSource *CredentialSource `json:"credential_source,omitempty"` - TokenInfoURL string `json:"token_info_url"` - ServiceAccountImpersonation *ServiceAccountImpersonationInfo `json:"service_account_impersonation,omitempty"` - QuotaProjectID string `json:"quota_project_id"` - WorkforcePoolUserProject string `json:"workforce_pool_user_project"` - UniverseDomain string `json:"universe_domain"` -} - -// ExternalAccountAuthorizedUserFile representation. -type ExternalAccountAuthorizedUserFile struct { - Type string `json:"type"` - Audience string `json:"audience"` - ClientID string `json:"client_id"` - ClientSecret string `json:"client_secret"` - RefreshToken string `json:"refresh_token"` - TokenURL string `json:"token_url"` - TokenInfoURL string `json:"token_info_url"` - RevokeURL string `json:"revoke_url"` - QuotaProjectID string `json:"quota_project_id"` - UniverseDomain string `json:"universe_domain"` -} - -// CredentialSource stores the information necessary to retrieve the credentials for the STS exchange. -// -// One field amongst File, URL, Certificate, and Executable should be filled, depending on the kind of credential in question. -// The EnvironmentID should start with AWS if being used for an AWS credential. -type CredentialSource struct { - File string `json:"file"` - URL string `json:"url"` - Headers map[string]string `json:"headers"` - Executable *ExecutableConfig `json:"executable,omitempty"` - Certificate *CertificateConfig `json:"certificate"` - EnvironmentID string `json:"environment_id"` // TODO: Make type for this - RegionURL string `json:"region_url"` - RegionalCredVerificationURL string `json:"regional_cred_verification_url"` - CredVerificationURL string `json:"cred_verification_url"` - IMDSv2SessionTokenURL string `json:"imdsv2_session_token_url"` - Format *Format `json:"format,omitempty"` -} - -// Format describes the format of a [CredentialSource]. -type Format struct { - // Type is either "text" or "json". When not provided "text" type is assumed. - Type string `json:"type"` - // SubjectTokenFieldName is only required for JSON format. This would be "access_token" for azure. - SubjectTokenFieldName string `json:"subject_token_field_name"` -} - -// ExecutableConfig represents the command to run for an executable -// [CredentialSource]. -type ExecutableConfig struct { - Command string `json:"command"` - TimeoutMillis int `json:"timeout_millis"` - OutputFile string `json:"output_file"` -} - -// CertificateConfig represents the options used to set up X509 based workload -// [CredentialSource] -type CertificateConfig struct { - UseDefaultCertificateConfig bool `json:"use_default_certificate_config"` - CertificateConfigLocation string `json:"certificate_config_location"` -} - -// ServiceAccountImpersonationInfo has impersonation configuration. -type ServiceAccountImpersonationInfo struct { - TokenLifetimeSeconds int `json:"token_lifetime_seconds"` -} - -// ImpersonatedServiceAccountFile representation. -type ImpersonatedServiceAccountFile struct { - Type string `json:"type"` - ServiceAccountImpersonationURL string `json:"service_account_impersonation_url"` - Delegates []string `json:"delegates"` - CredSource json.RawMessage `json:"source_credentials"` - UniverseDomain string `json:"universe_domain"` -} - -// GDCHServiceAccountFile represents the Google Distributed Cloud Hosted (GDCH) service identity file. -type GDCHServiceAccountFile struct { - Type string `json:"type"` - FormatVersion string `json:"format_version"` - Project string `json:"project"` - Name string `json:"name"` - CertPath string `json:"ca_cert_path"` - PrivateKeyID string `json:"private_key_id"` - PrivateKey string `json:"private_key"` - TokenURL string `json:"token_uri"` - UniverseDomain string `json:"universe_domain"` -} diff --git a/vendor/cloud.google.com/go/auth/internal/credsfile/parse.go b/vendor/cloud.google.com/go/auth/internal/credsfile/parse.go deleted file mode 100644 index a02b9f5d..00000000 --- a/vendor/cloud.google.com/go/auth/internal/credsfile/parse.go +++ /dev/null @@ -1,98 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package credsfile - -import ( - "encoding/json" -) - -// ParseServiceAccount parses bytes into a [ServiceAccountFile]. -func ParseServiceAccount(b []byte) (*ServiceAccountFile, error) { - var f *ServiceAccountFile - if err := json.Unmarshal(b, &f); err != nil { - return nil, err - } - return f, nil -} - -// ParseClientCredentials parses bytes into a -// [credsfile.ClientCredentialsFile]. -func ParseClientCredentials(b []byte) (*ClientCredentialsFile, error) { - var f *ClientCredentialsFile - if err := json.Unmarshal(b, &f); err != nil { - return nil, err - } - return f, nil -} - -// ParseUserCredentials parses bytes into a [UserCredentialsFile]. -func ParseUserCredentials(b []byte) (*UserCredentialsFile, error) { - var f *UserCredentialsFile - if err := json.Unmarshal(b, &f); err != nil { - return nil, err - } - return f, nil -} - -// ParseExternalAccount parses bytes into a [ExternalAccountFile]. -func ParseExternalAccount(b []byte) (*ExternalAccountFile, error) { - var f *ExternalAccountFile - if err := json.Unmarshal(b, &f); err != nil { - return nil, err - } - return f, nil -} - -// ParseExternalAccountAuthorizedUser parses bytes into a -// [ExternalAccountAuthorizedUserFile]. -func ParseExternalAccountAuthorizedUser(b []byte) (*ExternalAccountAuthorizedUserFile, error) { - var f *ExternalAccountAuthorizedUserFile - if err := json.Unmarshal(b, &f); err != nil { - return nil, err - } - return f, nil -} - -// ParseImpersonatedServiceAccount parses bytes into a -// [ImpersonatedServiceAccountFile]. -func ParseImpersonatedServiceAccount(b []byte) (*ImpersonatedServiceAccountFile, error) { - var f *ImpersonatedServiceAccountFile - if err := json.Unmarshal(b, &f); err != nil { - return nil, err - } - return f, nil -} - -// ParseGDCHServiceAccount parses bytes into a [GDCHServiceAccountFile]. -func ParseGDCHServiceAccount(b []byte) (*GDCHServiceAccountFile, error) { - var f *GDCHServiceAccountFile - if err := json.Unmarshal(b, &f); err != nil { - return nil, err - } - return f, nil -} - -type fileTypeChecker struct { - Type string `json:"type"` -} - -// ParseFileType determines the [CredentialType] based on bytes provided. -func ParseFileType(b []byte) (CredentialType, error) { - var f fileTypeChecker - if err := json.Unmarshal(b, &f); err != nil { - return 0, err - } - return parseCredentialType(f.Type), nil -} diff --git a/vendor/cloud.google.com/go/auth/internal/internal.go b/vendor/cloud.google.com/go/auth/internal/internal.go deleted file mode 100644 index 6a8eab6e..00000000 --- a/vendor/cloud.google.com/go/auth/internal/internal.go +++ /dev/null @@ -1,225 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package internal - -import ( - "context" - "crypto" - "crypto/x509" - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io" - "net/http" - "os" - "sync" - "time" - - "cloud.google.com/go/compute/metadata" -) - -const ( - // TokenTypeBearer is the auth header prefix for bearer tokens. - TokenTypeBearer = "Bearer" - - // QuotaProjectEnvVar is the environment variable for setting the quota - // project. - QuotaProjectEnvVar = "GOOGLE_CLOUD_QUOTA_PROJECT" - // UniverseDomainEnvVar is the environment variable for setting the default - // service domain for a given Cloud universe. - UniverseDomainEnvVar = "GOOGLE_CLOUD_UNIVERSE_DOMAIN" - projectEnvVar = "GOOGLE_CLOUD_PROJECT" - maxBodySize = 1 << 20 - - // DefaultUniverseDomain is the default value for universe domain. - // Universe domain is the default service domain for a given Cloud universe. - DefaultUniverseDomain = "googleapis.com" -) - -type clonableTransport interface { - Clone() *http.Transport -} - -// DefaultClient returns an [http.Client] with some defaults set. If -// the current [http.DefaultTransport] is a [clonableTransport], as -// is the case for an [*http.Transport], the clone will be used. -// Otherwise the [http.DefaultTransport] is used directly. -func DefaultClient() *http.Client { - if transport, ok := http.DefaultTransport.(clonableTransport); ok { - return &http.Client{ - Transport: transport.Clone(), - Timeout: 30 * time.Second, - } - } - - return &http.Client{ - Transport: http.DefaultTransport, - Timeout: 30 * time.Second, - } -} - -// ParseKey converts the binary contents of a private key file -// to an crypto.Signer. It detects whether the private key is in a -// PEM container or not. If so, it extracts the the private key -// from PEM container before conversion. It only supports PEM -// containers with no passphrase. -func ParseKey(key []byte) (crypto.Signer, error) { - block, _ := pem.Decode(key) - if block != nil { - key = block.Bytes - } - var parsedKey crypto.PrivateKey - var err error - parsedKey, err = x509.ParsePKCS8PrivateKey(key) - if err != nil { - parsedKey, err = x509.ParsePKCS1PrivateKey(key) - if err != nil { - return nil, fmt.Errorf("private key should be a PEM or plain PKCS1 or PKCS8: %w", err) - } - } - parsed, ok := parsedKey.(crypto.Signer) - if !ok { - return nil, errors.New("private key is not a signer") - } - return parsed, nil -} - -// GetQuotaProject retrieves quota project with precedence being: override, -// environment variable, creds json file. -func GetQuotaProject(b []byte, override string) string { - if override != "" { - return override - } - if env := os.Getenv(QuotaProjectEnvVar); env != "" { - return env - } - if b == nil { - return "" - } - var v struct { - QuotaProject string `json:"quota_project_id"` - } - if err := json.Unmarshal(b, &v); err != nil { - return "" - } - return v.QuotaProject -} - -// GetProjectID retrieves project with precedence being: override, -// environment variable, creds json file. -func GetProjectID(b []byte, override string) string { - if override != "" { - return override - } - if env := os.Getenv(projectEnvVar); env != "" { - return env - } - if b == nil { - return "" - } - var v struct { - ProjectID string `json:"project_id"` // standard service account key - Project string `json:"project"` // gdch key - } - if err := json.Unmarshal(b, &v); err != nil { - return "" - } - if v.ProjectID != "" { - return v.ProjectID - } - return v.Project -} - -// DoRequest executes the provided req with the client. It reads the response -// body, closes it, and returns it. -func DoRequest(client *http.Client, req *http.Request) (*http.Response, []byte, error) { - resp, err := client.Do(req) - if err != nil { - return nil, nil, err - } - defer resp.Body.Close() - body, err := ReadAll(io.LimitReader(resp.Body, maxBodySize)) - if err != nil { - return nil, nil, err - } - return resp, body, nil -} - -// ReadAll consumes the whole reader and safely reads the content of its body -// with some overflow protection. -func ReadAll(r io.Reader) ([]byte, error) { - return io.ReadAll(io.LimitReader(r, maxBodySize)) -} - -// StaticCredentialsProperty is a helper for creating static credentials -// properties. -func StaticCredentialsProperty(s string) StaticProperty { - return StaticProperty(s) -} - -// StaticProperty always returns that value of the underlying string. -type StaticProperty string - -// GetProperty loads the properly value provided the given context. -func (p StaticProperty) GetProperty(context.Context) (string, error) { - return string(p), nil -} - -// ComputeUniverseDomainProvider fetches the credentials universe domain from -// the google cloud metadata service. -type ComputeUniverseDomainProvider struct { - MetadataClient *metadata.Client - universeDomainOnce sync.Once - universeDomain string - universeDomainErr error -} - -// GetProperty fetches the credentials universe domain from the google cloud -// metadata service. -func (c *ComputeUniverseDomainProvider) GetProperty(ctx context.Context) (string, error) { - c.universeDomainOnce.Do(func() { - c.universeDomain, c.universeDomainErr = getMetadataUniverseDomain(ctx, c.MetadataClient) - }) - if c.universeDomainErr != nil { - return "", c.universeDomainErr - } - return c.universeDomain, nil -} - -// httpGetMetadataUniverseDomain is a package var for unit test substitution. -var httpGetMetadataUniverseDomain = func(ctx context.Context, client *metadata.Client) (string, error) { - ctx, cancel := context.WithTimeout(ctx, 1*time.Second) - defer cancel() - return client.GetWithContext(ctx, "universe/universe-domain") -} - -func getMetadataUniverseDomain(ctx context.Context, client *metadata.Client) (string, error) { - universeDomain, err := httpGetMetadataUniverseDomain(ctx, client) - if err == nil { - return universeDomain, nil - } - if _, ok := err.(metadata.NotDefinedError); ok { - // http.StatusNotFound (404) - return DefaultUniverseDomain, nil - } - return "", err -} - -// FormatIAMServiceAccountResource sets a service account name in an IAM resource -// name. -func FormatIAMServiceAccountResource(name string) string { - return fmt.Sprintf("projects/-/serviceAccounts/%s", name) -} diff --git a/vendor/cloud.google.com/go/auth/internal/jwt/jwt.go b/vendor/cloud.google.com/go/auth/internal/jwt/jwt.go deleted file mode 100644 index 9bd55f51..00000000 --- a/vendor/cloud.google.com/go/auth/internal/jwt/jwt.go +++ /dev/null @@ -1,171 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package jwt - -import ( - "bytes" - "crypto" - "crypto/rand" - "crypto/rsa" - "crypto/sha256" - "encoding/base64" - "encoding/json" - "errors" - "fmt" - "strings" - "time" -) - -const ( - // HeaderAlgRSA256 is the RS256 [Header.Algorithm]. - HeaderAlgRSA256 = "RS256" - // HeaderAlgES256 is the ES256 [Header.Algorithm]. - HeaderAlgES256 = "ES256" - // HeaderType is the standard [Header.Type]. - HeaderType = "JWT" -) - -// Header represents a JWT header. -type Header struct { - Algorithm string `json:"alg"` - Type string `json:"typ"` - KeyID string `json:"kid"` -} - -func (h *Header) encode() (string, error) { - b, err := json.Marshal(h) - if err != nil { - return "", err - } - return base64.RawURLEncoding.EncodeToString(b), nil -} - -// Claims represents the claims set of a JWT. -type Claims struct { - // Iss is the issuer JWT claim. - Iss string `json:"iss"` - // Scope is the scope JWT claim. - Scope string `json:"scope,omitempty"` - // Exp is the expiry JWT claim. If unset, default is in one hour from now. - Exp int64 `json:"exp"` - // Iat is the subject issued at claim. If unset, default is now. - Iat int64 `json:"iat"` - // Aud is the audience JWT claim. Optional. - Aud string `json:"aud"` - // Sub is the subject JWT claim. Optional. - Sub string `json:"sub,omitempty"` - // AdditionalClaims contains any additional non-standard JWT claims. Optional. - AdditionalClaims map[string]interface{} `json:"-"` -} - -func (c *Claims) encode() (string, error) { - // Compensate for skew - now := time.Now().Add(-10 * time.Second) - if c.Iat == 0 { - c.Iat = now.Unix() - } - if c.Exp == 0 { - c.Exp = now.Add(time.Hour).Unix() - } - if c.Exp < c.Iat { - return "", fmt.Errorf("jwt: invalid Exp = %d; must be later than Iat = %d", c.Exp, c.Iat) - } - - b, err := json.Marshal(c) - if err != nil { - return "", err - } - - if len(c.AdditionalClaims) == 0 { - return base64.RawURLEncoding.EncodeToString(b), nil - } - - // Marshal private claim set and then append it to b. - prv, err := json.Marshal(c.AdditionalClaims) - if err != nil { - return "", fmt.Errorf("invalid map of additional claims %v: %w", c.AdditionalClaims, err) - } - - // Concatenate public and private claim JSON objects. - if !bytes.HasSuffix(b, []byte{'}'}) { - return "", fmt.Errorf("invalid JSON %s", b) - } - if !bytes.HasPrefix(prv, []byte{'{'}) { - return "", fmt.Errorf("invalid JSON %s", prv) - } - b[len(b)-1] = ',' // Replace closing curly brace with a comma. - b = append(b, prv[1:]...) // Append private claims. - return base64.RawURLEncoding.EncodeToString(b), nil -} - -// EncodeJWS encodes the data using the provided key as a JSON web signature. -func EncodeJWS(header *Header, c *Claims, signer crypto.Signer) (string, error) { - head, err := header.encode() - if err != nil { - return "", err - } - claims, err := c.encode() - if err != nil { - return "", err - } - ss := fmt.Sprintf("%s.%s", head, claims) - h := sha256.New() - h.Write([]byte(ss)) - sig, err := signer.Sign(rand.Reader, h.Sum(nil), crypto.SHA256) - if err != nil { - return "", err - } - return fmt.Sprintf("%s.%s", ss, base64.RawURLEncoding.EncodeToString(sig)), nil -} - -// DecodeJWS decodes a claim set from a JWS payload. -func DecodeJWS(payload string) (*Claims, error) { - // decode returned id token to get expiry - s := strings.Split(payload, ".") - if len(s) < 2 { - return nil, errors.New("invalid token received") - } - decoded, err := base64.RawURLEncoding.DecodeString(s[1]) - if err != nil { - return nil, err - } - c := &Claims{} - if err := json.NewDecoder(bytes.NewBuffer(decoded)).Decode(c); err != nil { - return nil, err - } - if err := json.NewDecoder(bytes.NewBuffer(decoded)).Decode(&c.AdditionalClaims); err != nil { - return nil, err - } - return c, err -} - -// VerifyJWS tests whether the provided JWT token's signature was produced by -// the private key associated with the provided public key. -func VerifyJWS(token string, key *rsa.PublicKey) error { - parts := strings.Split(token, ".") - if len(parts) != 3 { - return errors.New("jwt: invalid token received, token must have 3 parts") - } - - signedContent := parts[0] + "." + parts[1] - signatureString, err := base64.RawURLEncoding.DecodeString(parts[2]) - if err != nil { - return err - } - - h := sha256.New() - h.Write([]byte(signedContent)) - return rsa.VerifyPKCS1v15(key, crypto.SHA256, h.Sum(nil), signatureString) -} diff --git a/vendor/cloud.google.com/go/auth/internal/transport/cba.go b/vendor/cloud.google.com/go/auth/internal/transport/cba.go deleted file mode 100644 index b1f0fcf9..00000000 --- a/vendor/cloud.google.com/go/auth/internal/transport/cba.go +++ /dev/null @@ -1,385 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package transport - -import ( - "context" - "crypto/tls" - "crypto/x509" - "errors" - "log" - "log/slog" - "net" - "net/http" - "net/url" - "os" - "strconv" - "strings" - - "cloud.google.com/go/auth/internal" - "cloud.google.com/go/auth/internal/transport/cert" - "github.com/google/s2a-go" - "github.com/google/s2a-go/fallback" - "google.golang.org/grpc/credentials" -) - -const ( - mTLSModeAlways = "always" - mTLSModeNever = "never" - mTLSModeAuto = "auto" - - // Experimental: if true, the code will try MTLS with S2A as the default for transport security. Default value is false. - googleAPIUseS2AEnv = "EXPERIMENTAL_GOOGLE_API_USE_S2A" - googleAPIUseCertSource = "GOOGLE_API_USE_CLIENT_CERTIFICATE" - googleAPIUseMTLS = "GOOGLE_API_USE_MTLS_ENDPOINT" - googleAPIUseMTLSOld = "GOOGLE_API_USE_MTLS" - - universeDomainPlaceholder = "UNIVERSE_DOMAIN" - - mtlsMDSRoot = "/run/google-mds-mtls/root.crt" - mtlsMDSKey = "/run/google-mds-mtls/client.key" -) - -// Type represents the type of transport used. -type Type int - -const ( - // TransportTypeUnknown represents an unknown transport type and is the default option. - TransportTypeUnknown Type = iota - // TransportTypeMTLSS2A represents the mTLS transport type using S2A. - TransportTypeMTLSS2A -) - -// Options is a struct that is duplicated information from the individual -// transport packages in order to avoid cyclic deps. It correlates 1:1 with -// fields on httptransport.Options and grpctransport.Options. -type Options struct { - Endpoint string - DefaultEndpointTemplate string - DefaultMTLSEndpoint string - ClientCertProvider cert.Provider - Client *http.Client - UniverseDomain string - EnableDirectPath bool - EnableDirectPathXds bool - Logger *slog.Logger -} - -// getUniverseDomain returns the default service domain for a given Cloud -// universe. -func (o *Options) getUniverseDomain() string { - if o.UniverseDomain == "" { - return internal.DefaultUniverseDomain - } - return o.UniverseDomain -} - -// isUniverseDomainGDU returns true if the universe domain is the default Google -// universe. -func (o *Options) isUniverseDomainGDU() bool { - return o.getUniverseDomain() == internal.DefaultUniverseDomain -} - -// defaultEndpoint returns the DefaultEndpointTemplate merged with the -// universe domain if the DefaultEndpointTemplate is set, otherwise returns an -// empty string. -func (o *Options) defaultEndpoint() string { - if o.DefaultEndpointTemplate == "" { - return "" - } - return strings.Replace(o.DefaultEndpointTemplate, universeDomainPlaceholder, o.getUniverseDomain(), 1) -} - -// defaultMTLSEndpoint returns the DefaultMTLSEndpointTemplate merged with the -// universe domain if the DefaultMTLSEndpointTemplate is set, otherwise returns an -// empty string. -func (o *Options) defaultMTLSEndpoint() string { - if o.DefaultMTLSEndpoint == "" { - return "" - } - return strings.Replace(o.DefaultMTLSEndpoint, universeDomainPlaceholder, o.getUniverseDomain(), 1) -} - -// mergedEndpoint merges a user-provided Endpoint of format host[:port] with the -// default endpoint. -func (o *Options) mergedEndpoint() (string, error) { - defaultEndpoint := o.defaultEndpoint() - u, err := url.Parse(fixScheme(defaultEndpoint)) - if err != nil { - return "", err - } - return strings.Replace(defaultEndpoint, u.Host, o.Endpoint, 1), nil -} - -func fixScheme(baseURL string) string { - if !strings.Contains(baseURL, "://") { - baseURL = "https://" + baseURL - } - return baseURL -} - -// GRPCTransportCredentials embeds interface TransportCredentials with additional data. -type GRPCTransportCredentials struct { - credentials.TransportCredentials - Endpoint string - TransportType Type -} - -// GetGRPCTransportCredsAndEndpoint returns an instance of -// [google.golang.org/grpc/credentials.TransportCredentials], and the -// corresponding endpoint and transport type to use for GRPC client. -func GetGRPCTransportCredsAndEndpoint(opts *Options) (*GRPCTransportCredentials, error) { - config, err := getTransportConfig(opts) - if err != nil { - return nil, err - } - - defaultTransportCreds := credentials.NewTLS(&tls.Config{ - GetClientCertificate: config.clientCertSource, - }) - - var s2aAddr string - var transportCredsForS2A credentials.TransportCredentials - - if config.mtlsS2AAddress != "" { - s2aAddr = config.mtlsS2AAddress - transportCredsForS2A, err = loadMTLSMDSTransportCreds(mtlsMDSRoot, mtlsMDSKey) - if err != nil { - log.Printf("Loading MTLS MDS credentials failed: %v", err) - if config.s2aAddress != "" { - s2aAddr = config.s2aAddress - } else { - return &GRPCTransportCredentials{defaultTransportCreds, config.endpoint, TransportTypeUnknown}, nil - } - } - } else if config.s2aAddress != "" { - s2aAddr = config.s2aAddress - } else { - return &GRPCTransportCredentials{defaultTransportCreds, config.endpoint, TransportTypeUnknown}, nil - } - - var fallbackOpts *s2a.FallbackOptions - // In case of S2A failure, fall back to the endpoint that would've been used without S2A. - if fallbackHandshake, err := fallback.DefaultFallbackClientHandshakeFunc(config.endpoint); err == nil { - fallbackOpts = &s2a.FallbackOptions{ - FallbackClientHandshakeFunc: fallbackHandshake, - } - } - - s2aTransportCreds, err := s2a.NewClientCreds(&s2a.ClientOptions{ - S2AAddress: s2aAddr, - TransportCreds: transportCredsForS2A, - FallbackOpts: fallbackOpts, - }) - if err != nil { - // Use default if we cannot initialize S2A client transport credentials. - return &GRPCTransportCredentials{defaultTransportCreds, config.endpoint, TransportTypeUnknown}, nil - } - return &GRPCTransportCredentials{s2aTransportCreds, config.s2aMTLSEndpoint, TransportTypeMTLSS2A}, nil -} - -// GetHTTPTransportConfig returns a client certificate source and a function for -// dialing MTLS with S2A. -func GetHTTPTransportConfig(opts *Options) (cert.Provider, func(context.Context, string, string) (net.Conn, error), error) { - config, err := getTransportConfig(opts) - if err != nil { - return nil, nil, err - } - - var s2aAddr string - var transportCredsForS2A credentials.TransportCredentials - - if config.mtlsS2AAddress != "" { - s2aAddr = config.mtlsS2AAddress - transportCredsForS2A, err = loadMTLSMDSTransportCreds(mtlsMDSRoot, mtlsMDSKey) - if err != nil { - log.Printf("Loading MTLS MDS credentials failed: %v", err) - if config.s2aAddress != "" { - s2aAddr = config.s2aAddress - } else { - return config.clientCertSource, nil, nil - } - } - } else if config.s2aAddress != "" { - s2aAddr = config.s2aAddress - } else { - return config.clientCertSource, nil, nil - } - - var fallbackOpts *s2a.FallbackOptions - // In case of S2A failure, fall back to the endpoint that would've been used without S2A. - if fallbackURL, err := url.Parse(config.endpoint); err == nil { - if fallbackDialer, fallbackServerAddr, err := fallback.DefaultFallbackDialerAndAddress(fallbackURL.Hostname()); err == nil { - fallbackOpts = &s2a.FallbackOptions{ - FallbackDialer: &s2a.FallbackDialer{ - Dialer: fallbackDialer, - ServerAddr: fallbackServerAddr, - }, - } - } - } - - dialTLSContextFunc := s2a.NewS2ADialTLSContextFunc(&s2a.ClientOptions{ - S2AAddress: s2aAddr, - TransportCreds: transportCredsForS2A, - FallbackOpts: fallbackOpts, - }) - return nil, dialTLSContextFunc, nil -} - -func loadMTLSMDSTransportCreds(mtlsMDSRootFile, mtlsMDSKeyFile string) (credentials.TransportCredentials, error) { - rootPEM, err := os.ReadFile(mtlsMDSRootFile) - if err != nil { - return nil, err - } - caCertPool := x509.NewCertPool() - ok := caCertPool.AppendCertsFromPEM(rootPEM) - if !ok { - return nil, errors.New("failed to load MTLS MDS root certificate") - } - // The mTLS MDS credentials are formatted as the concatenation of a PEM-encoded certificate chain - // followed by a PEM-encoded private key. For this reason, the concatenation is passed in to the - // tls.X509KeyPair function as both the certificate chain and private key arguments. - cert, err := tls.LoadX509KeyPair(mtlsMDSKeyFile, mtlsMDSKeyFile) - if err != nil { - return nil, err - } - tlsConfig := tls.Config{ - RootCAs: caCertPool, - Certificates: []tls.Certificate{cert}, - MinVersion: tls.VersionTLS13, - } - return credentials.NewTLS(&tlsConfig), nil -} - -func getTransportConfig(opts *Options) (*transportConfig, error) { - clientCertSource, err := GetClientCertificateProvider(opts) - if err != nil { - return nil, err - } - endpoint, err := getEndpoint(opts, clientCertSource) - if err != nil { - return nil, err - } - defaultTransportConfig := transportConfig{ - clientCertSource: clientCertSource, - endpoint: endpoint, - } - - if !shouldUseS2A(clientCertSource, opts) { - return &defaultTransportConfig, nil - } - - s2aAddress := GetS2AAddress(opts.Logger) - mtlsS2AAddress := GetMTLSS2AAddress(opts.Logger) - if s2aAddress == "" && mtlsS2AAddress == "" { - return &defaultTransportConfig, nil - } - return &transportConfig{ - clientCertSource: clientCertSource, - endpoint: endpoint, - s2aAddress: s2aAddress, - mtlsS2AAddress: mtlsS2AAddress, - s2aMTLSEndpoint: opts.defaultMTLSEndpoint(), - }, nil -} - -// GetClientCertificateProvider returns a default client certificate source, if -// not provided by the user. -// -// A nil default source can be returned if the source does not exist. Any exceptions -// encountered while initializing the default source will be reported as client -// error (ex. corrupt metadata file). -func GetClientCertificateProvider(opts *Options) (cert.Provider, error) { - if !isClientCertificateEnabled(opts) { - return nil, nil - } else if opts.ClientCertProvider != nil { - return opts.ClientCertProvider, nil - } - return cert.DefaultProvider() - -} - -// isClientCertificateEnabled returns true by default for all GDU universe domain, unless explicitly overridden by env var -func isClientCertificateEnabled(opts *Options) bool { - if value, ok := os.LookupEnv(googleAPIUseCertSource); ok { - // error as false is OK - b, _ := strconv.ParseBool(value) - return b - } - return opts.isUniverseDomainGDU() -} - -type transportConfig struct { - // The client certificate source. - clientCertSource cert.Provider - // The corresponding endpoint to use based on client certificate source. - endpoint string - // The plaintext S2A address if it can be used, otherwise an empty string. - s2aAddress string - // The MTLS S2A address if it can be used, otherwise an empty string. - mtlsS2AAddress string - // The MTLS endpoint to use with S2A. - s2aMTLSEndpoint string -} - -// getEndpoint returns the endpoint for the service, taking into account the -// user-provided endpoint override "settings.Endpoint". -// -// If no endpoint override is specified, we will either return the default -// endpoint or the default mTLS endpoint if a client certificate is available. -// -// You can override the default endpoint choice (mTLS vs. regular) by setting -// the GOOGLE_API_USE_MTLS_ENDPOINT environment variable. -// -// If the endpoint override is an address (host:port) rather than full base -// URL (ex. https://...), then the user-provided address will be merged into -// the default endpoint. For example, WithEndpoint("myhost:8000") and -// DefaultEndpointTemplate("https://UNIVERSE_DOMAIN/bar/baz") will return -// "https://myhost:8080/bar/baz". Note that this does not apply to the mTLS -// endpoint. -func getEndpoint(opts *Options, clientCertSource cert.Provider) (string, error) { - if opts.Endpoint == "" { - mtlsMode := getMTLSMode() - if mtlsMode == mTLSModeAlways || (clientCertSource != nil && mtlsMode == mTLSModeAuto) { - return opts.defaultMTLSEndpoint(), nil - } - return opts.defaultEndpoint(), nil - } - if strings.Contains(opts.Endpoint, "://") { - // User passed in a full URL path, use it verbatim. - return opts.Endpoint, nil - } - if opts.defaultEndpoint() == "" { - // If DefaultEndpointTemplate is not configured, - // use the user provided endpoint verbatim. This allows a naked - // "host[:port]" URL to be used with GRPC Direct Path. - return opts.Endpoint, nil - } - - // Assume user-provided endpoint is host[:port], merge it with the default endpoint. - return opts.mergedEndpoint() -} - -func getMTLSMode() string { - mode := os.Getenv(googleAPIUseMTLS) - if mode == "" { - mode = os.Getenv(googleAPIUseMTLSOld) // Deprecated. - } - if mode == "" { - return mTLSModeAuto - } - return strings.ToLower(mode) -} diff --git a/vendor/cloud.google.com/go/auth/internal/transport/cert/default_cert.go b/vendor/cloud.google.com/go/auth/internal/transport/cert/default_cert.go deleted file mode 100644 index 5cedc50f..00000000 --- a/vendor/cloud.google.com/go/auth/internal/transport/cert/default_cert.go +++ /dev/null @@ -1,65 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package cert - -import ( - "crypto/tls" - "errors" - "sync" -) - -// defaultCertData holds all the variables pertaining to -// the default certificate provider created by [DefaultProvider]. -// -// A singleton model is used to allow the provider to be reused -// by the transport layer. As mentioned in [DefaultProvider] (provider nil, nil) -// may be returned to indicate a default provider could not be found, which -// will skip extra tls config in the transport layer . -type defaultCertData struct { - once sync.Once - provider Provider - err error -} - -var ( - defaultCert defaultCertData -) - -// Provider is a function that can be passed into crypto/tls.Config.GetClientCertificate. -type Provider func(*tls.CertificateRequestInfo) (*tls.Certificate, error) - -// errSourceUnavailable is a sentinel error to indicate certificate source is unavailable. -var errSourceUnavailable = errors.New("certificate source is unavailable") - -// DefaultProvider returns a certificate source using the preferred EnterpriseCertificateProxySource. -// If EnterpriseCertificateProxySource is not available, fall back to the legacy SecureConnectSource. -// -// If neither source is available (due to missing configurations), a nil Source and a nil Error are -// returned to indicate that a default certificate source is unavailable. -func DefaultProvider() (Provider, error) { - defaultCert.once.Do(func() { - defaultCert.provider, defaultCert.err = NewWorkloadX509CertProvider("") - if errors.Is(defaultCert.err, errSourceUnavailable) { - defaultCert.provider, defaultCert.err = NewEnterpriseCertificateProxyProvider("") - if errors.Is(defaultCert.err, errSourceUnavailable) { - defaultCert.provider, defaultCert.err = NewSecureConnectProvider("") - if errors.Is(defaultCert.err, errSourceUnavailable) { - defaultCert.provider, defaultCert.err = nil, nil - } - } - } - }) - return defaultCert.provider, defaultCert.err -} diff --git a/vendor/cloud.google.com/go/auth/internal/transport/cert/enterprise_cert.go b/vendor/cloud.google.com/go/auth/internal/transport/cert/enterprise_cert.go deleted file mode 100644 index 6c954ae1..00000000 --- a/vendor/cloud.google.com/go/auth/internal/transport/cert/enterprise_cert.go +++ /dev/null @@ -1,54 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package cert - -import ( - "crypto/tls" - - "github.com/googleapis/enterprise-certificate-proxy/client" -) - -type ecpSource struct { - key *client.Key -} - -// NewEnterpriseCertificateProxyProvider creates a certificate source -// using the Enterprise Certificate Proxy client, which delegates -// certifcate related operations to an OS-specific "signer binary" -// that communicates with the native keystore (ex. keychain on MacOS). -// -// The configFilePath points to a config file containing relevant parameters -// such as the certificate issuer and the location of the signer binary. -// If configFilePath is empty, the client will attempt to load the config from -// a well-known gcloud location. -func NewEnterpriseCertificateProxyProvider(configFilePath string) (Provider, error) { - key, err := client.Cred(configFilePath) - if err != nil { - // TODO(codyoss): once this is fixed upstream can handle this error a - // little better here. But be safe for now and assume unavailable. - return nil, errSourceUnavailable - } - - return (&ecpSource{ - key: key, - }).getClientCertificate, nil -} - -func (s *ecpSource) getClientCertificate(info *tls.CertificateRequestInfo) (*tls.Certificate, error) { - var cert tls.Certificate - cert.PrivateKey = s.key - cert.Certificate = s.key.CertificateChain() - return &cert, nil -} diff --git a/vendor/cloud.google.com/go/auth/internal/transport/cert/secureconnect_cert.go b/vendor/cloud.google.com/go/auth/internal/transport/cert/secureconnect_cert.go deleted file mode 100644 index 738cb216..00000000 --- a/vendor/cloud.google.com/go/auth/internal/transport/cert/secureconnect_cert.go +++ /dev/null @@ -1,124 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package cert - -import ( - "crypto/tls" - "crypto/x509" - "encoding/json" - "errors" - "fmt" - "os" - "os/exec" - "os/user" - "path/filepath" - "sync" - "time" -) - -const ( - metadataPath = ".secureConnect" - metadataFile = "context_aware_metadata.json" -) - -type secureConnectSource struct { - metadata secureConnectMetadata - - // Cache the cert to avoid executing helper command repeatedly. - cachedCertMutex sync.Mutex - cachedCert *tls.Certificate -} - -type secureConnectMetadata struct { - Cmd []string `json:"cert_provider_command"` -} - -// NewSecureConnectProvider creates a certificate source using -// the Secure Connect Helper and its associated metadata file. -// -// The configFilePath points to the location of the context aware metadata file. -// If configFilePath is empty, use the default context aware metadata location. -func NewSecureConnectProvider(configFilePath string) (Provider, error) { - if configFilePath == "" { - user, err := user.Current() - if err != nil { - // Error locating the default config means Secure Connect is not supported. - return nil, errSourceUnavailable - } - configFilePath = filepath.Join(user.HomeDir, metadataPath, metadataFile) - } - - file, err := os.ReadFile(configFilePath) - if err != nil { - // Config file missing means Secure Connect is not supported. - // There are non-os.ErrNotExist errors that may be returned. - // (e.g. if the home directory is /dev/null, *nix systems will - // return ENOTDIR instead of ENOENT) - return nil, errSourceUnavailable - } - - var metadata secureConnectMetadata - if err := json.Unmarshal(file, &metadata); err != nil { - return nil, fmt.Errorf("cert: could not parse JSON in %q: %w", configFilePath, err) - } - if err := validateMetadata(metadata); err != nil { - return nil, fmt.Errorf("cert: invalid config in %q: %w", configFilePath, err) - } - return (&secureConnectSource{ - metadata: metadata, - }).getClientCertificate, nil -} - -func validateMetadata(metadata secureConnectMetadata) error { - if len(metadata.Cmd) == 0 { - return errors.New("empty cert_provider_command") - } - return nil -} - -func (s *secureConnectSource) getClientCertificate(info *tls.CertificateRequestInfo) (*tls.Certificate, error) { - s.cachedCertMutex.Lock() - defer s.cachedCertMutex.Unlock() - if s.cachedCert != nil && !isCertificateExpired(s.cachedCert) { - return s.cachedCert, nil - } - // Expand OS environment variables in the cert provider command such as "$HOME". - for i := 0; i < len(s.metadata.Cmd); i++ { - s.metadata.Cmd[i] = os.ExpandEnv(s.metadata.Cmd[i]) - } - command := s.metadata.Cmd - data, err := exec.Command(command[0], command[1:]...).Output() - if err != nil { - return nil, err - } - cert, err := tls.X509KeyPair(data, data) - if err != nil { - return nil, err - } - s.cachedCert = &cert - return &cert, nil -} - -// isCertificateExpired returns true if the given cert is expired or invalid. -func isCertificateExpired(cert *tls.Certificate) bool { - if len(cert.Certificate) == 0 { - return true - } - parsed, err := x509.ParseCertificate(cert.Certificate[0]) - if err != nil { - return true - } - return time.Now().After(parsed.NotAfter) -} diff --git a/vendor/cloud.google.com/go/auth/internal/transport/cert/workload_cert.go b/vendor/cloud.google.com/go/auth/internal/transport/cert/workload_cert.go deleted file mode 100644 index 347aaced..00000000 --- a/vendor/cloud.google.com/go/auth/internal/transport/cert/workload_cert.go +++ /dev/null @@ -1,114 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package cert - -import ( - "crypto/tls" - "encoding/json" - "errors" - "io" - "os" - - "github.com/googleapis/enterprise-certificate-proxy/client/util" -) - -type certConfigs struct { - Workload *workloadSource `json:"workload"` -} - -type workloadSource struct { - CertPath string `json:"cert_path"` - KeyPath string `json:"key_path"` -} - -type certificateConfig struct { - CertConfigs certConfigs `json:"cert_configs"` -} - -// NewWorkloadX509CertProvider creates a certificate source -// that reads a certificate and private key file from the local file system. -// This is intended to be used for workload identity federation. -// -// The configFilePath points to a config file containing relevant parameters -// such as the certificate and key file paths. -// If configFilePath is empty, the client will attempt to load the config from -// a well-known gcloud location. -func NewWorkloadX509CertProvider(configFilePath string) (Provider, error) { - if configFilePath == "" { - envFilePath := util.GetConfigFilePathFromEnv() - if envFilePath != "" { - configFilePath = envFilePath - } else { - configFilePath = util.GetDefaultConfigFilePath() - } - } - - certFile, keyFile, err := getCertAndKeyFiles(configFilePath) - if err != nil { - return nil, err - } - - source := &workloadSource{ - CertPath: certFile, - KeyPath: keyFile, - } - return source.getClientCertificate, nil -} - -// getClientCertificate attempts to load the certificate and key from the files specified in the -// certificate config. -func (s *workloadSource) getClientCertificate(info *tls.CertificateRequestInfo) (*tls.Certificate, error) { - cert, err := tls.LoadX509KeyPair(s.CertPath, s.KeyPath) - if err != nil { - return nil, err - } - return &cert, nil -} - -// getCertAndKeyFiles attempts to read the provided config file and return the certificate and private -// key file paths. -func getCertAndKeyFiles(configFilePath string) (string, string, error) { - jsonFile, err := os.Open(configFilePath) - if err != nil { - return "", "", errSourceUnavailable - } - - byteValue, err := io.ReadAll(jsonFile) - if err != nil { - return "", "", err - } - - var config certificateConfig - if err := json.Unmarshal(byteValue, &config); err != nil { - return "", "", err - } - - if config.CertConfigs.Workload == nil { - return "", "", errSourceUnavailable - } - - certFile := config.CertConfigs.Workload.CertPath - keyFile := config.CertConfigs.Workload.KeyPath - - if certFile == "" { - return "", "", errors.New("certificate configuration is missing the certificate file location") - } - - if keyFile == "" { - return "", "", errors.New("certificate configuration is missing the key file location") - } - - return certFile, keyFile, nil -} diff --git a/vendor/cloud.google.com/go/auth/internal/transport/s2a.go b/vendor/cloud.google.com/go/auth/internal/transport/s2a.go deleted file mode 100644 index a6330995..00000000 --- a/vendor/cloud.google.com/go/auth/internal/transport/s2a.go +++ /dev/null @@ -1,138 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package transport - -import ( - "context" - "encoding/json" - "fmt" - "log" - "log/slog" - "os" - "strconv" - "sync" - - "cloud.google.com/go/auth/internal/transport/cert" - "cloud.google.com/go/compute/metadata" -) - -const ( - configEndpointSuffix = "instance/platform-security/auto-mtls-configuration" -) - -var ( - mtlsConfiguration *mtlsConfig - - mtlsOnce sync.Once -) - -// GetS2AAddress returns the S2A address to be reached via plaintext connection. -// Returns empty string if not set or invalid. -func GetS2AAddress(logger *slog.Logger) string { - getMetadataMTLSAutoConfig(logger) - if !mtlsConfiguration.valid() { - return "" - } - return mtlsConfiguration.S2A.PlaintextAddress -} - -// GetMTLSS2AAddress returns the S2A address to be reached via MTLS connection. -// Returns empty string if not set or invalid. -func GetMTLSS2AAddress(logger *slog.Logger) string { - getMetadataMTLSAutoConfig(logger) - if !mtlsConfiguration.valid() { - return "" - } - return mtlsConfiguration.S2A.MTLSAddress -} - -// mtlsConfig contains the configuration for establishing MTLS connections with Google APIs. -type mtlsConfig struct { - S2A *s2aAddresses `json:"s2a"` -} - -func (c *mtlsConfig) valid() bool { - return c != nil && c.S2A != nil -} - -// s2aAddresses contains the plaintext and/or MTLS S2A addresses. -type s2aAddresses struct { - // PlaintextAddress is the plaintext address to reach S2A - PlaintextAddress string `json:"plaintext_address"` - // MTLSAddress is the MTLS address to reach S2A - MTLSAddress string `json:"mtls_address"` -} - -func getMetadataMTLSAutoConfig(logger *slog.Logger) { - var err error - mtlsOnce.Do(func() { - mtlsConfiguration, err = queryConfig(logger) - if err != nil { - log.Printf("Getting MTLS config failed: %v", err) - } - }) -} - -var httpGetMetadataMTLSConfig = func(logger *slog.Logger) (string, error) { - metadataClient := metadata.NewWithOptions(&metadata.Options{ - Logger: logger, - }) - return metadataClient.GetWithContext(context.Background(), configEndpointSuffix) -} - -func queryConfig(logger *slog.Logger) (*mtlsConfig, error) { - resp, err := httpGetMetadataMTLSConfig(logger) - if err != nil { - return nil, fmt.Errorf("querying MTLS config from MDS endpoint failed: %w", err) - } - var config mtlsConfig - err = json.Unmarshal([]byte(resp), &config) - if err != nil { - return nil, fmt.Errorf("unmarshalling MTLS config from MDS endpoint failed: %w", err) - } - if config.S2A == nil { - return nil, fmt.Errorf("returned MTLS config from MDS endpoint is invalid: %v", config) - } - return &config, nil -} - -func shouldUseS2A(clientCertSource cert.Provider, opts *Options) bool { - // If client cert is found, use that over S2A. - if clientCertSource != nil { - return false - } - // If EXPERIMENTAL_GOOGLE_API_USE_S2A is not set to true, skip S2A. - if !isGoogleS2AEnabled() { - return false - } - // If DefaultMTLSEndpoint is not set or has endpoint override, skip S2A. - if opts.DefaultMTLSEndpoint == "" || opts.Endpoint != "" { - return false - } - // If custom HTTP client is provided, skip S2A. - if opts.Client != nil { - return false - } - // If directPath is enabled, skip S2A. - return !opts.EnableDirectPath && !opts.EnableDirectPathXds -} - -func isGoogleS2AEnabled() bool { - b, err := strconv.ParseBool(os.Getenv(googleAPIUseS2AEnv)) - if err != nil { - return false - } - return b -} diff --git a/vendor/cloud.google.com/go/auth/internal/transport/transport.go b/vendor/cloud.google.com/go/auth/internal/transport/transport.go deleted file mode 100644 index 5c8721ef..00000000 --- a/vendor/cloud.google.com/go/auth/internal/transport/transport.go +++ /dev/null @@ -1,107 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package transport provided internal helpers for the two transport packages -// (grpctransport and httptransport). -package transport - -import ( - "crypto/tls" - "fmt" - "net" - "net/http" - "time" - - "cloud.google.com/go/auth/credentials" -) - -// CloneDetectOptions clones a user set detect option into some new memory that -// we can internally manipulate before sending onto the detect package. -func CloneDetectOptions(oldDo *credentials.DetectOptions) *credentials.DetectOptions { - if oldDo == nil { - // it is valid for users not to set this, but we will need to to default - // some options for them in this case so return some initialized memory - // to work with. - return &credentials.DetectOptions{} - } - newDo := &credentials.DetectOptions{ - // Simple types - TokenBindingType: oldDo.TokenBindingType, - Audience: oldDo.Audience, - Subject: oldDo.Subject, - EarlyTokenRefresh: oldDo.EarlyTokenRefresh, - TokenURL: oldDo.TokenURL, - STSAudience: oldDo.STSAudience, - CredentialsFile: oldDo.CredentialsFile, - UseSelfSignedJWT: oldDo.UseSelfSignedJWT, - UniverseDomain: oldDo.UniverseDomain, - - // These fields are pointer types that we just want to use exactly as - // the user set, copy the ref - Client: oldDo.Client, - Logger: oldDo.Logger, - AuthHandlerOptions: oldDo.AuthHandlerOptions, - } - - // Smartly size this memory and copy below. - if len(oldDo.CredentialsJSON) > 0 { - newDo.CredentialsJSON = make([]byte, len(oldDo.CredentialsJSON)) - copy(newDo.CredentialsJSON, oldDo.CredentialsJSON) - } - if len(oldDo.Scopes) > 0 { - newDo.Scopes = make([]string, len(oldDo.Scopes)) - copy(newDo.Scopes, oldDo.Scopes) - } - - return newDo -} - -// ValidateUniverseDomain verifies that the universe domain configured for the -// client matches the universe domain configured for the credentials. -func ValidateUniverseDomain(clientUniverseDomain, credentialsUniverseDomain string) error { - if clientUniverseDomain != credentialsUniverseDomain { - return fmt.Errorf( - "the configured universe domain (%q) does not match the universe "+ - "domain found in the credentials (%q). If you haven't configured "+ - "the universe domain explicitly, \"googleapis.com\" is the default", - clientUniverseDomain, - credentialsUniverseDomain) - } - return nil -} - -// DefaultHTTPClientWithTLS constructs an HTTPClient using the provided tlsConfig, to support mTLS. -func DefaultHTTPClientWithTLS(tlsConfig *tls.Config) *http.Client { - trans := BaseTransport() - trans.TLSClientConfig = tlsConfig - return &http.Client{Transport: trans} -} - -// BaseTransport returns a default [http.Transport] which can be used if -// [http.DefaultTransport] has been overwritten. -func BaseTransport() *http.Transport { - return &http.Transport{ - Proxy: http.ProxyFromEnvironment, - DialContext: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - DualStack: true, - }).DialContext, - MaxIdleConns: 100, - MaxIdleConnsPerHost: 100, - IdleConnTimeout: 90 * time.Second, - TLSHandshakeTimeout: 10 * time.Second, - ExpectContinueTimeout: 1 * time.Second, - } -} diff --git a/vendor/cloud.google.com/go/auth/oauth2adapt/CHANGES.md b/vendor/cloud.google.com/go/auth/oauth2adapt/CHANGES.md deleted file mode 100644 index d9044f1a..00000000 --- a/vendor/cloud.google.com/go/auth/oauth2adapt/CHANGES.md +++ /dev/null @@ -1,75 +0,0 @@ -# Changelog - -## [0.2.7](https://github.com/googleapis/google-cloud-go/compare/auth/oauth2adapt/v0.2.6...auth/oauth2adapt/v0.2.7) (2025-01-09) - - -### Bug Fixes - -* **auth/oauth2adapt:** Update golang.org/x/net to v0.33.0 ([e9b0b69](https://github.com/googleapis/google-cloud-go/commit/e9b0b69644ea5b276cacff0a707e8a5e87efafc9)) - -## [0.2.6](https://github.com/googleapis/google-cloud-go/compare/auth/oauth2adapt/v0.2.5...auth/oauth2adapt/v0.2.6) (2024-11-21) - - -### Bug Fixes - -* **auth/oauth2adapt:** Copy map in tokenSourceAdapter.Token ([#11164](https://github.com/googleapis/google-cloud-go/issues/11164)) ([8cb0cbc](https://github.com/googleapis/google-cloud-go/commit/8cb0cbccdc32886dfb3af49fee04012937d114d2)), refs [#11161](https://github.com/googleapis/google-cloud-go/issues/11161) - -## [0.2.5](https://github.com/googleapis/google-cloud-go/compare/auth/oauth2adapt/v0.2.4...auth/oauth2adapt/v0.2.5) (2024-10-30) - - -### Bug Fixes - -* **auth/oauth2adapt:** Convert token metadata where possible ([#11062](https://github.com/googleapis/google-cloud-go/issues/11062)) ([34bf1c1](https://github.com/googleapis/google-cloud-go/commit/34bf1c164465d66745c0cfdf7cd10a8e2da92e52)) - -## [0.2.4](https://github.com/googleapis/google-cloud-go/compare/auth/oauth2adapt/v0.2.3...auth/oauth2adapt/v0.2.4) (2024-08-08) - - -### Bug Fixes - -* **auth/oauth2adapt:** Update dependencies ([257c40b](https://github.com/googleapis/google-cloud-go/commit/257c40bd6d7e59730017cf32bda8823d7a232758)) - -## [0.2.3](https://github.com/googleapis/google-cloud-go/compare/auth/oauth2adapt/v0.2.2...auth/oauth2adapt/v0.2.3) (2024-07-10) - - -### Bug Fixes - -* **auth/oauth2adapt:** Bump google.golang.org/api@v0.187.0 ([8fa9e39](https://github.com/googleapis/google-cloud-go/commit/8fa9e398e512fd8533fd49060371e61b5725a85b)) - -## [0.2.2](https://github.com/googleapis/google-cloud-go/compare/auth/oauth2adapt/v0.2.1...auth/oauth2adapt/v0.2.2) (2024-04-23) - - -### Bug Fixes - -* **auth/oauth2adapt:** Bump x/net to v0.24.0 ([ba31ed5](https://github.com/googleapis/google-cloud-go/commit/ba31ed5fda2c9664f2e1cf972469295e63deb5b4)) - -## [0.2.1](https://github.com/googleapis/google-cloud-go/compare/auth/oauth2adapt/v0.2.0...auth/oauth2adapt/v0.2.1) (2024-04-18) - - -### Bug Fixes - -* **auth/oauth2adapt:** Adapt Token Types to be translated ([#9801](https://github.com/googleapis/google-cloud-go/issues/9801)) ([70f4115](https://github.com/googleapis/google-cloud-go/commit/70f411555ebbf2b71e6d425cc8d2030644c6b438)), refs [#9800](https://github.com/googleapis/google-cloud-go/issues/9800) - -## [0.2.0](https://github.com/googleapis/google-cloud-go/compare/auth/oauth2adapt/v0.1.0...auth/oauth2adapt/v0.2.0) (2024-04-16) - - -### Features - -* **auth/oauth2adapt:** Add helpers for working with credentials types ([#9694](https://github.com/googleapis/google-cloud-go/issues/9694)) ([cf33b55](https://github.com/googleapis/google-cloud-go/commit/cf33b5514423a2ac5c2a323a1cd99aac34fd4233)) - - -### Bug Fixes - -* **auth/oauth2adapt:** Update protobuf dep to v1.33.0 ([30b038d](https://github.com/googleapis/google-cloud-go/commit/30b038d8cac0b8cd5dd4761c87f3f298760dd33a)) - -## 0.1.0 (2023-10-19) - - -### Features - -* **auth/oauth2adapt:** Adds a new module to translate types ([#8595](https://github.com/googleapis/google-cloud-go/issues/8595)) ([6933c5a](https://github.com/googleapis/google-cloud-go/commit/6933c5a0c1fc8e58cbfff8bbca439d671b94672f)) -* **auth/oauth2adapt:** Fixup deps for release ([#8747](https://github.com/googleapis/google-cloud-go/issues/8747)) ([749d243](https://github.com/googleapis/google-cloud-go/commit/749d243862b025a6487a4d2d339219889b4cfe70)) - - -### Bug Fixes - -* **auth/oauth2adapt:** Update golang.org/x/net to v0.17.0 ([174da47](https://github.com/googleapis/google-cloud-go/commit/174da47254fefb12921bbfc65b7829a453af6f5d)) diff --git a/vendor/cloud.google.com/go/auth/oauth2adapt/LICENSE b/vendor/cloud.google.com/go/auth/oauth2adapt/LICENSE deleted file mode 100644 index d6456956..00000000 --- a/vendor/cloud.google.com/go/auth/oauth2adapt/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/cloud.google.com/go/auth/oauth2adapt/oauth2adapt.go b/vendor/cloud.google.com/go/auth/oauth2adapt/oauth2adapt.go deleted file mode 100644 index 9cc33e5e..00000000 --- a/vendor/cloud.google.com/go/auth/oauth2adapt/oauth2adapt.go +++ /dev/null @@ -1,200 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package oauth2adapt helps converts types used in [cloud.google.com/go/auth] -// and [golang.org/x/oauth2]. -package oauth2adapt - -import ( - "context" - "encoding/json" - "errors" - - "cloud.google.com/go/auth" - "golang.org/x/oauth2" - "golang.org/x/oauth2/google" -) - -const ( - oauth2TokenSourceKey = "oauth2.google.tokenSource" - oauth2ServiceAccountKey = "oauth2.google.serviceAccount" - authTokenSourceKey = "auth.google.tokenSource" - authServiceAccountKey = "auth.google.serviceAccount" -) - -// TokenProviderFromTokenSource converts any [golang.org/x/oauth2.TokenSource] -// into a [cloud.google.com/go/auth.TokenProvider]. -func TokenProviderFromTokenSource(ts oauth2.TokenSource) auth.TokenProvider { - return &tokenProviderAdapter{ts: ts} -} - -type tokenProviderAdapter struct { - ts oauth2.TokenSource -} - -// Token fulfills the [cloud.google.com/go/auth.TokenProvider] interface. It -// is a light wrapper around the underlying TokenSource. -func (tp *tokenProviderAdapter) Token(context.Context) (*auth.Token, error) { - tok, err := tp.ts.Token() - if err != nil { - var err2 *oauth2.RetrieveError - if ok := errors.As(err, &err2); ok { - return nil, AuthErrorFromRetrieveError(err2) - } - return nil, err - } - // Preserve compute token metadata, for both types of tokens. - metadata := map[string]interface{}{} - if val, ok := tok.Extra(oauth2TokenSourceKey).(string); ok { - metadata[authTokenSourceKey] = val - metadata[oauth2TokenSourceKey] = val - } - if val, ok := tok.Extra(oauth2ServiceAccountKey).(string); ok { - metadata[authServiceAccountKey] = val - metadata[oauth2ServiceAccountKey] = val - } - return &auth.Token{ - Value: tok.AccessToken, - Type: tok.Type(), - Expiry: tok.Expiry, - Metadata: metadata, - }, nil -} - -// TokenSourceFromTokenProvider converts any -// [cloud.google.com/go/auth.TokenProvider] into a -// [golang.org/x/oauth2.TokenSource]. -func TokenSourceFromTokenProvider(tp auth.TokenProvider) oauth2.TokenSource { - return &tokenSourceAdapter{tp: tp} -} - -type tokenSourceAdapter struct { - tp auth.TokenProvider -} - -// Token fulfills the [golang.org/x/oauth2.TokenSource] interface. It -// is a light wrapper around the underlying TokenProvider. -func (ts *tokenSourceAdapter) Token() (*oauth2.Token, error) { - tok, err := ts.tp.Token(context.Background()) - if err != nil { - var err2 *auth.Error - if ok := errors.As(err, &err2); ok { - return nil, AddRetrieveErrorToAuthError(err2) - } - return nil, err - } - tok2 := &oauth2.Token{ - AccessToken: tok.Value, - TokenType: tok.Type, - Expiry: tok.Expiry, - } - // Preserve token metadata. - m := tok.Metadata - if m != nil { - // Copy map to avoid concurrent map writes error (#11161). - metadata := make(map[string]interface{}, len(m)+2) - for k, v := range m { - metadata[k] = v - } - // Append compute token metadata in converted form. - if val, ok := metadata[authTokenSourceKey].(string); ok && val != "" { - metadata[oauth2TokenSourceKey] = val - } - if val, ok := metadata[authServiceAccountKey].(string); ok && val != "" { - metadata[oauth2ServiceAccountKey] = val - } - tok2 = tok2.WithExtra(metadata) - } - return tok2, nil -} - -// AuthCredentialsFromOauth2Credentials converts a [golang.org/x/oauth2/google.Credentials] -// to a [cloud.google.com/go/auth.Credentials]. -func AuthCredentialsFromOauth2Credentials(creds *google.Credentials) *auth.Credentials { - if creds == nil { - return nil - } - return auth.NewCredentials(&auth.CredentialsOptions{ - TokenProvider: TokenProviderFromTokenSource(creds.TokenSource), - JSON: creds.JSON, - ProjectIDProvider: auth.CredentialsPropertyFunc(func(ctx context.Context) (string, error) { - return creds.ProjectID, nil - }), - UniverseDomainProvider: auth.CredentialsPropertyFunc(func(ctx context.Context) (string, error) { - return creds.GetUniverseDomain() - }), - }) -} - -// Oauth2CredentialsFromAuthCredentials converts a [cloud.google.com/go/auth.Credentials] -// to a [golang.org/x/oauth2/google.Credentials]. -func Oauth2CredentialsFromAuthCredentials(creds *auth.Credentials) *google.Credentials { - if creds == nil { - return nil - } - // Throw away errors as old credentials are not request aware. Also, no - // network requests are currently happening for this use case. - projectID, _ := creds.ProjectID(context.Background()) - - return &google.Credentials{ - TokenSource: TokenSourceFromTokenProvider(creds.TokenProvider), - ProjectID: projectID, - JSON: creds.JSON(), - UniverseDomainProvider: func() (string, error) { - return creds.UniverseDomain(context.Background()) - }, - } -} - -type oauth2Error struct { - ErrorCode string `json:"error"` - ErrorDescription string `json:"error_description"` - ErrorURI string `json:"error_uri"` -} - -// AddRetrieveErrorToAuthError returns the same error provided and adds a -// [golang.org/x/oauth2.RetrieveError] to the error chain by setting the `Err` field on the -// [cloud.google.com/go/auth.Error]. -func AddRetrieveErrorToAuthError(err *auth.Error) *auth.Error { - if err == nil { - return nil - } - e := &oauth2.RetrieveError{ - Response: err.Response, - Body: err.Body, - } - err.Err = e - if len(err.Body) > 0 { - var oErr oauth2Error - // ignore the error as it only fills in extra details - json.Unmarshal(err.Body, &oErr) - e.ErrorCode = oErr.ErrorCode - e.ErrorDescription = oErr.ErrorDescription - e.ErrorURI = oErr.ErrorURI - } - return err -} - -// AuthErrorFromRetrieveError returns an [cloud.google.com/go/auth.Error] that -// wraps the provided [golang.org/x/oauth2.RetrieveError]. -func AuthErrorFromRetrieveError(err *oauth2.RetrieveError) *auth.Error { - if err == nil { - return nil - } - return &auth.Error{ - Response: err.Response, - Body: err.Body, - Err: err, - } -} diff --git a/vendor/cloud.google.com/go/auth/threelegged.go b/vendor/cloud.google.com/go/auth/threelegged.go deleted file mode 100644 index 07804dc1..00000000 --- a/vendor/cloud.google.com/go/auth/threelegged.go +++ /dev/null @@ -1,382 +0,0 @@ -// Copyright 2023 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package auth - -import ( - "bytes" - "context" - "encoding/json" - "errors" - "fmt" - "log/slog" - "mime" - "net/http" - "net/url" - "strconv" - "strings" - "time" - - "cloud.google.com/go/auth/internal" - "github.com/googleapis/gax-go/v2/internallog" -) - -// AuthorizationHandler is a 3-legged-OAuth helper that prompts the user for -// OAuth consent at the specified auth code URL and returns an auth code and -// state upon approval. -type AuthorizationHandler func(authCodeURL string) (code string, state string, err error) - -// Options3LO are the options for doing a 3-legged OAuth2 flow. -type Options3LO struct { - // ClientID is the application's ID. - ClientID string - // ClientSecret is the application's secret. Not required if AuthHandlerOpts - // is set. - ClientSecret string - // AuthURL is the URL for authenticating. - AuthURL string - // TokenURL is the URL for retrieving a token. - TokenURL string - // AuthStyle is used to describe how to client info in the token request. - AuthStyle Style - // RefreshToken is the token used to refresh the credential. Not required - // if AuthHandlerOpts is set. - RefreshToken string - // RedirectURL is the URL to redirect users to. Optional. - RedirectURL string - // Scopes specifies requested permissions for the Token. Optional. - Scopes []string - - // URLParams are the set of values to apply to the token exchange. Optional. - URLParams url.Values - // Client is the client to be used to make the underlying token requests. - // Optional. - Client *http.Client - // EarlyTokenExpiry is the time before the token expires that it should be - // refreshed. If not set the default value is 3 minutes and 45 seconds. - // Optional. - EarlyTokenExpiry time.Duration - - // AuthHandlerOpts provides a set of options for doing a - // 3-legged OAuth2 flow with a custom [AuthorizationHandler]. Optional. - AuthHandlerOpts *AuthorizationHandlerOptions - // Logger is used for debug logging. If provided, logging will be enabled - // at the loggers configured level. By default logging is disabled unless - // enabled by setting GOOGLE_SDK_GO_LOGGING_LEVEL in which case a default - // logger will be used. Optional. - Logger *slog.Logger -} - -func (o *Options3LO) validate() error { - if o == nil { - return errors.New("auth: options must be provided") - } - if o.ClientID == "" { - return errors.New("auth: client ID must be provided") - } - if o.AuthHandlerOpts == nil && o.ClientSecret == "" { - return errors.New("auth: client secret must be provided") - } - if o.AuthURL == "" { - return errors.New("auth: auth URL must be provided") - } - if o.TokenURL == "" { - return errors.New("auth: token URL must be provided") - } - if o.AuthStyle == StyleUnknown { - return errors.New("auth: auth style must be provided") - } - if o.AuthHandlerOpts == nil && o.RefreshToken == "" { - return errors.New("auth: refresh token must be provided") - } - return nil -} - -func (o *Options3LO) logger() *slog.Logger { - return internallog.New(o.Logger) -} - -// PKCEOptions holds parameters to support PKCE. -type PKCEOptions struct { - // Challenge is the un-padded, base64-url-encoded string of the encrypted code verifier. - Challenge string // The un-padded, base64-url-encoded string of the encrypted code verifier. - // ChallengeMethod is the encryption method (ex. S256). - ChallengeMethod string - // Verifier is the original, non-encrypted secret. - Verifier string // The original, non-encrypted secret. -} - -type tokenJSON struct { - AccessToken string `json:"access_token"` - TokenType string `json:"token_type"` - RefreshToken string `json:"refresh_token"` - ExpiresIn int `json:"expires_in"` - // error fields - ErrorCode string `json:"error"` - ErrorDescription string `json:"error_description"` - ErrorURI string `json:"error_uri"` -} - -func (e *tokenJSON) expiry() (t time.Time) { - if v := e.ExpiresIn; v != 0 { - return time.Now().Add(time.Duration(v) * time.Second) - } - return -} - -func (o *Options3LO) client() *http.Client { - if o.Client != nil { - return o.Client - } - return internal.DefaultClient() -} - -// authCodeURL returns a URL that points to a OAuth2 consent page. -func (o *Options3LO) authCodeURL(state string, values url.Values) string { - var buf bytes.Buffer - buf.WriteString(o.AuthURL) - v := url.Values{ - "response_type": {"code"}, - "client_id": {o.ClientID}, - } - if o.RedirectURL != "" { - v.Set("redirect_uri", o.RedirectURL) - } - if len(o.Scopes) > 0 { - v.Set("scope", strings.Join(o.Scopes, " ")) - } - if state != "" { - v.Set("state", state) - } - if o.AuthHandlerOpts != nil { - if o.AuthHandlerOpts.PKCEOpts != nil && - o.AuthHandlerOpts.PKCEOpts.Challenge != "" { - v.Set(codeChallengeKey, o.AuthHandlerOpts.PKCEOpts.Challenge) - } - if o.AuthHandlerOpts.PKCEOpts != nil && - o.AuthHandlerOpts.PKCEOpts.ChallengeMethod != "" { - v.Set(codeChallengeMethodKey, o.AuthHandlerOpts.PKCEOpts.ChallengeMethod) - } - } - for k := range values { - v.Set(k, v.Get(k)) - } - if strings.Contains(o.AuthURL, "?") { - buf.WriteByte('&') - } else { - buf.WriteByte('?') - } - buf.WriteString(v.Encode()) - return buf.String() -} - -// New3LOTokenProvider returns a [TokenProvider] based on the 3-legged OAuth2 -// configuration. The TokenProvider is caches and auto-refreshes tokens by -// default. -func New3LOTokenProvider(opts *Options3LO) (TokenProvider, error) { - if err := opts.validate(); err != nil { - return nil, err - } - if opts.AuthHandlerOpts != nil { - return new3LOTokenProviderWithAuthHandler(opts), nil - } - return NewCachedTokenProvider(&tokenProvider3LO{opts: opts, refreshToken: opts.RefreshToken, client: opts.client()}, &CachedTokenProviderOptions{ - ExpireEarly: opts.EarlyTokenExpiry, - }), nil -} - -// AuthorizationHandlerOptions provides a set of options to specify for doing a -// 3-legged OAuth2 flow with a custom [AuthorizationHandler]. -type AuthorizationHandlerOptions struct { - // AuthorizationHandler specifies the handler used to for the authorization - // part of the flow. - Handler AuthorizationHandler - // State is used verify that the "state" is identical in the request and - // response before exchanging the auth code for OAuth2 token. - State string - // PKCEOpts allows setting configurations for PKCE. Optional. - PKCEOpts *PKCEOptions -} - -func new3LOTokenProviderWithAuthHandler(opts *Options3LO) TokenProvider { - return NewCachedTokenProvider(&tokenProviderWithHandler{opts: opts, state: opts.AuthHandlerOpts.State}, &CachedTokenProviderOptions{ - ExpireEarly: opts.EarlyTokenExpiry, - }) -} - -// exchange handles the final exchange portion of the 3lo flow. Returns a Token, -// refreshToken, and error. -func (o *Options3LO) exchange(ctx context.Context, code string) (*Token, string, error) { - // Build request - v := url.Values{ - "grant_type": {"authorization_code"}, - "code": {code}, - } - if o.RedirectURL != "" { - v.Set("redirect_uri", o.RedirectURL) - } - if o.AuthHandlerOpts != nil && - o.AuthHandlerOpts.PKCEOpts != nil && - o.AuthHandlerOpts.PKCEOpts.Verifier != "" { - v.Set(codeVerifierKey, o.AuthHandlerOpts.PKCEOpts.Verifier) - } - for k := range o.URLParams { - v.Set(k, o.URLParams.Get(k)) - } - return fetchToken(ctx, o, v) -} - -// This struct is not safe for concurrent access alone, but the way it is used -// in this package by wrapping it with a cachedTokenProvider makes it so. -type tokenProvider3LO struct { - opts *Options3LO - client *http.Client - refreshToken string -} - -func (tp *tokenProvider3LO) Token(ctx context.Context) (*Token, error) { - if tp.refreshToken == "" { - return nil, errors.New("auth: token expired and refresh token is not set") - } - v := url.Values{ - "grant_type": {"refresh_token"}, - "refresh_token": {tp.refreshToken}, - } - for k := range tp.opts.URLParams { - v.Set(k, tp.opts.URLParams.Get(k)) - } - - tk, rt, err := fetchToken(ctx, tp.opts, v) - if err != nil { - return nil, err - } - if tp.refreshToken != rt && rt != "" { - tp.refreshToken = rt - } - return tk, err -} - -type tokenProviderWithHandler struct { - opts *Options3LO - state string -} - -func (tp tokenProviderWithHandler) Token(ctx context.Context) (*Token, error) { - url := tp.opts.authCodeURL(tp.state, nil) - code, state, err := tp.opts.AuthHandlerOpts.Handler(url) - if err != nil { - return nil, err - } - if state != tp.state { - return nil, errors.New("auth: state mismatch in 3-legged-OAuth flow") - } - tok, _, err := tp.opts.exchange(ctx, code) - return tok, err -} - -// fetchToken returns a Token, refresh token, and/or an error. -func fetchToken(ctx context.Context, o *Options3LO, v url.Values) (*Token, string, error) { - var refreshToken string - if o.AuthStyle == StyleInParams { - if o.ClientID != "" { - v.Set("client_id", o.ClientID) - } - if o.ClientSecret != "" { - v.Set("client_secret", o.ClientSecret) - } - } - req, err := http.NewRequestWithContext(ctx, "POST", o.TokenURL, strings.NewReader(v.Encode())) - if err != nil { - return nil, refreshToken, err - } - req.Header.Set("Content-Type", "application/x-www-form-urlencoded") - if o.AuthStyle == StyleInHeader { - req.SetBasicAuth(url.QueryEscape(o.ClientID), url.QueryEscape(o.ClientSecret)) - } - logger := o.logger() - - logger.DebugContext(ctx, "3LO token request", "request", internallog.HTTPRequest(req, []byte(v.Encode()))) - // Make request - resp, body, err := internal.DoRequest(o.client(), req) - if err != nil { - return nil, refreshToken, err - } - logger.DebugContext(ctx, "3LO token response", "response", internallog.HTTPResponse(resp, body)) - failureStatus := resp.StatusCode < 200 || resp.StatusCode > 299 - tokError := &Error{ - Response: resp, - Body: body, - } - - var token *Token - // errors ignored because of default switch on content - content, _, _ := mime.ParseMediaType(resp.Header.Get("Content-Type")) - switch content { - case "application/x-www-form-urlencoded", "text/plain": - // some endpoints return a query string - vals, err := url.ParseQuery(string(body)) - if err != nil { - if failureStatus { - return nil, refreshToken, tokError - } - return nil, refreshToken, fmt.Errorf("auth: cannot parse response: %w", err) - } - tokError.code = vals.Get("error") - tokError.description = vals.Get("error_description") - tokError.uri = vals.Get("error_uri") - token = &Token{ - Value: vals.Get("access_token"), - Type: vals.Get("token_type"), - Metadata: make(map[string]interface{}, len(vals)), - } - for k, v := range vals { - token.Metadata[k] = v - } - refreshToken = vals.Get("refresh_token") - e := vals.Get("expires_in") - expires, _ := strconv.Atoi(e) - if expires != 0 { - token.Expiry = time.Now().Add(time.Duration(expires) * time.Second) - } - default: - var tj tokenJSON - if err = json.Unmarshal(body, &tj); err != nil { - if failureStatus { - return nil, refreshToken, tokError - } - return nil, refreshToken, fmt.Errorf("auth: cannot parse json: %w", err) - } - tokError.code = tj.ErrorCode - tokError.description = tj.ErrorDescription - tokError.uri = tj.ErrorURI - token = &Token{ - Value: tj.AccessToken, - Type: tj.TokenType, - Expiry: tj.expiry(), - Metadata: make(map[string]interface{}), - } - json.Unmarshal(body, &token.Metadata) // optional field, skip err check - refreshToken = tj.RefreshToken - } - // according to spec, servers should respond status 400 in error case - // https://www.rfc-editor.org/rfc/rfc6749#section-5.2 - // but some unorthodox servers respond 200 in error case - if failureStatus || tokError.code != "" { - return nil, refreshToken, tokError - } - if token.Value == "" { - return nil, refreshToken, errors.New("auth: server response missing access_token") - } - return token, refreshToken, nil -} diff --git a/vendor/cloud.google.com/go/compute/metadata/CHANGES.md b/vendor/cloud.google.com/go/compute/metadata/CHANGES.md deleted file mode 100644 index bcfb5d81..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/CHANGES.md +++ /dev/null @@ -1,66 +0,0 @@ -# Changes - -## [0.6.0](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.5.2...compute/metadata/v0.6.0) (2024-12-13) - - -### Features - -* **compute/metadata:** Add debug logging ([#11078](https://github.com/googleapis/google-cloud-go/issues/11078)) ([a816814](https://github.com/googleapis/google-cloud-go/commit/a81681463906e4473570a2f426eb0dc2de64e53f)) - -## [0.5.2](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.5.1...compute/metadata/v0.5.2) (2024-09-20) - - -### Bug Fixes - -* **compute/metadata:** Close Response Body for failed request ([#10891](https://github.com/googleapis/google-cloud-go/issues/10891)) ([e91d45e](https://github.com/googleapis/google-cloud-go/commit/e91d45e4757a9e354114509ba9800085d9e0ff1f)) - -## [0.5.1](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.5.0...compute/metadata/v0.5.1) (2024-09-12) - - -### Bug Fixes - -* **compute/metadata:** Check error chain for retryable error ([#10840](https://github.com/googleapis/google-cloud-go/issues/10840)) ([2bdedef](https://github.com/googleapis/google-cloud-go/commit/2bdedeff621b223d63cebc4355fcf83bc68412cd)) - -## [0.5.0](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.4.0...compute/metadata/v0.5.0) (2024-07-10) - - -### Features - -* **compute/metadata:** Add sys check for windows OnGCE ([#10521](https://github.com/googleapis/google-cloud-go/issues/10521)) ([3b9a830](https://github.com/googleapis/google-cloud-go/commit/3b9a83063960d2a2ac20beb47cc15818a68bd302)) - -## [0.4.0](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.3.0...compute/metadata/v0.4.0) (2024-07-01) - - -### Features - -* **compute/metadata:** Add context for all functions/methods ([#10370](https://github.com/googleapis/google-cloud-go/issues/10370)) ([66b8efe](https://github.com/googleapis/google-cloud-go/commit/66b8efe7ad877e052b2987bb4475477e38c67bb3)) - - -### Documentation - -* **compute/metadata:** Update OnGCE description ([#10408](https://github.com/googleapis/google-cloud-go/issues/10408)) ([6a46dca](https://github.com/googleapis/google-cloud-go/commit/6a46dca4eae4f88ec6f88822e01e5bf8aeca787f)) - -## [0.3.0](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.2.3...compute/metadata/v0.3.0) (2024-04-15) - - -### Features - -* **compute/metadata:** Add context aware functions ([#9733](https://github.com/googleapis/google-cloud-go/issues/9733)) ([e4eb5b4](https://github.com/googleapis/google-cloud-go/commit/e4eb5b46ee2aec9d2fc18300bfd66015e25a0510)) - -## [0.2.3](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.2.2...compute/metadata/v0.2.3) (2022-12-15) - - -### Bug Fixes - -* **compute/metadata:** Switch DNS lookup to an absolute lookup ([119b410](https://github.com/googleapis/google-cloud-go/commit/119b41060c7895e45e48aee5621ad35607c4d021)), refs [#7165](https://github.com/googleapis/google-cloud-go/issues/7165) - -## [0.2.2](https://github.com/googleapis/google-cloud-go/compare/compute/metadata/v0.2.1...compute/metadata/v0.2.2) (2022-12-01) - - -### Bug Fixes - -* **compute/metadata:** Set IdleConnTimeout for http.Client ([#7084](https://github.com/googleapis/google-cloud-go/issues/7084)) ([766516a](https://github.com/googleapis/google-cloud-go/commit/766516aaf3816bfb3159efeea65aa3d1d205a3e2)), refs [#5430](https://github.com/googleapis/google-cloud-go/issues/5430) - -## [0.1.0] (2022-10-26) - -Initial release of metadata being it's own module. diff --git a/vendor/cloud.google.com/go/compute/metadata/LICENSE b/vendor/cloud.google.com/go/compute/metadata/LICENSE deleted file mode 100644 index d6456956..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/cloud.google.com/go/compute/metadata/README.md b/vendor/cloud.google.com/go/compute/metadata/README.md deleted file mode 100644 index f940fb2c..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/README.md +++ /dev/null @@ -1,27 +0,0 @@ -# Compute API - -[![Go Reference](https://pkg.go.dev/badge/cloud.google.com/go/compute.svg)](https://pkg.go.dev/cloud.google.com/go/compute/metadata) - -This is a utility library for communicating with Google Cloud metadata service -on Google Cloud. - -## Install - -```bash -go get cloud.google.com/go/compute/metadata -``` - -## Go Version Support - -See the [Go Versions Supported](https://github.com/googleapis/google-cloud-go#go-versions-supported) -section in the root directory's README. - -## Contributing - -Contributions are welcome. Please, see the [CONTRIBUTING](https://github.com/GoogleCloudPlatform/google-cloud-go/blob/main/CONTRIBUTING.md) -document for details. - -Please note that this project is released with a Contributor Code of Conduct. -By participating in this project you agree to abide by its terms. See -[Contributor Code of Conduct](https://github.com/GoogleCloudPlatform/google-cloud-go/blob/main/CONTRIBUTING.md#contributor-code-of-conduct) -for more information. diff --git a/vendor/cloud.google.com/go/compute/metadata/log.go b/vendor/cloud.google.com/go/compute/metadata/log.go deleted file mode 100644 index 8ec673b8..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/log.go +++ /dev/null @@ -1,149 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package metadata - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "log/slog" - "net/http" - "strings" -) - -// Code below this point is copied from github.com/googleapis/gax-go/v2/internallog -// to avoid the dependency. The compute/metadata module is used by too many -// non-client library modules that can't justify the dependency. - -// The handler returned if logging is not enabled. -type noOpHandler struct{} - -func (h noOpHandler) Enabled(_ context.Context, _ slog.Level) bool { - return false -} - -func (h noOpHandler) Handle(_ context.Context, _ slog.Record) error { - return nil -} - -func (h noOpHandler) WithAttrs(_ []slog.Attr) slog.Handler { - return h -} - -func (h noOpHandler) WithGroup(_ string) slog.Handler { - return h -} - -// httpRequest returns a lazily evaluated [slog.LogValuer] for a -// [http.Request] and the associated body. -func httpRequest(req *http.Request, body []byte) slog.LogValuer { - return &request{ - req: req, - payload: body, - } -} - -type request struct { - req *http.Request - payload []byte -} - -func (r *request) LogValue() slog.Value { - if r == nil || r.req == nil { - return slog.Value{} - } - var groupValueAttrs []slog.Attr - groupValueAttrs = append(groupValueAttrs, slog.String("method", r.req.Method)) - groupValueAttrs = append(groupValueAttrs, slog.String("url", r.req.URL.String())) - - var headerAttr []slog.Attr - for k, val := range r.req.Header { - headerAttr = append(headerAttr, slog.String(k, strings.Join(val, ","))) - } - if len(headerAttr) > 0 { - groupValueAttrs = append(groupValueAttrs, slog.Any("headers", headerAttr)) - } - - if len(r.payload) > 0 { - if attr, ok := processPayload(r.payload); ok { - groupValueAttrs = append(groupValueAttrs, attr) - } - } - return slog.GroupValue(groupValueAttrs...) -} - -// httpResponse returns a lazily evaluated [slog.LogValuer] for a -// [http.Response] and the associated body. -func httpResponse(resp *http.Response, body []byte) slog.LogValuer { - return &response{ - resp: resp, - payload: body, - } -} - -type response struct { - resp *http.Response - payload []byte -} - -func (r *response) LogValue() slog.Value { - if r == nil { - return slog.Value{} - } - var groupValueAttrs []slog.Attr - groupValueAttrs = append(groupValueAttrs, slog.String("status", fmt.Sprint(r.resp.StatusCode))) - - var headerAttr []slog.Attr - for k, val := range r.resp.Header { - headerAttr = append(headerAttr, slog.String(k, strings.Join(val, ","))) - } - if len(headerAttr) > 0 { - groupValueAttrs = append(groupValueAttrs, slog.Any("headers", headerAttr)) - } - - if len(r.payload) > 0 { - if attr, ok := processPayload(r.payload); ok { - groupValueAttrs = append(groupValueAttrs, attr) - } - } - return slog.GroupValue(groupValueAttrs...) -} - -func processPayload(payload []byte) (slog.Attr, bool) { - peekChar := payload[0] - if peekChar == '{' { - // JSON object - var m map[string]any - if err := json.Unmarshal(payload, &m); err == nil { - return slog.Any("payload", m), true - } - } else if peekChar == '[' { - // JSON array - var m []any - if err := json.Unmarshal(payload, &m); err == nil { - return slog.Any("payload", m), true - } - } else { - // Everything else - buf := &bytes.Buffer{} - if err := json.Compact(buf, payload); err != nil { - // Write raw payload incase of error - buf.Write(payload) - } - return slog.String("payload", buf.String()), true - } - return slog.Attr{}, false -} diff --git a/vendor/cloud.google.com/go/compute/metadata/metadata.go b/vendor/cloud.google.com/go/compute/metadata/metadata.go deleted file mode 100644 index 4c18a383..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/metadata.go +++ /dev/null @@ -1,872 +0,0 @@ -// Copyright 2014 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package metadata provides access to Google Compute Engine (GCE) -// metadata and API service accounts. -// -// This package is a wrapper around the GCE metadata service, -// as documented at https://cloud.google.com/compute/docs/metadata/overview. -package metadata // import "cloud.google.com/go/compute/metadata" - -import ( - "context" - "encoding/json" - "fmt" - "io" - "log/slog" - "net" - "net/http" - "net/url" - "os" - "strings" - "sync" - "time" -) - -const ( - // metadataIP is the documented metadata server IP address. - metadataIP = "169.254.169.254" - - // metadataHostEnv is the environment variable specifying the - // GCE metadata hostname. If empty, the default value of - // metadataIP ("169.254.169.254") is used instead. - // This is variable name is not defined by any spec, as far as - // I know; it was made up for the Go package. - metadataHostEnv = "GCE_METADATA_HOST" - - userAgent = "gcloud-golang/0.1" -) - -type cachedValue struct { - k string - trim bool - mu sync.Mutex - v string -} - -var ( - projID = &cachedValue{k: "project/project-id", trim: true} - projNum = &cachedValue{k: "project/numeric-project-id", trim: true} - instID = &cachedValue{k: "instance/id", trim: true} -) - -var defaultClient = &Client{ - hc: newDefaultHTTPClient(), - logger: slog.New(noOpHandler{}), -} - -func newDefaultHTTPClient() *http.Client { - return &http.Client{ - Transport: &http.Transport{ - Dial: (&net.Dialer{ - Timeout: 2 * time.Second, - KeepAlive: 30 * time.Second, - }).Dial, - IdleConnTimeout: 60 * time.Second, - }, - Timeout: 5 * time.Second, - } -} - -// NotDefinedError is returned when requested metadata is not defined. -// -// The underlying string is the suffix after "/computeMetadata/v1/". -// -// This error is not returned if the value is defined to be the empty -// string. -type NotDefinedError string - -func (suffix NotDefinedError) Error() string { - return fmt.Sprintf("metadata: GCE metadata %q not defined", string(suffix)) -} - -func (c *cachedValue) get(ctx context.Context, cl *Client) (v string, err error) { - defer c.mu.Unlock() - c.mu.Lock() - if c.v != "" { - return c.v, nil - } - if c.trim { - v, err = cl.getTrimmed(ctx, c.k) - } else { - v, err = cl.GetWithContext(ctx, c.k) - } - if err == nil { - c.v = v - } - return -} - -var ( - onGCEOnce sync.Once - onGCE bool -) - -// OnGCE reports whether this process is running on Google Compute Platforms. -// NOTE: True returned from `OnGCE` does not guarantee that the metadata server -// is accessible from this process and have all the metadata defined. -func OnGCE() bool { - onGCEOnce.Do(initOnGCE) - return onGCE -} - -func initOnGCE() { - onGCE = testOnGCE() -} - -func testOnGCE() bool { - // The user explicitly said they're on GCE, so trust them. - if os.Getenv(metadataHostEnv) != "" { - return true - } - - ctx, cancel := context.WithCancel(context.Background()) - defer cancel() - - resc := make(chan bool, 2) - - // Try two strategies in parallel. - // See https://github.com/googleapis/google-cloud-go/issues/194 - go func() { - req, _ := http.NewRequest("GET", "http://"+metadataIP, nil) - req.Header.Set("User-Agent", userAgent) - res, err := newDefaultHTTPClient().Do(req.WithContext(ctx)) - if err != nil { - resc <- false - return - } - defer res.Body.Close() - resc <- res.Header.Get("Metadata-Flavor") == "Google" - }() - - go func() { - resolver := &net.Resolver{} - addrs, err := resolver.LookupHost(ctx, "metadata.google.internal.") - if err != nil || len(addrs) == 0 { - resc <- false - return - } - resc <- strsContains(addrs, metadataIP) - }() - - tryHarder := systemInfoSuggestsGCE() - if tryHarder { - res := <-resc - if res { - // The first strategy succeeded, so let's use it. - return true - } - // Wait for either the DNS or metadata server probe to - // contradict the other one and say we are running on - // GCE. Give it a lot of time to do so, since the system - // info already suggests we're running on a GCE BIOS. - timer := time.NewTimer(5 * time.Second) - defer timer.Stop() - select { - case res = <-resc: - return res - case <-timer.C: - // Too slow. Who knows what this system is. - return false - } - } - - // There's no hint from the system info that we're running on - // GCE, so use the first probe's result as truth, whether it's - // true or false. The goal here is to optimize for speed for - // users who are NOT running on GCE. We can't assume that - // either a DNS lookup or an HTTP request to a blackholed IP - // address is fast. Worst case this should return when the - // metaClient's Transport.ResponseHeaderTimeout or - // Transport.Dial.Timeout fires (in two seconds). - return <-resc -} - -// Subscribe calls Client.SubscribeWithContext on the default client. -// -// Deprecated: Please use the context aware variant [SubscribeWithContext]. -func Subscribe(suffix string, fn func(v string, ok bool) error) error { - return defaultClient.SubscribeWithContext(context.Background(), suffix, func(ctx context.Context, v string, ok bool) error { return fn(v, ok) }) -} - -// SubscribeWithContext calls Client.SubscribeWithContext on the default client. -func SubscribeWithContext(ctx context.Context, suffix string, fn func(ctx context.Context, v string, ok bool) error) error { - return defaultClient.SubscribeWithContext(ctx, suffix, fn) -} - -// Get calls Client.GetWithContext on the default client. -// -// Deprecated: Please use the context aware variant [GetWithContext]. -func Get(suffix string) (string, error) { - return defaultClient.GetWithContext(context.Background(), suffix) -} - -// GetWithContext calls Client.GetWithContext on the default client. -func GetWithContext(ctx context.Context, suffix string) (string, error) { - return defaultClient.GetWithContext(ctx, suffix) -} - -// ProjectID returns the current instance's project ID string. -// -// Deprecated: Please use the context aware variant [ProjectIDWithContext]. -func ProjectID() (string, error) { - return defaultClient.ProjectIDWithContext(context.Background()) -} - -// ProjectIDWithContext returns the current instance's project ID string. -func ProjectIDWithContext(ctx context.Context) (string, error) { - return defaultClient.ProjectIDWithContext(ctx) -} - -// NumericProjectID returns the current instance's numeric project ID. -// -// Deprecated: Please use the context aware variant [NumericProjectIDWithContext]. -func NumericProjectID() (string, error) { - return defaultClient.NumericProjectIDWithContext(context.Background()) -} - -// NumericProjectIDWithContext returns the current instance's numeric project ID. -func NumericProjectIDWithContext(ctx context.Context) (string, error) { - return defaultClient.NumericProjectIDWithContext(ctx) -} - -// InternalIP returns the instance's primary internal IP address. -// -// Deprecated: Please use the context aware variant [InternalIPWithContext]. -func InternalIP() (string, error) { - return defaultClient.InternalIPWithContext(context.Background()) -} - -// InternalIPWithContext returns the instance's primary internal IP address. -func InternalIPWithContext(ctx context.Context) (string, error) { - return defaultClient.InternalIPWithContext(ctx) -} - -// ExternalIP returns the instance's primary external (public) IP address. -// -// Deprecated: Please use the context aware variant [ExternalIPWithContext]. -func ExternalIP() (string, error) { - return defaultClient.ExternalIPWithContext(context.Background()) -} - -// ExternalIPWithContext returns the instance's primary external (public) IP address. -func ExternalIPWithContext(ctx context.Context) (string, error) { - return defaultClient.ExternalIPWithContext(ctx) -} - -// Email calls Client.EmailWithContext on the default client. -// -// Deprecated: Please use the context aware variant [EmailWithContext]. -func Email(serviceAccount string) (string, error) { - return defaultClient.EmailWithContext(context.Background(), serviceAccount) -} - -// EmailWithContext calls Client.EmailWithContext on the default client. -func EmailWithContext(ctx context.Context, serviceAccount string) (string, error) { - return defaultClient.EmailWithContext(ctx, serviceAccount) -} - -// Hostname returns the instance's hostname. This will be of the form -// ".c..internal". -// -// Deprecated: Please use the context aware variant [HostnameWithContext]. -func Hostname() (string, error) { - return defaultClient.HostnameWithContext(context.Background()) -} - -// HostnameWithContext returns the instance's hostname. This will be of the form -// ".c..internal". -func HostnameWithContext(ctx context.Context) (string, error) { - return defaultClient.HostnameWithContext(ctx) -} - -// InstanceTags returns the list of user-defined instance tags, -// assigned when initially creating a GCE instance. -// -// Deprecated: Please use the context aware variant [InstanceTagsWithContext]. -func InstanceTags() ([]string, error) { - return defaultClient.InstanceTagsWithContext(context.Background()) -} - -// InstanceTagsWithContext returns the list of user-defined instance tags, -// assigned when initially creating a GCE instance. -func InstanceTagsWithContext(ctx context.Context) ([]string, error) { - return defaultClient.InstanceTagsWithContext(ctx) -} - -// InstanceID returns the current VM's numeric instance ID. -// -// Deprecated: Please use the context aware variant [InstanceIDWithContext]. -func InstanceID() (string, error) { - return defaultClient.InstanceIDWithContext(context.Background()) -} - -// InstanceIDWithContext returns the current VM's numeric instance ID. -func InstanceIDWithContext(ctx context.Context) (string, error) { - return defaultClient.InstanceIDWithContext(ctx) -} - -// InstanceName returns the current VM's instance ID string. -// -// Deprecated: Please use the context aware variant [InstanceNameWithContext]. -func InstanceName() (string, error) { - return defaultClient.InstanceNameWithContext(context.Background()) -} - -// InstanceNameWithContext returns the current VM's instance ID string. -func InstanceNameWithContext(ctx context.Context) (string, error) { - return defaultClient.InstanceNameWithContext(ctx) -} - -// Zone returns the current VM's zone, such as "us-central1-b". -// -// Deprecated: Please use the context aware variant [ZoneWithContext]. -func Zone() (string, error) { - return defaultClient.ZoneWithContext(context.Background()) -} - -// ZoneWithContext returns the current VM's zone, such as "us-central1-b". -func ZoneWithContext(ctx context.Context) (string, error) { - return defaultClient.ZoneWithContext(ctx) -} - -// InstanceAttributes calls Client.InstanceAttributesWithContext on the default client. -// -// Deprecated: Please use the context aware variant [InstanceAttributesWithContext. -func InstanceAttributes() ([]string, error) { - return defaultClient.InstanceAttributesWithContext(context.Background()) -} - -// InstanceAttributesWithContext calls Client.ProjectAttributesWithContext on the default client. -func InstanceAttributesWithContext(ctx context.Context) ([]string, error) { - return defaultClient.InstanceAttributesWithContext(ctx) -} - -// ProjectAttributes calls Client.ProjectAttributesWithContext on the default client. -// -// Deprecated: Please use the context aware variant [ProjectAttributesWithContext]. -func ProjectAttributes() ([]string, error) { - return defaultClient.ProjectAttributesWithContext(context.Background()) -} - -// ProjectAttributesWithContext calls Client.ProjectAttributesWithContext on the default client. -func ProjectAttributesWithContext(ctx context.Context) ([]string, error) { - return defaultClient.ProjectAttributesWithContext(ctx) -} - -// InstanceAttributeValue calls Client.InstanceAttributeValueWithContext on the default client. -// -// Deprecated: Please use the context aware variant [InstanceAttributeValueWithContext]. -func InstanceAttributeValue(attr string) (string, error) { - return defaultClient.InstanceAttributeValueWithContext(context.Background(), attr) -} - -// InstanceAttributeValueWithContext calls Client.InstanceAttributeValueWithContext on the default client. -func InstanceAttributeValueWithContext(ctx context.Context, attr string) (string, error) { - return defaultClient.InstanceAttributeValueWithContext(ctx, attr) -} - -// ProjectAttributeValue calls Client.ProjectAttributeValueWithContext on the default client. -// -// Deprecated: Please use the context aware variant [ProjectAttributeValueWithContext]. -func ProjectAttributeValue(attr string) (string, error) { - return defaultClient.ProjectAttributeValueWithContext(context.Background(), attr) -} - -// ProjectAttributeValueWithContext calls Client.ProjectAttributeValueWithContext on the default client. -func ProjectAttributeValueWithContext(ctx context.Context, attr string) (string, error) { - return defaultClient.ProjectAttributeValueWithContext(ctx, attr) -} - -// Scopes calls Client.ScopesWithContext on the default client. -// -// Deprecated: Please use the context aware variant [ScopesWithContext]. -func Scopes(serviceAccount string) ([]string, error) { - return defaultClient.ScopesWithContext(context.Background(), serviceAccount) -} - -// ScopesWithContext calls Client.ScopesWithContext on the default client. -func ScopesWithContext(ctx context.Context, serviceAccount string) ([]string, error) { - return defaultClient.ScopesWithContext(ctx, serviceAccount) -} - -func strsContains(ss []string, s string) bool { - for _, v := range ss { - if v == s { - return true - } - } - return false -} - -// A Client provides metadata. -type Client struct { - hc *http.Client - logger *slog.Logger -} - -// Options for configuring a [Client]. -type Options struct { - // Client is the HTTP client used to make requests. Optional. - Client *http.Client - // Logger is used to log information about HTTP request and responses. - // If not provided, nothing will be logged. Optional. - Logger *slog.Logger -} - -// NewClient returns a Client that can be used to fetch metadata. -// Returns the client that uses the specified http.Client for HTTP requests. -// If nil is specified, returns the default client. -func NewClient(c *http.Client) *Client { - return NewWithOptions(&Options{ - Client: c, - }) -} - -// NewWithOptions returns a Client that is configured with the provided Options. -func NewWithOptions(opts *Options) *Client { - if opts == nil { - return defaultClient - } - client := opts.Client - if client == nil { - client = newDefaultHTTPClient() - } - logger := opts.Logger - if logger == nil { - logger = slog.New(noOpHandler{}) - } - return &Client{hc: client, logger: logger} -} - -// getETag returns a value from the metadata service as well as the associated ETag. -// This func is otherwise equivalent to Get. -func (c *Client) getETag(ctx context.Context, suffix string) (value, etag string, err error) { - // Using a fixed IP makes it very difficult to spoof the metadata service in - // a container, which is an important use-case for local testing of cloud - // deployments. To enable spoofing of the metadata service, the environment - // variable GCE_METADATA_HOST is first inspected to decide where metadata - // requests shall go. - host := os.Getenv(metadataHostEnv) - if host == "" { - // Using 169.254.169.254 instead of "metadata" here because Go - // binaries built with the "netgo" tag and without cgo won't - // know the search suffix for "metadata" is - // ".google.internal", and this IP address is documented as - // being stable anyway. - host = metadataIP - } - suffix = strings.TrimLeft(suffix, "/") - u := "http://" + host + "/computeMetadata/v1/" + suffix - req, err := http.NewRequestWithContext(ctx, "GET", u, nil) - if err != nil { - return "", "", err - } - req.Header.Set("Metadata-Flavor", "Google") - req.Header.Set("User-Agent", userAgent) - var res *http.Response - var reqErr error - var body []byte - retryer := newRetryer() - for { - c.logger.DebugContext(ctx, "metadata request", "request", httpRequest(req, nil)) - res, reqErr = c.hc.Do(req) - var code int - if res != nil { - code = res.StatusCode - body, err = io.ReadAll(res.Body) - if err != nil { - res.Body.Close() - return "", "", err - } - c.logger.DebugContext(ctx, "metadata response", "response", httpResponse(res, body)) - res.Body.Close() - } - if delay, shouldRetry := retryer.Retry(code, reqErr); shouldRetry { - if res != nil && res.Body != nil { - res.Body.Close() - } - if err := sleep(ctx, delay); err != nil { - return "", "", err - } - continue - } - break - } - if reqErr != nil { - return "", "", reqErr - } - if res.StatusCode == http.StatusNotFound { - return "", "", NotDefinedError(suffix) - } - if res.StatusCode != 200 { - return "", "", &Error{Code: res.StatusCode, Message: string(body)} - } - return string(body), res.Header.Get("Etag"), nil -} - -// Get returns a value from the metadata service. -// The suffix is appended to "http://${GCE_METADATA_HOST}/computeMetadata/v1/". -// -// If the GCE_METADATA_HOST environment variable is not defined, a default of -// 169.254.169.254 will be used instead. -// -// If the requested metadata is not defined, the returned error will -// be of type NotDefinedError. -// -// Deprecated: Please use the context aware variant [Client.GetWithContext]. -func (c *Client) Get(suffix string) (string, error) { - return c.GetWithContext(context.Background(), suffix) -} - -// GetWithContext returns a value from the metadata service. -// The suffix is appended to "http://${GCE_METADATA_HOST}/computeMetadata/v1/". -// -// If the GCE_METADATA_HOST environment variable is not defined, a default of -// 169.254.169.254 will be used instead. -// -// If the requested metadata is not defined, the returned error will -// be of type NotDefinedError. -// -// NOTE: Without an extra deadline in the context this call can take in the -// worst case, with internal backoff retries, up to 15 seconds (e.g. when server -// is responding slowly). Pass context with additional timeouts when needed. -func (c *Client) GetWithContext(ctx context.Context, suffix string) (string, error) { - val, _, err := c.getETag(ctx, suffix) - return val, err -} - -func (c *Client) getTrimmed(ctx context.Context, suffix string) (s string, err error) { - s, err = c.GetWithContext(ctx, suffix) - s = strings.TrimSpace(s) - return -} - -func (c *Client) lines(ctx context.Context, suffix string) ([]string, error) { - j, err := c.GetWithContext(ctx, suffix) - if err != nil { - return nil, err - } - s := strings.Split(strings.TrimSpace(j), "\n") - for i := range s { - s[i] = strings.TrimSpace(s[i]) - } - return s, nil -} - -// ProjectID returns the current instance's project ID string. -// -// Deprecated: Please use the context aware variant [Client.ProjectIDWithContext]. -func (c *Client) ProjectID() (string, error) { return c.ProjectIDWithContext(context.Background()) } - -// ProjectIDWithContext returns the current instance's project ID string. -func (c *Client) ProjectIDWithContext(ctx context.Context) (string, error) { return projID.get(ctx, c) } - -// NumericProjectID returns the current instance's numeric project ID. -// -// Deprecated: Please use the context aware variant [Client.NumericProjectIDWithContext]. -func (c *Client) NumericProjectID() (string, error) { - return c.NumericProjectIDWithContext(context.Background()) -} - -// NumericProjectIDWithContext returns the current instance's numeric project ID. -func (c *Client) NumericProjectIDWithContext(ctx context.Context) (string, error) { - return projNum.get(ctx, c) -} - -// InstanceID returns the current VM's numeric instance ID. -// -// Deprecated: Please use the context aware variant [Client.InstanceIDWithContext]. -func (c *Client) InstanceID() (string, error) { - return c.InstanceIDWithContext(context.Background()) -} - -// InstanceIDWithContext returns the current VM's numeric instance ID. -func (c *Client) InstanceIDWithContext(ctx context.Context) (string, error) { - return instID.get(ctx, c) -} - -// InternalIP returns the instance's primary internal IP address. -// -// Deprecated: Please use the context aware variant [Client.InternalIPWithContext]. -func (c *Client) InternalIP() (string, error) { - return c.InternalIPWithContext(context.Background()) -} - -// InternalIPWithContext returns the instance's primary internal IP address. -func (c *Client) InternalIPWithContext(ctx context.Context) (string, error) { - return c.getTrimmed(ctx, "instance/network-interfaces/0/ip") -} - -// Email returns the email address associated with the service account. -// -// Deprecated: Please use the context aware variant [Client.EmailWithContext]. -func (c *Client) Email(serviceAccount string) (string, error) { - return c.EmailWithContext(context.Background(), serviceAccount) -} - -// EmailWithContext returns the email address associated with the service account. -// The serviceAccount parameter default value (empty string or "default" value) -// will use the instance's main account. -func (c *Client) EmailWithContext(ctx context.Context, serviceAccount string) (string, error) { - if serviceAccount == "" { - serviceAccount = "default" - } - return c.getTrimmed(ctx, "instance/service-accounts/"+serviceAccount+"/email") -} - -// ExternalIP returns the instance's primary external (public) IP address. -// -// Deprecated: Please use the context aware variant [Client.ExternalIPWithContext]. -func (c *Client) ExternalIP() (string, error) { - return c.ExternalIPWithContext(context.Background()) -} - -// ExternalIPWithContext returns the instance's primary external (public) IP address. -func (c *Client) ExternalIPWithContext(ctx context.Context) (string, error) { - return c.getTrimmed(ctx, "instance/network-interfaces/0/access-configs/0/external-ip") -} - -// Hostname returns the instance's hostname. This will be of the form -// ".c..internal". -// -// Deprecated: Please use the context aware variant [Client.HostnameWithContext]. -func (c *Client) Hostname() (string, error) { - return c.HostnameWithContext(context.Background()) -} - -// HostnameWithContext returns the instance's hostname. This will be of the form -// ".c..internal". -func (c *Client) HostnameWithContext(ctx context.Context) (string, error) { - return c.getTrimmed(ctx, "instance/hostname") -} - -// InstanceTags returns the list of user-defined instance tags. -// -// Deprecated: Please use the context aware variant [Client.InstanceTagsWithContext]. -func (c *Client) InstanceTags() ([]string, error) { - return c.InstanceTagsWithContext(context.Background()) -} - -// InstanceTagsWithContext returns the list of user-defined instance tags, -// assigned when initially creating a GCE instance. -func (c *Client) InstanceTagsWithContext(ctx context.Context) ([]string, error) { - var s []string - j, err := c.GetWithContext(ctx, "instance/tags") - if err != nil { - return nil, err - } - if err := json.NewDecoder(strings.NewReader(j)).Decode(&s); err != nil { - return nil, err - } - return s, nil -} - -// InstanceName returns the current VM's instance ID string. -// -// Deprecated: Please use the context aware variant [Client.InstanceNameWithContext]. -func (c *Client) InstanceName() (string, error) { - return c.InstanceNameWithContext(context.Background()) -} - -// InstanceNameWithContext returns the current VM's instance ID string. -func (c *Client) InstanceNameWithContext(ctx context.Context) (string, error) { - return c.getTrimmed(ctx, "instance/name") -} - -// Zone returns the current VM's zone, such as "us-central1-b". -// -// Deprecated: Please use the context aware variant [Client.ZoneWithContext]. -func (c *Client) Zone() (string, error) { - return c.ZoneWithContext(context.Background()) -} - -// ZoneWithContext returns the current VM's zone, such as "us-central1-b". -func (c *Client) ZoneWithContext(ctx context.Context) (string, error) { - zone, err := c.getTrimmed(ctx, "instance/zone") - // zone is of the form "projects//zones/". - if err != nil { - return "", err - } - return zone[strings.LastIndex(zone, "/")+1:], nil -} - -// InstanceAttributes returns the list of user-defined attributes, -// assigned when initially creating a GCE VM instance. The value of an -// attribute can be obtained with InstanceAttributeValue. -// -// Deprecated: Please use the context aware variant [Client.InstanceAttributesWithContext]. -func (c *Client) InstanceAttributes() ([]string, error) { - return c.InstanceAttributesWithContext(context.Background()) -} - -// InstanceAttributesWithContext returns the list of user-defined attributes, -// assigned when initially creating a GCE VM instance. The value of an -// attribute can be obtained with InstanceAttributeValue. -func (c *Client) InstanceAttributesWithContext(ctx context.Context) ([]string, error) { - return c.lines(ctx, "instance/attributes/") -} - -// ProjectAttributes returns the list of user-defined attributes -// applying to the project as a whole, not just this VM. The value of -// an attribute can be obtained with ProjectAttributeValue. -// -// Deprecated: Please use the context aware variant [Client.ProjectAttributesWithContext]. -func (c *Client) ProjectAttributes() ([]string, error) { - return c.ProjectAttributesWithContext(context.Background()) -} - -// ProjectAttributesWithContext returns the list of user-defined attributes -// applying to the project as a whole, not just this VM. The value of -// an attribute can be obtained with ProjectAttributeValue. -func (c *Client) ProjectAttributesWithContext(ctx context.Context) ([]string, error) { - return c.lines(ctx, "project/attributes/") -} - -// InstanceAttributeValue returns the value of the provided VM -// instance attribute. -// -// If the requested attribute is not defined, the returned error will -// be of type NotDefinedError. -// -// InstanceAttributeValue may return ("", nil) if the attribute was -// defined to be the empty string. -// -// Deprecated: Please use the context aware variant [Client.InstanceAttributeValueWithContext]. -func (c *Client) InstanceAttributeValue(attr string) (string, error) { - return c.InstanceAttributeValueWithContext(context.Background(), attr) -} - -// InstanceAttributeValueWithContext returns the value of the provided VM -// instance attribute. -// -// If the requested attribute is not defined, the returned error will -// be of type NotDefinedError. -// -// InstanceAttributeValue may return ("", nil) if the attribute was -// defined to be the empty string. -func (c *Client) InstanceAttributeValueWithContext(ctx context.Context, attr string) (string, error) { - return c.GetWithContext(ctx, "instance/attributes/"+attr) -} - -// ProjectAttributeValue returns the value of the provided -// project attribute. -// -// If the requested attribute is not defined, the returned error will -// be of type NotDefinedError. -// -// ProjectAttributeValue may return ("", nil) if the attribute was -// defined to be the empty string. -// -// Deprecated: Please use the context aware variant [Client.ProjectAttributeValueWithContext]. -func (c *Client) ProjectAttributeValue(attr string) (string, error) { - return c.ProjectAttributeValueWithContext(context.Background(), attr) -} - -// ProjectAttributeValueWithContext returns the value of the provided -// project attribute. -// -// If the requested attribute is not defined, the returned error will -// be of type NotDefinedError. -// -// ProjectAttributeValue may return ("", nil) if the attribute was -// defined to be the empty string. -func (c *Client) ProjectAttributeValueWithContext(ctx context.Context, attr string) (string, error) { - return c.GetWithContext(ctx, "project/attributes/"+attr) -} - -// Scopes returns the service account scopes for the given account. -// The account may be empty or the string "default" to use the instance's -// main account. -// -// Deprecated: Please use the context aware variant [Client.ScopesWithContext]. -func (c *Client) Scopes(serviceAccount string) ([]string, error) { - return c.ScopesWithContext(context.Background(), serviceAccount) -} - -// ScopesWithContext returns the service account scopes for the given account. -// The account may be empty or the string "default" to use the instance's -// main account. -func (c *Client) ScopesWithContext(ctx context.Context, serviceAccount string) ([]string, error) { - if serviceAccount == "" { - serviceAccount = "default" - } - return c.lines(ctx, "instance/service-accounts/"+serviceAccount+"/scopes") -} - -// Subscribe subscribes to a value from the metadata service. -// The suffix is appended to "http://${GCE_METADATA_HOST}/computeMetadata/v1/". -// The suffix may contain query parameters. -// -// Deprecated: Please use the context aware variant [Client.SubscribeWithContext]. -func (c *Client) Subscribe(suffix string, fn func(v string, ok bool) error) error { - return c.SubscribeWithContext(context.Background(), suffix, func(ctx context.Context, v string, ok bool) error { return fn(v, ok) }) -} - -// SubscribeWithContext subscribes to a value from the metadata service. -// The suffix is appended to "http://${GCE_METADATA_HOST}/computeMetadata/v1/". -// The suffix may contain query parameters. -// -// SubscribeWithContext calls fn with the latest metadata value indicated by the -// provided suffix. If the metadata value is deleted, fn is called with the -// empty string and ok false. Subscribe blocks until fn returns a non-nil error -// or the value is deleted. Subscribe returns the error value returned from the -// last call to fn, which may be nil when ok == false. -func (c *Client) SubscribeWithContext(ctx context.Context, suffix string, fn func(ctx context.Context, v string, ok bool) error) error { - const failedSubscribeSleep = time.Second * 5 - - // First check to see if the metadata value exists at all. - val, lastETag, err := c.getETag(ctx, suffix) - if err != nil { - return err - } - - if err := fn(ctx, val, true); err != nil { - return err - } - - ok := true - if strings.ContainsRune(suffix, '?') { - suffix += "&wait_for_change=true&last_etag=" - } else { - suffix += "?wait_for_change=true&last_etag=" - } - for { - val, etag, err := c.getETag(ctx, suffix+url.QueryEscape(lastETag)) - if err != nil { - if _, deleted := err.(NotDefinedError); !deleted { - time.Sleep(failedSubscribeSleep) - continue // Retry on other errors. - } - ok = false - } - lastETag = etag - - if err := fn(ctx, val, ok); err != nil || !ok { - return err - } - } -} - -// Error contains an error response from the server. -type Error struct { - // Code is the HTTP response status code. - Code int - // Message is the server response message. - Message string -} - -func (e *Error) Error() string { - return fmt.Sprintf("compute: Received %d `%s`", e.Code, e.Message) -} diff --git a/vendor/cloud.google.com/go/compute/metadata/retry.go b/vendor/cloud.google.com/go/compute/metadata/retry.go deleted file mode 100644 index 3d4bc75d..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/retry.go +++ /dev/null @@ -1,114 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package metadata - -import ( - "context" - "io" - "math/rand" - "net/http" - "time" -) - -const ( - maxRetryAttempts = 5 -) - -var ( - syscallRetryable = func(error) bool { return false } -) - -// defaultBackoff is basically equivalent to gax.Backoff without the need for -// the dependency. -type defaultBackoff struct { - max time.Duration - mul float64 - cur time.Duration -} - -func (b *defaultBackoff) Pause() time.Duration { - d := time.Duration(1 + rand.Int63n(int64(b.cur))) - b.cur = time.Duration(float64(b.cur) * b.mul) - if b.cur > b.max { - b.cur = b.max - } - return d -} - -// sleep is the equivalent of gax.Sleep without the need for the dependency. -func sleep(ctx context.Context, d time.Duration) error { - t := time.NewTimer(d) - select { - case <-ctx.Done(): - t.Stop() - return ctx.Err() - case <-t.C: - return nil - } -} - -func newRetryer() *metadataRetryer { - return &metadataRetryer{bo: &defaultBackoff{ - cur: 100 * time.Millisecond, - max: 30 * time.Second, - mul: 2, - }} -} - -type backoff interface { - Pause() time.Duration -} - -type metadataRetryer struct { - bo backoff - attempts int -} - -func (r *metadataRetryer) Retry(status int, err error) (time.Duration, bool) { - if status == http.StatusOK { - return 0, false - } - retryOk := shouldRetry(status, err) - if !retryOk { - return 0, false - } - if r.attempts == maxRetryAttempts { - return 0, false - } - r.attempts++ - return r.bo.Pause(), true -} - -func shouldRetry(status int, err error) bool { - if 500 <= status && status <= 599 { - return true - } - if err == io.ErrUnexpectedEOF { - return true - } - // Transient network errors should be retried. - if syscallRetryable(err) { - return true - } - if err, ok := err.(interface{ Temporary() bool }); ok { - if err.Temporary() { - return true - } - } - if err, ok := err.(interface{ Unwrap() error }); ok { - return shouldRetry(status, err.Unwrap()) - } - return false -} diff --git a/vendor/cloud.google.com/go/compute/metadata/retry_linux.go b/vendor/cloud.google.com/go/compute/metadata/retry_linux.go deleted file mode 100644 index 2e53f012..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/retry_linux.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright 2021 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//go:build linux -// +build linux - -package metadata - -import ( - "errors" - "syscall" -) - -func init() { - // Initialize syscallRetryable to return true on transient socket-level - // errors. These errors are specific to Linux. - syscallRetryable = func(err error) bool { - return errors.Is(err, syscall.ECONNRESET) || errors.Is(err, syscall.ECONNREFUSED) - } -} diff --git a/vendor/cloud.google.com/go/compute/metadata/syscheck.go b/vendor/cloud.google.com/go/compute/metadata/syscheck.go deleted file mode 100644 index e0704fa6..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/syscheck.go +++ /dev/null @@ -1,26 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//go:build !windows && !linux - -package metadata - -// systemInfoSuggestsGCE reports whether the local system (without -// doing network requests) suggests that we're running on GCE. If this -// returns true, testOnGCE tries a bit harder to reach its metadata -// server. -func systemInfoSuggestsGCE() bool { - // We don't currently have checks for other GOOS - return false -} diff --git a/vendor/cloud.google.com/go/compute/metadata/syscheck_linux.go b/vendor/cloud.google.com/go/compute/metadata/syscheck_linux.go deleted file mode 100644 index 74689acb..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/syscheck_linux.go +++ /dev/null @@ -1,28 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//go:build linux - -package metadata - -import ( - "os" - "strings" -) - -func systemInfoSuggestsGCE() bool { - b, _ := os.ReadFile("/sys/class/dmi/id/product_name") - name := strings.TrimSpace(string(b)) - return name == "Google" || name == "Google Compute Engine" -} diff --git a/vendor/cloud.google.com/go/compute/metadata/syscheck_windows.go b/vendor/cloud.google.com/go/compute/metadata/syscheck_windows.go deleted file mode 100644 index c0ce6278..00000000 --- a/vendor/cloud.google.com/go/compute/metadata/syscheck_windows.go +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright 2024 Google LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -//go:build windows - -package metadata - -import ( - "strings" - - "golang.org/x/sys/windows/registry" -) - -func systemInfoSuggestsGCE() bool { - k, err := registry.OpenKey(registry.LOCAL_MACHINE, `SYSTEM\HardwareConfig\Current`, registry.QUERY_VALUE) - if err != nil { - return false - } - defer k.Close() - - s, _, err := k.GetStringValue("SystemProductName") - if err != nil { - return false - } - s = strings.TrimSpace(s) - return strings.HasPrefix(s, "Google") -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/LICENSE.txt b/vendor/github.com/Azure/azure-sdk-for-go/LICENSE.txt deleted file mode 100644 index 05b0ebf5..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/LICENSE.txt +++ /dev/null @@ -1,21 +0,0 @@ -The MIT License (MIT) - -Copyright (c) Microsoft Corporation. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/vendor/github.com/Azure/azure-sdk-for-go/NOTICE.txt b/vendor/github.com/Azure/azure-sdk-for-go/NOTICE.txt deleted file mode 100644 index a338672e..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/NOTICE.txt +++ /dev/null @@ -1,29 +0,0 @@ -NOTICES AND INFORMATION -Do Not Translate or Localize - -This software incorporates material from third parties. Microsoft makes certain -open source code available at https://3rdpartysource.microsoft.com, or you may -send a check or money order for US $5.00, including the product name, the open -source component name, and version number, to: - -Source Code Compliance Team -Microsoft Corporation -One Microsoft Way -Redmond, WA 98052 -USA - -Notwithstanding any other terms, you may reverse engineer this software to the -extent required to debug changes to any libraries licensed under the GNU Lesser -General Public License. - ------------------------------------------------------------------------------- - -Azure SDK for Go uses third-party libraries or other resources that may be -distributed under licenses different than the Azure SDK for Go software. - -In the event that we accidentally failed to list a required notice, please -bring it to our attention. Post an issue or email us: - - azgosdkhelp@microsoft.com - -The attached notices are provided for information only. diff --git a/vendor/github.com/Azure/azure-sdk-for-go/profiles/latest/dns/mgmt/dns/models.go b/vendor/github.com/Azure/azure-sdk-for-go/profiles/latest/dns/mgmt/dns/models.go deleted file mode 100644 index 34f8b023..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/profiles/latest/dns/mgmt/dns/models.go +++ /dev/null @@ -1,128 +0,0 @@ -//go:build go1.9 -// +build go1.9 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. - -// This code was auto-generated by: -// github.com/Azure/azure-sdk-for-go/eng/tools/profileBuilder - -package dns - -import ( - "context" - - original "github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns" -) - -const ( - DefaultBaseURI = original.DefaultBaseURI -) - -type RecordType = original.RecordType - -const ( - A RecordType = original.A - AAAA RecordType = original.AAAA - CAA RecordType = original.CAA - CNAME RecordType = original.CNAME - MX RecordType = original.MX - NS RecordType = original.NS - PTR RecordType = original.PTR - SOA RecordType = original.SOA - SRV RecordType = original.SRV - TXT RecordType = original.TXT -) - -type ZoneType = original.ZoneType - -const ( - Private ZoneType = original.Private - Public ZoneType = original.Public -) - -type ARecord = original.ARecord -type AaaaRecord = original.AaaaRecord -type BaseClient = original.BaseClient -type CaaRecord = original.CaaRecord -type CloudError = original.CloudError -type CloudErrorBody = original.CloudErrorBody -type CnameRecord = original.CnameRecord -type MxRecord = original.MxRecord -type NsRecord = original.NsRecord -type PtrRecord = original.PtrRecord -type RecordSet = original.RecordSet -type RecordSetListResult = original.RecordSetListResult -type RecordSetListResultIterator = original.RecordSetListResultIterator -type RecordSetListResultPage = original.RecordSetListResultPage -type RecordSetProperties = original.RecordSetProperties -type RecordSetUpdateParameters = original.RecordSetUpdateParameters -type RecordSetsClient = original.RecordSetsClient -type Resource = original.Resource -type ResourceReference = original.ResourceReference -type ResourceReferenceClient = original.ResourceReferenceClient -type ResourceReferenceRequest = original.ResourceReferenceRequest -type ResourceReferenceRequestProperties = original.ResourceReferenceRequestProperties -type ResourceReferenceResult = original.ResourceReferenceResult -type ResourceReferenceResultProperties = original.ResourceReferenceResultProperties -type SoaRecord = original.SoaRecord -type SrvRecord = original.SrvRecord -type SubResource = original.SubResource -type TxtRecord = original.TxtRecord -type Zone = original.Zone -type ZoneListResult = original.ZoneListResult -type ZoneListResultIterator = original.ZoneListResultIterator -type ZoneListResultPage = original.ZoneListResultPage -type ZoneProperties = original.ZoneProperties -type ZoneUpdate = original.ZoneUpdate -type ZonesClient = original.ZonesClient -type ZonesDeleteFuture = original.ZonesDeleteFuture - -func New(subscriptionID string) BaseClient { - return original.New(subscriptionID) -} -func NewRecordSetListResultIterator(page RecordSetListResultPage) RecordSetListResultIterator { - return original.NewRecordSetListResultIterator(page) -} -func NewRecordSetListResultPage(cur RecordSetListResult, getNextPage func(context.Context, RecordSetListResult) (RecordSetListResult, error)) RecordSetListResultPage { - return original.NewRecordSetListResultPage(cur, getNextPage) -} -func NewRecordSetsClient(subscriptionID string) RecordSetsClient { - return original.NewRecordSetsClient(subscriptionID) -} -func NewRecordSetsClientWithBaseURI(baseURI string, subscriptionID string) RecordSetsClient { - return original.NewRecordSetsClientWithBaseURI(baseURI, subscriptionID) -} -func NewResourceReferenceClient(subscriptionID string) ResourceReferenceClient { - return original.NewResourceReferenceClient(subscriptionID) -} -func NewResourceReferenceClientWithBaseURI(baseURI string, subscriptionID string) ResourceReferenceClient { - return original.NewResourceReferenceClientWithBaseURI(baseURI, subscriptionID) -} -func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient { - return original.NewWithBaseURI(baseURI, subscriptionID) -} -func NewZoneListResultIterator(page ZoneListResultPage) ZoneListResultIterator { - return original.NewZoneListResultIterator(page) -} -func NewZoneListResultPage(cur ZoneListResult, getNextPage func(context.Context, ZoneListResult) (ZoneListResult, error)) ZoneListResultPage { - return original.NewZoneListResultPage(cur, getNextPage) -} -func NewZonesClient(subscriptionID string) ZonesClient { - return original.NewZonesClient(subscriptionID) -} -func NewZonesClientWithBaseURI(baseURI string, subscriptionID string) ZonesClient { - return original.NewZonesClientWithBaseURI(baseURI, subscriptionID) -} -func PossibleRecordTypeValues() []RecordType { - return original.PossibleRecordTypeValues() -} -func PossibleZoneTypeValues() []ZoneType { - return original.PossibleZoneTypeValues() -} -func UserAgent() string { - return original.UserAgent() + " profiles/latest" -} -func Version() string { - return original.Version() -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/profiles/latest/privatedns/mgmt/privatedns/models.go b/vendor/github.com/Azure/azure-sdk-for-go/profiles/latest/privatedns/mgmt/privatedns/models.go deleted file mode 100644 index e11287f1..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/profiles/latest/privatedns/mgmt/privatedns/models.go +++ /dev/null @@ -1,149 +0,0 @@ -//go:build go1.9 -// +build go1.9 - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. - -// This code was auto-generated by: -// github.com/Azure/azure-sdk-for-go/eng/tools/profileBuilder - -package privatedns - -import ( - "context" - - original "github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns" -) - -const ( - DefaultBaseURI = original.DefaultBaseURI -) - -type ProvisioningState = original.ProvisioningState - -const ( - Canceled ProvisioningState = original.Canceled - Creating ProvisioningState = original.Creating - Deleting ProvisioningState = original.Deleting - Failed ProvisioningState = original.Failed - Succeeded ProvisioningState = original.Succeeded - Updating ProvisioningState = original.Updating -) - -type RecordType = original.RecordType - -const ( - A RecordType = original.A - AAAA RecordType = original.AAAA - CNAME RecordType = original.CNAME - MX RecordType = original.MX - PTR RecordType = original.PTR - SOA RecordType = original.SOA - SRV RecordType = original.SRV - TXT RecordType = original.TXT -) - -type VirtualNetworkLinkState = original.VirtualNetworkLinkState - -const ( - Completed VirtualNetworkLinkState = original.Completed - InProgress VirtualNetworkLinkState = original.InProgress -) - -type ARecord = original.ARecord -type AaaaRecord = original.AaaaRecord -type BaseClient = original.BaseClient -type CloudError = original.CloudError -type CloudErrorBody = original.CloudErrorBody -type CnameRecord = original.CnameRecord -type MxRecord = original.MxRecord -type PrivateZone = original.PrivateZone -type PrivateZoneListResult = original.PrivateZoneListResult -type PrivateZoneListResultIterator = original.PrivateZoneListResultIterator -type PrivateZoneListResultPage = original.PrivateZoneListResultPage -type PrivateZoneProperties = original.PrivateZoneProperties -type PrivateZonesClient = original.PrivateZonesClient -type PrivateZonesCreateOrUpdateFuture = original.PrivateZonesCreateOrUpdateFuture -type PrivateZonesDeleteFuture = original.PrivateZonesDeleteFuture -type PrivateZonesUpdateFuture = original.PrivateZonesUpdateFuture -type ProxyResource = original.ProxyResource -type PtrRecord = original.PtrRecord -type RecordSet = original.RecordSet -type RecordSetListResult = original.RecordSetListResult -type RecordSetListResultIterator = original.RecordSetListResultIterator -type RecordSetListResultPage = original.RecordSetListResultPage -type RecordSetProperties = original.RecordSetProperties -type RecordSetsClient = original.RecordSetsClient -type Resource = original.Resource -type SoaRecord = original.SoaRecord -type SrvRecord = original.SrvRecord -type SubResource = original.SubResource -type TrackedResource = original.TrackedResource -type TxtRecord = original.TxtRecord -type VirtualNetworkLink = original.VirtualNetworkLink -type VirtualNetworkLinkListResult = original.VirtualNetworkLinkListResult -type VirtualNetworkLinkListResultIterator = original.VirtualNetworkLinkListResultIterator -type VirtualNetworkLinkListResultPage = original.VirtualNetworkLinkListResultPage -type VirtualNetworkLinkProperties = original.VirtualNetworkLinkProperties -type VirtualNetworkLinksClient = original.VirtualNetworkLinksClient -type VirtualNetworkLinksCreateOrUpdateFuture = original.VirtualNetworkLinksCreateOrUpdateFuture -type VirtualNetworkLinksDeleteFuture = original.VirtualNetworkLinksDeleteFuture -type VirtualNetworkLinksUpdateFuture = original.VirtualNetworkLinksUpdateFuture - -func New(subscriptionID string) BaseClient { - return original.New(subscriptionID) -} -func NewPrivateZoneListResultIterator(page PrivateZoneListResultPage) PrivateZoneListResultIterator { - return original.NewPrivateZoneListResultIterator(page) -} -func NewPrivateZoneListResultPage(cur PrivateZoneListResult, getNextPage func(context.Context, PrivateZoneListResult) (PrivateZoneListResult, error)) PrivateZoneListResultPage { - return original.NewPrivateZoneListResultPage(cur, getNextPage) -} -func NewPrivateZonesClient(subscriptionID string) PrivateZonesClient { - return original.NewPrivateZonesClient(subscriptionID) -} -func NewPrivateZonesClientWithBaseURI(baseURI string, subscriptionID string) PrivateZonesClient { - return original.NewPrivateZonesClientWithBaseURI(baseURI, subscriptionID) -} -func NewRecordSetListResultIterator(page RecordSetListResultPage) RecordSetListResultIterator { - return original.NewRecordSetListResultIterator(page) -} -func NewRecordSetListResultPage(cur RecordSetListResult, getNextPage func(context.Context, RecordSetListResult) (RecordSetListResult, error)) RecordSetListResultPage { - return original.NewRecordSetListResultPage(cur, getNextPage) -} -func NewRecordSetsClient(subscriptionID string) RecordSetsClient { - return original.NewRecordSetsClient(subscriptionID) -} -func NewRecordSetsClientWithBaseURI(baseURI string, subscriptionID string) RecordSetsClient { - return original.NewRecordSetsClientWithBaseURI(baseURI, subscriptionID) -} -func NewVirtualNetworkLinkListResultIterator(page VirtualNetworkLinkListResultPage) VirtualNetworkLinkListResultIterator { - return original.NewVirtualNetworkLinkListResultIterator(page) -} -func NewVirtualNetworkLinkListResultPage(cur VirtualNetworkLinkListResult, getNextPage func(context.Context, VirtualNetworkLinkListResult) (VirtualNetworkLinkListResult, error)) VirtualNetworkLinkListResultPage { - return original.NewVirtualNetworkLinkListResultPage(cur, getNextPage) -} -func NewVirtualNetworkLinksClient(subscriptionID string) VirtualNetworkLinksClient { - return original.NewVirtualNetworkLinksClient(subscriptionID) -} -func NewVirtualNetworkLinksClientWithBaseURI(baseURI string, subscriptionID string) VirtualNetworkLinksClient { - return original.NewVirtualNetworkLinksClientWithBaseURI(baseURI, subscriptionID) -} -func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient { - return original.NewWithBaseURI(baseURI, subscriptionID) -} -func PossibleProvisioningStateValues() []ProvisioningState { - return original.PossibleProvisioningStateValues() -} -func PossibleRecordTypeValues() []RecordType { - return original.PossibleRecordTypeValues() -} -func PossibleVirtualNetworkLinkStateValues() []VirtualNetworkLinkState { - return original.PossibleVirtualNetworkLinkStateValues() -} -func UserAgent() string { - return original.UserAgent() + " profiles/latest" -} -func Version() string { - return original.Version() -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/CHANGELOG.md b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/CHANGELOG.md deleted file mode 100644 index 52911e4c..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/CHANGELOG.md +++ /dev/null @@ -1,2 +0,0 @@ -# Change History - diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/_meta.json b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/_meta.json deleted file mode 100644 index f3f56908..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/_meta.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "commit": "3c764635e7d442b3e74caf593029fcd440b3ef82", - "readme": "/_/azure-rest-api-specs/specification/dns/resource-manager/readme.md", - "tag": "package-2018-05", - "use": "@microsoft.azure/autorest.go@2.1.187", - "repository_url": "https://github.com/Azure/azure-rest-api-specs.git", - "autorest_command": "autorest --use=@microsoft.azure/autorest.go@2.1.187 --tag=package-2018-05 --go-sdk-folder=/_/azure-sdk-for-go --go --verbose --use-onever --version=2.0.4421 --go.license-header=MICROSOFT_MIT_NO_VERSION /_/azure-rest-api-specs/specification/dns/resource-manager/readme.md", - "additional_properties": { - "additional_options": "--go --verbose --use-onever --version=2.0.4421 --go.license-header=MICROSOFT_MIT_NO_VERSION" - } -} \ No newline at end of file diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/client.go deleted file mode 100644 index 8e442bba..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/client.go +++ /dev/null @@ -1,43 +0,0 @@ -// Deprecated: Please note, this package has been deprecated. A replacement package is available [github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns). We strongly encourage you to upgrade to continue receiving updates. See [Migration Guide](https://aka.ms/azsdk/golang/t2/migration) for guidance on upgrading. Refer to our [deprecation policy](https://azure.github.io/azure-sdk/policies_support.html) for more details. -// -// Package dns implements the Azure ARM Dns service API version 2018-05-01. -// -// The DNS Management Client. -package dns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "github.com/Azure/go-autorest/autorest" -) - -const ( - // DefaultBaseURI is the default URI used for the service Dns - DefaultBaseURI = "https://management.azure.com" -) - -// BaseClient is the base client for Dns. -type BaseClient struct { - autorest.Client - BaseURI string - SubscriptionID string -} - -// New creates an instance of the BaseClient client. -func New(subscriptionID string) BaseClient { - return NewWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewWithBaseURI creates an instance of the BaseClient client using a custom endpoint. Use this when interacting with -// an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient { - return BaseClient{ - Client: autorest.NewClientWithUserAgent(UserAgent()), - BaseURI: baseURI, - SubscriptionID: subscriptionID, - } -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/enums.go b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/enums.go deleted file mode 100644 index 90319aff..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/enums.go +++ /dev/null @@ -1,53 +0,0 @@ -package dns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -// RecordType enumerates the values for record type. -type RecordType string - -const ( - // A ... - A RecordType = "A" - // AAAA ... - AAAA RecordType = "AAAA" - // CAA ... - CAA RecordType = "CAA" - // CNAME ... - CNAME RecordType = "CNAME" - // MX ... - MX RecordType = "MX" - // NS ... - NS RecordType = "NS" - // PTR ... - PTR RecordType = "PTR" - // SOA ... - SOA RecordType = "SOA" - // SRV ... - SRV RecordType = "SRV" - // TXT ... - TXT RecordType = "TXT" -) - -// PossibleRecordTypeValues returns an array of possible values for the RecordType const type. -func PossibleRecordTypeValues() []RecordType { - return []RecordType{A, AAAA, CAA, CNAME, MX, NS, PTR, SOA, SRV, TXT} -} - -// ZoneType enumerates the values for zone type. -type ZoneType string - -const ( - // Private ... - Private ZoneType = "Private" - // Public ... - Public ZoneType = "Public" -) - -// PossibleZoneTypeValues returns an array of possible values for the ZoneType const type. -func PossibleZoneTypeValues() []ZoneType { - return []ZoneType{Private, Public} -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/models.go deleted file mode 100644 index 50355232..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/models.go +++ /dev/null @@ -1,961 +0,0 @@ -package dns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "encoding/json" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/to" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// The package's fully qualified name. -const fqdn = "github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns" - -// AaaaRecord an AAAA record. -type AaaaRecord struct { - // Ipv6Address - The IPv6 address of this AAAA record. - Ipv6Address *string `json:"ipv6Address,omitempty"` -} - -// ARecord an A record. -type ARecord struct { - // Ipv4Address - The IPv4 address of this A record. - Ipv4Address *string `json:"ipv4Address,omitempty"` -} - -// CaaRecord a CAA record. -type CaaRecord struct { - // Flags - The flags for this CAA record as an integer between 0 and 255. - Flags *int32 `json:"flags,omitempty"` - // Tag - The tag for this CAA record. - Tag *string `json:"tag,omitempty"` - // Value - The value for this CAA record. - Value *string `json:"value,omitempty"` -} - -// CloudError an error response from the service. -type CloudError struct { - // Error - Cloud error body. - Error *CloudErrorBody `json:"error,omitempty"` -} - -// CloudErrorBody an error response from the service. -type CloudErrorBody struct { - // Code - An identifier for the error. Codes are invariant and are intended to be consumed programmatically. - Code *string `json:"code,omitempty"` - // Message - A message describing the error, intended to be suitable for display in a user interface. - Message *string `json:"message,omitempty"` - // Target - The target of the particular error. For example, the name of the property in error. - Target *string `json:"target,omitempty"` - // Details - A list of additional details about the error. - Details *[]CloudErrorBody `json:"details,omitempty"` -} - -// CnameRecord a CNAME record. -type CnameRecord struct { - // Cname - The canonical name for this CNAME record. - Cname *string `json:"cname,omitempty"` -} - -// MxRecord an MX record. -type MxRecord struct { - // Preference - The preference value for this MX record. - Preference *int32 `json:"preference,omitempty"` - // Exchange - The domain name of the mail host for this MX record. - Exchange *string `json:"exchange,omitempty"` -} - -// NsRecord an NS record. -type NsRecord struct { - // Nsdname - The name server name for this NS record. - Nsdname *string `json:"nsdname,omitempty"` -} - -// PtrRecord a PTR record. -type PtrRecord struct { - // Ptrdname - The PTR target domain name for this PTR record. - Ptrdname *string `json:"ptrdname,omitempty"` -} - -// RecordSet describes a DNS record set (a collection of DNS records with the same name and type). -type RecordSet struct { - autorest.Response `json:"-"` - // ID - READ-ONLY; The ID of the record set. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; The name of the record set. - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; The type of the record set. - Type *string `json:"type,omitempty"` - // Etag - The etag of the record set. - Etag *string `json:"etag,omitempty"` - // RecordSetProperties - The properties of the record set. - *RecordSetProperties `json:"properties,omitempty"` -} - -// MarshalJSON is the custom marshaler for RecordSet. -func (rs RecordSet) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rs.Etag != nil { - objectMap["etag"] = rs.Etag - } - if rs.RecordSetProperties != nil { - objectMap["properties"] = rs.RecordSetProperties - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for RecordSet struct. -func (rs *RecordSet) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - rs.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - rs.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - rs.Type = &typeVar - } - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - rs.Etag = &etag - } - case "properties": - if v != nil { - var recordSetProperties RecordSetProperties - err = json.Unmarshal(*v, &recordSetProperties) - if err != nil { - return err - } - rs.RecordSetProperties = &recordSetProperties - } - } - } - - return nil -} - -// RecordSetListResult the response to a record set List operation. -type RecordSetListResult struct { - autorest.Response `json:"-"` - // Value - Information about the record sets in the response. - Value *[]RecordSet `json:"value,omitempty"` - // NextLink - READ-ONLY; The continuation token for the next page of results. - NextLink *string `json:"nextLink,omitempty"` -} - -// MarshalJSON is the custom marshaler for RecordSetListResult. -func (rslr RecordSetListResult) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rslr.Value != nil { - objectMap["value"] = rslr.Value - } - return json.Marshal(objectMap) -} - -// RecordSetListResultIterator provides access to a complete listing of RecordSet values. -type RecordSetListResultIterator struct { - i int - page RecordSetListResultPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *RecordSetListResultIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetListResultIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *RecordSetListResultIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter RecordSetListResultIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter RecordSetListResultIterator) Response() RecordSetListResult { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter RecordSetListResultIterator) Value() RecordSet { - if !iter.page.NotDone() { - return RecordSet{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the RecordSetListResultIterator type. -func NewRecordSetListResultIterator(page RecordSetListResultPage) RecordSetListResultIterator { - return RecordSetListResultIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (rslr RecordSetListResult) IsEmpty() bool { - return rslr.Value == nil || len(*rslr.Value) == 0 -} - -// hasNextLink returns true if the NextLink is not empty. -func (rslr RecordSetListResult) hasNextLink() bool { - return rslr.NextLink != nil && len(*rslr.NextLink) != 0 -} - -// recordSetListResultPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (rslr RecordSetListResult) recordSetListResultPreparer(ctx context.Context) (*http.Request, error) { - if !rslr.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(rslr.NextLink))) -} - -// RecordSetListResultPage contains a page of RecordSet values. -type RecordSetListResultPage struct { - fn func(context.Context, RecordSetListResult) (RecordSetListResult, error) - rslr RecordSetListResult -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *RecordSetListResultPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetListResultPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.rslr) - if err != nil { - return err - } - page.rslr = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *RecordSetListResultPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page RecordSetListResultPage) NotDone() bool { - return !page.rslr.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page RecordSetListResultPage) Response() RecordSetListResult { - return page.rslr -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page RecordSetListResultPage) Values() []RecordSet { - if page.rslr.IsEmpty() { - return nil - } - return *page.rslr.Value -} - -// Creates a new instance of the RecordSetListResultPage type. -func NewRecordSetListResultPage(cur RecordSetListResult, getNextPage func(context.Context, RecordSetListResult) (RecordSetListResult, error)) RecordSetListResultPage { - return RecordSetListResultPage{ - fn: getNextPage, - rslr: cur, - } -} - -// RecordSetProperties represents the properties of the records in the record set. -type RecordSetProperties struct { - // Metadata - The metadata attached to the record set. - Metadata map[string]*string `json:"metadata"` - // TTL - The TTL (time-to-live) of the records in the record set. - TTL *int64 `json:"TTL,omitempty"` - // Fqdn - READ-ONLY; Fully qualified domain name of the record set. - Fqdn *string `json:"fqdn,omitempty"` - // ProvisioningState - READ-ONLY; provisioning State of the record set. - ProvisioningState *string `json:"provisioningState,omitempty"` - // TargetResource - A reference to an azure resource from where the dns resource value is taken. - TargetResource *SubResource `json:"targetResource,omitempty"` - // ARecords - The list of A records in the record set. - ARecords *[]ARecord `json:"ARecords,omitempty"` - // AaaaRecords - The list of AAAA records in the record set. - AaaaRecords *[]AaaaRecord `json:"AAAARecords,omitempty"` - // MxRecords - The list of MX records in the record set. - MxRecords *[]MxRecord `json:"MXRecords,omitempty"` - // NsRecords - The list of NS records in the record set. - NsRecords *[]NsRecord `json:"NSRecords,omitempty"` - // PtrRecords - The list of PTR records in the record set. - PtrRecords *[]PtrRecord `json:"PTRRecords,omitempty"` - // SrvRecords - The list of SRV records in the record set. - SrvRecords *[]SrvRecord `json:"SRVRecords,omitempty"` - // TxtRecords - The list of TXT records in the record set. - TxtRecords *[]TxtRecord `json:"TXTRecords,omitempty"` - // CnameRecord - The CNAME record in the record set. - CnameRecord *CnameRecord `json:"CNAMERecord,omitempty"` - // SoaRecord - The SOA record in the record set. - SoaRecord *SoaRecord `json:"SOARecord,omitempty"` - // CaaRecords - The list of CAA records in the record set. - CaaRecords *[]CaaRecord `json:"caaRecords,omitempty"` -} - -// MarshalJSON is the custom marshaler for RecordSetProperties. -func (rsp RecordSetProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rsp.Metadata != nil { - objectMap["metadata"] = rsp.Metadata - } - if rsp.TTL != nil { - objectMap["TTL"] = rsp.TTL - } - if rsp.TargetResource != nil { - objectMap["targetResource"] = rsp.TargetResource - } - if rsp.ARecords != nil { - objectMap["ARecords"] = rsp.ARecords - } - if rsp.AaaaRecords != nil { - objectMap["AAAARecords"] = rsp.AaaaRecords - } - if rsp.MxRecords != nil { - objectMap["MXRecords"] = rsp.MxRecords - } - if rsp.NsRecords != nil { - objectMap["NSRecords"] = rsp.NsRecords - } - if rsp.PtrRecords != nil { - objectMap["PTRRecords"] = rsp.PtrRecords - } - if rsp.SrvRecords != nil { - objectMap["SRVRecords"] = rsp.SrvRecords - } - if rsp.TxtRecords != nil { - objectMap["TXTRecords"] = rsp.TxtRecords - } - if rsp.CnameRecord != nil { - objectMap["CNAMERecord"] = rsp.CnameRecord - } - if rsp.SoaRecord != nil { - objectMap["SOARecord"] = rsp.SoaRecord - } - if rsp.CaaRecords != nil { - objectMap["caaRecords"] = rsp.CaaRecords - } - return json.Marshal(objectMap) -} - -// RecordSetUpdateParameters parameters supplied to update a record set. -type RecordSetUpdateParameters struct { - // RecordSet - Specifies information about the record set being updated. - RecordSet *RecordSet `json:"RecordSet,omitempty"` -} - -// Resource common properties of an Azure Resource Manager resource -type Resource struct { - // ID - READ-ONLY; Resource ID. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Resource name. - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Resource type. - Type *string `json:"type,omitempty"` - // Location - Resource location. - Location *string `json:"location,omitempty"` - // Tags - Resource tags. - Tags map[string]*string `json:"tags"` -} - -// MarshalJSON is the custom marshaler for Resource. -func (r Resource) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if r.Location != nil { - objectMap["location"] = r.Location - } - if r.Tags != nil { - objectMap["tags"] = r.Tags - } - return json.Marshal(objectMap) -} - -// ResourceReference represents a single Azure resource and its referencing DNS records. -type ResourceReference struct { - // DNSResources - A list of dns Records - DNSResources *[]SubResource `json:"dnsResources,omitempty"` - // TargetResource - A reference to an azure resource from where the dns resource value is taken. - TargetResource *SubResource `json:"targetResource,omitempty"` -} - -// ResourceReferenceRequest represents the properties of the Dns Resource Reference Request. -type ResourceReferenceRequest struct { - // ResourceReferenceRequestProperties - The properties of the Resource Reference Request. - *ResourceReferenceRequestProperties `json:"properties,omitempty"` -} - -// MarshalJSON is the custom marshaler for ResourceReferenceRequest. -func (rrr ResourceReferenceRequest) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rrr.ResourceReferenceRequestProperties != nil { - objectMap["properties"] = rrr.ResourceReferenceRequestProperties - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for ResourceReferenceRequest struct. -func (rrr *ResourceReferenceRequest) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var resourceReferenceRequestProperties ResourceReferenceRequestProperties - err = json.Unmarshal(*v, &resourceReferenceRequestProperties) - if err != nil { - return err - } - rrr.ResourceReferenceRequestProperties = &resourceReferenceRequestProperties - } - } - } - - return nil -} - -// ResourceReferenceRequestProperties represents the properties of the Dns Resource Reference Request. -type ResourceReferenceRequestProperties struct { - // TargetResources - A list of references to azure resources for which referencing dns records need to be queried. - TargetResources *[]SubResource `json:"targetResources,omitempty"` -} - -// ResourceReferenceResult represents the properties of the Dns Resource Reference Result. -type ResourceReferenceResult struct { - autorest.Response `json:"-"` - // ResourceReferenceResultProperties - The result of dns resource reference request. Returns a list of dns resource references for each of the azure resource in the request. - *ResourceReferenceResultProperties `json:"properties,omitempty"` -} - -// MarshalJSON is the custom marshaler for ResourceReferenceResult. -func (rrr ResourceReferenceResult) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rrr.ResourceReferenceResultProperties != nil { - objectMap["properties"] = rrr.ResourceReferenceResultProperties - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for ResourceReferenceResult struct. -func (rrr *ResourceReferenceResult) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "properties": - if v != nil { - var resourceReferenceResultProperties ResourceReferenceResultProperties - err = json.Unmarshal(*v, &resourceReferenceResultProperties) - if err != nil { - return err - } - rrr.ResourceReferenceResultProperties = &resourceReferenceResultProperties - } - } - } - - return nil -} - -// ResourceReferenceResultProperties the result of dns resource reference request. Returns a list of dns -// resource references for each of the azure resource in the request. -type ResourceReferenceResultProperties struct { - // DNSResourceReferences - The result of dns resource reference request. A list of dns resource references for each of the azure resource in the request - DNSResourceReferences *[]ResourceReference `json:"dnsResourceReferences,omitempty"` -} - -// SoaRecord an SOA record. -type SoaRecord struct { - // Host - The domain name of the authoritative name server for this SOA record. - Host *string `json:"host,omitempty"` - // Email - The email contact for this SOA record. - Email *string `json:"email,omitempty"` - // SerialNumber - The serial number for this SOA record. - SerialNumber *int64 `json:"serialNumber,omitempty"` - // RefreshTime - The refresh value for this SOA record. - RefreshTime *int64 `json:"refreshTime,omitempty"` - // RetryTime - The retry time for this SOA record. - RetryTime *int64 `json:"retryTime,omitempty"` - // ExpireTime - The expire time for this SOA record. - ExpireTime *int64 `json:"expireTime,omitempty"` - // MinimumTTL - The minimum value for this SOA record. By convention this is used to determine the negative caching duration. - MinimumTTL *int64 `json:"minimumTTL,omitempty"` -} - -// SrvRecord an SRV record. -type SrvRecord struct { - // Priority - The priority value for this SRV record. - Priority *int32 `json:"priority,omitempty"` - // Weight - The weight value for this SRV record. - Weight *int32 `json:"weight,omitempty"` - // Port - The port value for this SRV record. - Port *int32 `json:"port,omitempty"` - // Target - The target domain name for this SRV record. - Target *string `json:"target,omitempty"` -} - -// SubResource a reference to a another resource -type SubResource struct { - // ID - Resource Id. - ID *string `json:"id,omitempty"` -} - -// TxtRecord a TXT record. -type TxtRecord struct { - // Value - The text value of this TXT record. - Value *[]string `json:"value,omitempty"` -} - -// Zone describes a DNS zone. -type Zone struct { - autorest.Response `json:"-"` - // Etag - The etag of the zone. - Etag *string `json:"etag,omitempty"` - // ZoneProperties - The properties of the zone. - *ZoneProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Resource ID. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; Resource name. - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; Resource type. - Type *string `json:"type,omitempty"` - // Location - Resource location. - Location *string `json:"location,omitempty"` - // Tags - Resource tags. - Tags map[string]*string `json:"tags"` -} - -// MarshalJSON is the custom marshaler for Zone. -func (z Zone) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if z.Etag != nil { - objectMap["etag"] = z.Etag - } - if z.ZoneProperties != nil { - objectMap["properties"] = z.ZoneProperties - } - if z.Location != nil { - objectMap["location"] = z.Location - } - if z.Tags != nil { - objectMap["tags"] = z.Tags - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for Zone struct. -func (z *Zone) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - z.Etag = &etag - } - case "properties": - if v != nil { - var zoneProperties ZoneProperties - err = json.Unmarshal(*v, &zoneProperties) - if err != nil { - return err - } - z.ZoneProperties = &zoneProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - z.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - z.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - z.Type = &typeVar - } - case "location": - if v != nil { - var location string - err = json.Unmarshal(*v, &location) - if err != nil { - return err - } - z.Location = &location - } - case "tags": - if v != nil { - var tags map[string]*string - err = json.Unmarshal(*v, &tags) - if err != nil { - return err - } - z.Tags = tags - } - } - } - - return nil -} - -// ZoneListResult the response to a Zone List or ListAll operation. -type ZoneListResult struct { - autorest.Response `json:"-"` - // Value - Information about the DNS zones. - Value *[]Zone `json:"value,omitempty"` - // NextLink - READ-ONLY; The continuation token for the next page of results. - NextLink *string `json:"nextLink,omitempty"` -} - -// MarshalJSON is the custom marshaler for ZoneListResult. -func (zlr ZoneListResult) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if zlr.Value != nil { - objectMap["value"] = zlr.Value - } - return json.Marshal(objectMap) -} - -// ZoneListResultIterator provides access to a complete listing of Zone values. -type ZoneListResultIterator struct { - i int - page ZoneListResultPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *ZoneListResultIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZoneListResultIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *ZoneListResultIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter ZoneListResultIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter ZoneListResultIterator) Response() ZoneListResult { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter ZoneListResultIterator) Value() Zone { - if !iter.page.NotDone() { - return Zone{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the ZoneListResultIterator type. -func NewZoneListResultIterator(page ZoneListResultPage) ZoneListResultIterator { - return ZoneListResultIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (zlr ZoneListResult) IsEmpty() bool { - return zlr.Value == nil || len(*zlr.Value) == 0 -} - -// hasNextLink returns true if the NextLink is not empty. -func (zlr ZoneListResult) hasNextLink() bool { - return zlr.NextLink != nil && len(*zlr.NextLink) != 0 -} - -// zoneListResultPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (zlr ZoneListResult) zoneListResultPreparer(ctx context.Context) (*http.Request, error) { - if !zlr.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(zlr.NextLink))) -} - -// ZoneListResultPage contains a page of Zone values. -type ZoneListResultPage struct { - fn func(context.Context, ZoneListResult) (ZoneListResult, error) - zlr ZoneListResult -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *ZoneListResultPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZoneListResultPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.zlr) - if err != nil { - return err - } - page.zlr = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *ZoneListResultPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page ZoneListResultPage) NotDone() bool { - return !page.zlr.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page ZoneListResultPage) Response() ZoneListResult { - return page.zlr -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page ZoneListResultPage) Values() []Zone { - if page.zlr.IsEmpty() { - return nil - } - return *page.zlr.Value -} - -// Creates a new instance of the ZoneListResultPage type. -func NewZoneListResultPage(cur ZoneListResult, getNextPage func(context.Context, ZoneListResult) (ZoneListResult, error)) ZoneListResultPage { - return ZoneListResultPage{ - fn: getNextPage, - zlr: cur, - } -} - -// ZoneProperties represents the properties of the zone. -type ZoneProperties struct { - // MaxNumberOfRecordSets - READ-ONLY; The maximum number of record sets that can be created in this DNS zone. This is a read-only property and any attempt to set this value will be ignored. - MaxNumberOfRecordSets *int64 `json:"maxNumberOfRecordSets,omitempty"` - // MaxNumberOfRecordsPerRecordSet - READ-ONLY; The maximum number of records per record set that can be created in this DNS zone. This is a read-only property and any attempt to set this value will be ignored. - MaxNumberOfRecordsPerRecordSet *int64 `json:"maxNumberOfRecordsPerRecordSet,omitempty"` - // NumberOfRecordSets - READ-ONLY; The current number of record sets in this DNS zone. This is a read-only property and any attempt to set this value will be ignored. - NumberOfRecordSets *int64 `json:"numberOfRecordSets,omitempty"` - // NameServers - READ-ONLY; The name servers for this DNS zone. This is a read-only property and any attempt to set this value will be ignored. - NameServers *[]string `json:"nameServers,omitempty"` - // ZoneType - The type of this DNS zone (Public or Private). Possible values include: 'Public', 'Private' - ZoneType ZoneType `json:"zoneType,omitempty"` - // RegistrationVirtualNetworks - A list of references to virtual networks that register hostnames in this DNS zone. This is a only when ZoneType is Private. - RegistrationVirtualNetworks *[]SubResource `json:"registrationVirtualNetworks,omitempty"` - // ResolutionVirtualNetworks - A list of references to virtual networks that resolve records in this DNS zone. This is a only when ZoneType is Private. - ResolutionVirtualNetworks *[]SubResource `json:"resolutionVirtualNetworks,omitempty"` -} - -// MarshalJSON is the custom marshaler for ZoneProperties. -func (zp ZoneProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if zp.ZoneType != "" { - objectMap["zoneType"] = zp.ZoneType - } - if zp.RegistrationVirtualNetworks != nil { - objectMap["registrationVirtualNetworks"] = zp.RegistrationVirtualNetworks - } - if zp.ResolutionVirtualNetworks != nil { - objectMap["resolutionVirtualNetworks"] = zp.ResolutionVirtualNetworks - } - return json.Marshal(objectMap) -} - -// ZonesDeleteFuture an abstraction for monitoring and retrieving the results of a long-running operation. -type ZonesDeleteFuture struct { - azure.FutureAPI - // Result returns the result of the asynchronous operation. - // If the operation has not completed it will return an error. - Result func(ZonesClient) (autorest.Response, error) -} - -// UnmarshalJSON is the custom unmarshaller for CreateFuture. -func (future *ZonesDeleteFuture) UnmarshalJSON(body []byte) error { - var azFuture azure.Future - if err := json.Unmarshal(body, &azFuture); err != nil { - return err - } - future.FutureAPI = &azFuture - future.Result = future.result - return nil -} - -// result is the default implementation for ZonesDeleteFuture.Result. -func (future *ZonesDeleteFuture) result(client ZonesClient) (ar autorest.Response, err error) { - var done bool - done, err = future.DoneWithContext(context.Background(), client) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesDeleteFuture", "Result", future.Response(), "Polling failure") - return - } - if !done { - ar.Response = future.Response() - err = azure.NewAsyncOpIncompleteError("dns.ZonesDeleteFuture") - return - } - ar.Response = future.Response() - return -} - -// ZoneUpdate describes a request to update a DNS zone. -type ZoneUpdate struct { - // Tags - Resource tags. - Tags map[string]*string `json:"tags"` -} - -// MarshalJSON is the custom marshaler for ZoneUpdate. -func (zu ZoneUpdate) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if zu.Tags != nil { - objectMap["tags"] = zu.Tags - } - return json.Marshal(objectMap) -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/recordsets.go b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/recordsets.go deleted file mode 100644 index d3aa10e2..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/recordsets.go +++ /dev/null @@ -1,774 +0,0 @@ -package dns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// RecordSetsClient is the the DNS Management Client. -type RecordSetsClient struct { - BaseClient -} - -// NewRecordSetsClient creates an instance of the RecordSetsClient client. -func NewRecordSetsClient(subscriptionID string) RecordSetsClient { - return NewRecordSetsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewRecordSetsClientWithBaseURI creates an instance of the RecordSetsClient client using a custom endpoint. Use this -// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewRecordSetsClientWithBaseURI(baseURI string, subscriptionID string) RecordSetsClient { - return RecordSetsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdate creates or updates a record set within a DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// relativeRecordSetName - the name of the record set, relative to the name of the zone. -// recordType - the type of DNS record in this record set. Record sets of type SOA can be updated but not -// created (they are created when the DNS zone is created). -// parameters - parameters supplied to the CreateOrUpdate operation. -// ifMatch - the etag of the record set. Omit this value to always overwrite the current record set. Specify -// the last-seen etag value to prevent accidentally overwriting any concurrent changes. -// ifNoneMatch - set to '*' to allow a new record set to be created, but to prevent updating an existing record -// set. Other values will be ignored. -func (client RecordSetsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, zoneName string, relativeRecordSetName string, recordType RecordType, parameters RecordSet, ifMatch string, ifNoneMatch string) (result RecordSet, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.CreateOrUpdate") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, zoneName, relativeRecordSetName, recordType, parameters, ifMatch, ifNoneMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "CreateOrUpdate", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "CreateOrUpdate", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "CreateOrUpdate", resp, "Failure responding to request") - return - } - - return -} - -// CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client RecordSetsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, zoneName string, relativeRecordSetName string, recordType RecordType, parameters RecordSet, ifMatch string, ifNoneMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "recordType": autorest.Encode("path", recordType), - "relativeRecordSetName": relativeRecordSetName, - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - parameters.ID = nil - parameters.Name = nil - parameters.Type = nil - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}/{recordType}/{relativeRecordSetName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - if len(ifNoneMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) CreateOrUpdateResponder(resp *http.Response) (result RecordSet, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Delete deletes a record set from a DNS zone. This operation cannot be undone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// relativeRecordSetName - the name of the record set, relative to the name of the zone. -// recordType - the type of DNS record in this record set. Record sets of type SOA cannot be deleted (they are -// deleted when the DNS zone is deleted). -// ifMatch - the etag of the record set. Omit this value to always delete the current record set. Specify the -// last-seen etag value to prevent accidentally deleting any concurrent changes. -func (client RecordSetsClient) Delete(ctx context.Context, resourceGroupName string, zoneName string, relativeRecordSetName string, recordType RecordType, ifMatch string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Delete") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.DeletePreparer(ctx, resourceGroupName, zoneName, relativeRecordSetName, recordType, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Delete", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Delete", resp, "Failure sending request") - return - } - - result, err = client.DeleteResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Delete", resp, "Failure responding to request") - return - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client RecordSetsClient) DeletePreparer(ctx context.Context, resourceGroupName string, zoneName string, relativeRecordSetName string, recordType RecordType, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "recordType": autorest.Encode("path", recordType), - "relativeRecordSetName": relativeRecordSetName, - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}/{recordType}/{relativeRecordSetName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) DeleteSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets a record set. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// relativeRecordSetName - the name of the record set, relative to the name of the zone. -// recordType - the type of DNS record in this record set. -func (client RecordSetsClient) Get(ctx context.Context, resourceGroupName string, zoneName string, relativeRecordSetName string, recordType RecordType) (result RecordSet, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.GetPreparer(ctx, resourceGroupName, zoneName, relativeRecordSetName, recordType) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Get", resp, "Failure responding to request") - return - } - - return -} - -// GetPreparer prepares the Get request. -func (client RecordSetsClient) GetPreparer(ctx context.Context, resourceGroupName string, zoneName string, relativeRecordSetName string, recordType RecordType) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "recordType": autorest.Encode("path", recordType), - "relativeRecordSetName": relativeRecordSetName, - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}/{recordType}/{relativeRecordSetName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) GetSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) GetResponder(resp *http.Response) (result RecordSet, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// ListAllByDNSZone lists all record sets in a DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets. -// recordSetNameSuffix - the suffix label of the record set name that has to be used to filter the record set -// enumerations. If this parameter is specified, Enumeration will return only records that end with -// . -func (client RecordSetsClient) ListAllByDNSZone(ctx context.Context, resourceGroupName string, zoneName string, top *int32, recordSetNameSuffix string) (result RecordSetListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListAllByDNSZone") - defer func() { - sc := -1 - if result.rslr.Response.Response != nil { - sc = result.rslr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listAllByDNSZoneNextResults - req, err := client.ListAllByDNSZonePreparer(ctx, resourceGroupName, zoneName, top, recordSetNameSuffix) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListAllByDNSZone", nil, "Failure preparing request") - return - } - - resp, err := client.ListAllByDNSZoneSender(req) - if err != nil { - result.rslr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListAllByDNSZone", resp, "Failure sending request") - return - } - - result.rslr, err = client.ListAllByDNSZoneResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListAllByDNSZone", resp, "Failure responding to request") - return - } - if result.rslr.hasNextLink() && result.rslr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListAllByDNSZonePreparer prepares the ListAllByDNSZone request. -func (client RecordSetsClient) ListAllByDNSZonePreparer(ctx context.Context, resourceGroupName string, zoneName string, top *int32, recordSetNameSuffix string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(recordSetNameSuffix) > 0 { - queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordSetNameSuffix) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}/all", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListAllByDNSZoneSender sends the ListAllByDNSZone request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) ListAllByDNSZoneSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListAllByDNSZoneResponder handles the response to the ListAllByDNSZone request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) ListAllByDNSZoneResponder(resp *http.Response) (result RecordSetListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listAllByDNSZoneNextResults retrieves the next set of results, if any. -func (client RecordSetsClient) listAllByDNSZoneNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) { - req, err := lastResults.recordSetListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listAllByDNSZoneNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListAllByDNSZoneSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listAllByDNSZoneNextResults", resp, "Failure sending next results request") - } - result, err = client.ListAllByDNSZoneResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listAllByDNSZoneNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListAllByDNSZoneComplete enumerates all values, automatically crossing page boundaries as required. -func (client RecordSetsClient) ListAllByDNSZoneComplete(ctx context.Context, resourceGroupName string, zoneName string, top *int32, recordSetNameSuffix string) (result RecordSetListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListAllByDNSZone") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListAllByDNSZone(ctx, resourceGroupName, zoneName, top, recordSetNameSuffix) - return -} - -// ListByDNSZone lists all record sets in a DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets. -// recordsetnamesuffix - the suffix label of the record set name that has to be used to filter the record set -// enumerations. If this parameter is specified, Enumeration will return only records that end with -// . -func (client RecordSetsClient) ListByDNSZone(ctx context.Context, resourceGroupName string, zoneName string, top *int32, recordsetnamesuffix string) (result RecordSetListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByDNSZone") - defer func() { - sc := -1 - if result.rslr.Response.Response != nil { - sc = result.rslr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listByDNSZoneNextResults - req, err := client.ListByDNSZonePreparer(ctx, resourceGroupName, zoneName, top, recordsetnamesuffix) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListByDNSZone", nil, "Failure preparing request") - return - } - - resp, err := client.ListByDNSZoneSender(req) - if err != nil { - result.rslr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListByDNSZone", resp, "Failure sending request") - return - } - - result.rslr, err = client.ListByDNSZoneResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListByDNSZone", resp, "Failure responding to request") - return - } - if result.rslr.hasNextLink() && result.rslr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListByDNSZonePreparer prepares the ListByDNSZone request. -func (client RecordSetsClient) ListByDNSZonePreparer(ctx context.Context, resourceGroupName string, zoneName string, top *int32, recordsetnamesuffix string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(recordsetnamesuffix) > 0 { - queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordsetnamesuffix) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}/recordsets", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListByDNSZoneSender sends the ListByDNSZone request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) ListByDNSZoneSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListByDNSZoneResponder handles the response to the ListByDNSZone request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) ListByDNSZoneResponder(resp *http.Response) (result RecordSetListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listByDNSZoneNextResults retrieves the next set of results, if any. -func (client RecordSetsClient) listByDNSZoneNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) { - req, err := lastResults.recordSetListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listByDNSZoneNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListByDNSZoneSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listByDNSZoneNextResults", resp, "Failure sending next results request") - } - result, err = client.ListByDNSZoneResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listByDNSZoneNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListByDNSZoneComplete enumerates all values, automatically crossing page boundaries as required. -func (client RecordSetsClient) ListByDNSZoneComplete(ctx context.Context, resourceGroupName string, zoneName string, top *int32, recordsetnamesuffix string) (result RecordSetListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByDNSZone") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListByDNSZone(ctx, resourceGroupName, zoneName, top, recordsetnamesuffix) - return -} - -// ListByType lists the record sets of a specified type in a DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// recordType - the type of record sets to enumerate. -// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets. -// recordsetnamesuffix - the suffix label of the record set name that has to be used to filter the record set -// enumerations. If this parameter is specified, Enumeration will return only records that end with -// . -func (client RecordSetsClient) ListByType(ctx context.Context, resourceGroupName string, zoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (result RecordSetListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByType") - defer func() { - sc := -1 - if result.rslr.Response.Response != nil { - sc = result.rslr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listByTypeNextResults - req, err := client.ListByTypePreparer(ctx, resourceGroupName, zoneName, recordType, top, recordsetnamesuffix) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListByType", nil, "Failure preparing request") - return - } - - resp, err := client.ListByTypeSender(req) - if err != nil { - result.rslr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListByType", resp, "Failure sending request") - return - } - - result.rslr, err = client.ListByTypeResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "ListByType", resp, "Failure responding to request") - return - } - if result.rslr.hasNextLink() && result.rslr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListByTypePreparer prepares the ListByType request. -func (client RecordSetsClient) ListByTypePreparer(ctx context.Context, resourceGroupName string, zoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "recordType": autorest.Encode("path", recordType), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(recordsetnamesuffix) > 0 { - queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordsetnamesuffix) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}/{recordType}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListByTypeSender sends the ListByType request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) ListByTypeSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListByTypeResponder handles the response to the ListByType request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) ListByTypeResponder(resp *http.Response) (result RecordSetListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listByTypeNextResults retrieves the next set of results, if any. -func (client RecordSetsClient) listByTypeNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) { - req, err := lastResults.recordSetListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listByTypeNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListByTypeSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listByTypeNextResults", resp, "Failure sending next results request") - } - result, err = client.ListByTypeResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "listByTypeNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListByTypeComplete enumerates all values, automatically crossing page boundaries as required. -func (client RecordSetsClient) ListByTypeComplete(ctx context.Context, resourceGroupName string, zoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (result RecordSetListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByType") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListByType(ctx, resourceGroupName, zoneName, recordType, top, recordsetnamesuffix) - return -} - -// Update updates a record set within a DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// relativeRecordSetName - the name of the record set, relative to the name of the zone. -// recordType - the type of DNS record in this record set. -// parameters - parameters supplied to the Update operation. -// ifMatch - the etag of the record set. Omit this value to always overwrite the current record set. Specify -// the last-seen etag value to prevent accidentally overwriting concurrent changes. -func (client RecordSetsClient) Update(ctx context.Context, resourceGroupName string, zoneName string, relativeRecordSetName string, recordType RecordType, parameters RecordSet, ifMatch string) (result RecordSet, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Update") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.UpdatePreparer(ctx, resourceGroupName, zoneName, relativeRecordSetName, recordType, parameters, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Update", nil, "Failure preparing request") - return - } - - resp, err := client.UpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Update", resp, "Failure sending request") - return - } - - result, err = client.UpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.RecordSetsClient", "Update", resp, "Failure responding to request") - return - } - - return -} - -// UpdatePreparer prepares the Update request. -func (client RecordSetsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, zoneName string, relativeRecordSetName string, recordType RecordType, parameters RecordSet, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "recordType": autorest.Encode("path", recordType), - "relativeRecordSetName": relativeRecordSetName, - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - parameters.ID = nil - parameters.Name = nil - parameters.Type = nil - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPatch(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}/{recordType}/{relativeRecordSetName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// UpdateSender sends the Update request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) UpdateSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// UpdateResponder handles the response to the Update request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) UpdateResponder(resp *http.Response) (result RecordSet, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/resourcereference.go b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/resourcereference.go deleted file mode 100644 index 87573585..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/resourcereference.go +++ /dev/null @@ -1,107 +0,0 @@ -package dns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// ResourceReferenceClient is the the DNS Management Client. -type ResourceReferenceClient struct { - BaseClient -} - -// NewResourceReferenceClient creates an instance of the ResourceReferenceClient client. -func NewResourceReferenceClient(subscriptionID string) ResourceReferenceClient { - return NewResourceReferenceClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewResourceReferenceClientWithBaseURI creates an instance of the ResourceReferenceClient client using a custom -// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure -// stack). -func NewResourceReferenceClientWithBaseURI(baseURI string, subscriptionID string) ResourceReferenceClient { - return ResourceReferenceClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// GetByTargetResources returns the DNS records specified by the referencing targetResourceIds. -// Parameters: -// parameters - properties for dns resource reference request. -func (client ResourceReferenceClient) GetByTargetResources(ctx context.Context, parameters ResourceReferenceRequest) (result ResourceReferenceResult, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ResourceReferenceClient.GetByTargetResources") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.GetByTargetResourcesPreparer(ctx, parameters) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ResourceReferenceClient", "GetByTargetResources", nil, "Failure preparing request") - return - } - - resp, err := client.GetByTargetResourcesSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.ResourceReferenceClient", "GetByTargetResources", resp, "Failure sending request") - return - } - - result, err = client.GetByTargetResourcesResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ResourceReferenceClient", "GetByTargetResources", resp, "Failure responding to request") - return - } - - return -} - -// GetByTargetResourcesPreparer prepares the GetByTargetResources request. -func (client ResourceReferenceClient) GetByTargetResourcesPreparer(ctx context.Context, parameters ResourceReferenceRequest) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPost(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Network/getDnsResourceReference", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetByTargetResourcesSender sends the GetByTargetResources request. The method will close the -// http.Response Body if it receives an error. -func (client ResourceReferenceClient) GetByTargetResourcesSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetByTargetResourcesResponder handles the response to the GetByTargetResources request. The method always -// closes the http.Response Body. -func (client ResourceReferenceClient) GetByTargetResourcesResponder(resp *http.Response) (result ResourceReferenceResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/version.go deleted file mode 100644 index 940b45d2..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/version.go +++ /dev/null @@ -1,19 +0,0 @@ -package dns - -import "github.com/Azure/azure-sdk-for-go/version" - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -// UserAgent returns the UserAgent string to use when sending http.Requests. -func UserAgent() string { - return "Azure-SDK-For-Go/" + Version() + " dns/2018-05-01" -} - -// Version returns the semantic version (see http://semver.org) of the client. -func Version() string { - return version.Number -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/zones.go b/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/zones.go deleted file mode 100644 index e004a725..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/dns/mgmt/2018-05-01/dns/zones.go +++ /dev/null @@ -1,606 +0,0 @@ -package dns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// ZonesClient is the the DNS Management Client. -type ZonesClient struct { - BaseClient -} - -// NewZonesClient creates an instance of the ZonesClient client. -func NewZonesClient(subscriptionID string) ZonesClient { - return NewZonesClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewZonesClientWithBaseURI creates an instance of the ZonesClient client using a custom endpoint. Use this when -// interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewZonesClientWithBaseURI(baseURI string, subscriptionID string) ZonesClient { - return ZonesClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdate creates or updates a DNS zone. Does not modify DNS records within the zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// parameters - parameters supplied to the CreateOrUpdate operation. -// ifMatch - the etag of the DNS zone. Omit this value to always overwrite the current zone. Specify the -// last-seen etag value to prevent accidentally overwriting any concurrent changes. -// ifNoneMatch - set to '*' to allow a new DNS zone to be created, but to prevent updating an existing zone. -// Other values will be ignored. -func (client ZonesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, zoneName string, parameters Zone, ifMatch string, ifNoneMatch string) (result Zone, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZonesClient.CreateOrUpdate") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, zoneName, parameters, ifMatch, ifNoneMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "CreateOrUpdate", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "CreateOrUpdate", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "CreateOrUpdate", resp, "Failure responding to request") - return - } - - return -} - -// CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client ZonesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, zoneName string, parameters Zone, ifMatch string, ifNoneMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - if len(ifNoneMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the -// http.Response Body if it receives an error. -func (client ZonesClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always -// closes the http.Response Body. -func (client ZonesClient) CreateOrUpdateResponder(resp *http.Response) (result Zone, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Delete deletes a DNS zone. WARNING: All DNS records in the zone will also be deleted. This operation cannot be -// undone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// ifMatch - the etag of the DNS zone. Omit this value to always delete the current zone. Specify the last-seen -// etag value to prevent accidentally deleting any concurrent changes. -func (client ZonesClient) Delete(ctx context.Context, resourceGroupName string, zoneName string, ifMatch string) (result ZonesDeleteFuture, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZonesClient.Delete") - defer func() { - sc := -1 - if result.FutureAPI != nil && result.FutureAPI.Response() != nil { - sc = result.FutureAPI.Response().StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.DeletePreparer(ctx, resourceGroupName, zoneName, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "Delete", nil, "Failure preparing request") - return - } - - result, err = client.DeleteSender(req) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "Delete", result.Response(), "Failure sending request") - return - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client ZonesClient) DeletePreparer(ctx context.Context, resourceGroupName string, zoneName string, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client ZonesClient) DeleteSender(req *http.Request) (future ZonesDeleteFuture, err error) { - var resp *http.Response - future.FutureAPI = &azure.Future{} - resp, err = client.Send(req, azure.DoRetryWithRegistration(client.Client)) - if err != nil { - return - } - var azf azure.Future - azf, err = azure.NewFutureFromResponse(resp) - future.FutureAPI = &azf - future.Result = future.result - return -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client ZonesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets a DNS zone. Retrieves the zone properties, but not the record sets within the zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -func (client ZonesClient) Get(ctx context.Context, resourceGroupName string, zoneName string) (result Zone, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZonesClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.GetPreparer(ctx, resourceGroupName, zoneName) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "Get", resp, "Failure responding to request") - return - } - - return -} - -// GetPreparer prepares the Get request. -func (client ZonesClient) GetPreparer(ctx context.Context, resourceGroupName string, zoneName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client ZonesClient) GetSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client ZonesClient) GetResponder(resp *http.Response) (result Zone, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List lists the DNS zones in all resource groups in a subscription. -// Parameters: -// top - the maximum number of DNS zones to return. If not specified, returns up to 100 zones. -func (client ZonesClient) List(ctx context.Context, top *int32) (result ZoneListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZonesClient.List") - defer func() { - sc := -1 - if result.zlr.Response.Response != nil { - sc = result.zlr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, top) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.zlr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "List", resp, "Failure sending request") - return - } - - result.zlr, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "List", resp, "Failure responding to request") - return - } - if result.zlr.hasNextLink() && result.zlr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListPreparer prepares the List request. -func (client ZonesClient) ListPreparer(ctx context.Context, top *int32) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Network/dnszones", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client ZonesClient) ListSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client ZonesClient) ListResponder(resp *http.Response) (result ZoneListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client ZonesClient) listNextResults(ctx context.Context, lastResults ZoneListResult) (result ZoneListResult, err error) { - req, err := lastResults.zoneListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "dns.ZonesClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "dns.ZonesClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client ZonesClient) ListComplete(ctx context.Context, top *int32) (result ZoneListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZonesClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, top) - return -} - -// ListByResourceGroup lists the DNS zones within a resource group. -// Parameters: -// resourceGroupName - the name of the resource group. -// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets. -func (client ZonesClient) ListByResourceGroup(ctx context.Context, resourceGroupName string, top *int32) (result ZoneListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZonesClient.ListByResourceGroup") - defer func() { - sc := -1 - if result.zlr.Response.Response != nil { - sc = result.zlr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listByResourceGroupNextResults - req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName, top) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "ListByResourceGroup", nil, "Failure preparing request") - return - } - - resp, err := client.ListByResourceGroupSender(req) - if err != nil { - result.zlr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "ListByResourceGroup", resp, "Failure sending request") - return - } - - result.zlr, err = client.ListByResourceGroupResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "ListByResourceGroup", resp, "Failure responding to request") - return - } - if result.zlr.hasNextLink() && result.zlr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListByResourceGroupPreparer prepares the ListByResourceGroup request. -func (client ZonesClient) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string, top *int32) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the -// http.Response Body if it receives an error. -func (client ZonesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always -// closes the http.Response Body. -func (client ZonesClient) ListByResourceGroupResponder(resp *http.Response) (result ZoneListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listByResourceGroupNextResults retrieves the next set of results, if any. -func (client ZonesClient) listByResourceGroupNextResults(ctx context.Context, lastResults ZoneListResult) (result ZoneListResult, err error) { - req, err := lastResults.zoneListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "dns.ZonesClient", "listByResourceGroupNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListByResourceGroupSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "dns.ZonesClient", "listByResourceGroupNextResults", resp, "Failure sending next results request") - } - result, err = client.ListByResourceGroupResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "listByResourceGroupNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required. -func (client ZonesClient) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string, top *int32) (result ZoneListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZonesClient.ListByResourceGroup") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListByResourceGroup(ctx, resourceGroupName, top) - return -} - -// Update updates a DNS zone. Does not modify DNS records within the zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// zoneName - the name of the DNS zone (without a terminating dot). -// parameters - parameters supplied to the Update operation. -// ifMatch - the etag of the DNS zone. Omit this value to always overwrite the current zone. Specify the -// last-seen etag value to prevent accidentally overwriting any concurrent changes. -func (client ZonesClient) Update(ctx context.Context, resourceGroupName string, zoneName string, parameters ZoneUpdate, ifMatch string) (result Zone, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/ZonesClient.Update") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.UpdatePreparer(ctx, resourceGroupName, zoneName, parameters, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "Update", nil, "Failure preparing request") - return - } - - resp, err := client.UpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "Update", resp, "Failure sending request") - return - } - - result, err = client.UpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "dns.ZonesClient", "Update", resp, "Failure responding to request") - return - } - - return -} - -// UpdatePreparer prepares the Update request. -func (client ZonesClient) UpdatePreparer(ctx context.Context, resourceGroupName string, zoneName string, parameters ZoneUpdate, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "zoneName": autorest.Encode("path", zoneName), - } - - const APIVersion = "2018-05-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPatch(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/dnsZones/{zoneName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// UpdateSender sends the Update request. The method will close the -// http.Response Body if it receives an error. -func (client ZonesClient) UpdateSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// UpdateResponder handles the response to the Update request. The method always -// closes the http.Response Body. -func (client ZonesClient) UpdateResponder(resp *http.Response) (result Zone, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/CHANGELOG.md b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/CHANGELOG.md deleted file mode 100644 index 52911e4c..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/CHANGELOG.md +++ /dev/null @@ -1,2 +0,0 @@ -# Change History - diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/_meta.json b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/_meta.json deleted file mode 100644 index b7152c03..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/_meta.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "commit": "1c8d7850afbec9ede6de6f2d14bcc30896a74ed6", - "readme": "/_/azure-rest-api-specs/specification/privatedns/resource-manager/readme.md", - "tag": "package-2020-06", - "use": "@microsoft.azure/autorest.go@2.1.188", - "repository_url": "https://github.com/Azure/azure-rest-api-specs.git", - "autorest_command": "autorest --use=@microsoft.azure/autorest.go@2.1.188 --tag=package-2020-06 --go-sdk-folder=/_/azure-sdk-for-go --go --verbose --use-onever --version=2.0.4421 --go.license-header=MICROSOFT_MIT_NO_VERSION /_/azure-rest-api-specs/specification/privatedns/resource-manager/readme.md", - "additional_properties": { - "additional_options": "--go --verbose --use-onever --version=2.0.4421 --go.license-header=MICROSOFT_MIT_NO_VERSION" - } -} \ No newline at end of file diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/client.go deleted file mode 100644 index f433024c..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/client.go +++ /dev/null @@ -1,43 +0,0 @@ -// Deprecated: Please note, this package has been deprecated. A replacement package is available [github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/privatedns/armprivatedns). We strongly encourage you to upgrade to continue receiving updates. See [Migration Guide](https://aka.ms/azsdk/golang/t2/migration) for guidance on upgrading. Refer to our [deprecation policy](https://azure.github.io/azure-sdk/policies_support.html) for more details. -// -// Package privatedns implements the Azure ARM Privatedns service API version 2020-06-01. -// -// The Private DNS Management Client. -package privatedns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "github.com/Azure/go-autorest/autorest" -) - -const ( - // DefaultBaseURI is the default URI used for the service Privatedns - DefaultBaseURI = "https://management.azure.com" -) - -// BaseClient is the base client for Privatedns. -type BaseClient struct { - autorest.Client - BaseURI string - SubscriptionID string -} - -// New creates an instance of the BaseClient client. -func New(subscriptionID string) BaseClient { - return NewWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewWithBaseURI creates an instance of the BaseClient client using a custom endpoint. Use this when interacting with -// an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient { - return BaseClient{ - Client: autorest.NewClientWithUserAgent(UserAgent()), - BaseURI: baseURI, - SubscriptionID: subscriptionID, - } -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/enums.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/enums.go deleted file mode 100644 index a4cbf2a6..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/enums.go +++ /dev/null @@ -1,72 +0,0 @@ -package privatedns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -// ProvisioningState enumerates the values for provisioning state. -type ProvisioningState string - -const ( - // Canceled ... - Canceled ProvisioningState = "Canceled" - // Creating ... - Creating ProvisioningState = "Creating" - // Deleting ... - Deleting ProvisioningState = "Deleting" - // Failed ... - Failed ProvisioningState = "Failed" - // Succeeded ... - Succeeded ProvisioningState = "Succeeded" - // Updating ... - Updating ProvisioningState = "Updating" -) - -// PossibleProvisioningStateValues returns an array of possible values for the ProvisioningState const type. -func PossibleProvisioningStateValues() []ProvisioningState { - return []ProvisioningState{Canceled, Creating, Deleting, Failed, Succeeded, Updating} -} - -// RecordType enumerates the values for record type. -type RecordType string - -const ( - // A ... - A RecordType = "A" - // AAAA ... - AAAA RecordType = "AAAA" - // CNAME ... - CNAME RecordType = "CNAME" - // MX ... - MX RecordType = "MX" - // PTR ... - PTR RecordType = "PTR" - // SOA ... - SOA RecordType = "SOA" - // SRV ... - SRV RecordType = "SRV" - // TXT ... - TXT RecordType = "TXT" -) - -// PossibleRecordTypeValues returns an array of possible values for the RecordType const type. -func PossibleRecordTypeValues() []RecordType { - return []RecordType{A, AAAA, CNAME, MX, PTR, SOA, SRV, TXT} -} - -// VirtualNetworkLinkState enumerates the values for virtual network link state. -type VirtualNetworkLinkState string - -const ( - // Completed ... - Completed VirtualNetworkLinkState = "Completed" - // InProgress ... - InProgress VirtualNetworkLinkState = "InProgress" -) - -// PossibleVirtualNetworkLinkStateValues returns an array of possible values for the VirtualNetworkLinkState const type. -func PossibleVirtualNetworkLinkStateValues() []VirtualNetworkLinkState { - return []VirtualNetworkLinkState{Completed, InProgress} -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/models.go deleted file mode 100644 index 23bc8491..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/models.go +++ /dev/null @@ -1,1352 +0,0 @@ -package privatedns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "encoding/json" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/to" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// The package's fully qualified name. -const fqdn = "github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns" - -// AaaaRecord an AAAA record. -type AaaaRecord struct { - // Ipv6Address - The IPv6 address of this AAAA record. - Ipv6Address *string `json:"ipv6Address,omitempty"` -} - -// ARecord an A record. -type ARecord struct { - // Ipv4Address - The IPv4 address of this A record. - Ipv4Address *string `json:"ipv4Address,omitempty"` -} - -// CloudError an error response from the service. -type CloudError struct { - // Error - Cloud error body. - Error *CloudErrorBody `json:"error,omitempty"` -} - -// CloudErrorBody an error response from the service. -type CloudErrorBody struct { - // Code - An identifier for the error. Codes are invariant and are intended to be consumed programmatically. - Code *string `json:"code,omitempty"` - // Message - A message describing the error, intended to be suitable for display in a user interface. - Message *string `json:"message,omitempty"` - // Target - The target of the particular error. For example, the name of the property in error. - Target *string `json:"target,omitempty"` - // Details - A list of additional details about the error. - Details *[]CloudErrorBody `json:"details,omitempty"` -} - -// CnameRecord a CNAME record. -type CnameRecord struct { - // Cname - The canonical name for this CNAME record. - Cname *string `json:"cname,omitempty"` -} - -// MxRecord an MX record. -type MxRecord struct { - // Preference - The preference value for this MX record. - Preference *int32 `json:"preference,omitempty"` - // Exchange - The domain name of the mail host for this MX record. - Exchange *string `json:"exchange,omitempty"` -} - -// PrivateZone describes a Private DNS zone. -type PrivateZone struct { - autorest.Response `json:"-"` - // Etag - The ETag of the zone. - Etag *string `json:"etag,omitempty"` - // PrivateZoneProperties - Properties of the Private DNS zone. - *PrivateZoneProperties `json:"properties,omitempty"` - // Tags - Resource tags. - Tags map[string]*string `json:"tags"` - // Location - The Azure Region where the resource lives - Location *string `json:"location,omitempty"` - // ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; The name of the resource - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'. - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for PrivateZone. -func (pz PrivateZone) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if pz.Etag != nil { - objectMap["etag"] = pz.Etag - } - if pz.PrivateZoneProperties != nil { - objectMap["properties"] = pz.PrivateZoneProperties - } - if pz.Tags != nil { - objectMap["tags"] = pz.Tags - } - if pz.Location != nil { - objectMap["location"] = pz.Location - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for PrivateZone struct. -func (pz *PrivateZone) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - pz.Etag = &etag - } - case "properties": - if v != nil { - var privateZoneProperties PrivateZoneProperties - err = json.Unmarshal(*v, &privateZoneProperties) - if err != nil { - return err - } - pz.PrivateZoneProperties = &privateZoneProperties - } - case "tags": - if v != nil { - var tags map[string]*string - err = json.Unmarshal(*v, &tags) - if err != nil { - return err - } - pz.Tags = tags - } - case "location": - if v != nil { - var location string - err = json.Unmarshal(*v, &location) - if err != nil { - return err - } - pz.Location = &location - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - pz.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - pz.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - pz.Type = &typeVar - } - } - } - - return nil -} - -// PrivateZoneListResult the response to a Private DNS zone list operation. -type PrivateZoneListResult struct { - autorest.Response `json:"-"` - // Value - Information about the Private DNS zones. - Value *[]PrivateZone `json:"value,omitempty"` - // NextLink - READ-ONLY; The continuation token for the next page of results. - NextLink *string `json:"nextLink,omitempty"` -} - -// MarshalJSON is the custom marshaler for PrivateZoneListResult. -func (pzlr PrivateZoneListResult) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if pzlr.Value != nil { - objectMap["value"] = pzlr.Value - } - return json.Marshal(objectMap) -} - -// PrivateZoneListResultIterator provides access to a complete listing of PrivateZone values. -type PrivateZoneListResultIterator struct { - i int - page PrivateZoneListResultPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *PrivateZoneListResultIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZoneListResultIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *PrivateZoneListResultIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter PrivateZoneListResultIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter PrivateZoneListResultIterator) Response() PrivateZoneListResult { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter PrivateZoneListResultIterator) Value() PrivateZone { - if !iter.page.NotDone() { - return PrivateZone{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the PrivateZoneListResultIterator type. -func NewPrivateZoneListResultIterator(page PrivateZoneListResultPage) PrivateZoneListResultIterator { - return PrivateZoneListResultIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (pzlr PrivateZoneListResult) IsEmpty() bool { - return pzlr.Value == nil || len(*pzlr.Value) == 0 -} - -// hasNextLink returns true if the NextLink is not empty. -func (pzlr PrivateZoneListResult) hasNextLink() bool { - return pzlr.NextLink != nil && len(*pzlr.NextLink) != 0 -} - -// privateZoneListResultPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (pzlr PrivateZoneListResult) privateZoneListResultPreparer(ctx context.Context) (*http.Request, error) { - if !pzlr.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(pzlr.NextLink))) -} - -// PrivateZoneListResultPage contains a page of PrivateZone values. -type PrivateZoneListResultPage struct { - fn func(context.Context, PrivateZoneListResult) (PrivateZoneListResult, error) - pzlr PrivateZoneListResult -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *PrivateZoneListResultPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZoneListResultPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.pzlr) - if err != nil { - return err - } - page.pzlr = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *PrivateZoneListResultPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page PrivateZoneListResultPage) NotDone() bool { - return !page.pzlr.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page PrivateZoneListResultPage) Response() PrivateZoneListResult { - return page.pzlr -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page PrivateZoneListResultPage) Values() []PrivateZone { - if page.pzlr.IsEmpty() { - return nil - } - return *page.pzlr.Value -} - -// Creates a new instance of the PrivateZoneListResultPage type. -func NewPrivateZoneListResultPage(cur PrivateZoneListResult, getNextPage func(context.Context, PrivateZoneListResult) (PrivateZoneListResult, error)) PrivateZoneListResultPage { - return PrivateZoneListResultPage{ - fn: getNextPage, - pzlr: cur, - } -} - -// PrivateZoneProperties represents the properties of the Private DNS zone. -type PrivateZoneProperties struct { - // MaxNumberOfRecordSets - READ-ONLY; The maximum number of record sets that can be created in this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored. - MaxNumberOfRecordSets *int64 `json:"maxNumberOfRecordSets,omitempty"` - // NumberOfRecordSets - READ-ONLY; The current number of record sets in this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored. - NumberOfRecordSets *int64 `json:"numberOfRecordSets,omitempty"` - // MaxNumberOfVirtualNetworkLinks - READ-ONLY; The maximum number of virtual networks that can be linked to this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored. - MaxNumberOfVirtualNetworkLinks *int64 `json:"maxNumberOfVirtualNetworkLinks,omitempty"` - // NumberOfVirtualNetworkLinks - READ-ONLY; The current number of virtual networks that are linked to this Private DNS zone. This is a read-only property and any attempt to set this value will be ignored. - NumberOfVirtualNetworkLinks *int64 `json:"numberOfVirtualNetworkLinks,omitempty"` - // MaxNumberOfVirtualNetworkLinksWithRegistration - READ-ONLY; The maximum number of virtual networks that can be linked to this Private DNS zone with registration enabled. This is a read-only property and any attempt to set this value will be ignored. - MaxNumberOfVirtualNetworkLinksWithRegistration *int64 `json:"maxNumberOfVirtualNetworkLinksWithRegistration,omitempty"` - // NumberOfVirtualNetworkLinksWithRegistration - READ-ONLY; The current number of virtual networks that are linked to this Private DNS zone with registration enabled. This is a read-only property and any attempt to set this value will be ignored. - NumberOfVirtualNetworkLinksWithRegistration *int64 `json:"numberOfVirtualNetworkLinksWithRegistration,omitempty"` - // ProvisioningState - READ-ONLY; The provisioning state of the resource. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'Creating', 'Updating', 'Deleting', 'Succeeded', 'Failed', 'Canceled' - ProvisioningState ProvisioningState `json:"provisioningState,omitempty"` - // InternalID - READ-ONLY; Private zone internal Id - InternalID *string `json:"internalId,omitempty"` -} - -// MarshalJSON is the custom marshaler for PrivateZoneProperties. -func (pzp PrivateZoneProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// PrivateZonesCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a -// long-running operation. -type PrivateZonesCreateOrUpdateFuture struct { - azure.FutureAPI - // Result returns the result of the asynchronous operation. - // If the operation has not completed it will return an error. - Result func(PrivateZonesClient) (PrivateZone, error) -} - -// UnmarshalJSON is the custom unmarshaller for CreateFuture. -func (future *PrivateZonesCreateOrUpdateFuture) UnmarshalJSON(body []byte) error { - var azFuture azure.Future - if err := json.Unmarshal(body, &azFuture); err != nil { - return err - } - future.FutureAPI = &azFuture - future.Result = future.result - return nil -} - -// result is the default implementation for PrivateZonesCreateOrUpdateFuture.Result. -func (future *PrivateZonesCreateOrUpdateFuture) result(client PrivateZonesClient) (pz PrivateZone, err error) { - var done bool - done, err = future.DoneWithContext(context.Background(), client) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesCreateOrUpdateFuture", "Result", future.Response(), "Polling failure") - return - } - if !done { - pz.Response.Response = future.Response() - err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesCreateOrUpdateFuture") - return - } - sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) - if pz.Response.Response, err = future.GetResult(sender); err == nil && pz.Response.Response.StatusCode != http.StatusNoContent { - pz, err = client.CreateOrUpdateResponder(pz.Response.Response) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesCreateOrUpdateFuture", "Result", pz.Response.Response, "Failure responding to request") - } - } - return -} - -// PrivateZonesDeleteFuture an abstraction for monitoring and retrieving the results of a long-running -// operation. -type PrivateZonesDeleteFuture struct { - azure.FutureAPI - // Result returns the result of the asynchronous operation. - // If the operation has not completed it will return an error. - Result func(PrivateZonesClient) (autorest.Response, error) -} - -// UnmarshalJSON is the custom unmarshaller for CreateFuture. -func (future *PrivateZonesDeleteFuture) UnmarshalJSON(body []byte) error { - var azFuture azure.Future - if err := json.Unmarshal(body, &azFuture); err != nil { - return err - } - future.FutureAPI = &azFuture - future.Result = future.result - return nil -} - -// result is the default implementation for PrivateZonesDeleteFuture.Result. -func (future *PrivateZonesDeleteFuture) result(client PrivateZonesClient) (ar autorest.Response, err error) { - var done bool - done, err = future.DoneWithContext(context.Background(), client) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesDeleteFuture", "Result", future.Response(), "Polling failure") - return - } - if !done { - ar.Response = future.Response() - err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesDeleteFuture") - return - } - ar.Response = future.Response() - return -} - -// PrivateZonesUpdateFuture an abstraction for monitoring and retrieving the results of a long-running -// operation. -type PrivateZonesUpdateFuture struct { - azure.FutureAPI - // Result returns the result of the asynchronous operation. - // If the operation has not completed it will return an error. - Result func(PrivateZonesClient) (PrivateZone, error) -} - -// UnmarshalJSON is the custom unmarshaller for CreateFuture. -func (future *PrivateZonesUpdateFuture) UnmarshalJSON(body []byte) error { - var azFuture azure.Future - if err := json.Unmarshal(body, &azFuture); err != nil { - return err - } - future.FutureAPI = &azFuture - future.Result = future.result - return nil -} - -// result is the default implementation for PrivateZonesUpdateFuture.Result. -func (future *PrivateZonesUpdateFuture) result(client PrivateZonesClient) (pz PrivateZone, err error) { - var done bool - done, err = future.DoneWithContext(context.Background(), client) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesUpdateFuture", "Result", future.Response(), "Polling failure") - return - } - if !done { - pz.Response.Response = future.Response() - err = azure.NewAsyncOpIncompleteError("privatedns.PrivateZonesUpdateFuture") - return - } - sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) - if pz.Response.Response, err = future.GetResult(sender); err == nil && pz.Response.Response.StatusCode != http.StatusNoContent { - pz, err = client.UpdateResponder(pz.Response.Response) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesUpdateFuture", "Result", pz.Response.Response, "Failure responding to request") - } - } - return -} - -// ProxyResource the resource model definition for an ARM proxy resource. -type ProxyResource struct { - // ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; The name of the resource - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'. - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for ProxyResource. -func (pr ProxyResource) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// PtrRecord a PTR record. -type PtrRecord struct { - // Ptrdname - The PTR target domain name for this PTR record. - Ptrdname *string `json:"ptrdname,omitempty"` -} - -// RecordSet describes a DNS record set (a collection of DNS records with the same name and type) in a -// Private DNS zone. -type RecordSet struct { - autorest.Response `json:"-"` - // Etag - The ETag of the record set. - Etag *string `json:"etag,omitempty"` - // RecordSetProperties - The properties of the record set. - *RecordSetProperties `json:"properties,omitempty"` - // ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; The name of the resource - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'. - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for RecordSet. -func (rs RecordSet) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rs.Etag != nil { - objectMap["etag"] = rs.Etag - } - if rs.RecordSetProperties != nil { - objectMap["properties"] = rs.RecordSetProperties - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for RecordSet struct. -func (rs *RecordSet) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - rs.Etag = &etag - } - case "properties": - if v != nil { - var recordSetProperties RecordSetProperties - err = json.Unmarshal(*v, &recordSetProperties) - if err != nil { - return err - } - rs.RecordSetProperties = &recordSetProperties - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - rs.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - rs.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - rs.Type = &typeVar - } - } - } - - return nil -} - -// RecordSetListResult the response to a record set list operation. -type RecordSetListResult struct { - autorest.Response `json:"-"` - // Value - Information about the record sets in the response. - Value *[]RecordSet `json:"value,omitempty"` - // NextLink - READ-ONLY; The continuation token for the next page of results. - NextLink *string `json:"nextLink,omitempty"` -} - -// MarshalJSON is the custom marshaler for RecordSetListResult. -func (rslr RecordSetListResult) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rslr.Value != nil { - objectMap["value"] = rslr.Value - } - return json.Marshal(objectMap) -} - -// RecordSetListResultIterator provides access to a complete listing of RecordSet values. -type RecordSetListResultIterator struct { - i int - page RecordSetListResultPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *RecordSetListResultIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetListResultIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *RecordSetListResultIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter RecordSetListResultIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter RecordSetListResultIterator) Response() RecordSetListResult { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter RecordSetListResultIterator) Value() RecordSet { - if !iter.page.NotDone() { - return RecordSet{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the RecordSetListResultIterator type. -func NewRecordSetListResultIterator(page RecordSetListResultPage) RecordSetListResultIterator { - return RecordSetListResultIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (rslr RecordSetListResult) IsEmpty() bool { - return rslr.Value == nil || len(*rslr.Value) == 0 -} - -// hasNextLink returns true if the NextLink is not empty. -func (rslr RecordSetListResult) hasNextLink() bool { - return rslr.NextLink != nil && len(*rslr.NextLink) != 0 -} - -// recordSetListResultPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (rslr RecordSetListResult) recordSetListResultPreparer(ctx context.Context) (*http.Request, error) { - if !rslr.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(rslr.NextLink))) -} - -// RecordSetListResultPage contains a page of RecordSet values. -type RecordSetListResultPage struct { - fn func(context.Context, RecordSetListResult) (RecordSetListResult, error) - rslr RecordSetListResult -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *RecordSetListResultPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetListResultPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.rslr) - if err != nil { - return err - } - page.rslr = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *RecordSetListResultPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page RecordSetListResultPage) NotDone() bool { - return !page.rslr.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page RecordSetListResultPage) Response() RecordSetListResult { - return page.rslr -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page RecordSetListResultPage) Values() []RecordSet { - if page.rslr.IsEmpty() { - return nil - } - return *page.rslr.Value -} - -// Creates a new instance of the RecordSetListResultPage type. -func NewRecordSetListResultPage(cur RecordSetListResult, getNextPage func(context.Context, RecordSetListResult) (RecordSetListResult, error)) RecordSetListResultPage { - return RecordSetListResultPage{ - fn: getNextPage, - rslr: cur, - } -} - -// RecordSetProperties represents the properties of the records in the record set. -type RecordSetProperties struct { - // Metadata - The metadata attached to the record set. - Metadata map[string]*string `json:"metadata"` - // TTL - The TTL (time-to-live) of the records in the record set. - TTL *int64 `json:"ttl,omitempty"` - // Fqdn - READ-ONLY; Fully qualified domain name of the record set. - Fqdn *string `json:"fqdn,omitempty"` - // IsAutoRegistered - READ-ONLY; Is the record set auto-registered in the Private DNS zone through a virtual network link? - IsAutoRegistered *bool `json:"isAutoRegistered,omitempty"` - // ARecords - The list of A records in the record set. - ARecords *[]ARecord `json:"aRecords,omitempty"` - // AaaaRecords - The list of AAAA records in the record set. - AaaaRecords *[]AaaaRecord `json:"aaaaRecords,omitempty"` - // CnameRecord - The CNAME record in the record set. - CnameRecord *CnameRecord `json:"cnameRecord,omitempty"` - // MxRecords - The list of MX records in the record set. - MxRecords *[]MxRecord `json:"mxRecords,omitempty"` - // PtrRecords - The list of PTR records in the record set. - PtrRecords *[]PtrRecord `json:"ptrRecords,omitempty"` - // SoaRecord - The SOA record in the record set. - SoaRecord *SoaRecord `json:"soaRecord,omitempty"` - // SrvRecords - The list of SRV records in the record set. - SrvRecords *[]SrvRecord `json:"srvRecords,omitempty"` - // TxtRecords - The list of TXT records in the record set. - TxtRecords *[]TxtRecord `json:"txtRecords,omitempty"` -} - -// MarshalJSON is the custom marshaler for RecordSetProperties. -func (rsp RecordSetProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if rsp.Metadata != nil { - objectMap["metadata"] = rsp.Metadata - } - if rsp.TTL != nil { - objectMap["ttl"] = rsp.TTL - } - if rsp.ARecords != nil { - objectMap["aRecords"] = rsp.ARecords - } - if rsp.AaaaRecords != nil { - objectMap["aaaaRecords"] = rsp.AaaaRecords - } - if rsp.CnameRecord != nil { - objectMap["cnameRecord"] = rsp.CnameRecord - } - if rsp.MxRecords != nil { - objectMap["mxRecords"] = rsp.MxRecords - } - if rsp.PtrRecords != nil { - objectMap["ptrRecords"] = rsp.PtrRecords - } - if rsp.SoaRecord != nil { - objectMap["soaRecord"] = rsp.SoaRecord - } - if rsp.SrvRecords != nil { - objectMap["srvRecords"] = rsp.SrvRecords - } - if rsp.TxtRecords != nil { - objectMap["txtRecords"] = rsp.TxtRecords - } - return json.Marshal(objectMap) -} - -// Resource the core properties of ARM resources -type Resource struct { - // ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; The name of the resource - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'. - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for Resource. -func (r Resource) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) -} - -// SoaRecord an SOA record. -type SoaRecord struct { - // Host - The domain name of the authoritative name server for this SOA record. - Host *string `json:"host,omitempty"` - // Email - The email contact for this SOA record. - Email *string `json:"email,omitempty"` - // SerialNumber - The serial number for this SOA record. - SerialNumber *int64 `json:"serialNumber,omitempty"` - // RefreshTime - The refresh value for this SOA record. - RefreshTime *int64 `json:"refreshTime,omitempty"` - // RetryTime - The retry time for this SOA record. - RetryTime *int64 `json:"retryTime,omitempty"` - // ExpireTime - The expire time for this SOA record. - ExpireTime *int64 `json:"expireTime,omitempty"` - // MinimumTTL - The minimum value for this SOA record. By convention this is used to determine the negative caching duration. - MinimumTTL *int64 `json:"minimumTtl,omitempty"` -} - -// SrvRecord an SRV record. -type SrvRecord struct { - // Priority - The priority value for this SRV record. - Priority *int32 `json:"priority,omitempty"` - // Weight - The weight value for this SRV record. - Weight *int32 `json:"weight,omitempty"` - // Port - The port value for this SRV record. - Port *int32 `json:"port,omitempty"` - // Target - The target domain name for this SRV record. - Target *string `json:"target,omitempty"` -} - -// SubResource reference to another subresource. -type SubResource struct { - // ID - Resource ID. - ID *string `json:"id,omitempty"` -} - -// TrackedResource the resource model definition for a ARM tracked top level resource -type TrackedResource struct { - // Tags - Resource tags. - Tags map[string]*string `json:"tags"` - // Location - The Azure Region where the resource lives - Location *string `json:"location,omitempty"` - // ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; The name of the resource - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'. - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for TrackedResource. -func (tr TrackedResource) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if tr.Tags != nil { - objectMap["tags"] = tr.Tags - } - if tr.Location != nil { - objectMap["location"] = tr.Location - } - return json.Marshal(objectMap) -} - -// TxtRecord a TXT record. -type TxtRecord struct { - // Value - The text value of this TXT record. - Value *[]string `json:"value,omitempty"` -} - -// VirtualNetworkLink describes a link to virtual network for a Private DNS zone. -type VirtualNetworkLink struct { - autorest.Response `json:"-"` - // Etag - The ETag of the virtual network link. - Etag *string `json:"etag,omitempty"` - // VirtualNetworkLinkProperties - Properties of the virtual network link to the Private DNS zone. - *VirtualNetworkLinkProperties `json:"properties,omitempty"` - // Tags - Resource tags. - Tags map[string]*string `json:"tags"` - // Location - The Azure Region where the resource lives - Location *string `json:"location,omitempty"` - // ID - READ-ONLY; Fully qualified resource Id for the resource. Example - '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateDnsZoneName}'. - ID *string `json:"id,omitempty"` - // Name - READ-ONLY; The name of the resource - Name *string `json:"name,omitempty"` - // Type - READ-ONLY; The type of the resource. Example - 'Microsoft.Network/privateDnsZones'. - Type *string `json:"type,omitempty"` -} - -// MarshalJSON is the custom marshaler for VirtualNetworkLink. -func (vnl VirtualNetworkLink) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if vnl.Etag != nil { - objectMap["etag"] = vnl.Etag - } - if vnl.VirtualNetworkLinkProperties != nil { - objectMap["properties"] = vnl.VirtualNetworkLinkProperties - } - if vnl.Tags != nil { - objectMap["tags"] = vnl.Tags - } - if vnl.Location != nil { - objectMap["location"] = vnl.Location - } - return json.Marshal(objectMap) -} - -// UnmarshalJSON is the custom unmarshaler for VirtualNetworkLink struct. -func (vnl *VirtualNetworkLink) UnmarshalJSON(body []byte) error { - var m map[string]*json.RawMessage - err := json.Unmarshal(body, &m) - if err != nil { - return err - } - for k, v := range m { - switch k { - case "etag": - if v != nil { - var etag string - err = json.Unmarshal(*v, &etag) - if err != nil { - return err - } - vnl.Etag = &etag - } - case "properties": - if v != nil { - var virtualNetworkLinkProperties VirtualNetworkLinkProperties - err = json.Unmarshal(*v, &virtualNetworkLinkProperties) - if err != nil { - return err - } - vnl.VirtualNetworkLinkProperties = &virtualNetworkLinkProperties - } - case "tags": - if v != nil { - var tags map[string]*string - err = json.Unmarshal(*v, &tags) - if err != nil { - return err - } - vnl.Tags = tags - } - case "location": - if v != nil { - var location string - err = json.Unmarshal(*v, &location) - if err != nil { - return err - } - vnl.Location = &location - } - case "id": - if v != nil { - var ID string - err = json.Unmarshal(*v, &ID) - if err != nil { - return err - } - vnl.ID = &ID - } - case "name": - if v != nil { - var name string - err = json.Unmarshal(*v, &name) - if err != nil { - return err - } - vnl.Name = &name - } - case "type": - if v != nil { - var typeVar string - err = json.Unmarshal(*v, &typeVar) - if err != nil { - return err - } - vnl.Type = &typeVar - } - } - } - - return nil -} - -// VirtualNetworkLinkListResult the response to a list virtual network link to Private DNS zone operation. -type VirtualNetworkLinkListResult struct { - autorest.Response `json:"-"` - // Value - Information about the virtual network links to the Private DNS zones. - Value *[]VirtualNetworkLink `json:"value,omitempty"` - // NextLink - READ-ONLY; The continuation token for the next page of results. - NextLink *string `json:"nextLink,omitempty"` -} - -// MarshalJSON is the custom marshaler for VirtualNetworkLinkListResult. -func (vnllr VirtualNetworkLinkListResult) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if vnllr.Value != nil { - objectMap["value"] = vnllr.Value - } - return json.Marshal(objectMap) -} - -// VirtualNetworkLinkListResultIterator provides access to a complete listing of VirtualNetworkLink values. -type VirtualNetworkLinkListResultIterator struct { - i int - page VirtualNetworkLinkListResultPage -} - -// NextWithContext advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -func (iter *VirtualNetworkLinkListResultIterator) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinkListResultIterator.NextWithContext") - defer func() { - sc := -1 - if iter.Response().Response.Response != nil { - sc = iter.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - iter.i++ - if iter.i < len(iter.page.Values()) { - return nil - } - err = iter.page.NextWithContext(ctx) - if err != nil { - iter.i-- - return err - } - iter.i = 0 - return nil -} - -// Next advances to the next value. If there was an error making -// the request the iterator does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (iter *VirtualNetworkLinkListResultIterator) Next() error { - return iter.NextWithContext(context.Background()) -} - -// NotDone returns true if the enumeration should be started or is not yet complete. -func (iter VirtualNetworkLinkListResultIterator) NotDone() bool { - return iter.page.NotDone() && iter.i < len(iter.page.Values()) -} - -// Response returns the raw server response from the last page request. -func (iter VirtualNetworkLinkListResultIterator) Response() VirtualNetworkLinkListResult { - return iter.page.Response() -} - -// Value returns the current value or a zero-initialized value if the -// iterator has advanced beyond the end of the collection. -func (iter VirtualNetworkLinkListResultIterator) Value() VirtualNetworkLink { - if !iter.page.NotDone() { - return VirtualNetworkLink{} - } - return iter.page.Values()[iter.i] -} - -// Creates a new instance of the VirtualNetworkLinkListResultIterator type. -func NewVirtualNetworkLinkListResultIterator(page VirtualNetworkLinkListResultPage) VirtualNetworkLinkListResultIterator { - return VirtualNetworkLinkListResultIterator{page: page} -} - -// IsEmpty returns true if the ListResult contains no values. -func (vnllr VirtualNetworkLinkListResult) IsEmpty() bool { - return vnllr.Value == nil || len(*vnllr.Value) == 0 -} - -// hasNextLink returns true if the NextLink is not empty. -func (vnllr VirtualNetworkLinkListResult) hasNextLink() bool { - return vnllr.NextLink != nil && len(*vnllr.NextLink) != 0 -} - -// virtualNetworkLinkListResultPreparer prepares a request to retrieve the next set of results. -// It returns nil if no more results exist. -func (vnllr VirtualNetworkLinkListResult) virtualNetworkLinkListResultPreparer(ctx context.Context) (*http.Request, error) { - if !vnllr.hasNextLink() { - return nil, nil - } - return autorest.Prepare((&http.Request{}).WithContext(ctx), - autorest.AsJSON(), - autorest.AsGet(), - autorest.WithBaseURL(to.String(vnllr.NextLink))) -} - -// VirtualNetworkLinkListResultPage contains a page of VirtualNetworkLink values. -type VirtualNetworkLinkListResultPage struct { - fn func(context.Context, VirtualNetworkLinkListResult) (VirtualNetworkLinkListResult, error) - vnllr VirtualNetworkLinkListResult -} - -// NextWithContext advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -func (page *VirtualNetworkLinkListResultPage) NextWithContext(ctx context.Context) (err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinkListResultPage.NextWithContext") - defer func() { - sc := -1 - if page.Response().Response.Response != nil { - sc = page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - for { - next, err := page.fn(ctx, page.vnllr) - if err != nil { - return err - } - page.vnllr = next - if !next.hasNextLink() || !next.IsEmpty() { - break - } - } - return nil -} - -// Next advances to the next page of values. If there was an error making -// the request the page does not advance and the error is returned. -// Deprecated: Use NextWithContext() instead. -func (page *VirtualNetworkLinkListResultPage) Next() error { - return page.NextWithContext(context.Background()) -} - -// NotDone returns true if the page enumeration should be started or is not yet complete. -func (page VirtualNetworkLinkListResultPage) NotDone() bool { - return !page.vnllr.IsEmpty() -} - -// Response returns the raw server response from the last page request. -func (page VirtualNetworkLinkListResultPage) Response() VirtualNetworkLinkListResult { - return page.vnllr -} - -// Values returns the slice of values for the current page or nil if there are no values. -func (page VirtualNetworkLinkListResultPage) Values() []VirtualNetworkLink { - if page.vnllr.IsEmpty() { - return nil - } - return *page.vnllr.Value -} - -// Creates a new instance of the VirtualNetworkLinkListResultPage type. -func NewVirtualNetworkLinkListResultPage(cur VirtualNetworkLinkListResult, getNextPage func(context.Context, VirtualNetworkLinkListResult) (VirtualNetworkLinkListResult, error)) VirtualNetworkLinkListResultPage { - return VirtualNetworkLinkListResultPage{ - fn: getNextPage, - vnllr: cur, - } -} - -// VirtualNetworkLinkProperties represents the properties of the Private DNS zone. -type VirtualNetworkLinkProperties struct { - // VirtualNetwork - The reference of the virtual network. - VirtualNetwork *SubResource `json:"virtualNetwork,omitempty"` - // RegistrationEnabled - Is auto-registration of virtual machine records in the virtual network in the Private DNS zone enabled? - RegistrationEnabled *bool `json:"registrationEnabled,omitempty"` - // VirtualNetworkLinkState - READ-ONLY; The status of the virtual network link to the Private DNS zone. Possible values are 'InProgress' and 'Done'. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'InProgress', 'Completed' - VirtualNetworkLinkState VirtualNetworkLinkState `json:"virtualNetworkLinkState,omitempty"` - // ProvisioningState - READ-ONLY; The provisioning state of the resource. This is a read-only property and any attempt to set this value will be ignored. Possible values include: 'Creating', 'Updating', 'Deleting', 'Succeeded', 'Failed', 'Canceled' - ProvisioningState ProvisioningState `json:"provisioningState,omitempty"` -} - -// MarshalJSON is the custom marshaler for VirtualNetworkLinkProperties. -func (vnlp VirtualNetworkLinkProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - if vnlp.VirtualNetwork != nil { - objectMap["virtualNetwork"] = vnlp.VirtualNetwork - } - if vnlp.RegistrationEnabled != nil { - objectMap["registrationEnabled"] = vnlp.RegistrationEnabled - } - return json.Marshal(objectMap) -} - -// VirtualNetworkLinksCreateOrUpdateFuture an abstraction for monitoring and retrieving the results of a -// long-running operation. -type VirtualNetworkLinksCreateOrUpdateFuture struct { - azure.FutureAPI - // Result returns the result of the asynchronous operation. - // If the operation has not completed it will return an error. - Result func(VirtualNetworkLinksClient) (VirtualNetworkLink, error) -} - -// UnmarshalJSON is the custom unmarshaller for CreateFuture. -func (future *VirtualNetworkLinksCreateOrUpdateFuture) UnmarshalJSON(body []byte) error { - var azFuture azure.Future - if err := json.Unmarshal(body, &azFuture); err != nil { - return err - } - future.FutureAPI = &azFuture - future.Result = future.result - return nil -} - -// result is the default implementation for VirtualNetworkLinksCreateOrUpdateFuture.Result. -func (future *VirtualNetworkLinksCreateOrUpdateFuture) result(client VirtualNetworkLinksClient) (vnl VirtualNetworkLink, err error) { - var done bool - done, err = future.DoneWithContext(context.Background(), client) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksCreateOrUpdateFuture", "Result", future.Response(), "Polling failure") - return - } - if !done { - vnl.Response.Response = future.Response() - err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksCreateOrUpdateFuture") - return - } - sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) - if vnl.Response.Response, err = future.GetResult(sender); err == nil && vnl.Response.Response.StatusCode != http.StatusNoContent { - vnl, err = client.CreateOrUpdateResponder(vnl.Response.Response) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksCreateOrUpdateFuture", "Result", vnl.Response.Response, "Failure responding to request") - } - } - return -} - -// VirtualNetworkLinksDeleteFuture an abstraction for monitoring and retrieving the results of a -// long-running operation. -type VirtualNetworkLinksDeleteFuture struct { - azure.FutureAPI - // Result returns the result of the asynchronous operation. - // If the operation has not completed it will return an error. - Result func(VirtualNetworkLinksClient) (autorest.Response, error) -} - -// UnmarshalJSON is the custom unmarshaller for CreateFuture. -func (future *VirtualNetworkLinksDeleteFuture) UnmarshalJSON(body []byte) error { - var azFuture azure.Future - if err := json.Unmarshal(body, &azFuture); err != nil { - return err - } - future.FutureAPI = &azFuture - future.Result = future.result - return nil -} - -// result is the default implementation for VirtualNetworkLinksDeleteFuture.Result. -func (future *VirtualNetworkLinksDeleteFuture) result(client VirtualNetworkLinksClient) (ar autorest.Response, err error) { - var done bool - done, err = future.DoneWithContext(context.Background(), client) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksDeleteFuture", "Result", future.Response(), "Polling failure") - return - } - if !done { - ar.Response = future.Response() - err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksDeleteFuture") - return - } - ar.Response = future.Response() - return -} - -// VirtualNetworkLinksUpdateFuture an abstraction for monitoring and retrieving the results of a -// long-running operation. -type VirtualNetworkLinksUpdateFuture struct { - azure.FutureAPI - // Result returns the result of the asynchronous operation. - // If the operation has not completed it will return an error. - Result func(VirtualNetworkLinksClient) (VirtualNetworkLink, error) -} - -// UnmarshalJSON is the custom unmarshaller for CreateFuture. -func (future *VirtualNetworkLinksUpdateFuture) UnmarshalJSON(body []byte) error { - var azFuture azure.Future - if err := json.Unmarshal(body, &azFuture); err != nil { - return err - } - future.FutureAPI = &azFuture - future.Result = future.result - return nil -} - -// result is the default implementation for VirtualNetworkLinksUpdateFuture.Result. -func (future *VirtualNetworkLinksUpdateFuture) result(client VirtualNetworkLinksClient) (vnl VirtualNetworkLink, err error) { - var done bool - done, err = future.DoneWithContext(context.Background(), client) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksUpdateFuture", "Result", future.Response(), "Polling failure") - return - } - if !done { - vnl.Response.Response = future.Response() - err = azure.NewAsyncOpIncompleteError("privatedns.VirtualNetworkLinksUpdateFuture") - return - } - sender := autorest.DecorateSender(client, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) - if vnl.Response.Response, err = future.GetResult(sender); err == nil && vnl.Response.Response.StatusCode != http.StatusNoContent { - vnl, err = client.UpdateResponder(vnl.Response.Response) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksUpdateFuture", "Result", vnl.Response.Response, "Failure responding to request") - } - } - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/privatezones.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/privatezones.go deleted file mode 100644 index 86960335..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/privatezones.go +++ /dev/null @@ -1,614 +0,0 @@ -package privatedns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// PrivateZonesClient is the the Private DNS Management Client. -type PrivateZonesClient struct { - BaseClient -} - -// NewPrivateZonesClient creates an instance of the PrivateZonesClient client. -func NewPrivateZonesClient(subscriptionID string) PrivateZonesClient { - return NewPrivateZonesClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewPrivateZonesClientWithBaseURI creates an instance of the PrivateZonesClient client using a custom endpoint. Use -// this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewPrivateZonesClientWithBaseURI(baseURI string, subscriptionID string) PrivateZonesClient { - return PrivateZonesClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdate creates or updates a Private DNS zone. Does not modify Links to virtual networks or DNS records -// within the zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// parameters - parameters supplied to the CreateOrUpdate operation. -// ifMatch - the ETag of the Private DNS zone. Omit this value to always overwrite the current zone. Specify -// the last-seen ETag value to prevent accidentally overwriting any concurrent changes. -// ifNoneMatch - set to '*' to allow a new Private DNS zone to be created, but to prevent updating an existing -// zone. Other values will be ignored. -func (client PrivateZonesClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string, ifNoneMatch string) (result PrivateZonesCreateOrUpdateFuture, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.CreateOrUpdate") - defer func() { - sc := -1 - if result.FutureAPI != nil && result.FutureAPI.Response() != nil { - sc = result.FutureAPI.Response().StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, parameters, ifMatch, ifNoneMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "CreateOrUpdate", nil, "Failure preparing request") - return - } - - result, err = client.CreateOrUpdateSender(req) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "CreateOrUpdate", result.Response(), "Failure sending request") - return - } - - return -} - -// CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client PrivateZonesClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string, ifNoneMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - if len(ifNoneMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the -// http.Response Body if it receives an error. -func (client PrivateZonesClient) CreateOrUpdateSender(req *http.Request) (future PrivateZonesCreateOrUpdateFuture, err error) { - var resp *http.Response - future.FutureAPI = &azure.Future{} - resp, err = client.Send(req, azure.DoRetryWithRegistration(client.Client)) - if err != nil { - return - } - var azf azure.Future - azf, err = azure.NewFutureFromResponse(resp) - future.FutureAPI = &azf - future.Result = future.result - return -} - -// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always -// closes the http.Response Body. -func (client PrivateZonesClient) CreateOrUpdateResponder(resp *http.Response) (result PrivateZone, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated, http.StatusAccepted), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Delete deletes a Private DNS zone. WARNING: All DNS records in the zone will also be deleted. This operation cannot -// be undone. Private DNS zone cannot be deleted unless all virtual network links to it are removed. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// ifMatch - the ETag of the Private DNS zone. Omit this value to always delete the current zone. Specify the -// last-seen ETag value to prevent accidentally deleting any concurrent changes. -func (client PrivateZonesClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, ifMatch string) (result PrivateZonesDeleteFuture, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Delete") - defer func() { - sc := -1 - if result.FutureAPI != nil && result.FutureAPI.Response() != nil { - sc = result.FutureAPI.Response().StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Delete", nil, "Failure preparing request") - return - } - - result, err = client.DeleteSender(req) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Delete", result.Response(), "Failure sending request") - return - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client PrivateZonesClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client PrivateZonesClient) DeleteSender(req *http.Request) (future PrivateZonesDeleteFuture, err error) { - var resp *http.Response - future.FutureAPI = &azure.Future{} - resp, err = client.Send(req, azure.DoRetryWithRegistration(client.Client)) - if err != nil { - return - } - var azf azure.Future - azf, err = azure.NewFutureFromResponse(resp) - future.FutureAPI = &azf - future.Result = future.result - return -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client PrivateZonesClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets a Private DNS zone. Retrieves the zone properties, but not the virtual networks links or the record sets -// within the zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -func (client PrivateZonesClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string) (result PrivateZone, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Get", resp, "Failure responding to request") - return - } - - return -} - -// GetPreparer prepares the Get request. -func (client PrivateZonesClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client PrivateZonesClient) GetSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client PrivateZonesClient) GetResponder(resp *http.Response) (result PrivateZone, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List lists the Private DNS zones in all resource groups in a subscription. -// Parameters: -// top - the maximum number of Private DNS zones to return. If not specified, returns up to 100 zones. -func (client PrivateZonesClient) List(ctx context.Context, top *int32) (result PrivateZoneListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.List") - defer func() { - sc := -1 - if result.pzlr.Response.Response != nil { - sc = result.pzlr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, top) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.pzlr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", resp, "Failure sending request") - return - } - - result.pzlr, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "List", resp, "Failure responding to request") - return - } - if result.pzlr.hasNextLink() && result.pzlr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListPreparer prepares the List request. -func (client PrivateZonesClient) ListPreparer(ctx context.Context, top *int32) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Network/privateDnsZones", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client PrivateZonesClient) ListSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client PrivateZonesClient) ListResponder(resp *http.Response) (result PrivateZoneListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client PrivateZonesClient) listNextResults(ctx context.Context, lastResults PrivateZoneListResult) (result PrivateZoneListResult, err error) { - req, err := lastResults.privateZoneListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client PrivateZonesClient) ListComplete(ctx context.Context, top *int32) (result PrivateZoneListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, top) - return -} - -// ListByResourceGroup lists the Private DNS zones within a resource group. -// Parameters: -// resourceGroupName - the name of the resource group. -// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets. -func (client PrivateZonesClient) ListByResourceGroup(ctx context.Context, resourceGroupName string, top *int32) (result PrivateZoneListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.ListByResourceGroup") - defer func() { - sc := -1 - if result.pzlr.Response.Response != nil { - sc = result.pzlr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listByResourceGroupNextResults - req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName, top) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", nil, "Failure preparing request") - return - } - - resp, err := client.ListByResourceGroupSender(req) - if err != nil { - result.pzlr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", resp, "Failure sending request") - return - } - - result.pzlr, err = client.ListByResourceGroupResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "ListByResourceGroup", resp, "Failure responding to request") - return - } - if result.pzlr.hasNextLink() && result.pzlr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListByResourceGroupPreparer prepares the ListByResourceGroup request. -func (client PrivateZonesClient) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string, top *int32) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the -// http.Response Body if it receives an error. -func (client PrivateZonesClient) ListByResourceGroupSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always -// closes the http.Response Body. -func (client PrivateZonesClient) ListByResourceGroupResponder(resp *http.Response) (result PrivateZoneListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listByResourceGroupNextResults retrieves the next set of results, if any. -func (client PrivateZonesClient) listByResourceGroupNextResults(ctx context.Context, lastResults PrivateZoneListResult) (result PrivateZoneListResult, err error) { - req, err := lastResults.privateZoneListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListByResourceGroupSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", resp, "Failure sending next results request") - } - result, err = client.ListByResourceGroupResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "listByResourceGroupNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required. -func (client PrivateZonesClient) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string, top *int32) (result PrivateZoneListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.ListByResourceGroup") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListByResourceGroup(ctx, resourceGroupName, top) - return -} - -// Update updates a Private DNS zone. Does not modify virtual network links or DNS records within the zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// parameters - parameters supplied to the Update operation. -// ifMatch - the ETag of the Private DNS zone. Omit this value to always overwrite the current zone. Specify -// the last-seen ETag value to prevent accidentally overwriting any concurrent changes. -func (client PrivateZonesClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string) (result PrivateZonesUpdateFuture, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/PrivateZonesClient.Update") - defer func() { - sc := -1 - if result.FutureAPI != nil && result.FutureAPI.Response() != nil { - sc = result.FutureAPI.Response().StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, parameters, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Update", nil, "Failure preparing request") - return - } - - result, err = client.UpdateSender(req) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.PrivateZonesClient", "Update", result.Response(), "Failure sending request") - return - } - - return -} - -// UpdatePreparer prepares the Update request. -func (client PrivateZonesClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, parameters PrivateZone, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPatch(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// UpdateSender sends the Update request. The method will close the -// http.Response Body if it receives an error. -func (client PrivateZonesClient) UpdateSender(req *http.Request) (future PrivateZonesUpdateFuture, err error) { - var resp *http.Response - future.FutureAPI = &azure.Future{} - resp, err = client.Send(req, azure.DoRetryWithRegistration(client.Client)) - if err != nil { - return - } - var azf azure.Future - azf, err = azure.NewFutureFromResponse(resp) - future.FutureAPI = &azf - future.Result = future.result - return -} - -// UpdateResponder handles the response to the Update request. The method always -// closes the http.Response Body. -func (client PrivateZonesClient) UpdateResponder(resp *http.Response) (result PrivateZone, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/recordsets.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/recordsets.go deleted file mode 100644 index e1f39bb0..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/recordsets.go +++ /dev/null @@ -1,640 +0,0 @@ -package privatedns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// RecordSetsClient is the the Private DNS Management Client. -type RecordSetsClient struct { - BaseClient -} - -// NewRecordSetsClient creates an instance of the RecordSetsClient client. -func NewRecordSetsClient(subscriptionID string) RecordSetsClient { - return NewRecordSetsClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewRecordSetsClientWithBaseURI creates an instance of the RecordSetsClient client using a custom endpoint. Use this -// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). -func NewRecordSetsClientWithBaseURI(baseURI string, subscriptionID string) RecordSetsClient { - return RecordSetsClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdate creates or updates a record set within a Private DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// recordType - the type of DNS record in this record set. Record sets of type SOA can be updated but not -// created (they are created when the Private DNS zone is created). -// relativeRecordSetName - the name of the record set, relative to the name of the zone. -// parameters - parameters supplied to the CreateOrUpdate operation. -// ifMatch - the ETag of the record set. Omit this value to always overwrite the current record set. Specify -// the last-seen ETag value to prevent accidentally overwriting any concurrent changes. -// ifNoneMatch - set to '*' to allow a new record set to be created, but to prevent updating an existing record -// set. Other values will be ignored. -func (client RecordSetsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string, ifNoneMatch string) (result RecordSet, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.CreateOrUpdate") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, parameters, ifMatch, ifNoneMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", nil, "Failure preparing request") - return - } - - resp, err := client.CreateOrUpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", resp, "Failure sending request") - return - } - - result, err = client.CreateOrUpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "CreateOrUpdate", resp, "Failure responding to request") - return - } - - return -} - -// CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client RecordSetsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string, ifNoneMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "recordType": autorest.Encode("path", recordType), - "relativeRecordSetName": relativeRecordSetName, - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - if len(ifNoneMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) CreateOrUpdateResponder(resp *http.Response) (result RecordSet, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Delete deletes a record set from a Private DNS zone. This operation cannot be undone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// recordType - the type of DNS record in this record set. Record sets of type SOA cannot be deleted (they are -// deleted when the Private DNS zone is deleted). -// relativeRecordSetName - the name of the record set, relative to the name of the zone. -// ifMatch - the ETag of the record set. Omit this value to always delete the current record set. Specify the -// last-seen ETag value to prevent accidentally deleting any concurrent changes. -func (client RecordSetsClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, ifMatch string) (result autorest.Response, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Delete") - defer func() { - sc := -1 - if result.Response != nil { - sc = result.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", nil, "Failure preparing request") - return - } - - resp, err := client.DeleteSender(req) - if err != nil { - result.Response = resp - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", resp, "Failure sending request") - return - } - - result, err = client.DeleteResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Delete", resp, "Failure responding to request") - return - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client RecordSetsClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "recordType": autorest.Encode("path", recordType), - "relativeRecordSetName": relativeRecordSetName, - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) DeleteSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets a record set. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// recordType - the type of DNS record in this record set. -// relativeRecordSetName - the name of the record set, relative to the name of the zone. -func (client RecordSetsClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string) (result RecordSet, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Get", resp, "Failure responding to request") - return - } - - return -} - -// GetPreparer prepares the Get request. -func (client RecordSetsClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "recordType": autorest.Encode("path", recordType), - "relativeRecordSetName": relativeRecordSetName, - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) GetSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) GetResponder(resp *http.Response) (result RecordSet, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List lists all record sets in a Private DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets. -// recordsetnamesuffix - the suffix label of the record set name to be used to filter the record set -// enumeration. If this parameter is specified, the returned enumeration will only contain records that end -// with ".". -func (client RecordSetsClient) List(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (result RecordSetListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.List") - defer func() { - sc := -1 - if result.rslr.Response.Response != nil { - sc = result.rslr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, privateZoneName, top, recordsetnamesuffix) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.rslr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", resp, "Failure sending request") - return - } - - result.rslr, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "List", resp, "Failure responding to request") - return - } - if result.rslr.hasNextLink() && result.rslr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListPreparer prepares the List request. -func (client RecordSetsClient) ListPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(recordsetnamesuffix) > 0 { - queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordsetnamesuffix) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/ALL", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) ListSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) ListResponder(resp *http.Response) (result RecordSetListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client RecordSetsClient) listNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) { - req, err := lastResults.recordSetListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client RecordSetsClient) ListComplete(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32, recordsetnamesuffix string) (result RecordSetListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, privateZoneName, top, recordsetnamesuffix) - return -} - -// ListByType lists the record sets of a specified type in a Private DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// recordType - the type of record sets to enumerate. -// top - the maximum number of record sets to return. If not specified, returns up to 100 record sets. -// recordsetnamesuffix - the suffix label of the record set name to be used to filter the record set -// enumeration. If this parameter is specified, the returned enumeration will only contain records that end -// with ".". -func (client RecordSetsClient) ListByType(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (result RecordSetListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByType") - defer func() { - sc := -1 - if result.rslr.Response.Response != nil { - sc = result.rslr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listByTypeNextResults - req, err := client.ListByTypePreparer(ctx, resourceGroupName, privateZoneName, recordType, top, recordsetnamesuffix) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", nil, "Failure preparing request") - return - } - - resp, err := client.ListByTypeSender(req) - if err != nil { - result.rslr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", resp, "Failure sending request") - return - } - - result.rslr, err = client.ListByTypeResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "ListByType", resp, "Failure responding to request") - return - } - if result.rslr.hasNextLink() && result.rslr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListByTypePreparer prepares the ListByType request. -func (client RecordSetsClient) ListByTypePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "recordType": autorest.Encode("path", recordType), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - if len(recordsetnamesuffix) > 0 { - queryParameters["$recordsetnamesuffix"] = autorest.Encode("query", recordsetnamesuffix) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListByTypeSender sends the ListByType request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) ListByTypeSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListByTypeResponder handles the response to the ListByType request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) ListByTypeResponder(resp *http.Response) (result RecordSetListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listByTypeNextResults retrieves the next set of results, if any. -func (client RecordSetsClient) listByTypeNextResults(ctx context.Context, lastResults RecordSetListResult) (result RecordSetListResult, err error) { - req, err := lastResults.recordSetListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListByTypeSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", resp, "Failure sending next results request") - } - result, err = client.ListByTypeResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "listByTypeNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListByTypeComplete enumerates all values, automatically crossing page boundaries as required. -func (client RecordSetsClient) ListByTypeComplete(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, top *int32, recordsetnamesuffix string) (result RecordSetListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.ListByType") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.ListByType(ctx, resourceGroupName, privateZoneName, recordType, top, recordsetnamesuffix) - return -} - -// Update updates a record set within a Private DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// recordType - the type of DNS record in this record set. -// relativeRecordSetName - the name of the record set, relative to the name of the zone. -// parameters - parameters supplied to the Update operation. -// ifMatch - the ETag of the record set. Omit this value to always overwrite the current record set. Specify -// the last-seen ETag value to prevent accidentally overwriting concurrent changes. -func (client RecordSetsClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string) (result RecordSet, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/RecordSetsClient.Update") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, recordType, relativeRecordSetName, parameters, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", nil, "Failure preparing request") - return - } - - resp, err := client.UpdateSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", resp, "Failure sending request") - return - } - - result, err = client.UpdateResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.RecordSetsClient", "Update", resp, "Failure responding to request") - return - } - - return -} - -// UpdatePreparer prepares the Update request. -func (client RecordSetsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, recordType RecordType, relativeRecordSetName string, parameters RecordSet, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "recordType": autorest.Encode("path", recordType), - "relativeRecordSetName": relativeRecordSetName, - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPatch(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/{recordType}/{relativeRecordSetName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// UpdateSender sends the Update request. The method will close the -// http.Response Body if it receives an error. -func (client RecordSetsClient) UpdateSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// UpdateResponder handles the response to the Update request. The method always -// closes the http.Response Body. -func (client RecordSetsClient) UpdateResponder(resp *http.Response) (result RecordSet, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/version.go deleted file mode 100644 index 1e43b22d..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/version.go +++ /dev/null @@ -1,19 +0,0 @@ -package privatedns - -import "github.com/Azure/azure-sdk-for-go/version" - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -// UserAgent returns the UserAgent string to use when sending http.Requests. -func UserAgent() string { - return "Azure-SDK-For-Go/" + Version() + " privatedns/2020-06-01" -} - -// Version returns the semantic version (see http://semver.org) of the client. -func Version() string { - return version.Number -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/virtualnetworklinks.go b/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/virtualnetworklinks.go deleted file mode 100644 index 03e60692..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/services/privatedns/mgmt/2020-06-01/privatedns/virtualnetworklinks.go +++ /dev/null @@ -1,509 +0,0 @@ -package privatedns - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. -// -// Code generated by Microsoft (R) AutoRest Code Generator. -// Changes may cause incorrect behavior and will be lost if the code is regenerated. - -import ( - "context" - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/tracing" - "net/http" -) - -// VirtualNetworkLinksClient is the the Private DNS Management Client. -type VirtualNetworkLinksClient struct { - BaseClient -} - -// NewVirtualNetworkLinksClient creates an instance of the VirtualNetworkLinksClient client. -func NewVirtualNetworkLinksClient(subscriptionID string) VirtualNetworkLinksClient { - return NewVirtualNetworkLinksClientWithBaseURI(DefaultBaseURI, subscriptionID) -} - -// NewVirtualNetworkLinksClientWithBaseURI creates an instance of the VirtualNetworkLinksClient client using a custom -// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure -// stack). -func NewVirtualNetworkLinksClientWithBaseURI(baseURI string, subscriptionID string) VirtualNetworkLinksClient { - return VirtualNetworkLinksClient{NewWithBaseURI(baseURI, subscriptionID)} -} - -// CreateOrUpdate creates or updates a virtual network link to the specified Private DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// virtualNetworkLinkName - the name of the virtual network link. -// parameters - parameters supplied to the CreateOrUpdate operation. -// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always overwrite -// the current virtual network link. Specify the last-seen ETag value to prevent accidentally overwriting any -// concurrent changes. -// ifNoneMatch - set to '*' to allow a new virtual network link to the Private DNS zone to be created, but to -// prevent updating an existing link. Other values will be ignored. -func (client VirtualNetworkLinksClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string, ifNoneMatch string) (result VirtualNetworkLinksCreateOrUpdateFuture, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.CreateOrUpdate") - defer func() { - sc := -1 - if result.FutureAPI != nil && result.FutureAPI.Response() != nil { - sc = result.FutureAPI.Response().StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, parameters, ifMatch, ifNoneMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "CreateOrUpdate", nil, "Failure preparing request") - return - } - - result, err = client.CreateOrUpdateSender(req) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "CreateOrUpdate", result.Response(), "Failure sending request") - return - } - - return -} - -// CreateOrUpdatePreparer prepares the CreateOrUpdate request. -func (client VirtualNetworkLinksClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string, ifNoneMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPut(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - if len(ifNoneMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-None-Match", autorest.String(ifNoneMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the -// http.Response Body if it receives an error. -func (client VirtualNetworkLinksClient) CreateOrUpdateSender(req *http.Request) (future VirtualNetworkLinksCreateOrUpdateFuture, err error) { - var resp *http.Response - future.FutureAPI = &azure.Future{} - resp, err = client.Send(req, azure.DoRetryWithRegistration(client.Client)) - if err != nil { - return - } - var azf azure.Future - azf, err = azure.NewFutureFromResponse(resp) - future.FutureAPI = &azf - future.Result = future.result - return -} - -// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always -// closes the http.Response Body. -func (client VirtualNetworkLinksClient) CreateOrUpdateResponder(resp *http.Response) (result VirtualNetworkLink, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated, http.StatusAccepted), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// Delete deletes a virtual network link to the specified Private DNS zone. WARNING: In case of a registration virtual -// network, all auto-registered DNS records in the zone for the virtual network will also be deleted. This operation -// cannot be undone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// virtualNetworkLinkName - the name of the virtual network link. -// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always delete the -// current zone. Specify the last-seen ETag value to prevent accidentally deleting any concurrent changes. -func (client VirtualNetworkLinksClient) Delete(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, ifMatch string) (result VirtualNetworkLinksDeleteFuture, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Delete") - defer func() { - sc := -1 - if result.FutureAPI != nil && result.FutureAPI.Response() != nil { - sc = result.FutureAPI.Response().StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.DeletePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Delete", nil, "Failure preparing request") - return - } - - result, err = client.DeleteSender(req) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Delete", result.Response(), "Failure sending request") - return - } - - return -} - -// DeletePreparer prepares the Delete request. -func (client VirtualNetworkLinksClient) DeletePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsDelete(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// DeleteSender sends the Delete request. The method will close the -// http.Response Body if it receives an error. -func (client VirtualNetworkLinksClient) DeleteSender(req *http.Request) (future VirtualNetworkLinksDeleteFuture, err error) { - var resp *http.Response - future.FutureAPI = &azure.Future{} - resp, err = client.Send(req, azure.DoRetryWithRegistration(client.Client)) - if err != nil { - return - } - var azf azure.Future - azf, err = azure.NewFutureFromResponse(resp) - future.FutureAPI = &azf - future.Result = future.result - return -} - -// DeleteResponder handles the response to the Delete request. The method always -// closes the http.Response Body. -func (client VirtualNetworkLinksClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted, http.StatusNoContent), - autorest.ByClosing()) - result.Response = resp - return -} - -// Get gets a virtual network link to the specified Private DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// virtualNetworkLinkName - the name of the virtual network link. -func (client VirtualNetworkLinksClient) Get(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string) (result VirtualNetworkLink, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Get") - defer func() { - sc := -1 - if result.Response.Response != nil { - sc = result.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.GetPreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", nil, "Failure preparing request") - return - } - - resp, err := client.GetSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", resp, "Failure sending request") - return - } - - result, err = client.GetResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Get", resp, "Failure responding to request") - return - } - - return -} - -// GetPreparer prepares the Get request. -func (client VirtualNetworkLinksClient) GetPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// GetSender sends the Get request. The method will close the -// http.Response Body if it receives an error. -func (client VirtualNetworkLinksClient) GetSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// GetResponder handles the response to the Get request. The method always -// closes the http.Response Body. -func (client VirtualNetworkLinksClient) GetResponder(resp *http.Response) (result VirtualNetworkLink, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// List lists the virtual network links to the specified Private DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// top - the maximum number of virtual network links to return. If not specified, returns up to 100 virtual -// network links. -func (client VirtualNetworkLinksClient) List(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (result VirtualNetworkLinkListResultPage, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.List") - defer func() { - sc := -1 - if result.vnllr.Response.Response != nil { - sc = result.vnllr.Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.fn = client.listNextResults - req, err := client.ListPreparer(ctx, resourceGroupName, privateZoneName, top) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", nil, "Failure preparing request") - return - } - - resp, err := client.ListSender(req) - if err != nil { - result.vnllr.Response = autorest.Response{Response: resp} - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", resp, "Failure sending request") - return - } - - result.vnllr, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "List", resp, "Failure responding to request") - return - } - if result.vnllr.hasNextLink() && result.vnllr.IsEmpty() { - err = result.NextWithContext(ctx) - return - } - - return -} - -// ListPreparer prepares the List request. -func (client VirtualNetworkLinksClient) ListPreparer(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - if top != nil { - queryParameters["$top"] = autorest.Encode("query", *top) - } - - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks", pathParameters), - autorest.WithQueryParameters(queryParameters)) - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// ListSender sends the List request. The method will close the -// http.Response Body if it receives an error. -func (client VirtualNetworkLinksClient) ListSender(req *http.Request) (*http.Response, error) { - return client.Send(req, azure.DoRetryWithRegistration(client.Client)) -} - -// ListResponder handles the response to the List request. The method always -// closes the http.Response Body. -func (client VirtualNetworkLinksClient) ListResponder(resp *http.Response) (result VirtualNetworkLinkListResult, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} - -// listNextResults retrieves the next set of results, if any. -func (client VirtualNetworkLinksClient) listNextResults(ctx context.Context, lastResults VirtualNetworkLinkListResult) (result VirtualNetworkLinkListResult, err error) { - req, err := lastResults.virtualNetworkLinkListResultPreparer(ctx) - if err != nil { - return result, autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", nil, "Failure preparing next results request") - } - if req == nil { - return - } - resp, err := client.ListSender(req) - if err != nil { - result.Response = autorest.Response{Response: resp} - return result, autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", resp, "Failure sending next results request") - } - result, err = client.ListResponder(resp) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "listNextResults", resp, "Failure responding to next results request") - } - return -} - -// ListComplete enumerates all values, automatically crossing page boundaries as required. -func (client VirtualNetworkLinksClient) ListComplete(ctx context.Context, resourceGroupName string, privateZoneName string, top *int32) (result VirtualNetworkLinkListResultIterator, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.List") - defer func() { - sc := -1 - if result.Response().Response.Response != nil { - sc = result.page.Response().Response.Response.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - result.page, err = client.List(ctx, resourceGroupName, privateZoneName, top) - return -} - -// Update updates a virtual network link to the specified Private DNS zone. -// Parameters: -// resourceGroupName - the name of the resource group. -// privateZoneName - the name of the Private DNS zone (without a terminating dot). -// virtualNetworkLinkName - the name of the virtual network link. -// parameters - parameters supplied to the Update operation. -// ifMatch - the ETag of the virtual network link to the Private DNS zone. Omit this value to always overwrite -// the current virtual network link. Specify the last-seen ETag value to prevent accidentally overwriting any -// concurrent changes. -func (client VirtualNetworkLinksClient) Update(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string) (result VirtualNetworkLinksUpdateFuture, err error) { - if tracing.IsEnabled() { - ctx = tracing.StartSpan(ctx, fqdn+"/VirtualNetworkLinksClient.Update") - defer func() { - sc := -1 - if result.FutureAPI != nil && result.FutureAPI.Response() != nil { - sc = result.FutureAPI.Response().StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - } - req, err := client.UpdatePreparer(ctx, resourceGroupName, privateZoneName, virtualNetworkLinkName, parameters, ifMatch) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Update", nil, "Failure preparing request") - return - } - - result, err = client.UpdateSender(req) - if err != nil { - err = autorest.NewErrorWithError(err, "privatedns.VirtualNetworkLinksClient", "Update", result.Response(), "Failure sending request") - return - } - - return -} - -// UpdatePreparer prepares the Update request. -func (client VirtualNetworkLinksClient) UpdatePreparer(ctx context.Context, resourceGroupName string, privateZoneName string, virtualNetworkLinkName string, parameters VirtualNetworkLink, ifMatch string) (*http.Request, error) { - pathParameters := map[string]interface{}{ - "privateZoneName": autorest.Encode("path", privateZoneName), - "resourceGroupName": autorest.Encode("path", resourceGroupName), - "subscriptionId": autorest.Encode("path", client.SubscriptionID), - "virtualNetworkLinkName": autorest.Encode("path", virtualNetworkLinkName), - } - - const APIVersion = "2020-06-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsContentType("application/json; charset=utf-8"), - autorest.AsPatch(), - autorest.WithBaseURL(client.BaseURI), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/privateDnsZones/{privateZoneName}/virtualNetworkLinks/{virtualNetworkLinkName}", pathParameters), - autorest.WithJSON(parameters), - autorest.WithQueryParameters(queryParameters)) - if len(ifMatch) > 0 { - preparer = autorest.DecoratePreparer(preparer, - autorest.WithHeader("If-Match", autorest.String(ifMatch))) - } - return preparer.Prepare((&http.Request{}).WithContext(ctx)) -} - -// UpdateSender sends the Update request. The method will close the -// http.Response Body if it receives an error. -func (client VirtualNetworkLinksClient) UpdateSender(req *http.Request) (future VirtualNetworkLinksUpdateFuture, err error) { - var resp *http.Response - future.FutureAPI = &azure.Future{} - resp, err = client.Send(req, azure.DoRetryWithRegistration(client.Client)) - if err != nil { - return - } - var azf azure.Future - azf, err = azure.NewFutureFromResponse(resp) - future.FutureAPI = &azf - future.Result = future.result - return -} - -// UpdateResponder handles the response to the Update request. The method always -// closes the http.Response Body. -func (client VirtualNetworkLinksClient) UpdateResponder(resp *http.Response) (result VirtualNetworkLink, err error) { - err = autorest.Respond( - resp, - azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusAccepted), - autorest.ByUnmarshallingJSON(&result), - autorest.ByClosing()) - result.Response = autorest.Response{Response: resp} - return -} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/version/version.go b/vendor/github.com/Azure/azure-sdk-for-go/version/version.go deleted file mode 100644 index bcfbb15c..00000000 --- a/vendor/github.com/Azure/azure-sdk-for-go/version/version.go +++ /dev/null @@ -1,7 +0,0 @@ -package version - -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. See License.txt in the project root for license information. - -// Number contains the semantic version of this SDK. -const Number = "v68.0.0" diff --git a/vendor/github.com/Azure/go-autorest/.gitignore b/vendor/github.com/Azure/go-autorest/.gitignore deleted file mode 100644 index 3350aaf7..00000000 --- a/vendor/github.com/Azure/go-autorest/.gitignore +++ /dev/null @@ -1,32 +0,0 @@ -# The standard Go .gitignore file follows. (Sourced from: github.com/github/gitignore/master/Go.gitignore) -# Compiled Object files, Static and Dynamic libs (Shared Objects) -*.o -*.a -*.so - -# Folders -_obj -_test -.DS_Store -.idea/ -.vscode/ - -# Architecture specific extensions/prefixes -*.[568vq] -[568vq].out - -*.cgo1.go -*.cgo2.c -_cgo_defun.c -_cgo_gotypes.go -_cgo_export.* - -_testmain.go - -*.exe -*.test -*.prof - -# go-autorest specific -vendor/ -autorest/azure/example/example diff --git a/vendor/github.com/Azure/go-autorest/CHANGELOG.md b/vendor/github.com/Azure/go-autorest/CHANGELOG.md deleted file mode 100644 index d1f596bf..00000000 --- a/vendor/github.com/Azure/go-autorest/CHANGELOG.md +++ /dev/null @@ -1,1004 +0,0 @@ -# CHANGELOG - -## v14.2.0 - -- Added package comment to make `github.com/Azure/go-autorest` importable. - -## v14.1.1 - -### Bug Fixes - -- Change `x-ms-authorization-auxiliary` header value separator to comma. - -## v14.1.0 - -### New Features - -- Added `azure.SetEnvironment()` that will update the global environments map with the specified values. - -## v14.0.1 - -### Bug Fixes - -- Fix race condition when refreshing token. -- Fixed some tests to work with Go 1.14. - -## v14.0.0 - -## Breaking Changes - -- By default, the `DoRetryForStatusCodes` functions will no longer infinitely retry a request when the response returns an HTTP status code of 429 (StatusTooManyRequests). To opt in to the old behavior set `autorest.Count429AsRetry` to `false`. - -## New Features - -- Variable `autorest.Max429Delay` can be used to control the maximum delay between retries when a 429 is received with no `Retry-After` header. The default is zero which means there is no cap. - -## v13.4.0 - -## New Features - -- Added field `SendDecorators` to the `Client` type. This can be used to specify a custom chain of SendDecorators per client. -- Added method `Client.Send()` which includes logic for selecting the preferred chain of SendDecorators. - -## v13.3.3 - -### Bug Fixes - -- Fixed connection leak when retrying requests. -- Enabled exponential back-off with a 2-minute cap when retrying on 429. -- Fixed some cases where errors were inadvertently dropped. - -## v13.3.2 - -### Bug Fixes - -- Updated `autorest.AsStringSlice()` to convert slice elements to their string representation. - -## v13.3.1 - -- Updated external dependencies. - -### Bug Fixes - -## v13.3.0 - -### New Features - -- Added support for shared key and shared access signature token authorization. - - `autorest.NewSharedKeyAuthorizer()` and dependent types. - - `autorest.NewSASTokenAuthorizer()` and dependent types. -- Added `ServicePrincipalToken.SetCustomRefresh()` so a custom refresh function can be invoked when a token has expired. - -### Bug Fixes - -- Fixed `cli.AccessTokensPath()` to respect `AZURE_CONFIG_DIR` when set. -- Support parsing error messages in XML responses. - -## v13.2.0 - -### New Features - -- Added the following functions to replace their versions that don't take a context. - - `adal.InitiateDeviceAuthWithContext()` - - `adal.CheckForUserCompletionWithContext()` - - `adal.WaitForUserCompletionWithContext()` - -## v13.1.0 - -### New Features - -- Added support for MSI authentication on Azure App Service and Azure Functions. - -## v13.0.2 - -### Bug Fixes - -- Always retry a request even if the sender returns a non-nil error. - -## v13.0.1 - -## Bug Fixes - -- Fixed `autorest.WithQueryParameters()` so that it properly encodes multi-value query parameters. - -## v13.0.0 - -## Breaking Changes - -The `tracing` package has been rewritten to provide a common interface for consumers to wire in the tracing package of their choice. -What this means is that by default no tracing provider will be compiled into your program and setting the `AZURE_SDK_TRACING_ENABLED` -environment variable will have no effect. To enable this previous behavior you must now add the following import to your source file. -```go - import _ "github.com/Azure/go-autorest/tracing/opencensus" -``` -The APIs required by autorest-generated code have remained but some APIs have been removed and new ones added. -The following APIs and variables have been removed (the majority of them were moved to the `opencensus` package). -- tracing.Transport -- tracing.Enable() -- tracing.EnableWithAIForwarding() -- tracing.Disable() - -The following APIs and types have been added -- tracing.Tracer -- tracing.Register() - -To hook up a tracer simply call `tracing.Register()` passing in a type that satisfies the `tracing.Tracer` interface. - -## v12.4.3 - -### Bug Fixes - -- `autorest.MultiTenantServicePrincipalTokenAuthorizer` will now properly add its auxiliary bearer tokens. - -## v12.4.2 - -### Bug Fixes - -- Improvements to the fixes made in v12.4.1. - - Remove `override` stanza from Gopkg.toml and `replace` directive from go.mod as they don't apply when being consumed as a dependency. - - Switched to latest version of `ocagent` that still depends on protobuf v1.2. - - Add indirect dependencies to the `required` clause with matching `constraint` stanzas so that `dep` dependencies match go.sum. - -## v12.4.1 - -### Bug Fixes - -- Updated OpenCensus and OCAgent versions to versions that don't depend on v1.3+ of protobuf as it was breaking kubernetes. -- Pinned opencensus-proto to a version that's compatible with our versions of OpenCensus and OCAgent. - -## v12.4.0 - -### New Features - -- Added `autorest.WithPrepareDecorators` and `autorest.GetPrepareDecorators` for adding and retrieving a custom chain of PrepareDecorators to the provided context. - -## v12.3.0 - -### New Features - -- Support for multi-tenant via x-ms-authorization-auxiliary header has been added for client credentials with - secret scenario; this basically bundles multiple OAuthConfig and ServicePrincipalToken types into corresponding - MultiTenant* types along with a new authorizer that adds the primary and auxiliary token headers to the reqest. - The authenticaion helpers have been updated to support this scenario; if environment var AZURE_AUXILIARY_TENANT_IDS - is set with a semicolon delimited list of tenants the multi-tenant codepath will kick in to create the appropriate authorizer. - See `adal.NewMultiTenantOAuthConfig`, `adal.NewMultiTenantServicePrincipalToken` and `autorest.NewMultiTenantServicePrincipalTokenAuthorizer` - along with their supporting types and methods. -- Added `autorest.WithSendDecorators` and `autorest.GetSendDecorators` for adding and retrieving a custom chain of SendDecorators to the provided context. -- Added `autorest.DoRetryForStatusCodesWithCap` and `autorest.DelayForBackoffWithCap` to enforce an upper bound on the duration between retries. - -## v12.2.0 - -### New Features - -- Added `autorest.WithXML`, `autorest.AsMerge`, `autorest.WithBytes` preparer decorators. -- Added `autorest.ByUnmarshallingBytes` response decorator. -- Added `Response.IsHTTPStatus` and `Response.HasHTTPStatus` helper methods for inspecting HTTP status code in `autorest.Response` types. - -### Bug Fixes - -- `autorest.DelayWithRetryAfter` now supports HTTP-Dates in the `Retry-After` header and is not limited to just 429 status codes. - -## v12.1.0 - -### New Features - -- Added `to.ByteSlicePtr()`. -- Added blob/queue storage resource ID to `azure.ResourceIdentifier`. - -## v12.0.0 - -### Breaking Changes - -In preparation for modules the following deprecated content has been removed. - - - async.NewFuture() - - async.Future.Done() - - async.Future.WaitForCompletion() - - async.DoPollForAsynchronous() - - The `utils` package - - validation.NewErrorWithValidationError() - - The `version` package - -## v11.9.0 - -### New Features - -- Add `ResourceIdentifiers` field to `azure.Environment` containing resource IDs for public and sovereign clouds. - -## v11.8.0 - -### New Features - -- Added `autorest.NewClientWithOptions()` to support endpoints that require free renegotiation. - -## v11.7.1 - -### Bug Fixes - -- Fix missing support for http(s) proxy when using the default sender. - -## v11.7.0 - -### New Features - -- Added methods to obtain a ServicePrincipalToken on the various credential configuration types in the `auth` package. - -## v11.6.1 - -### Bug Fixes - -- Fix ACR DNS endpoint for government clouds. -- Add Cosmos DB DNS endpoints. -- Update dependencies to resolve build breaks in OpenCensus. - -## v11.6.0 - -### New Features - -- Added type `autorest.BasicAuthorizer` to support Basic authentication. - -## v11.5.2 - -### Bug Fixes - -- Fixed `GetTokenFromCLI` did not work with zsh. - -## v11.5.1 - -### Bug Fixes - -- In `Client.sender()` set the minimum TLS version on HTTP clients to 1.2. - -## v11.5.0 - -### New Features - -- The `auth` package has been refactored so that the environment and file settings are now available. -- The methods used in `auth.NewAuthorizerFromEnvironment()` are now exported so that custom authorization chains can be created. -- Added support for certificate authorization for file-based config. - -## v11.4.0 - -### New Features - -- Added `adal.AddToUserAgent()` so callers can append custom data to the user-agent header used for ADAL requests. -- Exported `adal.UserAgent()` for parity with `autorest.Client`. - -## v11.3.2 - -### Bug Fixes - -- In `Future.WaitForCompletionRef()` if the provided context has a deadline don't add the default deadline. - -## v11.3.1 - -### Bug Fixes - -- For an LRO PUT operation the final GET URL was incorrectly set to the Location polling header in some cases. - -## v11.3.0 - -### New Features - -- Added method `ServicePrincipalToken()` to `DeviceFlowConfig` type. - -## v11.2.8 - -### Bug Fixes - -- Deprecate content in the `version` package. The functionality has been superseded by content in the `autorest` package. - -## v11.2.7 - -### Bug Fixes - -- Fix environment variable name for enabling tracing from `AZURE_SDK_TRACING_ENABELD` to `AZURE_SDK_TRACING_ENABLED`. - Note that for backward compatibility reasons, both will work until the next major version release of the package. - -## v11.2.6 - -### Bug Fixes - -- If zero bytes are read from a polling response body don't attempt to unmarshal them. - -## v11.2.5 - -### Bug Fixes - -- Removed race condition in `autorest.DoRetryForStatusCodes`. - -## v11.2.4 - -### Bug Fixes - -- Function `cli.ProfilePath` now respects environment `AZURE_CONFIG_DIR` if available. - -## v11.2.1 - -NOTE: Versions of Go prior to 1.10 have been removed from CI as they no -longer work with golint. - -### Bug Fixes - -- Method `MSIConfig.Authorizer` now supports user-assigned identities. -- The adal package now reports its own user-agent string. - -## v11.2.0 - -### New Features - -- Added `tracing` package that enables instrumentation of HTTP and API calls. - Setting the env variable `AZURE_SDK_TRACING_ENABLED` or calling `tracing.Enable` - will start instrumenting the code for metrics and traces. - Additionally, setting the env variable `OCAGENT_TRACE_EXPORTER_ENDPOINT` or - calling `tracing.EnableWithAIForwarding` will start the instrumentation and connect to an - App Insights Local Forwarder that is needs to be running. Note that if the - AI Local Forwarder is not running tracking will still be enabled. - By default, instrumentation is disabled. Once enabled, instrumentation can also - be programatically disabled by calling `Disable`. -- Added `DoneWithContext` call for checking LRO status. `Done` has been deprecated. - -### Bug Fixes - -- Don't use the initial request's context for LRO polling. -- Don't override the `refreshLock` and the `http.Client` when unmarshalling `ServicePrincipalToken` if - it is already set. - -## v11.1.1 - -### Bug Fixes - -- When creating a future always include the polling tracker even if there's a failure; this allows the underlying response to be obtained by the caller. - -## v11.1.0 - -### New Features - -- Added `auth.NewAuthorizerFromCLI` to create an authorizer configured from the Azure 2.0 CLI. -- Added `adal.NewOAuthConfigWithAPIVersion` to create an OAuthConfig with the specified API version. - -## v11.0.1 - -### New Features - -- Added `x5c` header to client assertion for certificate Issuer+Subject Name authentication. - -## v11.0.0 - -### Breaking Changes - -- To handle differences between ADFS and AAD the following fields have had their types changed from `string` to `json.Number` - - ExpiresIn - - ExpiresOn - - NotBefore - -### New Features - -- Added `auth.NewAuthorizerFromFileWithResource` to create an authorizer from the config file with the specified resource. -- Setting a client's `PollingDuration` to zero will use the provided context to control a LRO's polling duration. - -## v10.15.5 - -### Bug Fixes - -- In `DoRetryForStatusCodes`, if a request's context is cancelled return the last response. - -## v10.15.4 - -### Bug Fixes - -- If a polling operation returns a failure status code return the associated error. - -## v10.15.3 - -### Bug Fixes - -- Initialize the polling URL and method for an LRO tracker on each iteration, favoring the Azure-AsyncOperation header. - -## v10.15.2 - -### Bug Fixes - -- Use fmt.Fprint when printing request/response so that any escape sequences aren't treated as format specifiers. - -## v10.15.1 - -### Bug Fixes - -- If an LRO API returns a `Failed` provisioning state in the initial response return an error at that point so the caller doesn't have to poll. -- For failed LROs without an OData v4 error include the response body in the error's `AdditionalInfo` field to aid in diagnosing the failure. - -## v10.15.0 - -### New Features - -- Add initial support for request/response logging via setting environment variables. - Setting `AZURE_GO_SDK_LOG_LEVEL` to `LogInfo` will log request/response - without their bodies. To include the bodies set the log level to `LogDebug`. - By default the logger writes to strerr, however it can also write to stdout or a file - if specified in `AZURE_GO_SDK_LOG_FILE`. Note that if the specified file - already exists it will be truncated. - IMPORTANT: by default the logger will redact the Authorization and Ocp-Apim-Subscription-Key - headers. Any other secrets will _not_ be redacted. - -## v10.14.0 - -### New Features - -- Added package version that contains version constants and user-agent data. - -### Bug Fixes - -- Add the user-agent to token requests. - -## v10.13.0 - -- Added support for additionalInfo in ServiceError type. - -## v10.12.0 - -### New Features - -- Added field ServicePrincipalToken.MaxMSIRefreshAttempts to configure the maximun number of attempts to refresh an MSI token. - -## v10.11.4 - -### Bug Fixes - -- If an LRO returns http.StatusOK on the initial response with no async headers return the response body from Future.GetResult(). -- If there is no "final GET URL" return an error from Future.GetResult(). - -## v10.11.3 - -### Bug Fixes - -- In IMDS retry logic, if we don't receive a response don't retry. - - Renamed the retry function so it's clear it's meant for IMDS only. -- For error response bodies that aren't OData-v4 compliant stick the raw JSON in the ServiceError.Details field so the information isn't lost. - - Also add the raw HTTP response to the DetailedResponse. -- Removed superfluous wrapping of response error in azure.DoRetryWithRegistration(). - -## v10.11.2 - -### Bug Fixes - -- Validation for integers handles int and int64 types. - -## v10.11.1 - -### Bug Fixes - -- Adding User information to authorization config as parsed from CLI cache. - -## v10.11.0 - -### New Features - -- Added NewServicePrincipalTokenFromManualTokenSecret for creating a new SPT using a manual token and secret -- Added method ServicePrincipalToken.MarshalTokenJSON() to marshall the inner Token - -## v10.10.0 - -### New Features - -- Most ServicePrincipalTokens can now be marshalled/unmarshall to/from JSON (ServicePrincipalCertificateSecret and ServicePrincipalMSISecret are not supported). -- Added method ServicePrincipalToken.SetRefreshCallbacks(). - -## v10.9.2 - -### Bug Fixes - -- Refreshing a refresh token obtained from a web app authorization code now works. - -## v10.9.1 - -### Bug Fixes - -- The retry logic for MSI token requests now uses exponential backoff per the guidelines. -- IsTemporaryNetworkError() will return true for errors that don't implement the net.Error interface. - -## v10.9.0 - -### Deprecated Methods - -| Old Method | New Method | -| -------------------------: | :---------------------------: | -| azure.NewFuture() | azure.NewFutureFromResponse() | -| Future.WaitForCompletion() | Future.WaitForCompletionRef() | - -### New Features - -- Added azure.NewFutureFromResponse() for creating a Future from the initial response from an async operation. -- Added Future.GetResult() for making the final GET call to retrieve the result from an async operation. - -### Bug Fixes - -- Some futures failed to return their results, this should now be fixed. - -## v10.8.2 - -### Bug Fixes - -- Add nil-gaurd to token retry logic. - -## v10.8.1 - -### Bug Fixes - -- Return a TokenRefreshError if the sender fails on the initial request. -- Don't retry on non-temporary network errors. - -## v10.8.0 - -- Added NewAuthorizerFromEnvironmentWithResource() helper function. - -## v10.7.0 - -### New Features - -- Added \*WithContext() methods to ADAL token refresh operations. - -## v10.6.2 - -- Fixed a bug on device authentication. - -## v10.6.1 - -- Added retries to MSI token get request. - -## v10.6.0 - -- Changed MSI token implementation. Now, the token endpoint is the IMDS endpoint. - -## v10.5.1 - -### Bug Fixes - -- `DeviceFlowConfig.Authorizer()` now prints the device code message when running `go test`. `-v` flag is required. - -## v10.5.0 - -### New Features - -- Added NewPollingRequestWithContext() for use with polling asynchronous operations. - -### Bug Fixes - -- Make retry logic use the request's context instead of the deprecated Cancel object. - -## v10.4.0 - -### New Features - -- Added helper for parsing Azure Resource ID's. -- Added deprecation message to utils.GetEnvVarOrExit() - -## v10.3.0 - -### New Features - -- Added EnvironmentFromURL method to load an Environment from a given URL. This function is particularly useful in the private and hybrid Cloud model, where one may define their own endpoints -- Added TokenAudience endpoint to Environment structure. This is useful in private and hybrid cloud models where TokenAudience endpoint can be different from ResourceManagerEndpoint - -## v10.2.0 - -### New Features - -- Added endpoints for batch management. - -## v10.1.3 - -### Bug Fixes - -- In Client.Do() invoke WithInspection() last so that it will inspect WithAuthorization(). -- Fixed authorization methods to invoke p.Prepare() first, aligning them with the other preparers. - -## v10.1.2 - -- Corrected comment for auth.NewAuthorizerFromFile() function. - -## v10.1.1 - -- Updated version number to match current release. - -## v10.1.0 - -### New Features - -- Expose the polling URL for futures. - -### Bug Fixes - -- Add validation.NewErrorWithValidationError back to prevent breaking changes (it is deprecated). - -## v10.0.0 - -### New Features - -- Added target and innererror fields to ServiceError to comply with OData v4 spec. -- The Done() method on futures will now return a ServiceError object when available (it used to return a partial value of such errors). -- Added helper methods for obtaining authorizers. -- Expose the polling URL for futures. - -### Bug Fixes - -- Switched from glide to dep for dependency management. -- Fixed unmarshaling of ServiceError for JSON bodies that don't conform to the OData spec. -- Fixed a race condition in token refresh. - -### Breaking Changes - -- The ServiceError.Details field type has been changed to match the OData v4 spec. -- Go v1.7 has been dropped from CI. -- API parameter validation failures will now return a unique error type validation.Error. -- The adal.Token type has been decomposed from adal.ServicePrincipalToken (this was necessary in order to fix the token refresh race). - -## v9.10.0 - -- Fix the Service Bus suffix in Azure public env -- Add Service Bus Endpoint (AAD ResourceURI) for use in [Azure Service Bus RBAC Preview](https://docs.microsoft.com/en-us/azure/service-bus-messaging/service-bus-role-based-access-control) - -## v9.9.0 - -### New Features - -- Added EventGridKeyAuthorizer for key authorization with event grid topics. - -### Bug Fixes - -- Fixed race condition when auto-refreshing service principal tokens. - -## v9.8.1 - -### Bug Fixes - -- Added http.StatusNoContent (204) to the list of expected status codes for long-running operations. -- Updated runtime version info so it's current. - -## v9.8.0 - -### New Features - -- Added type azure.AsyncOpIncompleteError to be returned from a future's Result() method when the operation has not completed. - -## v9.7.1 - -### Bug Fixes - -- Use correct AAD and Graph endpoints for US Gov environment. - -## v9.7.0 - -### New Features - -- Added support for application/octet-stream MIME types. - -## v9.6.1 - -### Bug Fixes - -- Ensure Authorization header is added to request when polling for registration status. - -## v9.6.0 - -### New Features - -- Added support for acquiring tokens via MSI with a user assigned identity. - -## v9.5.3 - -### Bug Fixes - -- Don't remove encoding of existing URL Query parameters when calling autorest.WithQueryParameters. -- Set correct Content Type when using autorest.WithFormData. - -## v9.5.2 - -### Bug Fixes - -- Check for nil \*http.Response before dereferencing it. - -## v9.5.1 - -### Bug Fixes - -- Don't count http.StatusTooManyRequests (429) against the retry cap. -- Use retry logic when SkipResourceProviderRegistration is set to true. - -## v9.5.0 - -### New Features - -- Added support for username + password, API key, authoriazation code and cognitive services authentication. -- Added field SkipResourceProviderRegistration to clients to provide a way to skip auto-registration of RPs. -- Added utility function AsStringSlice() to convert its parameters to a string slice. - -### Bug Fixes - -- When checking for authentication failures look at the error type not the status code as it could vary. - -## v9.4.2 - -### Bug Fixes - -- Validate parameters when creating credentials. -- Don't retry requests if the returned status is a 401 (http.StatusUnauthorized) as it will never succeed. - -## v9.4.1 - -### Bug Fixes - -- Update the AccessTokensPath() to read access tokens path through AZURE_ACCESS_TOKEN_FILE. If this - environment variable is not set, it will fall back to use default path set by Azure CLI. -- Use case-insensitive string comparison for polling states. - -## v9.4.0 - -### New Features - -- Added WaitForCompletion() to Future as a default polling implementation. - -### Bug Fixes - -- Method Future.Done() shouldn't update polling status for unexpected HTTP status codes. - -## v9.3.1 - -### Bug Fixes - -- DoRetryForStatusCodes will retry if sender.Do returns a non-nil error. - -## v9.3.0 - -### New Features - -- Added PollingMethod() to Future so callers know what kind of polling mechanism is used. -- Added azure.ChangeToGet() which transforms an http.Request into a GET (to be used with LROs). - -## v9.2.0 - -### New Features - -- Added support for custom Azure Stack endpoints. -- Added type azure.Future used to track the status of long-running operations. - -### Bug Fixes - -- Preserve the original error in DoRetryWithRegistration when registration fails. - -## v9.1.1 - -- Fixes a bug regarding the cookie jar on `autorest.Client.Sender`. - -## v9.1.0 - -### New Features - -- In cases where there is a non-empty error from the service, attempt to unmarshal it instead of uniformly calling it an "Unknown" error. -- Support for loading Azure CLI Authentication files. -- Automatically register your subscription with the Azure Resource Provider if it hadn't been previously. - -### Bug Fixes - -- RetriableRequest can now tolerate a ReadSeekable body being read but not reset. -- Adding missing Apache Headers - -## v9.0.0 - -> **IMPORTANT:** This release was intially labeled incorrectly as `v8.4.0`. From the time it was released, it should have been marked `v9.0.0` because it contains breaking changes to the MSI packages. We appologize for any inconvenience this causes. - -Adding MSI Endpoint Support and CLI token rehydration. - -## v8.3.1 - -Pick up bug fix in adal for MSI support. - -## v8.3.0 - -Updates to Error string formats for clarity. Also, adding a copy of the http.Response to errors for an improved debugging experience. - -## v8.2.0 - -### New Features - -- Add support for bearer authentication callbacks -- Support 429 response codes that include "Retry-After" header -- Support validation constraint "Pattern" for map keys - -### Bug Fixes - -- Make RetriableRequest work with multiple versions of Go - -## v8.1.1 - -Updates the RetriableRequest to take advantage of GetBody() added in Go 1.8. - -## v8.1.0 - -Adds RetriableRequest type for more efficient handling of retrying HTTP requests. - -## v8.0.0 - -ADAL refactored into its own package. -Support for UNIX time. - -## v7.3.1 - -- Version Testing now removed from production bits that are shipped with the library. - -## v7.3.0 - -- Exposing new `RespondDecorator`, `ByDiscardingBody`. This allows operations - to acknowledge that they do not need either the entire or a trailing portion - of accepts response body. In doing so, Go's http library can reuse HTTP - connections more readily. -- Adding `PrepareDecorator` to target custom BaseURLs. -- Adding ACR suffix to public cloud environment. -- Updating Glide dependencies. - -## v7.2.5 - -- Fixed the Active Directory endpoint for the China cloud. -- Removes UTF-8 BOM if present in response payload. -- Added telemetry. - -## v7.2.3 - -- Fixing bug in calls to `DelayForBackoff` that caused doubling of delay - duration. - -## v7.2.2 - -- autorest/azure: added ASM and ARM VM DNS suffixes. - -## v7.2.1 - -- fixed parsing of UTC times that are not RFC3339 conformant. - -## v7.2.0 - -- autorest/validation: Reformat validation error for better error message. - -## v7.1.0 - -- preparer: Added support for multipart formdata - WithMultiPartFormdata() -- preparer: Added support for sending file in request body - WithFile -- client: Added RetryDuration parameter. -- autorest/validation: new package for validation code for Azure Go SDK. - -## v7.0.7 - -- Add trailing / to endpoint -- azure: add EnvironmentFromName - -## v7.0.6 - -- Add retry logic for 408, 500, 502, 503 and 504 status codes. -- Change url path and query encoding logic. -- Fix DelayForBackoff for proper exponential delay. -- Add CookieJar in Client. - -## v7.0.5 - -- Add check to start polling only when status is in [200,201,202]. -- Refactoring for unchecked errors. -- azure/persist changes. -- Fix 'file in use' issue in renewing token in deviceflow. -- Store header RetryAfter for subsequent requests in polling. -- Add attribute details in service error. - -## v7.0.4 - -- Better error messages for long running operation failures - -## v7.0.3 - -- Corrected DoPollForAsynchronous to properly handle the initial response - -## v7.0.2 - -- Corrected DoPollForAsynchronous to continue using the polling method first discovered - -## v7.0.1 - -- Fixed empty JSON input error in ByUnmarshallingJSON -- Fixed polling support for GET calls -- Changed format name from TimeRfc1123 to TimeRFC1123 - -## v7.0.0 - -- Added ByCopying responder with supporting TeeReadCloser -- Rewrote Azure asynchronous handling -- Reverted to only unmarshalling JSON -- Corrected handling of RFC3339 time strings and added support for Rfc1123 time format - -The `json.Decoder` does not catch bad data as thoroughly as `json.Unmarshal`. Since -`encoding/json` successfully deserializes all core types, and extended types normally provide -their custom JSON serialization handlers, the code has been reverted back to using -`json.Unmarshal`. The original change to use `json.Decode` was made to reduce duplicate -code; there is no loss of function, and there is a gain in accuracy, by reverting. - -Additionally, Azure services indicate requests to be polled by multiple means. The existing code -only checked for one of those (that is, the presence of the `Azure-AsyncOperation` header). -The new code correctly covers all cases and aligns with the other Azure SDKs. - -## v6.1.0 - -- Introduced `date.ByUnmarshallingJSONDate` and `date.ByUnmarshallingJSONTime` to enable JSON encoded values. - -## v6.0.0 - -- Completely reworked the handling of polled and asynchronous requests -- Removed unnecessary routines -- Reworked `mocks.Sender` to replay a series of `http.Response` objects -- Added `PrepareDecorators` for primitive types (e.g., bool, int32) - -Handling polled and asynchronous requests is no longer part of `Client#Send`. Instead new -`SendDecorators` implement different styles of polled behavior. See`autorest.DoPollForStatusCodes` -and `azure.DoPollForAsynchronous` for examples. - -## v5.0.0 - -- Added new RespondDecorators unmarshalling primitive types -- Corrected application of inspection and authorization PrependDecorators - -## v4.0.0 - -- Added support for Azure long-running operations. -- Added cancelation support to all decorators and functions that may delay. -- Breaking: `DelayForBackoff` now accepts a channel, which may be nil. - -## v3.1.0 - -- Add support for OAuth Device Flow authorization. -- Add support for ServicePrincipalTokens that are backed by an existing token, rather than other secret material. -- Add helpers for persisting and restoring Tokens. -- Increased code coverage in the github.com/Azure/autorest/azure package - -## v3.0.0 - -- Breaking: `NewErrorWithError` no longer takes `statusCode int`. -- Breaking: `NewErrorWithStatusCode` is replaced with `NewErrorWithResponse`. -- Breaking: `Client#Send()` no longer takes `codes ...int` argument. -- Add: XML unmarshaling support with `ByUnmarshallingXML()` -- Stopped vending dependencies locally and switched to [Glide](https://github.com/Masterminds/glide). - Applications using this library should either use Glide or vendor dependencies locally some other way. -- Add: `azure.WithErrorUnlessStatusCode()` decorator to handle Azure errors. -- Fix: use `net/http.DefaultClient` as base client. -- Fix: Missing inspection for polling responses added. -- Add: CopyAndDecode helpers. -- Improved `./autorest/to` with `[]string` helpers. -- Removed golint suppressions in .travis.yml. - -## v2.1.0 - -- Added `StatusCode` to `Error` for more easily obtaining the HTTP Reponse StatusCode (if any) - -## v2.0.0 - -- Changed `to.StringMapPtr` method signature to return a pointer -- Changed `ServicePrincipalCertificateSecret` and `NewServicePrincipalTokenFromCertificate` to support generic certificate and private keys - -## v1.0.0 - -- Added Logging inspectors to trace http.Request / Response -- Added support for User-Agent header -- Changed WithHeader PrepareDecorator to use set vs. add -- Added JSON to error when unmarshalling fails -- Added Client#Send method -- Corrected case of "Azure" in package paths -- Added "to" helpers, Azure helpers, and improved ease-of-use -- Corrected golint issues - -## v1.0.1 - -- Added CHANGELOG.md - -## v1.1.0 - -- Added mechanism to retrieve a ServicePrincipalToken using a certificate-signed JWT -- Added an example of creating a certificate-based ServicePrincipal and retrieving an OAuth token using the certificate - -## v1.1.1 - -- Introduce godeps and vendor dependencies introduced in v1.1.1 diff --git a/vendor/github.com/Azure/go-autorest/GNUmakefile b/vendor/github.com/Azure/go-autorest/GNUmakefile deleted file mode 100644 index a434e73a..00000000 --- a/vendor/github.com/Azure/go-autorest/GNUmakefile +++ /dev/null @@ -1,23 +0,0 @@ -DIR?=./autorest/ - -default: build - -build: fmt - go install $(DIR) - -test: - go test $(DIR) || exit 1 - -vet: - @echo "go vet ." - @go vet $(DIR)... ; if [ $$? -eq 1 ]; then \ - echo ""; \ - echo "Vet found suspicious constructs. Please check the reported constructs"; \ - echo "and fix them if necessary before submitting the code for review."; \ - exit 1; \ - fi - -fmt: - gofmt -w $(DIR) - -.PHONY: build test vet fmt diff --git a/vendor/github.com/Azure/go-autorest/Gopkg.lock b/vendor/github.com/Azure/go-autorest/Gopkg.lock deleted file mode 100644 index dc6e3e63..00000000 --- a/vendor/github.com/Azure/go-autorest/Gopkg.lock +++ /dev/null @@ -1,324 +0,0 @@ -# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'. - - -[[projects]] - digest = "1:892e39e5c083d0943f1e80ab8351690f183c6a5ab24e1d280adcad424c26255e" - name = "contrib.go.opencensus.io/exporter/ocagent" - packages = ["."] - pruneopts = "UT" - revision = "a8a6f458bbc1d5042322ad1f9b65eeb0b69be9ea" - version = "v0.6.0" - -[[projects]] - digest = "1:8f5acd4d4462b5136af644d25101f0968a7a94ee90fcb2059cec5b7cc42e0b20" - name = "github.com/census-instrumentation/opencensus-proto" - packages = [ - "gen-go/agent/common/v1", - "gen-go/agent/metrics/v1", - "gen-go/agent/trace/v1", - "gen-go/metrics/v1", - "gen-go/resource/v1", - "gen-go/trace/v1", - ] - pruneopts = "UT" - revision = "d89fa54de508111353cb0b06403c00569be780d8" - version = "v0.2.1" - -[[projects]] - digest = "1:ffe9824d294da03b391f44e1ae8281281b4afc1bdaa9588c9097785e3af10cec" - name = "github.com/davecgh/go-spew" - packages = ["spew"] - pruneopts = "UT" - revision = "8991bc29aa16c548c550c7ff78260e27b9ab7c73" - version = "v1.1.1" - -[[projects]] - digest = "1:76dc72490af7174349349838f2fe118996381b31ea83243812a97e5a0fd5ed55" - name = "github.com/dgrijalva/jwt-go" - packages = ["."] - pruneopts = "UT" - revision = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e" - version = "v3.2.0" - -[[projects]] - digest = "1:cf0d2e435fd4ce45b789e93ef24b5f08e86be0e9807a16beb3694e2d8c9af965" - name = "github.com/dimchansky/utfbom" - packages = ["."] - pruneopts = "UT" - revision = "d2133a1ce379ef6fa992b0514a77146c60db9d1c" - version = "v1.1.0" - -[[projects]] - branch = "master" - digest = "1:b7cb6054d3dff43b38ad2e92492f220f57ae6087ee797dca298139776749ace8" - name = "github.com/golang/groupcache" - packages = ["lru"] - pruneopts = "UT" - revision = "611e8accdfc92c4187d399e95ce826046d4c8d73" - -[[projects]] - digest = "1:e3839df32927e8d3403cd5aa7253d966e8ff80fc8f10e2e35d146461cd83fcfa" - name = "github.com/golang/protobuf" - packages = [ - "descriptor", - "jsonpb", - "proto", - "protoc-gen-go/descriptor", - "ptypes", - "ptypes/any", - "ptypes/duration", - "ptypes/struct", - "ptypes/timestamp", - "ptypes/wrappers", - ] - pruneopts = "UT" - revision = "6c65a5562fc06764971b7c5d05c76c75e84bdbf7" - version = "v1.3.2" - -[[projects]] - digest = "1:c560cd79300fac84f124b96225181a637a70b60155919a3c36db50b7cca6b806" - name = "github.com/grpc-ecosystem/grpc-gateway" - packages = [ - "internal", - "runtime", - "utilities", - ] - pruneopts = "UT" - revision = "f7120437bb4f6c71f7f5076ad65a45310de2c009" - version = "v1.12.1" - -[[projects]] - digest = "1:5d231480e1c64a726869bc4142d270184c419749d34f167646baa21008eb0a79" - name = "github.com/mitchellh/go-homedir" - packages = ["."] - pruneopts = "UT" - revision = "af06845cf3004701891bf4fdb884bfe4920b3727" - version = "v1.1.0" - -[[projects]] - digest = "1:0028cb19b2e4c3112225cd871870f2d9cf49b9b4276531f03438a88e94be86fe" - name = "github.com/pmezard/go-difflib" - packages = ["difflib"] - pruneopts = "UT" - revision = "792786c7400a136282c1664665ae0a8db921c6c2" - version = "v1.0.0" - -[[projects]] - digest = "1:99d32780e5238c2621fff621123997c3e3cca96db8be13179013aea77dfab551" - name = "github.com/stretchr/testify" - packages = [ - "assert", - "require", - ] - pruneopts = "UT" - revision = "221dbe5ed46703ee255b1da0dec05086f5035f62" - version = "v1.4.0" - -[[projects]] - digest = "1:7c5e00383399fe13de0b4b65c9fdde16275407ce8ac02d867eafeaa916edcc71" - name = "go.opencensus.io" - packages = [ - ".", - "internal", - "internal/tagencoding", - "metric/metricdata", - "metric/metricproducer", - "plugin/ocgrpc", - "plugin/ochttp", - "plugin/ochttp/propagation/b3", - "plugin/ochttp/propagation/tracecontext", - "resource", - "stats", - "stats/internal", - "stats/view", - "tag", - "trace", - "trace/internal", - "trace/propagation", - "trace/tracestate", - ] - pruneopts = "UT" - revision = "aad2c527c5defcf89b5afab7f37274304195a6b2" - version = "v0.22.2" - -[[projects]] - branch = "master" - digest = "1:f604f5e2ee721b6757d962dfe7bab4f28aae50c456e39cfb2f3819762a44a6ae" - name = "golang.org/x/crypto" - packages = [ - "pkcs12", - "pkcs12/internal/rc2", - ] - pruneopts = "UT" - revision = "e9b2fee46413994441b28dfca259d911d963dfed" - -[[projects]] - branch = "master" - digest = "1:334b27eac455cb6567ea28cd424230b07b1a64334a2f861a8075ac26ce10af43" - name = "golang.org/x/lint" - packages = [ - ".", - "golint", - ] - pruneopts = "UT" - revision = "fdd1cda4f05fd1fd86124f0ef9ce31a0b72c8448" - -[[projects]] - branch = "master" - digest = "1:257a75d024975428ab9192bfc334c3490882f8cb21322ea5784ca8eca000a910" - name = "golang.org/x/net" - packages = [ - "http/httpguts", - "http2", - "http2/hpack", - "idna", - "internal/timeseries", - "trace", - ] - pruneopts = "UT" - revision = "1ddd1de85cb0337b623b740a609d35817d516a8d" - -[[projects]] - branch = "master" - digest = "1:382bb5a7fb4034db3b6a2d19e5a4a6bcf52f4750530603c01ca18a172fa3089b" - name = "golang.org/x/sync" - packages = ["semaphore"] - pruneopts = "UT" - revision = "cd5d95a43a6e21273425c7ae415d3df9ea832eeb" - -[[projects]] - branch = "master" - digest = "1:4da420ceda5f68e8d748aa2169d0ed44ffadb1bbd6537cf778a49563104189b8" - name = "golang.org/x/sys" - packages = ["unix"] - pruneopts = "UT" - revision = "ce4227a45e2eb77e5c847278dcc6a626742e2945" - -[[projects]] - digest = "1:8d8faad6b12a3a4c819a3f9618cb6ee1fa1cfc33253abeeea8b55336721e3405" - name = "golang.org/x/text" - packages = [ - "collate", - "collate/build", - "internal/colltab", - "internal/gen", - "internal/language", - "internal/language/compact", - "internal/tag", - "internal/triegen", - "internal/ucd", - "language", - "secure/bidirule", - "transform", - "unicode/bidi", - "unicode/cldr", - "unicode/norm", - "unicode/rangetable", - ] - pruneopts = "UT" - revision = "342b2e1fbaa52c93f31447ad2c6abc048c63e475" - version = "v0.3.2" - -[[projects]] - branch = "master" - digest = "1:4eb5ea8395fb60212dd58b92c9db80bab59d5e99c7435f9a6a0a528c373b60e7" - name = "golang.org/x/tools" - packages = [ - "go/ast/astutil", - "go/gcexportdata", - "go/internal/gcimporter", - "go/types/typeutil", - ] - pruneopts = "UT" - revision = "259af5ff87bdcd4abf2ecda8edc3f13f04f26a42" - -[[projects]] - digest = "1:964bb30febc27fabfbec4759fa530c6ec35e77a7c85fed90b9317ea39a054877" - name = "google.golang.org/api" - packages = ["support/bundler"] - pruneopts = "UT" - revision = "8a410c21381766a810817fd6200fce8838ecb277" - version = "v0.14.0" - -[[projects]] - branch = "master" - digest = "1:a8d5c2c6e746b3485e36908ab2a9e3d77b86b81f8156d88403c7d2b462431dfd" - name = "google.golang.org/genproto" - packages = [ - "googleapis/api/httpbody", - "googleapis/rpc/status", - "protobuf/field_mask", - ] - pruneopts = "UT" - revision = "51378566eb590fa106d1025ea12835a4416dda84" - -[[projects]] - digest = "1:b59ce3ddb11daeeccccc9cb3183b58ebf8e9a779f1c853308cd91612e817a301" - name = "google.golang.org/grpc" - packages = [ - ".", - "backoff", - "balancer", - "balancer/base", - "balancer/roundrobin", - "binarylog/grpc_binarylog_v1", - "codes", - "connectivity", - "credentials", - "credentials/internal", - "encoding", - "encoding/proto", - "grpclog", - "internal", - "internal/backoff", - "internal/balancerload", - "internal/binarylog", - "internal/buffer", - "internal/channelz", - "internal/envconfig", - "internal/grpcrand", - "internal/grpcsync", - "internal/resolver/dns", - "internal/resolver/passthrough", - "internal/syscall", - "internal/transport", - "keepalive", - "metadata", - "naming", - "peer", - "resolver", - "serviceconfig", - "stats", - "status", - "tap", - ] - pruneopts = "UT" - revision = "1a3960e4bd028ac0cec0a2afd27d7d8e67c11514" - version = "v1.25.1" - -[[projects]] - digest = "1:b75b3deb2bce8bc079e16bb2aecfe01eb80098f5650f9e93e5643ca8b7b73737" - name = "gopkg.in/yaml.v2" - packages = ["."] - pruneopts = "UT" - revision = "1f64d6156d11335c3f22d9330b0ad14fc1e789ce" - version = "v2.2.7" - -[solve-meta] - analyzer-name = "dep" - analyzer-version = 1 - input-imports = [ - "contrib.go.opencensus.io/exporter/ocagent", - "github.com/dgrijalva/jwt-go", - "github.com/dimchansky/utfbom", - "github.com/mitchellh/go-homedir", - "github.com/stretchr/testify/require", - "go.opencensus.io/plugin/ochttp", - "go.opencensus.io/plugin/ochttp/propagation/tracecontext", - "go.opencensus.io/stats/view", - "go.opencensus.io/trace", - "golang.org/x/crypto/pkcs12", - "golang.org/x/lint/golint", - ] - solver-name = "gps-cdcl" - solver-version = 1 diff --git a/vendor/github.com/Azure/go-autorest/Gopkg.toml b/vendor/github.com/Azure/go-autorest/Gopkg.toml deleted file mode 100644 index 1fc28659..00000000 --- a/vendor/github.com/Azure/go-autorest/Gopkg.toml +++ /dev/null @@ -1,59 +0,0 @@ -# Gopkg.toml example -# -# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html -# for detailed Gopkg.toml documentation. -# -# required = ["github.com/user/thing/cmd/thing"] -# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"] -# -# [[constraint]] -# name = "github.com/user/project" -# version = "1.0.0" -# -# [[constraint]] -# name = "github.com/user/project2" -# branch = "dev" -# source = "github.com/myfork/project2" -# -# [[override]] -# name = "github.com/x/y" -# version = "2.4.0" -# -# [prune] -# non-go = false -# go-tests = true -# unused-packages = true - -required = ["golang.org/x/lint/golint"] - -[prune] - go-tests = true - unused-packages = true - -[[constraint]] - name = "contrib.go.opencensus.io/exporter/ocagent" - version = "0.6.0" - -[[constraint]] - name = "github.com/dgrijalva/jwt-go" - version = "3.2.0" - -[[constraint]] - name = "github.com/dimchansky/utfbom" - version = "1.1.0" - -[[constraint]] - name = "github.com/mitchellh/go-homedir" - version = "1.1.0" - -[[constraint]] - name = "github.com/stretchr/testify" - version = "1.3.0" - -[[constraint]] - name = "go.opencensus.io" - version = "0.22.0" - -[[constraint]] - branch = "master" - name = "golang.org/x/crypto" diff --git a/vendor/github.com/Azure/go-autorest/LICENSE b/vendor/github.com/Azure/go-autorest/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/README.md b/vendor/github.com/Azure/go-autorest/README.md deleted file mode 100644 index de1e19a4..00000000 --- a/vendor/github.com/Azure/go-autorest/README.md +++ /dev/null @@ -1,165 +0,0 @@ -# go-autorest - -[![GoDoc](https://godoc.org/github.com/Azure/go-autorest/autorest?status.png)](https://godoc.org/github.com/Azure/go-autorest/autorest) -[![Build Status](https://dev.azure.com/azure-sdk/public/_apis/build/status/go/Azure.go-autorest?branchName=master)](https://dev.azure.com/azure-sdk/public/_build/latest?definitionId=625&branchName=master) -[![Go Report Card](https://goreportcard.com/badge/Azure/go-autorest)](https://goreportcard.com/report/Azure/go-autorest) - -Package go-autorest provides an HTTP request client for use with [Autorest](https://github.com/Azure/autorest.go)-generated API client packages. - -An authentication client tested with Azure Active Directory (AAD) is also -provided in this repo in the package -`github.com/Azure/go-autorest/autorest/adal`. Despite its name, this package -is maintained only as part of the Azure Go SDK and is not related to other -"ADAL" libraries in [github.com/AzureAD](https://github.com/AzureAD). - -## Overview - -Package go-autorest implements an HTTP request pipeline suitable for use across -multiple goroutines and provides the shared routines used by packages generated -by [Autorest](https://github.com/Azure/autorest.go). - -The package breaks sending and responding to HTTP requests into three phases: Preparing, Sending, -and Responding. A typical pattern is: - -```go - req, err := Prepare(&http.Request{}, - token.WithAuthorization()) - - resp, err := Send(req, - WithLogging(logger), - DoErrorIfStatusCode(http.StatusInternalServerError), - DoCloseIfError(), - DoRetryForAttempts(5, time.Second)) - - err = Respond(resp, - ByDiscardingBody(), - ByClosing()) -``` - -Each phase relies on decorators to modify and / or manage processing. Decorators may first modify -and then pass the data along, pass the data first and then modify the result, or wrap themselves -around passing the data (such as a logger might do). Decorators run in the order provided. For -example, the following: - -```go - req, err := Prepare(&http.Request{}, - WithBaseURL("https://microsoft.com/"), - WithPath("a"), - WithPath("b"), - WithPath("c")) -``` - -will set the URL to: - -``` - https://microsoft.com/a/b/c -``` - -Preparers and Responders may be shared and re-used (assuming the underlying decorators support -sharing and re-use). Performant use is obtained by creating one or more Preparers and Responders -shared among multiple go-routines, and a single Sender shared among multiple sending go-routines, -all bound together by means of input / output channels. - -Decorators hold their passed state within a closure (such as the path components in the example -above). Be careful to share Preparers and Responders only in a context where such held state -applies. For example, it may not make sense to share a Preparer that applies a query string from a -fixed set of values. Similarly, sharing a Responder that reads the response body into a passed -struct (e.g., `ByUnmarshallingJson`) is likely incorrect. - -Errors raised by autorest objects and methods will conform to the `autorest.Error` interface. - -See the included examples for more detail. For details on the suggested use of this package by -generated clients, see the Client described below. - -## Helpers - -### Handling Swagger Dates - -The Swagger specification (https://swagger.io) that drives AutoRest -(https://github.com/Azure/autorest/) precisely defines two date forms: date and date-time. The -github.com/Azure/go-autorest/autorest/date package provides time.Time derivations to ensure correct -parsing and formatting. - -### Handling Empty Values - -In JSON, missing values have different semantics than empty values. This is especially true for -services using the HTTP PATCH verb. The JSON submitted with a PATCH request generally contains -only those values to modify. Missing values are to be left unchanged. Developers, then, require a -means to both specify an empty value and to leave the value out of the submitted JSON. - -The Go JSON package (`encoding/json`) supports the `omitempty` tag. When specified, it omits -empty values from the rendered JSON. Since Go defines default values for all base types (such as "" -for string and 0 for int) and provides no means to mark a value as actually empty, the JSON package -treats default values as meaning empty, omitting them from the rendered JSON. This means that, using -the Go base types encoded through the default JSON package, it is not possible to create JSON to -clear a value at the server. - -The workaround within the Go community is to use pointers to base types in lieu of base types within -structures that map to JSON. For example, instead of a value of type `string`, the workaround uses -`*string`. While this enables distinguishing empty values from those to be unchanged, creating -pointers to a base type (notably constant, in-line values) requires additional variables. This, for -example, - -```go - s := struct { - S *string - }{ S: &"foo" } -``` -fails, while, this - -```go - v := "foo" - s := struct { - S *string - }{ S: &v } -``` -succeeds. - -To ease using pointers, the subpackage `to` contains helpers that convert to and from pointers for -Go base types which have Swagger analogs. It also provides a helper that converts between -`map[string]string` and `map[string]*string`, enabling the JSON to specify that the value -associated with a key should be cleared. With the helpers, the previous example becomes - -```go - s := struct { - S *string - }{ S: to.StringPtr("foo") } -``` - -## Install - -```bash -go get github.com/Azure/go-autorest/autorest -go get github.com/Azure/go-autorest/autorest/azure -go get github.com/Azure/go-autorest/autorest/date -go get github.com/Azure/go-autorest/autorest/to -``` - -### Using with Go Modules -In [v12.0.1](https://github.com/Azure/go-autorest/pull/386), this repository introduced the following modules. - -- autorest/adal -- autorest/azure/auth -- autorest/azure/cli -- autorest/date -- autorest/mocks -- autorest/to -- autorest/validation -- autorest -- logger -- tracing - -Tagging cumulative SDK releases as a whole (e.g. `v12.3.0`) is still enabled to support consumers of this repo that have not yet migrated to modules. - -## License - -See LICENSE file. - ------ - -This project has adopted the [Microsoft Open Source Code of -Conduct](https://opensource.microsoft.com/codeofconduct/). For more information -see the [Code of Conduct -FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact -[opencode@microsoft.com](mailto:opencode@microsoft.com) with any additional -questions or comments. diff --git a/vendor/github.com/Azure/go-autorest/autorest/LICENSE b/vendor/github.com/Azure/go-autorest/autorest/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/LICENSE b/vendor/github.com/Azure/go-autorest/autorest/adal/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/README.md b/vendor/github.com/Azure/go-autorest/autorest/adal/README.md deleted file mode 100644 index b11eb078..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/README.md +++ /dev/null @@ -1,294 +0,0 @@ -# NOTE: This module will go out of support by March 31, 2023. For authenticating with Azure AD, use module [azidentity](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity) instead. For help migrating from `adal` to `azidentiy` please consult the [migration guide](https://aka.ms/azsdk/go/identity/migration). General information about the retirement of this and other legacy modules can be found [here](https://azure.microsoft.com/updates/support-for-azure-sdk-libraries-that-do-not-conform-to-our-current-azure-sdk-guidelines-will-be-retired-as-of-31-march-2023/). - -# Azure Active Directory authentication for Go - -This is a standalone package for authenticating with Azure Active -Directory from other Go libraries and applications, in particular the [Azure SDK -for Go](https://github.com/Azure/azure-sdk-for-go). - -Note: Despite the package's name it is not related to other "ADAL" libraries -maintained in the [github.com/AzureAD](https://github.com/AzureAD) org. Issues -should be opened in [this repo's](https://github.com/Azure/go-autorest/issues) -or [the SDK's](https://github.com/Azure/azure-sdk-for-go/issues) issue -trackers. - -## Install - -```bash -go get -u github.com/Azure/go-autorest/autorest/adal -``` - -## Usage - -An Active Directory application is required in order to use this library. An application can be registered in the [Azure Portal](https://portal.azure.com/) by following these [guidelines](https://docs.microsoft.com/azure/active-directory/develop/active-directory-integrating-applications) or using the [Azure CLI](https://github.com/Azure/azure-cli). - -### Register an Azure AD Application with secret - - -1. Register a new application with a `secret` credential - - ``` - az ad app create \ - --display-name example-app \ - --homepage https://example-app/home \ - --identifier-uris https://example-app/app \ - --password secret - ``` - -2. Create a service principal using the `Application ID` from previous step - - ``` - az ad sp create --id "Application ID" - ``` - - * Replace `Application ID` with `appId` from step 1. - -### Register an Azure AD Application with certificate - -1. Create a private key - - ``` - openssl genrsa -out "example-app.key" 2048 - ``` - -2. Create the certificate - - ``` - openssl req -new -key "example-app.key" -subj "/CN=example-app" -out "example-app.csr" - openssl x509 -req -in "example-app.csr" -signkey "example-app.key" -out "example-app.crt" -days 10000 - ``` - -3. Create the PKCS12 version of the certificate containing also the private key - - ``` - openssl pkcs12 -export -out "example-app.pfx" -inkey "example-app.key" -in "example-app.crt" -passout pass: - - ``` - -4. Register a new application with the certificate content form `example-app.crt` - - ``` - certificateContents="$(tail -n+2 "example-app.crt" | head -n-1)" - - az ad app create \ - --display-name example-app \ - --homepage https://example-app/home \ - --identifier-uris https://example-app/app \ - --key-usage Verify --end-date 2018-01-01 \ - --key-value "${certificateContents}" - ``` - -5. Create a service principal using the `Application ID` from previous step - - ``` - az ad sp create --id "APPLICATION_ID" - ``` - - * Replace `APPLICATION_ID` with `appId` from step 4. - - -### Grant the necessary permissions - -Azure relies on a Role-Based Access Control (RBAC) model to manage the access to resources at a fine-grained -level. There is a set of [pre-defined roles](https://docs.microsoft.com/azure/active-directory/role-based-access-built-in-roles) -which can be assigned to a service principal of an Azure AD application depending of your needs. - -``` -az role assignment create --assigner "SERVICE_PRINCIPAL_ID" --role "ROLE_NAME" -``` - -* Replace the `SERVICE_PRINCIPAL_ID` with the `appId` from previous step. -* Replace the `ROLE_NAME` with a role name of your choice. - -It is also possible to define custom role definitions. - -``` -az role definition create --role-definition role-definition.json -``` - -* Check [custom roles](https://docs.microsoft.com/azure/active-directory/role-based-access-control-custom-roles) for more details regarding the content of `role-definition.json` file. - - -### Acquire Access Token - -The common configuration used by all flows: - -```Go -const activeDirectoryEndpoint = "https://login.microsoftonline.com/" -tenantID := "TENANT_ID" -oauthConfig, err := adal.NewOAuthConfig(activeDirectoryEndpoint, tenantID) - -applicationID := "APPLICATION_ID" - -callback := func(token adal.Token) error { - // This is called after the token is acquired -} - -// The resource for which the token is acquired -resource := "https://management.core.windows.net/" -``` - -* Replace the `TENANT_ID` with your tenant ID. -* Replace the `APPLICATION_ID` with the value from previous section. - -#### Client Credentials - -```Go -applicationSecret := "APPLICATION_SECRET" - -spt, err := adal.NewServicePrincipalToken( - *oauthConfig, - appliationID, - applicationSecret, - resource, - callbacks...) -if err != nil { - return nil, err -} - -// Acquire a new access token -err = spt.Refresh() -if (err == nil) { - token := spt.Token -} -``` - -* Replace the `APPLICATION_SECRET` with the `password` value from previous section. - -#### Client Certificate - -```Go -certificatePath := "./example-app.pfx" - -certData, err := ioutil.ReadFile(certificatePath) -if err != nil { - return nil, fmt.Errorf("failed to read the certificate file (%s): %v", certificatePath, err) -} - -// Get the certificate and private key from pfx file -certificate, rsaPrivateKey, err := decodePkcs12(certData, "") -if err != nil { - return nil, fmt.Errorf("failed to decode pkcs12 certificate while creating spt: %v", err) -} - -spt, err := adal.NewServicePrincipalTokenFromCertificate( - *oauthConfig, - applicationID, - certificate, - rsaPrivateKey, - resource, - callbacks...) - -// Acquire a new access token -err = spt.Refresh() -if (err == nil) { - token := spt.Token -} -``` - -* Update the certificate path to point to the example-app.pfx file which was created in previous section. - - -#### Device Code - -```Go -oauthClient := &http.Client{} - -// Acquire the device code -deviceCode, err := adal.InitiateDeviceAuth( - oauthClient, - *oauthConfig, - applicationID, - resource) -if err != nil { - return nil, fmt.Errorf("Failed to start device auth flow: %s", err) -} - -// Display the authentication message -fmt.Println(*deviceCode.Message) - -// Wait here until the user is authenticated -token, err := adal.WaitForUserCompletion(oauthClient, deviceCode) -if err != nil { - return nil, fmt.Errorf("Failed to finish device auth flow: %s", err) -} - -spt, err := adal.NewServicePrincipalTokenFromManualToken( - *oauthConfig, - applicationID, - resource, - *token, - callbacks...) - -if (err == nil) { - token := spt.Token -} -``` - -#### Username password authenticate - -```Go -spt, err := adal.NewServicePrincipalTokenFromUsernamePassword( - *oauthConfig, - applicationID, - username, - password, - resource, - callbacks...) - -if (err == nil) { - token := spt.Token -} -``` - -#### Authorization code authenticate - -``` Go -spt, err := adal.NewServicePrincipalTokenFromAuthorizationCode( - *oauthConfig, - applicationID, - clientSecret, - authorizationCode, - redirectURI, - resource, - callbacks...) - -err = spt.Refresh() -if (err == nil) { - token := spt.Token -} -``` - -### Command Line Tool - -A command line tool is available in `cmd/adal.go` that can acquire a token for a given resource. It supports all flows mentioned above. - -``` -adal -h - -Usage of ./adal: - -applicationId string - application id - -certificatePath string - path to pk12/PFC application certificate - -mode string - authentication mode (device, secret, cert, refresh) (default "device") - -resource string - resource for which the token is requested - -secret string - application secret - -tenantId string - tenant id - -tokenCachePath string - location of oath token cache (default "/home/cgc/.adal/accessToken.json") -``` - -Example acquire a token for `https://management.core.windows.net/` using device code flow: - -``` -adal -mode device \ - -applicationId "APPLICATION_ID" \ - -tenantId "TENANT_ID" \ - -resource https://management.core.windows.net/ - -``` diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/config.go b/vendor/github.com/Azure/go-autorest/autorest/adal/config.go deleted file mode 100644 index fa596474..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/config.go +++ /dev/null @@ -1,151 +0,0 @@ -package adal - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "errors" - "fmt" - "net/url" -) - -const ( - activeDirectoryEndpointTemplate = "%s/oauth2/%s%s" -) - -// OAuthConfig represents the endpoints needed -// in OAuth operations -type OAuthConfig struct { - AuthorityEndpoint url.URL `json:"authorityEndpoint"` - AuthorizeEndpoint url.URL `json:"authorizeEndpoint"` - TokenEndpoint url.URL `json:"tokenEndpoint"` - DeviceCodeEndpoint url.URL `json:"deviceCodeEndpoint"` -} - -// IsZero returns true if the OAuthConfig object is zero-initialized. -func (oac OAuthConfig) IsZero() bool { - return oac == OAuthConfig{} -} - -func validateStringParam(param, name string) error { - if len(param) == 0 { - return fmt.Errorf("parameter '" + name + "' cannot be empty") - } - return nil -} - -// NewOAuthConfig returns an OAuthConfig with tenant specific urls -func NewOAuthConfig(activeDirectoryEndpoint, tenantID string) (*OAuthConfig, error) { - apiVer := "1.0" - return NewOAuthConfigWithAPIVersion(activeDirectoryEndpoint, tenantID, &apiVer) -} - -// NewOAuthConfigWithAPIVersion returns an OAuthConfig with tenant specific urls. -// If apiVersion is not nil the "api-version" query parameter will be appended to the endpoint URLs with the specified value. -func NewOAuthConfigWithAPIVersion(activeDirectoryEndpoint, tenantID string, apiVersion *string) (*OAuthConfig, error) { - if err := validateStringParam(activeDirectoryEndpoint, "activeDirectoryEndpoint"); err != nil { - return nil, err - } - api := "" - // it's legal for tenantID to be empty so don't validate it - if apiVersion != nil { - if err := validateStringParam(*apiVersion, "apiVersion"); err != nil { - return nil, err - } - api = fmt.Sprintf("?api-version=%s", *apiVersion) - } - u, err := url.Parse(activeDirectoryEndpoint) - if err != nil { - return nil, err - } - authorityURL, err := u.Parse(tenantID) - if err != nil { - return nil, err - } - authorizeURL, err := u.Parse(fmt.Sprintf(activeDirectoryEndpointTemplate, tenantID, "authorize", api)) - if err != nil { - return nil, err - } - tokenURL, err := u.Parse(fmt.Sprintf(activeDirectoryEndpointTemplate, tenantID, "token", api)) - if err != nil { - return nil, err - } - deviceCodeURL, err := u.Parse(fmt.Sprintf(activeDirectoryEndpointTemplate, tenantID, "devicecode", api)) - if err != nil { - return nil, err - } - - return &OAuthConfig{ - AuthorityEndpoint: *authorityURL, - AuthorizeEndpoint: *authorizeURL, - TokenEndpoint: *tokenURL, - DeviceCodeEndpoint: *deviceCodeURL, - }, nil -} - -// MultiTenantOAuthConfig provides endpoints for primary and aulixiary tenant IDs. -type MultiTenantOAuthConfig interface { - PrimaryTenant() *OAuthConfig - AuxiliaryTenants() []*OAuthConfig -} - -// OAuthOptions contains optional OAuthConfig creation arguments. -type OAuthOptions struct { - APIVersion string -} - -func (c OAuthOptions) apiVersion() string { - if c.APIVersion != "" { - return fmt.Sprintf("?api-version=%s", c.APIVersion) - } - return "1.0" -} - -// NewMultiTenantOAuthConfig creates an object that support multitenant OAuth configuration. -// See https://docs.microsoft.com/en-us/azure/azure-resource-manager/authenticate-multi-tenant for more information. -func NewMultiTenantOAuthConfig(activeDirectoryEndpoint, primaryTenantID string, auxiliaryTenantIDs []string, options OAuthOptions) (MultiTenantOAuthConfig, error) { - if len(auxiliaryTenantIDs) == 0 || len(auxiliaryTenantIDs) > 3 { - return nil, errors.New("must specify one to three auxiliary tenants") - } - mtCfg := multiTenantOAuthConfig{ - cfgs: make([]*OAuthConfig, len(auxiliaryTenantIDs)+1), - } - apiVer := options.apiVersion() - pri, err := NewOAuthConfigWithAPIVersion(activeDirectoryEndpoint, primaryTenantID, &apiVer) - if err != nil { - return nil, fmt.Errorf("failed to create OAuthConfig for primary tenant: %v", err) - } - mtCfg.cfgs[0] = pri - for i := range auxiliaryTenantIDs { - aux, err := NewOAuthConfig(activeDirectoryEndpoint, auxiliaryTenantIDs[i]) - if err != nil { - return nil, fmt.Errorf("failed to create OAuthConfig for tenant '%s': %v", auxiliaryTenantIDs[i], err) - } - mtCfg.cfgs[i+1] = aux - } - return mtCfg, nil -} - -type multiTenantOAuthConfig struct { - // first config in the slice is the primary tenant - cfgs []*OAuthConfig -} - -func (m multiTenantOAuthConfig) PrimaryTenant() *OAuthConfig { - return m.cfgs[0] -} - -func (m multiTenantOAuthConfig) AuxiliaryTenants() []*OAuthConfig { - return m.cfgs[1:] -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/devicetoken.go b/vendor/github.com/Azure/go-autorest/autorest/adal/devicetoken.go deleted file mode 100644 index 9daa4b58..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/devicetoken.go +++ /dev/null @@ -1,273 +0,0 @@ -package adal - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -/* - This file is largely based on rjw57/oauth2device's code, with the follow differences: - * scope -> resource, and only allow a single one - * receive "Message" in the DeviceCode struct and show it to users as the prompt - * azure-xplat-cli has the following behavior that this emulates: - - does not send client_secret during the token exchange - - sends resource again in the token exchange request -*/ - -import ( - "context" - "encoding/json" - "fmt" - "io/ioutil" - "net/http" - "net/url" - "strings" - "time" -) - -const ( - logPrefix = "autorest/adal/devicetoken:" -) - -var ( - // ErrDeviceGeneric represents an unknown error from the token endpoint when using device flow - ErrDeviceGeneric = fmt.Errorf("%s Error while retrieving OAuth token: Unknown Error", logPrefix) - - // ErrDeviceAccessDenied represents an access denied error from the token endpoint when using device flow - ErrDeviceAccessDenied = fmt.Errorf("%s Error while retrieving OAuth token: Access Denied", logPrefix) - - // ErrDeviceAuthorizationPending represents the server waiting on the user to complete the device flow - ErrDeviceAuthorizationPending = fmt.Errorf("%s Error while retrieving OAuth token: Authorization Pending", logPrefix) - - // ErrDeviceCodeExpired represents the server timing out and expiring the code during device flow - ErrDeviceCodeExpired = fmt.Errorf("%s Error while retrieving OAuth token: Code Expired", logPrefix) - - // ErrDeviceSlowDown represents the service telling us we're polling too often during device flow - ErrDeviceSlowDown = fmt.Errorf("%s Error while retrieving OAuth token: Slow Down", logPrefix) - - // ErrDeviceCodeEmpty represents an empty device code from the device endpoint while using device flow - ErrDeviceCodeEmpty = fmt.Errorf("%s Error while retrieving device code: Device Code Empty", logPrefix) - - // ErrOAuthTokenEmpty represents an empty OAuth token from the token endpoint when using device flow - ErrOAuthTokenEmpty = fmt.Errorf("%s Error while retrieving OAuth token: Token Empty", logPrefix) - - errCodeSendingFails = "Error occurred while sending request for Device Authorization Code" - errCodeHandlingFails = "Error occurred while handling response from the Device Endpoint" - errTokenSendingFails = "Error occurred while sending request with device code for a token" - errTokenHandlingFails = "Error occurred while handling response from the Token Endpoint (during device flow)" - errStatusNotOK = "Error HTTP status != 200" -) - -// DeviceCode is the object returned by the device auth endpoint -// It contains information to instruct the user to complete the auth flow -type DeviceCode struct { - DeviceCode *string `json:"device_code,omitempty"` - UserCode *string `json:"user_code,omitempty"` - VerificationURL *string `json:"verification_url,omitempty"` - ExpiresIn *int64 `json:"expires_in,string,omitempty"` - Interval *int64 `json:"interval,string,omitempty"` - - Message *string `json:"message"` // Azure specific - Resource string // store the following, stored when initiating, used when exchanging - OAuthConfig OAuthConfig - ClientID string -} - -// TokenError is the object returned by the token exchange endpoint -// when something is amiss -type TokenError struct { - Error *string `json:"error,omitempty"` - ErrorCodes []int `json:"error_codes,omitempty"` - ErrorDescription *string `json:"error_description,omitempty"` - Timestamp *string `json:"timestamp,omitempty"` - TraceID *string `json:"trace_id,omitempty"` -} - -// DeviceToken is the object return by the token exchange endpoint -// It can either look like a Token or an ErrorToken, so put both here -// and check for presence of "Error" to know if we are in error state -type deviceToken struct { - Token - TokenError -} - -// InitiateDeviceAuth initiates a device auth flow. It returns a DeviceCode -// that can be used with CheckForUserCompletion or WaitForUserCompletion. -// Deprecated: use InitiateDeviceAuthWithContext() instead. -func InitiateDeviceAuth(sender Sender, oauthConfig OAuthConfig, clientID, resource string) (*DeviceCode, error) { - return InitiateDeviceAuthWithContext(context.Background(), sender, oauthConfig, clientID, resource) -} - -// InitiateDeviceAuthWithContext initiates a device auth flow. It returns a DeviceCode -// that can be used with CheckForUserCompletion or WaitForUserCompletion. -func InitiateDeviceAuthWithContext(ctx context.Context, sender Sender, oauthConfig OAuthConfig, clientID, resource string) (*DeviceCode, error) { - v := url.Values{ - "client_id": []string{clientID}, - "resource": []string{resource}, - } - - s := v.Encode() - body := ioutil.NopCloser(strings.NewReader(s)) - - req, err := http.NewRequest(http.MethodPost, oauthConfig.DeviceCodeEndpoint.String(), body) - if err != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeSendingFails, err.Error()) - } - - req.ContentLength = int64(len(s)) - req.Header.Set(contentType, mimeTypeFormPost) - resp, err := sender.Do(req.WithContext(ctx)) - if err != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeSendingFails, err.Error()) - } - defer resp.Body.Close() - - rb, err := ioutil.ReadAll(resp.Body) - if err != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeHandlingFails, err.Error()) - } - - if resp.StatusCode != http.StatusOK { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeHandlingFails, errStatusNotOK) - } - - if len(strings.Trim(string(rb), " ")) == 0 { - return nil, ErrDeviceCodeEmpty - } - - var code DeviceCode - err = json.Unmarshal(rb, &code) - if err != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errCodeHandlingFails, err.Error()) - } - - code.ClientID = clientID - code.Resource = resource - code.OAuthConfig = oauthConfig - - return &code, nil -} - -// CheckForUserCompletion takes a DeviceCode and checks with the Azure AD OAuth endpoint -// to see if the device flow has: been completed, timed out, or otherwise failed -// Deprecated: use CheckForUserCompletionWithContext() instead. -func CheckForUserCompletion(sender Sender, code *DeviceCode) (*Token, error) { - return CheckForUserCompletionWithContext(context.Background(), sender, code) -} - -// CheckForUserCompletionWithContext takes a DeviceCode and checks with the Azure AD OAuth endpoint -// to see if the device flow has: been completed, timed out, or otherwise failed -func CheckForUserCompletionWithContext(ctx context.Context, sender Sender, code *DeviceCode) (*Token, error) { - v := url.Values{ - "client_id": []string{code.ClientID}, - "code": []string{*code.DeviceCode}, - "grant_type": []string{OAuthGrantTypeDeviceCode}, - "resource": []string{code.Resource}, - } - - s := v.Encode() - body := ioutil.NopCloser(strings.NewReader(s)) - - req, err := http.NewRequest(http.MethodPost, code.OAuthConfig.TokenEndpoint.String(), body) - if err != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenSendingFails, err.Error()) - } - - req.ContentLength = int64(len(s)) - req.Header.Set(contentType, mimeTypeFormPost) - resp, err := sender.Do(req.WithContext(ctx)) - if err != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenSendingFails, err.Error()) - } - defer resp.Body.Close() - - rb, err := ioutil.ReadAll(resp.Body) - if err != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenHandlingFails, err.Error()) - } - - if resp.StatusCode != http.StatusOK && len(strings.Trim(string(rb), " ")) == 0 { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenHandlingFails, errStatusNotOK) - } - if len(strings.Trim(string(rb), " ")) == 0 { - return nil, ErrOAuthTokenEmpty - } - - var token deviceToken - err = json.Unmarshal(rb, &token) - if err != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, errTokenHandlingFails, err.Error()) - } - - if token.Error == nil { - return &token.Token, nil - } - - switch *token.Error { - case "authorization_pending": - return nil, ErrDeviceAuthorizationPending - case "slow_down": - return nil, ErrDeviceSlowDown - case "access_denied": - return nil, ErrDeviceAccessDenied - case "code_expired": - return nil, ErrDeviceCodeExpired - default: - // return a more meaningful error message if available - if token.ErrorDescription != nil { - return nil, fmt.Errorf("%s %s: %s", logPrefix, *token.Error, *token.ErrorDescription) - } - return nil, ErrDeviceGeneric - } -} - -// WaitForUserCompletion calls CheckForUserCompletion repeatedly until a token is granted or an error state occurs. -// This prevents the user from looping and checking against 'ErrDeviceAuthorizationPending'. -// Deprecated: use WaitForUserCompletionWithContext() instead. -func WaitForUserCompletion(sender Sender, code *DeviceCode) (*Token, error) { - return WaitForUserCompletionWithContext(context.Background(), sender, code) -} - -// WaitForUserCompletionWithContext calls CheckForUserCompletion repeatedly until a token is granted or an error -// state occurs. This prevents the user from looping and checking against 'ErrDeviceAuthorizationPending'. -func WaitForUserCompletionWithContext(ctx context.Context, sender Sender, code *DeviceCode) (*Token, error) { - intervalDuration := time.Duration(*code.Interval) * time.Second - waitDuration := intervalDuration - - for { - token, err := CheckForUserCompletionWithContext(ctx, sender, code) - - if err == nil { - return token, nil - } - - switch err { - case ErrDeviceSlowDown: - waitDuration += waitDuration - case ErrDeviceAuthorizationPending: - // noop - default: // everything else is "fatal" to us - return nil, err - } - - if waitDuration > (intervalDuration * 3) { - return nil, fmt.Errorf("%s Error waiting for user to complete device flow. Server told us to slow_down too much", logPrefix) - } - - select { - case <-time.After(waitDuration): - // noop - case <-ctx.Done(): - return nil, ctx.Err() - } - } -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go deleted file mode 100644 index 647a61bb..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/go_mod_tidy_hack.go +++ /dev/null @@ -1,25 +0,0 @@ -//go:build modhack -// +build modhack - -package adal - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// This file, and the github.com/Azure/go-autorest import, won't actually become part of -// the resultant binary. - -// Necessary for safely adding multi-module repo. -// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/persist.go b/vendor/github.com/Azure/go-autorest/autorest/adal/persist.go deleted file mode 100644 index 2a974a39..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/persist.go +++ /dev/null @@ -1,135 +0,0 @@ -package adal - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "crypto/rsa" - "crypto/x509" - "encoding/json" - "errors" - "fmt" - "io/ioutil" - "os" - "path/filepath" - - "golang.org/x/crypto/pkcs12" -) - -var ( - // ErrMissingCertificate is returned when no local certificate is found in the provided PFX data. - ErrMissingCertificate = errors.New("adal: certificate missing") - - // ErrMissingPrivateKey is returned when no private key is found in the provided PFX data. - ErrMissingPrivateKey = errors.New("adal: private key missing") -) - -// LoadToken restores a Token object from a file located at 'path'. -func LoadToken(path string) (*Token, error) { - file, err := os.Open(path) - if err != nil { - return nil, fmt.Errorf("failed to open file (%s) while loading token: %v", path, err) - } - defer file.Close() - - var token Token - - dec := json.NewDecoder(file) - if err = dec.Decode(&token); err != nil { - return nil, fmt.Errorf("failed to decode contents of file (%s) into Token representation: %v", path, err) - } - return &token, nil -} - -// SaveToken persists an oauth token at the given location on disk. -// It moves the new file into place so it can safely be used to replace an existing file -// that maybe accessed by multiple processes. -func SaveToken(path string, mode os.FileMode, token Token) error { - dir := filepath.Dir(path) - err := os.MkdirAll(dir, os.ModePerm) - if err != nil { - return fmt.Errorf("failed to create directory (%s) to store token in: %v", dir, err) - } - - newFile, err := ioutil.TempFile(dir, "token") - if err != nil { - return fmt.Errorf("failed to create the temp file to write the token: %v", err) - } - tempPath := newFile.Name() - - if err := json.NewEncoder(newFile).Encode(token); err != nil { - return fmt.Errorf("failed to encode token to file (%s) while saving token: %v", tempPath, err) - } - if err := newFile.Close(); err != nil { - return fmt.Errorf("failed to close temp file %s: %v", tempPath, err) - } - - // Atomic replace to avoid multi-writer file corruptions - if err := os.Rename(tempPath, path); err != nil { - return fmt.Errorf("failed to move temporary token to desired output location. src=%s dst=%s: %v", tempPath, path, err) - } - if err := os.Chmod(path, mode); err != nil { - return fmt.Errorf("failed to chmod the token file %s: %v", path, err) - } - return nil -} - -// DecodePfxCertificateData extracts the x509 certificate and RSA private key from the provided PFX data. -// The PFX data must contain a private key along with a certificate whose public key matches that of the -// private key or an error is returned. -// If the private key is not password protected pass the empty string for password. -func DecodePfxCertificateData(pfxData []byte, password string) (*x509.Certificate, *rsa.PrivateKey, error) { - blocks, err := pkcs12.ToPEM(pfxData, password) - if err != nil { - return nil, nil, err - } - // first extract the private key - var priv *rsa.PrivateKey - for _, block := range blocks { - if block.Type == "PRIVATE KEY" { - priv, err = x509.ParsePKCS1PrivateKey(block.Bytes) - if err != nil { - return nil, nil, err - } - break - } - } - if priv == nil { - return nil, nil, ErrMissingPrivateKey - } - // now find the certificate with the matching public key of our private key - var cert *x509.Certificate - for _, block := range blocks { - if block.Type == "CERTIFICATE" { - pcert, err := x509.ParseCertificate(block.Bytes) - if err != nil { - return nil, nil, err - } - certKey, ok := pcert.PublicKey.(*rsa.PublicKey) - if !ok { - // keep looking - continue - } - if priv.E == certKey.E && priv.N.Cmp(certKey.N) == 0 { - // found a match - cert = pcert - break - } - } - } - if cert == nil { - return nil, nil, ErrMissingCertificate - } - return cert, priv, nil -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/sender.go b/vendor/github.com/Azure/go-autorest/autorest/adal/sender.go deleted file mode 100644 index eb649bce..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/sender.go +++ /dev/null @@ -1,101 +0,0 @@ -package adal - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "crypto/tls" - "net" - "net/http" - "net/http/cookiejar" - "sync" - "time" - - "github.com/Azure/go-autorest/tracing" -) - -const ( - contentType = "Content-Type" - mimeTypeFormPost = "application/x-www-form-urlencoded" -) - -// DO NOT ACCESS THIS DIRECTLY. go through sender() -var defaultSender Sender -var defaultSenderInit = &sync.Once{} - -// Sender is the interface that wraps the Do method to send HTTP requests. -// -// The standard http.Client conforms to this interface. -type Sender interface { - Do(*http.Request) (*http.Response, error) -} - -// SenderFunc is a method that implements the Sender interface. -type SenderFunc func(*http.Request) (*http.Response, error) - -// Do implements the Sender interface on SenderFunc. -func (sf SenderFunc) Do(r *http.Request) (*http.Response, error) { - return sf(r) -} - -// SendDecorator takes and possibly decorates, by wrapping, a Sender. Decorators may affect the -// http.Request and pass it along or, first, pass the http.Request along then react to the -// http.Response result. -type SendDecorator func(Sender) Sender - -// CreateSender creates, decorates, and returns, as a Sender, the default http.Client. -func CreateSender(decorators ...SendDecorator) Sender { - return DecorateSender(sender(), decorators...) -} - -// DecorateSender accepts a Sender and a, possibly empty, set of SendDecorators, which is applies to -// the Sender. Decorators are applied in the order received, but their affect upon the request -// depends on whether they are a pre-decorator (change the http.Request and then pass it along) or a -// post-decorator (pass the http.Request along and react to the results in http.Response). -func DecorateSender(s Sender, decorators ...SendDecorator) Sender { - for _, decorate := range decorators { - s = decorate(s) - } - return s -} - -func sender() Sender { - // note that we can't init defaultSender in init() since it will - // execute before calling code has had a chance to enable tracing - defaultSenderInit.Do(func() { - // copied from http.DefaultTransport with a TLS minimum version. - transport := &http.Transport{ - Proxy: http.ProxyFromEnvironment, - DialContext: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - }).DialContext, - ForceAttemptHTTP2: true, - MaxIdleConns: 100, - IdleConnTimeout: 90 * time.Second, - TLSHandshakeTimeout: 10 * time.Second, - ExpectContinueTimeout: 1 * time.Second, - TLSClientConfig: &tls.Config{ - MinVersion: tls.VersionTLS12, - }, - } - var roundTripper http.RoundTripper = transport - if tracing.IsEnabled() { - roundTripper = tracing.NewTransport(transport) - } - j, _ := cookiejar.New(nil) - defaultSender = &http.Client{Jar: j, Transport: roundTripper} - }) - return defaultSender -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token.go deleted file mode 100644 index 2a24ab80..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/token.go +++ /dev/null @@ -1,1430 +0,0 @@ -package adal - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "context" - "crypto/rand" - "crypto/rsa" - "crypto/sha1" - "crypto/x509" - "encoding/base64" - "encoding/json" - "errors" - "fmt" - "io" - "io/ioutil" - "math" - "net/http" - "net/url" - "os" - "strconv" - "strings" - "sync" - "time" - - "github.com/Azure/go-autorest/autorest/date" - "github.com/Azure/go-autorest/logger" - "github.com/golang-jwt/jwt/v4" -) - -const ( - defaultRefresh = 5 * time.Minute - - // OAuthGrantTypeDeviceCode is the "grant_type" identifier used in device flow - OAuthGrantTypeDeviceCode = "device_code" - - // OAuthGrantTypeClientCredentials is the "grant_type" identifier used in credential flows - OAuthGrantTypeClientCredentials = "client_credentials" - - // OAuthGrantTypeUserPass is the "grant_type" identifier used in username and password auth flows - OAuthGrantTypeUserPass = "password" - - // OAuthGrantTypeRefreshToken is the "grant_type" identifier used in refresh token flows - OAuthGrantTypeRefreshToken = "refresh_token" - - // OAuthGrantTypeAuthorizationCode is the "grant_type" identifier used in authorization code flows - OAuthGrantTypeAuthorizationCode = "authorization_code" - - // metadataHeader is the header required by MSI extension - metadataHeader = "Metadata" - - // msiEndpoint is the well known endpoint for getting MSI authentications tokens - msiEndpoint = "http://169.254.169.254/metadata/identity/oauth2/token" - - // the API version to use for the MSI endpoint - msiAPIVersion = "2018-02-01" - - // the default number of attempts to refresh an MSI authentication token - defaultMaxMSIRefreshAttempts = 5 - - // asMSIEndpointEnv is the environment variable used to store the endpoint on App Service and Functions - msiEndpointEnv = "MSI_ENDPOINT" - - // asMSISecretEnv is the environment variable used to store the request secret on App Service and Functions - msiSecretEnv = "MSI_SECRET" - - // the API version to use for the legacy App Service MSI endpoint - appServiceAPIVersion2017 = "2017-09-01" - - // secret header used when authenticating against app service MSI endpoint - secretHeader = "Secret" - - // the format for expires_on in UTC with AM/PM - expiresOnDateFormatPM = "1/2/2006 15:04:05 PM +00:00" - - // the format for expires_on in UTC without AM/PM - expiresOnDateFormat = "1/2/2006 15:04:05 +00:00" -) - -// OAuthTokenProvider is an interface which should be implemented by an access token retriever -type OAuthTokenProvider interface { - OAuthToken() string -} - -// MultitenantOAuthTokenProvider provides tokens used for multi-tenant authorization. -type MultitenantOAuthTokenProvider interface { - PrimaryOAuthToken() string - AuxiliaryOAuthTokens() []string -} - -// TokenRefreshError is an interface used by errors returned during token refresh. -type TokenRefreshError interface { - error - Response() *http.Response -} - -// Refresher is an interface for token refresh functionality -type Refresher interface { - Refresh() error - RefreshExchange(resource string) error - EnsureFresh() error -} - -// RefresherWithContext is an interface for token refresh functionality -type RefresherWithContext interface { - RefreshWithContext(ctx context.Context) error - RefreshExchangeWithContext(ctx context.Context, resource string) error - EnsureFreshWithContext(ctx context.Context) error -} - -// TokenRefreshCallback is the type representing callbacks that will be called after -// a successful token refresh -type TokenRefreshCallback func(Token) error - -// TokenRefresh is a type representing a custom callback to refresh a token -type TokenRefresh func(ctx context.Context, resource string) (*Token, error) - -// JWTCallback is the type representing callback that will be called to get the federated OIDC JWT -type JWTCallback func() (string, error) - -// Token encapsulates the access token used to authorize Azure requests. -// https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow#service-to-service-access-token-response -type Token struct { - AccessToken string `json:"access_token"` - RefreshToken string `json:"refresh_token"` - - ExpiresIn json.Number `json:"expires_in"` - ExpiresOn json.Number `json:"expires_on"` - NotBefore json.Number `json:"not_before"` - - Resource string `json:"resource"` - Type string `json:"token_type"` -} - -func newToken() Token { - return Token{ - ExpiresIn: "0", - ExpiresOn: "0", - NotBefore: "0", - } -} - -// IsZero returns true if the token object is zero-initialized. -func (t Token) IsZero() bool { - return t == Token{} -} - -// Expires returns the time.Time when the Token expires. -func (t Token) Expires() time.Time { - s, err := t.ExpiresOn.Float64() - if err != nil { - s = -3600 - } - - expiration := date.NewUnixTimeFromSeconds(s) - - return time.Time(expiration).UTC() -} - -// IsExpired returns true if the Token is expired, false otherwise. -func (t Token) IsExpired() bool { - return t.WillExpireIn(0) -} - -// WillExpireIn returns true if the Token will expire after the passed time.Duration interval -// from now, false otherwise. -func (t Token) WillExpireIn(d time.Duration) bool { - return !t.Expires().After(time.Now().Add(d)) -} - -// OAuthToken return the current access token -func (t *Token) OAuthToken() string { - return t.AccessToken -} - -// ServicePrincipalSecret is an interface that allows various secret mechanism to fill the form -// that is submitted when acquiring an oAuth token. -type ServicePrincipalSecret interface { - SetAuthenticationValues(spt *ServicePrincipalToken, values *url.Values) error -} - -// ServicePrincipalNoSecret represents a secret type that contains no secret -// meaning it is not valid for fetching a fresh token. This is used by Manual -type ServicePrincipalNoSecret struct { -} - -// SetAuthenticationValues is a method of the interface ServicePrincipalSecret -// It only returns an error for the ServicePrincipalNoSecret type -func (noSecret *ServicePrincipalNoSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error { - return fmt.Errorf("Manually created ServicePrincipalToken does not contain secret material to retrieve a new access token") -} - -// MarshalJSON implements the json.Marshaler interface. -func (noSecret ServicePrincipalNoSecret) MarshalJSON() ([]byte, error) { - type tokenType struct { - Type string `json:"type"` - } - return json.Marshal(tokenType{ - Type: "ServicePrincipalNoSecret", - }) -} - -// ServicePrincipalTokenSecret implements ServicePrincipalSecret for client_secret type authorization. -type ServicePrincipalTokenSecret struct { - ClientSecret string `json:"value"` -} - -// SetAuthenticationValues is a method of the interface ServicePrincipalSecret. -// It will populate the form submitted during oAuth Token Acquisition using the client_secret. -func (tokenSecret *ServicePrincipalTokenSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error { - v.Set("client_secret", tokenSecret.ClientSecret) - return nil -} - -// MarshalJSON implements the json.Marshaler interface. -func (tokenSecret ServicePrincipalTokenSecret) MarshalJSON() ([]byte, error) { - type tokenType struct { - Type string `json:"type"` - Value string `json:"value"` - } - return json.Marshal(tokenType{ - Type: "ServicePrincipalTokenSecret", - Value: tokenSecret.ClientSecret, - }) -} - -// ServicePrincipalCertificateSecret implements ServicePrincipalSecret for generic RSA cert auth with signed JWTs. -type ServicePrincipalCertificateSecret struct { - Certificate *x509.Certificate - PrivateKey *rsa.PrivateKey -} - -// SignJwt returns the JWT signed with the certificate's private key. -func (secret *ServicePrincipalCertificateSecret) SignJwt(spt *ServicePrincipalToken) (string, error) { - hasher := sha1.New() - _, err := hasher.Write(secret.Certificate.Raw) - if err != nil { - return "", err - } - - thumbprint := base64.URLEncoding.EncodeToString(hasher.Sum(nil)) - - // The jti (JWT ID) claim provides a unique identifier for the JWT. - jti := make([]byte, 20) - _, err = rand.Read(jti) - if err != nil { - return "", err - } - - token := jwt.New(jwt.SigningMethodRS256) - token.Header["x5t"] = thumbprint - x5c := []string{base64.StdEncoding.EncodeToString(secret.Certificate.Raw)} - token.Header["x5c"] = x5c - token.Claims = jwt.MapClaims{ - "aud": spt.inner.OauthConfig.TokenEndpoint.String(), - "iss": spt.inner.ClientID, - "sub": spt.inner.ClientID, - "jti": base64.URLEncoding.EncodeToString(jti), - "nbf": time.Now().Unix(), - "exp": time.Now().Add(24 * time.Hour).Unix(), - } - - signedString, err := token.SignedString(secret.PrivateKey) - return signedString, err -} - -// SetAuthenticationValues is a method of the interface ServicePrincipalSecret. -// It will populate the form submitted during oAuth Token Acquisition using a JWT signed with a certificate. -func (secret *ServicePrincipalCertificateSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error { - jwt, err := secret.SignJwt(spt) - if err != nil { - return err - } - - v.Set("client_assertion", jwt) - v.Set("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer") - return nil -} - -// MarshalJSON implements the json.Marshaler interface. -func (secret ServicePrincipalCertificateSecret) MarshalJSON() ([]byte, error) { - return nil, errors.New("marshalling ServicePrincipalCertificateSecret is not supported") -} - -// ServicePrincipalMSISecret implements ServicePrincipalSecret for machines running the MSI Extension. -type ServicePrincipalMSISecret struct { - msiType msiType - clientResourceID string -} - -// SetAuthenticationValues is a method of the interface ServicePrincipalSecret. -func (msiSecret *ServicePrincipalMSISecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error { - return nil -} - -// MarshalJSON implements the json.Marshaler interface. -func (msiSecret ServicePrincipalMSISecret) MarshalJSON() ([]byte, error) { - return nil, errors.New("marshalling ServicePrincipalMSISecret is not supported") -} - -// ServicePrincipalUsernamePasswordSecret implements ServicePrincipalSecret for username and password auth. -type ServicePrincipalUsernamePasswordSecret struct { - Username string `json:"username"` - Password string `json:"password"` -} - -// SetAuthenticationValues is a method of the interface ServicePrincipalSecret. -func (secret *ServicePrincipalUsernamePasswordSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error { - v.Set("username", secret.Username) - v.Set("password", secret.Password) - return nil -} - -// MarshalJSON implements the json.Marshaler interface. -func (secret ServicePrincipalUsernamePasswordSecret) MarshalJSON() ([]byte, error) { - type tokenType struct { - Type string `json:"type"` - Username string `json:"username"` - Password string `json:"password"` - } - return json.Marshal(tokenType{ - Type: "ServicePrincipalUsernamePasswordSecret", - Username: secret.Username, - Password: secret.Password, - }) -} - -// ServicePrincipalAuthorizationCodeSecret implements ServicePrincipalSecret for authorization code auth. -type ServicePrincipalAuthorizationCodeSecret struct { - ClientSecret string `json:"value"` - AuthorizationCode string `json:"authCode"` - RedirectURI string `json:"redirect"` -} - -// SetAuthenticationValues is a method of the interface ServicePrincipalSecret. -func (secret *ServicePrincipalAuthorizationCodeSecret) SetAuthenticationValues(spt *ServicePrincipalToken, v *url.Values) error { - v.Set("code", secret.AuthorizationCode) - v.Set("client_secret", secret.ClientSecret) - v.Set("redirect_uri", secret.RedirectURI) - return nil -} - -// MarshalJSON implements the json.Marshaler interface. -func (secret ServicePrincipalAuthorizationCodeSecret) MarshalJSON() ([]byte, error) { - type tokenType struct { - Type string `json:"type"` - Value string `json:"value"` - AuthCode string `json:"authCode"` - Redirect string `json:"redirect"` - } - return json.Marshal(tokenType{ - Type: "ServicePrincipalAuthorizationCodeSecret", - Value: secret.ClientSecret, - AuthCode: secret.AuthorizationCode, - Redirect: secret.RedirectURI, - }) -} - -// ServicePrincipalFederatedSecret implements ServicePrincipalSecret for Federated JWTs. -type ServicePrincipalFederatedSecret struct { - jwtCallback JWTCallback -} - -// SetAuthenticationValues is a method of the interface ServicePrincipalSecret. -// It will populate the form submitted during OAuth Token Acquisition using a JWT signed by an OIDC issuer. -func (secret *ServicePrincipalFederatedSecret) SetAuthenticationValues(_ *ServicePrincipalToken, v *url.Values) error { - jwt, err := secret.jwtCallback() - if err != nil { - return err - } - - v.Set("client_assertion", jwt) - v.Set("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer") - return nil -} - -// MarshalJSON implements the json.Marshaler interface. -func (secret ServicePrincipalFederatedSecret) MarshalJSON() ([]byte, error) { - return nil, errors.New("marshalling ServicePrincipalFederatedSecret is not supported") -} - -// ServicePrincipalToken encapsulates a Token created for a Service Principal. -type ServicePrincipalToken struct { - inner servicePrincipalToken - refreshLock *sync.RWMutex - sender Sender - customRefreshFunc TokenRefresh - refreshCallbacks []TokenRefreshCallback - // MaxMSIRefreshAttempts is the maximum number of attempts to refresh an MSI token. - // Settings this to a value less than 1 will use the default value. - MaxMSIRefreshAttempts int -} - -// MarshalTokenJSON returns the marshalled inner token. -func (spt ServicePrincipalToken) MarshalTokenJSON() ([]byte, error) { - return json.Marshal(spt.inner.Token) -} - -// SetRefreshCallbacks replaces any existing refresh callbacks with the specified callbacks. -func (spt *ServicePrincipalToken) SetRefreshCallbacks(callbacks []TokenRefreshCallback) { - spt.refreshCallbacks = callbacks -} - -// SetCustomRefreshFunc sets a custom refresh function used to refresh the token. -func (spt *ServicePrincipalToken) SetCustomRefreshFunc(customRefreshFunc TokenRefresh) { - spt.customRefreshFunc = customRefreshFunc -} - -// MarshalJSON implements the json.Marshaler interface. -func (spt ServicePrincipalToken) MarshalJSON() ([]byte, error) { - return json.Marshal(spt.inner) -} - -// UnmarshalJSON implements the json.Unmarshaler interface. -func (spt *ServicePrincipalToken) UnmarshalJSON(data []byte) error { - // need to determine the token type - raw := map[string]interface{}{} - err := json.Unmarshal(data, &raw) - if err != nil { - return err - } - secret := raw["secret"].(map[string]interface{}) - switch secret["type"] { - case "ServicePrincipalNoSecret": - spt.inner.Secret = &ServicePrincipalNoSecret{} - case "ServicePrincipalTokenSecret": - spt.inner.Secret = &ServicePrincipalTokenSecret{} - case "ServicePrincipalCertificateSecret": - return errors.New("unmarshalling ServicePrincipalCertificateSecret is not supported") - case "ServicePrincipalMSISecret": - return errors.New("unmarshalling ServicePrincipalMSISecret is not supported") - case "ServicePrincipalUsernamePasswordSecret": - spt.inner.Secret = &ServicePrincipalUsernamePasswordSecret{} - case "ServicePrincipalAuthorizationCodeSecret": - spt.inner.Secret = &ServicePrincipalAuthorizationCodeSecret{} - case "ServicePrincipalFederatedSecret": - return errors.New("unmarshalling ServicePrincipalFederatedSecret is not supported") - default: - return fmt.Errorf("unrecognized token type '%s'", secret["type"]) - } - err = json.Unmarshal(data, &spt.inner) - if err != nil { - return err - } - // Don't override the refreshLock or the sender if those have been already set. - if spt.refreshLock == nil { - spt.refreshLock = &sync.RWMutex{} - } - if spt.sender == nil { - spt.sender = sender() - } - return nil -} - -// internal type used for marshalling/unmarshalling -type servicePrincipalToken struct { - Token Token `json:"token"` - Secret ServicePrincipalSecret `json:"secret"` - OauthConfig OAuthConfig `json:"oauth"` - ClientID string `json:"clientID"` - Resource string `json:"resource"` - AutoRefresh bool `json:"autoRefresh"` - RefreshWithin time.Duration `json:"refreshWithin"` -} - -func validateOAuthConfig(oac OAuthConfig) error { - if oac.IsZero() { - return fmt.Errorf("parameter 'oauthConfig' cannot be zero-initialized") - } - return nil -} - -// NewServicePrincipalTokenWithSecret create a ServicePrincipalToken using the supplied ServicePrincipalSecret implementation. -func NewServicePrincipalTokenWithSecret(oauthConfig OAuthConfig, id string, resource string, secret ServicePrincipalSecret, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(id, "id"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - if secret == nil { - return nil, fmt.Errorf("parameter 'secret' cannot be nil") - } - spt := &ServicePrincipalToken{ - inner: servicePrincipalToken{ - Token: newToken(), - OauthConfig: oauthConfig, - Secret: secret, - ClientID: id, - Resource: resource, - AutoRefresh: true, - RefreshWithin: defaultRefresh, - }, - refreshLock: &sync.RWMutex{}, - sender: sender(), - refreshCallbacks: callbacks, - } - return spt, nil -} - -// NewServicePrincipalTokenFromManualToken creates a ServicePrincipalToken using the supplied token -func NewServicePrincipalTokenFromManualToken(oauthConfig OAuthConfig, clientID string, resource string, token Token, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - if token.IsZero() { - return nil, fmt.Errorf("parameter 'token' cannot be zero-initialized") - } - spt, err := NewServicePrincipalTokenWithSecret( - oauthConfig, - clientID, - resource, - &ServicePrincipalNoSecret{}, - callbacks...) - if err != nil { - return nil, err - } - - spt.inner.Token = token - - return spt, nil -} - -// NewServicePrincipalTokenFromManualTokenSecret creates a ServicePrincipalToken using the supplied token and secret -func NewServicePrincipalTokenFromManualTokenSecret(oauthConfig OAuthConfig, clientID string, resource string, token Token, secret ServicePrincipalSecret, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - if secret == nil { - return nil, fmt.Errorf("parameter 'secret' cannot be nil") - } - if token.IsZero() { - return nil, fmt.Errorf("parameter 'token' cannot be zero-initialized") - } - spt, err := NewServicePrincipalTokenWithSecret( - oauthConfig, - clientID, - resource, - secret, - callbacks...) - if err != nil { - return nil, err - } - - spt.inner.Token = token - - return spt, nil -} - -// NewServicePrincipalToken creates a ServicePrincipalToken from the supplied Service Principal -// credentials scoped to the named resource. -func NewServicePrincipalToken(oauthConfig OAuthConfig, clientID string, secret string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(secret, "secret"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - return NewServicePrincipalTokenWithSecret( - oauthConfig, - clientID, - resource, - &ServicePrincipalTokenSecret{ - ClientSecret: secret, - }, - callbacks..., - ) -} - -// NewServicePrincipalTokenFromCertificate creates a ServicePrincipalToken from the supplied pkcs12 bytes. -func NewServicePrincipalTokenFromCertificate(oauthConfig OAuthConfig, clientID string, certificate *x509.Certificate, privateKey *rsa.PrivateKey, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - if certificate == nil { - return nil, fmt.Errorf("parameter 'certificate' cannot be nil") - } - if privateKey == nil { - return nil, fmt.Errorf("parameter 'privateKey' cannot be nil") - } - return NewServicePrincipalTokenWithSecret( - oauthConfig, - clientID, - resource, - &ServicePrincipalCertificateSecret{ - PrivateKey: privateKey, - Certificate: certificate, - }, - callbacks..., - ) -} - -// NewServicePrincipalTokenFromUsernamePassword creates a ServicePrincipalToken from the username and password. -func NewServicePrincipalTokenFromUsernamePassword(oauthConfig OAuthConfig, clientID string, username string, password string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(username, "username"); err != nil { - return nil, err - } - if err := validateStringParam(password, "password"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - return NewServicePrincipalTokenWithSecret( - oauthConfig, - clientID, - resource, - &ServicePrincipalUsernamePasswordSecret{ - Username: username, - Password: password, - }, - callbacks..., - ) -} - -// NewServicePrincipalTokenFromAuthorizationCode creates a ServicePrincipalToken from the -func NewServicePrincipalTokenFromAuthorizationCode(oauthConfig OAuthConfig, clientID string, clientSecret string, authorizationCode string, redirectURI string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(clientSecret, "clientSecret"); err != nil { - return nil, err - } - if err := validateStringParam(authorizationCode, "authorizationCode"); err != nil { - return nil, err - } - if err := validateStringParam(redirectURI, "redirectURI"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - - return NewServicePrincipalTokenWithSecret( - oauthConfig, - clientID, - resource, - &ServicePrincipalAuthorizationCodeSecret{ - ClientSecret: clientSecret, - AuthorizationCode: authorizationCode, - RedirectURI: redirectURI, - }, - callbacks..., - ) -} - -// NewServicePrincipalTokenFromFederatedToken creates a ServicePrincipalToken from the supplied federated OIDC JWT. -// -// Deprecated: Use NewServicePrincipalTokenFromFederatedTokenWithCallback to refresh jwt dynamically. -func NewServicePrincipalTokenFromFederatedToken(oauthConfig OAuthConfig, clientID string, jwt string, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - if jwt == "" { - return nil, fmt.Errorf("parameter 'jwt' cannot be empty") - } - return NewServicePrincipalTokenFromFederatedTokenCallback( - oauthConfig, - clientID, - func() (string, error) { - return jwt, nil - }, - resource, - callbacks..., - ) -} - -// NewServicePrincipalTokenFromFederatedTokenCallback creates a ServicePrincipalToken from the supplied federated OIDC JWTCallback. -func NewServicePrincipalTokenFromFederatedTokenCallback(oauthConfig OAuthConfig, clientID string, jwtCallback JWTCallback, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateOAuthConfig(oauthConfig); err != nil { - return nil, err - } - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - if jwtCallback == nil { - return nil, fmt.Errorf("parameter 'jwtCallback' cannot be empty") - } - return NewServicePrincipalTokenWithSecret( - oauthConfig, - clientID, - resource, - &ServicePrincipalFederatedSecret{ - jwtCallback: jwtCallback, - }, - callbacks..., - ) -} - -type msiType int - -const ( - msiTypeUnavailable msiType = iota - msiTypeAppServiceV20170901 - msiTypeCloudShell - msiTypeIMDS -) - -func (m msiType) String() string { - switch m { - case msiTypeAppServiceV20170901: - return "AppServiceV20170901" - case msiTypeCloudShell: - return "CloudShell" - case msiTypeIMDS: - return "IMDS" - default: - return fmt.Sprintf("unhandled MSI type %d", m) - } -} - -// returns the MSI type and endpoint, or an error -func getMSIType() (msiType, string, error) { - if endpointEnvVar := os.Getenv(msiEndpointEnv); endpointEnvVar != "" { - // if the env var MSI_ENDPOINT is set - if secretEnvVar := os.Getenv(msiSecretEnv); secretEnvVar != "" { - // if BOTH the env vars MSI_ENDPOINT and MSI_SECRET are set the msiType is AppService - return msiTypeAppServiceV20170901, endpointEnvVar, nil - } - // if ONLY the env var MSI_ENDPOINT is set the msiType is CloudShell - return msiTypeCloudShell, endpointEnvVar, nil - } - // if MSI_ENDPOINT is NOT set assume the msiType is IMDS - return msiTypeIMDS, msiEndpoint, nil -} - -// GetMSIVMEndpoint gets the MSI endpoint on Virtual Machines. -// NOTE: this always returns the IMDS endpoint, it does not work for app services or cloud shell. -// Deprecated: NewServicePrincipalTokenFromMSI() and variants will automatically detect the endpoint. -func GetMSIVMEndpoint() (string, error) { - return msiEndpoint, nil -} - -// GetMSIAppServiceEndpoint get the MSI endpoint for App Service and Functions. -// It will return an error when not running in an app service/functions environment. -// Deprecated: NewServicePrincipalTokenFromMSI() and variants will automatically detect the endpoint. -func GetMSIAppServiceEndpoint() (string, error) { - msiType, endpoint, err := getMSIType() - if err != nil { - return "", err - } - switch msiType { - case msiTypeAppServiceV20170901: - return endpoint, nil - default: - return "", fmt.Errorf("%s is not app service environment", msiType) - } -} - -// GetMSIEndpoint get the appropriate MSI endpoint depending on the runtime environment -// Deprecated: NewServicePrincipalTokenFromMSI() and variants will automatically detect the endpoint. -func GetMSIEndpoint() (string, error) { - _, endpoint, err := getMSIType() - return endpoint, err -} - -// NewServicePrincipalTokenFromMSI creates a ServicePrincipalToken via the MSI VM Extension. -// It will use the system assigned identity when creating the token. -// msiEndpoint - empty string, or pass a non-empty string to override the default value. -// Deprecated: use NewServicePrincipalTokenFromManagedIdentity() instead. -func NewServicePrincipalTokenFromMSI(msiEndpoint, resource string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - return newServicePrincipalTokenFromMSI(msiEndpoint, resource, "", "", callbacks...) -} - -// NewServicePrincipalTokenFromMSIWithUserAssignedID creates a ServicePrincipalToken via the MSI VM Extension. -// It will use the clientID of specified user assigned identity when creating the token. -// msiEndpoint - empty string, or pass a non-empty string to override the default value. -// Deprecated: use NewServicePrincipalTokenFromManagedIdentity() instead. -func NewServicePrincipalTokenFromMSIWithUserAssignedID(msiEndpoint, resource string, userAssignedID string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateStringParam(userAssignedID, "userAssignedID"); err != nil { - return nil, err - } - return newServicePrincipalTokenFromMSI(msiEndpoint, resource, userAssignedID, "", callbacks...) -} - -// NewServicePrincipalTokenFromMSIWithIdentityResourceID creates a ServicePrincipalToken via the MSI VM Extension. -// It will use the azure resource id of user assigned identity when creating the token. -// msiEndpoint - empty string, or pass a non-empty string to override the default value. -// Deprecated: use NewServicePrincipalTokenFromManagedIdentity() instead. -func NewServicePrincipalTokenFromMSIWithIdentityResourceID(msiEndpoint, resource string, identityResourceID string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateStringParam(identityResourceID, "identityResourceID"); err != nil { - return nil, err - } - return newServicePrincipalTokenFromMSI(msiEndpoint, resource, "", identityResourceID, callbacks...) -} - -// ManagedIdentityOptions contains optional values for configuring managed identity authentication. -type ManagedIdentityOptions struct { - // ClientID is the user-assigned identity to use during authentication. - // It is mutually exclusive with IdentityResourceID. - ClientID string - - // IdentityResourceID is the resource ID of the user-assigned identity to use during authentication. - // It is mutually exclusive with ClientID. - IdentityResourceID string -} - -// NewServicePrincipalTokenFromManagedIdentity creates a ServicePrincipalToken using a managed identity. -// It supports the following managed identity environments. -// - App Service Environment (API version 2017-09-01 only) -// - Cloud shell -// - IMDS with a system or user assigned identity -func NewServicePrincipalTokenFromManagedIdentity(resource string, options *ManagedIdentityOptions, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if options == nil { - options = &ManagedIdentityOptions{} - } - return newServicePrincipalTokenFromMSI("", resource, options.ClientID, options.IdentityResourceID, callbacks...) -} - -func newServicePrincipalTokenFromMSI(msiEndpoint, resource, userAssignedID, identityResourceID string, callbacks ...TokenRefreshCallback) (*ServicePrincipalToken, error) { - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - if userAssignedID != "" && identityResourceID != "" { - return nil, errors.New("cannot specify userAssignedID and identityResourceID") - } - msiType, endpoint, err := getMSIType() - if err != nil { - logger.Instance.Writef(logger.LogError, "Error determining managed identity environment: %v\n", err) - return nil, err - } - logger.Instance.Writef(logger.LogInfo, "Managed identity environment is %s, endpoint is %s\n", msiType, endpoint) - if msiEndpoint != "" { - endpoint = msiEndpoint - logger.Instance.Writef(logger.LogInfo, "Managed identity custom endpoint is %s\n", endpoint) - } - msiEndpointURL, err := url.Parse(endpoint) - if err != nil { - return nil, err - } - // cloud shell sends its data in the request body - if msiType != msiTypeCloudShell { - v := url.Values{} - v.Set("resource", resource) - clientIDParam := "client_id" - switch msiType { - case msiTypeAppServiceV20170901: - clientIDParam = "clientid" - v.Set("api-version", appServiceAPIVersion2017) - break - case msiTypeIMDS: - v.Set("api-version", msiAPIVersion) - } - if userAssignedID != "" { - v.Set(clientIDParam, userAssignedID) - } else if identityResourceID != "" { - v.Set("mi_res_id", identityResourceID) - } - msiEndpointURL.RawQuery = v.Encode() - } - - spt := &ServicePrincipalToken{ - inner: servicePrincipalToken{ - Token: newToken(), - OauthConfig: OAuthConfig{ - TokenEndpoint: *msiEndpointURL, - }, - Secret: &ServicePrincipalMSISecret{ - msiType: msiType, - clientResourceID: identityResourceID, - }, - Resource: resource, - AutoRefresh: true, - RefreshWithin: defaultRefresh, - ClientID: userAssignedID, - }, - refreshLock: &sync.RWMutex{}, - sender: sender(), - refreshCallbacks: callbacks, - MaxMSIRefreshAttempts: defaultMaxMSIRefreshAttempts, - } - - return spt, nil -} - -// internal type that implements TokenRefreshError -type tokenRefreshError struct { - message string - resp *http.Response -} - -// Error implements the error interface which is part of the TokenRefreshError interface. -func (tre tokenRefreshError) Error() string { - return tre.message -} - -// Response implements the TokenRefreshError interface, it returns the raw HTTP response from the refresh operation. -func (tre tokenRefreshError) Response() *http.Response { - return tre.resp -} - -func newTokenRefreshError(message string, resp *http.Response) TokenRefreshError { - return tokenRefreshError{message: message, resp: resp} -} - -// EnsureFresh will refresh the token if it will expire within the refresh window (as set by -// RefreshWithin) and autoRefresh flag is on. This method is safe for concurrent use. -func (spt *ServicePrincipalToken) EnsureFresh() error { - return spt.EnsureFreshWithContext(context.Background()) -} - -// EnsureFreshWithContext will refresh the token if it will expire within the refresh window (as set by -// RefreshWithin) and autoRefresh flag is on. This method is safe for concurrent use. -func (spt *ServicePrincipalToken) EnsureFreshWithContext(ctx context.Context) error { - // must take the read lock when initially checking the token's expiration - if spt.inner.AutoRefresh && spt.Token().WillExpireIn(spt.inner.RefreshWithin) { - // take the write lock then check again to see if the token was already refreshed - spt.refreshLock.Lock() - defer spt.refreshLock.Unlock() - if spt.inner.Token.WillExpireIn(spt.inner.RefreshWithin) { - return spt.refreshInternal(ctx, spt.inner.Resource) - } - } - return nil -} - -// InvokeRefreshCallbacks calls any TokenRefreshCallbacks that were added to the SPT during initialization -func (spt *ServicePrincipalToken) InvokeRefreshCallbacks(token Token) error { - if spt.refreshCallbacks != nil { - for _, callback := range spt.refreshCallbacks { - err := callback(spt.inner.Token) - if err != nil { - return fmt.Errorf("adal: TokenRefreshCallback handler failed. Error = '%v'", err) - } - } - } - return nil -} - -// Refresh obtains a fresh token for the Service Principal. -// This method is safe for concurrent use. -func (spt *ServicePrincipalToken) Refresh() error { - return spt.RefreshWithContext(context.Background()) -} - -// RefreshWithContext obtains a fresh token for the Service Principal. -// This method is safe for concurrent use. -func (spt *ServicePrincipalToken) RefreshWithContext(ctx context.Context) error { - spt.refreshLock.Lock() - defer spt.refreshLock.Unlock() - return spt.refreshInternal(ctx, spt.inner.Resource) -} - -// RefreshExchange refreshes the token, but for a different resource. -// This method is safe for concurrent use. -func (spt *ServicePrincipalToken) RefreshExchange(resource string) error { - return spt.RefreshExchangeWithContext(context.Background(), resource) -} - -// RefreshExchangeWithContext refreshes the token, but for a different resource. -// This method is safe for concurrent use. -func (spt *ServicePrincipalToken) RefreshExchangeWithContext(ctx context.Context, resource string) error { - spt.refreshLock.Lock() - defer spt.refreshLock.Unlock() - return spt.refreshInternal(ctx, resource) -} - -func (spt *ServicePrincipalToken) getGrantType() string { - switch spt.inner.Secret.(type) { - case *ServicePrincipalUsernamePasswordSecret: - return OAuthGrantTypeUserPass - case *ServicePrincipalAuthorizationCodeSecret: - return OAuthGrantTypeAuthorizationCode - default: - return OAuthGrantTypeClientCredentials - } -} - -func (spt *ServicePrincipalToken) refreshInternal(ctx context.Context, resource string) error { - if spt.customRefreshFunc != nil { - token, err := spt.customRefreshFunc(ctx, resource) - if err != nil { - return err - } - spt.inner.Token = *token - return spt.InvokeRefreshCallbacks(spt.inner.Token) - } - req, err := http.NewRequest(http.MethodPost, spt.inner.OauthConfig.TokenEndpoint.String(), nil) - if err != nil { - return fmt.Errorf("adal: Failed to build the refresh request. Error = '%v'", err) - } - req.Header.Add("User-Agent", UserAgent()) - req = req.WithContext(ctx) - var resp *http.Response - authBodyFilter := func(b []byte) []byte { - if logger.Level() != logger.LogAuth { - return []byte("**REDACTED** authentication body") - } - return b - } - if msiSecret, ok := spt.inner.Secret.(*ServicePrincipalMSISecret); ok { - switch msiSecret.msiType { - case msiTypeAppServiceV20170901: - req.Method = http.MethodGet - req.Header.Set("secret", os.Getenv(msiSecretEnv)) - break - case msiTypeCloudShell: - req.Header.Set("Metadata", "true") - data := url.Values{} - data.Set("resource", spt.inner.Resource) - if spt.inner.ClientID != "" { - data.Set("client_id", spt.inner.ClientID) - } else if msiSecret.clientResourceID != "" { - data.Set("msi_res_id", msiSecret.clientResourceID) - } - req.Body = ioutil.NopCloser(strings.NewReader(data.Encode())) - req.Header.Set("Content-Type", "application/x-www-form-urlencoded") - break - case msiTypeIMDS: - req.Method = http.MethodGet - req.Header.Set("Metadata", "true") - break - } - logger.Instance.WriteRequest(req, logger.Filter{Body: authBodyFilter}) - resp, err = retryForIMDS(spt.sender, req, spt.MaxMSIRefreshAttempts) - } else { - v := url.Values{} - v.Set("client_id", spt.inner.ClientID) - v.Set("resource", resource) - - if spt.inner.Token.RefreshToken != "" { - v.Set("grant_type", OAuthGrantTypeRefreshToken) - v.Set("refresh_token", spt.inner.Token.RefreshToken) - // web apps must specify client_secret when refreshing tokens - // see https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-oauth-code#refreshing-the-access-tokens - if spt.getGrantType() == OAuthGrantTypeAuthorizationCode { - err := spt.inner.Secret.SetAuthenticationValues(spt, &v) - if err != nil { - return err - } - } - } else { - v.Set("grant_type", spt.getGrantType()) - err := spt.inner.Secret.SetAuthenticationValues(spt, &v) - if err != nil { - return err - } - } - - s := v.Encode() - body := ioutil.NopCloser(strings.NewReader(s)) - req.ContentLength = int64(len(s)) - req.Header.Set(contentType, mimeTypeFormPost) - req.Body = body - logger.Instance.WriteRequest(req, logger.Filter{Body: authBodyFilter}) - resp, err = spt.sender.Do(req) - } - - // don't return a TokenRefreshError here; this will allow retry logic to apply - if err != nil { - return fmt.Errorf("adal: Failed to execute the refresh request. Error = '%v'", err) - } else if resp == nil { - return fmt.Errorf("adal: received nil response and error") - } - - logger.Instance.WriteResponse(resp, logger.Filter{Body: authBodyFilter}) - defer resp.Body.Close() - rb, err := ioutil.ReadAll(resp.Body) - - if resp.StatusCode != http.StatusOK { - if err != nil { - return newTokenRefreshError(fmt.Sprintf("adal: Refresh request failed. Status Code = '%d'. Failed reading response body: %v Endpoint %s", resp.StatusCode, err, req.URL.String()), resp) - } - return newTokenRefreshError(fmt.Sprintf("adal: Refresh request failed. Status Code = '%d'. Response body: %s Endpoint %s", resp.StatusCode, string(rb), req.URL.String()), resp) - } - - // for the following error cases don't return a TokenRefreshError. the operation succeeded - // but some transient failure happened during deserialization. by returning a generic error - // the retry logic will kick in (we don't retry on TokenRefreshError). - - if err != nil { - return fmt.Errorf("adal: Failed to read a new service principal token during refresh. Error = '%v'", err) - } - if len(strings.Trim(string(rb), " ")) == 0 { - return fmt.Errorf("adal: Empty service principal token received during refresh") - } - token := struct { - AccessToken string `json:"access_token"` - RefreshToken string `json:"refresh_token"` - - // AAD returns expires_in as a string, ADFS returns it as an int - ExpiresIn json.Number `json:"expires_in"` - // expires_on can be in three formats, a UTC time stamp, or the number of seconds as a string *or* int. - ExpiresOn interface{} `json:"expires_on"` - NotBefore json.Number `json:"not_before"` - - Resource string `json:"resource"` - Type string `json:"token_type"` - }{} - // return a TokenRefreshError in the follow error cases as the token is in an unexpected format - err = json.Unmarshal(rb, &token) - if err != nil { - return newTokenRefreshError(fmt.Sprintf("adal: Failed to unmarshal the service principal token during refresh. Error = '%v' JSON = '%s'", err, string(rb)), resp) - } - expiresOn := json.Number("") - // ADFS doesn't include the expires_on field - if token.ExpiresOn != nil { - if expiresOn, err = parseExpiresOn(token.ExpiresOn); err != nil { - return newTokenRefreshError(fmt.Sprintf("adal: failed to parse expires_on: %v value '%s'", err, token.ExpiresOn), resp) - } - } - spt.inner.Token.AccessToken = token.AccessToken - spt.inner.Token.RefreshToken = token.RefreshToken - spt.inner.Token.ExpiresIn = token.ExpiresIn - spt.inner.Token.ExpiresOn = expiresOn - spt.inner.Token.NotBefore = token.NotBefore - spt.inner.Token.Resource = token.Resource - spt.inner.Token.Type = token.Type - - return spt.InvokeRefreshCallbacks(spt.inner.Token) -} - -// converts expires_on to the number of seconds -func parseExpiresOn(s interface{}) (json.Number, error) { - // the JSON unmarshaler treats JSON numbers unmarshaled into an interface{} as float64 - asFloat64, ok := s.(float64) - if ok { - // this is the number of seconds as int case - return json.Number(strconv.FormatInt(int64(asFloat64), 10)), nil - } - asStr, ok := s.(string) - if !ok { - return "", fmt.Errorf("unexpected expires_on type %T", s) - } - // convert the expiration date to the number of seconds from the unix epoch - timeToDuration := func(t time.Time) json.Number { - return json.Number(strconv.FormatInt(t.UTC().Unix(), 10)) - } - if _, err := json.Number(asStr).Int64(); err == nil { - // this is the number of seconds case, no conversion required - return json.Number(asStr), nil - } else if eo, err := time.Parse(expiresOnDateFormatPM, asStr); err == nil { - return timeToDuration(eo), nil - } else if eo, err := time.Parse(expiresOnDateFormat, asStr); err == nil { - return timeToDuration(eo), nil - } else { - // unknown format - return json.Number(""), err - } -} - -// retry logic specific to retrieving a token from the IMDS endpoint -func retryForIMDS(sender Sender, req *http.Request, maxAttempts int) (resp *http.Response, err error) { - // copied from client.go due to circular dependency - retries := []int{ - http.StatusRequestTimeout, // 408 - http.StatusTooManyRequests, // 429 - http.StatusInternalServerError, // 500 - http.StatusBadGateway, // 502 - http.StatusServiceUnavailable, // 503 - http.StatusGatewayTimeout, // 504 - } - // extra retry status codes specific to IMDS - retries = append(retries, - http.StatusNotFound, - http.StatusGone, - // all remaining 5xx - http.StatusNotImplemented, - http.StatusHTTPVersionNotSupported, - http.StatusVariantAlsoNegotiates, - http.StatusInsufficientStorage, - http.StatusLoopDetected, - http.StatusNotExtended, - http.StatusNetworkAuthenticationRequired) - - // see https://docs.microsoft.com/en-us/azure/active-directory/managed-service-identity/how-to-use-vm-token#retry-guidance - - const maxDelay time.Duration = 60 * time.Second - - attempt := 0 - delay := time.Duration(0) - - // maxAttempts is user-specified, ensure that its value is greater than zero else no request will be made - if maxAttempts < 1 { - maxAttempts = defaultMaxMSIRefreshAttempts - } - - for attempt < maxAttempts { - if resp != nil && resp.Body != nil { - io.Copy(ioutil.Discard, resp.Body) - resp.Body.Close() - } - resp, err = sender.Do(req) - // we want to retry if err is not nil or the status code is in the list of retry codes - if err == nil && !responseHasStatusCode(resp, retries...) { - return - } - - // perform exponential backoff with a cap. - // must increment attempt before calculating delay. - attempt++ - // the base value of 2 is the "delta backoff" as specified in the guidance doc - delay += (time.Duration(math.Pow(2, float64(attempt))) * time.Second) - if delay > maxDelay { - delay = maxDelay - } - - select { - case <-time.After(delay): - // intentionally left blank - case <-req.Context().Done(): - err = req.Context().Err() - return - } - } - return -} - -func responseHasStatusCode(resp *http.Response, codes ...int) bool { - if resp != nil { - for _, i := range codes { - if i == resp.StatusCode { - return true - } - } - } - return false -} - -// SetAutoRefresh enables or disables automatic refreshing of stale tokens. -func (spt *ServicePrincipalToken) SetAutoRefresh(autoRefresh bool) { - spt.inner.AutoRefresh = autoRefresh -} - -// SetRefreshWithin sets the interval within which if the token will expire, EnsureFresh will -// refresh the token. -func (spt *ServicePrincipalToken) SetRefreshWithin(d time.Duration) { - spt.inner.RefreshWithin = d - return -} - -// SetSender sets the http.Client used when obtaining the Service Principal token. An -// undecorated http.Client is used by default. -func (spt *ServicePrincipalToken) SetSender(s Sender) { spt.sender = s } - -// OAuthToken implements the OAuthTokenProvider interface. It returns the current access token. -func (spt *ServicePrincipalToken) OAuthToken() string { - spt.refreshLock.RLock() - defer spt.refreshLock.RUnlock() - return spt.inner.Token.OAuthToken() -} - -// Token returns a copy of the current token. -func (spt *ServicePrincipalToken) Token() Token { - spt.refreshLock.RLock() - defer spt.refreshLock.RUnlock() - return spt.inner.Token -} - -// MultiTenantServicePrincipalToken contains tokens for multi-tenant authorization. -type MultiTenantServicePrincipalToken struct { - PrimaryToken *ServicePrincipalToken - AuxiliaryTokens []*ServicePrincipalToken -} - -// PrimaryOAuthToken returns the primary authorization token. -func (mt *MultiTenantServicePrincipalToken) PrimaryOAuthToken() string { - return mt.PrimaryToken.OAuthToken() -} - -// AuxiliaryOAuthTokens returns one to three auxiliary authorization tokens. -func (mt *MultiTenantServicePrincipalToken) AuxiliaryOAuthTokens() []string { - tokens := make([]string, len(mt.AuxiliaryTokens)) - for i := range mt.AuxiliaryTokens { - tokens[i] = mt.AuxiliaryTokens[i].OAuthToken() - } - return tokens -} - -// NewMultiTenantServicePrincipalToken creates a new MultiTenantServicePrincipalToken with the specified credentials and resource. -func NewMultiTenantServicePrincipalToken(multiTenantCfg MultiTenantOAuthConfig, clientID string, secret string, resource string) (*MultiTenantServicePrincipalToken, error) { - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(secret, "secret"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - auxTenants := multiTenantCfg.AuxiliaryTenants() - m := MultiTenantServicePrincipalToken{ - AuxiliaryTokens: make([]*ServicePrincipalToken, len(auxTenants)), - } - primary, err := NewServicePrincipalToken(*multiTenantCfg.PrimaryTenant(), clientID, secret, resource) - if err != nil { - return nil, fmt.Errorf("failed to create SPT for primary tenant: %v", err) - } - m.PrimaryToken = primary - for i := range auxTenants { - aux, err := NewServicePrincipalToken(*auxTenants[i], clientID, secret, resource) - if err != nil { - return nil, fmt.Errorf("failed to create SPT for auxiliary tenant: %v", err) - } - m.AuxiliaryTokens[i] = aux - } - return &m, nil -} - -// NewMultiTenantServicePrincipalTokenFromCertificate creates a new MultiTenantServicePrincipalToken with the specified certificate credentials and resource. -func NewMultiTenantServicePrincipalTokenFromCertificate(multiTenantCfg MultiTenantOAuthConfig, clientID string, certificate *x509.Certificate, privateKey *rsa.PrivateKey, resource string) (*MultiTenantServicePrincipalToken, error) { - if err := validateStringParam(clientID, "clientID"); err != nil { - return nil, err - } - if err := validateStringParam(resource, "resource"); err != nil { - return nil, err - } - if certificate == nil { - return nil, fmt.Errorf("parameter 'certificate' cannot be nil") - } - if privateKey == nil { - return nil, fmt.Errorf("parameter 'privateKey' cannot be nil") - } - auxTenants := multiTenantCfg.AuxiliaryTenants() - m := MultiTenantServicePrincipalToken{ - AuxiliaryTokens: make([]*ServicePrincipalToken, len(auxTenants)), - } - primary, err := NewServicePrincipalTokenWithSecret( - *multiTenantCfg.PrimaryTenant(), - clientID, - resource, - &ServicePrincipalCertificateSecret{ - PrivateKey: privateKey, - Certificate: certificate, - }, - ) - if err != nil { - return nil, fmt.Errorf("failed to create SPT for primary tenant: %v", err) - } - m.PrimaryToken = primary - for i := range auxTenants { - aux, err := NewServicePrincipalTokenWithSecret( - *auxTenants[i], - clientID, - resource, - &ServicePrincipalCertificateSecret{ - PrivateKey: privateKey, - Certificate: certificate, - }, - ) - if err != nil { - return nil, fmt.Errorf("failed to create SPT for auxiliary tenant: %v", err) - } - m.AuxiliaryTokens[i] = aux - } - return &m, nil -} - -// MSIAvailable returns true if the MSI endpoint is available for authentication. -func MSIAvailable(ctx context.Context, s Sender) bool { - msiType, _, err := getMSIType() - - if err != nil { - return false - } - - if msiType != msiTypeIMDS { - return true - } - - if s == nil { - s = sender() - } - - resp, err := getMSIEndpoint(ctx, s) - - if err == nil { - resp.Body.Close() - } - - return err == nil -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go deleted file mode 100644 index 89190a42..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/token_1.13.go +++ /dev/null @@ -1,76 +0,0 @@ -//go:build go1.13 -// +build go1.13 - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package adal - -import ( - "context" - "fmt" - "net/http" - "time" -) - -func getMSIEndpoint(ctx context.Context, sender Sender) (*http.Response, error) { - tempCtx, cancel := context.WithTimeout(ctx, 2*time.Second) - defer cancel() - // http.NewRequestWithContext() was added in Go 1.13 - req, _ := http.NewRequestWithContext(tempCtx, http.MethodGet, msiEndpoint, nil) - q := req.URL.Query() - q.Add("api-version", msiAPIVersion) - req.URL.RawQuery = q.Encode() - return sender.Do(req) -} - -// EnsureFreshWithContext will refresh the token if it will expire within the refresh window (as set by -// RefreshWithin) and autoRefresh flag is on. This method is safe for concurrent use. -func (mt *MultiTenantServicePrincipalToken) EnsureFreshWithContext(ctx context.Context) error { - if err := mt.PrimaryToken.EnsureFreshWithContext(ctx); err != nil { - return fmt.Errorf("failed to refresh primary token: %w", err) - } - for _, aux := range mt.AuxiliaryTokens { - if err := aux.EnsureFreshWithContext(ctx); err != nil { - return fmt.Errorf("failed to refresh auxiliary token: %w", err) - } - } - return nil -} - -// RefreshWithContext obtains a fresh token for the Service Principal. -func (mt *MultiTenantServicePrincipalToken) RefreshWithContext(ctx context.Context) error { - if err := mt.PrimaryToken.RefreshWithContext(ctx); err != nil { - return fmt.Errorf("failed to refresh primary token: %w", err) - } - for _, aux := range mt.AuxiliaryTokens { - if err := aux.RefreshWithContext(ctx); err != nil { - return fmt.Errorf("failed to refresh auxiliary token: %w", err) - } - } - return nil -} - -// RefreshExchangeWithContext refreshes the token, but for a different resource. -func (mt *MultiTenantServicePrincipalToken) RefreshExchangeWithContext(ctx context.Context, resource string) error { - if err := mt.PrimaryToken.RefreshExchangeWithContext(ctx, resource); err != nil { - return fmt.Errorf("failed to refresh primary token: %w", err) - } - for _, aux := range mt.AuxiliaryTokens { - if err := aux.RefreshExchangeWithContext(ctx, resource); err != nil { - return fmt.Errorf("failed to refresh auxiliary token: %w", err) - } - } - return nil -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go b/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go deleted file mode 100644 index 27ec4efa..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/token_legacy.go +++ /dev/null @@ -1,75 +0,0 @@ -//go:build !go1.13 -// +build !go1.13 - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package adal - -import ( - "context" - "net/http" - "time" -) - -func getMSIEndpoint(ctx context.Context, sender Sender) (*http.Response, error) { - tempCtx, cancel := context.WithTimeout(ctx, 2*time.Second) - defer cancel() - req, _ := http.NewRequest(http.MethodGet, msiEndpoint, nil) - req = req.WithContext(tempCtx) - q := req.URL.Query() - q.Add("api-version", msiAPIVersion) - req.URL.RawQuery = q.Encode() - return sender.Do(req) -} - -// EnsureFreshWithContext will refresh the token if it will expire within the refresh window (as set by -// RefreshWithin) and autoRefresh flag is on. This method is safe for concurrent use. -func (mt *MultiTenantServicePrincipalToken) EnsureFreshWithContext(ctx context.Context) error { - if err := mt.PrimaryToken.EnsureFreshWithContext(ctx); err != nil { - return err - } - for _, aux := range mt.AuxiliaryTokens { - if err := aux.EnsureFreshWithContext(ctx); err != nil { - return err - } - } - return nil -} - -// RefreshWithContext obtains a fresh token for the Service Principal. -func (mt *MultiTenantServicePrincipalToken) RefreshWithContext(ctx context.Context) error { - if err := mt.PrimaryToken.RefreshWithContext(ctx); err != nil { - return err - } - for _, aux := range mt.AuxiliaryTokens { - if err := aux.RefreshWithContext(ctx); err != nil { - return err - } - } - return nil -} - -// RefreshExchangeWithContext refreshes the token, but for a different resource. -func (mt *MultiTenantServicePrincipalToken) RefreshExchangeWithContext(ctx context.Context, resource string) error { - if err := mt.PrimaryToken.RefreshExchangeWithContext(ctx, resource); err != nil { - return err - } - for _, aux := range mt.AuxiliaryTokens { - if err := aux.RefreshExchangeWithContext(ctx, resource); err != nil { - return err - } - } - return nil -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/adal/version.go b/vendor/github.com/Azure/go-autorest/autorest/adal/version.go deleted file mode 100644 index c867b348..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/adal/version.go +++ /dev/null @@ -1,45 +0,0 @@ -package adal - -import ( - "fmt" - "runtime" -) - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -const number = "v1.0.0" - -var ( - ua = fmt.Sprintf("Go/%s (%s-%s) go-autorest/adal/%s", - runtime.Version(), - runtime.GOARCH, - runtime.GOOS, - number, - ) -) - -// UserAgent returns a string containing the Go version, system architecture and OS, and the adal version. -func UserAgent() string { - return ua -} - -// AddToUserAgent adds an extension to the current user agent -func AddToUserAgent(extension string) error { - if extension != "" { - ua = fmt.Sprintf("%s %s", ua, extension) - return nil - } - return fmt.Errorf("Extension was empty, User Agent remained as '%s'", ua) -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/authorization.go b/vendor/github.com/Azure/go-autorest/autorest/authorization.go deleted file mode 100644 index 1226c411..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/authorization.go +++ /dev/null @@ -1,353 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "crypto/tls" - "encoding/base64" - "fmt" - "net/http" - "net/url" - "strings" - - "github.com/Azure/go-autorest/autorest/adal" -) - -const ( - bearerChallengeHeader = "Www-Authenticate" - bearer = "Bearer" - tenantID = "tenantID" - apiKeyAuthorizerHeader = "Ocp-Apim-Subscription-Key" - bingAPISdkHeader = "X-BingApis-SDK-Client" - golangBingAPISdkHeaderValue = "Go-SDK" - authorization = "Authorization" - basic = "Basic" -) - -// Authorizer is the interface that provides a PrepareDecorator used to supply request -// authorization. Most often, the Authorizer decorator runs last so it has access to the full -// state of the formed HTTP request. -type Authorizer interface { - WithAuthorization() PrepareDecorator -} - -// NullAuthorizer implements a default, "do nothing" Authorizer. -type NullAuthorizer struct{} - -// WithAuthorization returns a PrepareDecorator that does nothing. -func (na NullAuthorizer) WithAuthorization() PrepareDecorator { - return WithNothing() -} - -// APIKeyAuthorizer implements API Key authorization. -type APIKeyAuthorizer struct { - headers map[string]interface{} - queryParameters map[string]interface{} -} - -// NewAPIKeyAuthorizerWithHeaders creates an ApiKeyAuthorizer with headers. -func NewAPIKeyAuthorizerWithHeaders(headers map[string]interface{}) *APIKeyAuthorizer { - return NewAPIKeyAuthorizer(headers, nil) -} - -// NewAPIKeyAuthorizerWithQueryParameters creates an ApiKeyAuthorizer with query parameters. -func NewAPIKeyAuthorizerWithQueryParameters(queryParameters map[string]interface{}) *APIKeyAuthorizer { - return NewAPIKeyAuthorizer(nil, queryParameters) -} - -// NewAPIKeyAuthorizer creates an ApiKeyAuthorizer with headers. -func NewAPIKeyAuthorizer(headers map[string]interface{}, queryParameters map[string]interface{}) *APIKeyAuthorizer { - return &APIKeyAuthorizer{headers: headers, queryParameters: queryParameters} -} - -// WithAuthorization returns a PrepareDecorator that adds an HTTP headers and Query Parameters. -func (aka *APIKeyAuthorizer) WithAuthorization() PrepareDecorator { - return func(p Preparer) Preparer { - return DecoratePreparer(p, WithHeaders(aka.headers), WithQueryParameters(aka.queryParameters)) - } -} - -// CognitiveServicesAuthorizer implements authorization for Cognitive Services. -type CognitiveServicesAuthorizer struct { - subscriptionKey string -} - -// NewCognitiveServicesAuthorizer is -func NewCognitiveServicesAuthorizer(subscriptionKey string) *CognitiveServicesAuthorizer { - return &CognitiveServicesAuthorizer{subscriptionKey: subscriptionKey} -} - -// WithAuthorization is -func (csa *CognitiveServicesAuthorizer) WithAuthorization() PrepareDecorator { - headers := make(map[string]interface{}) - headers[apiKeyAuthorizerHeader] = csa.subscriptionKey - headers[bingAPISdkHeader] = golangBingAPISdkHeaderValue - - return NewAPIKeyAuthorizerWithHeaders(headers).WithAuthorization() -} - -// BearerAuthorizer implements the bearer authorization -type BearerAuthorizer struct { - tokenProvider adal.OAuthTokenProvider -} - -// NewBearerAuthorizer crates a BearerAuthorizer using the given token provider -func NewBearerAuthorizer(tp adal.OAuthTokenProvider) *BearerAuthorizer { - return &BearerAuthorizer{tokenProvider: tp} -} - -// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose -// value is "Bearer " followed by the token. -// -// By default, the token will be automatically refreshed through the Refresher interface. -func (ba *BearerAuthorizer) WithAuthorization() PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - // the ordering is important here, prefer RefresherWithContext if available - if refresher, ok := ba.tokenProvider.(adal.RefresherWithContext); ok { - err = refresher.EnsureFreshWithContext(r.Context()) - } else if refresher, ok := ba.tokenProvider.(adal.Refresher); ok { - err = refresher.EnsureFresh() - } - if err != nil { - var resp *http.Response - if tokError, ok := err.(adal.TokenRefreshError); ok { - resp = tokError.Response() - } - return r, NewErrorWithError(err, "azure.BearerAuthorizer", "WithAuthorization", resp, - "Failed to refresh the Token for request to %s", r.URL) - } - return Prepare(r, WithHeader(headerAuthorization, fmt.Sprintf("Bearer %s", ba.tokenProvider.OAuthToken()))) - } - return r, err - }) - } -} - -// TokenProvider returns OAuthTokenProvider so that it can be used for authorization outside the REST. -func (ba *BearerAuthorizer) TokenProvider() adal.OAuthTokenProvider { - return ba.tokenProvider -} - -// BearerAuthorizerCallbackFunc is the authentication callback signature. -type BearerAuthorizerCallbackFunc func(tenantID, resource string) (*BearerAuthorizer, error) - -// BearerAuthorizerCallback implements bearer authorization via a callback. -type BearerAuthorizerCallback struct { - sender Sender - callback BearerAuthorizerCallbackFunc -} - -// NewBearerAuthorizerCallback creates a bearer authorization callback. The callback -// is invoked when the HTTP request is submitted. -func NewBearerAuthorizerCallback(s Sender, callback BearerAuthorizerCallbackFunc) *BearerAuthorizerCallback { - if s == nil { - s = sender(tls.RenegotiateNever) - } - return &BearerAuthorizerCallback{sender: s, callback: callback} -} - -// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose value -// is "Bearer " followed by the token. The BearerAuthorizer is obtained via a user-supplied callback. -// -// By default, the token will be automatically refreshed through the Refresher interface. -func (bacb *BearerAuthorizerCallback) WithAuthorization() PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - // make a copy of the request and remove the body as it's not - // required and avoids us having to create a copy of it. - rCopy := *r - removeRequestBody(&rCopy) - - resp, err := bacb.sender.Do(&rCopy) - if err != nil { - return r, err - } - DrainResponseBody(resp) - if resp.StatusCode == 401 && hasBearerChallenge(resp.Header) { - bc, err := newBearerChallenge(resp.Header) - if err != nil { - return r, err - } - if bacb.callback != nil { - ba, err := bacb.callback(bc.values[tenantID], bc.values["resource"]) - if err != nil { - return r, err - } - return Prepare(r, ba.WithAuthorization()) - } - } - } - return r, err - }) - } -} - -// returns true if the HTTP response contains a bearer challenge -func hasBearerChallenge(header http.Header) bool { - authHeader := header.Get(bearerChallengeHeader) - if len(authHeader) == 0 || strings.Index(authHeader, bearer) < 0 { - return false - } - return true -} - -type bearerChallenge struct { - values map[string]string -} - -func newBearerChallenge(header http.Header) (bc bearerChallenge, err error) { - challenge := strings.TrimSpace(header.Get(bearerChallengeHeader)) - trimmedChallenge := challenge[len(bearer)+1:] - - // challenge is a set of key=value pairs that are comma delimited - pairs := strings.Split(trimmedChallenge, ",") - if len(pairs) < 1 { - err = fmt.Errorf("challenge '%s' contains no pairs", challenge) - return bc, err - } - - bc.values = make(map[string]string) - for i := range pairs { - trimmedPair := strings.TrimSpace(pairs[i]) - pair := strings.Split(trimmedPair, "=") - if len(pair) == 2 { - // remove the enclosing quotes - key := strings.Trim(pair[0], "\"") - value := strings.Trim(pair[1], "\"") - - switch key { - case "authorization", "authorization_uri": - // strip the tenant ID from the authorization URL - asURL, err := url.Parse(value) - if err != nil { - return bc, err - } - bc.values[tenantID] = asURL.Path[1:] - default: - bc.values[key] = value - } - } - } - - return bc, err -} - -// EventGridKeyAuthorizer implements authorization for event grid using key authentication. -type EventGridKeyAuthorizer struct { - topicKey string -} - -// NewEventGridKeyAuthorizer creates a new EventGridKeyAuthorizer -// with the specified topic key. -func NewEventGridKeyAuthorizer(topicKey string) EventGridKeyAuthorizer { - return EventGridKeyAuthorizer{topicKey: topicKey} -} - -// WithAuthorization returns a PrepareDecorator that adds the aeg-sas-key authentication header. -func (egta EventGridKeyAuthorizer) WithAuthorization() PrepareDecorator { - headers := map[string]interface{}{ - "aeg-sas-key": egta.topicKey, - } - return NewAPIKeyAuthorizerWithHeaders(headers).WithAuthorization() -} - -// BasicAuthorizer implements basic HTTP authorization by adding the Authorization HTTP header -// with the value "Basic " where is a base64-encoded username:password tuple. -type BasicAuthorizer struct { - userName string - password string -} - -// NewBasicAuthorizer creates a new BasicAuthorizer with the specified username and password. -func NewBasicAuthorizer(userName, password string) *BasicAuthorizer { - return &BasicAuthorizer{ - userName: userName, - password: password, - } -} - -// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose -// value is "Basic " followed by the base64-encoded username:password tuple. -func (ba *BasicAuthorizer) WithAuthorization() PrepareDecorator { - headers := make(map[string]interface{}) - headers[authorization] = basic + " " + base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", ba.userName, ba.password))) - - return NewAPIKeyAuthorizerWithHeaders(headers).WithAuthorization() -} - -// MultiTenantServicePrincipalTokenAuthorizer provides authentication across tenants. -type MultiTenantServicePrincipalTokenAuthorizer interface { - WithAuthorization() PrepareDecorator -} - -// NewMultiTenantServicePrincipalTokenAuthorizer crates a BearerAuthorizer using the given token provider -func NewMultiTenantServicePrincipalTokenAuthorizer(tp adal.MultitenantOAuthTokenProvider) MultiTenantServicePrincipalTokenAuthorizer { - return NewMultiTenantBearerAuthorizer(tp) -} - -// MultiTenantBearerAuthorizer implements bearer authorization across multiple tenants. -type MultiTenantBearerAuthorizer struct { - tp adal.MultitenantOAuthTokenProvider -} - -// NewMultiTenantBearerAuthorizer creates a MultiTenantBearerAuthorizer using the given token provider. -func NewMultiTenantBearerAuthorizer(tp adal.MultitenantOAuthTokenProvider) *MultiTenantBearerAuthorizer { - return &MultiTenantBearerAuthorizer{tp: tp} -} - -// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header using the -// primary token along with the auxiliary authorization header using the auxiliary tokens. -// -// By default, the token will be automatically refreshed through the Refresher interface. -func (mt *MultiTenantBearerAuthorizer) WithAuthorization() PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err != nil { - return r, err - } - if refresher, ok := mt.tp.(adal.RefresherWithContext); ok { - err = refresher.EnsureFreshWithContext(r.Context()) - if err != nil { - var resp *http.Response - if tokError, ok := err.(adal.TokenRefreshError); ok { - resp = tokError.Response() - } - return r, NewErrorWithError(err, "azure.multiTenantSPTAuthorizer", "WithAuthorization", resp, - "Failed to refresh one or more Tokens for request to %s", r.URL) - } - } - r, err = Prepare(r, WithHeader(headerAuthorization, fmt.Sprintf("Bearer %s", mt.tp.PrimaryOAuthToken()))) - if err != nil { - return r, err - } - auxTokens := mt.tp.AuxiliaryOAuthTokens() - for i := range auxTokens { - auxTokens[i] = fmt.Sprintf("Bearer %s", auxTokens[i]) - } - return Prepare(r, WithHeader(headerAuxAuthorization, strings.Join(auxTokens, ", "))) - }) - } -} - -// TokenProvider returns the underlying MultitenantOAuthTokenProvider for this authorizer. -func (mt *MultiTenantBearerAuthorizer) TokenProvider() adal.MultitenantOAuthTokenProvider { - return mt.tp -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/authorization_sas.go b/vendor/github.com/Azure/go-autorest/autorest/authorization_sas.go deleted file mode 100644 index 66501493..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/authorization_sas.go +++ /dev/null @@ -1,66 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "fmt" - "net/http" - "strings" -) - -// SASTokenAuthorizer implements an authorization for SAS Token Authentication -// this can be used for interaction with Blob Storage Endpoints -type SASTokenAuthorizer struct { - sasToken string -} - -// NewSASTokenAuthorizer creates a SASTokenAuthorizer using the given credentials -func NewSASTokenAuthorizer(sasToken string) (*SASTokenAuthorizer, error) { - if strings.TrimSpace(sasToken) == "" { - return nil, fmt.Errorf("sasToken cannot be empty") - } - - token := sasToken - if strings.HasPrefix(sasToken, "?") { - token = strings.TrimPrefix(sasToken, "?") - } - - return &SASTokenAuthorizer{ - sasToken: token, - }, nil -} - -// WithAuthorization returns a PrepareDecorator that adds a shared access signature token to the -// URI's query parameters. This can be used for the Blob, Queue, and File Services. -// -// See https://docs.microsoft.com/en-us/rest/api/storageservices/delegate-access-with-shared-access-signature -func (sas *SASTokenAuthorizer) WithAuthorization() PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err != nil { - return r, err - } - - if r.URL.RawQuery == "" { - r.URL.RawQuery = sas.sasToken - } else if !strings.Contains(r.URL.RawQuery, sas.sasToken) { - r.URL.RawQuery = fmt.Sprintf("%s&%s", r.URL.RawQuery, sas.sasToken) - } - - return Prepare(r) - }) - } -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/authorization_storage.go b/vendor/github.com/Azure/go-autorest/autorest/authorization_storage.go deleted file mode 100644 index c58d7b7b..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/authorization_storage.go +++ /dev/null @@ -1,307 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "crypto/hmac" - "crypto/sha256" - "encoding/base64" - "fmt" - "net/http" - "net/url" - "sort" - "strings" - "time" -) - -// SharedKeyType defines the enumeration for the various shared key types. -// See https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key for details on the shared key types. -type SharedKeyType string - -const ( - // SharedKey is used to authorize against blobs, files and queues services. - SharedKey SharedKeyType = "sharedKey" - - // SharedKeyForTable is used to authorize against the table service. - SharedKeyForTable SharedKeyType = "sharedKeyTable" - - // SharedKeyLite is used to authorize against blobs, files and queues services. It's provided for - // backwards compatibility with API versions before 2009-09-19. Prefer SharedKey instead. - SharedKeyLite SharedKeyType = "sharedKeyLite" - - // SharedKeyLiteForTable is used to authorize against the table service. It's provided for - // backwards compatibility with older table API versions. Prefer SharedKeyForTable instead. - SharedKeyLiteForTable SharedKeyType = "sharedKeyLiteTable" -) - -const ( - headerAccept = "Accept" - headerAcceptCharset = "Accept-Charset" - headerContentEncoding = "Content-Encoding" - headerContentLength = "Content-Length" - headerContentMD5 = "Content-MD5" - headerContentLanguage = "Content-Language" - headerIfModifiedSince = "If-Modified-Since" - headerIfMatch = "If-Match" - headerIfNoneMatch = "If-None-Match" - headerIfUnmodifiedSince = "If-Unmodified-Since" - headerDate = "Date" - headerXMSDate = "X-Ms-Date" - headerXMSVersion = "x-ms-version" - headerRange = "Range" -) - -const storageEmulatorAccountName = "devstoreaccount1" - -// SharedKeyAuthorizer implements an authorization for Shared Key -// this can be used for interaction with Blob, File and Queue Storage Endpoints -type SharedKeyAuthorizer struct { - accountName string - accountKey []byte - keyType SharedKeyType -} - -// NewSharedKeyAuthorizer creates a SharedKeyAuthorizer using the provided credentials and shared key type. -func NewSharedKeyAuthorizer(accountName, accountKey string, keyType SharedKeyType) (*SharedKeyAuthorizer, error) { - key, err := base64.StdEncoding.DecodeString(accountKey) - if err != nil { - return nil, fmt.Errorf("malformed storage account key: %v", err) - } - return &SharedKeyAuthorizer{ - accountName: accountName, - accountKey: key, - keyType: keyType, - }, nil -} - -// WithAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose -// value is " " followed by the computed key. -// This can be used for the Blob, Queue, and File Services -// -// from: https://docs.microsoft.com/en-us/rest/api/storageservices/authorize-with-shared-key -// You may use Shared Key authorization to authorize a request made against the -// 2009-09-19 version and later of the Blob and Queue services, -// and version 2014-02-14 and later of the File services. -func (sk *SharedKeyAuthorizer) WithAuthorization() PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err != nil { - return r, err - } - - sk, err := buildSharedKey(sk.accountName, sk.accountKey, r, sk.keyType) - if err != nil { - return r, err - } - return Prepare(r, WithHeader(headerAuthorization, sk)) - }) - } -} - -func buildSharedKey(accName string, accKey []byte, req *http.Request, keyType SharedKeyType) (string, error) { - canRes, err := buildCanonicalizedResource(accName, req.URL.String(), keyType) - if err != nil { - return "", err - } - - if req.Header == nil { - req.Header = http.Header{} - } - - // ensure date is set - if req.Header.Get(headerDate) == "" && req.Header.Get(headerXMSDate) == "" { - date := time.Now().UTC().Format(http.TimeFormat) - req.Header.Set(headerXMSDate, date) - } - canString, err := buildCanonicalizedString(req.Method, req.Header, canRes, keyType) - if err != nil { - return "", err - } - return createAuthorizationHeader(accName, accKey, canString, keyType), nil -} - -func buildCanonicalizedResource(accountName, uri string, keyType SharedKeyType) (string, error) { - errMsg := "buildCanonicalizedResource error: %s" - u, err := url.Parse(uri) - if err != nil { - return "", fmt.Errorf(errMsg, err.Error()) - } - - cr := bytes.NewBufferString("") - if accountName != storageEmulatorAccountName { - cr.WriteString("/") - cr.WriteString(getCanonicalizedAccountName(accountName)) - } - - if len(u.Path) > 0 { - // Any portion of the CanonicalizedResource string that is derived from - // the resource's URI should be encoded exactly as it is in the URI. - // -- https://msdn.microsoft.com/en-gb/library/azure/dd179428.aspx - cr.WriteString(u.EscapedPath()) - } else { - // a slash is required to indicate the root path - cr.WriteString("/") - } - - params, err := url.ParseQuery(u.RawQuery) - if err != nil { - return "", fmt.Errorf(errMsg, err.Error()) - } - - // See https://github.com/Azure/azure-storage-net/blob/master/Lib/Common/Core/Util/AuthenticationUtility.cs#L277 - if keyType == SharedKey { - if len(params) > 0 { - cr.WriteString("\n") - - keys := []string{} - for key := range params { - keys = append(keys, key) - } - sort.Strings(keys) - - completeParams := []string{} - for _, key := range keys { - if len(params[key]) > 1 { - sort.Strings(params[key]) - } - - completeParams = append(completeParams, fmt.Sprintf("%s:%s", key, strings.Join(params[key], ","))) - } - cr.WriteString(strings.Join(completeParams, "\n")) - } - } else { - // search for "comp" parameter, if exists then add it to canonicalizedresource - if v, ok := params["comp"]; ok { - cr.WriteString("?comp=" + v[0]) - } - } - - return cr.String(), nil -} - -func getCanonicalizedAccountName(accountName string) string { - // since we may be trying to access a secondary storage account, we need to - // remove the -secondary part of the storage name - return strings.TrimSuffix(accountName, "-secondary") -} - -func buildCanonicalizedString(verb string, headers http.Header, canonicalizedResource string, keyType SharedKeyType) (string, error) { - contentLength := headers.Get(headerContentLength) - if contentLength == "0" { - contentLength = "" - } - date := headers.Get(headerDate) - if v := headers.Get(headerXMSDate); v != "" { - if keyType == SharedKey || keyType == SharedKeyLite { - date = "" - } else { - date = v - } - } - var canString string - switch keyType { - case SharedKey: - canString = strings.Join([]string{ - verb, - headers.Get(headerContentEncoding), - headers.Get(headerContentLanguage), - contentLength, - headers.Get(headerContentMD5), - headers.Get(headerContentType), - date, - headers.Get(headerIfModifiedSince), - headers.Get(headerIfMatch), - headers.Get(headerIfNoneMatch), - headers.Get(headerIfUnmodifiedSince), - headers.Get(headerRange), - buildCanonicalizedHeader(headers), - canonicalizedResource, - }, "\n") - case SharedKeyForTable: - canString = strings.Join([]string{ - verb, - headers.Get(headerContentMD5), - headers.Get(headerContentType), - date, - canonicalizedResource, - }, "\n") - case SharedKeyLite: - canString = strings.Join([]string{ - verb, - headers.Get(headerContentMD5), - headers.Get(headerContentType), - date, - buildCanonicalizedHeader(headers), - canonicalizedResource, - }, "\n") - case SharedKeyLiteForTable: - canString = strings.Join([]string{ - date, - canonicalizedResource, - }, "\n") - default: - return "", fmt.Errorf("key type '%s' is not supported", keyType) - } - return canString, nil -} - -func buildCanonicalizedHeader(headers http.Header) string { - cm := make(map[string]string) - - for k := range headers { - headerName := strings.TrimSpace(strings.ToLower(k)) - if strings.HasPrefix(headerName, "x-ms-") { - cm[headerName] = headers.Get(k) - } - } - - if len(cm) == 0 { - return "" - } - - keys := []string{} - for key := range cm { - keys = append(keys, key) - } - - sort.Strings(keys) - - ch := bytes.NewBufferString("") - - for _, key := range keys { - ch.WriteString(key) - ch.WriteRune(':') - ch.WriteString(cm[key]) - ch.WriteRune('\n') - } - - return strings.TrimSuffix(ch.String(), "\n") -} - -func createAuthorizationHeader(accountName string, accountKey []byte, canonicalizedString string, keyType SharedKeyType) string { - h := hmac.New(sha256.New, accountKey) - h.Write([]byte(canonicalizedString)) - signature := base64.StdEncoding.EncodeToString(h.Sum(nil)) - var key string - switch keyType { - case SharedKey, SharedKeyForTable: - key = "SharedKey" - case SharedKeyLite, SharedKeyLiteForTable: - key = "SharedKeyLite" - } - return fmt.Sprintf("%s %s:%s", key, getCanonicalizedAccountName(accountName), signature) -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/autorest.go b/vendor/github.com/Azure/go-autorest/autorest/autorest.go deleted file mode 100644 index 211c98d1..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/autorest.go +++ /dev/null @@ -1,150 +0,0 @@ -/* -Package autorest implements an HTTP request pipeline suitable for use across multiple go-routines -and provides the shared routines relied on by AutoRest (see https://github.com/Azure/autorest/) -generated Go code. - -The package breaks sending and responding to HTTP requests into three phases: Preparing, Sending, -and Responding. A typical pattern is: - - req, err := Prepare(&http.Request{}, - token.WithAuthorization()) - - resp, err := Send(req, - WithLogging(logger), - DoErrorIfStatusCode(http.StatusInternalServerError), - DoCloseIfError(), - DoRetryForAttempts(5, time.Second)) - - err = Respond(resp, - ByDiscardingBody(), - ByClosing()) - -Each phase relies on decorators to modify and / or manage processing. Decorators may first modify -and then pass the data along, pass the data first and then modify the result, or wrap themselves -around passing the data (such as a logger might do). Decorators run in the order provided. For -example, the following: - - req, err := Prepare(&http.Request{}, - WithBaseURL("https://microsoft.com/"), - WithPath("a"), - WithPath("b"), - WithPath("c")) - -will set the URL to: - - https://microsoft.com/a/b/c - -Preparers and Responders may be shared and re-used (assuming the underlying decorators support -sharing and re-use). Performant use is obtained by creating one or more Preparers and Responders -shared among multiple go-routines, and a single Sender shared among multiple sending go-routines, -all bound together by means of input / output channels. - -Decorators hold their passed state within a closure (such as the path components in the example -above). Be careful to share Preparers and Responders only in a context where such held state -applies. For example, it may not make sense to share a Preparer that applies a query string from a -fixed set of values. Similarly, sharing a Responder that reads the response body into a passed -struct (e.g., ByUnmarshallingJson) is likely incorrect. - -Lastly, the Swagger specification (https://swagger.io) that drives AutoRest -(https://github.com/Azure/autorest/) precisely defines two date forms: date and date-time. The -github.com/Azure/go-autorest/autorest/date package provides time.Time derivations to ensure -correct parsing and formatting. - -Errors raised by autorest objects and methods will conform to the autorest.Error interface. - -See the included examples for more detail. For details on the suggested use of this package by -generated clients, see the Client described below. -*/ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "context" - "net/http" - "time" -) - -const ( - // HeaderLocation specifies the HTTP Location header. - HeaderLocation = "Location" - - // HeaderRetryAfter specifies the HTTP Retry-After header. - HeaderRetryAfter = "Retry-After" -) - -// ResponseHasStatusCode returns true if the status code in the HTTP Response is in the passed set -// and false otherwise. -func ResponseHasStatusCode(resp *http.Response, codes ...int) bool { - if resp == nil { - return false - } - return containsInt(codes, resp.StatusCode) -} - -// GetLocation retrieves the URL from the Location header of the passed response. -func GetLocation(resp *http.Response) string { - return resp.Header.Get(HeaderLocation) -} - -// GetRetryAfter extracts the retry delay from the Retry-After header of the passed response. If -// the header is absent or is malformed, it will return the supplied default delay time.Duration. -func GetRetryAfter(resp *http.Response, defaultDelay time.Duration) time.Duration { - retry := resp.Header.Get(HeaderRetryAfter) - if retry == "" { - return defaultDelay - } - - d, err := time.ParseDuration(retry + "s") - if err != nil { - return defaultDelay - } - - return d -} - -// NewPollingRequest allocates and returns a new http.Request to poll for the passed response. -func NewPollingRequest(resp *http.Response, cancel <-chan struct{}) (*http.Request, error) { - location := GetLocation(resp) - if location == "" { - return nil, NewErrorWithResponse("autorest", "NewPollingRequest", resp, "Location header missing from response that requires polling") - } - - req, err := Prepare(&http.Request{Cancel: cancel}, - AsGet(), - WithBaseURL(location)) - if err != nil { - return nil, NewErrorWithError(err, "autorest", "NewPollingRequest", nil, "Failure creating poll request to %s", location) - } - - return req, nil -} - -// NewPollingRequestWithContext allocates and returns a new http.Request with the specified context to poll for the passed response. -func NewPollingRequestWithContext(ctx context.Context, resp *http.Response) (*http.Request, error) { - location := GetLocation(resp) - if location == "" { - return nil, NewErrorWithResponse("autorest", "NewPollingRequestWithContext", resp, "Location header missing from response that requires polling") - } - - req, err := Prepare((&http.Request{}).WithContext(ctx), - AsGet(), - WithBaseURL(location)) - if err != nil { - return nil, NewErrorWithError(err, "autorest", "NewPollingRequestWithContext", nil, "Failure creating poll request to %s", location) - } - - return req, nil -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go b/vendor/github.com/Azure/go-autorest/autorest/azure/async.go deleted file mode 100644 index f119b11d..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/async.go +++ /dev/null @@ -1,995 +0,0 @@ -package azure - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "io" - "net/http" - "net/url" - "strings" - "time" - - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/logger" - "github.com/Azure/go-autorest/tracing" -) - -const ( - headerAsyncOperation = "Azure-AsyncOperation" -) - -const ( - operationInProgress string = "InProgress" - operationCanceled string = "Canceled" - operationFailed string = "Failed" - operationSucceeded string = "Succeeded" -) - -var pollingCodes = [...]int{http.StatusNoContent, http.StatusAccepted, http.StatusCreated, http.StatusOK} - -// FutureAPI contains the set of methods on the Future type. -type FutureAPI interface { - // Response returns the last HTTP response. - Response() *http.Response - - // Status returns the last status message of the operation. - Status() string - - // PollingMethod returns the method used to monitor the status of the asynchronous operation. - PollingMethod() PollingMethodType - - // DoneWithContext queries the service to see if the operation has completed. - DoneWithContext(context.Context, autorest.Sender) (bool, error) - - // GetPollingDelay returns a duration the application should wait before checking - // the status of the asynchronous request and true; this value is returned from - // the service via the Retry-After response header. If the header wasn't returned - // then the function returns the zero-value time.Duration and false. - GetPollingDelay() (time.Duration, bool) - - // WaitForCompletionRef will return when one of the following conditions is met: the long - // running operation has completed, the provided context is cancelled, or the client's - // polling duration has been exceeded. It will retry failed polling attempts based on - // the retry value defined in the client up to the maximum retry attempts. - // If no deadline is specified in the context then the client.PollingDuration will be - // used to determine if a default deadline should be used. - // If PollingDuration is greater than zero the value will be used as the context's timeout. - // If PollingDuration is zero then no default deadline will be used. - WaitForCompletionRef(context.Context, autorest.Client) error - - // MarshalJSON implements the json.Marshaler interface. - MarshalJSON() ([]byte, error) - - // MarshalJSON implements the json.Unmarshaler interface. - UnmarshalJSON([]byte) error - - // PollingURL returns the URL used for retrieving the status of the long-running operation. - PollingURL() string - - // GetResult should be called once polling has completed successfully. - // It makes the final GET call to retrieve the resultant payload. - GetResult(autorest.Sender) (*http.Response, error) -} - -var _ FutureAPI = (*Future)(nil) - -// Future provides a mechanism to access the status and results of an asynchronous request. -// Since futures are stateful they should be passed by value to avoid race conditions. -type Future struct { - pt pollingTracker -} - -// NewFutureFromResponse returns a new Future object initialized -// with the initial response from an asynchronous operation. -func NewFutureFromResponse(resp *http.Response) (Future, error) { - pt, err := createPollingTracker(resp) - return Future{pt: pt}, err -} - -// Response returns the last HTTP response. -func (f Future) Response() *http.Response { - if f.pt == nil { - return nil - } - return f.pt.latestResponse() -} - -// Status returns the last status message of the operation. -func (f Future) Status() string { - if f.pt == nil { - return "" - } - return f.pt.pollingStatus() -} - -// PollingMethod returns the method used to monitor the status of the asynchronous operation. -func (f Future) PollingMethod() PollingMethodType { - if f.pt == nil { - return PollingUnknown - } - return f.pt.pollingMethod() -} - -// DoneWithContext queries the service to see if the operation has completed. -func (f *Future) DoneWithContext(ctx context.Context, sender autorest.Sender) (done bool, err error) { - ctx = tracing.StartSpan(ctx, "github.com/Azure/go-autorest/autorest/azure/async.DoneWithContext") - defer func() { - sc := -1 - resp := f.Response() - if resp != nil { - sc = resp.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - - if f.pt == nil { - return false, autorest.NewError("Future", "Done", "future is not initialized") - } - if f.pt.hasTerminated() { - return true, f.pt.pollingError() - } - if err := f.pt.pollForStatus(ctx, sender); err != nil { - return false, err - } - if err := f.pt.checkForErrors(); err != nil { - return f.pt.hasTerminated(), err - } - if err := f.pt.updatePollingState(f.pt.provisioningStateApplicable()); err != nil { - return false, err - } - if err := f.pt.initPollingMethod(); err != nil { - return false, err - } - if err := f.pt.updatePollingMethod(); err != nil { - return false, err - } - return f.pt.hasTerminated(), f.pt.pollingError() -} - -// GetPollingDelay returns a duration the application should wait before checking -// the status of the asynchronous request and true; this value is returned from -// the service via the Retry-After response header. If the header wasn't returned -// then the function returns the zero-value time.Duration and false. -func (f Future) GetPollingDelay() (time.Duration, bool) { - if f.pt == nil { - return 0, false - } - resp := f.pt.latestResponse() - if resp == nil { - return 0, false - } - - retry := resp.Header.Get(autorest.HeaderRetryAfter) - if retry == "" { - return 0, false - } - - d, err := time.ParseDuration(retry + "s") - if err != nil { - panic(err) - } - - return d, true -} - -// WaitForCompletionRef will return when one of the following conditions is met: the long -// running operation has completed, the provided context is cancelled, or the client's -// polling duration has been exceeded. It will retry failed polling attempts based on -// the retry value defined in the client up to the maximum retry attempts. -// If no deadline is specified in the context then the client.PollingDuration will be -// used to determine if a default deadline should be used. -// If PollingDuration is greater than zero the value will be used as the context's timeout. -// If PollingDuration is zero then no default deadline will be used. -func (f *Future) WaitForCompletionRef(ctx context.Context, client autorest.Client) (err error) { - ctx = tracing.StartSpan(ctx, "github.com/Azure/go-autorest/autorest/azure/async.WaitForCompletionRef") - defer func() { - sc := -1 - resp := f.Response() - if resp != nil { - sc = resp.StatusCode - } - tracing.EndSpan(ctx, sc, err) - }() - cancelCtx := ctx - // if the provided context already has a deadline don't override it - _, hasDeadline := ctx.Deadline() - if d := client.PollingDuration; !hasDeadline && d != 0 { - var cancel context.CancelFunc - cancelCtx, cancel = context.WithTimeout(ctx, d) - defer cancel() - } - // if the initial response has a Retry-After, sleep for the specified amount of time before starting to poll - if delay, ok := f.GetPollingDelay(); ok { - logger.Instance.Writeln(logger.LogInfo, "WaitForCompletionRef: initial polling delay") - if delayElapsed := autorest.DelayForBackoff(delay, 0, cancelCtx.Done()); !delayElapsed { - err = cancelCtx.Err() - return - } - } - done, err := f.DoneWithContext(ctx, client) - for attempts := 0; !done; done, err = f.DoneWithContext(ctx, client) { - if attempts >= client.RetryAttempts { - return autorest.NewErrorWithError(err, "Future", "WaitForCompletion", f.pt.latestResponse(), "the number of retries has been exceeded") - } - // we want delayAttempt to be zero in the non-error case so - // that DelayForBackoff doesn't perform exponential back-off - var delayAttempt int - var delay time.Duration - if err == nil { - // check for Retry-After delay, if not present use the client's polling delay - var ok bool - delay, ok = f.GetPollingDelay() - if !ok { - logger.Instance.Writeln(logger.LogInfo, "WaitForCompletionRef: Using client polling delay") - delay = client.PollingDelay - } - } else { - // there was an error polling for status so perform exponential - // back-off based on the number of attempts using the client's retry - // duration. update attempts after delayAttempt to avoid off-by-one. - logger.Instance.Writef(logger.LogError, "WaitForCompletionRef: %s\n", err) - delayAttempt = attempts - delay = client.RetryDuration - attempts++ - } - // wait until the delay elapses or the context is cancelled - delayElapsed := autorest.DelayForBackoff(delay, delayAttempt, cancelCtx.Done()) - if !delayElapsed { - return autorest.NewErrorWithError(cancelCtx.Err(), "Future", "WaitForCompletion", f.pt.latestResponse(), "context has been cancelled") - } - } - return -} - -// MarshalJSON implements the json.Marshaler interface. -func (f Future) MarshalJSON() ([]byte, error) { - return json.Marshal(f.pt) -} - -// UnmarshalJSON implements the json.Unmarshaler interface. -func (f *Future) UnmarshalJSON(data []byte) error { - // unmarshal into JSON object to determine the tracker type - obj := map[string]interface{}{} - err := json.Unmarshal(data, &obj) - if err != nil { - return err - } - if obj["method"] == nil { - return autorest.NewError("Future", "UnmarshalJSON", "missing 'method' property") - } - method := obj["method"].(string) - switch strings.ToUpper(method) { - case http.MethodDelete: - f.pt = &pollingTrackerDelete{} - case http.MethodPatch: - f.pt = &pollingTrackerPatch{} - case http.MethodPost: - f.pt = &pollingTrackerPost{} - case http.MethodPut: - f.pt = &pollingTrackerPut{} - default: - return autorest.NewError("Future", "UnmarshalJSON", "unsupoorted method '%s'", method) - } - // now unmarshal into the tracker - return json.Unmarshal(data, &f.pt) -} - -// PollingURL returns the URL used for retrieving the status of the long-running operation. -func (f Future) PollingURL() string { - if f.pt == nil { - return "" - } - return f.pt.pollingURL() -} - -// GetResult should be called once polling has completed successfully. -// It makes the final GET call to retrieve the resultant payload. -func (f Future) GetResult(sender autorest.Sender) (*http.Response, error) { - if f.pt.finalGetURL() == "" { - // we can end up in this situation if the async operation returns a 200 - // with no polling URLs. in that case return the response which should - // contain the JSON payload (only do this for successful terminal cases). - if lr := f.pt.latestResponse(); lr != nil && f.pt.hasSucceeded() { - return lr, nil - } - return nil, autorest.NewError("Future", "GetResult", "missing URL for retrieving result") - } - req, err := http.NewRequest(http.MethodGet, f.pt.finalGetURL(), nil) - if err != nil { - return nil, err - } - resp, err := sender.Do(req) - if err == nil && resp.Body != nil { - // copy the body and close it so callers don't have to - defer resp.Body.Close() - b, err := io.ReadAll(resp.Body) - if err != nil { - return resp, err - } - resp.Body = io.NopCloser(bytes.NewReader(b)) - } - return resp, err -} - -type pollingTracker interface { - // these methods can differ per tracker - - // checks the response headers and status code to determine the polling mechanism - updatePollingMethod() error - - // checks the response for tracker-specific error conditions - checkForErrors() error - - // returns true if provisioning state should be checked - provisioningStateApplicable() bool - - // methods common to all trackers - - // initializes a tracker's polling URL and method, called for each iteration. - // these values can be overridden by each polling tracker as required. - initPollingMethod() error - - // initializes the tracker's internal state, call this when the tracker is created - initializeState() error - - // makes an HTTP request to check the status of the LRO - pollForStatus(ctx context.Context, sender autorest.Sender) error - - // updates internal tracker state, call this after each call to pollForStatus - updatePollingState(provStateApl bool) error - - // returns the error response from the service, can be nil - pollingError() error - - // returns the polling method being used - pollingMethod() PollingMethodType - - // returns the state of the LRO as returned from the service - pollingStatus() string - - // returns the URL used for polling status - pollingURL() string - - // returns the URL used for the final GET to retrieve the resource - finalGetURL() string - - // returns true if the LRO is in a terminal state - hasTerminated() bool - - // returns true if the LRO is in a failed terminal state - hasFailed() bool - - // returns true if the LRO is in a successful terminal state - hasSucceeded() bool - - // returns the cached HTTP response after a call to pollForStatus(), can be nil - latestResponse() *http.Response -} - -type pollingTrackerBase struct { - // resp is the last response, either from the submission of the LRO or from polling - resp *http.Response - - // method is the HTTP verb, this is needed for deserialization - Method string `json:"method"` - - // rawBody is the raw JSON response body - rawBody map[string]interface{} - - // denotes if polling is using async-operation or location header - Pm PollingMethodType `json:"pollingMethod"` - - // the URL to poll for status - URI string `json:"pollingURI"` - - // the state of the LRO as returned from the service - State string `json:"lroState"` - - // the URL to GET for the final result - FinalGetURI string `json:"resultURI"` - - // used to hold an error object returned from the service - Err *ServiceError `json:"error,omitempty"` -} - -func (pt *pollingTrackerBase) initializeState() error { - // determine the initial polling state based on response body and/or HTTP status - // code. this is applicable to the initial LRO response, not polling responses! - pt.Method = pt.resp.Request.Method - if err := pt.updateRawBody(); err != nil { - return err - } - switch pt.resp.StatusCode { - case http.StatusOK: - if ps := pt.getProvisioningState(); ps != nil { - pt.State = *ps - if pt.hasFailed() { - pt.updateErrorFromResponse() - return pt.pollingError() - } - } else { - pt.State = operationSucceeded - } - case http.StatusCreated: - if ps := pt.getProvisioningState(); ps != nil { - pt.State = *ps - } else { - pt.State = operationInProgress - } - case http.StatusAccepted: - pt.State = operationInProgress - case http.StatusNoContent: - pt.State = operationSucceeded - default: - pt.State = operationFailed - pt.updateErrorFromResponse() - return pt.pollingError() - } - return pt.initPollingMethod() -} - -func (pt pollingTrackerBase) getProvisioningState() *string { - if pt.rawBody != nil && pt.rawBody["properties"] != nil { - p := pt.rawBody["properties"].(map[string]interface{}) - if ps := p["provisioningState"]; ps != nil { - s := ps.(string) - return &s - } - } - return nil -} - -func (pt *pollingTrackerBase) updateRawBody() error { - pt.rawBody = map[string]interface{}{} - if pt.resp.ContentLength != 0 { - defer pt.resp.Body.Close() - b, err := io.ReadAll(pt.resp.Body) - if err != nil { - return autorest.NewErrorWithError(err, "pollingTrackerBase", "updateRawBody", nil, "failed to read response body") - } - // put the body back so it's available to other callers - pt.resp.Body = io.NopCloser(bytes.NewReader(b)) - // observed in 204 responses over HTTP/2.0; the content length is -1 but body is empty - if len(b) == 0 { - return nil - } - if err = json.Unmarshal(b, &pt.rawBody); err != nil { - return autorest.NewErrorWithError(err, "pollingTrackerBase", "updateRawBody", nil, "failed to unmarshal response body") - } - } - return nil -} - -func (pt *pollingTrackerBase) pollForStatus(ctx context.Context, sender autorest.Sender) error { - req, err := http.NewRequest(http.MethodGet, pt.URI, nil) - if err != nil { - return autorest.NewErrorWithError(err, "pollingTrackerBase", "pollForStatus", nil, "failed to create HTTP request") - } - - req = req.WithContext(ctx) - preparer := autorest.CreatePreparer(autorest.GetPrepareDecorators(ctx)...) - req, err = preparer.Prepare(req) - if err != nil { - return autorest.NewErrorWithError(err, "pollingTrackerBase", "pollForStatus", nil, "failed preparing HTTP request") - } - pt.resp, err = sender.Do(req) - if err != nil { - return autorest.NewErrorWithError(err, "pollingTrackerBase", "pollForStatus", nil, "failed to send HTTP request") - } - if autorest.ResponseHasStatusCode(pt.resp, pollingCodes[:]...) { - // reset the service error on success case - pt.Err = nil - err = pt.updateRawBody() - } else { - // check response body for error content - pt.updateErrorFromResponse() - err = pt.pollingError() - } - return err -} - -// attempts to unmarshal a ServiceError type from the response body. -// if that fails then make a best attempt at creating something meaningful. -// NOTE: this assumes that the async operation has failed. -func (pt *pollingTrackerBase) updateErrorFromResponse() { - var err error - if pt.resp.ContentLength != 0 { - type respErr struct { - ServiceError *ServiceError `json:"error"` - } - re := respErr{} - defer pt.resp.Body.Close() - var b []byte - if b, err = io.ReadAll(pt.resp.Body); err != nil { - goto Default - } - // put the body back so it's available to other callers - pt.resp.Body = io.NopCloser(bytes.NewReader(b)) - if len(b) == 0 { - goto Default - } - if err = json.Unmarshal(b, &re); err != nil { - goto Default - } - // unmarshalling the error didn't yield anything, try unwrapped error - if re.ServiceError == nil { - err = json.Unmarshal(b, &re.ServiceError) - if err != nil { - goto Default - } - } - // the unmarshaller will ensure re.ServiceError is non-nil - // even if there was no content unmarshalled so check the code. - if re.ServiceError.Code != "" { - pt.Err = re.ServiceError - return - } - } -Default: - se := &ServiceError{ - Code: pt.pollingStatus(), - Message: "The async operation failed.", - } - if err != nil { - se.InnerError = make(map[string]interface{}) - se.InnerError["unmarshalError"] = err.Error() - } - // stick the response body into the error object in hopes - // it contains something useful to help diagnose the failure. - if len(pt.rawBody) > 0 { - se.AdditionalInfo = []map[string]interface{}{ - pt.rawBody, - } - } - pt.Err = se -} - -func (pt *pollingTrackerBase) updatePollingState(provStateApl bool) error { - if pt.Pm == PollingAsyncOperation && pt.rawBody["status"] != nil { - pt.State = pt.rawBody["status"].(string) - } else { - if pt.resp.StatusCode == http.StatusAccepted { - pt.State = operationInProgress - } else if provStateApl { - if ps := pt.getProvisioningState(); ps != nil { - pt.State = *ps - } else { - pt.State = operationSucceeded - } - } else { - return autorest.NewError("pollingTrackerBase", "updatePollingState", "the response from the async operation has an invalid status code") - } - } - // if the operation has failed update the error state - if pt.hasFailed() { - pt.updateErrorFromResponse() - } - return nil -} - -func (pt pollingTrackerBase) pollingError() error { - if pt.Err == nil { - return nil - } - return pt.Err -} - -func (pt pollingTrackerBase) pollingMethod() PollingMethodType { - return pt.Pm -} - -func (pt pollingTrackerBase) pollingStatus() string { - return pt.State -} - -func (pt pollingTrackerBase) pollingURL() string { - return pt.URI -} - -func (pt pollingTrackerBase) finalGetURL() string { - return pt.FinalGetURI -} - -func (pt pollingTrackerBase) hasTerminated() bool { - return strings.EqualFold(pt.State, operationCanceled) || strings.EqualFold(pt.State, operationFailed) || strings.EqualFold(pt.State, operationSucceeded) -} - -func (pt pollingTrackerBase) hasFailed() bool { - return strings.EqualFold(pt.State, operationCanceled) || strings.EqualFold(pt.State, operationFailed) -} - -func (pt pollingTrackerBase) hasSucceeded() bool { - return strings.EqualFold(pt.State, operationSucceeded) -} - -func (pt pollingTrackerBase) latestResponse() *http.Response { - return pt.resp -} - -// error checking common to all trackers -func (pt pollingTrackerBase) baseCheckForErrors() error { - // for Azure-AsyncOperations the response body cannot be nil or empty - if pt.Pm == PollingAsyncOperation { - if pt.resp.Body == nil || pt.resp.ContentLength == 0 { - return autorest.NewError("pollingTrackerBase", "baseCheckForErrors", "for Azure-AsyncOperation response body cannot be nil") - } - if pt.rawBody["status"] == nil { - return autorest.NewError("pollingTrackerBase", "baseCheckForErrors", "missing status property in Azure-AsyncOperation response body") - } - } - return nil -} - -// default initialization of polling URL/method. each verb tracker will update this as required. -func (pt *pollingTrackerBase) initPollingMethod() error { - if ao, err := getURLFromAsyncOpHeader(pt.resp); err != nil { - return err - } else if ao != "" { - pt.URI = ao - pt.Pm = PollingAsyncOperation - return nil - } - if lh, err := getURLFromLocationHeader(pt.resp); err != nil { - return err - } else if lh != "" { - pt.URI = lh - pt.Pm = PollingLocation - return nil - } - // it's ok if we didn't find a polling header, this will be handled elsewhere - return nil -} - -// DELETE - -type pollingTrackerDelete struct { - pollingTrackerBase -} - -func (pt *pollingTrackerDelete) updatePollingMethod() error { - // for 201 the Location header is required - if pt.resp.StatusCode == http.StatusCreated { - if lh, err := getURLFromLocationHeader(pt.resp); err != nil { - return err - } else if lh == "" { - return autorest.NewError("pollingTrackerDelete", "updateHeaders", "missing Location header in 201 response") - } else { - pt.URI = lh - } - pt.Pm = PollingLocation - pt.FinalGetURI = pt.URI - } - // for 202 prefer the Azure-AsyncOperation header but fall back to Location if necessary - if pt.resp.StatusCode == http.StatusAccepted { - ao, err := getURLFromAsyncOpHeader(pt.resp) - if err != nil { - return err - } else if ao != "" { - pt.URI = ao - pt.Pm = PollingAsyncOperation - } - // if the Location header is invalid and we already have a polling URL - // then we don't care if the Location header URL is malformed. - if lh, err := getURLFromLocationHeader(pt.resp); err != nil && pt.URI == "" { - return err - } else if lh != "" { - if ao == "" { - pt.URI = lh - pt.Pm = PollingLocation - } - // when both headers are returned we use the value in the Location header for the final GET - pt.FinalGetURI = lh - } - // make sure a polling URL was found - if pt.URI == "" { - return autorest.NewError("pollingTrackerPost", "updateHeaders", "didn't get any suitable polling URLs in 202 response") - } - } - return nil -} - -func (pt pollingTrackerDelete) checkForErrors() error { - return pt.baseCheckForErrors() -} - -func (pt pollingTrackerDelete) provisioningStateApplicable() bool { - return pt.resp.StatusCode == http.StatusOK || pt.resp.StatusCode == http.StatusNoContent -} - -// PATCH - -type pollingTrackerPatch struct { - pollingTrackerBase -} - -func (pt *pollingTrackerPatch) updatePollingMethod() error { - // by default we can use the original URL for polling and final GET - if pt.URI == "" { - pt.URI = pt.resp.Request.URL.String() - } - if pt.FinalGetURI == "" { - pt.FinalGetURI = pt.resp.Request.URL.String() - } - if pt.Pm == PollingUnknown { - pt.Pm = PollingRequestURI - } - // for 201 it's permissible for no headers to be returned - if pt.resp.StatusCode == http.StatusCreated { - if ao, err := getURLFromAsyncOpHeader(pt.resp); err != nil { - return err - } else if ao != "" { - pt.URI = ao - pt.Pm = PollingAsyncOperation - } - } - // for 202 prefer the Azure-AsyncOperation header but fall back to Location if necessary - // note the absence of the "final GET" mechanism for PATCH - if pt.resp.StatusCode == http.StatusAccepted { - ao, err := getURLFromAsyncOpHeader(pt.resp) - if err != nil { - return err - } else if ao != "" { - pt.URI = ao - pt.Pm = PollingAsyncOperation - } - if ao == "" { - if lh, err := getURLFromLocationHeader(pt.resp); err != nil { - return err - } else if lh == "" { - return autorest.NewError("pollingTrackerPatch", "updateHeaders", "didn't get any suitable polling URLs in 202 response") - } else { - pt.URI = lh - pt.Pm = PollingLocation - } - } - } - return nil -} - -func (pt pollingTrackerPatch) checkForErrors() error { - return pt.baseCheckForErrors() -} - -func (pt pollingTrackerPatch) provisioningStateApplicable() bool { - return pt.resp.StatusCode == http.StatusOK || pt.resp.StatusCode == http.StatusCreated -} - -// POST - -type pollingTrackerPost struct { - pollingTrackerBase -} - -func (pt *pollingTrackerPost) updatePollingMethod() error { - // 201 requires Location header - if pt.resp.StatusCode == http.StatusCreated { - if lh, err := getURLFromLocationHeader(pt.resp); err != nil { - return err - } else if lh == "" { - return autorest.NewError("pollingTrackerPost", "updateHeaders", "missing Location header in 201 response") - } else { - pt.URI = lh - pt.FinalGetURI = lh - pt.Pm = PollingLocation - } - } - // for 202 prefer the Azure-AsyncOperation header but fall back to Location if necessary - if pt.resp.StatusCode == http.StatusAccepted { - ao, err := getURLFromAsyncOpHeader(pt.resp) - if err != nil { - return err - } else if ao != "" { - pt.URI = ao - pt.Pm = PollingAsyncOperation - } - // if the Location header is invalid and we already have a polling URL - // then we don't care if the Location header URL is malformed. - if lh, err := getURLFromLocationHeader(pt.resp); err != nil && pt.URI == "" { - return err - } else if lh != "" { - if ao == "" { - pt.URI = lh - pt.Pm = PollingLocation - } - // when both headers are returned we use the value in the Location header for the final GET - pt.FinalGetURI = lh - } - // make sure a polling URL was found - if pt.URI == "" { - return autorest.NewError("pollingTrackerPost", "updateHeaders", "didn't get any suitable polling URLs in 202 response") - } - } - return nil -} - -func (pt pollingTrackerPost) checkForErrors() error { - return pt.baseCheckForErrors() -} - -func (pt pollingTrackerPost) provisioningStateApplicable() bool { - return pt.resp.StatusCode == http.StatusOK || pt.resp.StatusCode == http.StatusNoContent -} - -// PUT - -type pollingTrackerPut struct { - pollingTrackerBase -} - -func (pt *pollingTrackerPut) updatePollingMethod() error { - // by default we can use the original URL for polling and final GET - if pt.URI == "" { - pt.URI = pt.resp.Request.URL.String() - } - if pt.FinalGetURI == "" { - pt.FinalGetURI = pt.resp.Request.URL.String() - } - if pt.Pm == PollingUnknown { - pt.Pm = PollingRequestURI - } - // for 201 it's permissible for no headers to be returned - if pt.resp.StatusCode == http.StatusCreated { - if ao, err := getURLFromAsyncOpHeader(pt.resp); err != nil { - return err - } else if ao != "" { - pt.URI = ao - pt.Pm = PollingAsyncOperation - } - } - // for 202 prefer the Azure-AsyncOperation header but fall back to Location if necessary - if pt.resp.StatusCode == http.StatusAccepted { - ao, err := getURLFromAsyncOpHeader(pt.resp) - if err != nil { - return err - } else if ao != "" { - pt.URI = ao - pt.Pm = PollingAsyncOperation - } - // if the Location header is invalid and we already have a polling URL - // then we don't care if the Location header URL is malformed. - if lh, err := getURLFromLocationHeader(pt.resp); err != nil && pt.URI == "" { - return err - } else if lh != "" { - if ao == "" { - pt.URI = lh - pt.Pm = PollingLocation - } - } - // make sure a polling URL was found - if pt.URI == "" { - return autorest.NewError("pollingTrackerPut", "updateHeaders", "didn't get any suitable polling URLs in 202 response") - } - } - return nil -} - -func (pt pollingTrackerPut) checkForErrors() error { - err := pt.baseCheckForErrors() - if err != nil { - return err - } - // if there are no LRO headers then the body cannot be empty - ao, err := getURLFromAsyncOpHeader(pt.resp) - if err != nil { - return err - } - lh, err := getURLFromLocationHeader(pt.resp) - if err != nil { - return err - } - if ao == "" && lh == "" && len(pt.rawBody) == 0 { - return autorest.NewError("pollingTrackerPut", "checkForErrors", "the response did not contain a body") - } - return nil -} - -func (pt pollingTrackerPut) provisioningStateApplicable() bool { - return pt.resp.StatusCode == http.StatusOK || pt.resp.StatusCode == http.StatusCreated -} - -// creates a polling tracker based on the verb of the original request -func createPollingTracker(resp *http.Response) (pollingTracker, error) { - var pt pollingTracker - switch strings.ToUpper(resp.Request.Method) { - case http.MethodDelete: - pt = &pollingTrackerDelete{pollingTrackerBase: pollingTrackerBase{resp: resp}} - case http.MethodPatch: - pt = &pollingTrackerPatch{pollingTrackerBase: pollingTrackerBase{resp: resp}} - case http.MethodPost: - pt = &pollingTrackerPost{pollingTrackerBase: pollingTrackerBase{resp: resp}} - case http.MethodPut: - pt = &pollingTrackerPut{pollingTrackerBase: pollingTrackerBase{resp: resp}} - default: - return nil, autorest.NewError("azure", "createPollingTracker", "unsupported HTTP method %s", resp.Request.Method) - } - if err := pt.initializeState(); err != nil { - return pt, err - } - // this initializes the polling header values, we do this during creation in case the - // initial response send us invalid values; this way the API call will return a non-nil - // error (not doing this means the error shows up in Future.Done) - return pt, pt.updatePollingMethod() -} - -// gets the polling URL from the Azure-AsyncOperation header. -// ensures the URL is well-formed and absolute. -func getURLFromAsyncOpHeader(resp *http.Response) (string, error) { - s := resp.Header.Get(http.CanonicalHeaderKey(headerAsyncOperation)) - if s == "" { - return "", nil - } - if !isValidURL(s) { - return "", autorest.NewError("azure", "getURLFromAsyncOpHeader", "invalid polling URL '%s'", s) - } - return s, nil -} - -// gets the polling URL from the Location header. -// ensures the URL is well-formed and absolute. -func getURLFromLocationHeader(resp *http.Response) (string, error) { - s := resp.Header.Get(http.CanonicalHeaderKey(autorest.HeaderLocation)) - if s == "" { - return "", nil - } - if !isValidURL(s) { - return "", autorest.NewError("azure", "getURLFromLocationHeader", "invalid polling URL '%s'", s) - } - return s, nil -} - -// verify that the URL is valid and absolute -func isValidURL(s string) bool { - u, err := url.Parse(s) - return err == nil && u.IsAbs() -} - -// PollingMethodType defines a type used for enumerating polling mechanisms. -type PollingMethodType string - -const ( - // PollingAsyncOperation indicates the polling method uses the Azure-AsyncOperation header. - PollingAsyncOperation PollingMethodType = "AsyncOperation" - - // PollingLocation indicates the polling method uses the Location header. - PollingLocation PollingMethodType = "Location" - - // PollingRequestURI indicates the polling method uses the original request URI. - PollingRequestURI PollingMethodType = "RequestURI" - - // PollingUnknown indicates an unknown polling method and is the default value. - PollingUnknown PollingMethodType = "" -) - -// AsyncOpIncompleteError is the type that's returned from a future that has not completed. -type AsyncOpIncompleteError struct { - // FutureType is the name of the type composed of a azure.Future. - FutureType string -} - -// Error returns an error message including the originating type name of the error. -func (e AsyncOpIncompleteError) Error() string { - return fmt.Sprintf("%s: asynchronous operation has not completed", e.FutureType) -} - -// NewAsyncOpIncompleteError creates a new AsyncOpIncompleteError with the specified parameters. -func NewAsyncOpIncompleteError(futureType string) AsyncOpIncompleteError { - return AsyncOpIncompleteError{ - FutureType: futureType, - } -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/auth/LICENSE b/vendor/github.com/Azure/go-autorest/autorest/azure/auth/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/auth/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/auth/README.md b/vendor/github.com/Azure/go-autorest/autorest/azure/auth/README.md deleted file mode 100644 index 05bef8a8..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/auth/README.md +++ /dev/null @@ -1,152 +0,0 @@ -# NOTE: This module will go out of support by March 31, 2023. For authenticating with Azure AD, use module [azidentity](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity) instead. For help migrating from `auth` to `azidentiy` please consult the [migration guide](https://aka.ms/azsdk/go/identity/migration). General information about the retirement of this and other legacy modules can be found [here](https://azure.microsoft.com/updates/support-for-azure-sdk-libraries-that-do-not-conform-to-our-current-azure-sdk-guidelines-will-be-retired-as-of-31-march-2023/). - -## Authentication - -Typical SDK operations must be authenticated and authorized. The `autorest.Authorizer` -interface allows use of any auth style in requests, such as inserting an OAuth2 -Authorization header and bearer token received from Azure AD. - -The SDK itself provides a simple way to get an authorizer which first checks -for OAuth client credentials in environment variables and then falls back to -Azure's [Managed Service Identity]() when available, e.g. when on an Azure -VM. The following snippet from [the previous section](#use) demonstrates -this helper. - -```go -import "github.com/Azure/go-autorest/autorest/azure/auth" - -// create a VirtualNetworks client -vnetClient := network.NewVirtualNetworksClient("") - -// create an authorizer from env vars or Azure Managed Service Idenity -authorizer, err := auth.NewAuthorizerFromEnvironment() -if err != nil { - handle(err) -} - -vnetClient.Authorizer = authorizer - -// call the VirtualNetworks CreateOrUpdate API -vnetClient.CreateOrUpdate(context.Background(), -// ... -``` - -The following environment variables help determine authentication configuration: - -- `AZURE_ENVIRONMENT`: Specifies the Azure Environment to use. If not set, it - defaults to `AzurePublicCloud`. Not applicable to authentication with Managed - Service Identity (MSI). -- `AZURE_AD_RESOURCE`: Specifies the AAD resource ID to use. If not set, it - defaults to `ResourceManagerEndpoint` for operations with Azure Resource - Manager. You can also choose an alternate resource programmatically with - `auth.NewAuthorizerFromEnvironmentWithResource(resource string)`. - -### More Authentication Details - -The previous is the first and most recommended of several authentication -options offered by the SDK because it allows seamless use of both service -principals and [Azure Managed Service Identity][]. Other options are listed -below. - -> Note: If you need to create a new service principal, run `az ad sp create-for-rbac -n ""` in the -> [azure-cli](https://github.com/Azure/azure-cli). See [these -> docs](https://docs.microsoft.com/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest) -> for more info. Copy the new principal's ID, secret, and tenant ID for use in -> your app, or consider the `--sdk-auth` parameter for serialized output. - -[azure managed service identity]: https://docs.microsoft.com/azure/active-directory/msi-overview - -- The `auth.NewAuthorizerFromEnvironment()` described above creates an authorizer - from the first available of the following configuration: - - 1. **Client Credentials**: Azure AD Application ID and Secret. - - - `AZURE_TENANT_ID`: Specifies the Tenant to which to authenticate. - - `AZURE_CLIENT_ID`: Specifies the app client ID to use. - - `AZURE_CLIENT_SECRET`: Specifies the app secret to use. - - 2. **Client Certificate**: Azure AD Application ID and X.509 Certificate. - - - `AZURE_TENANT_ID`: Specifies the Tenant to which to authenticate. - - `AZURE_CLIENT_ID`: Specifies the app client ID to use. - - `AZURE_CERTIFICATE_PATH`: Specifies the certificate Path to use. - - `AZURE_CERTIFICATE_PASSWORD`: Specifies the certificate password to use. - - 3. **Resource Owner Password**: Azure AD User and Password. This grant type is *not - recommended*, use device login instead if you need interactive login. - - - `AZURE_TENANT_ID`: Specifies the Tenant to which to authenticate. - - `AZURE_CLIENT_ID`: Specifies the app client ID to use. - - `AZURE_USERNAME`: Specifies the username to use. - - `AZURE_PASSWORD`: Specifies the password to use. - - 4. **Azure Managed Service Identity**: Delegate credential management to the - platform. Requires that code is running in Azure, e.g. on a VM. All - configuration is handled by Azure. See [Azure Managed Service - Identity](https://docs.microsoft.com/azure/active-directory/msi-overview) - for more details. - -- The `auth.NewAuthorizerFromFile()` method creates an authorizer using - credentials from an auth file created by the [Azure CLI][]. Follow these - steps to utilize: - - 1. Create a service principal and output an auth file using `az ad sp create-for-rbac --sdk-auth > client_credentials.json`. - 2. Set environment variable `AZURE_AUTH_LOCATION` to the path of the saved - output file. - 3. Use the authorizer returned by `auth.NewAuthorizerFromFile()` in your - client as described above. - -- The `auth.NewAuthorizerFromCLI()` method creates an authorizer which - uses [Azure CLI][] to obtain its credentials. - - The default audience being requested is `https://management.azure.com` (Azure ARM API). - To specify your own audience, export `AZURE_AD_RESOURCE` as an evironment variable. - This is read by `auth.NewAuthorizerFromCLI()` and passed to Azure CLI to acquire the access token. - - For example, to request an access token for Azure Key Vault, export - ``` - AZURE_AD_RESOURCE="https://vault.azure.net" - ``` - -- `auth.NewAuthorizerFromCLIWithResource(AUDIENCE_URL_OR_APPLICATION_ID)` - this method is self contained and does - not require exporting environment variables. For example, to request an access token for Azure Key Vault: - ``` - auth.NewAuthorizerFromCLIWithResource("https://vault.azure.net") - ``` - - To use `NewAuthorizerFromCLI()` or `NewAuthorizerFromCLIWithResource()`, follow these steps: - - 1. Install [Azure CLI v2.0.12](https://docs.microsoft.com/cli/azure/install-azure-cli) or later. Upgrade earlier versions. - 2. Use `az login` to sign in to Azure. - - If you receive an error, use `az account get-access-token` to verify access. - - If Azure CLI is not installed to the default directory, you may receive an error - reporting that `az` cannot be found. - Use the `AzureCLIPath` environment variable to define the Azure CLI installation folder. - - If you are signed in to Azure CLI using multiple accounts or your account has - access to multiple subscriptions, you need to specify the specific subscription - to be used. To do so, use: - - ``` - az account set --subscription - ``` - - To verify the current account settings, use: - - ``` - az account list - ``` - -[azure cli]: https://github.com/Azure/azure-cli - -- Finally, you can use OAuth's [Device Flow][] by calling - `auth.NewDeviceFlowConfig()` and extracting the Authorizer as follows: - - ```go - config := auth.NewDeviceFlowConfig(clientID, tenantID) - a, err := config.Authorizer() - ``` - -[device flow]: https://oauth.net/2/device-flow/ diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/auth/auth.go b/vendor/github.com/Azure/go-autorest/autorest/azure/auth/auth.go deleted file mode 100644 index 25697b3c..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/auth/auth.go +++ /dev/null @@ -1,772 +0,0 @@ -package auth - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "context" - "encoding/binary" - "encoding/json" - "errors" - "fmt" - "io" - "log" - "os" - "strings" - "unicode/utf16" - - "github.com/Azure/go-autorest/autorest" - "github.com/Azure/go-autorest/autorest/adal" - "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/azure/cli" - "github.com/Azure/go-autorest/logger" - "github.com/dimchansky/utfbom" -) - -// The possible keys in the Values map. -const ( - SubscriptionID = "AZURE_SUBSCRIPTION_ID" - TenantID = "AZURE_TENANT_ID" - AuxiliaryTenantIDs = "AZURE_AUXILIARY_TENANT_IDS" - ClientID = "AZURE_CLIENT_ID" - ClientSecret = "AZURE_CLIENT_SECRET" - CertificatePath = "AZURE_CERTIFICATE_PATH" - CertificatePassword = "AZURE_CERTIFICATE_PASSWORD" - Username = "AZURE_USERNAME" - Password = "AZURE_PASSWORD" - EnvironmentName = "AZURE_ENVIRONMENT" - Resource = "AZURE_AD_RESOURCE" - ActiveDirectoryEndpoint = "ActiveDirectoryEndpoint" - ResourceManagerEndpoint = "ResourceManagerEndpoint" - GraphResourceID = "GraphResourceID" - SQLManagementEndpoint = "SQLManagementEndpoint" - GalleryEndpoint = "GalleryEndpoint" - ManagementEndpoint = "ManagementEndpoint" -) - -// NewAuthorizerFromEnvironment creates an Authorizer configured from environment variables in the order: -// 1. Client credentials -// 2. Client certificate -// 3. Username password -// 4. MSI -func NewAuthorizerFromEnvironment() (autorest.Authorizer, error) { - logger.Instance.Writeln(logger.LogInfo, "NewAuthorizerFromEnvironment() determining authentication mechanism") - settings, err := GetSettingsFromEnvironment() - if err != nil { - return nil, err - } - return settings.GetAuthorizer() -} - -// NewAuthorizerFromEnvironmentWithResource creates an Authorizer configured from environment variables in the order: -// 1. Client credentials -// 2. Client certificate -// 3. Username password -// 4. MSI -func NewAuthorizerFromEnvironmentWithResource(resource string) (autorest.Authorizer, error) { - logger.Instance.Writeln(logger.LogInfo, "NewAuthorizerFromEnvironmentWithResource() determining authentication mechanism") - settings, err := GetSettingsFromEnvironment() - if err != nil { - return nil, err - } - settings.Values[Resource] = resource - return settings.GetAuthorizer() -} - -// EnvironmentSettings contains the available authentication settings. -type EnvironmentSettings struct { - Values map[string]string - Environment azure.Environment -} - -// GetSettingsFromEnvironment returns the available authentication settings from the environment. -func GetSettingsFromEnvironment() (s EnvironmentSettings, err error) { - s = EnvironmentSettings{ - Values: map[string]string{}, - } - s.setValue(SubscriptionID) - s.setValue(TenantID) - s.setValue(AuxiliaryTenantIDs) - s.setValue(ClientID) - s.setValue(ClientSecret) - s.setValue(CertificatePath) - s.setValue(CertificatePassword) - s.setValue(Username) - s.setValue(Password) - s.setValue(EnvironmentName) - s.setValue(Resource) - if v := s.Values[EnvironmentName]; v == "" { - s.Environment = azure.PublicCloud - } else { - s.Environment, err = azure.EnvironmentFromName(v) - } - if s.Values[Resource] == "" { - s.Values[Resource] = s.Environment.ResourceManagerEndpoint - } - return -} - -// GetSubscriptionID returns the available subscription ID or an empty string. -func (settings EnvironmentSettings) GetSubscriptionID() string { - return settings.Values[SubscriptionID] -} - -// adds the specified environment variable value to the Values map if it exists -func (settings EnvironmentSettings) setValue(key string) { - if v := os.Getenv(key); v != "" { - logger.Instance.Writef(logger.LogInfo, "GetSettingsFromEnvironment() found environment var %s\n", key) - settings.Values[key] = v - } -} - -// helper to return client and tenant IDs -func (settings EnvironmentSettings) getClientAndTenant() (string, string) { - clientID := settings.Values[ClientID] - tenantID := settings.Values[TenantID] - return clientID, tenantID -} - -// GetClientCredentials creates a config object from the available client credentials. -// An error is returned if no client credentials are available. -func (settings EnvironmentSettings) GetClientCredentials() (ClientCredentialsConfig, error) { - secret := settings.Values[ClientSecret] - if secret == "" { - logger.Instance.Writeln(logger.LogInfo, "EnvironmentSettings.GetClientCredentials() missing client secret") - return ClientCredentialsConfig{}, errors.New("missing client secret") - } - clientID, tenantID := settings.getClientAndTenant() - config := NewClientCredentialsConfig(clientID, secret, tenantID) - config.AADEndpoint = settings.Environment.ActiveDirectoryEndpoint - config.Resource = settings.Values[Resource] - if auxTenants, ok := settings.Values[AuxiliaryTenantIDs]; ok { - config.AuxTenants = strings.Split(auxTenants, ";") - for i := range config.AuxTenants { - config.AuxTenants[i] = strings.TrimSpace(config.AuxTenants[i]) - } - } - return config, nil -} - -// GetClientCertificate creates a config object from the available certificate credentials. -// An error is returned if no certificate credentials are available. -func (settings EnvironmentSettings) GetClientCertificate() (ClientCertificateConfig, error) { - certPath := settings.Values[CertificatePath] - if certPath == "" { - logger.Instance.Writeln(logger.LogInfo, "EnvironmentSettings.GetClientCertificate() missing certificate path") - return ClientCertificateConfig{}, errors.New("missing certificate path") - } - certPwd := settings.Values[CertificatePassword] - clientID, tenantID := settings.getClientAndTenant() - config := NewClientCertificateConfig(certPath, certPwd, clientID, tenantID) - config.AADEndpoint = settings.Environment.ActiveDirectoryEndpoint - config.Resource = settings.Values[Resource] - return config, nil -} - -// GetUsernamePassword creates a config object from the available username/password credentials. -// An error is returned if no username/password credentials are available. -func (settings EnvironmentSettings) GetUsernamePassword() (UsernamePasswordConfig, error) { - username := settings.Values[Username] - password := settings.Values[Password] - if username == "" || password == "" { - logger.Instance.Writeln(logger.LogInfo, "EnvironmentSettings.GetUsernamePassword() missing username and/or password") - return UsernamePasswordConfig{}, errors.New("missing username/password") - } - clientID, tenantID := settings.getClientAndTenant() - config := NewUsernamePasswordConfig(username, password, clientID, tenantID) - config.AADEndpoint = settings.Environment.ActiveDirectoryEndpoint - config.Resource = settings.Values[Resource] - return config, nil -} - -// GetMSI creates a MSI config object from the available client ID. -func (settings EnvironmentSettings) GetMSI() MSIConfig { - config := NewMSIConfig() - config.Resource = settings.Values[Resource] - config.ClientID = settings.Values[ClientID] - return config -} - -// GetDeviceFlow creates a device-flow config object from the available client and tenant IDs. -func (settings EnvironmentSettings) GetDeviceFlow() DeviceFlowConfig { - clientID, tenantID := settings.getClientAndTenant() - config := NewDeviceFlowConfig(clientID, tenantID) - config.AADEndpoint = settings.Environment.ActiveDirectoryEndpoint - config.Resource = settings.Values[Resource] - return config -} - -// GetAuthorizer creates an Authorizer configured from environment variables in the order: -// 1. Client credentials -// 2. Client certificate -// 3. Username password -// 4. MSI -func (settings EnvironmentSettings) GetAuthorizer() (autorest.Authorizer, error) { - //1.Client Credentials - if c, e := settings.GetClientCredentials(); e == nil { - logger.Instance.Writeln(logger.LogInfo, "EnvironmentSettings.GetAuthorizer() using client secret credentials") - return c.Authorizer() - } - - //2. Client Certificate - if c, e := settings.GetClientCertificate(); e == nil { - logger.Instance.Writeln(logger.LogInfo, "EnvironmentSettings.GetAuthorizer() using client certificate credentials") - return c.Authorizer() - } - - //3. Username Password - if c, e := settings.GetUsernamePassword(); e == nil { - logger.Instance.Writeln(logger.LogInfo, "EnvironmentSettings.GetAuthorizer() using user name/password credentials") - return c.Authorizer() - } - - // 4. MSI - if !adal.MSIAvailable(context.Background(), nil) { - return nil, errors.New("MSI not available") - } - logger.Instance.Writeln(logger.LogInfo, "EnvironmentSettings.GetAuthorizer() using MSI authentication") - return settings.GetMSI().Authorizer() -} - -// NewAuthorizerFromFile creates an Authorizer configured from a configuration file in the following order. -// 1. Client credentials -// 2. Client certificate -// The path to the configuration file must be specified in the AZURE_AUTH_LOCATION environment variable. -// resourceBaseURI - used to determine the resource type -func NewAuthorizerFromFile(resourceBaseURI string) (autorest.Authorizer, error) { - settings, err := GetSettingsFromFile() - if err != nil { - return nil, err - } - return settings.GetAuthorizer(resourceBaseURI) -} - -// GetAuthorizer create an Authorizer in the following order. -// 1. Client credentials -// 2. Client certificate -// resourceBaseURI - used to determine the resource type -func (settings FileSettings) GetAuthorizer(resourceBaseURI string) (autorest.Authorizer, error) { - if resourceBaseURI == "" { - resourceBaseURI = azure.PublicCloud.ServiceManagementEndpoint - } - if a, err := settings.ClientCredentialsAuthorizer(resourceBaseURI); err == nil { - return a, err - } - if a, err := settings.ClientCertificateAuthorizer(resourceBaseURI); err == nil { - return a, err - } - return nil, errors.New("auth file missing client and certificate credentials") -} - -// NewAuthorizerFromFileWithResource creates an Authorizer configured from a configuration file in the following order. -// 1. Client credentials -// 2. Client certificate -// The path to the configuration file must be specified in the AZURE_AUTH_LOCATION environment variable. -func NewAuthorizerFromFileWithResource(resource string) (autorest.Authorizer, error) { - s, err := GetSettingsFromFile() - if err != nil { - return nil, err - } - if a, err := s.ClientCredentialsAuthorizerWithResource(resource); err == nil { - return a, err - } - if a, err := s.ClientCertificateAuthorizerWithResource(resource); err == nil { - return a, err - } - return nil, errors.New("auth file missing client and certificate credentials") -} - -// NewAuthorizerFromCLI creates an Authorizer configured from Azure CLI 2.0 for local development scenarios. -func NewAuthorizerFromCLI() (autorest.Authorizer, error) { - settings, err := GetSettingsFromEnvironment() - if err != nil { - return nil, err - } - - if settings.Values[Resource] == "" { - settings.Values[Resource] = settings.Environment.ResourceManagerEndpoint - } - - return NewAuthorizerFromCLIWithResource(settings.Values[Resource]) -} - -// NewAuthorizerFromCLIWithResource creates an Authorizer configured from Azure CLI 2.0 for local development scenarios. -func NewAuthorizerFromCLIWithResource(resource string) (autorest.Authorizer, error) { - token, err := cli.GetTokenFromCLI(resource) - if err != nil { - return nil, err - } - - adalToken, err := token.ToADALToken() - if err != nil { - return nil, err - } - - return autorest.NewBearerAuthorizer(&adalToken), nil -} - -// GetSettingsFromFile returns the available authentication settings from an Azure CLI authentication file. -func GetSettingsFromFile() (FileSettings, error) { - s := FileSettings{} - fileLocation := os.Getenv("AZURE_AUTH_LOCATION") - if fileLocation == "" { - return s, errors.New("environment variable AZURE_AUTH_LOCATION is not set") - } - - contents, err := os.ReadFile(fileLocation) - if err != nil { - return s, err - } - - // Auth file might be encoded - decoded, err := decode(contents) - if err != nil { - return s, err - } - - authFile := map[string]interface{}{} - err = json.Unmarshal(decoded, &authFile) - if err != nil { - return s, err - } - - s.Values = map[string]string{} - s.setKeyValue(ClientID, authFile["clientId"]) - s.setKeyValue(ClientSecret, authFile["clientSecret"]) - s.setKeyValue(CertificatePath, authFile["clientCertificate"]) - s.setKeyValue(CertificatePassword, authFile["clientCertificatePassword"]) - s.setKeyValue(SubscriptionID, authFile["subscriptionId"]) - s.setKeyValue(TenantID, authFile["tenantId"]) - s.setKeyValue(ActiveDirectoryEndpoint, authFile["activeDirectoryEndpointUrl"]) - s.setKeyValue(ResourceManagerEndpoint, authFile["resourceManagerEndpointUrl"]) - s.setKeyValue(GraphResourceID, authFile["activeDirectoryGraphResourceId"]) - s.setKeyValue(SQLManagementEndpoint, authFile["sqlManagementEndpointUrl"]) - s.setKeyValue(GalleryEndpoint, authFile["galleryEndpointUrl"]) - s.setKeyValue(ManagementEndpoint, authFile["managementEndpointUrl"]) - return s, nil -} - -// FileSettings contains the available authentication settings. -type FileSettings struct { - Values map[string]string -} - -// GetSubscriptionID returns the available subscription ID or an empty string. -func (settings FileSettings) GetSubscriptionID() string { - return settings.Values[SubscriptionID] -} - -// adds the specified value to the Values map if it isn't nil -func (settings FileSettings) setKeyValue(key string, val interface{}) { - if val != nil { - settings.Values[key] = val.(string) - } -} - -// returns the specified AAD endpoint or the public cloud endpoint if unspecified -func (settings FileSettings) getAADEndpoint() string { - if v, ok := settings.Values[ActiveDirectoryEndpoint]; ok { - return v - } - return azure.PublicCloud.ActiveDirectoryEndpoint -} - -// ServicePrincipalTokenFromClientCredentials creates a ServicePrincipalToken from the available client credentials. -func (settings FileSettings) ServicePrincipalTokenFromClientCredentials(baseURI string) (*adal.ServicePrincipalToken, error) { - resource, err := settings.getResourceForToken(baseURI) - if err != nil { - return nil, err - } - return settings.ServicePrincipalTokenFromClientCredentialsWithResource(resource) -} - -// ClientCredentialsAuthorizer creates an authorizer from the available client credentials. -func (settings FileSettings) ClientCredentialsAuthorizer(baseURI string) (autorest.Authorizer, error) { - resource, err := settings.getResourceForToken(baseURI) - if err != nil { - return nil, err - } - return settings.ClientCredentialsAuthorizerWithResource(resource) -} - -// ServicePrincipalTokenFromClientCredentialsWithResource creates a ServicePrincipalToken -// from the available client credentials and the specified resource. -func (settings FileSettings) ServicePrincipalTokenFromClientCredentialsWithResource(resource string) (*adal.ServicePrincipalToken, error) { - if _, ok := settings.Values[ClientSecret]; !ok { - return nil, errors.New("missing client secret") - } - config, err := adal.NewOAuthConfig(settings.getAADEndpoint(), settings.Values[TenantID]) - if err != nil { - return nil, err - } - return adal.NewServicePrincipalToken(*config, settings.Values[ClientID], settings.Values[ClientSecret], resource) -} - -func (settings FileSettings) clientCertificateConfigWithResource(resource string) (ClientCertificateConfig, error) { - if _, ok := settings.Values[CertificatePath]; !ok { - return ClientCertificateConfig{}, errors.New("missing certificate path") - } - cfg := NewClientCertificateConfig(settings.Values[CertificatePath], settings.Values[CertificatePassword], settings.Values[ClientID], settings.Values[TenantID]) - cfg.AADEndpoint = settings.getAADEndpoint() - cfg.Resource = resource - return cfg, nil -} - -// ClientCredentialsAuthorizerWithResource creates an authorizer from the available client credentials and the specified resource. -func (settings FileSettings) ClientCredentialsAuthorizerWithResource(resource string) (autorest.Authorizer, error) { - spToken, err := settings.ServicePrincipalTokenFromClientCredentialsWithResource(resource) - if err != nil { - return nil, err - } - return autorest.NewBearerAuthorizer(spToken), nil -} - -// ServicePrincipalTokenFromClientCertificate creates a ServicePrincipalToken from the available certificate credentials. -func (settings FileSettings) ServicePrincipalTokenFromClientCertificate(baseURI string) (*adal.ServicePrincipalToken, error) { - resource, err := settings.getResourceForToken(baseURI) - if err != nil { - return nil, err - } - return settings.ServicePrincipalTokenFromClientCertificateWithResource(resource) -} - -// ClientCertificateAuthorizer creates an authorizer from the available certificate credentials. -func (settings FileSettings) ClientCertificateAuthorizer(baseURI string) (autorest.Authorizer, error) { - resource, err := settings.getResourceForToken(baseURI) - if err != nil { - return nil, err - } - return settings.ClientCertificateAuthorizerWithResource(resource) -} - -// ServicePrincipalTokenFromClientCertificateWithResource creates a ServicePrincipalToken from the available certificate credentials. -func (settings FileSettings) ServicePrincipalTokenFromClientCertificateWithResource(resource string) (*adal.ServicePrincipalToken, error) { - cfg, err := settings.clientCertificateConfigWithResource(resource) - if err != nil { - return nil, err - } - return cfg.ServicePrincipalToken() -} - -// ClientCertificateAuthorizerWithResource creates an authorizer from the available certificate credentials and the specified resource. -func (settings FileSettings) ClientCertificateAuthorizerWithResource(resource string) (autorest.Authorizer, error) { - cfg, err := settings.clientCertificateConfigWithResource(resource) - if err != nil { - return nil, err - } - return cfg.Authorizer() -} - -func decode(b []byte) ([]byte, error) { - reader, enc := utfbom.Skip(bytes.NewReader(b)) - - switch enc { - case utfbom.UTF16LittleEndian: - u16 := make([]uint16, (len(b)/2)-1) - err := binary.Read(reader, binary.LittleEndian, &u16) - if err != nil { - return nil, err - } - return []byte(string(utf16.Decode(u16))), nil - case utfbom.UTF16BigEndian: - u16 := make([]uint16, (len(b)/2)-1) - err := binary.Read(reader, binary.BigEndian, &u16) - if err != nil { - return nil, err - } - return []byte(string(utf16.Decode(u16))), nil - } - return io.ReadAll(reader) -} - -func (settings FileSettings) getResourceForToken(baseURI string) (string, error) { - // Compare default base URI from the SDK to the endpoints from the public cloud - // Base URI and token resource are the same string. This func finds the authentication - // file field that matches the SDK base URI. The SDK defines the public cloud - // endpoint as its default base URI - if !strings.HasSuffix(baseURI, "/") { - baseURI += "/" - } - switch baseURI { - case azure.PublicCloud.ServiceManagementEndpoint: - return settings.Values[ManagementEndpoint], nil - case azure.PublicCloud.ResourceManagerEndpoint: - return settings.Values[ResourceManagerEndpoint], nil - case azure.PublicCloud.ActiveDirectoryEndpoint: - return settings.Values[ActiveDirectoryEndpoint], nil - case azure.PublicCloud.GalleryEndpoint: - return settings.Values[GalleryEndpoint], nil - case azure.PublicCloud.GraphEndpoint: - return settings.Values[GraphResourceID], nil - } - return "", fmt.Errorf("auth: base URI not found in endpoints") -} - -// NewClientCredentialsConfig creates an AuthorizerConfig object configured to obtain an Authorizer through Client Credentials. -// Defaults to Public Cloud and Resource Manager Endpoint. -func NewClientCredentialsConfig(clientID string, clientSecret string, tenantID string) ClientCredentialsConfig { - return ClientCredentialsConfig{ - ClientID: clientID, - ClientSecret: clientSecret, - TenantID: tenantID, - Resource: azure.PublicCloud.ResourceManagerEndpoint, - AADEndpoint: azure.PublicCloud.ActiveDirectoryEndpoint, - } -} - -// NewClientCertificateConfig creates a ClientCertificateConfig object configured to obtain an Authorizer through client certificate. -// Defaults to Public Cloud and Resource Manager Endpoint. -func NewClientCertificateConfig(certificatePath string, certificatePassword string, clientID string, tenantID string) ClientCertificateConfig { - return ClientCertificateConfig{ - CertificatePath: certificatePath, - CertificatePassword: certificatePassword, - ClientID: clientID, - TenantID: tenantID, - Resource: azure.PublicCloud.ResourceManagerEndpoint, - AADEndpoint: azure.PublicCloud.ActiveDirectoryEndpoint, - } -} - -// NewUsernamePasswordConfig creates an UsernamePasswordConfig object configured to obtain an Authorizer through username and password. -// Defaults to Public Cloud and Resource Manager Endpoint. -func NewUsernamePasswordConfig(username string, password string, clientID string, tenantID string) UsernamePasswordConfig { - return UsernamePasswordConfig{ - Username: username, - Password: password, - ClientID: clientID, - TenantID: tenantID, - Resource: azure.PublicCloud.ResourceManagerEndpoint, - AADEndpoint: azure.PublicCloud.ActiveDirectoryEndpoint, - } -} - -// NewMSIConfig creates an MSIConfig object configured to obtain an Authorizer through MSI. -func NewMSIConfig() MSIConfig { - return MSIConfig{ - Resource: azure.PublicCloud.ResourceManagerEndpoint, - } -} - -// NewDeviceFlowConfig creates a DeviceFlowConfig object configured to obtain an Authorizer through device flow. -// Defaults to Public Cloud and Resource Manager Endpoint. -func NewDeviceFlowConfig(clientID string, tenantID string) DeviceFlowConfig { - return DeviceFlowConfig{ - ClientID: clientID, - TenantID: tenantID, - Resource: azure.PublicCloud.ResourceManagerEndpoint, - AADEndpoint: azure.PublicCloud.ActiveDirectoryEndpoint, - } -} - -// AuthorizerConfig provides an authorizer from the configuration provided. -type AuthorizerConfig interface { - Authorizer() (autorest.Authorizer, error) -} - -// ClientCredentialsConfig provides the options to get a bearer authorizer from client credentials. -type ClientCredentialsConfig struct { - ClientID string - ClientSecret string - TenantID string - AuxTenants []string - AADEndpoint string - Resource string -} - -// ServicePrincipalToken creates a ServicePrincipalToken from client credentials. -func (ccc ClientCredentialsConfig) ServicePrincipalToken() (*adal.ServicePrincipalToken, error) { - oauthConfig, err := adal.NewOAuthConfig(ccc.AADEndpoint, ccc.TenantID) - if err != nil { - return nil, err - } - return adal.NewServicePrincipalToken(*oauthConfig, ccc.ClientID, ccc.ClientSecret, ccc.Resource) -} - -// MultiTenantServicePrincipalToken creates a MultiTenantServicePrincipalToken from client credentials. -func (ccc ClientCredentialsConfig) MultiTenantServicePrincipalToken() (*adal.MultiTenantServicePrincipalToken, error) { - oauthConfig, err := adal.NewMultiTenantOAuthConfig(ccc.AADEndpoint, ccc.TenantID, ccc.AuxTenants, adal.OAuthOptions{}) - if err != nil { - return nil, err - } - return adal.NewMultiTenantServicePrincipalToken(oauthConfig, ccc.ClientID, ccc.ClientSecret, ccc.Resource) -} - -// Authorizer gets the authorizer from client credentials. -func (ccc ClientCredentialsConfig) Authorizer() (autorest.Authorizer, error) { - if len(ccc.AuxTenants) == 0 { - spToken, err := ccc.ServicePrincipalToken() - if err != nil { - return nil, fmt.Errorf("failed to get SPT from client credentials: %v", err) - } - return autorest.NewBearerAuthorizer(spToken), nil - } - mtSPT, err := ccc.MultiTenantServicePrincipalToken() - if err != nil { - return nil, fmt.Errorf("failed to get multitenant SPT from client credentials: %v", err) - } - return autorest.NewMultiTenantServicePrincipalTokenAuthorizer(mtSPT), nil -} - -// ClientCertificateConfig provides the options to get a bearer authorizer from a client certificate. -type ClientCertificateConfig struct { - ClientID string - CertificatePath string - CertificatePassword string - TenantID string - AuxTenants []string - AADEndpoint string - Resource string -} - -// ServicePrincipalToken creates a ServicePrincipalToken from client certificate. -func (ccc ClientCertificateConfig) ServicePrincipalToken() (*adal.ServicePrincipalToken, error) { - oauthConfig, err := adal.NewOAuthConfig(ccc.AADEndpoint, ccc.TenantID) - if err != nil { - return nil, err - } - certData, err := os.ReadFile(ccc.CertificatePath) - if err != nil { - return nil, fmt.Errorf("failed to read the certificate file (%s): %v", ccc.CertificatePath, err) - } - certificate, rsaPrivateKey, err := adal.DecodePfxCertificateData(certData, ccc.CertificatePassword) - if err != nil { - return nil, fmt.Errorf("failed to decode pkcs12 certificate while creating spt: %v", err) - } - return adal.NewServicePrincipalTokenFromCertificate(*oauthConfig, ccc.ClientID, certificate, rsaPrivateKey, ccc.Resource) -} - -// MultiTenantServicePrincipalToken creates a MultiTenantServicePrincipalToken from client certificate. -func (ccc ClientCertificateConfig) MultiTenantServicePrincipalToken() (*adal.MultiTenantServicePrincipalToken, error) { - oauthConfig, err := adal.NewMultiTenantOAuthConfig(ccc.AADEndpoint, ccc.TenantID, ccc.AuxTenants, adal.OAuthOptions{}) - if err != nil { - return nil, err - } - certData, err := os.ReadFile(ccc.CertificatePath) - if err != nil { - return nil, fmt.Errorf("failed to read the certificate file (%s): %v", ccc.CertificatePath, err) - } - certificate, rsaPrivateKey, err := adal.DecodePfxCertificateData(certData, ccc.CertificatePassword) - if err != nil { - return nil, fmt.Errorf("failed to decode pkcs12 certificate while creating spt: %v", err) - } - return adal.NewMultiTenantServicePrincipalTokenFromCertificate(oauthConfig, ccc.ClientID, certificate, rsaPrivateKey, ccc.Resource) -} - -// Authorizer gets an authorizer object from client certificate. -func (ccc ClientCertificateConfig) Authorizer() (autorest.Authorizer, error) { - if len(ccc.AuxTenants) == 0 { - spToken, err := ccc.ServicePrincipalToken() - if err != nil { - return nil, fmt.Errorf("failed to get oauth token from certificate auth: %v", err) - } - return autorest.NewBearerAuthorizer(spToken), nil - } - mtSPT, err := ccc.MultiTenantServicePrincipalToken() - if err != nil { - return nil, fmt.Errorf("failed to get multitenant SPT from certificate auth: %v", err) - } - return autorest.NewMultiTenantServicePrincipalTokenAuthorizer(mtSPT), nil -} - -// DeviceFlowConfig provides the options to get a bearer authorizer using device flow authentication. -type DeviceFlowConfig struct { - ClientID string - TenantID string - AADEndpoint string - Resource string -} - -// Authorizer gets the authorizer from device flow. -func (dfc DeviceFlowConfig) Authorizer() (autorest.Authorizer, error) { - spToken, err := dfc.ServicePrincipalToken() - if err != nil { - return nil, fmt.Errorf("failed to get oauth token from device flow: %v", err) - } - return autorest.NewBearerAuthorizer(spToken), nil -} - -// ServicePrincipalToken gets the service principal token from device flow. -func (dfc DeviceFlowConfig) ServicePrincipalToken() (*adal.ServicePrincipalToken, error) { - oauthConfig, err := adal.NewOAuthConfig(dfc.AADEndpoint, dfc.TenantID) - if err != nil { - return nil, err - } - oauthClient := &autorest.Client{} - deviceCode, err := adal.InitiateDeviceAuth(oauthClient, *oauthConfig, dfc.ClientID, dfc.Resource) - if err != nil { - return nil, fmt.Errorf("failed to start device auth flow: %s", err) - } - log.Println(*deviceCode.Message) - token, err := adal.WaitForUserCompletion(oauthClient, deviceCode) - if err != nil { - return nil, fmt.Errorf("failed to finish device auth flow: %s", err) - } - return adal.NewServicePrincipalTokenFromManualToken(*oauthConfig, dfc.ClientID, dfc.Resource, *token) -} - -// UsernamePasswordConfig provides the options to get a bearer authorizer from a username and a password. -type UsernamePasswordConfig struct { - ClientID string - Username string - Password string - TenantID string - AADEndpoint string - Resource string -} - -// ServicePrincipalToken creates a ServicePrincipalToken from username and password. -func (ups UsernamePasswordConfig) ServicePrincipalToken() (*adal.ServicePrincipalToken, error) { - oauthConfig, err := adal.NewOAuthConfig(ups.AADEndpoint, ups.TenantID) - if err != nil { - return nil, err - } - return adal.NewServicePrincipalTokenFromUsernamePassword(*oauthConfig, ups.ClientID, ups.Username, ups.Password, ups.Resource) -} - -// Authorizer gets the authorizer from a username and a password. -func (ups UsernamePasswordConfig) Authorizer() (autorest.Authorizer, error) { - spToken, err := ups.ServicePrincipalToken() - if err != nil { - return nil, fmt.Errorf("failed to get oauth token from username and password auth: %v", err) - } - return autorest.NewBearerAuthorizer(spToken), nil -} - -// MSIConfig provides the options to get a bearer authorizer through MSI. -type MSIConfig struct { - Resource string - ClientID string -} - -// ServicePrincipalToken creates a ServicePrincipalToken from MSI. -func (mc MSIConfig) ServicePrincipalToken() (*adal.ServicePrincipalToken, error) { - spToken, err := adal.NewServicePrincipalTokenFromManagedIdentity(mc.Resource, &adal.ManagedIdentityOptions{ - ClientID: mc.ClientID, - }) - if err != nil { - return nil, fmt.Errorf("failed to get oauth token from MSI: %v", err) - } - return spToken, nil -} - -// Authorizer gets the authorizer from MSI. -func (mc MSIConfig) Authorizer() (autorest.Authorizer, error) { - spToken, err := mc.ServicePrincipalToken() - if err != nil { - return nil, err - } - - return autorest.NewBearerAuthorizer(spToken), nil -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/auth/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/azure/auth/go_mod_tidy_hack.go deleted file mode 100644 index f7eb26fd..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/auth/go_mod_tidy_hack.go +++ /dev/null @@ -1,25 +0,0 @@ -//go:build modhack -// +build modhack - -package auth - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// This file, and the github.com/Azure/go-autorest import, won't actually become part of -// the resultant binary. - -// Necessary for safely adding multi-module repo. -// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/azure.go b/vendor/github.com/Azure/go-autorest/autorest/azure/azure.go deleted file mode 100644 index 09c87080..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/azure.go +++ /dev/null @@ -1,388 +0,0 @@ -// Package azure provides Azure-specific implementations used with AutoRest. -// See the included examples for more detail. -package azure - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "encoding/json" - "fmt" - "io" - "net/http" - "regexp" - "strconv" - "strings" - - "github.com/Azure/go-autorest/autorest" -) - -const ( - // HeaderClientID is the Azure extension header to set a user-specified request ID. - HeaderClientID = "x-ms-client-request-id" - - // HeaderReturnClientID is the Azure extension header to set if the user-specified request ID - // should be included in the response. - HeaderReturnClientID = "x-ms-return-client-request-id" - - // HeaderContentType is the type of the content in the HTTP response. - HeaderContentType = "Content-Type" - - // HeaderRequestID is the Azure extension header of the service generated request ID returned - // in the response. - HeaderRequestID = "x-ms-request-id" -) - -// ServiceError encapsulates the error response from an Azure service. -// It adhears to the OData v4 specification for error responses. -type ServiceError struct { - Code string `json:"code"` - Message string `json:"message"` - Target *string `json:"target"` - Details []map[string]interface{} `json:"details"` - InnerError map[string]interface{} `json:"innererror"` - AdditionalInfo []map[string]interface{} `json:"additionalInfo"` -} - -func (se ServiceError) Error() string { - result := fmt.Sprintf("Code=%q Message=%q", se.Code, se.Message) - - if se.Target != nil { - result += fmt.Sprintf(" Target=%q", *se.Target) - } - - if se.Details != nil { - d, err := json.Marshal(se.Details) - if err != nil { - result += fmt.Sprintf(" Details=%v", se.Details) - } - result += fmt.Sprintf(" Details=%s", d) - } - - if se.InnerError != nil { - d, err := json.Marshal(se.InnerError) - if err != nil { - result += fmt.Sprintf(" InnerError=%v", se.InnerError) - } - result += fmt.Sprintf(" InnerError=%s", d) - } - - if se.AdditionalInfo != nil { - d, err := json.Marshal(se.AdditionalInfo) - if err != nil { - result += fmt.Sprintf(" AdditionalInfo=%v", se.AdditionalInfo) - } - result += fmt.Sprintf(" AdditionalInfo=%s", d) - } - - return result -} - -// UnmarshalJSON implements the json.Unmarshaler interface for the ServiceError type. -func (se *ServiceError) UnmarshalJSON(b []byte) error { - // http://docs.oasis-open.org/odata/odata-json-format/v4.0/os/odata-json-format-v4.0-os.html#_Toc372793091 - - type serviceErrorInternal struct { - Code string `json:"code"` - Message string `json:"message"` - Target *string `json:"target,omitempty"` - AdditionalInfo []map[string]interface{} `json:"additionalInfo,omitempty"` - // not all services conform to the OData v4 spec. - // the following fields are where we've seen discrepancies - - // spec calls for []map[string]interface{} but have seen map[string]interface{} - Details interface{} `json:"details,omitempty"` - - // spec calls for map[string]interface{} but have seen []map[string]interface{} and string - InnerError interface{} `json:"innererror,omitempty"` - } - - sei := serviceErrorInternal{} - if err := json.Unmarshal(b, &sei); err != nil { - return err - } - - // copy the fields we know to be correct - se.AdditionalInfo = sei.AdditionalInfo - se.Code = sei.Code - se.Message = sei.Message - se.Target = sei.Target - - // converts an []interface{} to []map[string]interface{} - arrayOfObjs := func(v interface{}) ([]map[string]interface{}, bool) { - arrayOf, ok := v.([]interface{}) - if !ok { - return nil, false - } - final := []map[string]interface{}{} - for _, item := range arrayOf { - as, ok := item.(map[string]interface{}) - if !ok { - return nil, false - } - final = append(final, as) - } - return final, true - } - - // convert the remaining fields, falling back to raw JSON if necessary - - if c, ok := arrayOfObjs(sei.Details); ok { - se.Details = c - } else if c, ok := sei.Details.(map[string]interface{}); ok { - se.Details = []map[string]interface{}{c} - } else if sei.Details != nil { - // stuff into Details - se.Details = []map[string]interface{}{ - {"raw": sei.Details}, - } - } - - if c, ok := sei.InnerError.(map[string]interface{}); ok { - se.InnerError = c - } else if c, ok := arrayOfObjs(sei.InnerError); ok { - // if there's only one error extract it - if len(c) == 1 { - se.InnerError = c[0] - } else { - // multiple errors, stuff them into the value - se.InnerError = map[string]interface{}{ - "multi": c, - } - } - } else if c, ok := sei.InnerError.(string); ok { - se.InnerError = map[string]interface{}{"error": c} - } else if sei.InnerError != nil { - // stuff into InnerError - se.InnerError = map[string]interface{}{ - "raw": sei.InnerError, - } - } - return nil -} - -// RequestError describes an error response returned by Azure service. -type RequestError struct { - autorest.DetailedError - - // The error returned by the Azure service. - ServiceError *ServiceError `json:"error" xml:"Error"` - - // The request id (from the x-ms-request-id-header) of the request. - RequestID string -} - -// Error returns a human-friendly error message from service error. -func (e RequestError) Error() string { - return fmt.Sprintf("autorest/azure: Service returned an error. Status=%v %v", - e.StatusCode, e.ServiceError) -} - -// IsAzureError returns true if the passed error is an Azure Service error; false otherwise. -func IsAzureError(e error) bool { - _, ok := e.(*RequestError) - return ok -} - -// Resource contains details about an Azure resource. -type Resource struct { - SubscriptionID string - ResourceGroup string - Provider string - ResourceType string - ResourceName string -} - -// String function returns a string in form of azureResourceID -func (r Resource) String() string { - return fmt.Sprintf("/subscriptions/%s/resourceGroups/%s/providers/%s/%s/%s", r.SubscriptionID, r.ResourceGroup, r.Provider, r.ResourceType, r.ResourceName) -} - -// ParseResourceID parses a resource ID into a ResourceDetails struct. -// See https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/template-functions-resource?tabs=json#resourceid. -func ParseResourceID(resourceID string) (Resource, error) { - - const resourceIDPatternText = `(?i)^/subscriptions/(.+)/resourceGroups/(.+)/providers/(.+?)/(.+?)/(.+)$` - resourceIDPattern := regexp.MustCompile(resourceIDPatternText) - match := resourceIDPattern.FindStringSubmatch(resourceID) - - if len(match) == 0 { - return Resource{}, fmt.Errorf("parsing failed for %s. Invalid resource Id format", resourceID) - } - - v := strings.Split(match[5], "/") - resourceName := v[len(v)-1] - - result := Resource{ - SubscriptionID: match[1], - ResourceGroup: match[2], - Provider: match[3], - ResourceType: match[4], - ResourceName: resourceName, - } - - return result, nil -} - -// NewErrorWithError creates a new Error conforming object from the -// passed packageType, method, statusCode of the given resp (UndefinedStatusCode -// if resp is nil), message, and original error. message is treated as a format -// string to which the optional args apply. -func NewErrorWithError(original error, packageType string, method string, resp *http.Response, message string, args ...interface{}) RequestError { - if v, ok := original.(*RequestError); ok { - return *v - } - - statusCode := autorest.UndefinedStatusCode - if resp != nil { - statusCode = resp.StatusCode - } - return RequestError{ - DetailedError: autorest.DetailedError{ - Original: original, - PackageType: packageType, - Method: method, - StatusCode: statusCode, - Message: fmt.Sprintf(message, args...), - }, - } -} - -// WithReturningClientID returns a PrepareDecorator that adds an HTTP extension header of -// x-ms-client-request-id whose value is the passed, undecorated UUID (e.g., -// "0F39878C-5F76-4DB8-A25D-61D2C193C3CA"). It also sets the x-ms-return-client-request-id -// header to true such that UUID accompanies the http.Response. -func WithReturningClientID(uuid string) autorest.PrepareDecorator { - preparer := autorest.CreatePreparer( - WithClientID(uuid), - WithReturnClientID(true)) - - return func(p autorest.Preparer) autorest.Preparer { - return autorest.PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err != nil { - return r, err - } - return preparer.Prepare(r) - }) - } -} - -// WithClientID returns a PrepareDecorator that adds an HTTP extension header of -// x-ms-client-request-id whose value is passed, undecorated UUID (e.g., -// "0F39878C-5F76-4DB8-A25D-61D2C193C3CA"). -func WithClientID(uuid string) autorest.PrepareDecorator { - return autorest.WithHeader(HeaderClientID, uuid) -} - -// WithReturnClientID returns a PrepareDecorator that adds an HTTP extension header of -// x-ms-return-client-request-id whose boolean value indicates if the value of the -// x-ms-client-request-id header should be included in the http.Response. -func WithReturnClientID(b bool) autorest.PrepareDecorator { - return autorest.WithHeader(HeaderReturnClientID, strconv.FormatBool(b)) -} - -// ExtractClientID extracts the client identifier from the x-ms-client-request-id header set on the -// http.Request sent to the service (and returned in the http.Response) -func ExtractClientID(resp *http.Response) string { - return autorest.ExtractHeaderValue(HeaderClientID, resp) -} - -// ExtractRequestID extracts the Azure server generated request identifier from the -// x-ms-request-id header. -func ExtractRequestID(resp *http.Response) string { - return autorest.ExtractHeaderValue(HeaderRequestID, resp) -} - -// WithErrorUnlessStatusCode returns a RespondDecorator that emits an -// azure.RequestError by reading the response body unless the response HTTP status code -// is among the set passed. -// -// If there is a chance service may return responses other than the Azure error -// format and the response cannot be parsed into an error, a decoding error will -// be returned containing the response body. In any case, the Responder will -// return an error if the status code is not satisfied. -// -// If this Responder returns an error, the response body will be replaced with -// an in-memory reader, which needs no further closing. -func WithErrorUnlessStatusCode(codes ...int) autorest.RespondDecorator { - return func(r autorest.Responder) autorest.Responder { - return autorest.ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if err == nil && !autorest.ResponseHasStatusCode(resp, codes...) { - var e RequestError - defer resp.Body.Close() - - encodedAs := autorest.EncodedAsJSON - if strings.Contains(resp.Header.Get("Content-Type"), "xml") { - encodedAs = autorest.EncodedAsXML - } - - // Copy and replace the Body in case it does not contain an error object. - // This will leave the Body available to the caller. - b, decodeErr := autorest.CopyAndDecode(encodedAs, resp.Body, &e) - resp.Body = io.NopCloser(&b) - if decodeErr != nil { - return fmt.Errorf("autorest/azure: error response cannot be parsed: %q error: %v", b, decodeErr) - } - if e.ServiceError == nil { - // Check if error is unwrapped ServiceError - decoder := autorest.NewDecoder(encodedAs, bytes.NewReader(b.Bytes())) - if err := decoder.Decode(&e.ServiceError); err != nil { - return fmt.Errorf("autorest/azure: error response cannot be parsed: %q error: %v", b, err) - } - - // for example, should the API return the literal value `null` as the response - if e.ServiceError == nil { - e.ServiceError = &ServiceError{ - Code: "Unknown", - Message: "Unknown service error", - Details: []map[string]interface{}{ - { - "HttpResponse.Body": b.String(), - }, - }, - } - } - } - - if e.ServiceError != nil && e.ServiceError.Message == "" { - // if we're here it means the returned error wasn't OData v4 compliant. - // try to unmarshal the body in hopes of getting something. - rawBody := map[string]interface{}{} - decoder := autorest.NewDecoder(encodedAs, bytes.NewReader(b.Bytes())) - if err := decoder.Decode(&rawBody); err != nil { - return fmt.Errorf("autorest/azure: error response cannot be parsed: %q error: %v", b, err) - } - - e.ServiceError = &ServiceError{ - Code: "Unknown", - Message: "Unknown service error", - } - if len(rawBody) > 0 { - e.ServiceError.Details = []map[string]interface{}{rawBody} - } - } - e.Response = resp - e.RequestID = ExtractRequestID(resp) - if e.StatusCode == nil { - e.StatusCode = resp.StatusCode - } - err = &e - } - return err - }) - } -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/LICENSE b/vendor/github.com/Azure/go-autorest/autorest/azure/cli/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/azure/cli/go_mod_tidy_hack.go deleted file mode 100644 index 50d6f039..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/go_mod_tidy_hack.go +++ /dev/null @@ -1,25 +0,0 @@ -//go:build modhack -// +build modhack - -package cli - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// This file, and the github.com/Azure/go-autorest import, won't actually become part of -// the resultant binary. - -// Necessary for safely adding multi-module repo. -// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/profile.go b/vendor/github.com/Azure/go-autorest/autorest/azure/cli/profile.go deleted file mode 100644 index f45c3a51..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/profile.go +++ /dev/null @@ -1,83 +0,0 @@ -package cli - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "encoding/json" - "fmt" - "io/ioutil" - "os" - "path/filepath" - - "github.com/dimchansky/utfbom" - "github.com/mitchellh/go-homedir" -) - -// Profile represents a Profile from the Azure CLI -type Profile struct { - InstallationID string `json:"installationId"` - Subscriptions []Subscription `json:"subscriptions"` -} - -// Subscription represents a Subscription from the Azure CLI -type Subscription struct { - EnvironmentName string `json:"environmentName"` - ID string `json:"id"` - IsDefault bool `json:"isDefault"` - Name string `json:"name"` - State string `json:"state"` - TenantID string `json:"tenantId"` - User *User `json:"user"` -} - -// User represents a User from the Azure CLI -type User struct { - Name string `json:"name"` - Type string `json:"type"` -} - -const azureProfileJSON = "azureProfile.json" - -func configDir() string { - return os.Getenv("AZURE_CONFIG_DIR") -} - -// ProfilePath returns the path where the Azure Profile is stored from the Azure CLI -func ProfilePath() (string, error) { - if cfgDir := configDir(); cfgDir != "" { - return filepath.Join(cfgDir, azureProfileJSON), nil - } - return homedir.Expand("~/.azure/" + azureProfileJSON) -} - -// LoadProfile restores a Profile object from a file located at 'path'. -func LoadProfile(path string) (result Profile, err error) { - var contents []byte - contents, err = ioutil.ReadFile(path) - if err != nil { - err = fmt.Errorf("failed to open file (%s) while loading token: %v", path, err) - return - } - reader := utfbom.SkipOnly(bytes.NewReader(contents)) - - dec := json.NewDecoder(reader) - if err = dec.Decode(&result); err != nil { - err = fmt.Errorf("failed to decode contents of file (%s) into a Profile representation: %v", path, err) - return - } - - return -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/token.go b/vendor/github.com/Azure/go-autorest/autorest/azure/cli/token.go deleted file mode 100644 index 48661911..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/cli/token.go +++ /dev/null @@ -1,227 +0,0 @@ -package cli - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "encoding/json" - "fmt" - "os" - "os/exec" - "path/filepath" - "regexp" - "runtime" - "strconv" - "time" - - "github.com/Azure/go-autorest/autorest/adal" - "github.com/Azure/go-autorest/autorest/date" - "github.com/mitchellh/go-homedir" -) - -// Token represents an AccessToken from the Azure CLI -type Token struct { - AccessToken string `json:"accessToken"` - Authority string `json:"_authority"` - ClientID string `json:"_clientId"` - ExpiresOn string `json:"expiresOn"` - IdentityProvider string `json:"identityProvider"` - IsMRRT bool `json:"isMRRT"` - RefreshToken string `json:"refreshToken"` - Resource string `json:"resource"` - TokenType string `json:"tokenType"` - UserID string `json:"userId"` -} - -const accessTokensJSON = "accessTokens.json" - -// ToADALToken converts an Azure CLI `Token`` to an `adal.Token`` -func (t Token) ToADALToken() (converted adal.Token, err error) { - tokenExpirationDate, err := ParseExpirationDate(t.ExpiresOn) - if err != nil { - err = fmt.Errorf("Error parsing Token Expiration Date %q: %+v", t.ExpiresOn, err) - return - } - - difference := tokenExpirationDate.Sub(date.UnixEpoch()) - - converted = adal.Token{ - AccessToken: t.AccessToken, - Type: t.TokenType, - ExpiresIn: "3600", - ExpiresOn: json.Number(strconv.Itoa(int(difference.Seconds()))), - RefreshToken: t.RefreshToken, - Resource: t.Resource, - } - return -} - -// AccessTokensPath returns the path where access tokens are stored from the Azure CLI -// TODO(#199): add unit test. -func AccessTokensPath() (string, error) { - // Azure-CLI allows user to customize the path of access tokens through environment variable. - if accessTokenPath := os.Getenv("AZURE_ACCESS_TOKEN_FILE"); accessTokenPath != "" { - return accessTokenPath, nil - } - - // Azure-CLI allows user to customize the path to Azure config directory through environment variable. - if cfgDir := configDir(); cfgDir != "" { - return filepath.Join(cfgDir, accessTokensJSON), nil - } - - // Fallback logic to default path on non-cloud-shell environment. - // TODO(#200): remove the dependency on hard-coding path. - return homedir.Expand("~/.azure/" + accessTokensJSON) -} - -// ParseExpirationDate parses either a Azure CLI or CloudShell date into a time object -func ParseExpirationDate(input string) (*time.Time, error) { - // CloudShell (and potentially the Azure CLI in future) - expirationDate, cloudShellErr := time.Parse(time.RFC3339, input) - if cloudShellErr != nil { - // Azure CLI (Python) e.g. 2017-08-31 19:48:57.998857 (plus the local timezone) - const cliFormat = "2006-01-02 15:04:05.999999" - expirationDate, cliErr := time.ParseInLocation(cliFormat, input, time.Local) - if cliErr == nil { - return &expirationDate, nil - } - - return nil, fmt.Errorf("Error parsing expiration date %q.\n\nCloudShell Error: \n%+v\n\nCLI Error:\n%+v", input, cloudShellErr, cliErr) - } - - return &expirationDate, nil -} - -// LoadTokens restores a set of Token objects from a file located at 'path'. -func LoadTokens(path string) ([]Token, error) { - file, err := os.Open(path) - if err != nil { - return nil, fmt.Errorf("failed to open file (%s) while loading token: %v", path, err) - } - defer file.Close() - - var tokens []Token - - dec := json.NewDecoder(file) - if err = dec.Decode(&tokens); err != nil { - return nil, fmt.Errorf("failed to decode contents of file (%s) into a `cli.Token` representation: %v", path, err) - } - - return tokens, nil -} - -// GetTokenFromCLI gets a token using Azure CLI 2.0 for local development scenarios. -func GetTokenFromCLI(resource string) (*Token, error) { - return GetTokenFromCLIWithParams(GetAccessTokenParams{Resource: resource}) -} - -// GetAccessTokenParams is the parameter struct of GetTokenFromCLIWithParams -type GetAccessTokenParams struct { - Resource string - ResourceType string - Subscription string - Tenant string -} - -// GetTokenFromCLIWithParams gets a token using Azure CLI 2.0 for local development scenarios. -func GetTokenFromCLIWithParams(params GetAccessTokenParams) (*Token, error) { - cliCmd := GetAzureCLICommand() - - cliCmd.Args = append(cliCmd.Args, "account", "get-access-token", "-o", "json") - if params.Resource != "" { - if err := validateParameter(params.Resource); err != nil { - return nil, err - } - cliCmd.Args = append(cliCmd.Args, "--resource", params.Resource) - } - if params.ResourceType != "" { - if err := validateParameter(params.ResourceType); err != nil { - return nil, err - } - cliCmd.Args = append(cliCmd.Args, "--resource-type", params.ResourceType) - } - if params.Subscription != "" { - if err := validateParameter(params.Subscription); err != nil { - return nil, err - } - cliCmd.Args = append(cliCmd.Args, "--subscription", params.Subscription) - } - if params.Tenant != "" { - if err := validateParameter(params.Tenant); err != nil { - return nil, err - } - cliCmd.Args = append(cliCmd.Args, "--tenant", params.Tenant) - } - - var stderr bytes.Buffer - cliCmd.Stderr = &stderr - - output, err := cliCmd.Output() - if err != nil { - if stderr.Len() > 0 { - return nil, fmt.Errorf("Invoking Azure CLI failed with the following error: %s", stderr.String()) - } - - return nil, fmt.Errorf("Invoking Azure CLI failed with the following error: %s", err.Error()) - } - - tokenResponse := Token{} - err = json.Unmarshal(output, &tokenResponse) - if err != nil { - return nil, err - } - - return &tokenResponse, err -} - -func validateParameter(param string) error { - // Validate parameters, since it gets sent as a command line argument to Azure CLI - const invalidResourceErrorTemplate = "Parameter %s is not in expected format. Only alphanumeric characters, [dot], [colon], [hyphen], and [forward slash] are allowed." - match, err := regexp.MatchString("^[0-9a-zA-Z-.:/]+$", param) - if err != nil { - return err - } - if !match { - return fmt.Errorf(invalidResourceErrorTemplate, param) - } - return nil -} - -// GetAzureCLICommand can be used to run arbitrary Azure CLI command -func GetAzureCLICommand() *exec.Cmd { - // This is the path that a developer can set to tell this class what the install path for Azure CLI is. - const azureCLIPath = "AzureCLIPath" - - // The default install paths are used to find Azure CLI. This is for security, so that any path in the calling program's Path environment is not used to execute Azure CLI. - azureCLIDefaultPathWindows := fmt.Sprintf("%s\\Microsoft SDKs\\Azure\\CLI2\\wbin; %s\\Microsoft SDKs\\Azure\\CLI2\\wbin", os.Getenv("ProgramFiles(x86)"), os.Getenv("ProgramFiles")) - - // Default path for non-Windows. - const azureCLIDefaultPath = "/bin:/sbin:/usr/bin:/usr/local/bin" - - // Execute Azure CLI to get token - var cliCmd *exec.Cmd - if runtime.GOOS == "windows" { - cliCmd = exec.Command(fmt.Sprintf("%s\\system32\\cmd.exe", os.Getenv("windir"))) - cliCmd.Env = os.Environ() - cliCmd.Env = append(cliCmd.Env, fmt.Sprintf("PATH=%s;%s", os.Getenv(azureCLIPath), azureCLIDefaultPathWindows)) - cliCmd.Args = append(cliCmd.Args, "/c", "az") - } else { - cliCmd = exec.Command("az") - cliCmd.Env = os.Environ() - cliCmd.Env = append(cliCmd.Env, fmt.Sprintf("PATH=%s:%s", os.Getenv(azureCLIPath), azureCLIDefaultPath)) - } - - return cliCmd -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go b/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go deleted file mode 100644 index 4684291a..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/environments.go +++ /dev/null @@ -1,330 +0,0 @@ -package azure - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "encoding/json" - "fmt" - "os" - "strings" -) - -const ( - // EnvironmentFilepathName captures the name of the environment variable containing the path to the file - // to be used while populating the Azure Environment. - EnvironmentFilepathName = "AZURE_ENVIRONMENT_FILEPATH" - - // NotAvailable is used for endpoints and resource IDs that are not available for a given cloud. - NotAvailable = "N/A" -) - -var environments = map[string]Environment{ - "AZURECHINACLOUD": ChinaCloud, - "AZUREGERMANCLOUD": GermanCloud, - "AZURECLOUD": PublicCloud, - "AZUREPUBLICCLOUD": PublicCloud, - "AZUREUSGOVERNMENT": USGovernmentCloud, - "AZUREUSGOVERNMENTCLOUD": USGovernmentCloud, //TODO: deprecate -} - -// ResourceIdentifier contains a set of Azure resource IDs. -type ResourceIdentifier struct { - Graph string `json:"graph"` - KeyVault string `json:"keyVault"` - Datalake string `json:"datalake"` - Batch string `json:"batch"` - OperationalInsights string `json:"operationalInsights"` - OSSRDBMS string `json:"ossRDBMS"` - Storage string `json:"storage"` - Synapse string `json:"synapse"` - ServiceBus string `json:"serviceBus"` - SQLDatabase string `json:"sqlDatabase"` - CosmosDB string `json:"cosmosDB"` - ManagedHSM string `json:"managedHSM"` - MicrosoftGraph string `json:"microsoftGraph"` -} - -// Environment represents a set of endpoints for each of Azure's Clouds. -type Environment struct { - Name string `json:"name"` - ManagementPortalURL string `json:"managementPortalURL"` - PublishSettingsURL string `json:"publishSettingsURL"` - ServiceManagementEndpoint string `json:"serviceManagementEndpoint"` - ResourceManagerEndpoint string `json:"resourceManagerEndpoint"` - ActiveDirectoryEndpoint string `json:"activeDirectoryEndpoint"` - GalleryEndpoint string `json:"galleryEndpoint"` - KeyVaultEndpoint string `json:"keyVaultEndpoint"` - ManagedHSMEndpoint string `json:"managedHSMEndpoint"` - GraphEndpoint string `json:"graphEndpoint"` - ServiceBusEndpoint string `json:"serviceBusEndpoint"` - BatchManagementEndpoint string `json:"batchManagementEndpoint"` - MicrosoftGraphEndpoint string `json:"microsoftGraphEndpoint"` - StorageEndpointSuffix string `json:"storageEndpointSuffix"` - CosmosDBDNSSuffix string `json:"cosmosDBDNSSuffix"` - MariaDBDNSSuffix string `json:"mariaDBDNSSuffix"` - MySQLDatabaseDNSSuffix string `json:"mySqlDatabaseDNSSuffix"` - PostgresqlDatabaseDNSSuffix string `json:"postgresqlDatabaseDNSSuffix"` - SQLDatabaseDNSSuffix string `json:"sqlDatabaseDNSSuffix"` - TrafficManagerDNSSuffix string `json:"trafficManagerDNSSuffix"` - KeyVaultDNSSuffix string `json:"keyVaultDNSSuffix"` - ManagedHSMDNSSuffix string `json:"managedHSMDNSSuffix"` - ServiceBusEndpointSuffix string `json:"serviceBusEndpointSuffix"` - ServiceManagementVMDNSSuffix string `json:"serviceManagementVMDNSSuffix"` - ResourceManagerVMDNSSuffix string `json:"resourceManagerVMDNSSuffix"` - ContainerRegistryDNSSuffix string `json:"containerRegistryDNSSuffix"` - TokenAudience string `json:"tokenAudience"` - APIManagementHostNameSuffix string `json:"apiManagementHostNameSuffix"` - SynapseEndpointSuffix string `json:"synapseEndpointSuffix"` - DatalakeSuffix string `json:"datalakeSuffix"` - ResourceIdentifiers ResourceIdentifier `json:"resourceIdentifiers"` -} - -var ( - // PublicCloud is the default public Azure cloud environment - PublicCloud = Environment{ - Name: "AzurePublicCloud", - ManagementPortalURL: "https://manage.windowsazure.com/", - PublishSettingsURL: "https://manage.windowsazure.com/publishsettings/index", - ServiceManagementEndpoint: "https://management.core.windows.net/", - ResourceManagerEndpoint: "https://management.azure.com/", - ActiveDirectoryEndpoint: "https://login.microsoftonline.com/", - GalleryEndpoint: "https://gallery.azure.com/", - KeyVaultEndpoint: "https://vault.azure.net/", - ManagedHSMEndpoint: "https://managedhsm.azure.net/", - GraphEndpoint: "https://graph.windows.net/", - ServiceBusEndpoint: "https://servicebus.windows.net/", - BatchManagementEndpoint: "https://batch.core.windows.net/", - MicrosoftGraphEndpoint: "https://graph.microsoft.com/", - StorageEndpointSuffix: "core.windows.net", - CosmosDBDNSSuffix: "documents.azure.com", - MariaDBDNSSuffix: "mariadb.database.azure.com", - MySQLDatabaseDNSSuffix: "mysql.database.azure.com", - PostgresqlDatabaseDNSSuffix: "postgres.database.azure.com", - SQLDatabaseDNSSuffix: "database.windows.net", - TrafficManagerDNSSuffix: "trafficmanager.net", - KeyVaultDNSSuffix: "vault.azure.net", - ManagedHSMDNSSuffix: "managedhsm.azure.net", - ServiceBusEndpointSuffix: "servicebus.windows.net", - ServiceManagementVMDNSSuffix: "cloudapp.net", - ResourceManagerVMDNSSuffix: "cloudapp.azure.com", - ContainerRegistryDNSSuffix: "azurecr.io", - TokenAudience: "https://management.azure.com/", - APIManagementHostNameSuffix: "azure-api.net", - SynapseEndpointSuffix: "dev.azuresynapse.net", - DatalakeSuffix: "azuredatalakestore.net", - ResourceIdentifiers: ResourceIdentifier{ - Graph: "https://graph.windows.net/", - KeyVault: "https://vault.azure.net", - Datalake: "https://datalake.azure.net/", - Batch: "https://batch.core.windows.net/", - OperationalInsights: "https://api.loganalytics.io", - OSSRDBMS: "https://ossrdbms-aad.database.windows.net", - Storage: "https://storage.azure.com/", - Synapse: "https://dev.azuresynapse.net", - ServiceBus: "https://servicebus.azure.net/", - SQLDatabase: "https://database.windows.net/", - CosmosDB: "https://cosmos.azure.com", - ManagedHSM: "https://managedhsm.azure.net", - MicrosoftGraph: "https://graph.microsoft.com/", - }, - } - - // USGovernmentCloud is the cloud environment for the US Government - USGovernmentCloud = Environment{ - Name: "AzureUSGovernmentCloud", - ManagementPortalURL: "https://manage.windowsazure.us/", - PublishSettingsURL: "https://manage.windowsazure.us/publishsettings/index", - ServiceManagementEndpoint: "https://management.core.usgovcloudapi.net/", - ResourceManagerEndpoint: "https://management.usgovcloudapi.net/", - ActiveDirectoryEndpoint: "https://login.microsoftonline.us/", - GalleryEndpoint: "https://gallery.usgovcloudapi.net/", - KeyVaultEndpoint: "https://vault.usgovcloudapi.net/", - ManagedHSMEndpoint: NotAvailable, - GraphEndpoint: "https://graph.windows.net/", - ServiceBusEndpoint: "https://servicebus.usgovcloudapi.net/", - BatchManagementEndpoint: "https://batch.core.usgovcloudapi.net/", - MicrosoftGraphEndpoint: "https://graph.microsoft.us/", - StorageEndpointSuffix: "core.usgovcloudapi.net", - CosmosDBDNSSuffix: "documents.azure.us", - MariaDBDNSSuffix: "mariadb.database.usgovcloudapi.net", - MySQLDatabaseDNSSuffix: "mysql.database.usgovcloudapi.net", - PostgresqlDatabaseDNSSuffix: "postgres.database.usgovcloudapi.net", - SQLDatabaseDNSSuffix: "database.usgovcloudapi.net", - TrafficManagerDNSSuffix: "usgovtrafficmanager.net", - KeyVaultDNSSuffix: "vault.usgovcloudapi.net", - ManagedHSMDNSSuffix: NotAvailable, - ServiceBusEndpointSuffix: "servicebus.usgovcloudapi.net", - ServiceManagementVMDNSSuffix: "usgovcloudapp.net", - ResourceManagerVMDNSSuffix: "cloudapp.usgovcloudapi.net", - ContainerRegistryDNSSuffix: "azurecr.us", - TokenAudience: "https://management.usgovcloudapi.net/", - APIManagementHostNameSuffix: "azure-api.us", - SynapseEndpointSuffix: "dev.azuresynapse.usgovcloudapi.net", - DatalakeSuffix: NotAvailable, - ResourceIdentifiers: ResourceIdentifier{ - Graph: "https://graph.windows.net/", - KeyVault: "https://vault.usgovcloudapi.net", - Datalake: NotAvailable, - Batch: "https://batch.core.usgovcloudapi.net/", - OperationalInsights: "https://api.loganalytics.us", - OSSRDBMS: "https://ossrdbms-aad.database.usgovcloudapi.net", - Storage: "https://storage.azure.com/", - Synapse: "https://dev.azuresynapse.usgovcloudapi.net", - ServiceBus: "https://servicebus.azure.net/", - SQLDatabase: "https://database.usgovcloudapi.net/", - CosmosDB: "https://cosmos.azure.com", - ManagedHSM: NotAvailable, - MicrosoftGraph: "https://graph.microsoft.us/", - }, - } - - // ChinaCloud is the cloud environment operated in China - ChinaCloud = Environment{ - Name: "AzureChinaCloud", - ManagementPortalURL: "https://manage.chinacloudapi.com/", - PublishSettingsURL: "https://manage.chinacloudapi.com/publishsettings/index", - ServiceManagementEndpoint: "https://management.core.chinacloudapi.cn/", - ResourceManagerEndpoint: "https://management.chinacloudapi.cn/", - ActiveDirectoryEndpoint: "https://login.chinacloudapi.cn/", - GalleryEndpoint: "https://gallery.chinacloudapi.cn/", - KeyVaultEndpoint: "https://vault.azure.cn/", - ManagedHSMEndpoint: NotAvailable, - GraphEndpoint: "https://graph.chinacloudapi.cn/", - ServiceBusEndpoint: "https://servicebus.chinacloudapi.cn/", - BatchManagementEndpoint: "https://batch.chinacloudapi.cn/", - MicrosoftGraphEndpoint: "https://microsoftgraph.chinacloudapi.cn/", - StorageEndpointSuffix: "core.chinacloudapi.cn", - CosmosDBDNSSuffix: "documents.azure.cn", - MariaDBDNSSuffix: "mariadb.database.chinacloudapi.cn", - MySQLDatabaseDNSSuffix: "mysql.database.chinacloudapi.cn", - PostgresqlDatabaseDNSSuffix: "postgres.database.chinacloudapi.cn", - SQLDatabaseDNSSuffix: "database.chinacloudapi.cn", - TrafficManagerDNSSuffix: "trafficmanager.cn", - KeyVaultDNSSuffix: "vault.azure.cn", - ManagedHSMDNSSuffix: NotAvailable, - ServiceBusEndpointSuffix: "servicebus.chinacloudapi.cn", - ServiceManagementVMDNSSuffix: "chinacloudapp.cn", - ResourceManagerVMDNSSuffix: "cloudapp.chinacloudapi.cn", - ContainerRegistryDNSSuffix: "azurecr.cn", - TokenAudience: "https://management.chinacloudapi.cn/", - APIManagementHostNameSuffix: "azure-api.cn", - SynapseEndpointSuffix: "dev.azuresynapse.azure.cn", - DatalakeSuffix: NotAvailable, - ResourceIdentifiers: ResourceIdentifier{ - Graph: "https://graph.chinacloudapi.cn/", - KeyVault: "https://vault.azure.cn", - Datalake: NotAvailable, - Batch: "https://batch.chinacloudapi.cn/", - OperationalInsights: NotAvailable, - OSSRDBMS: "https://ossrdbms-aad.database.chinacloudapi.cn", - Storage: "https://storage.azure.com/", - Synapse: "https://dev.azuresynapse.net", - ServiceBus: "https://servicebus.azure.net/", - SQLDatabase: "https://database.chinacloudapi.cn/", - CosmosDB: "https://cosmos.azure.com", - ManagedHSM: NotAvailable, - MicrosoftGraph: "https://microsoftgraph.chinacloudapi.cn", - }, - } - - // GermanCloud is the cloud environment operated in Germany - GermanCloud = Environment{ - Name: "AzureGermanCloud", - ManagementPortalURL: "http://portal.microsoftazure.de/", - PublishSettingsURL: "https://manage.microsoftazure.de/publishsettings/index", - ServiceManagementEndpoint: "https://management.core.cloudapi.de/", - ResourceManagerEndpoint: "https://management.microsoftazure.de/", - ActiveDirectoryEndpoint: "https://login.microsoftonline.de/", - GalleryEndpoint: "https://gallery.cloudapi.de/", - KeyVaultEndpoint: "https://vault.microsoftazure.de/", - ManagedHSMEndpoint: NotAvailable, - GraphEndpoint: "https://graph.cloudapi.de/", - ServiceBusEndpoint: "https://servicebus.cloudapi.de/", - BatchManagementEndpoint: "https://batch.cloudapi.de/", - MicrosoftGraphEndpoint: NotAvailable, - StorageEndpointSuffix: "core.cloudapi.de", - CosmosDBDNSSuffix: "documents.microsoftazure.de", - MariaDBDNSSuffix: "mariadb.database.cloudapi.de", - MySQLDatabaseDNSSuffix: "mysql.database.cloudapi.de", - PostgresqlDatabaseDNSSuffix: "postgres.database.cloudapi.de", - SQLDatabaseDNSSuffix: "database.cloudapi.de", - TrafficManagerDNSSuffix: "azuretrafficmanager.de", - KeyVaultDNSSuffix: "vault.microsoftazure.de", - ManagedHSMDNSSuffix: NotAvailable, - ServiceBusEndpointSuffix: "servicebus.cloudapi.de", - ServiceManagementVMDNSSuffix: "azurecloudapp.de", - ResourceManagerVMDNSSuffix: "cloudapp.microsoftazure.de", - ContainerRegistryDNSSuffix: NotAvailable, - TokenAudience: "https://management.microsoftazure.de/", - APIManagementHostNameSuffix: NotAvailable, - SynapseEndpointSuffix: NotAvailable, - DatalakeSuffix: NotAvailable, - ResourceIdentifiers: ResourceIdentifier{ - Graph: "https://graph.cloudapi.de/", - KeyVault: "https://vault.microsoftazure.de", - Datalake: NotAvailable, - Batch: "https://batch.cloudapi.de/", - OperationalInsights: NotAvailable, - OSSRDBMS: "https://ossrdbms-aad.database.cloudapi.de", - Storage: "https://storage.azure.com/", - Synapse: NotAvailable, - ServiceBus: "https://servicebus.azure.net/", - SQLDatabase: "https://database.cloudapi.de/", - CosmosDB: "https://cosmos.azure.com", - ManagedHSM: NotAvailable, - MicrosoftGraph: NotAvailable, - }, - } -) - -// EnvironmentFromName returns an Environment based on the common name specified. -func EnvironmentFromName(name string) (Environment, error) { - // IMPORTANT - // As per @radhikagupta5: - // This is technical debt, fundamentally here because Kubernetes is not currently accepting - // contributions to the providers. Once that is an option, the provider should be updated to - // directly call `EnvironmentFromFile`. Until then, we rely on dispatching Azure Stack environment creation - // from this method based on the name that is provided to us. - if strings.EqualFold(name, "AZURESTACKCLOUD") { - return EnvironmentFromFile(os.Getenv(EnvironmentFilepathName)) - } - - name = strings.ToUpper(name) - env, ok := environments[name] - if !ok { - return env, fmt.Errorf("autorest/azure: There is no cloud environment matching the name %q", name) - } - - return env, nil -} - -// EnvironmentFromFile loads an Environment from a configuration file available on disk. -// This function is particularly useful in the Hybrid Cloud model, where one must define their own -// endpoints. -func EnvironmentFromFile(location string) (unmarshaled Environment, err error) { - fileContents, err := os.ReadFile(location) - if err != nil { - return - } - - err = json.Unmarshal(fileContents, &unmarshaled) - - return -} - -// SetEnvironment updates the environment map with the specified values. -func SetEnvironment(name string, env Environment) { - environments[strings.ToUpper(name)] = env -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/metadata_environment.go b/vendor/github.com/Azure/go-autorest/autorest/azure/metadata_environment.go deleted file mode 100644 index f436a451..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/metadata_environment.go +++ /dev/null @@ -1,245 +0,0 @@ -package azure - -import ( - "encoding/json" - "fmt" - "io" - "net/http" - "strings" - - "github.com/Azure/go-autorest/autorest" -) - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -type audience []string - -type authentication struct { - LoginEndpoint string `json:"loginEndpoint"` - Audiences audience `json:"audiences"` -} - -type environmentMetadataInfo struct { - GalleryEndpoint string `json:"galleryEndpoint"` - GraphEndpoint string `json:"graphEndpoint"` - PortalEndpoint string `json:"portalEndpoint"` - Authentication authentication `json:"authentication"` -} - -// EnvironmentProperty represent property names that clients can override -type EnvironmentProperty string - -const ( - // EnvironmentName ... - EnvironmentName EnvironmentProperty = "name" - // EnvironmentManagementPortalURL .. - EnvironmentManagementPortalURL EnvironmentProperty = "managementPortalURL" - // EnvironmentPublishSettingsURL ... - EnvironmentPublishSettingsURL EnvironmentProperty = "publishSettingsURL" - // EnvironmentServiceManagementEndpoint ... - EnvironmentServiceManagementEndpoint EnvironmentProperty = "serviceManagementEndpoint" - // EnvironmentResourceManagerEndpoint ... - EnvironmentResourceManagerEndpoint EnvironmentProperty = "resourceManagerEndpoint" - // EnvironmentActiveDirectoryEndpoint ... - EnvironmentActiveDirectoryEndpoint EnvironmentProperty = "activeDirectoryEndpoint" - // EnvironmentGalleryEndpoint ... - EnvironmentGalleryEndpoint EnvironmentProperty = "galleryEndpoint" - // EnvironmentKeyVaultEndpoint ... - EnvironmentKeyVaultEndpoint EnvironmentProperty = "keyVaultEndpoint" - // EnvironmentGraphEndpoint ... - EnvironmentGraphEndpoint EnvironmentProperty = "graphEndpoint" - // EnvironmentServiceBusEndpoint ... - EnvironmentServiceBusEndpoint EnvironmentProperty = "serviceBusEndpoint" - // EnvironmentBatchManagementEndpoint ... - EnvironmentBatchManagementEndpoint EnvironmentProperty = "batchManagementEndpoint" - // EnvironmentStorageEndpointSuffix ... - EnvironmentStorageEndpointSuffix EnvironmentProperty = "storageEndpointSuffix" - // EnvironmentSQLDatabaseDNSSuffix ... - EnvironmentSQLDatabaseDNSSuffix EnvironmentProperty = "sqlDatabaseDNSSuffix" - // EnvironmentTrafficManagerDNSSuffix ... - EnvironmentTrafficManagerDNSSuffix EnvironmentProperty = "trafficManagerDNSSuffix" - // EnvironmentKeyVaultDNSSuffix ... - EnvironmentKeyVaultDNSSuffix EnvironmentProperty = "keyVaultDNSSuffix" - // EnvironmentServiceBusEndpointSuffix ... - EnvironmentServiceBusEndpointSuffix EnvironmentProperty = "serviceBusEndpointSuffix" - // EnvironmentServiceManagementVMDNSSuffix ... - EnvironmentServiceManagementVMDNSSuffix EnvironmentProperty = "serviceManagementVMDNSSuffix" - // EnvironmentResourceManagerVMDNSSuffix ... - EnvironmentResourceManagerVMDNSSuffix EnvironmentProperty = "resourceManagerVMDNSSuffix" - // EnvironmentContainerRegistryDNSSuffix ... - EnvironmentContainerRegistryDNSSuffix EnvironmentProperty = "containerRegistryDNSSuffix" - // EnvironmentTokenAudience ... - EnvironmentTokenAudience EnvironmentProperty = "tokenAudience" -) - -// OverrideProperty represents property name and value that clients can override -type OverrideProperty struct { - Key EnvironmentProperty - Value string -} - -// EnvironmentFromURL loads an Environment from a URL -// This function is particularly useful in the Hybrid Cloud model, where one may define their own -// endpoints. -func EnvironmentFromURL(resourceManagerEndpoint string, properties ...OverrideProperty) (environment Environment, err error) { - var metadataEnvProperties environmentMetadataInfo - - if resourceManagerEndpoint == "" { - return environment, fmt.Errorf("Metadata resource manager endpoint is empty") - } - - if metadataEnvProperties, err = retrieveMetadataEnvironment(resourceManagerEndpoint); err != nil { - return environment, err - } - - // Give priority to user's override values - overrideProperties(&environment, properties) - - if environment.Name == "" { - environment.Name = "HybridEnvironment" - } - stampDNSSuffix := environment.StorageEndpointSuffix - if stampDNSSuffix == "" { - stampDNSSuffix = strings.TrimSuffix(strings.TrimPrefix(strings.Replace(resourceManagerEndpoint, strings.Split(resourceManagerEndpoint, ".")[0], "", 1), "."), "/") - environment.StorageEndpointSuffix = stampDNSSuffix - } - if environment.KeyVaultDNSSuffix == "" { - environment.KeyVaultDNSSuffix = fmt.Sprintf("%s.%s", "vault", stampDNSSuffix) - } - if environment.KeyVaultEndpoint == "" { - environment.KeyVaultEndpoint = fmt.Sprintf("%s%s", "https://", environment.KeyVaultDNSSuffix) - } - if environment.TokenAudience == "" { - environment.TokenAudience = metadataEnvProperties.Authentication.Audiences[0] - } - if environment.ActiveDirectoryEndpoint == "" { - environment.ActiveDirectoryEndpoint = metadataEnvProperties.Authentication.LoginEndpoint - } - if environment.ResourceManagerEndpoint == "" { - environment.ResourceManagerEndpoint = resourceManagerEndpoint - } - if environment.GalleryEndpoint == "" { - environment.GalleryEndpoint = metadataEnvProperties.GalleryEndpoint - } - if environment.GraphEndpoint == "" { - environment.GraphEndpoint = metadataEnvProperties.GraphEndpoint - } - - return environment, nil -} - -func overrideProperties(environment *Environment, properties []OverrideProperty) { - for _, property := range properties { - switch property.Key { - case EnvironmentName: - { - environment.Name = property.Value - } - case EnvironmentManagementPortalURL: - { - environment.ManagementPortalURL = property.Value - } - case EnvironmentPublishSettingsURL: - { - environment.PublishSettingsURL = property.Value - } - case EnvironmentServiceManagementEndpoint: - { - environment.ServiceManagementEndpoint = property.Value - } - case EnvironmentResourceManagerEndpoint: - { - environment.ResourceManagerEndpoint = property.Value - } - case EnvironmentActiveDirectoryEndpoint: - { - environment.ActiveDirectoryEndpoint = property.Value - } - case EnvironmentGalleryEndpoint: - { - environment.GalleryEndpoint = property.Value - } - case EnvironmentKeyVaultEndpoint: - { - environment.KeyVaultEndpoint = property.Value - } - case EnvironmentGraphEndpoint: - { - environment.GraphEndpoint = property.Value - } - case EnvironmentServiceBusEndpoint: - { - environment.ServiceBusEndpoint = property.Value - } - case EnvironmentBatchManagementEndpoint: - { - environment.BatchManagementEndpoint = property.Value - } - case EnvironmentStorageEndpointSuffix: - { - environment.StorageEndpointSuffix = property.Value - } - case EnvironmentSQLDatabaseDNSSuffix: - { - environment.SQLDatabaseDNSSuffix = property.Value - } - case EnvironmentTrafficManagerDNSSuffix: - { - environment.TrafficManagerDNSSuffix = property.Value - } - case EnvironmentKeyVaultDNSSuffix: - { - environment.KeyVaultDNSSuffix = property.Value - } - case EnvironmentServiceBusEndpointSuffix: - { - environment.ServiceBusEndpointSuffix = property.Value - } - case EnvironmentServiceManagementVMDNSSuffix: - { - environment.ServiceManagementVMDNSSuffix = property.Value - } - case EnvironmentResourceManagerVMDNSSuffix: - { - environment.ResourceManagerVMDNSSuffix = property.Value - } - case EnvironmentContainerRegistryDNSSuffix: - { - environment.ContainerRegistryDNSSuffix = property.Value - } - case EnvironmentTokenAudience: - { - environment.TokenAudience = property.Value - } - } - } -} - -func retrieveMetadataEnvironment(endpoint string) (environment environmentMetadataInfo, err error) { - client := autorest.NewClientWithUserAgent("") - managementEndpoint := fmt.Sprintf("%s%s", strings.TrimSuffix(endpoint, "/"), "/metadata/endpoints?api-version=1.0") - req, _ := http.NewRequest("GET", managementEndpoint, nil) - response, err := client.Do(req) - if err != nil { - return environment, err - } - defer response.Body.Close() - jsonResponse, err := io.ReadAll(response.Body) - if err != nil { - return environment, err - } - err = json.Unmarshal(jsonResponse, &environment) - return environment, err -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/azure/rp.go b/vendor/github.com/Azure/go-autorest/autorest/azure/rp.go deleted file mode 100644 index 5b52357f..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/azure/rp.go +++ /dev/null @@ -1,204 +0,0 @@ -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package azure - -import ( - "errors" - "fmt" - "net/http" - "net/url" - "strings" - "time" - - "github.com/Azure/go-autorest/autorest" -) - -// DoRetryWithRegistration tries to register the resource provider in case it is unregistered. -// It also handles request retries -func DoRetryWithRegistration(client autorest.Client) autorest.SendDecorator { - return func(s autorest.Sender) autorest.Sender { - return autorest.SenderFunc(func(r *http.Request) (resp *http.Response, err error) { - rr := autorest.NewRetriableRequest(r) - for currentAttempt := 0; currentAttempt < client.RetryAttempts; currentAttempt++ { - err = rr.Prepare() - if err != nil { - return resp, err - } - - resp, err = autorest.SendWithSender(s, rr.Request(), - autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...), - ) - if err != nil { - return resp, err - } - - if resp.StatusCode != http.StatusConflict || client.SkipResourceProviderRegistration { - return resp, err - } - - var re RequestError - if strings.Contains(r.Header.Get("Content-Type"), "xml") { - // XML errors (e.g. Storage Data Plane) only return the inner object - err = autorest.Respond(resp, autorest.ByUnmarshallingXML(&re.ServiceError)) - } else { - err = autorest.Respond(resp, autorest.ByUnmarshallingJSON(&re)) - } - - if err != nil { - return resp, err - } - err = re - - if re.ServiceError != nil && re.ServiceError.Code == "MissingSubscriptionRegistration" { - regErr := register(client, r, re) - if regErr != nil { - return resp, fmt.Errorf("failed auto registering Resource Provider: %s. Original error: %w", regErr, err) - } - } - } - return resp, err - }) - } -} - -func getProvider(re RequestError) (string, error) { - if re.ServiceError != nil && len(re.ServiceError.Details) > 0 { - return re.ServiceError.Details[0]["target"].(string), nil - } - return "", errors.New("provider was not found in the response") -} - -func register(client autorest.Client, originalReq *http.Request, re RequestError) error { - subID := getSubscription(originalReq.URL.Path) - if subID == "" { - return errors.New("missing parameter subscriptionID to register resource provider") - } - providerName, err := getProvider(re) - if err != nil { - return fmt.Errorf("missing parameter provider to register resource provider: %s", err) - } - newURL := url.URL{ - Scheme: originalReq.URL.Scheme, - Host: originalReq.URL.Host, - } - - // taken from the resources SDK - // with almost identical code, this sections are easier to mantain - // It is also not a good idea to import the SDK here - // https://github.com/Azure/azure-sdk-for-go/blob/9f366792afa3e0ddaecdc860e793ba9d75e76c27/arm/resources/resources/providers.go#L252 - pathParameters := map[string]interface{}{ - "resourceProviderNamespace": autorest.Encode("path", providerName), - "subscriptionId": autorest.Encode("path", subID), - } - - const APIVersion = "2016-09-01" - queryParameters := map[string]interface{}{ - "api-version": APIVersion, - } - - preparer := autorest.CreatePreparer( - autorest.AsPost(), - autorest.WithBaseURL(newURL.String()), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/{resourceProviderNamespace}/register", pathParameters), - autorest.WithQueryParameters(queryParameters), - ) - - req, err := preparer.Prepare(&http.Request{}) - if err != nil { - return err - } - req = req.WithContext(originalReq.Context()) - - resp, err := autorest.SendWithSender(client, req, - autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...), - ) - if err != nil { - return err - } - - type Provider struct { - RegistrationState *string `json:"registrationState,omitempty"` - } - var provider Provider - - err = autorest.Respond( - resp, - WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&provider), - autorest.ByClosing(), - ) - if err != nil { - return err - } - - // poll for registered provisioning state - registrationStartTime := time.Now() - for err == nil && (client.PollingDuration == 0 || (client.PollingDuration != 0 && time.Since(registrationStartTime) < client.PollingDuration)) { - // taken from the resources SDK - // https://github.com/Azure/azure-sdk-for-go/blob/9f366792afa3e0ddaecdc860e793ba9d75e76c27/arm/resources/resources/providers.go#L45 - preparer := autorest.CreatePreparer( - autorest.AsGet(), - autorest.WithBaseURL(newURL.String()), - autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/{resourceProviderNamespace}", pathParameters), - autorest.WithQueryParameters(queryParameters), - ) - req, err = preparer.Prepare(&http.Request{}) - if err != nil { - return err - } - req = req.WithContext(originalReq.Context()) - - resp, err := autorest.SendWithSender(client, req, - autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...), - ) - if err != nil { - return err - } - - err = autorest.Respond( - resp, - WithErrorUnlessStatusCode(http.StatusOK), - autorest.ByUnmarshallingJSON(&provider), - autorest.ByClosing(), - ) - if err != nil { - return err - } - - if provider.RegistrationState != nil && - *provider.RegistrationState == "Registered" { - break - } - - delayed := autorest.DelayWithRetryAfter(resp, originalReq.Context().Done()) - if !delayed && !autorest.DelayForBackoff(client.PollingDelay, 0, originalReq.Context().Done()) { - return originalReq.Context().Err() - } - } - if client.PollingDuration != 0 && !(time.Since(registrationStartTime) < client.PollingDuration) { - return errors.New("polling for resource provider registration has exceeded the polling duration") - } - return err -} - -func getSubscription(path string) string { - parts := strings.Split(path, "/") - for i, v := range parts { - if v == "subscriptions" && (i+1) < len(parts) { - return parts[i+1] - } - } - return "" -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/client.go b/vendor/github.com/Azure/go-autorest/autorest/client.go deleted file mode 100644 index b2f2357e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/client.go +++ /dev/null @@ -1,327 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "crypto/tls" - "errors" - "fmt" - "io" - "log" - "net/http" - "strings" - "time" - - "github.com/Azure/go-autorest/logger" -) - -const ( - // DefaultPollingDelay is a reasonable delay between polling requests. - DefaultPollingDelay = 30 * time.Second - - // DefaultPollingDuration is a reasonable total polling duration. - DefaultPollingDuration = 15 * time.Minute - - // DefaultRetryAttempts is number of attempts for retry status codes (5xx). - DefaultRetryAttempts = 3 - - // DefaultRetryDuration is the duration to wait between retries. - DefaultRetryDuration = 30 * time.Second -) - -var ( - // StatusCodesForRetry are a defined group of status code for which the client will retry - StatusCodesForRetry = []int{ - http.StatusRequestTimeout, // 408 - http.StatusTooManyRequests, // 429 - http.StatusInternalServerError, // 500 - http.StatusBadGateway, // 502 - http.StatusServiceUnavailable, // 503 - http.StatusGatewayTimeout, // 504 - } -) - -const ( - requestFormat = `HTTP Request Begin =================================================== -%s -===================================================== HTTP Request End -` - responseFormat = `HTTP Response Begin =================================================== -%s -===================================================== HTTP Response End -` -) - -// Response serves as the base for all responses from generated clients. It provides access to the -// last http.Response. -type Response struct { - *http.Response `json:"-"` -} - -// IsHTTPStatus returns true if the returned HTTP status code matches the provided status code. -// If there was no response (i.e. the underlying http.Response is nil) the return value is false. -func (r Response) IsHTTPStatus(statusCode int) bool { - if r.Response == nil { - return false - } - return r.Response.StatusCode == statusCode -} - -// HasHTTPStatus returns true if the returned HTTP status code matches one of the provided status codes. -// If there was no response (i.e. the underlying http.Response is nil) or not status codes are provided -// the return value is false. -func (r Response) HasHTTPStatus(statusCodes ...int) bool { - return ResponseHasStatusCode(r.Response, statusCodes...) -} - -// LoggingInspector implements request and response inspectors that log the full request and -// response to a supplied log. -type LoggingInspector struct { - Logger *log.Logger -} - -// WithInspection returns a PrepareDecorator that emits the http.Request to the supplied logger. The -// body is restored after being emitted. -// -// Note: Since it reads the entire Body, this decorator should not be used where body streaming is -// important. It is best used to trace JSON or similar body values. -func (li LoggingInspector) WithInspection() PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - var body, b bytes.Buffer - - defer r.Body.Close() - - r.Body = io.NopCloser(io.TeeReader(r.Body, &body)) - if err := r.Write(&b); err != nil { - return nil, fmt.Errorf("Failed to write response: %v", err) - } - - li.Logger.Printf(requestFormat, b.String()) - - r.Body = io.NopCloser(&body) - return p.Prepare(r) - }) - } -} - -// ByInspecting returns a RespondDecorator that emits the http.Response to the supplied logger. The -// body is restored after being emitted. -// -// Note: Since it reads the entire Body, this decorator should not be used where body streaming is -// important. It is best used to trace JSON or similar body values. -func (li LoggingInspector) ByInspecting() RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - var body, b bytes.Buffer - defer resp.Body.Close() - resp.Body = io.NopCloser(io.TeeReader(resp.Body, &body)) - if err := resp.Write(&b); err != nil { - return fmt.Errorf("Failed to write response: %v", err) - } - - li.Logger.Printf(responseFormat, b.String()) - - resp.Body = io.NopCloser(&body) - return r.Respond(resp) - }) - } -} - -// Client is the base for autorest generated clients. It provides default, "do nothing" -// implementations of an Authorizer, RequestInspector, and ResponseInspector. It also returns the -// standard, undecorated http.Client as a default Sender. -// -// Generated clients should also use Error (see NewError and NewErrorWithError) for errors and -// return responses that compose with Response. -// -// Most customization of generated clients is best achieved by supplying a custom Authorizer, custom -// RequestInspector, and / or custom ResponseInspector. Users may log requests, implement circuit -// breakers (see https://msdn.microsoft.com/en-us/library/dn589784.aspx) or otherwise influence -// sending the request by providing a decorated Sender. -type Client struct { - Authorizer Authorizer - Sender Sender - RequestInspector PrepareDecorator - ResponseInspector RespondDecorator - - // PollingDelay sets the polling frequency used in absence of a Retry-After HTTP header - PollingDelay time.Duration - - // PollingDuration sets the maximum polling time after which an error is returned. - // Setting this to zero will use the provided context to control the duration. - PollingDuration time.Duration - - // RetryAttempts sets the total number of times the client will attempt to make an HTTP request. - // Set the value to 1 to disable retries. DO NOT set the value to less than 1. - RetryAttempts int - - // RetryDuration sets the delay duration for retries. - RetryDuration time.Duration - - // UserAgent, if not empty, will be set as the HTTP User-Agent header on all requests sent - // through the Do method. - UserAgent string - - Jar http.CookieJar - - // Set to true to skip attempted registration of resource providers (false by default). - SkipResourceProviderRegistration bool - - // SendDecorators can be used to override the default chain of SendDecorators. - // This can be used to specify things like a custom retry SendDecorator. - // Set this to an empty slice to use no SendDecorators. - SendDecorators []SendDecorator -} - -// NewClientWithUserAgent returns an instance of a Client with the UserAgent set to the passed -// string. -func NewClientWithUserAgent(ua string) Client { - return newClient(ua, tls.RenegotiateNever) -} - -// ClientOptions contains various Client configuration options. -type ClientOptions struct { - // UserAgent is an optional user-agent string to append to the default user agent. - UserAgent string - - // Renegotiation is an optional setting to control client-side TLS renegotiation. - Renegotiation tls.RenegotiationSupport -} - -// NewClientWithOptions returns an instance of a Client with the specified values. -func NewClientWithOptions(options ClientOptions) Client { - return newClient(options.UserAgent, options.Renegotiation) -} - -func newClient(ua string, renegotiation tls.RenegotiationSupport) Client { - c := Client{ - PollingDelay: DefaultPollingDelay, - PollingDuration: DefaultPollingDuration, - RetryAttempts: DefaultRetryAttempts, - RetryDuration: DefaultRetryDuration, - UserAgent: UserAgent(), - } - c.Sender = c.sender(renegotiation) - c.AddToUserAgent(ua) - return c -} - -// AddToUserAgent adds an extension to the current user agent -func (c *Client) AddToUserAgent(extension string) error { - if extension != "" { - c.UserAgent = fmt.Sprintf("%s %s", c.UserAgent, extension) - return nil - } - return fmt.Errorf("Extension was empty, User Agent stayed as %s", c.UserAgent) -} - -// Do implements the Sender interface by invoking the active Sender after applying authorization. -// If Sender is not set, it uses a new instance of http.Client. In both cases it will, if UserAgent -// is set, apply set the User-Agent header. -func (c Client) Do(r *http.Request) (*http.Response, error) { - if r.UserAgent() == "" { - r, _ = Prepare(r, - WithUserAgent(c.UserAgent)) - } - // NOTE: c.WithInspection() must be last in the list so that it can inspect all preceding operations - r, err := Prepare(r, - c.WithAuthorization(), - c.WithInspection()) - if err != nil { - var resp *http.Response - if detErr, ok := err.(DetailedError); ok { - // if the authorization failed (e.g. invalid credentials) there will - // be a response associated with the error, be sure to return it. - resp = detErr.Response - } - return resp, NewErrorWithError(err, "autorest/Client", "Do", nil, "Preparing request failed") - } - logger.Instance.WriteRequest(r, logger.Filter{ - Header: func(k string, v []string) (bool, []string) { - // remove the auth token from the log - if strings.EqualFold(k, "Authorization") || strings.EqualFold(k, "Ocp-Apim-Subscription-Key") { - v = []string{"**REDACTED**"} - } - return true, v - }, - }) - resp, err := SendWithSender(c.sender(tls.RenegotiateNever), r) - if resp == nil && err == nil { - err = errors.New("autorest: received nil response and error") - } - logger.Instance.WriteResponse(resp, logger.Filter{}) - Respond(resp, c.ByInspecting()) - return resp, err -} - -// sender returns the Sender to which to send requests. -func (c Client) sender(renengotiation tls.RenegotiationSupport) Sender { - if c.Sender == nil { - return sender(renengotiation) - } - return c.Sender -} - -// WithAuthorization is a convenience method that returns the WithAuthorization PrepareDecorator -// from the current Authorizer. If not Authorizer is set, it uses the NullAuthorizer. -func (c Client) WithAuthorization() PrepareDecorator { - return c.authorizer().WithAuthorization() -} - -// authorizer returns the Authorizer to use. -func (c Client) authorizer() Authorizer { - if c.Authorizer == nil { - return NullAuthorizer{} - } - return c.Authorizer -} - -// WithInspection is a convenience method that passes the request to the supplied RequestInspector, -// if present, or returns the WithNothing PrepareDecorator otherwise. -func (c Client) WithInspection() PrepareDecorator { - if c.RequestInspector == nil { - return WithNothing() - } - return c.RequestInspector -} - -// ByInspecting is a convenience method that passes the response to the supplied ResponseInspector, -// if present, or returns the ByIgnoring RespondDecorator otherwise. -func (c Client) ByInspecting() RespondDecorator { - if c.ResponseInspector == nil { - return ByIgnoring() - } - return c.ResponseInspector -} - -// Send sends the provided http.Request using the client's Sender or the default sender. -// It returns the http.Response and possible error. It also accepts a, possibly empty, -// default set of SendDecorators used when sending the request. -// SendDecorators have the following precedence: -// 1. In a request's context via WithSendDecorators() -// 2. Specified on the client in SendDecorators -// 3. The default values specified in this method -func (c Client) Send(req *http.Request, decorators ...SendDecorator) (*http.Response, error) { - if c.SendDecorators != nil { - decorators = c.SendDecorators - } - inCtx := req.Context().Value(ctxSendDecorators{}) - if sd, ok := inCtx.([]SendDecorator); ok { - decorators = sd - } - return SendWithSender(c, req, decorators...) -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/LICENSE b/vendor/github.com/Azure/go-autorest/autorest/date/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/date/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/date.go b/vendor/github.com/Azure/go-autorest/autorest/date/date.go deleted file mode 100644 index c4571065..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/date/date.go +++ /dev/null @@ -1,96 +0,0 @@ -/* -Package date provides time.Time derivatives that conform to the Swagger.io (https://swagger.io/) -defined date formats: Date and DateTime. Both types may, in most cases, be used in lieu of -time.Time types. And both convert to time.Time through a ToTime method. -*/ -package date - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "fmt" - "time" -) - -const ( - fullDate = "2006-01-02" - fullDateJSON = `"2006-01-02"` - dateFormat = "%04d-%02d-%02d" - jsonFormat = `"%04d-%02d-%02d"` -) - -// Date defines a type similar to time.Time but assumes a layout of RFC3339 full-date (i.e., -// 2006-01-02). -type Date struct { - time.Time -} - -// ParseDate create a new Date from the passed string. -func ParseDate(date string) (d Date, err error) { - return parseDate(date, fullDate) -} - -func parseDate(date string, format string) (Date, error) { - d, err := time.Parse(format, date) - return Date{Time: d}, err -} - -// MarshalBinary preserves the Date as a byte array conforming to RFC3339 full-date (i.e., -// 2006-01-02). -func (d Date) MarshalBinary() ([]byte, error) { - return d.MarshalText() -} - -// UnmarshalBinary reconstitutes a Date saved as a byte array conforming to RFC3339 full-date (i.e., -// 2006-01-02). -func (d *Date) UnmarshalBinary(data []byte) error { - return d.UnmarshalText(data) -} - -// MarshalJSON preserves the Date as a JSON string conforming to RFC3339 full-date (i.e., -// 2006-01-02). -func (d Date) MarshalJSON() (json []byte, err error) { - return []byte(fmt.Sprintf(jsonFormat, d.Year(), d.Month(), d.Day())), nil -} - -// UnmarshalJSON reconstitutes the Date from a JSON string conforming to RFC3339 full-date (i.e., -// 2006-01-02). -func (d *Date) UnmarshalJSON(data []byte) (err error) { - d.Time, err = time.Parse(fullDateJSON, string(data)) - return err -} - -// MarshalText preserves the Date as a byte array conforming to RFC3339 full-date (i.e., -// 2006-01-02). -func (d Date) MarshalText() (text []byte, err error) { - return []byte(fmt.Sprintf(dateFormat, d.Year(), d.Month(), d.Day())), nil -} - -// UnmarshalText reconstitutes a Date saved as a byte array conforming to RFC3339 full-date (i.e., -// 2006-01-02). -func (d *Date) UnmarshalText(data []byte) (err error) { - d.Time, err = time.Parse(fullDate, string(data)) - return err -} - -// String returns the Date formatted as an RFC3339 full-date string (i.e., 2006-01-02). -func (d Date) String() string { - return fmt.Sprintf(dateFormat, d.Year(), d.Month(), d.Day()) -} - -// ToTime returns a Date as a time.Time -func (d Date) ToTime() time.Time { - return d.Time -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/date/go_mod_tidy_hack.go deleted file mode 100644 index 4e054320..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/date/go_mod_tidy_hack.go +++ /dev/null @@ -1,24 +0,0 @@ -// +build modhack - -package date - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// This file, and the github.com/Azure/go-autorest import, won't actually become part of -// the resultant binary. - -// Necessary for safely adding multi-module repo. -// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/time.go b/vendor/github.com/Azure/go-autorest/autorest/date/time.go deleted file mode 100644 index b453fad0..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/date/time.go +++ /dev/null @@ -1,103 +0,0 @@ -package date - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "regexp" - "time" -) - -// Azure reports time in UTC but it doesn't include the 'Z' time zone suffix in some cases. -const ( - azureUtcFormatJSON = `"2006-01-02T15:04:05.999999999"` - azureUtcFormat = "2006-01-02T15:04:05.999999999" - rfc3339JSON = `"` + time.RFC3339Nano + `"` - rfc3339 = time.RFC3339Nano - tzOffsetRegex = `(Z|z|\+|-)(\d+:\d+)*"*$` -) - -// Time defines a type similar to time.Time but assumes a layout of RFC3339 date-time (i.e., -// 2006-01-02T15:04:05Z). -type Time struct { - time.Time -} - -// MarshalBinary preserves the Time as a byte array conforming to RFC3339 date-time (i.e., -// 2006-01-02T15:04:05Z). -func (t Time) MarshalBinary() ([]byte, error) { - return t.Time.MarshalText() -} - -// UnmarshalBinary reconstitutes a Time saved as a byte array conforming to RFC3339 date-time -// (i.e., 2006-01-02T15:04:05Z). -func (t *Time) UnmarshalBinary(data []byte) error { - return t.UnmarshalText(data) -} - -// MarshalJSON preserves the Time as a JSON string conforming to RFC3339 date-time (i.e., -// 2006-01-02T15:04:05Z). -func (t Time) MarshalJSON() (json []byte, err error) { - return t.Time.MarshalJSON() -} - -// UnmarshalJSON reconstitutes the Time from a JSON string conforming to RFC3339 date-time -// (i.e., 2006-01-02T15:04:05Z). -func (t *Time) UnmarshalJSON(data []byte) (err error) { - timeFormat := azureUtcFormatJSON - match, err := regexp.Match(tzOffsetRegex, data) - if err != nil { - return err - } else if match { - timeFormat = rfc3339JSON - } - t.Time, err = ParseTime(timeFormat, string(data)) - return err -} - -// MarshalText preserves the Time as a byte array conforming to RFC3339 date-time (i.e., -// 2006-01-02T15:04:05Z). -func (t Time) MarshalText() (text []byte, err error) { - return t.Time.MarshalText() -} - -// UnmarshalText reconstitutes a Time saved as a byte array conforming to RFC3339 date-time -// (i.e., 2006-01-02T15:04:05Z). -func (t *Time) UnmarshalText(data []byte) (err error) { - timeFormat := azureUtcFormat - match, err := regexp.Match(tzOffsetRegex, data) - if err != nil { - return err - } else if match { - timeFormat = rfc3339 - } - t.Time, err = ParseTime(timeFormat, string(data)) - return err -} - -// String returns the Time formatted as an RFC3339 date-time string (i.e., -// 2006-01-02T15:04:05Z). -func (t Time) String() string { - // Note: time.Time.String does not return an RFC3339 compliant string, time.Time.MarshalText does. - b, err := t.MarshalText() - if err != nil { - return "" - } - return string(b) -} - -// ToTime returns a Time as a time.Time -func (t Time) ToTime() time.Time { - return t.Time -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/timerfc1123.go b/vendor/github.com/Azure/go-autorest/autorest/date/timerfc1123.go deleted file mode 100644 index 48fb39ba..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/date/timerfc1123.go +++ /dev/null @@ -1,100 +0,0 @@ -package date - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "errors" - "time" -) - -const ( - rfc1123JSON = `"` + time.RFC1123 + `"` - rfc1123 = time.RFC1123 -) - -// TimeRFC1123 defines a type similar to time.Time but assumes a layout of RFC1123 date-time (i.e., -// Mon, 02 Jan 2006 15:04:05 MST). -type TimeRFC1123 struct { - time.Time -} - -// UnmarshalJSON reconstitutes the Time from a JSON string conforming to RFC1123 date-time -// (i.e., Mon, 02 Jan 2006 15:04:05 MST). -func (t *TimeRFC1123) UnmarshalJSON(data []byte) (err error) { - t.Time, err = ParseTime(rfc1123JSON, string(data)) - if err != nil { - return err - } - return nil -} - -// MarshalJSON preserves the Time as a JSON string conforming to RFC1123 date-time (i.e., -// Mon, 02 Jan 2006 15:04:05 MST). -func (t TimeRFC1123) MarshalJSON() ([]byte, error) { - if y := t.Year(); y < 0 || y >= 10000 { - return nil, errors.New("Time.MarshalJSON: year outside of range [0,9999]") - } - b := []byte(t.Format(rfc1123JSON)) - return b, nil -} - -// MarshalText preserves the Time as a byte array conforming to RFC1123 date-time (i.e., -// Mon, 02 Jan 2006 15:04:05 MST). -func (t TimeRFC1123) MarshalText() ([]byte, error) { - if y := t.Year(); y < 0 || y >= 10000 { - return nil, errors.New("Time.MarshalText: year outside of range [0,9999]") - } - - b := []byte(t.Format(rfc1123)) - return b, nil -} - -// UnmarshalText reconstitutes a Time saved as a byte array conforming to RFC1123 date-time -// (i.e., Mon, 02 Jan 2006 15:04:05 MST). -func (t *TimeRFC1123) UnmarshalText(data []byte) (err error) { - t.Time, err = ParseTime(rfc1123, string(data)) - if err != nil { - return err - } - return nil -} - -// MarshalBinary preserves the Time as a byte array conforming to RFC1123 date-time (i.e., -// Mon, 02 Jan 2006 15:04:05 MST). -func (t TimeRFC1123) MarshalBinary() ([]byte, error) { - return t.MarshalText() -} - -// UnmarshalBinary reconstitutes a Time saved as a byte array conforming to RFC1123 date-time -// (i.e., Mon, 02 Jan 2006 15:04:05 MST). -func (t *TimeRFC1123) UnmarshalBinary(data []byte) error { - return t.UnmarshalText(data) -} - -// ToTime returns a Time as a time.Time -func (t TimeRFC1123) ToTime() time.Time { - return t.Time -} - -// String returns the Time formatted as an RFC1123 date-time string (i.e., -// Mon, 02 Jan 2006 15:04:05 MST). -func (t TimeRFC1123) String() string { - // Note: time.Time.String does not return an RFC1123 compliant string, time.Time.MarshalText does. - b, err := t.MarshalText() - if err != nil { - return "" - } - return string(b) -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/unixtime.go b/vendor/github.com/Azure/go-autorest/autorest/date/unixtime.go deleted file mode 100644 index 7073959b..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/date/unixtime.go +++ /dev/null @@ -1,123 +0,0 @@ -package date - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "encoding/binary" - "encoding/json" - "time" -) - -// unixEpoch is the moment in time that should be treated as timestamp 0. -var unixEpoch = time.Date(1970, time.January, 1, 0, 0, 0, 0, time.UTC) - -// UnixTime marshals and unmarshals a time that is represented as the number -// of seconds (ignoring skip-seconds) since the Unix Epoch. -type UnixTime time.Time - -// Duration returns the time as a Duration since the UnixEpoch. -func (t UnixTime) Duration() time.Duration { - return time.Time(t).Sub(unixEpoch) -} - -// NewUnixTimeFromSeconds creates a UnixTime as a number of seconds from the UnixEpoch. -func NewUnixTimeFromSeconds(seconds float64) UnixTime { - return NewUnixTimeFromDuration(time.Duration(seconds * float64(time.Second))) -} - -// NewUnixTimeFromNanoseconds creates a UnixTime as a number of nanoseconds from the UnixEpoch. -func NewUnixTimeFromNanoseconds(nanoseconds int64) UnixTime { - return NewUnixTimeFromDuration(time.Duration(nanoseconds)) -} - -// NewUnixTimeFromDuration creates a UnixTime as a duration of time since the UnixEpoch. -func NewUnixTimeFromDuration(dur time.Duration) UnixTime { - return UnixTime(unixEpoch.Add(dur)) -} - -// UnixEpoch retreives the moment considered the Unix Epoch. I.e. The time represented by '0' -func UnixEpoch() time.Time { - return unixEpoch -} - -// MarshalJSON preserves the UnixTime as a JSON number conforming to Unix Timestamp requirements. -// (i.e. the number of seconds since midnight January 1st, 1970 not considering leap seconds.) -func (t UnixTime) MarshalJSON() ([]byte, error) { - buffer := &bytes.Buffer{} - enc := json.NewEncoder(buffer) - err := enc.Encode(float64(time.Time(t).UnixNano()) / 1e9) - if err != nil { - return nil, err - } - return buffer.Bytes(), nil -} - -// UnmarshalJSON reconstitures a UnixTime saved as a JSON number of the number of seconds since -// midnight January 1st, 1970. -func (t *UnixTime) UnmarshalJSON(text []byte) error { - dec := json.NewDecoder(bytes.NewReader(text)) - - var secondsSinceEpoch float64 - if err := dec.Decode(&secondsSinceEpoch); err != nil { - return err - } - - *t = NewUnixTimeFromSeconds(secondsSinceEpoch) - - return nil -} - -// MarshalText stores the number of seconds since the Unix Epoch as a textual floating point number. -func (t UnixTime) MarshalText() ([]byte, error) { - cast := time.Time(t) - return cast.MarshalText() -} - -// UnmarshalText populates a UnixTime with a value stored textually as a floating point number of seconds since the Unix Epoch. -func (t *UnixTime) UnmarshalText(raw []byte) error { - var unmarshaled time.Time - - if err := unmarshaled.UnmarshalText(raw); err != nil { - return err - } - - *t = UnixTime(unmarshaled) - return nil -} - -// MarshalBinary converts a UnixTime into a binary.LittleEndian float64 of nanoseconds since the epoch. -func (t UnixTime) MarshalBinary() ([]byte, error) { - buf := &bytes.Buffer{} - - payload := int64(t.Duration()) - - if err := binary.Write(buf, binary.LittleEndian, &payload); err != nil { - return nil, err - } - - return buf.Bytes(), nil -} - -// UnmarshalBinary converts a from a binary.LittleEndian float64 of nanoseconds since the epoch into a UnixTime. -func (t *UnixTime) UnmarshalBinary(raw []byte) error { - var nanosecondsSinceEpoch int64 - - if err := binary.Read(bytes.NewReader(raw), binary.LittleEndian, &nanosecondsSinceEpoch); err != nil { - return err - } - *t = NewUnixTimeFromNanoseconds(nanosecondsSinceEpoch) - return nil -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/date/utility.go b/vendor/github.com/Azure/go-autorest/autorest/date/utility.go deleted file mode 100644 index 12addf0e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/date/utility.go +++ /dev/null @@ -1,25 +0,0 @@ -package date - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "strings" - "time" -) - -// ParseTime to parse Time string to specified format. -func ParseTime(format string, t string) (d time.Time, err error) { - return time.Parse(format, strings.ToUpper(t)) -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/error.go b/vendor/github.com/Azure/go-autorest/autorest/error.go deleted file mode 100644 index 35098eda..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/error.go +++ /dev/null @@ -1,103 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "fmt" - "net/http" -) - -const ( - // UndefinedStatusCode is used when HTTP status code is not available for an error. - UndefinedStatusCode = 0 -) - -// DetailedError encloses a error with details of the package, method, and associated HTTP -// status code (if any). -type DetailedError struct { - Original error - - // PackageType is the package type of the object emitting the error. For types, the value - // matches that produced the the '%T' format specifier of the fmt package. For other elements, - // such as functions, it is just the package name (e.g., "autorest"). - PackageType string - - // Method is the name of the method raising the error. - Method string - - // StatusCode is the HTTP Response StatusCode (if non-zero) that led to the error. - StatusCode interface{} - - // Message is the error message. - Message string - - // Service Error is the response body of failed API in bytes - ServiceError []byte - - // Response is the response object that was returned during failure if applicable. - Response *http.Response -} - -// NewError creates a new Error conforming object from the passed packageType, method, and -// message. message is treated as a format string to which the optional args apply. -func NewError(packageType string, method string, message string, args ...interface{}) DetailedError { - return NewErrorWithError(nil, packageType, method, nil, message, args...) -} - -// NewErrorWithResponse creates a new Error conforming object from the passed -// packageType, method, statusCode of the given resp (UndefinedStatusCode if -// resp is nil), and message. message is treated as a format string to which the -// optional args apply. -func NewErrorWithResponse(packageType string, method string, resp *http.Response, message string, args ...interface{}) DetailedError { - return NewErrorWithError(nil, packageType, method, resp, message, args...) -} - -// NewErrorWithError creates a new Error conforming object from the -// passed packageType, method, statusCode of the given resp (UndefinedStatusCode -// if resp is nil), message, and original error. message is treated as a format -// string to which the optional args apply. -func NewErrorWithError(original error, packageType string, method string, resp *http.Response, message string, args ...interface{}) DetailedError { - if v, ok := original.(DetailedError); ok { - return v - } - - statusCode := UndefinedStatusCode - if resp != nil { - statusCode = resp.StatusCode - } - - return DetailedError{ - Original: original, - PackageType: packageType, - Method: method, - StatusCode: statusCode, - Message: fmt.Sprintf(message, args...), - Response: resp, - } -} - -// Error returns a formatted containing all available details (i.e., PackageType, Method, -// StatusCode, Message, and original error (if any)). -func (e DetailedError) Error() string { - if e.Original == nil { - return fmt.Sprintf("%s#%s: %s: StatusCode=%d", e.PackageType, e.Method, e.Message, e.StatusCode) - } - return fmt.Sprintf("%s#%s: %s: StatusCode=%d -- Original Error: %v", e.PackageType, e.Method, e.Message, e.StatusCode, e.Original) -} - -// Unwrap returns the original error. -func (e DetailedError) Unwrap() error { - return e.Original -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go deleted file mode 100644 index 792f82d4..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/go_mod_tidy_hack.go +++ /dev/null @@ -1,25 +0,0 @@ -//go:build modhack -// +build modhack - -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// This file, and the github.com/Azure/go-autorest import, won't actually become part of -// the resultant binary. - -// Necessary for safely adding multi-module repo. -// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/preparer.go b/vendor/github.com/Azure/go-autorest/autorest/preparer.go deleted file mode 100644 index f6de8c5e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/preparer.go +++ /dev/null @@ -1,548 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "context" - "encoding/json" - "encoding/xml" - "fmt" - "io" - "mime/multipart" - "net/http" - "net/url" - "strings" -) - -const ( - mimeTypeJSON = "application/json" - mimeTypeOctetStream = "application/octet-stream" - mimeTypeFormPost = "application/x-www-form-urlencoded" - - headerAuthorization = "Authorization" - headerAuxAuthorization = "x-ms-authorization-auxiliary" - headerContentType = "Content-Type" - headerUserAgent = "User-Agent" -) - -// used as a key type in context.WithValue() -type ctxPrepareDecorators struct{} - -// WithPrepareDecorators adds the specified PrepareDecorators to the provided context. -// If no PrepareDecorators are provided the context is unchanged. -func WithPrepareDecorators(ctx context.Context, prepareDecorator []PrepareDecorator) context.Context { - if len(prepareDecorator) == 0 { - return ctx - } - return context.WithValue(ctx, ctxPrepareDecorators{}, prepareDecorator) -} - -// GetPrepareDecorators returns the PrepareDecorators in the provided context or the provided default PrepareDecorators. -func GetPrepareDecorators(ctx context.Context, defaultPrepareDecorators ...PrepareDecorator) []PrepareDecorator { - inCtx := ctx.Value(ctxPrepareDecorators{}) - if pd, ok := inCtx.([]PrepareDecorator); ok { - return pd - } - return defaultPrepareDecorators -} - -// Preparer is the interface that wraps the Prepare method. -// -// Prepare accepts and possibly modifies an http.Request (e.g., adding Headers). Implementations -// must ensure to not share or hold per-invocation state since Preparers may be shared and re-used. -type Preparer interface { - Prepare(*http.Request) (*http.Request, error) -} - -// PreparerFunc is a method that implements the Preparer interface. -type PreparerFunc func(*http.Request) (*http.Request, error) - -// Prepare implements the Preparer interface on PreparerFunc. -func (pf PreparerFunc) Prepare(r *http.Request) (*http.Request, error) { - return pf(r) -} - -// PrepareDecorator takes and possibly decorates, by wrapping, a Preparer. Decorators may affect the -// http.Request and pass it along or, first, pass the http.Request along then affect the result. -type PrepareDecorator func(Preparer) Preparer - -// CreatePreparer creates, decorates, and returns a Preparer. -// Without decorators, the returned Preparer returns the passed http.Request unmodified. -// Preparers are safe to share and re-use. -func CreatePreparer(decorators ...PrepareDecorator) Preparer { - return DecoratePreparer( - Preparer(PreparerFunc(func(r *http.Request) (*http.Request, error) { return r, nil })), - decorators...) -} - -// DecoratePreparer accepts a Preparer and a, possibly empty, set of PrepareDecorators, which it -// applies to the Preparer. Decorators are applied in the order received, but their affect upon the -// request depends on whether they are a pre-decorator (change the http.Request and then pass it -// along) or a post-decorator (pass the http.Request along and alter it on return). -func DecoratePreparer(p Preparer, decorators ...PrepareDecorator) Preparer { - for _, decorate := range decorators { - p = decorate(p) - } - return p -} - -// Prepare accepts an http.Request and a, possibly empty, set of PrepareDecorators. -// It creates a Preparer from the decorators which it then applies to the passed http.Request. -func Prepare(r *http.Request, decorators ...PrepareDecorator) (*http.Request, error) { - if r == nil { - return nil, NewError("autorest", "Prepare", "Invoked without an http.Request") - } - return CreatePreparer(decorators...).Prepare(r) -} - -// WithNothing returns a "do nothing" PrepareDecorator that makes no changes to the passed -// http.Request. -func WithNothing() PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - return p.Prepare(r) - }) - } -} - -// WithHeader returns a PrepareDecorator that sets the specified HTTP header of the http.Request to -// the passed value. It canonicalizes the passed header name (via http.CanonicalHeaderKey) before -// adding the header. -func WithHeader(header string, value string) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - setHeader(r, http.CanonicalHeaderKey(header), value) - } - return r, err - }) - } -} - -// WithHeaders returns a PrepareDecorator that sets the specified HTTP headers of the http.Request to -// the passed value. It canonicalizes the passed headers name (via http.CanonicalHeaderKey) before -// adding them. -func WithHeaders(headers map[string]interface{}) PrepareDecorator { - h := ensureValueStrings(headers) - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - if r.Header == nil { - r.Header = make(http.Header) - } - - for name, value := range h { - r.Header.Set(http.CanonicalHeaderKey(name), value) - } - } - return r, err - }) - } -} - -// WithBearerAuthorization returns a PrepareDecorator that adds an HTTP Authorization header whose -// value is "Bearer " followed by the supplied token. -func WithBearerAuthorization(token string) PrepareDecorator { - return WithHeader(headerAuthorization, fmt.Sprintf("Bearer %s", token)) -} - -// AsContentType returns a PrepareDecorator that adds an HTTP Content-Type header whose value -// is the passed contentType. -func AsContentType(contentType string) PrepareDecorator { - return WithHeader(headerContentType, contentType) -} - -// WithUserAgent returns a PrepareDecorator that adds an HTTP User-Agent header whose value is the -// passed string. -func WithUserAgent(ua string) PrepareDecorator { - return WithHeader(headerUserAgent, ua) -} - -// AsFormURLEncoded returns a PrepareDecorator that adds an HTTP Content-Type header whose value is -// "application/x-www-form-urlencoded". -func AsFormURLEncoded() PrepareDecorator { - return AsContentType(mimeTypeFormPost) -} - -// AsJSON returns a PrepareDecorator that adds an HTTP Content-Type header whose value is -// "application/json". -func AsJSON() PrepareDecorator { - return AsContentType(mimeTypeJSON) -} - -// AsOctetStream returns a PrepareDecorator that adds the "application/octet-stream" Content-Type header. -func AsOctetStream() PrepareDecorator { - return AsContentType(mimeTypeOctetStream) -} - -// WithMethod returns a PrepareDecorator that sets the HTTP method of the passed request. The -// decorator does not validate that the passed method string is a known HTTP method. -func WithMethod(method string) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r.Method = method - return p.Prepare(r) - }) - } -} - -// AsDelete returns a PrepareDecorator that sets the HTTP method to DELETE. -func AsDelete() PrepareDecorator { return WithMethod("DELETE") } - -// AsGet returns a PrepareDecorator that sets the HTTP method to GET. -func AsGet() PrepareDecorator { return WithMethod("GET") } - -// AsHead returns a PrepareDecorator that sets the HTTP method to HEAD. -func AsHead() PrepareDecorator { return WithMethod("HEAD") } - -// AsMerge returns a PrepareDecorator that sets the HTTP method to MERGE. -func AsMerge() PrepareDecorator { return WithMethod("MERGE") } - -// AsOptions returns a PrepareDecorator that sets the HTTP method to OPTIONS. -func AsOptions() PrepareDecorator { return WithMethod("OPTIONS") } - -// AsPatch returns a PrepareDecorator that sets the HTTP method to PATCH. -func AsPatch() PrepareDecorator { return WithMethod("PATCH") } - -// AsPost returns a PrepareDecorator that sets the HTTP method to POST. -func AsPost() PrepareDecorator { return WithMethod("POST") } - -// AsPut returns a PrepareDecorator that sets the HTTP method to PUT. -func AsPut() PrepareDecorator { return WithMethod("PUT") } - -// WithBaseURL returns a PrepareDecorator that populates the http.Request with a url.URL constructed -// from the supplied baseUrl. Query parameters will be encoded as required. -func WithBaseURL(baseURL string) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - var u *url.URL - if u, err = url.Parse(baseURL); err != nil { - return r, err - } - if u.Scheme == "" { - return r, fmt.Errorf("autorest: No scheme detected in URL %s", baseURL) - } - if u.RawQuery != "" { - // handle unencoded semicolons (ideally the server would send them already encoded) - u.RawQuery = strings.Replace(u.RawQuery, ";", "%3B", -1) - q, err := url.ParseQuery(u.RawQuery) - if err != nil { - return r, err - } - u.RawQuery = q.Encode() - } - r.URL = u - } - return r, err - }) - } -} - -// WithBytes returns a PrepareDecorator that takes a list of bytes -// which passes the bytes directly to the body -func WithBytes(input *[]byte) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - if input == nil { - return r, fmt.Errorf("Input Bytes was nil") - } - - r.ContentLength = int64(len(*input)) - r.Body = io.NopCloser(bytes.NewReader(*input)) - } - return r, err - }) - } -} - -// WithCustomBaseURL returns a PrepareDecorator that replaces brace-enclosed keys within the -// request base URL (i.e., http.Request.URL) with the corresponding values from the passed map. -func WithCustomBaseURL(baseURL string, urlParameters map[string]interface{}) PrepareDecorator { - parameters := ensureValueStrings(urlParameters) - for key, value := range parameters { - baseURL = strings.Replace(baseURL, "{"+key+"}", value, -1) - } - return WithBaseURL(baseURL) -} - -// WithFormData returns a PrepareDecoratore that "URL encodes" (e.g., bar=baz&foo=quux) into the -// http.Request body. -func WithFormData(v url.Values) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - s := v.Encode() - - setHeader(r, http.CanonicalHeaderKey(headerContentType), mimeTypeFormPost) - r.ContentLength = int64(len(s)) - r.Body = io.NopCloser(strings.NewReader(s)) - } - return r, err - }) - } -} - -// WithMultiPartFormData returns a PrepareDecoratore that "URL encodes" (e.g., bar=baz&foo=quux) form parameters -// into the http.Request body. -func WithMultiPartFormData(formDataParameters map[string]interface{}) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - var body bytes.Buffer - writer := multipart.NewWriter(&body) - for key, value := range formDataParameters { - if rc, ok := value.(io.ReadCloser); ok { - var fd io.Writer - if fd, err = writer.CreateFormFile(key, key); err != nil { - return r, err - } - if _, err = io.Copy(fd, rc); err != nil { - return r, err - } - } else { - if err = writer.WriteField(key, ensureValueString(value)); err != nil { - return r, err - } - } - } - if err = writer.Close(); err != nil { - return r, err - } - setHeader(r, http.CanonicalHeaderKey(headerContentType), writer.FormDataContentType()) - r.Body = io.NopCloser(bytes.NewReader(body.Bytes())) - r.ContentLength = int64(body.Len()) - return r, err - } - return r, err - }) - } -} - -// WithFile returns a PrepareDecorator that sends file in request body. -func WithFile(f io.ReadCloser) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - b, err := io.ReadAll(f) - if err != nil { - return r, err - } - r.Body = io.NopCloser(bytes.NewReader(b)) - r.ContentLength = int64(len(b)) - } - return r, err - }) - } -} - -// WithBool returns a PrepareDecorator that encodes the passed bool into the body of the request -// and sets the Content-Length header. -func WithBool(v bool) PrepareDecorator { - return WithString(fmt.Sprintf("%v", v)) -} - -// WithFloat32 returns a PrepareDecorator that encodes the passed float32 into the body of the -// request and sets the Content-Length header. -func WithFloat32(v float32) PrepareDecorator { - return WithString(fmt.Sprintf("%v", v)) -} - -// WithFloat64 returns a PrepareDecorator that encodes the passed float64 into the body of the -// request and sets the Content-Length header. -func WithFloat64(v float64) PrepareDecorator { - return WithString(fmt.Sprintf("%v", v)) -} - -// WithInt32 returns a PrepareDecorator that encodes the passed int32 into the body of the request -// and sets the Content-Length header. -func WithInt32(v int32) PrepareDecorator { - return WithString(fmt.Sprintf("%v", v)) -} - -// WithInt64 returns a PrepareDecorator that encodes the passed int64 into the body of the request -// and sets the Content-Length header. -func WithInt64(v int64) PrepareDecorator { - return WithString(fmt.Sprintf("%v", v)) -} - -// WithString returns a PrepareDecorator that encodes the passed string into the body of the request -// and sets the Content-Length header. -func WithString(v string) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - r.ContentLength = int64(len(v)) - r.Body = io.NopCloser(strings.NewReader(v)) - } - return r, err - }) - } -} - -// WithJSON returns a PrepareDecorator that encodes the data passed as JSON into the body of the -// request and sets the Content-Length header. -func WithJSON(v interface{}) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - b, err := json.Marshal(v) - if err == nil { - r.ContentLength = int64(len(b)) - r.Body = io.NopCloser(bytes.NewReader(b)) - } - } - return r, err - }) - } -} - -// WithXML returns a PrepareDecorator that encodes the data passed as XML into the body of the -// request and sets the Content-Length header. -func WithXML(v interface{}) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - b, err := xml.Marshal(v) - if err == nil { - // we have to tack on an XML header - withHeader := xml.Header + string(b) - bytesWithHeader := []byte(withHeader) - - r.ContentLength = int64(len(bytesWithHeader)) - setHeader(r, headerContentLength, fmt.Sprintf("%d", len(bytesWithHeader))) - r.Body = io.NopCloser(bytes.NewReader(bytesWithHeader)) - } - } - return r, err - }) - } -} - -// WithPath returns a PrepareDecorator that adds the supplied path to the request URL. If the path -// is absolute (that is, it begins with a "/"), it replaces the existing path. -func WithPath(path string) PrepareDecorator { - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - if r.URL == nil { - return r, NewError("autorest", "WithPath", "Invoked with a nil URL") - } - if r.URL, err = parseURL(r.URL, path); err != nil { - return r, err - } - } - return r, err - }) - } -} - -// WithEscapedPathParameters returns a PrepareDecorator that replaces brace-enclosed keys within the -// request path (i.e., http.Request.URL.Path) with the corresponding values from the passed map. The -// values will be escaped (aka URL encoded) before insertion into the path. -func WithEscapedPathParameters(path string, pathParameters map[string]interface{}) PrepareDecorator { - parameters := escapeValueStrings(ensureValueStrings(pathParameters)) - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - if r.URL == nil { - return r, NewError("autorest", "WithEscapedPathParameters", "Invoked with a nil URL") - } - for key, value := range parameters { - path = strings.Replace(path, "{"+key+"}", value, -1) - } - if r.URL, err = parseURL(r.URL, path); err != nil { - return r, err - } - } - return r, err - }) - } -} - -// WithPathParameters returns a PrepareDecorator that replaces brace-enclosed keys within the -// request path (i.e., http.Request.URL.Path) with the corresponding values from the passed map. -func WithPathParameters(path string, pathParameters map[string]interface{}) PrepareDecorator { - parameters := ensureValueStrings(pathParameters) - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - if r.URL == nil { - return r, NewError("autorest", "WithPathParameters", "Invoked with a nil URL") - } - for key, value := range parameters { - path = strings.Replace(path, "{"+key+"}", value, -1) - } - - if r.URL, err = parseURL(r.URL, path); err != nil { - return r, err - } - } - return r, err - }) - } -} - -func parseURL(u *url.URL, path string) (*url.URL, error) { - p := strings.TrimRight(u.String(), "/") - if !strings.HasPrefix(path, "/") { - path = "/" + path - } - return url.Parse(p + path) -} - -// WithQueryParameters returns a PrepareDecorators that encodes and applies the query parameters -// given in the supplied map (i.e., key=value). -func WithQueryParameters(queryParameters map[string]interface{}) PrepareDecorator { - parameters := MapToValues(queryParameters) - return func(p Preparer) Preparer { - return PreparerFunc(func(r *http.Request) (*http.Request, error) { - r, err := p.Prepare(r) - if err == nil { - if r.URL == nil { - return r, NewError("autorest", "WithQueryParameters", "Invoked with a nil URL") - } - v := r.URL.Query() - for key, value := range parameters { - for i := range value { - d, err := url.QueryUnescape(value[i]) - if err != nil { - return r, err - } - value[i] = d - } - v[key] = value - } - r.URL.RawQuery = v.Encode() - } - return r, err - }) - } -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/responder.go b/vendor/github.com/Azure/go-autorest/autorest/responder.go deleted file mode 100644 index 69d4b2b6..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/responder.go +++ /dev/null @@ -1,268 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "encoding/json" - "encoding/xml" - "fmt" - "io" - "net/http" - "strings" -) - -// Responder is the interface that wraps the Respond method. -// -// Respond accepts and reacts to an http.Response. Implementations must ensure to not share or hold -// state since Responders may be shared and re-used. -type Responder interface { - Respond(*http.Response) error -} - -// ResponderFunc is a method that implements the Responder interface. -type ResponderFunc func(*http.Response) error - -// Respond implements the Responder interface on ResponderFunc. -func (rf ResponderFunc) Respond(r *http.Response) error { - return rf(r) -} - -// RespondDecorator takes and possibly decorates, by wrapping, a Responder. Decorators may react to -// the http.Response and pass it along or, first, pass the http.Response along then react. -type RespondDecorator func(Responder) Responder - -// CreateResponder creates, decorates, and returns a Responder. Without decorators, the returned -// Responder returns the passed http.Response unmodified. Responders may or may not be safe to share -// and re-used: It depends on the applied decorators. For example, a standard decorator that closes -// the response body is fine to share whereas a decorator that reads the body into a passed struct -// is not. -// -// To prevent memory leaks, ensure that at least one Responder closes the response body. -func CreateResponder(decorators ...RespondDecorator) Responder { - return DecorateResponder( - Responder(ResponderFunc(func(r *http.Response) error { return nil })), - decorators...) -} - -// DecorateResponder accepts a Responder and a, possibly empty, set of RespondDecorators, which it -// applies to the Responder. Decorators are applied in the order received, but their affect upon the -// request depends on whether they are a pre-decorator (react to the http.Response and then pass it -// along) or a post-decorator (pass the http.Response along and then react). -func DecorateResponder(r Responder, decorators ...RespondDecorator) Responder { - for _, decorate := range decorators { - r = decorate(r) - } - return r -} - -// Respond accepts an http.Response and a, possibly empty, set of RespondDecorators. -// It creates a Responder from the decorators it then applies to the passed http.Response. -func Respond(r *http.Response, decorators ...RespondDecorator) error { - if r == nil { - return nil - } - return CreateResponder(decorators...).Respond(r) -} - -// ByIgnoring returns a RespondDecorator that ignores the passed http.Response passing it unexamined -// to the next RespondDecorator. -func ByIgnoring() RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - return r.Respond(resp) - }) - } -} - -// ByCopying copies the contents of the http.Response Body into the passed bytes.Buffer as -// the Body is read. -func ByCopying(b *bytes.Buffer) RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if err == nil && resp != nil && resp.Body != nil { - resp.Body = TeeReadCloser(resp.Body, b) - } - return err - }) - } -} - -// ByDiscardingBody returns a RespondDecorator that first invokes the passed Responder after which -// it copies the remaining bytes (if any) in the response body to ioutil.Discard. Since the passed -// Responder is invoked prior to discarding the response body, the decorator may occur anywhere -// within the set. -func ByDiscardingBody() RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if err == nil && resp != nil && resp.Body != nil { - if _, err := io.Copy(io.Discard, resp.Body); err != nil { - return fmt.Errorf("Error discarding the response body: %v", err) - } - } - return err - }) - } -} - -// ByClosing returns a RespondDecorator that first invokes the passed Responder after which it -// closes the response body. Since the passed Responder is invoked prior to closing the response -// body, the decorator may occur anywhere within the set. -func ByClosing() RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if resp != nil && resp.Body != nil { - if err := resp.Body.Close(); err != nil { - return fmt.Errorf("Error closing the response body: %v", err) - } - } - return err - }) - } -} - -// ByClosingIfError returns a RespondDecorator that first invokes the passed Responder after which -// it closes the response if the passed Responder returns an error and the response body exists. -func ByClosingIfError() RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if err != nil && resp != nil && resp.Body != nil { - if err := resp.Body.Close(); err != nil { - return fmt.Errorf("Error closing the response body: %v", err) - } - } - return err - }) - } -} - -// ByUnmarshallingBytes returns a RespondDecorator that copies the Bytes returned in the -// response Body into the value pointed to by v. -func ByUnmarshallingBytes(v *[]byte) RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if err == nil { - bytes, errInner := io.ReadAll(resp.Body) - if errInner != nil { - err = fmt.Errorf("Error occurred reading http.Response#Body - Error = '%v'", errInner) - } else { - *v = bytes - } - } - return err - }) - } -} - -// ByUnmarshallingJSON returns a RespondDecorator that decodes a JSON document returned in the -// response Body into the value pointed to by v. -func ByUnmarshallingJSON(v interface{}) RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if err == nil { - b, errInner := io.ReadAll(resp.Body) - // Some responses might include a BOM, remove for successful unmarshalling - b = bytes.TrimPrefix(b, []byte("\xef\xbb\xbf")) - if errInner != nil { - err = fmt.Errorf("Error occurred reading http.Response#Body - Error = '%v'", errInner) - } else if len(strings.Trim(string(b), " ")) > 0 { - errInner = json.Unmarshal(b, v) - if errInner != nil { - err = fmt.Errorf("Error occurred unmarshalling JSON - Error = '%v' JSON = '%s'", errInner, string(b)) - } - } - } - return err - }) - } -} - -// ByUnmarshallingXML returns a RespondDecorator that decodes a XML document returned in the -// response Body into the value pointed to by v. -func ByUnmarshallingXML(v interface{}) RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if err == nil { - b, errInner := io.ReadAll(resp.Body) - if errInner != nil { - err = fmt.Errorf("Error occurred reading http.Response#Body - Error = '%v'", errInner) - } else { - errInner = xml.Unmarshal(b, v) - if errInner != nil { - err = fmt.Errorf("Error occurred unmarshalling Xml - Error = '%v' Xml = '%s'", errInner, string(b)) - } - } - } - return err - }) - } -} - -// WithErrorUnlessStatusCode returns a RespondDecorator that emits an error unless the response -// StatusCode is among the set passed. On error, response body is fully read into a buffer and -// presented in the returned error, as well as in the response body. -func WithErrorUnlessStatusCode(codes ...int) RespondDecorator { - return func(r Responder) Responder { - return ResponderFunc(func(resp *http.Response) error { - err := r.Respond(resp) - if err == nil && !ResponseHasStatusCode(resp, codes...) { - derr := NewErrorWithResponse("autorest", "WithErrorUnlessStatusCode", resp, "%v %v failed with %s", - resp.Request.Method, - resp.Request.URL, - resp.Status) - if resp.Body != nil { - defer resp.Body.Close() - b, _ := io.ReadAll(resp.Body) - derr.ServiceError = b - resp.Body = io.NopCloser(bytes.NewReader(b)) - } - err = derr - } - return err - }) - } -} - -// WithErrorUnlessOK returns a RespondDecorator that emits an error if the response StatusCode is -// anything other than HTTP 200. -func WithErrorUnlessOK() RespondDecorator { - return WithErrorUnlessStatusCode(http.StatusOK) -} - -// ExtractHeader extracts all values of the specified header from the http.Response. It returns an -// empty string slice if the passed http.Response is nil or the header does not exist. -func ExtractHeader(header string, resp *http.Response) []string { - if resp != nil && resp.Header != nil { - return resp.Header[http.CanonicalHeaderKey(header)] - } - return nil -} - -// ExtractHeaderValue extracts the first value of the specified header from the http.Response. It -// returns an empty string if the passed http.Response is nil or the header does not exist. -func ExtractHeaderValue(header string, resp *http.Response) string { - h := ExtractHeader(header, resp) - if len(h) > 0 { - return h[0] - } - return "" -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest.go b/vendor/github.com/Azure/go-autorest/autorest/retriablerequest.go deleted file mode 100644 index 7634b0f5..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest.go +++ /dev/null @@ -1,51 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "io" - "net/http" -) - -// NewRetriableRequest returns a wrapper around an HTTP request that support retry logic. -func NewRetriableRequest(req *http.Request) *RetriableRequest { - return &RetriableRequest{req: req} -} - -// Request returns the wrapped HTTP request. -func (rr *RetriableRequest) Request() *http.Request { - return rr.req -} - -func (rr *RetriableRequest) prepareFromByteReader() (err error) { - // fall back to making a copy (only do this once) - b := []byte{} - if rr.req.ContentLength > 0 { - b = make([]byte, rr.req.ContentLength) - _, err = io.ReadFull(rr.req.Body, b) - if err != nil { - return err - } - } else { - b, err = io.ReadAll(rr.req.Body) - if err != nil { - return err - } - } - rr.br = bytes.NewReader(b) - rr.req.Body = io.NopCloser(rr.br) - return err -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.7.go b/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.7.go deleted file mode 100644 index 8340bda4..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.7.go +++ /dev/null @@ -1,55 +0,0 @@ -//go:build !go1.8 -// +build !go1.8 - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package autorest - -import ( - "bytes" - "io" - "net/http" -) - -// RetriableRequest provides facilities for retrying an HTTP request. -type RetriableRequest struct { - req *http.Request - br *bytes.Reader -} - -// Prepare signals that the request is about to be sent. -func (rr *RetriableRequest) Prepare() (err error) { - // preserve the request body; this is to support retry logic as - // the underlying transport will always close the reqeust body - if rr.req.Body != nil && rr.req.Body != http.NoBody { - if rr.br != nil { - _, err = rr.br.Seek(0, 0 /*io.SeekStart*/) - rr.req.Body = io.NopCloser(rr.br) - } - if err != nil { - return err - } - if rr.br == nil { - // fall back to making a copy (only do this once) - err = rr.prepareFromByteReader() - } - } - return err -} - -func removeRequestBody(req *http.Request) { - req.Body = nil - req.ContentLength = 0 -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.8.go b/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.8.go deleted file mode 100644 index e36d4b04..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/retriablerequest_1.8.go +++ /dev/null @@ -1,66 +0,0 @@ -//go:build go1.8 -// +build go1.8 - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package autorest - -import ( - "bytes" - "io" - "net/http" -) - -// RetriableRequest provides facilities for retrying an HTTP request. -type RetriableRequest struct { - req *http.Request - rc io.ReadCloser - br *bytes.Reader -} - -// Prepare signals that the request is about to be sent. -func (rr *RetriableRequest) Prepare() (err error) { - // preserve the request body; this is to support retry logic as - // the underlying transport will always close the reqeust body - if rr.req.Body != nil && rr.req.Body != http.NoBody { - if rr.rc != nil { - rr.req.Body = rr.rc - } else if rr.br != nil { - _, err = rr.br.Seek(0, io.SeekStart) - rr.req.Body = io.NopCloser(rr.br) - } - if err != nil { - return err - } - if rr.req.GetBody != nil { - // this will allow us to preserve the body without having to - // make a copy. note we need to do this on each iteration - rr.rc, err = rr.req.GetBody() - if err != nil { - return err - } - } else if rr.br == nil { - // fall back to making a copy (only do this once) - err = rr.prepareFromByteReader() - } - } - return err -} - -func removeRequestBody(req *http.Request) { - req.Body = nil - req.GetBody = nil - req.ContentLength = 0 -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/sender.go b/vendor/github.com/Azure/go-autorest/autorest/sender.go deleted file mode 100644 index 118de814..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/sender.go +++ /dev/null @@ -1,458 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "context" - "crypto/tls" - "fmt" - "log" - "math" - "net" - "net/http" - "net/http/cookiejar" - "strconv" - "sync" - "time" - - "github.com/Azure/go-autorest/logger" - "github.com/Azure/go-autorest/tracing" -) - -// there is one sender per TLS renegotiation type, i.e. count of tls.RenegotiationSupport enums -const defaultSendersCount = 3 - -type defaultSender struct { - sender Sender - init *sync.Once -} - -// each type of sender will be created on demand in sender() -var defaultSenders [defaultSendersCount]defaultSender - -func init() { - for i := 0; i < defaultSendersCount; i++ { - defaultSenders[i].init = &sync.Once{} - } -} - -// used as a key type in context.WithValue() -type ctxSendDecorators struct{} - -// WithSendDecorators adds the specified SendDecorators to the provided context. -// If no SendDecorators are provided the context is unchanged. -func WithSendDecorators(ctx context.Context, sendDecorator []SendDecorator) context.Context { - if len(sendDecorator) == 0 { - return ctx - } - return context.WithValue(ctx, ctxSendDecorators{}, sendDecorator) -} - -// GetSendDecorators returns the SendDecorators in the provided context or the provided default SendDecorators. -func GetSendDecorators(ctx context.Context, defaultSendDecorators ...SendDecorator) []SendDecorator { - inCtx := ctx.Value(ctxSendDecorators{}) - if sd, ok := inCtx.([]SendDecorator); ok { - return sd - } - return defaultSendDecorators -} - -// Sender is the interface that wraps the Do method to send HTTP requests. -// -// The standard http.Client conforms to this interface. -type Sender interface { - Do(*http.Request) (*http.Response, error) -} - -// SenderFunc is a method that implements the Sender interface. -type SenderFunc func(*http.Request) (*http.Response, error) - -// Do implements the Sender interface on SenderFunc. -func (sf SenderFunc) Do(r *http.Request) (*http.Response, error) { - return sf(r) -} - -// SendDecorator takes and possibly decorates, by wrapping, a Sender. Decorators may affect the -// http.Request and pass it along or, first, pass the http.Request along then react to the -// http.Response result. -type SendDecorator func(Sender) Sender - -// CreateSender creates, decorates, and returns, as a Sender, the default http.Client. -func CreateSender(decorators ...SendDecorator) Sender { - return DecorateSender(sender(tls.RenegotiateNever), decorators...) -} - -// DecorateSender accepts a Sender and a, possibly empty, set of SendDecorators, which is applies to -// the Sender. Decorators are applied in the order received, but their affect upon the request -// depends on whether they are a pre-decorator (change the http.Request and then pass it along) or a -// post-decorator (pass the http.Request along and react to the results in http.Response). -func DecorateSender(s Sender, decorators ...SendDecorator) Sender { - for _, decorate := range decorators { - s = decorate(s) - } - return s -} - -// Send sends, by means of the default http.Client, the passed http.Request, returning the -// http.Response and possible error. It also accepts a, possibly empty, set of SendDecorators which -// it will apply the http.Client before invoking the Do method. -// -// Send is a convenience method and not recommended for production. Advanced users should use -// SendWithSender, passing and sharing their own Sender (e.g., instance of http.Client). -// -// Send will not poll or retry requests. -func Send(r *http.Request, decorators ...SendDecorator) (*http.Response, error) { - return SendWithSender(sender(tls.RenegotiateNever), r, decorators...) -} - -// SendWithSender sends the passed http.Request, through the provided Sender, returning the -// http.Response and possible error. It also accepts a, possibly empty, set of SendDecorators which -// it will apply the http.Client before invoking the Do method. -// -// SendWithSender will not poll or retry requests. -func SendWithSender(s Sender, r *http.Request, decorators ...SendDecorator) (*http.Response, error) { - return DecorateSender(s, decorators...).Do(r) -} - -func sender(renengotiation tls.RenegotiationSupport) Sender { - // note that we can't init defaultSenders in init() since it will - // execute before calling code has had a chance to enable tracing - defaultSenders[renengotiation].init.Do(func() { - // copied from http.DefaultTransport with a TLS minimum version. - transport := &http.Transport{ - Proxy: http.ProxyFromEnvironment, - DialContext: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - }).DialContext, - ForceAttemptHTTP2: true, - MaxIdleConns: 100, - IdleConnTimeout: 90 * time.Second, - TLSHandshakeTimeout: 10 * time.Second, - ExpectContinueTimeout: 1 * time.Second, - TLSClientConfig: &tls.Config{ - MinVersion: tls.VersionTLS12, - Renegotiation: renengotiation, - }, - } - var roundTripper http.RoundTripper = transport - if tracing.IsEnabled() { - roundTripper = tracing.NewTransport(transport) - } - j, _ := cookiejar.New(nil) - defaultSenders[renengotiation].sender = &http.Client{Jar: j, Transport: roundTripper} - }) - return defaultSenders[renengotiation].sender -} - -// AfterDelay returns a SendDecorator that delays for the passed time.Duration before -// invoking the Sender. The delay may be terminated by closing the optional channel on the -// http.Request. If canceled, no further Senders are invoked. -func AfterDelay(d time.Duration) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (*http.Response, error) { - if !DelayForBackoff(d, 0, r.Context().Done()) { - return nil, fmt.Errorf("autorest: AfterDelay canceled before full delay") - } - return s.Do(r) - }) - } -} - -// AsIs returns a SendDecorator that invokes the passed Sender without modifying the http.Request. -func AsIs() SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (*http.Response, error) { - return s.Do(r) - }) - } -} - -// DoCloseIfError returns a SendDecorator that first invokes the passed Sender after which -// it closes the response if the passed Sender returns an error and the response body exists. -func DoCloseIfError() SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (*http.Response, error) { - resp, err := s.Do(r) - if err != nil { - Respond(resp, ByDiscardingBody(), ByClosing()) - } - return resp, err - }) - } -} - -// DoErrorIfStatusCode returns a SendDecorator that emits an error if the response StatusCode is -// among the set passed. Since these are artificial errors, the response body may still require -// closing. -func DoErrorIfStatusCode(codes ...int) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (*http.Response, error) { - resp, err := s.Do(r) - if err == nil && ResponseHasStatusCode(resp, codes...) { - err = NewErrorWithResponse("autorest", "DoErrorIfStatusCode", resp, "%v %v failed with %s", - resp.Request.Method, - resp.Request.URL, - resp.Status) - } - return resp, err - }) - } -} - -// DoErrorUnlessStatusCode returns a SendDecorator that emits an error unless the response -// StatusCode is among the set passed. Since these are artificial errors, the response body -// may still require closing. -func DoErrorUnlessStatusCode(codes ...int) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (*http.Response, error) { - resp, err := s.Do(r) - if err == nil && !ResponseHasStatusCode(resp, codes...) { - err = NewErrorWithResponse("autorest", "DoErrorUnlessStatusCode", resp, "%v %v failed with %s", - resp.Request.Method, - resp.Request.URL, - resp.Status) - } - return resp, err - }) - } -} - -// DoPollForStatusCodes returns a SendDecorator that polls if the http.Response contains one of the -// passed status codes. It expects the http.Response to contain a Location header providing the -// URL at which to poll (using GET) and will poll until the time passed is equal to or greater than -// the supplied duration. It will delay between requests for the duration specified in the -// RetryAfter header or, if the header is absent, the passed delay. Polling may be canceled by -// closing the optional channel on the http.Request. -func DoPollForStatusCodes(duration time.Duration, delay time.Duration, codes ...int) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (resp *http.Response, err error) { - resp, err = s.Do(r) - - if err == nil && ResponseHasStatusCode(resp, codes...) { - r, err = NewPollingRequestWithContext(r.Context(), resp) - - for err == nil && ResponseHasStatusCode(resp, codes...) { - Respond(resp, - ByDiscardingBody(), - ByClosing()) - resp, err = SendWithSender(s, r, - AfterDelay(GetRetryAfter(resp, delay))) - } - } - - return resp, err - }) - } -} - -// DoRetryForAttempts returns a SendDecorator that retries a failed request for up to the specified -// number of attempts, exponentially backing off between requests using the supplied backoff -// time.Duration (which may be zero). Retrying may be canceled by closing the optional channel on -// the http.Request. -func DoRetryForAttempts(attempts int, backoff time.Duration) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (resp *http.Response, err error) { - rr := NewRetriableRequest(r) - for attempt := 0; attempt < attempts; attempt++ { - err = rr.Prepare() - if err != nil { - return resp, err - } - DrainResponseBody(resp) - resp, err = s.Do(rr.Request()) - if err == nil { - return resp, err - } - logger.Instance.Writef(logger.LogError, "DoRetryForAttempts: received error for attempt %d: %v\n", attempt+1, err) - if !DelayForBackoff(backoff, attempt, r.Context().Done()) { - return nil, r.Context().Err() - } - } - return resp, err - }) - } -} - -// Count429AsRetry indicates that a 429 response should be included as a retry attempt. -var Count429AsRetry = true - -// Max429Delay is the maximum duration to wait between retries on a 429 if no Retry-After header was received. -var Max429Delay time.Duration - -// DoRetryForStatusCodes returns a SendDecorator that retries for specified statusCodes for up to the specified -// number of attempts, exponentially backing off between requests using the supplied backoff -// time.Duration (which may be zero). Retrying may be canceled by cancelling the context on the http.Request. -// NOTE: Code http.StatusTooManyRequests (429) will *not* be counted against the number of attempts. -func DoRetryForStatusCodes(attempts int, backoff time.Duration, codes ...int) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (*http.Response, error) { - return doRetryForStatusCodesImpl(s, r, Count429AsRetry, attempts, backoff, 0, codes...) - }) - } -} - -// DoRetryForStatusCodesWithCap returns a SendDecorator that retries for specified statusCodes for up to the -// specified number of attempts, exponentially backing off between requests using the supplied backoff -// time.Duration (which may be zero). To cap the maximum possible delay between iterations specify a value greater -// than zero for cap. Retrying may be canceled by cancelling the context on the http.Request. -func DoRetryForStatusCodesWithCap(attempts int, backoff, cap time.Duration, codes ...int) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (*http.Response, error) { - return doRetryForStatusCodesImpl(s, r, Count429AsRetry, attempts, backoff, cap, codes...) - }) - } -} - -func doRetryForStatusCodesImpl(s Sender, r *http.Request, count429 bool, attempts int, backoff, cap time.Duration, codes ...int) (resp *http.Response, err error) { - rr := NewRetriableRequest(r) - // Increment to add the first call (attempts denotes number of retries) - for attempt, delayCount := 0, 0; attempt < attempts+1; { - err = rr.Prepare() - if err != nil { - return - } - DrainResponseBody(resp) - resp, err = s.Do(rr.Request()) - // we want to retry if err is not nil (e.g. transient network failure). note that for failed authentication - // resp and err will both have a value, so in this case we don't want to retry as it will never succeed. - if err == nil && !ResponseHasStatusCode(resp, codes...) || IsTokenRefreshError(err) { - return resp, err - } - if err != nil { - logger.Instance.Writef(logger.LogError, "DoRetryForStatusCodes: received error for attempt %d: %v\n", attempt+1, err) - } - delayed := DelayWithRetryAfter(resp, r.Context().Done()) - // if this was a 429 set the delay cap as specified. - // applicable only in the absence of a retry-after header. - if resp != nil && resp.StatusCode == http.StatusTooManyRequests { - cap = Max429Delay - } - if !delayed && !DelayForBackoffWithCap(backoff, cap, delayCount, r.Context().Done()) { - return resp, r.Context().Err() - } - // when count429 == false don't count a 429 against the number - // of attempts so that we continue to retry until it succeeds - if count429 || (resp == nil || resp.StatusCode != http.StatusTooManyRequests) { - attempt++ - } - // delay count is tracked separately from attempts to - // ensure that 429 participates in exponential back-off - delayCount++ - } - return resp, err -} - -// DelayWithRetryAfter invokes time.After for the duration specified in the "Retry-After" header. -// The value of Retry-After can be either the number of seconds or a date in RFC1123 format. -// The function returns true after successfully waiting for the specified duration. If there is -// no Retry-After header or the wait is cancelled the return value is false. -func DelayWithRetryAfter(resp *http.Response, cancel <-chan struct{}) bool { - if resp == nil { - return false - } - var dur time.Duration - ra := resp.Header.Get("Retry-After") - if retryAfter, _ := strconv.Atoi(ra); retryAfter > 0 { - dur = time.Duration(retryAfter) * time.Second - } else if t, err := time.Parse(time.RFC1123, ra); err == nil { - dur = t.Sub(time.Now()) - } - if dur > 0 { - select { - case <-time.After(dur): - return true - case <-cancel: - return false - } - } - return false -} - -// DoRetryForDuration returns a SendDecorator that retries the request until the total time is equal -// to or greater than the specified duration, exponentially backing off between requests using the -// supplied backoff time.Duration (which may be zero). Retrying may be canceled by closing the -// optional channel on the http.Request. -func DoRetryForDuration(d time.Duration, backoff time.Duration) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (resp *http.Response, err error) { - rr := NewRetriableRequest(r) - end := time.Now().Add(d) - for attempt := 0; time.Now().Before(end); attempt++ { - err = rr.Prepare() - if err != nil { - return resp, err - } - DrainResponseBody(resp) - resp, err = s.Do(rr.Request()) - if err == nil { - return resp, err - } - logger.Instance.Writef(logger.LogError, "DoRetryForDuration: received error for attempt %d: %v\n", attempt+1, err) - if !DelayForBackoff(backoff, attempt, r.Context().Done()) { - return nil, r.Context().Err() - } - } - return resp, err - }) - } -} - -// WithLogging returns a SendDecorator that implements simple before and after logging of the -// request. -func WithLogging(logger *log.Logger) SendDecorator { - return func(s Sender) Sender { - return SenderFunc(func(r *http.Request) (*http.Response, error) { - logger.Printf("Sending %s %s", r.Method, r.URL) - resp, err := s.Do(r) - if err != nil { - logger.Printf("%s %s received error '%v'", r.Method, r.URL, err) - } else { - logger.Printf("%s %s received %s", r.Method, r.URL, resp.Status) - } - return resp, err - }) - } -} - -// DelayForBackoff invokes time.After for the supplied backoff duration raised to the power of -// passed attempt (i.e., an exponential backoff delay). Backoff duration is in seconds and can set -// to zero for no delay. The delay may be canceled by closing the passed channel. If terminated early, -// returns false. -// Note: Passing attempt 1 will result in doubling "backoff" duration. Treat this as a zero-based attempt -// count. -func DelayForBackoff(backoff time.Duration, attempt int, cancel <-chan struct{}) bool { - return DelayForBackoffWithCap(backoff, 0, attempt, cancel) -} - -// DelayForBackoffWithCap invokes time.After for the supplied backoff duration raised to the power of -// passed attempt (i.e., an exponential backoff delay). Backoff duration is in seconds and can set -// to zero for no delay. To cap the maximum possible delay specify a value greater than zero for cap. -// The delay may be canceled by closing the passed channel. If terminated early, returns false. -// Note: Passing attempt 1 will result in doubling "backoff" duration. Treat this as a zero-based attempt -// count. -func DelayForBackoffWithCap(backoff, cap time.Duration, attempt int, cancel <-chan struct{}) bool { - d := time.Duration(backoff.Seconds()*math.Pow(2, float64(attempt))) * time.Second - if cap > 0 && d > cap { - d = cap - } - logger.Instance.Writef(logger.LogInfo, "DelayForBackoffWithCap: sleeping for %s\n", d) - select { - case <-time.After(d): - return true - case <-cancel: - return false - } -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/to/LICENSE b/vendor/github.com/Azure/go-autorest/autorest/to/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/to/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/autorest/to/convert.go b/vendor/github.com/Azure/go-autorest/autorest/to/convert.go deleted file mode 100644 index 86694bd2..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/to/convert.go +++ /dev/null @@ -1,152 +0,0 @@ -/* -Package to provides helpers to ease working with pointer values of marshalled structures. -*/ -package to - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// String returns a string value for the passed string pointer. It returns the empty string if the -// pointer is nil. -func String(s *string) string { - if s != nil { - return *s - } - return "" -} - -// StringPtr returns a pointer to the passed string. -func StringPtr(s string) *string { - return &s -} - -// StringSlice returns a string slice value for the passed string slice pointer. It returns a nil -// slice if the pointer is nil. -func StringSlice(s *[]string) []string { - if s != nil { - return *s - } - return nil -} - -// StringSlicePtr returns a pointer to the passed string slice. -func StringSlicePtr(s []string) *[]string { - return &s -} - -// StringMap returns a map of strings built from the map of string pointers. The empty string is -// used for nil pointers. -func StringMap(msp map[string]*string) map[string]string { - ms := make(map[string]string, len(msp)) - for k, sp := range msp { - if sp != nil { - ms[k] = *sp - } else { - ms[k] = "" - } - } - return ms -} - -// StringMapPtr returns a pointer to a map of string pointers built from the passed map of strings. -func StringMapPtr(ms map[string]string) *map[string]*string { - msp := make(map[string]*string, len(ms)) - for k, s := range ms { - msp[k] = StringPtr(s) - } - return &msp -} - -// Bool returns a bool value for the passed bool pointer. It returns false if the pointer is nil. -func Bool(b *bool) bool { - if b != nil { - return *b - } - return false -} - -// BoolPtr returns a pointer to the passed bool. -func BoolPtr(b bool) *bool { - return &b -} - -// Int returns an int value for the passed int pointer. It returns 0 if the pointer is nil. -func Int(i *int) int { - if i != nil { - return *i - } - return 0 -} - -// IntPtr returns a pointer to the passed int. -func IntPtr(i int) *int { - return &i -} - -// Int32 returns an int value for the passed int pointer. It returns 0 if the pointer is nil. -func Int32(i *int32) int32 { - if i != nil { - return *i - } - return 0 -} - -// Int32Ptr returns a pointer to the passed int32. -func Int32Ptr(i int32) *int32 { - return &i -} - -// Int64 returns an int value for the passed int pointer. It returns 0 if the pointer is nil. -func Int64(i *int64) int64 { - if i != nil { - return *i - } - return 0 -} - -// Int64Ptr returns a pointer to the passed int64. -func Int64Ptr(i int64) *int64 { - return &i -} - -// Float32 returns an int value for the passed int pointer. It returns 0.0 if the pointer is nil. -func Float32(i *float32) float32 { - if i != nil { - return *i - } - return 0.0 -} - -// Float32Ptr returns a pointer to the passed float32. -func Float32Ptr(i float32) *float32 { - return &i -} - -// Float64 returns an int value for the passed int pointer. It returns 0.0 if the pointer is nil. -func Float64(i *float64) float64 { - if i != nil { - return *i - } - return 0.0 -} - -// Float64Ptr returns a pointer to the passed float64. -func Float64Ptr(i float64) *float64 { - return &i -} - -// ByteSlicePtr returns a pointer to the passed byte slice. -func ByteSlicePtr(b []byte) *[]byte { - return &b -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/to/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/autorest/to/go_mod_tidy_hack.go deleted file mode 100644 index b7310f6b..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/to/go_mod_tidy_hack.go +++ /dev/null @@ -1,24 +0,0 @@ -// +build modhack - -package to - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// This file, and the github.com/Azure/go-autorest import, won't actually become part of -// the resultant binary. - -// Necessary for safely adding multi-module repo. -// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/autorest/utility.go b/vendor/github.com/Azure/go-autorest/autorest/utility.go deleted file mode 100644 index 8c5eb5db..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/utility.go +++ /dev/null @@ -1,231 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "encoding/json" - "encoding/xml" - "fmt" - "io" - "net" - "net/http" - "net/url" - "reflect" - "strings" -) - -// EncodedAs is a series of constants specifying various data encodings -type EncodedAs string - -const ( - // EncodedAsJSON states that data is encoded as JSON - EncodedAsJSON EncodedAs = "JSON" - - // EncodedAsXML states that data is encoded as Xml - EncodedAsXML EncodedAs = "XML" -) - -// Decoder defines the decoding method json.Decoder and xml.Decoder share -type Decoder interface { - Decode(v interface{}) error -} - -// NewDecoder creates a new decoder appropriate to the passed encoding. -// encodedAs specifies the type of encoding and r supplies the io.Reader containing the -// encoded data. -func NewDecoder(encodedAs EncodedAs, r io.Reader) Decoder { - if encodedAs == EncodedAsJSON { - return json.NewDecoder(r) - } else if encodedAs == EncodedAsXML { - return xml.NewDecoder(r) - } - return nil -} - -// CopyAndDecode decodes the data from the passed io.Reader while making a copy. Having a copy -// is especially useful if there is a chance the data will fail to decode. -// encodedAs specifies the expected encoding, r provides the io.Reader to the data, and v -// is the decoding destination. -func CopyAndDecode(encodedAs EncodedAs, r io.Reader, v interface{}) (b bytes.Buffer, err error) { - err = NewDecoder(encodedAs, io.TeeReader(r, &b)).Decode(v) - return -} - -// TeeReadCloser returns a ReadCloser that writes to w what it reads from rc. -// It utilizes io.TeeReader to copy the data read and has the same behavior when reading. -// Further, when it is closed, it ensures that rc is closed as well. -func TeeReadCloser(rc io.ReadCloser, w io.Writer) io.ReadCloser { - return &teeReadCloser{rc, io.TeeReader(rc, w)} -} - -type teeReadCloser struct { - rc io.ReadCloser - r io.Reader -} - -func (t *teeReadCloser) Read(p []byte) (int, error) { - return t.r.Read(p) -} - -func (t *teeReadCloser) Close() error { - return t.rc.Close() -} - -func containsInt(ints []int, n int) bool { - for _, i := range ints { - if i == n { - return true - } - } - return false -} - -func escapeValueStrings(m map[string]string) map[string]string { - for key, value := range m { - m[key] = url.QueryEscape(value) - } - return m -} - -func ensureValueStrings(mapOfInterface map[string]interface{}) map[string]string { - mapOfStrings := make(map[string]string) - for key, value := range mapOfInterface { - mapOfStrings[key] = ensureValueString(value) - } - return mapOfStrings -} - -func ensureValueString(value interface{}) string { - if value == nil { - return "" - } - switch v := value.(type) { - case string: - return v - case []byte: - return string(v) - default: - return fmt.Sprintf("%v", v) - } -} - -// MapToValues method converts map[string]interface{} to url.Values. -func MapToValues(m map[string]interface{}) url.Values { - v := url.Values{} - for key, value := range m { - x := reflect.ValueOf(value) - if x.Kind() == reflect.Array || x.Kind() == reflect.Slice { - for i := 0; i < x.Len(); i++ { - v.Add(key, ensureValueString(x.Index(i))) - } - } else { - v.Add(key, ensureValueString(value)) - } - } - return v -} - -// AsStringSlice method converts interface{} to []string. -// s must be of type slice or array or an error is returned. -// Each element of s will be converted to its string representation. -func AsStringSlice(s interface{}) ([]string, error) { - v := reflect.ValueOf(s) - if v.Kind() != reflect.Slice && v.Kind() != reflect.Array { - return nil, NewError("autorest", "AsStringSlice", "the value's type is not a slice or array.") - } - stringSlice := make([]string, 0, v.Len()) - - for i := 0; i < v.Len(); i++ { - stringSlice = append(stringSlice, fmt.Sprintf("%v", v.Index(i))) - } - return stringSlice, nil -} - -// String method converts interface v to string. If interface is a list, it -// joins list elements using the separator. Note that only sep[0] will be used for -// joining if any separator is specified. -func String(v interface{}, sep ...string) string { - if len(sep) == 0 { - return ensureValueString(v) - } - stringSlice, ok := v.([]string) - if ok == false { - var err error - stringSlice, err = AsStringSlice(v) - if err != nil { - panic(fmt.Sprintf("autorest: Couldn't convert value to a string %s.", err)) - } - } - return ensureValueString(strings.Join(stringSlice, sep[0])) -} - -// Encode method encodes url path and query parameters. -func Encode(location string, v interface{}, sep ...string) string { - s := String(v, sep...) - switch strings.ToLower(location) { - case "path": - return pathEscape(s) - case "query": - return queryEscape(s) - default: - return s - } -} - -func pathEscape(s string) string { - return strings.Replace(url.QueryEscape(s), "+", "%20", -1) -} - -func queryEscape(s string) string { - return url.QueryEscape(s) -} - -// ChangeToGet turns the specified http.Request into a GET (it assumes it wasn't). -// This is mainly useful for long-running operations that use the Azure-AsyncOperation -// header, so we change the initial PUT into a GET to retrieve the final result. -func ChangeToGet(req *http.Request) *http.Request { - req.Method = "GET" - req.Body = nil - req.ContentLength = 0 - req.Header.Del("Content-Length") - return req -} - -// IsTemporaryNetworkError returns true if the specified error is a temporary network error or false -// if it's not. If the error doesn't implement the net.Error interface the return value is true. -func IsTemporaryNetworkError(err error) bool { - if netErr, ok := err.(net.Error); !ok || (ok && netErr.Temporary()) { - return true - } - return false -} - -// DrainResponseBody reads the response body then closes it. -func DrainResponseBody(resp *http.Response) error { - if resp != nil && resp.Body != nil { - _, err := io.Copy(io.Discard, resp.Body) - resp.Body.Close() - return err - } - return nil -} - -func setHeader(r *http.Request, key, value string) { - if r.Header == nil { - r.Header = make(http.Header) - } - r.Header.Set(key, value) -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/utility_1.13.go b/vendor/github.com/Azure/go-autorest/autorest/utility_1.13.go deleted file mode 100644 index 3133fcc0..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/utility_1.13.go +++ /dev/null @@ -1,30 +0,0 @@ -//go:build go1.13 -// +build go1.13 - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package autorest - -import ( - "errors" - - "github.com/Azure/go-autorest/autorest/adal" -) - -// IsTokenRefreshError returns true if the specified error implements the TokenRefreshError interface. -func IsTokenRefreshError(err error) bool { - var tre adal.TokenRefreshError - return errors.As(err, &tre) -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/utility_legacy.go b/vendor/github.com/Azure/go-autorest/autorest/utility_legacy.go deleted file mode 100644 index 851e152d..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/utility_legacy.go +++ /dev/null @@ -1,32 +0,0 @@ -//go:build !go1.13 -// +build !go1.13 - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package autorest - -import "github.com/Azure/go-autorest/autorest/adal" - -// IsTokenRefreshError returns true if the specified error implements the TokenRefreshError -// interface. If err is a DetailedError it will walk the chain of Original errors. -func IsTokenRefreshError(err error) bool { - if _, ok := err.(adal.TokenRefreshError); ok { - return true - } - if de, ok := err.(DetailedError); ok { - return IsTokenRefreshError(de.Original) - } - return false -} diff --git a/vendor/github.com/Azure/go-autorest/autorest/version.go b/vendor/github.com/Azure/go-autorest/autorest/version.go deleted file mode 100644 index 713e2358..00000000 --- a/vendor/github.com/Azure/go-autorest/autorest/version.go +++ /dev/null @@ -1,41 +0,0 @@ -package autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "fmt" - "runtime" -) - -const number = "v14.2.1" - -var ( - userAgent = fmt.Sprintf("Go/%s (%s-%s) go-autorest/%s", - runtime.Version(), - runtime.GOARCH, - runtime.GOOS, - number, - ) -) - -// UserAgent returns a string containing the Go version, system architecture and OS, and the go-autorest version. -func UserAgent() string { - return userAgent -} - -// Version returns the semantic version (see http://semver.org). -func Version() string { - return number -} diff --git a/vendor/github.com/Azure/go-autorest/azure-pipelines.yml b/vendor/github.com/Azure/go-autorest/azure-pipelines.yml deleted file mode 100644 index 6fb8404f..00000000 --- a/vendor/github.com/Azure/go-autorest/azure-pipelines.yml +++ /dev/null @@ -1,105 +0,0 @@ -variables: - GOPATH: '$(system.defaultWorkingDirectory)/work' - sdkPath: '$(GOPATH)/src/github.com/$(build.repository.name)' - -jobs: - - job: 'goautorest' - displayName: 'Run go-autorest CI Checks' - - strategy: - matrix: - Linux_Go113: - vm.image: 'ubuntu-18.04' - go.version: '1.13' - Linux_Go114: - vm.image: 'ubuntu-18.04' - go.version: '1.14' - - pool: - vmImage: '$(vm.image)' - - steps: - - task: GoTool@0 - inputs: - version: '$(go.version)' - displayName: "Select Go Version" - - - script: | - set -e - mkdir -p '$(GOPATH)/bin' - mkdir -p '$(sdkPath)' - shopt -s extglob - mv !(work) '$(sdkPath)' - echo '##vso[task.prependpath]$(GOPATH)/bin' - displayName: 'Create Go Workspace' - - - script: | - set -e - curl -sSL https://raw.githubusercontent.com/golang/dep/master/install.sh | sh - dep ensure -v - go install ./vendor/golang.org/x/lint/golint - go get github.com/jstemmer/go-junit-report - go get github.com/axw/gocov/gocov - go get github.com/AlekSi/gocov-xml - go get -u github.com/matm/gocov-html - workingDirectory: '$(sdkPath)' - displayName: 'Install Dependencies' - - - script: | - go vet ./autorest/... - go vet ./logger/... - go vet ./tracing/... - workingDirectory: '$(sdkPath)' - displayName: 'Vet' - - - script: | - go build -v ./autorest/... - go build -v ./logger/... - go build -v ./tracing/... - workingDirectory: '$(sdkPath)' - displayName: 'Build' - - - script: | - set -e - go test -race -v -coverprofile=coverage.txt -covermode atomic ./autorest/... ./logger/... ./tracing/... 2>&1 | go-junit-report > report.xml - gocov convert coverage.txt > coverage.json - gocov-xml < coverage.json > coverage.xml - gocov-html < coverage.json > coverage.html - workingDirectory: '$(sdkPath)' - displayName: 'Run Tests' - - - script: grep -L -r --include *.go --exclude-dir vendor -P "Copyright (\d{4}|\(c\)) Microsoft" ./ | tee >&2 - workingDirectory: '$(sdkPath)' - displayName: 'Copyright Header Check' - failOnStderr: true - condition: succeededOrFailed() - - - script: | - gofmt -s -l -w ./autorest/. >&2 - gofmt -s -l -w ./logger/. >&2 - gofmt -s -l -w ./tracing/. >&2 - workingDirectory: '$(sdkPath)' - displayName: 'Format Check' - failOnStderr: true - condition: succeededOrFailed() - - - script: | - golint ./autorest/... >&2 - golint ./logger/... >&2 - golint ./tracing/... >&2 - workingDirectory: '$(sdkPath)' - displayName: 'Linter Check' - failOnStderr: true - condition: succeededOrFailed() - - - task: PublishTestResults@2 - inputs: - testRunner: JUnit - testResultsFiles: $(sdkPath)/report.xml - failTaskOnFailedTests: true - - - task: PublishCodeCoverageResults@1 - inputs: - codeCoverageTool: Cobertura - summaryFileLocation: $(sdkPath)/coverage.xml - additionalCodeCoverageFiles: $(sdkPath)/coverage.html diff --git a/vendor/github.com/Azure/go-autorest/doc.go b/vendor/github.com/Azure/go-autorest/doc.go deleted file mode 100644 index 99ae6ca9..00000000 --- a/vendor/github.com/Azure/go-autorest/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -/* -Package go-autorest provides an HTTP request client for use with Autorest-generated API client packages. -*/ -package go_autorest - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/logger/LICENSE b/vendor/github.com/Azure/go-autorest/logger/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/logger/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/logger/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/logger/go_mod_tidy_hack.go deleted file mode 100644 index 0aa27680..00000000 --- a/vendor/github.com/Azure/go-autorest/logger/go_mod_tidy_hack.go +++ /dev/null @@ -1,24 +0,0 @@ -// +build modhack - -package logger - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// This file, and the github.com/Azure/go-autorest import, won't actually become part of -// the resultant binary. - -// Necessary for safely adding multi-module repo. -// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/logger/logger.go b/vendor/github.com/Azure/go-autorest/logger/logger.go deleted file mode 100644 index 2f5d8cc1..00000000 --- a/vendor/github.com/Azure/go-autorest/logger/logger.go +++ /dev/null @@ -1,337 +0,0 @@ -package logger - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "net/http" - "net/url" - "os" - "strings" - "sync" - "time" -) - -// LevelType tells a logger the minimum level to log. When code reports a log entry, -// the LogLevel indicates the level of the log entry. The logger only records entries -// whose level is at least the level it was told to log. See the Log* constants. -// For example, if a logger is configured with LogError, then LogError, LogPanic, -// and LogFatal entries will be logged; lower level entries are ignored. -type LevelType uint32 - -const ( - // LogNone tells a logger not to log any entries passed to it. - LogNone LevelType = iota - - // LogFatal tells a logger to log all LogFatal entries passed to it. - LogFatal - - // LogPanic tells a logger to log all LogPanic and LogFatal entries passed to it. - LogPanic - - // LogError tells a logger to log all LogError, LogPanic and LogFatal entries passed to it. - LogError - - // LogWarning tells a logger to log all LogWarning, LogError, LogPanic and LogFatal entries passed to it. - LogWarning - - // LogInfo tells a logger to log all LogInfo, LogWarning, LogError, LogPanic and LogFatal entries passed to it. - LogInfo - - // LogDebug tells a logger to log all LogDebug, LogInfo, LogWarning, LogError, LogPanic and LogFatal entries passed to it. - LogDebug - - // LogAuth is a special case of LogDebug, it tells a logger to also log the body of an authentication request and response. - // NOTE: this can disclose sensitive information, use with care. - LogAuth -) - -const ( - logNone = "NONE" - logFatal = "FATAL" - logPanic = "PANIC" - logError = "ERROR" - logWarning = "WARNING" - logInfo = "INFO" - logDebug = "DEBUG" - logAuth = "AUTH" - logUnknown = "UNKNOWN" -) - -// ParseLevel converts the specified string into the corresponding LevelType. -func ParseLevel(s string) (lt LevelType, err error) { - switch strings.ToUpper(s) { - case logFatal: - lt = LogFatal - case logPanic: - lt = LogPanic - case logError: - lt = LogError - case logWarning: - lt = LogWarning - case logInfo: - lt = LogInfo - case logDebug: - lt = LogDebug - case logAuth: - lt = LogAuth - default: - err = fmt.Errorf("bad log level '%s'", s) - } - return -} - -// String implements the stringer interface for LevelType. -func (lt LevelType) String() string { - switch lt { - case LogNone: - return logNone - case LogFatal: - return logFatal - case LogPanic: - return logPanic - case LogError: - return logError - case LogWarning: - return logWarning - case LogInfo: - return logInfo - case LogDebug: - return logDebug - case LogAuth: - return logAuth - default: - return logUnknown - } -} - -// Filter defines functions for filtering HTTP request/response content. -type Filter struct { - // URL returns a potentially modified string representation of a request URL. - URL func(u *url.URL) string - - // Header returns a potentially modified set of values for the specified key. - // To completely exclude the header key/values return false. - Header func(key string, val []string) (bool, []string) - - // Body returns a potentially modified request/response body. - Body func(b []byte) []byte -} - -func (f Filter) processURL(u *url.URL) string { - if f.URL == nil { - return u.String() - } - return f.URL(u) -} - -func (f Filter) processHeader(k string, val []string) (bool, []string) { - if f.Header == nil { - return true, val - } - return f.Header(k, val) -} - -func (f Filter) processBody(b []byte) []byte { - if f.Body == nil { - return b - } - return f.Body(b) -} - -// Writer defines methods for writing to a logging facility. -type Writer interface { - // Writeln writes the specified message with the standard log entry header and new-line character. - Writeln(level LevelType, message string) - - // Writef writes the specified format specifier with the standard log entry header and no new-line character. - Writef(level LevelType, format string, a ...interface{}) - - // WriteRequest writes the specified HTTP request to the logger if the log level is greater than - // or equal to LogInfo. The request body, if set, is logged at level LogDebug or higher. - // Custom filters can be specified to exclude URL, header, and/or body content from the log. - // By default no request content is excluded. - WriteRequest(req *http.Request, filter Filter) - - // WriteResponse writes the specified HTTP response to the logger if the log level is greater than - // or equal to LogInfo. The response body, if set, is logged at level LogDebug or higher. - // Custom filters can be specified to exclude URL, header, and/or body content from the log. - // By default no response content is excluded. - WriteResponse(resp *http.Response, filter Filter) -} - -// Instance is the default log writer initialized during package init. -// This can be replaced with a custom implementation as required. -var Instance Writer - -// default log level -var logLevel = LogNone - -// Level returns the value specified in AZURE_GO_AUTOREST_LOG_LEVEL. -// If no value was specified the default value is LogNone. -// Custom loggers can call this to retrieve the configured log level. -func Level() LevelType { - return logLevel -} - -func init() { - // separated for testing purposes - initDefaultLogger() -} - -func initDefaultLogger() { - // init with nilLogger so callers don't have to do a nil check on Default - Instance = nilLogger{} - llStr := strings.ToLower(os.Getenv("AZURE_GO_SDK_LOG_LEVEL")) - if llStr == "" { - return - } - var err error - logLevel, err = ParseLevel(llStr) - if err != nil { - fmt.Fprintf(os.Stderr, "go-autorest: failed to parse log level: %s\n", err.Error()) - return - } - if logLevel == LogNone { - return - } - // default to stderr - dest := os.Stderr - lfStr := os.Getenv("AZURE_GO_SDK_LOG_FILE") - if strings.EqualFold(lfStr, "stdout") { - dest = os.Stdout - } else if lfStr != "" { - lf, err := os.Create(lfStr) - if err == nil { - dest = lf - } else { - fmt.Fprintf(os.Stderr, "go-autorest: failed to create log file, using stderr: %s\n", err.Error()) - } - } - Instance = fileLogger{ - logLevel: logLevel, - mu: &sync.Mutex{}, - logFile: dest, - } -} - -// the nil logger does nothing -type nilLogger struct{} - -func (nilLogger) Writeln(LevelType, string) {} - -func (nilLogger) Writef(LevelType, string, ...interface{}) {} - -func (nilLogger) WriteRequest(*http.Request, Filter) {} - -func (nilLogger) WriteResponse(*http.Response, Filter) {} - -// A File is used instead of a Logger so the stream can be flushed after every write. -type fileLogger struct { - logLevel LevelType - mu *sync.Mutex // for synchronizing writes to logFile - logFile *os.File -} - -func (fl fileLogger) Writeln(level LevelType, message string) { - fl.Writef(level, "%s\n", message) -} - -func (fl fileLogger) Writef(level LevelType, format string, a ...interface{}) { - if fl.logLevel >= level { - fl.mu.Lock() - defer fl.mu.Unlock() - fmt.Fprintf(fl.logFile, "%s %s", entryHeader(level), fmt.Sprintf(format, a...)) - fl.logFile.Sync() - } -} - -func (fl fileLogger) WriteRequest(req *http.Request, filter Filter) { - if req == nil || fl.logLevel < LogInfo { - return - } - b := &bytes.Buffer{} - fmt.Fprintf(b, "%s REQUEST: %s %s\n", entryHeader(LogInfo), req.Method, filter.processURL(req.URL)) - // dump headers - for k, v := range req.Header { - if ok, mv := filter.processHeader(k, v); ok { - fmt.Fprintf(b, "%s: %s\n", k, strings.Join(mv, ",")) - } - } - if fl.shouldLogBody(req.Header, req.Body) { - // dump body - body, err := ioutil.ReadAll(req.Body) - if err == nil { - fmt.Fprintln(b, string(filter.processBody(body))) - if nc, ok := req.Body.(io.Seeker); ok { - // rewind to the beginning - nc.Seek(0, io.SeekStart) - } else { - // recreate the body - req.Body = ioutil.NopCloser(bytes.NewReader(body)) - } - } else { - fmt.Fprintf(b, "failed to read body: %v\n", err) - } - } - fl.mu.Lock() - defer fl.mu.Unlock() - fmt.Fprint(fl.logFile, b.String()) - fl.logFile.Sync() -} - -func (fl fileLogger) WriteResponse(resp *http.Response, filter Filter) { - if resp == nil || fl.logLevel < LogInfo { - return - } - b := &bytes.Buffer{} - fmt.Fprintf(b, "%s RESPONSE: %d %s\n", entryHeader(LogInfo), resp.StatusCode, filter.processURL(resp.Request.URL)) - // dump headers - for k, v := range resp.Header { - if ok, mv := filter.processHeader(k, v); ok { - fmt.Fprintf(b, "%s: %s\n", k, strings.Join(mv, ",")) - } - } - if fl.shouldLogBody(resp.Header, resp.Body) { - // dump body - defer resp.Body.Close() - body, err := ioutil.ReadAll(resp.Body) - if err == nil { - fmt.Fprintln(b, string(filter.processBody(body))) - resp.Body = ioutil.NopCloser(bytes.NewReader(body)) - } else { - fmt.Fprintf(b, "failed to read body: %v\n", err) - } - } - fl.mu.Lock() - defer fl.mu.Unlock() - fmt.Fprint(fl.logFile, b.String()) - fl.logFile.Sync() -} - -// returns true if the provided body should be included in the log -func (fl fileLogger) shouldLogBody(header http.Header, body io.ReadCloser) bool { - ct := header.Get("Content-Type") - return fl.logLevel >= LogDebug && body != nil && !strings.Contains(ct, "application/octet-stream") -} - -// creates standard header for log entries, it contains a timestamp and the log level -func entryHeader(level LevelType) string { - // this format provides a fixed number of digits so the size of the timestamp is constant - return fmt.Sprintf("(%s) %s:", time.Now().Format("2006-01-02T15:04:05.0000000Z07:00"), level.String()) -} diff --git a/vendor/github.com/Azure/go-autorest/tracing/LICENSE b/vendor/github.com/Azure/go-autorest/tracing/LICENSE deleted file mode 100644 index b9d6a27e..00000000 --- a/vendor/github.com/Azure/go-autorest/tracing/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2015 Microsoft Corporation - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/Azure/go-autorest/tracing/go_mod_tidy_hack.go b/vendor/github.com/Azure/go-autorest/tracing/go_mod_tidy_hack.go deleted file mode 100644 index e163975c..00000000 --- a/vendor/github.com/Azure/go-autorest/tracing/go_mod_tidy_hack.go +++ /dev/null @@ -1,24 +0,0 @@ -// +build modhack - -package tracing - -// Copyright 2017 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// This file, and the github.com/Azure/go-autorest import, won't actually become part of -// the resultant binary. - -// Necessary for safely adding multi-module repo. -// See: https://github.com/golang/go/wiki/Modules#is-it-possible-to-add-a-module-to-a-multi-module-repository -import _ "github.com/Azure/go-autorest" diff --git a/vendor/github.com/Azure/go-autorest/tracing/tracing.go b/vendor/github.com/Azure/go-autorest/tracing/tracing.go deleted file mode 100644 index 0e7a6e96..00000000 --- a/vendor/github.com/Azure/go-autorest/tracing/tracing.go +++ /dev/null @@ -1,67 +0,0 @@ -package tracing - -// Copyright 2018 Microsoft Corporation -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -import ( - "context" - "net/http" -) - -// Tracer represents an HTTP tracing facility. -type Tracer interface { - NewTransport(base *http.Transport) http.RoundTripper - StartSpan(ctx context.Context, name string) context.Context - EndSpan(ctx context.Context, httpStatusCode int, err error) -} - -var ( - tracer Tracer -) - -// Register will register the provided Tracer. Pass nil to unregister a Tracer. -func Register(t Tracer) { - tracer = t -} - -// IsEnabled returns true if a Tracer has been registered. -func IsEnabled() bool { - return tracer != nil -} - -// NewTransport creates a new instrumenting http.RoundTripper for the -// registered Tracer. If no Tracer has been registered it returns nil. -func NewTransport(base *http.Transport) http.RoundTripper { - if tracer != nil { - return tracer.NewTransport(base) - } - return nil -} - -// StartSpan starts a trace span with the specified name, associating it with the -// provided context. Has no effect if a Tracer has not been registered. -func StartSpan(ctx context.Context, name string) context.Context { - if tracer != nil { - return tracer.StartSpan(ctx, name) - } - return ctx -} - -// EndSpan ends a previously started span stored in the context. -// Has no effect if a Tracer has not been registered. -func EndSpan(ctx context.Context, httpStatusCode int, err error) { - if tracer != nil { - tracer.EndSpan(ctx, httpStatusCode, err) - } -} diff --git a/vendor/github.com/DataDog/appsec-internal-go/LICENSE b/vendor/github.com/DataDog/appsec-internal-go/LICENSE deleted file mode 100644 index 9301dd7a..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/LICENSE +++ /dev/null @@ -1,200 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-present Datadog, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/appsec-internal-go/appsec/config.go b/vendor/github.com/DataDog/appsec-internal-go/appsec/config.go deleted file mode 100644 index 3cfed5bc..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/appsec/config.go +++ /dev/null @@ -1,203 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2023-present Datadog, Inc. - -package appsec - -import ( - "os" - "regexp" - "strconv" - "time" - "unicode" - "unicode/utf8" - - "github.com/DataDog/appsec-internal-go/log" -) - -// Configuration environment variables -const ( - // EnvAPISecEnabled is the env var used to enable API Security - EnvAPISecEnabled = "DD_API_SECURITY_ENABLED" - // EnvAPISecSampleRate is the env var used to set the sampling rate of API Security schema extraction - EnvAPISecSampleRate = "DD_API_SECURITY_REQUEST_SAMPLE_RATE" - // EnvObfuscatorKey is the env var used to provide the WAF key obfuscation regexp - EnvObfuscatorKey = "DD_APPSEC_OBFUSCATION_PARAMETER_KEY_REGEXP" - // EnvObfuscatorValue is the env var used to provide the WAF value obfuscation regexp - EnvObfuscatorValue = "DD_APPSEC_OBFUSCATION_PARAMETER_VALUE_REGEXP" - // EnvWAFTimeout is the env var used to specify the timeout value for a WAF run - EnvWAFTimeout = "DD_APPSEC_WAF_TIMEOUT" - // EnvTraceRateLimit is the env var used to set the ASM trace limiting rate - EnvTraceRateLimit = "DD_APPSEC_TRACE_RATE_LIMIT" - // EnvRules is the env var used to provide a path to a local security rule file - EnvRules = "DD_APPSEC_RULES" - // EnvRASPEnabled is the env var used to enable/disable RASP functionalities for ASM - EnvRASPEnabled = "DD_APPSEC_RASP_ENABLED" -) - -// Configuration constants and default values -const ( - // DefaultAPISecSampleRate is the default rate at which API Security schemas are extracted from requests - DefaultAPISecSampleRate = .1 - // DefaultObfuscatorKeyRegex is the default regexp used to obfuscate keys - DefaultObfuscatorKeyRegex = `(?i)pass|pw(?:or)?d|secret|(?:api|private|public|access)[_-]?key|token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)|bearer|authorization|jsessionid|phpsessid|asp\.net[_-]sessionid|sid|jwt` - // DefaultObfuscatorValueRegex is the default regexp used to obfuscate values - DefaultObfuscatorValueRegex = `(?i)(?:p(?:ass)?w(?:or)?d|pass(?:[_-]?phrase)?|secret(?:[_-]?key)?|(?:(?:api|private|public|access)[_-]?)key(?:[_-]?id)?|(?:(?:auth|access|id|refresh)[_-]?)?token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?|jsessionid|phpsessid|asp\.net(?:[_-]|-)sessionid|sid|jwt)(?:\s*=[^;]|"\s*:\s*"[^"]+")|bearer\s+[a-z0-9\._\-]+|token:[a-z0-9]{13}|gh[opsu]_[0-9a-zA-Z]{36}|ey[I-L][\w=-]+\.ey[I-L][\w=-]+(?:\.[\w.+\/=-]+)?|[\-]{5}BEGIN[a-z\s]+PRIVATE\sKEY[\-]{5}[^\-]+[\-]{5}END[a-z\s]+PRIVATE\sKEY|ssh-rsa\s*[a-z0-9\/\.+]{100,}` - // DefaultWAFTimeout is the default time limit past which a WAF run will timeout - DefaultWAFTimeout = time.Millisecond - // DefaultTraceRate is the default limit (trace/sec) past which ASM traces are sampled out - DefaultTraceRate uint = 100 // up to 100 appsec traces/s -) - -// APISecConfig holds the configuration for API Security schemas reporting -// It is used to enabled/disable the feature as well as to configure the rate -// at which schemas get reported, -type APISecConfig struct { - Enabled bool - SampleRate float64 -} - -// ObfuscatorConfig wraps the key and value regexp to be passed to the WAF to perform obfuscation. -type ObfuscatorConfig struct { - KeyRegex string - ValueRegex string -} - -// NewAPISecConfig creates and returns a new API Security configuration by reading the env -func NewAPISecConfig() APISecConfig { - return APISecConfig{ - Enabled: boolEnv(EnvAPISecEnabled, true), - SampleRate: readAPISecuritySampleRate(), - } -} -func readAPISecuritySampleRate() float64 { - value := os.Getenv(EnvAPISecSampleRate) - rate, err := strconv.ParseFloat(value, 64) - if err != nil { - logEnvVarParsingError(EnvAPISecSampleRate, value, err, DefaultAPISecSampleRate) - return DefaultAPISecSampleRate - } - // Clamp the value so that 0.0 <= rate <= 1.0 - if rate < 0. { - rate = 0. - } else if rate > 1. { - rate = 1. - } - return rate -} - -// RASPEnabled returns true if RASP functionalities are enabled through the env, or if DD_APPSEC_RASP_ENABLED -// is not set -func RASPEnabled() bool { - return boolEnv(EnvRASPEnabled, true) -} - -// NewObfuscatorConfig creates and returns a new WAF obfuscator configuration by reading the env -func NewObfuscatorConfig() ObfuscatorConfig { - keyRE := readObfuscatorConfigRegexp(EnvObfuscatorKey, DefaultObfuscatorKeyRegex) - valueRE := readObfuscatorConfigRegexp(EnvObfuscatorValue, DefaultObfuscatorValueRegex) - return ObfuscatorConfig{KeyRegex: keyRE, ValueRegex: valueRE} -} - -func readObfuscatorConfigRegexp(name, defaultValue string) string { - val, present := os.LookupEnv(name) - if !present { - log.Debug("appsec: %s not defined, starting with the default obfuscator regular expression", name) - return defaultValue - } - if _, err := regexp.Compile(val); err != nil { - logUnexpectedEnvVarValue(name, val, "could not compile the configured obfuscator regular expression", defaultValue) - return defaultValue - } - log.Debug("appsec: starting with the configured obfuscator regular expression %s", name) - return val -} - -// WAFTimeoutFromEnv reads and parses the WAF timeout value set through the env -// If not set, it defaults to `DefaultWAFTimeout` -func WAFTimeoutFromEnv() (timeout time.Duration) { - timeout = DefaultWAFTimeout - value := os.Getenv(EnvWAFTimeout) - if value == "" { - return - } - - // Check if the value ends with a letter, which means the user has - // specified their own time duration unit(s) such as 1s200ms. - // Otherwise, default to microseconds. - if lastRune, _ := utf8.DecodeLastRuneInString(value); !unicode.IsLetter(lastRune) { - value += "us" // Add the default microsecond time-duration suffix - } - - parsed, err := time.ParseDuration(value) - if err != nil { - logEnvVarParsingError(EnvWAFTimeout, value, err, timeout) - return - } - if parsed <= 0 { - logUnexpectedEnvVarValue(EnvWAFTimeout, parsed, "expecting a strictly positive duration", timeout) - return - } - return parsed -} - -// RateLimitFromEnv reads and parses the trace rate limit set through the env -// If not set, it defaults to `DefaultTraceRate` -func RateLimitFromEnv() (rate uint) { - rate = DefaultTraceRate - value := os.Getenv(EnvTraceRateLimit) - if value == "" { - return rate - } - parsed, err := strconv.ParseUint(value, 10, 0) - if err != nil { - logEnvVarParsingError(EnvTraceRateLimit, value, err, rate) - return - } - if parsed == 0 { - logUnexpectedEnvVarValue(EnvTraceRateLimit, parsed, "expecting a value strictly greater than 0", rate) - return - } - return uint(parsed) -} - -// RulesFromEnv returns the security rules provided through the environment -// If the env var is not set, the default recommended rules are returned instead -func RulesFromEnv() ([]byte, error) { - filepath := os.Getenv(EnvRules) - if filepath == "" { - log.Debug("appsec: using the default built-in recommended security rules") - return DefaultRuleset() - } - buf, err := os.ReadFile(filepath) - if err != nil { - if os.IsNotExist(err) { - err = log.Errorf("appsec: could not find the rules file in path %s: %w.", filepath, err) - } - return nil, err - } - log.Debug("appsec: using the security rules from file %s", filepath) - return buf, nil -} - -func logEnvVarParsingError(name, value string, err error, defaultValue any) { - log.Debug("appsec: could not parse the env var %s=%s as a duration: %v. Using default value %v.", name, value, err, defaultValue) -} - -func logUnexpectedEnvVarValue(name string, value any, reason string, defaultValue any) { - log.Debug("appsec: unexpected configuration value of %s=%v: %s. Using default value %v.", name, value, reason, defaultValue) -} - -func boolEnv(key string, def bool) bool { - strVal, ok := os.LookupEnv(key) - if !ok { - return def - } - v, err := strconv.ParseBool(strVal) - if err != nil { - logEnvVarParsingError(key, strVal, err, def) - return def - } - return v -} diff --git a/vendor/github.com/DataDog/appsec-internal-go/appsec/embed.go b/vendor/github.com/DataDog/appsec-internal-go/appsec/embed.go deleted file mode 100644 index 2d6da7df..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/appsec/embed.go +++ /dev/null @@ -1,14 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package appsec - -import _ "embed" // Blank import comment for golint compliance - -// StaticRecommendedRules holds the recommended AppSec security rules (v1.13.2) -// Source: https://github.com/DataDog/appsec-event-rules/blob/1.13.2/build/recommended.json -// -//go:embed rules.json -var StaticRecommendedRules string diff --git a/vendor/github.com/DataDog/appsec-internal-go/appsec/rules.go b/vendor/github.com/DataDog/appsec-internal-go/appsec/rules.go deleted file mode 100644 index 29a46bf2..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/appsec/rules.go +++ /dev/null @@ -1,26 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2023-present Datadog, Inc. -package appsec - -import "encoding/json" - -// DefaultRuleset returns the marshaled default recommended security rules for AppSec -func DefaultRuleset() ([]byte, error) { - rules, err := DefaultRulesetMap() - if err != nil { - return nil, err - } - return json.Marshal(rules) -} - -// DefaultRulesetMap returns the unmarshaled default recommended security rules for AppSec -func DefaultRulesetMap() (map[string]any, error) { - var rules map[string]any - if err := json.Unmarshal([]byte(StaticRecommendedRules), &rules); err != nil { - return nil, err - } - - return rules, nil -} diff --git a/vendor/github.com/DataDog/appsec-internal-go/appsec/rules.json b/vendor/github.com/DataDog/appsec-internal-go/appsec/rules.json deleted file mode 100644 index d0e486c6..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/appsec/rules.json +++ /dev/null @@ -1,9779 +0,0 @@ -{ - "version": "2.2", - "metadata": { - "rules_version": "1.13.2" - }, - "rules": [ - { - "id": "blk-001-001", - "name": "Block IP Addresses", - "tags": { - "type": "block_ip", - "category": "security_response" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "http.client_ip" - } - ], - "data": "blocked_ips" - }, - "operator": "ip_match" - } - ], - "transformers": [], - "on_match": [ - "block" - ] - }, - { - "id": "blk-001-002", - "name": "Block User Addresses", - "tags": { - "type": "block_user", - "category": "security_response" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "usr.id" - } - ], - "data": "blocked_users" - }, - "operator": "exact_match" - } - ], - "transformers": [], - "on_match": [ - "block" - ] - }, - { - "id": "crs-913-110", - "name": "Acunetix", - "tags": { - "type": "commercial_scanner", - "crs_id": "913110", - "category": "attack_attempt", - "tool_name": "Acunetix", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies" - } - ], - "list": [ - "acunetix-product", - "(acunetix web vulnerability scanner", - "acunetix-scanning-agreement", - "acunetix-user-agreement", - "md5(acunetix_wvs_security_test)" - ] - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-913-120", - "name": "Known security scanner filename/argument", - "tags": { - "type": "security_scanner", - "crs_id": "913120", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "list": [ - "/.adsensepostnottherenonobook", - "/hello.html", - "/actsensepostnottherenonotive", - "/acunetix-wvs-test-for-some-inexistent-file", - "/antidisestablishmentarianism", - "/appscan_fingerprint/mac_address", - "/arachni-", - "/cybercop", - "/nessus_is_probing_you_", - "/nessustest", - "/netsparker-", - "/rfiinc.txt", - "/thereisnowaythat-you-canbethere", - "/w3af/remotefileinclude.html", - "appscan_fingerprint", - "w00tw00t.at.isc.sans.dfind", - "w00tw00t.at.blackhats.romanian.anti-sec" - ], - "options": { - "enforce_word_boundary": true - } - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-920-260", - "name": "Unicode Full/Half Width Abuse Attack Attempt", - "tags": { - "type": "http_protocol_violation", - "crs_id": "920260", - "category": "attack_attempt", - "cwe": "176", - "capec": "1000/255/153/267/71", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "\\%u[fF]{2}[0-9a-fA-F]{2}", - "options": { - "case_sensitive": true, - "min_length": 6 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-921-110", - "name": "HTTP Request Smuggling Attack", - "tags": { - "type": "http_protocol_violation", - "crs_id": "921110", - "category": "attack_attempt", - "cwe": "444", - "capec": "1000/210/272/220/33" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - } - ], - "regex": "(?:get|post|head|options|connect|put|delete|trace|track|patch|propfind|propatch|mkcol|copy|move|lock|unlock)\\s+[^\\s]+\\s+http/\\d", - "options": { - "case_sensitive": true, - "min_length": 12 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-921-160", - "name": "HTTP Header Injection Attack via payload (CR/LF and header-name detected)", - "tags": { - "type": "http_protocol_violation", - "crs_id": "921160", - "category": "attack_attempt", - "cwe": "113", - "capec": "1000/210/272/220/105" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.path_params" - } - ], - "regex": "[\\n\\r]+(?:refresh|(?:set-)?cookie|(?:x-)?(?:forwarded-(?:for|host|server)|via|remote-ip|remote-addr|originating-IP))\\s*:", - "options": { - "case_sensitive": true, - "min_length": 3 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-930-100", - "name": "Obfuscated Path Traversal Attack (/../)", - "tags": { - "type": "lfi", - "crs_id": "930100", - "category": "attack_attempt", - "cwe": "22", - "capec": "1000/255/153/126", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - }, - { - "address": "server.request.headers.no_cookies" - } - ], - "regex": "(?:%(?:c(?:0%(?:[2aq]f|5c|9v)|1%(?:[19p]c|8s|af))|2(?:5(?:c(?:0%25af|1%259c)|2f|5c)|%46|f)|(?:(?:f(?:8%8)?0%8|e)0%80%a|bg%q)f|%3(?:2(?:%(?:%6|4)6|F)|5%%63)|u(?:221[56]|002f|EFC8|F025)|1u|5c)|0x(?:2f|5c)|\\/|\\x5c)(?:%(?:(?:f(?:(?:c%80|8)%8)?0%8|e)0%80%ae|2(?:(?:5(?:c0%25a|2))?e|%45)|u(?:(?:002|ff0)e|2024)|%32(?:%(?:%6|4)5|E)|c0(?:%[256aef]e|\\.))|\\.(?:%0[01])?|0x2e){2,3}(?:%(?:c(?:0%(?:[2aq]f|5c|9v)|1%(?:[19p]c|8s|af))|2(?:5(?:c(?:0%25af|1%259c)|2f|5c)|%46|f)|(?:(?:f(?:8%8)?0%8|e)0%80%a|bg%q)f|%3(?:2(?:%(?:%6|4)6|F)|5%%63)|u(?:221[56]|002f|EFC8|F025)|1u|5c)|0x(?:2f|5c)|\\/|\\x5c)", - "options": { - "min_length": 4 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "normalizePath" - ] - }, - { - "id": "crs-930-110", - "name": "Simple Path Traversal Attack (/../)", - "tags": { - "type": "lfi", - "crs_id": "930110", - "category": "attack_attempt", - "cwe": "22", - "capec": "1000/255/153/126", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - }, - { - "address": "server.request.headers.no_cookies" - } - ], - "regex": "(?:(?:^|[\\x5c/])\\.{2,3}[\\x5c/]|[\\x5c/]\\.{2,3}(?:[\\x5c/]|$))", - "options": { - "case_sensitive": true, - "min_length": 3 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "crs-930-120", - "name": "OS File Access Attempt", - "tags": { - "type": "lfi", - "crs_id": "930120", - "category": "attack_attempt", - "cwe": "22", - "capec": "1000/255/153/126", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "list": [ - "/.htaccess", - "/.htdigest", - "/.htpasswd", - "/.addressbook", - "/.aptitude/config", - ".aws/config", - ".aws/credentials", - "/.bash_config", - "/.bash_history", - "/.bash_logout", - "/.bash_profile", - "/.bashrc", - ".cache/notify-osd.log", - ".config/odesk/odesk team.conf", - "/.cshrc", - "/.dockerignore", - ".drush/", - "/.eslintignore", - "/.fbcindex", - "/.forward", - "/.git", - ".git/", - "/.gitattributes", - "/.gitconfig", - ".gnupg/", - ".hplip/hplip.conf", - "/.ksh_history", - "/.lesshst", - ".lftp/", - "/.lhistory", - "/.lldb-history", - ".local/share/mc/", - "/.lynx_cookies", - "/.my.cnf", - "/.mysql_history", - "/.nano_history", - "/.node_repl_history", - "/.pearrc", - "/.pgpass", - "/.php_history", - "/.pinerc", - ".pki/", - "/.proclog", - "/.procmailrc", - "/.psql_history", - "/.python_history", - "/.rediscli_history", - "/.rhistory", - "/.rhosts", - "/.sh_history", - "/.sqlite_history", - ".ssh/authorized_keys", - ".ssh/config", - ".ssh/id_dsa", - ".ssh/id_dsa.pub", - ".ssh/id_rsa", - ".ssh/id_rsa.pub", - ".ssh/identity", - ".ssh/identity.pub", - ".ssh/id_ecdsa", - ".ssh/id_ecdsa.pub", - ".ssh/known_hosts", - ".subversion/auth", - ".subversion/config", - ".subversion/servers", - ".tconn/tconn.conf", - "/.tcshrc", - ".vidalia/vidalia.conf", - "/.viminfo", - "/.vimrc", - "/.www_acl", - "/.wwwacl", - "/.xauthority", - "/.zhistory", - "/.zshrc", - "/.zsh_history", - "/.nsconfig", - "data/elasticsearch", - "data/kafka", - "etc/ansible", - "etc/bind", - "etc/centos-release", - "etc/centos-release-upstream", - "etc/clam.d", - "etc/elasticsearch", - "etc/freshclam.conf", - "etc/gshadow", - "etc/gshadow-", - "etc/httpd", - "etc/kafka", - "etc/kibana", - "etc/logstash", - "etc/lvm", - "etc/mongod.conf", - "etc/my.cnf", - "etc/nuxeo.conf", - "etc/pki", - "etc/postfix", - "etc/scw-release", - "etc/subgid", - "etc/subgid-", - "etc/sudoers.d", - "etc/sysconfig", - "etc/system-release-cpe", - "opt/nuxeo", - "opt/tomcat", - "tmp/kafka-logs", - "usr/lib/rpm/rpm.log", - "var/data/elasticsearch", - "var/lib/elasticsearch", - "etc/.java", - "etc/acpi", - "etc/alsa", - "etc/alternatives", - "etc/apache2", - "etc/apm", - "etc/apparmor", - "etc/apparmor.d", - "etc/apport", - "etc/apt", - "etc/asciidoc", - "etc/avahi", - "etc/bash_completion.d", - "etc/binfmt.d", - "etc/bluetooth", - "etc/bonobo-activation", - "etc/brltty", - "etc/ca-certificates", - "etc/calendar", - "etc/chatscripts", - "etc/chromium-browser", - "etc/clamav", - "etc/cni", - "etc/console-setup", - "etc/coraza-waf", - "etc/cracklib", - "etc/cron.d", - "etc/cron.daily", - "etc/cron.hourly", - "etc/cron.monthly", - "etc/cron.weekly", - "etc/cups", - "etc/cups.save", - "etc/cupshelpers", - "etc/dbus-1", - "etc/dconf", - "etc/default", - "etc/depmod.d", - "etc/dhcp", - "etc/dictionaries-common", - "etc/dkms", - "etc/dnsmasq.d", - "etc/dockeretc/dpkg", - "etc/emacs", - "etc/environment.d", - "etc/fail2ban", - "etc/firebird", - "etc/firefox", - "etc/fonts", - "etc/fwupd", - "etc/gconf", - "etc/gdb", - "etc/gdm3", - "etc/geoclue", - "etc/ghostscript", - "etc/gimp", - "etc/glvnd", - "etc/gnome", - "etc/gnome-vfs-2.0", - "etc/gnucash", - "etc/gnustep", - "etc/groff", - "etc/grub.d", - "etc/gss", - "etc/gtk-2.0", - "etc/gtk-3.0", - "etc/hp", - "etc/ifplugd", - "etc/imagemagick-6", - "etc/init", - "etc/init.d", - "etc/initramfs-tools", - "etc/insserv.conf.d", - "etc/iproute2", - "etc/iptables", - "etc/java", - "etc/java-11-openjdk", - "etc/java-17-oracle", - "etc/java-8-openjdk", - "etc/kernel", - "etc/ld.so.conf.d", - "etc/ldap", - "etc/libblockdev", - "etc/libibverbs.d", - "etc/libnl-3", - "etc/libpaper.d", - "etc/libreoffice", - "etc/lighttpd", - "etc/logcheck", - "etc/logrotate.d", - "etc/lynx", - "etc/mail", - "etc/mc", - "etc/menu", - "etc/menu-methods", - "etc/modprobe.d", - "etc/modsecurity", - "etc/modules-load.d", - "etc/monit", - "etc/mono", - "etc/mplayer", - "etc/mpv", - "etc/muttrc.d", - "etc/mysql", - "etc/netplan", - "etc/network", - "etc/networkd-dispatcher", - "etc/networkmanager", - "etc/newt", - "etc/nghttpx", - "etc/nikto", - "etc/odbcdatasources", - "etc/openal", - "etc/openmpi", - "etc/opt", - "etc/osync", - "etc/packagekit", - "etc/pam.d", - "etc/pcmcia", - "etc/perl", - "etc/php", - "etc/pki", - "etc/pm", - "etc/polkit-1", - "etc/postfix", - "etc/ppp", - "etc/profile.d", - "etc/proftpd", - "etc/pulse", - "etc/python", - "etc/rc0.d", - "etc/rc1.d", - "etc/rc2.d", - "etc/rc3.d", - "etc/rc4.d", - "etc/rc5.d", - "etc/rc6.d", - "etc/rcs.d", - "etc/resolvconf", - "etc/rsyslog.d", - "etc/samba", - "etc/sane.d", - "etc/security", - "etc/selinux", - "etc/sensors.d", - "etc/sgml", - "etc/signon-ui", - "etc/skel", - "etc/snmp", - "etc/sound", - "etc/spamassassin", - "etc/speech-dispatcher", - "etc/ssh", - "etc/ssl", - "etc/sudoers.d", - "etc/sysctl.d", - "etc/sysstat", - "etc/systemd", - "etc/terminfo", - "etc/texmf", - "etc/thermald", - "etc/thnuclnt", - "etc/thunderbird", - "etc/timidity", - "etc/tmpfiles.d", - "etc/ubuntu-advantage", - "etc/udev", - "etc/udisks2", - "etc/ufw", - "etc/update-manager", - "etc/update-motd.d", - "etc/update-notifier", - "etc/upower", - "etc/urlview", - "etc/usb_modeswitch.d", - "etc/vim", - "etc/vmware", - "etc/vmware-installer", - "etc/vmware-vix", - "etc/vulkan", - "etc/w3m", - "etc/wireshark", - "etc/wpa_supplicant", - "etc/x11", - "etc/xdg", - "etc/xml", - "etc/redis.conf", - "etc/redis-sentinel.conf", - "etc/php.ini", - "bin/php.ini", - "etc/httpd/php.ini", - "usr/lib/php.ini", - "usr/lib/php/php.ini", - "usr/local/etc/php.ini", - "usr/local/lib/php.ini", - "usr/local/php/lib/php.ini", - "usr/local/php4/lib/php.ini", - "usr/local/php5/lib/php.ini", - "usr/local/apache/conf/php.ini", - "etc/php4.4/fcgi/php.ini", - "etc/php4/apache/php.ini", - "etc/php4/apache2/php.ini", - "etc/php5/apache/php.ini", - "etc/php5/apache2/php.ini", - "etc/php/php.ini", - "etc/php/php4/php.ini", - "etc/php/apache/php.ini", - "etc/php/apache2/php.ini", - "web/conf/php.ini", - "usr/local/zend/etc/php.ini", - "opt/xampp/etc/php.ini", - "var/local/www/conf/php.ini", - "etc/php/cgi/php.ini", - "etc/php4/cgi/php.ini", - "etc/php5/cgi/php.ini", - "home2/bin/stable/apache/php.ini", - "home/bin/stable/apache/php.ini", - "etc/httpd/conf.d/php.conf", - "php5/php.ini", - "php4/php.ini", - "php/php.ini", - "windows/php.ini", - "winnt/php.ini", - "apache/php/php.ini", - "xampp/apache/bin/php.ini", - "netserver/bin/stable/apache/php.ini", - "volumes/macintosh_hd1/usr/local/php/lib/php.ini", - "etc/mono/1.0/machine.config", - "etc/mono/2.0/machine.config", - "etc/mono/2.0/web.config", - "etc/mono/config", - "usr/local/cpanel/logs/stats_log", - "usr/local/cpanel/logs/access_log", - "usr/local/cpanel/logs/error_log", - "usr/local/cpanel/logs/license_log", - "usr/local/cpanel/logs/login_log", - "var/cpanel/cpanel.config", - "usr/local/psa/admin/logs/httpsd_access_log", - "usr/local/psa/admin/logs/panel.log", - "usr/local/psa/admin/conf/php.ini", - "etc/sw-cp-server/applications.d/plesk.conf", - "usr/local/psa/admin/conf/site_isolation_settings.ini", - "usr/local/sb/config", - "etc/sw-cp-server/applications.d/00-sso-cpserver.conf", - "etc/sso/sso_config.ini", - "etc/mysql/conf.d/old_passwords.cnf", - "var/mysql.log", - "var/mysql-bin.index", - "var/data/mysql-bin.index", - "program files/mysql/mysql server 5.0/data/{host}.err", - "program files/mysql/mysql server 5.0/data/mysql.log", - "program files/mysql/mysql server 5.0/data/mysql.err", - "program files/mysql/mysql server 5.0/data/mysql-bin.log", - "program files/mysql/mysql server 5.0/data/mysql-bin.index", - "program files/mysql/data/{host}.err", - "program files/mysql/data/mysql.log", - "program files/mysql/data/mysql.err", - "program files/mysql/data/mysql-bin.log", - "program files/mysql/data/mysql-bin.index", - "mysql/data/{host}.err", - "mysql/data/mysql.log", - "mysql/data/mysql.err", - "mysql/data/mysql-bin.log", - "mysql/data/mysql-bin.index", - "usr/local/mysql/data/mysql.log", - "usr/local/mysql/data/mysql.err", - "usr/local/mysql/data/mysql-bin.log", - "usr/local/mysql/data/mysql-slow.log", - "usr/local/mysql/data/mysqlderror.log", - "usr/local/mysql/data/{host}.err", - "usr/local/mysql/data/mysql-bin.index", - "var/lib/mysql/my.cnf", - "etc/mysql/my.cnf", - "etc/my.cnf", - "program files/mysql/mysql server 5.0/my.ini", - "program files/mysql/mysql server 5.0/my.cnf", - "program files/mysql/my.ini", - "program files/mysql/my.cnf", - "mysql/my.ini", - "mysql/my.cnf", - "mysql/bin/my.ini", - "var/postgresql/log/postgresql.log", - "usr/internet/pgsql/data/postmaster.log", - "usr/local/pgsql/data/postgresql.log", - "usr/local/pgsql/data/pg_log", - "postgresql/log/pgadmin.log", - "var/lib/pgsql/data/postgresql.conf", - "var/postgresql/db/postgresql.conf", - "var/nm2/postgresql.conf", - "usr/local/pgsql/data/postgresql.conf", - "usr/local/pgsql/data/pg_hba.conf", - "usr/internet/pgsql/data/pg_hba.conf", - "usr/local/pgsql/data/passwd", - "usr/local/pgsql/bin/pg_passwd", - "etc/postgresql/postgresql.conf", - "etc/postgresql/pg_hba.conf", - "home/postgres/data/postgresql.conf", - "home/postgres/data/pg_version", - "home/postgres/data/pg_ident.conf", - "home/postgres/data/pg_hba.conf", - "program files/postgresql/8.3/data/pg_hba.conf", - "program files/postgresql/8.3/data/pg_ident.conf", - "program files/postgresql/8.3/data/postgresql.conf", - "program files/postgresql/8.4/data/pg_hba.conf", - "program files/postgresql/8.4/data/pg_ident.conf", - "program files/postgresql/8.4/data/postgresql.conf", - "program files/postgresql/9.0/data/pg_hba.conf", - "program files/postgresql/9.0/data/pg_ident.conf", - "program files/postgresql/9.0/data/postgresql.conf", - "program files/postgresql/9.1/data/pg_hba.conf", - "program files/postgresql/9.1/data/pg_ident.conf", - "program files/postgresql/9.1/data/postgresql.conf", - "wamp/logs/access.log", - "wamp/logs/apache_error.log", - "wamp/logs/genquery.log", - "wamp/logs/mysql.log", - "wamp/logs/slowquery.log", - "wamp/bin/apache/apache2.2.22/logs/access.log", - "wamp/bin/apache/apache2.2.22/logs/error.log", - "wamp/bin/apache/apache2.2.21/logs/access.log", - "wamp/bin/apache/apache2.2.21/logs/error.log", - "wamp/bin/mysql/mysql5.5.24/data/mysql-bin.index", - "wamp/bin/mysql/mysql5.5.16/data/mysql-bin.index", - "wamp/bin/apache/apache2.2.21/conf/httpd.conf", - "wamp/bin/apache/apache2.2.22/conf/httpd.conf", - "wamp/bin/apache/apache2.2.21/wampserver.conf", - "wamp/bin/apache/apache2.2.22/wampserver.conf", - "wamp/bin/apache/apache2.2.22/conf/wampserver.conf", - "wamp/bin/mysql/mysql5.5.24/my.ini", - "wamp/bin/mysql/mysql5.5.24/wampserver.conf", - "wamp/bin/mysql/mysql5.5.16/my.ini", - "wamp/bin/mysql/mysql5.5.16/wampserver.conf", - "wamp/bin/php/php5.3.8/php.ini", - "wamp/bin/php/php5.4.3/php.ini", - "xampp/apache/logs/access.log", - "xampp/apache/logs/error.log", - "xampp/mysql/data/mysql-bin.index", - "xampp/mysql/data/mysql.err", - "xampp/mysql/data/{host}.err", - "xampp/sendmail/sendmail.log", - "xampp/apache/conf/httpd.conf", - "xampp/filezillaftp/filezilla server.xml", - "xampp/mercurymail/mercury.ini", - "xampp/php/php.ini", - "xampp/phpmyadmin/config.inc.php", - "xampp/sendmail/sendmail.ini", - "xampp/webalizer/webalizer.conf", - "opt/lampp/etc/httpd.conf", - "xampp/htdocs/aca.txt", - "xampp/htdocs/admin.php", - "xampp/htdocs/leer.txt", - "usr/local/apache/logs/audit_log", - "usr/local/apache2/logs/audit_log", - "logs/security_debug_log", - "logs/security_log", - "usr/local/apache/conf/modsec.conf", - "usr/local/apache2/conf/modsec.conf", - "winnt/system32/logfiles/msftpsvc", - "winnt/system32/logfiles/msftpsvc1", - "winnt/system32/logfiles/msftpsvc2", - "windows/system32/logfiles/msftpsvc", - "windows/system32/logfiles/msftpsvc1", - "windows/system32/logfiles/msftpsvc2", - "etc/logrotate.d/proftpd", - "www/logs/proftpd.system.log", - "etc/pam.d/proftpd", - "etc/proftp.conf", - "etc/protpd/proftpd.conf", - "etc/vhcs2/proftpd/proftpd.conf", - "etc/proftpd/modules.conf", - "etc/vsftpd.chroot_list", - "etc/logrotate.d/vsftpd.log", - "etc/vsftpd/vsftpd.conf", - "etc/vsftpd.conf", - "etc/chrootusers", - "var/adm/log/xferlog", - "etc/wu-ftpd/ftpaccess", - "etc/wu-ftpd/ftphosts", - "etc/wu-ftpd/ftpusers", - "logs/pure-ftpd.log", - "usr/sbin/pure-config.pl", - "usr/etc/pure-ftpd.conf", - "etc/pure-ftpd/pure-ftpd.conf", - "usr/local/etc/pure-ftpd.conf", - "usr/local/etc/pureftpd.pdb", - "usr/local/pureftpd/etc/pureftpd.pdb", - "usr/local/pureftpd/sbin/pure-config.pl", - "usr/local/pureftpd/etc/pure-ftpd.conf", - "etc/pure-ftpd.conf", - "etc/pure-ftpd/pure-ftpd.pdb", - "etc/pureftpd.pdb", - "etc/pureftpd.passwd", - "etc/pure-ftpd/pureftpd.pdb", - "usr/ports/ftp/pure-ftpd/pure-ftpd.conf", - "usr/ports/ftp/pure-ftpd/pureftpd.pdb", - "usr/ports/ftp/pure-ftpd/pureftpd.passwd", - "usr/ports/net/pure-ftpd/pure-ftpd.conf", - "usr/ports/net/pure-ftpd/pureftpd.pdb", - "usr/ports/net/pure-ftpd/pureftpd.passwd", - "usr/pkgsrc/net/pureftpd/pure-ftpd.conf", - "usr/pkgsrc/net/pureftpd/pureftpd.pdb", - "usr/pkgsrc/net/pureftpd/pureftpd.passwd", - "usr/ports/contrib/pure-ftpd/pure-ftpd.conf", - "usr/ports/contrib/pure-ftpd/pureftpd.pdb", - "usr/ports/contrib/pure-ftpd/pureftpd.passwd", - "usr/sbin/mudlogd", - "etc/muddleftpd/mudlog", - "etc/muddleftpd.com", - "etc/muddleftpd/mudlogd.conf", - "etc/muddleftpd/muddleftpd.conf", - "usr/sbin/mudpasswd", - "etc/muddleftpd/muddleftpd.passwd", - "etc/muddleftpd/passwd", - "etc/logrotate.d/ftp", - "etc/ftpchroot", - "etc/ftphosts", - "etc/ftpusers", - "winnt/system32/logfiles/smtpsvc", - "winnt/system32/logfiles/smtpsvc1", - "winnt/system32/logfiles/smtpsvc2", - "winnt/system32/logfiles/smtpsvc3", - "winnt/system32/logfiles/smtpsvc4", - "winnt/system32/logfiles/smtpsvc5", - "windows/system32/logfiles/smtpsvc", - "windows/system32/logfiles/smtpsvc1", - "windows/system32/logfiles/smtpsvc2", - "windows/system32/logfiles/smtpsvc3", - "windows/system32/logfiles/smtpsvc4", - "windows/system32/logfiles/smtpsvc5", - "etc/osxhttpd/osxhttpd.conf", - "system/library/webobjects/adaptors/apache2.2/apache.conf", - "etc/apache2/sites-available/default", - "etc/apache2/sites-available/default-ssl", - "etc/apache2/sites-enabled/000-default", - "etc/apache2/sites-enabled/default", - "etc/apache2/apache2.conf", - "etc/apache2/ports.conf", - "usr/local/etc/apache/httpd.conf", - "usr/pkg/etc/httpd/httpd.conf", - "usr/pkg/etc/httpd/httpd-default.conf", - "usr/pkg/etc/httpd/httpd-vhosts.conf", - "etc/httpd/mod_php.conf", - "etc/httpd/extra/httpd-ssl.conf", - "etc/rc.d/rc.httpd", - "usr/local/apache/conf/httpd.conf.default", - "usr/local/apache/conf/access.conf", - "usr/local/apache22/conf/httpd.conf", - "usr/local/apache22/httpd.conf", - "usr/local/etc/apache22/conf/httpd.conf", - "usr/local/apps/apache22/conf/httpd.conf", - "etc/apache22/conf/httpd.conf", - "etc/apache22/httpd.conf", - "opt/apache22/conf/httpd.conf", - "usr/local/etc/apache2/vhosts.conf", - "usr/local/apache/conf/vhosts.conf", - "usr/local/apache2/conf/vhosts.conf", - "usr/local/apache/conf/vhosts-custom.conf", - "usr/local/apache2/conf/vhosts-custom.conf", - "etc/apache/default-server.conf", - "etc/apache2/default-server.conf", - "usr/local/apache2/conf/extra/httpd-ssl.conf", - "usr/local/apache2/conf/ssl.conf", - "etc/httpd/conf.d", - "usr/local/etc/apache22/httpd.conf", - "usr/local/etc/apache2/httpd.conf", - "etc/apache2/httpd2.conf", - "etc/apache2/ssl-global.conf", - "etc/apache2/vhosts.d/00_default_vhost.conf", - "apache/conf/httpd.conf", - "etc/apache/httpd.conf", - "etc/httpd/conf", - "http/httpd.conf", - "usr/local/apache1.3/conf/httpd.conf", - "usr/local/etc/httpd/conf", - "var/apache/conf/httpd.conf", - "var/www/conf", - "www/apache/conf/httpd.conf", - "www/conf/httpd.conf", - "etc/init.d", - "etc/apache/access.conf", - "etc/rc.conf", - "www/logs/freebsddiary-error.log", - "www/logs/freebsddiary-access_log", - "library/webserver/documents/index.html", - "library/webserver/documents/index.htm", - "library/webserver/documents/default.html", - "library/webserver/documents/default.htm", - "library/webserver/documents/index.php", - "library/webserver/documents/default.php", - "usr/local/etc/webmin/miniserv.conf", - "etc/webmin/miniserv.conf", - "usr/local/etc/webmin/miniserv.users", - "etc/webmin/miniserv.users", - "winnt/system32/logfiles/w3svc/inetsvn1.log", - "winnt/system32/logfiles/w3svc1/inetsvn1.log", - "winnt/system32/logfiles/w3svc2/inetsvn1.log", - "winnt/system32/logfiles/w3svc3/inetsvn1.log", - "windows/system32/logfiles/w3svc/inetsvn1.log", - "windows/system32/logfiles/w3svc1/inetsvn1.log", - "windows/system32/logfiles/w3svc2/inetsvn1.log", - "windows/system32/logfiles/w3svc3/inetsvn1.log", - "apache/logs/error.log", - "apache/logs/access.log", - "apache2/logs/error.log", - "apache2/logs/access.log", - "logs/error.log", - "logs/access.log", - "etc/httpd/logs/access_log", - "etc/httpd/logs/access.log", - "etc/httpd/logs/error_log", - "etc/httpd/logs/error.log", - "usr/local/apache/logs/access_log", - "usr/local/apache/logs/access.log", - "usr/local/apache/logs/error_log", - "usr/local/apache/logs/error.log", - "usr/local/apache2/logs/access_log", - "usr/local/apache2/logs/access.log", - "usr/local/apache2/logs/error_log", - "usr/local/apache2/logs/error.log", - "var/www/logs/access_log", - "var/www/logs/access.log", - "var/www/logs/error_log", - "var/www/logs/error.log", - "opt/lampp/logs/access_log", - "opt/lampp/logs/error_log", - "opt/xampp/logs/access_log", - "opt/xampp/logs/error_log", - "opt/lampp/logs/access.log", - "opt/lampp/logs/error.log", - "opt/xampp/logs/access.log", - "opt/xampp/logs/error.log", - "program files/apache group/apache/logs/access.log", - "program files/apache group/apache/logs/error.log", - "program files/apache software foundation/apache2.2/logs/error.log", - "program files/apache software foundation/apache2.2/logs/access.log", - "opt/apache/apache.conf", - "opt/apache/conf/apache.conf", - "opt/apache2/apache.conf", - "opt/apache2/conf/apache.conf", - "opt/httpd/apache.conf", - "opt/httpd/conf/apache.conf", - "etc/httpd/apache.conf", - "etc/apache2/apache.conf", - "etc/httpd/conf/apache.conf", - "usr/local/apache/apache.conf", - "usr/local/apache/conf/apache.conf", - "usr/local/apache2/apache.conf", - "usr/local/apache2/conf/apache.conf", - "usr/local/php/apache.conf.php", - "usr/local/php4/apache.conf.php", - "usr/local/php5/apache.conf.php", - "usr/local/php/apache.conf", - "usr/local/php4/apache.conf", - "usr/local/php5/apache.conf", - "private/etc/httpd/apache.conf", - "opt/apache/apache2.conf", - "opt/apache/conf/apache2.conf", - "opt/apache2/apache2.conf", - "opt/apache2/conf/apache2.conf", - "opt/httpd/apache2.conf", - "opt/httpd/conf/apache2.conf", - "etc/httpd/apache2.conf", - "etc/httpd/conf/apache2.conf", - "usr/local/apache/apache2.conf", - "usr/local/apache/conf/apache2.conf", - "usr/local/apache2/apache2.conf", - "usr/local/apache2/conf/apache2.conf", - "usr/local/php/apache2.conf.php", - "usr/local/php4/apache2.conf.php", - "usr/local/php5/apache2.conf.php", - "usr/local/php/apache2.conf", - "usr/local/php4/apache2.conf", - "usr/local/php5/apache2.conf", - "private/etc/httpd/apache2.conf", - "usr/local/apache/conf/httpd.conf", - "usr/local/apache2/conf/httpd.conf", - "etc/httpd/conf/httpd.conf", - "etc/apache/apache.conf", - "etc/apache/conf/httpd.conf", - "etc/apache2/httpd.conf", - "usr/apache2/conf/httpd.conf", - "usr/apache/conf/httpd.conf", - "usr/local/etc/apache/conf/httpd.conf", - "usr/local/apache/httpd.conf", - "usr/local/apache2/httpd.conf", - "usr/local/httpd/conf/httpd.conf", - "usr/local/etc/apache2/conf/httpd.conf", - "usr/local/etc/httpd/conf/httpd.conf", - "usr/local/apps/apache2/conf/httpd.conf", - "usr/local/apps/apache/conf/httpd.conf", - "usr/local/php/httpd.conf.php", - "usr/local/php4/httpd.conf.php", - "usr/local/php5/httpd.conf.php", - "usr/local/php/httpd.conf", - "usr/local/php4/httpd.conf", - "usr/local/php5/httpd.conf", - "etc/apache2/conf/httpd.conf", - "etc/http/conf/httpd.conf", - "etc/httpd/httpd.conf", - "etc/http/httpd.conf", - "etc/httpd.conf", - "opt/apache/conf/httpd.conf", - "opt/apache2/conf/httpd.conf", - "var/www/conf/httpd.conf", - "private/etc/httpd/httpd.conf", - "private/etc/httpd/httpd.conf.default", - "etc/apache2/vhosts.d/default_vhost.include", - "etc/apache2/conf.d/charset", - "etc/apache2/conf.d/security", - "etc/apache2/envvars", - "etc/apache2/mods-available/autoindex.conf", - "etc/apache2/mods-available/deflate.conf", - "etc/apache2/mods-available/dir.conf", - "etc/apache2/mods-available/mem_cache.conf", - "etc/apache2/mods-available/mime.conf", - "etc/apache2/mods-available/proxy.conf", - "etc/apache2/mods-available/setenvif.conf", - "etc/apache2/mods-available/ssl.conf", - "etc/apache2/mods-enabled/alias.conf", - "etc/apache2/mods-enabled/deflate.conf", - "etc/apache2/mods-enabled/dir.conf", - "etc/apache2/mods-enabled/mime.conf", - "etc/apache2/mods-enabled/negotiation.conf", - "etc/apache2/mods-enabled/php5.conf", - "etc/apache2/mods-enabled/status.conf", - "program files/apache group/apache/conf/httpd.conf", - "program files/apache group/apache2/conf/httpd.conf", - "program files/xampp/apache/conf/apache.conf", - "program files/xampp/apache/conf/apache2.conf", - "program files/xampp/apache/conf/httpd.conf", - "program files/apache group/apache/apache.conf", - "program files/apache group/apache/conf/apache.conf", - "program files/apache group/apache2/conf/apache.conf", - "program files/apache group/apache/apache2.conf", - "program files/apache group/apache/conf/apache2.conf", - "program files/apache group/apache2/conf/apache2.conf", - "program files/apache software foundation/apache2.2/conf/httpd.conf", - "volumes/macintosh_hd1/opt/httpd/conf/httpd.conf", - "volumes/macintosh_hd1/opt/apache/conf/httpd.conf", - "volumes/macintosh_hd1/opt/apache2/conf/httpd.conf", - "volumes/macintosh_hd1/usr/local/php/httpd.conf.php", - "volumes/macintosh_hd1/usr/local/php4/httpd.conf.php", - "volumes/macintosh_hd1/usr/local/php5/httpd.conf.php", - "volumes/webbackup/opt/apache2/conf/httpd.conf", - "volumes/webbackup/private/etc/httpd/httpd.conf", - "volumes/webbackup/private/etc/httpd/httpd.conf.default", - "usr/local/etc/apache/vhosts.conf", - "usr/local/jakarta/tomcat/conf/jakarta.conf", - "usr/local/jakarta/tomcat/conf/server.xml", - "usr/local/jakarta/tomcat/conf/context.xml", - "usr/local/jakarta/tomcat/conf/workers.properties", - "usr/local/jakarta/tomcat/conf/logging.properties", - "usr/local/jakarta/dist/tomcat/conf/jakarta.conf", - "usr/local/jakarta/dist/tomcat/conf/server.xml", - "usr/local/jakarta/dist/tomcat/conf/context.xml", - "usr/local/jakarta/dist/tomcat/conf/workers.properties", - "usr/local/jakarta/dist/tomcat/conf/logging.properties", - "usr/share/tomcat6/conf/server.xml", - "usr/share/tomcat6/conf/context.xml", - "usr/share/tomcat6/conf/workers.properties", - "usr/share/tomcat6/conf/logging.properties", - "var/cpanel/tomcat.options", - "usr/local/jakarta/tomcat/logs/catalina.out", - "usr/local/jakarta/tomcat/logs/catalina.err", - "opt/tomcat/logs/catalina.out", - "opt/tomcat/logs/catalina.err", - "usr/share/logs/catalina.out", - "usr/share/logs/catalina.err", - "usr/share/tomcat/logs/catalina.out", - "usr/share/tomcat/logs/catalina.err", - "usr/share/tomcat6/logs/catalina.out", - "usr/share/tomcat6/logs/catalina.err", - "usr/local/apache/logs/mod_jk.log", - "usr/local/jakarta/tomcat/logs/mod_jk.log", - "usr/local/jakarta/dist/tomcat/logs/mod_jk.log", - "opt/[jboss]/server/default/conf/jboss-minimal.xml", - "opt/[jboss]/server/default/conf/jboss-service.xml", - "opt/[jboss]/server/default/conf/jndi.properties", - "opt/[jboss]/server/default/conf/log4j.xml", - "opt/[jboss]/server/default/conf/login-config.xml", - "opt/[jboss]/server/default/conf/standardjaws.xml", - "opt/[jboss]/server/default/conf/standardjboss.xml", - "opt/[jboss]/server/default/conf/server.log.properties", - "opt/[jboss]/server/default/deploy/jboss-logging.xml", - "usr/local/[jboss]/server/default/conf/jboss-minimal.xml", - "usr/local/[jboss]/server/default/conf/jboss-service.xml", - "usr/local/[jboss]/server/default/conf/jndi.properties", - "usr/local/[jboss]/server/default/conf/log4j.xml", - "usr/local/[jboss]/server/default/conf/login-config.xml", - "usr/local/[jboss]/server/default/conf/standardjaws.xml", - "usr/local/[jboss]/server/default/conf/standardjboss.xml", - "usr/local/[jboss]/server/default/conf/server.log.properties", - "usr/local/[jboss]/server/default/deploy/jboss-logging.xml", - "private/tmp/[jboss]/server/default/conf/jboss-minimal.xml", - "private/tmp/[jboss]/server/default/conf/jboss-service.xml", - "private/tmp/[jboss]/server/default/conf/jndi.properties", - "private/tmp/[jboss]/server/default/conf/log4j.xml", - "private/tmp/[jboss]/server/default/conf/login-config.xml", - "private/tmp/[jboss]/server/default/conf/standardjaws.xml", - "private/tmp/[jboss]/server/default/conf/standardjboss.xml", - "private/tmp/[jboss]/server/default/conf/server.log.properties", - "private/tmp/[jboss]/server/default/deploy/jboss-logging.xml", - "tmp/[jboss]/server/default/conf/jboss-minimal.xml", - "tmp/[jboss]/server/default/conf/jboss-service.xml", - "tmp/[jboss]/server/default/conf/jndi.properties", - "tmp/[jboss]/server/default/conf/log4j.xml", - "tmp/[jboss]/server/default/conf/login-config.xml", - "tmp/[jboss]/server/default/conf/standardjaws.xml", - "tmp/[jboss]/server/default/conf/standardjboss.xml", - "tmp/[jboss]/server/default/conf/server.log.properties", - "tmp/[jboss]/server/default/deploy/jboss-logging.xml", - "program files/[jboss]/server/default/conf/jboss-minimal.xml", - "program files/[jboss]/server/default/conf/jboss-service.xml", - "program files/[jboss]/server/default/conf/jndi.properties", - "program files/[jboss]/server/default/conf/log4j.xml", - "program files/[jboss]/server/default/conf/login-config.xml", - "program files/[jboss]/server/default/conf/standardjaws.xml", - "program files/[jboss]/server/default/conf/standardjboss.xml", - "program files/[jboss]/server/default/conf/server.log.properties", - "program files/[jboss]/server/default/deploy/jboss-logging.xml", - "[jboss]/server/default/conf/jboss-minimal.xml", - "[jboss]/server/default/conf/jboss-service.xml", - "[jboss]/server/default/conf/jndi.properties", - "[jboss]/server/default/conf/log4j.xml", - "[jboss]/server/default/conf/login-config.xml", - "[jboss]/server/default/conf/standardjaws.xml", - "[jboss]/server/default/conf/standardjboss.xml", - "[jboss]/server/default/conf/server.log.properties", - "[jboss]/server/default/deploy/jboss-logging.xml", - "opt/[jboss]/server/default/log/server.log", - "opt/[jboss]/server/default/log/boot.log", - "usr/local/[jboss]/server/default/log/server.log", - "usr/local/[jboss]/server/default/log/boot.log", - "private/tmp/[jboss]/server/default/log/server.log", - "private/tmp/[jboss]/server/default/log/boot.log", - "tmp/[jboss]/server/default/log/server.log", - "tmp/[jboss]/server/default/log/boot.log", - "program files/[jboss]/server/default/log/server.log", - "program files/[jboss]/server/default/log/boot.log", - "[jboss]/server/default/log/server.log", - "[jboss]/server/default/log/boot.log", - "var/lighttpd.log", - "var/logs/access.log", - "usr/local/apache2/logs/lighttpd.error.log", - "usr/local/apache2/logs/lighttpd.log", - "usr/local/apache/logs/lighttpd.error.log", - "usr/local/apache/logs/lighttpd.log", - "usr/local/lighttpd/log/lighttpd.error.log", - "usr/local/lighttpd/log/access.log", - "usr/home/user/var/log/lighttpd.error.log", - "usr/home/user/var/log/apache.log", - "home/user/lighttpd/lighttpd.conf", - "usr/home/user/lighttpd/lighttpd.conf", - "etc/lighttpd/lighthttpd.conf", - "usr/local/etc/lighttpd.conf", - "usr/local/lighttpd/conf/lighttpd.conf", - "usr/local/etc/lighttpd.conf.new", - "var/www/.lighttpdpassword", - "logs/access_log", - "logs/error_log", - "etc/nginx/nginx.conf", - "usr/local/etc/nginx/nginx.conf", - "usr/local/nginx/conf/nginx.conf", - "usr/local/zeus/web/global.cfg", - "usr/local/zeus/web/log/errors", - "opt/lsws/conf/httpd_conf.xml", - "usr/local/lsws/conf/httpd_conf.xml", - "opt/lsws/logs/error.log", - "opt/lsws/logs/access.log", - "usr/local/lsws/logs/error.log", - "usr/local/logs/access.log", - "usr/local/samba/lib/log.user", - "usr/local/logs/samba.log", - "etc/samba/netlogon", - "etc/smbpasswd", - "etc/smb.conf", - "etc/samba/dhcp.conf", - "etc/samba/smb.conf", - "etc/samba/samba.conf", - "etc/samba/smb.conf.user", - "etc/samba/smbpasswd", - "etc/samba/smbusers", - "etc/samba/private/smbpasswd", - "usr/local/etc/smb.conf", - "usr/local/samba/lib/smb.conf.user", - "etc/dhcp3/dhclient.conf", - "etc/dhcp3/dhcpd.conf", - "etc/dhcp/dhclient.conf", - "program files/vidalia bundle/polipo/polipo.conf", - "etc/tor/tor-tsocks.conf", - "etc/stunnel/stunnel.conf", - "etc/tsocks.conf", - "etc/tinyproxy/tinyproxy.conf", - "etc/miredo-server.conf", - "etc/miredo.conf", - "etc/miredo/miredo-server.conf", - "etc/miredo/miredo.conf", - "etc/wicd/dhclient.conf.template.default", - "etc/wicd/manager-settings.conf", - "etc/wicd/wired-settings.conf", - "etc/wicd/wireless-settings.conf", - "etc/ipfw.rules", - "etc/ipfw.conf", - "etc/firewall.rules", - "winnt/system32/logfiles/firewall/pfirewall.log", - "winnt/system32/logfiles/firewall/pfirewall.log.old", - "windows/system32/logfiles/firewall/pfirewall.log", - "windows/system32/logfiles/firewall/pfirewall.log.old", - "etc/clamav/clamd.conf", - "etc/clamav/freshclam.conf", - "etc/x11/xorg.conf", - "etc/x11/xorg.conf-vesa", - "etc/x11/xorg.conf-vmware", - "etc/x11/xorg.conf.beforevmwaretoolsinstall", - "etc/x11/xorg.conf.orig", - "etc/bluetooth/input.conf", - "etc/bluetooth/main.conf", - "etc/bluetooth/network.conf", - "etc/bluetooth/rfcomm.conf", - "etc/bash_completion.d/debconf", - "root/.bash_logout", - "root/.bash_history", - "root/.bash_config", - "root/.bashrc", - "etc/bash.bashrc", - "var/adm/syslog", - "var/adm/sulog", - "var/adm/utmp", - "var/adm/utmpx", - "var/adm/wtmp", - "var/adm/wtmpx", - "var/adm/lastlog/username", - "usr/spool/lp/log", - "var/adm/lp/lpd-errs", - "usr/lib/cron/log", - "var/adm/loginlog", - "var/adm/pacct", - "var/adm/dtmp", - "var/adm/acct/sum/loginlog", - "var/adm/x0msgs", - "var/adm/crash/vmcore", - "var/adm/crash/unix", - "etc/newsyslog.conf", - "var/adm/qacct", - "var/adm/ras/errlog", - "var/adm/ras/bootlog", - "var/adm/cron/log", - "etc/utmp", - "etc/security/lastlog", - "etc/security/failedlogin", - "usr/spool/mqueue/syslog", - "var/adm/messages", - "var/adm/aculogs", - "var/adm/aculog", - "var/adm/vold.log", - "var/adm/log/asppp.log", - "var/lp/logs/lpsched", - "var/lp/logs/lpnet", - "var/lp/logs/requests", - "var/cron/log", - "var/saf/_log", - "var/saf/port/log", - "tmp/access.log", - "etc/sensors.conf", - "etc/sensors3.conf", - "etc/host.conf", - "etc/pam.conf", - "etc/resolv.conf", - "etc/apt/apt.conf", - "etc/inetd.conf", - "etc/syslog.conf", - "etc/sysctl.conf", - "etc/sysctl.d/10-console-messages.conf", - "etc/sysctl.d/10-network-security.conf", - "etc/sysctl.d/10-process-security.conf", - "etc/sysctl.d/wine.sysctl.conf", - "etc/security/access.conf", - "etc/security/group.conf", - "etc/security/limits.conf", - "etc/security/namespace.conf", - "etc/security/pam_env.conf", - "etc/security/sepermit.conf", - "etc/security/time.conf", - "etc/ssh/sshd_config", - "etc/adduser.conf", - "etc/deluser.conf", - "etc/avahi/avahi-daemon.conf", - "etc/ca-certificates.conf", - "etc/ca-certificates.conf.dpkg-old", - "etc/casper.conf", - "etc/chkrootkit.conf", - "etc/debconf.conf", - "etc/dns2tcpd.conf", - "etc/e2fsck.conf", - "etc/esound/esd.conf", - "etc/etter.conf", - "etc/fuse.conf", - "etc/foremost.conf", - "etc/hdparm.conf", - "etc/kernel-img.conf", - "etc/kernel-pkg.conf", - "etc/ld.so.conf", - "etc/ltrace.conf", - "etc/mail/sendmail.conf", - "etc/manpath.config", - "etc/kbd/config", - "etc/ldap/ldap.conf", - "etc/logrotate.conf", - "etc/mtools.conf", - "etc/smi.conf", - "etc/updatedb.conf", - "etc/pulse/client.conf", - "usr/share/adduser/adduser.conf", - "etc/hostname", - "etc/networks", - "etc/timezone", - "etc/modules", - "etc/passwd", - "etc/shadow", - "etc/fstab", - "etc/motd", - "etc/hosts", - "etc/group", - "etc/alias", - "etc/crontab", - "etc/crypttab", - "etc/exports", - "etc/mtab", - "etc/hosts.allow", - "etc/hosts.deny", - "etc/os-release", - "etc/password.master", - "etc/profile", - "etc/default/grub", - "etc/resolvconf/update-libc.d/sendmail", - "etc/inittab", - "etc/issue", - "etc/issue.net", - "etc/login.defs", - "etc/sudoers", - "etc/sysconfig/network-scripts/ifcfg-eth0", - "etc/redhat-release", - "etc/scw-release", - "etc/system-release-cpe", - "etc/debian_version", - "etc/fedora-release", - "etc/mandrake-release", - "etc/slackware-release", - "etc/suse-release", - "etc/security/group", - "etc/security/passwd", - "etc/security/user", - "etc/security/environ", - "etc/security/limits", - "etc/security/opasswd", - "boot/grub/grub.cfg", - "boot/grub/menu.lst", - "root/.ksh_history", - "root/.xauthority", - "usr/lib/security/mkuser.default", - "var/lib/squirrelmail/prefs/squirrelmail.log", - "etc/squirrelmail/apache.conf", - "etc/squirrelmail/config_local.php", - "etc/squirrelmail/default_pref", - "etc/squirrelmail/index.php", - "etc/squirrelmail/config_default.php", - "etc/squirrelmail/config.php", - "etc/squirrelmail/filters_setup.php", - "etc/squirrelmail/sqspell_config.php", - "etc/squirrelmail/config/config.php", - "etc/httpd/conf.d/squirrelmail.conf", - "usr/share/squirrelmail/config/config.php", - "private/etc/squirrelmail/config/config.php", - "srv/www/htdos/squirrelmail/config/config.php", - "var/www/squirrelmail/config/config.php", - "var/www/html/squirrelmail/config/config.php", - "var/www/html/squirrelmail-1.2.9/config/config.php", - "usr/share/squirrelmail/plugins/squirrel_logger/setup.php", - "usr/local/squirrelmail/www/readme", - "windows/system32/drivers/etc/hosts", - "windows/system32/drivers/etc/lmhosts.sam", - "windows/system32/drivers/etc/networks", - "windows/system32/drivers/etc/protocol", - "windows/system32/drivers/etc/services", - "/boot.ini", - "windows/debug/netsetup.log", - "windows/comsetup.log", - "windows/repair/setup.log", - "windows/setupact.log", - "windows/setupapi.log", - "windows/setuperr.log", - "windows/updspapi.log", - "windows/wmsetup.log", - "windows/windowsupdate.log", - "windows/odbc.ini", - "usr/local/psa/admin/htdocs/domains/databases/phpmyadmin/libraries/config.default.php", - "etc/apache2/conf.d/phpmyadmin.conf", - "etc/phpmyadmin/config.inc.php", - "etc/openldap/ldap.conf", - "etc/cups/acroread.conf", - "etc/cups/cupsd.conf", - "etc/cups/cupsd.conf.default", - "etc/cups/pdftops.conf", - "etc/cups/printers.conf", - "windows/system32/macromed/flash/flashinstall.log", - "windows/system32/macromed/flash/install.log", - "etc/cvs-cron.conf", - "etc/cvs-pserver.conf", - "etc/subversion/config", - "etc/modprobe.d/vmware-tools.conf", - "etc/updatedb.conf.beforevmwaretoolsinstall", - "etc/vmware-tools/config", - "etc/vmware-tools/tpvmlp.conf", - "etc/vmware-tools/vmware-tools-libraries.conf", - "var/log", - "var/log/sw-cp-server/error_log", - "var/log/sso/sso.log", - "var/log/dpkg.log", - "var/log/btmp", - "var/log/utmp", - "var/log/wtmp", - "var/log/mysql/mysql-bin.log", - "var/log/mysql/mysql-bin.index", - "var/log/mysql/data/mysql-bin.index", - "var/log/mysql.log", - "var/log/mysql.err", - "var/log/mysqlderror.log", - "var/log/mysql/mysql.log", - "var/log/mysql/mysql-slow.log", - "var/log/mysql-bin.index", - "var/log/data/mysql-bin.index", - "var/log/postgresql/postgresql.log", - "var/log/postgres/pg_backup.log", - "var/log/postgres/postgres.log", - "var/log/postgresql.log", - "var/log/pgsql/pgsql.log", - "var/log/postgresql/postgresql-8.1-main.log", - "var/log/postgresql/postgresql-8.3-main.log", - "var/log/postgresql/postgresql-8.4-main.log", - "var/log/postgresql/postgresql-9.0-main.log", - "var/log/postgresql/postgresql-9.1-main.log", - "var/log/pgsql8.log", - "var/log/postgresql/postgres.log", - "var/log/pgsql_log", - "var/log/postgresql/main.log", - "var/log/cron", - "var/log/postgres.log", - "var/log/proftpd", - "var/log/proftpd/xferlog.legacy", - "var/log/proftpd.access_log", - "var/log/proftpd.xferlog", - "var/log/vsftpd.log", - "var/log/xferlog", - "var/log/pure-ftpd/pure-ftpd.log", - "var/log/pureftpd.log", - "var/log/muddleftpd", - "var/log/muddleftpd.conf", - "var/log/ftp-proxy/ftp-proxy.log", - "var/log/ftp-proxy", - "var/log/ftplog", - "var/log/exim_mainlog", - "var/log/exim/mainlog", - "var/log/maillog", - "var/log/exim_paniclog", - "var/log/exim/paniclog", - "var/log/exim/rejectlog", - "var/log/exim_rejectlog", - "var/log/webmin/miniserv.log", - "var/log/httpd/access_log", - "var/log/httpd/error_log", - "var/log/httpd/access.log", - "var/log/httpd/error.log", - "var/log/apache/access_log", - "var/log/apache/access.log", - "var/log/apache/error_log", - "var/log/apache/error.log", - "var/log/apache2/access_log", - "var/log/apache2/access.log", - "var/log/apache2/error_log", - "var/log/apache2/error.log", - "var/log/access_log", - "var/log/access.log", - "var/log/error_log", - "var/log/error.log", - "var/log/tomcat6/catalina.out", - "var/log/lighttpd.error.log", - "var/log/lighttpd.access.log", - "var/logs/access.log", - "var/log/lighttpd/", - "var/log/lighttpd/error.log", - "var/log/lighttpd/access.www.log", - "var/log/lighttpd/error.www.log", - "var/log/lighttpd/access.log", - "var/log/lighttpd/{domain}/access.log", - "var/log/lighttpd/{domain}/error.log", - "var/log/nginx/access_log", - "var/log/nginx/error_log", - "var/log/nginx/access.log", - "var/log/nginx/error.log", - "var/log/nginx.access_log", - "var/log/nginx.error_log", - "var/log/samba/log.smbd", - "var/log/samba/log.nmbd", - "var/log/samba.log", - "var/log/samba.log1", - "var/log/samba.log2", - "var/log/log.smb", - "var/log/ipfw.log", - "var/log/ipfw", - "var/log/ipfw/ipfw.log", - "var/log/ipfw.today", - "var/log/poplog", - "var/log/authlog", - "var/log/news.all", - "var/log/news/news.all", - "var/log/news/news.crit", - "var/log/news/news.err", - "var/log/news/news.notice", - "var/log/news/suck.err", - "var/log/news/suck.notice", - "var/log/messages", - "var/log/messages.1", - "var/log/user.log", - "var/log/user.log.1", - "var/log/auth.log", - "var/log/pm-powersave.log", - "var/log/xorg.0.log", - "var/log/daemon.log", - "var/log/daemon.log.1", - "var/log/kern.log", - "var/log/kern.log.1", - "var/log/mail.err", - "var/log/mail.info", - "var/log/mail.warn", - "var/log/ufw.log", - "var/log/boot.log", - "var/log/syslog", - "var/log/syslog.1", - "var/log/squirrelmail.log", - "var/log/apache2/squirrelmail.log", - "var/log/apache2/squirrelmail.err.log", - "var/log/mail.log", - "var/log/vmware/hostd.log", - "var/log/vmware/hostd-1.log", - "/wp-config.php", - "/wp-config.bak", - "/wp-config.old", - "/wp-config.temp", - "/wp-config.tmp", - "/wp-config.txt", - "/config.yml", - "/config_dev.yml", - "/config_prod.yml", - "/config_test.yml", - "/parameters.yml", - "/routing.yml", - "/security.yml", - "/services.yml", - "sites/default/default.settings.php", - "sites/default/settings.php", - "sites/default/settings.local.php", - "app/etc/local.xml", - "/sftp-config.json", - "/web.config", - "includes/config.php", - "includes/configure.php", - "/config.inc.php", - "/localsettings.php", - "inc/config.php", - "typo3conf/localconf.php", - "config/app.php", - "config/custom.php", - "config/database.php", - "/configuration.php", - "/config.php", - "var/mail/www-data", - "etc/network/", - "etc/init/", - "inetpub/wwwroot/global.asa", - "system32/inetsrv/config/applicationhost.config", - "system32/inetsrv/config/administration.config", - "system32/inetsrv/config/redirection.config", - "system32/config/default", - "system32/config/sam", - "system32/config/system", - "system32/config/software", - "winnt/repair/sam._", - "/package.json", - "/package-lock.json", - "/gruntfile.js", - "/npm-debug.log", - "/ormconfig.json", - "/tsconfig.json", - "/webpack.config.js", - "/yarn.lock", - "proc/0", - "proc/1", - "proc/2", - "proc/3", - "proc/4", - "proc/5", - "proc/6", - "proc/7", - "proc/8", - "proc/9", - "proc/acpi", - "proc/asound", - "proc/bootconfig", - "proc/buddyinfo", - "proc/bus", - "proc/cgroups", - "proc/cmdline", - "proc/config.gz", - "proc/consoles", - "proc/cpuinfo", - "proc/crypto", - "proc/devices", - "proc/diskstats", - "proc/dma", - "proc/docker", - "proc/driver", - "proc/dynamic_debug", - "proc/execdomains", - "proc/fb", - "proc/filesystems", - "proc/fs", - "proc/interrupts", - "proc/iomem", - "proc/ioports", - "proc/ipmi", - "proc/irq", - "proc/kallsyms", - "proc/kcore", - "proc/keys", - "proc/keys", - "proc/key-users", - "proc/kmsg", - "proc/kpagecgroup", - "proc/kpagecount", - "proc/kpageflags", - "proc/latency_stats", - "proc/loadavg", - "proc/locks", - "proc/mdstat", - "proc/meminfo", - "proc/misc", - "proc/modules", - "proc/mounts", - "proc/mpt", - "proc/mtd", - "proc/mtrr", - "proc/net", - "proc/net/tcp", - "proc/net/udp", - "proc/pagetypeinfo", - "proc/partitions", - "proc/pressure", - "proc/sched_debug", - "proc/schedstat", - "proc/scsi", - "proc/self", - "proc/self/cmdline", - "proc/self/environ", - "proc/self/fd/0", - "proc/self/fd/1", - "proc/self/fd/10", - "proc/self/fd/11", - "proc/self/fd/12", - "proc/self/fd/13", - "proc/self/fd/14", - "proc/self/fd/15", - "proc/self/fd/2", - "proc/self/fd/3", - "proc/self/fd/4", - "proc/self/fd/5", - "proc/self/fd/6", - "proc/self/fd/7", - "proc/self/fd/8", - "proc/self/fd/9", - "proc/self/mounts", - "proc/self/stat", - "proc/self/status", - "proc/slabinfo", - "proc/softirqs", - "proc/stat", - "proc/swaps", - "proc/sys", - "proc/sysrq-trigger", - "proc/sysvipc", - "proc/thread-self", - "proc/timer_list", - "proc/timer_stats", - "proc/tty", - "proc/uptime", - "proc/version", - "proc/version_signature", - "proc/vmallocinfo", - "proc/vmstat", - "proc/zoneinfo", - "sys/block", - "sys/bus", - "sys/class", - "sys/dev", - "sys/devices", - "sys/firmware", - "sys/fs", - "sys/hypervisor", - "sys/kernel", - "sys/module", - "sys/power", - "windows\\win.ini", - "default\\ntuser.dat", - "/var/run/secrets/kubernetes.io/serviceaccount" - ], - "options": { - "enforce_word_boundary": true - } - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "lowercase", - "normalizePath" - ] - }, - { - "id": "crs-931-110", - "name": "RFI: Common RFI Vulnerable Parameter Name used w/ URL Payload", - "tags": { - "type": "rfi", - "crs_id": "931110", - "category": "attack_attempt", - "cwe": "98", - "capec": "1000/152/175/253/193", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - } - ], - "regex": "(?:\\binclude\\s*\\([^)]*|mosConfig_absolute_path|_CONF\\[path\\]|_SERVER\\[DOCUMENT_ROOT\\]|GALLERY_BASEDIR|path\\[docroot\\]|appserv_root|config\\[root_dir\\])=(?:file|ftps?|https?)://", - "options": { - "min_length": 15 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-931-120", - "name": "RFI: URL Payload Used w/Trailing Question Mark Character (?)", - "tags": { - "type": "rfi", - "crs_id": "931120", - "category": "attack_attempt", - "cwe": "98", - "capec": "1000/152/175/253/193" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "^(?i:file|ftps?)://.*?\\?+$", - "options": { - "case_sensitive": true, - "min_length": 4 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-932-160", - "name": "Remote Command Execution: Unix Shell Code Found", - "tags": { - "type": "command_injection", - "crs_id": "932160", - "category": "attack_attempt", - "cwe": "77", - "capec": "1000/152/248/88", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "options": { - "enforce_word_boundary": true - }, - "list": [ - "${cdpath}", - "${dirstack}", - "${home}", - "${hostname}", - "${ifs}", - "${oldpwd}", - "${ostype}", - "${path}", - "${pwd}", - "$cdpath", - "$dirstack", - "$home", - "$hostname", - "$ifs", - "$oldpwd", - "$ostype", - "$pwd", - "dev/fd/", - "dev/null", - "dev/stderr", - "dev/stdin", - "dev/stdout", - "dev/tcp/", - "dev/udp/", - "dev/zero", - "etc/master.passwd", - "etc/pwd.db", - "etc/shells", - "etc/spwd.db", - "proc/self/", - "bin/7z", - "bin/7za", - "bin/7zr", - "bin/ab", - "bin/agetty", - "bin/ansible-playbook", - "bin/apt", - "bin/apt-get", - "bin/ar", - "bin/aria2c", - "bin/arj", - "bin/arp", - "bin/as", - "bin/ascii-xfr", - "bin/ascii85", - "bin/ash", - "bin/aspell", - "bin/at", - "bin/atobm", - "bin/awk", - "bin/base32", - "bin/base64", - "bin/basenc", - "bin/bash", - "bin/bpftrace", - "bin/bridge", - "bin/bundler", - "bin/bunzip2", - "bin/busctl", - "bin/busybox", - "bin/byebug", - "bin/bzcat", - "bin/bzcmp", - "bin/bzdiff", - "bin/bzegrep", - "bin/bzexe", - "bin/bzfgrep", - "bin/bzgrep", - "bin/bzip2", - "bin/bzip2recover", - "bin/bzless", - "bin/bzmore", - "bin/bzz", - "bin/c89", - "bin/c99", - "bin/cancel", - "bin/capsh", - "bin/cat", - "bin/cc", - "bin/certbot", - "bin/check_by_ssh", - "bin/check_cups", - "bin/check_log", - "bin/check_memory", - "bin/check_raid", - "bin/check_ssl_cert", - "bin/check_statusfile", - "bin/chmod", - "bin/choom", - "bin/chown", - "bin/chroot", - "bin/clang", - "bin/clang++", - "bin/cmp", - "bin/cobc", - "bin/column", - "bin/comm", - "bin/composer", - "bin/core_perl/zipdetails", - "bin/cowsay", - "bin/cowthink", - "bin/cp", - "bin/cpan", - "bin/cpio", - "bin/cpulimit", - "bin/crash", - "bin/crontab", - "bin/csh", - "bin/csplit", - "bin/csvtool", - "bin/cupsfilter", - "bin/curl", - "bin/cut", - "bin/dash", - "bin/date", - "bin/dd", - "bin/dev/fd/", - "bin/dev/null", - "bin/dev/stderr", - "bin/dev/stdin", - "bin/dev/stdout", - "bin/dev/tcp/", - "bin/dev/udp/", - "bin/dev/zero", - "bin/dialog", - "bin/diff", - "bin/dig", - "bin/dmesg", - "bin/dmidecode", - "bin/dmsetup", - "bin/dnf", - "bin/docker", - "bin/dosbox", - "bin/dpkg", - "bin/du", - "bin/dvips", - "bin/easy_install", - "bin/eb", - "bin/echo", - "bin/ed", - "bin/efax", - "bin/emacs", - "bin/env", - "bin/eqn", - "bin/es", - "bin/esh", - "bin/etc/group", - "bin/etc/master.passwd", - "bin/etc/passwd", - "bin/etc/pwd.db", - "bin/etc/shadow", - "bin/etc/shells", - "bin/etc/spwd.db", - "bin/ex", - "bin/exiftool", - "bin/expand", - "bin/expect", - "bin/expr", - "bin/facter", - "bin/fetch", - "bin/file", - "bin/find", - "bin/finger", - "bin/fish", - "bin/flock", - "bin/fmt", - "bin/fold", - "bin/fping", - "bin/ftp", - "bin/gawk", - "bin/gcc", - "bin/gcore", - "bin/gdb", - "bin/gem", - "bin/genie", - "bin/genisoimage", - "bin/ghc", - "bin/ghci", - "bin/gimp", - "bin/ginsh", - "bin/git", - "bin/grc", - "bin/grep", - "bin/gtester", - "bin/gunzip", - "bin/gzexe", - "bin/gzip", - "bin/hd", - "bin/head", - "bin/hexdump", - "bin/highlight", - "bin/hping3", - "bin/iconv", - "bin/id", - "bin/iftop", - "bin/install", - "bin/ionice", - "bin/ip", - "bin/irb", - "bin/ispell", - "bin/jjs", - "bin/join", - "bin/journalctl", - "bin/jq", - "bin/jrunscript", - "bin/knife", - "bin/ksh", - "bin/ksshell", - "bin/latex", - "bin/ld", - "bin/ldconfig", - "bin/less", - "bin/lftp", - "bin/ln", - "bin/loginctl", - "bin/logsave", - "bin/look", - "bin/lp", - "bin/ls", - "bin/ltrace", - "bin/lua", - "bin/lualatex", - "bin/luatex", - "bin/lwp-download", - "bin/lwp-request", - "bin/lz", - "bin/lz4", - "bin/lz4c", - "bin/lz4cat", - "bin/lzcat", - "bin/lzcmp", - "bin/lzdiff", - "bin/lzegrep", - "bin/lzfgrep", - "bin/lzgrep", - "bin/lzless", - "bin/lzma", - "bin/lzmadec", - "bin/lzmainfo", - "bin/lzmore", - "bin/mail", - "bin/make", - "bin/man", - "bin/mawk", - "bin/mkfifo", - "bin/mknod", - "bin/more", - "bin/mosquitto", - "bin/mount", - "bin/msgattrib", - "bin/msgcat", - "bin/msgconv", - "bin/msgfilter", - "bin/msgmerge", - "bin/msguniq", - "bin/mtr", - "bin/mv", - "bin/mysql", - "bin/nano", - "bin/nasm", - "bin/nawk", - "bin/nc", - "bin/ncat", - "bin/neofetch", - "bin/nice", - "bin/nl", - "bin/nm", - "bin/nmap", - "bin/node", - "bin/nohup", - "bin/npm", - "bin/nroff", - "bin/nsenter", - "bin/octave", - "bin/od", - "bin/openssl", - "bin/openvpn", - "bin/openvt", - "bin/opkg", - "bin/paste", - "bin/pax", - "bin/pdb", - "bin/pdflatex", - "bin/pdftex", - "bin/pdksh", - "bin/perf", - "bin/perl", - "bin/pg", - "bin/php", - "bin/php-cgi", - "bin/php5", - "bin/php7", - "bin/pic", - "bin/pico", - "bin/pidstat", - "bin/pigz", - "bin/pip", - "bin/pkexec", - "bin/pkg", - "bin/pr", - "bin/printf", - "bin/proc/self/", - "bin/pry", - "bin/ps", - "bin/psed", - "bin/psftp", - "bin/psql", - "bin/ptx", - "bin/puppet", - "bin/pxz", - "bin/python", - "bin/python2", - "bin/python3", - "bin/rake", - "bin/rbash", - "bin/rc", - "bin/readelf", - "bin/red", - "bin/redcarpet", - "bin/restic", - "bin/rev", - "bin/rlogin", - "bin/rlwrap", - "bin/rpm", - "bin/rpmquery", - "bin/rsync", - "bin/ruby", - "bin/run-mailcap", - "bin/run-parts", - "bin/rview", - "bin/rvim", - "bin/sash", - "bin/sbin/capsh", - "bin/sbin/logsave", - "bin/sbin/service", - "bin/sbin/start-stop-daemon", - "bin/scp", - "bin/screen", - "bin/script", - "bin/sed", - "bin/service", - "bin/setarch", - "bin/sftp", - "bin/sg", - "bin/sh", - "bin/shuf", - "bin/sleep", - "bin/slsh", - "bin/smbclient", - "bin/snap", - "bin/socat", - "bin/soelim", - "bin/sort", - "bin/split", - "bin/sqlite3", - "bin/ss", - "bin/ssh", - "bin/ssh-keygen", - "bin/ssh-keyscan", - "bin/sshpass", - "bin/start-stop-daemon", - "bin/stdbuf", - "bin/strace", - "bin/strings", - "bin/su", - "bin/sysctl", - "bin/systemctl", - "bin/systemd-resolve", - "bin/tac", - "bin/tail", - "bin/tar", - "bin/task", - "bin/taskset", - "bin/tbl", - "bin/tclsh", - "bin/tcpdump", - "bin/tcsh", - "bin/tee", - "bin/telnet", - "bin/tex", - "bin/tftp", - "bin/tic", - "bin/time", - "bin/timedatectl", - "bin/timeout", - "bin/tmux", - "bin/top", - "bin/troff", - "bin/tshark", - "bin/ul", - "bin/uname", - "bin/uncompress", - "bin/unexpand", - "bin/uniq", - "bin/unlz4", - "bin/unlzma", - "bin/unpigz", - "bin/unrar", - "bin/unshare", - "bin/unxz", - "bin/unzip", - "bin/unzstd", - "bin/update-alternatives", - "bin/uudecode", - "bin/uuencode", - "bin/valgrind", - "bin/vi", - "bin/view", - "bin/vigr", - "bin/vim", - "bin/vimdiff", - "bin/vipw", - "bin/virsh", - "bin/volatility", - "bin/wall", - "bin/watch", - "bin/wc", - "bin/wget", - "bin/whiptail", - "bin/who", - "bin/whoami", - "bin/whois", - "bin/wireshark", - "bin/wish", - "bin/xargs", - "bin/xelatex", - "bin/xetex", - "bin/xmodmap", - "bin/xmore", - "bin/xpad", - "bin/xxd", - "bin/xz", - "bin/xzcat", - "bin/xzcmp", - "bin/xzdec", - "bin/xzdiff", - "bin/xzegrep", - "bin/xzfgrep", - "bin/xzgrep", - "bin/xzless", - "bin/xzmore", - "bin/yarn", - "bin/yelp", - "bin/yes", - "bin/yum", - "bin/zathura", - "bin/zip", - "bin/zipcloak", - "bin/zipcmp", - "bin/zipdetails", - "bin/zipgrep", - "bin/zipinfo", - "bin/zipmerge", - "bin/zipnote", - "bin/zipsplit", - "bin/ziptool", - "bin/zsh", - "bin/zsoelim", - "bin/zstd", - "bin/zstdcat", - "bin/zstdgrep", - "bin/zstdless", - "bin/zstdmt", - "bin/zypper" - ] - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "lowercase", - "cmdLine" - ] - }, - { - "id": "crs-932-171", - "name": "Remote Command Execution: Shellshock (CVE-2014-6271)", - "tags": { - "type": "command_injection", - "crs_id": "932171", - "category": "attack_attempt", - "cwe": "77", - "capec": "1000/152/248/88", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "^\\(\\s*\\)\\s+{", - "options": { - "case_sensitive": true, - "min_length": 4 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-932-180", - "name": "Restricted File Upload Attempt", - "tags": { - "type": "command_injection", - "crs_id": "932180", - "category": "attack_attempt", - "cwe": "706", - "capec": "1000/225/122/17/177", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "x-filename" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "x_filename" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "x-file-name" - ] - } - ], - "list": [ - ".htaccess", - ".htdigest", - ".htpasswd", - "wp-config.php", - "config.yml", - "config_dev.yml", - "config_prod.yml", - "config_test.yml", - "parameters.yml", - "routing.yml", - "security.yml", - "services.yml", - "default.settings.php", - "settings.php", - "settings.local.php", - "local.xml", - ".env" - ], - "options": { - "enforce_word_boundary": true - } - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-933-111", - "name": "PHP Injection Attack: PHP Script File Upload Found", - "tags": { - "type": "unrestricted_file_upload", - "crs_id": "933111", - "category": "attack_attempt", - "cwe": "434", - "capec": "1000/225/122/17/650", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "x-filename" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "x_filename" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "x.filename" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "x-file-name" - ] - } - ], - "regex": ".*\\.(?:php\\d*|phtml)\\..*$", - "options": { - "case_sensitive": true, - "min_length": 5 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-933-130", - "name": "PHP Injection Attack: Global Variables Found", - "tags": { - "type": "php_code_injection", - "crs_id": "933130", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/225/122/17/650", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "options": { - "enforce_word_boundary": true - }, - "list": [ - "$globals", - "$_cookie", - "$_env", - "$_files", - "$_get", - "$_post", - "$_request", - "$_server", - "$_session", - "$argc", - "$argv", - "$http_\\u200bresponse_\\u200bheader", - "$php_\\u200berrormsg", - "$http_cookie_vars", - "$http_env_vars", - "$http_get_vars", - "$http_post_files", - "$http_post_vars", - "$http_raw_post_data", - "$http_request_vars", - "$http_server_vars" - ] - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-933-131", - "name": "PHP Injection Attack: HTTP Headers Values Found", - "tags": { - "type": "php_code_injection", - "crs_id": "933131", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/225/122/17/650" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:HTTP_(?:ACCEPT(?:_(?:ENCODING|LANGUAGE|CHARSET))?|(?:X_FORWARDED_FO|REFERE)R|(?:USER_AGEN|HOS)T|CONNECTION|KEEP_ALIVE)|PATH_(?:TRANSLATED|INFO)|ORIG_PATH_INFO|QUERY_STRING|REQUEST_URI|AUTH_TYPE)", - "options": { - "case_sensitive": true, - "min_length": 9 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-933-140", - "name": "PHP Injection Attack: I/O Stream Found", - "tags": { - "type": "php_code_injection", - "crs_id": "933140", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/225/122/17/650", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "php://(?:std(?:in|out|err)|(?:in|out)put|fd|memory|temp|filter)", - "options": { - "min_length": 8 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-933-150", - "name": "PHP Injection Attack: High-Risk PHP Function Name Found", - "tags": { - "type": "php_code_injection", - "crs_id": "933150", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/225/122/17/650", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "list": [ - "__halt_compiler", - "apache_child_terminate", - "base64_decode", - "bzdecompress", - "call_user_func", - "call_user_func_array", - "call_user_method", - "call_user_method_array", - "convert_uudecode", - "file_get_contents", - "file_put_contents", - "fsockopen", - "get_class_methods", - "get_class_vars", - "get_defined_constants", - "get_defined_functions", - "get_defined_vars", - "gzdecode", - "gzinflate", - "gzuncompress", - "include_once", - "invokeargs", - "pcntl_exec", - "pcntl_fork", - "pfsockopen", - "posix_getcwd", - "posix_getpwuid", - "posix_getuid", - "posix_uname", - "reflectionfunction", - "require_once", - "shell_exec", - "str_rot13", - "sys_get_temp_dir", - "wp_remote_fopen", - "wp_remote_get", - "wp_remote_head", - "wp_remote_post", - "wp_remote_request", - "wp_safe_remote_get", - "wp_safe_remote_head", - "wp_safe_remote_post", - "wp_safe_remote_request", - "zlib_decode" - ], - "options": { - "enforce_word_boundary": true - } - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-933-160", - "name": "PHP Injection Attack: High-Risk PHP Function Call Found", - "tags": { - "type": "php_code_injection", - "crs_id": "933160", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/225/122/17/650" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?:s(?:e(?:t(?:_(?:e(?:xception|rror)_handler|magic_quotes_runtime|include_path)|defaultstub)|ssion_s(?:et_save_handler|tart))|qlite_(?:(?:(?:unbuffered|single|array)_)?query|create_(?:aggregate|function)|p?open|exec)|tr(?:eam_(?:context_create|socket_client)|ipc?slashes|rev)|implexml_load_(?:string|file)|ocket_c(?:onnect|reate)|h(?:ow_sourc|a1_fil)e|pl_autoload_register|ystem)|p(?:r(?:eg_(?:replace(?:_callback(?:_array)?)?|match(?:_all)?|split)|oc_(?:(?:terminat|clos|nic)e|get_status|open)|int_r)|o(?:six_(?:get(?:(?:e[gu]|g)id|login|pwnam)|mk(?:fifo|nod)|ttyname|kill)|pen)|hp(?:_(?:strip_whitespac|unam)e|version|info)|g_(?:(?:execut|prepar)e|connect|query)|a(?:rse_(?:ini_file|str)|ssthru)|utenv)|r(?:unkit_(?:function_(?:re(?:defin|nam)e|copy|add)|method_(?:re(?:defin|nam)e|copy|add)|constant_(?:redefine|add))|e(?:(?:gister_(?:shutdown|tick)|name)_function|ad(?:(?:gz)?file|_exif_data|dir))|awurl(?:de|en)code)|i(?:mage(?:createfrom(?:(?:jpe|pn)g|x[bp]m|wbmp|gif)|(?:jpe|pn)g|g(?:d2?|if)|2?wbmp|xbm)|s_(?:(?:(?:execut|write?|read)ab|fi)le|dir)|ni_(?:get(?:_all)?|set)|terator_apply|ptcembed)|g(?:et(?:_(?:c(?:urrent_use|fg_va)r|meta_tags)|my(?:[gpu]id|inode)|(?:lastmo|cw)d|imagesize|env)|z(?:(?:(?:defla|wri)t|encod|fil)e|compress|open|read)|lob)|a(?:rray_(?:u(?:intersect(?:_u?assoc)?|diff(?:_u?assoc)?)|intersect_u(?:assoc|key)|diff_u(?:assoc|key)|filter|reduce|map)|ssert(?:_options)?|tob)|h(?:tml(?:specialchars(?:_decode)?|_entity_decode|entities)|(?:ash(?:_(?:update|hmac))?|ighlight)_file|e(?:ader_register_callback|x2bin))|f(?:i(?:le(?:(?:[acm]tim|inod)e|(?:_exist|perm)s|group)?|nfo_open)|tp_(?:nb_(?:ge|pu)|connec|ge|pu)t|(?:unction_exis|pu)ts|write|open)|o(?:b_(?:get_(?:c(?:ontents|lean)|flush)|end_(?:clean|flush)|clean|flush|start)|dbc_(?:result(?:_all)?|exec(?:ute)?|connect)|pendir)|m(?:b_(?:ereg(?:_(?:replace(?:_callback)?|match)|i(?:_replace)?)?|parse_str)|(?:ove_uploaded|d5)_file|ethod_exists|ysql_query|kdir)|e(?:x(?:if_(?:t(?:humbnail|agname)|imagetype|read_data)|ec)|scapeshell(?:arg|cmd)|rror_reporting|val)|c(?:url_(?:file_create|exec|init)|onvert_uuencode|reate_function|hr)|u(?:n(?:serialize|pack)|rl(?:de|en)code|[ak]?sort)|b(?:(?:son_(?:de|en)|ase64_en)code|zopen|toa)|(?:json_(?:de|en)cod|debug_backtrac|tmpfil)e|var_dump)(?:\\s|/\\*.*\\*/|//.*|#.*|\\\"|')*\\((?:(?:\\s|/\\*.*\\*/|//.*|#.*)*(?:\\$\\w+|[A-Z\\d]\\w*|\\w+\\(.*\\)|\\\\?\"(?:[^\"]|\\\\\"|\"\"|\"\\+\")*\\\\?\"|\\\\?'(?:[^']|''|'\\+')*\\\\?')(?:\\s|/\\*.*\\*/|//.*|#.*)*(?:(?:::|\\.|->)(?:\\s|/\\*.*\\*/|//.*|#.*)*\\w+(?:\\(.*\\))?)?,)*(?:(?:\\s|/\\*.*\\*/|//.*|#.*)*(?:\\$\\w+|[A-Z\\d]\\w*|\\w+\\(.*\\)|\\\\?\"(?:[^\"]|\\\\\"|\"\"|\"\\+\")*\\\\?\"|\\\\?'(?:[^']|''|'\\+')*\\\\?')(?:\\s|/\\*.*\\*/|//.*|#.*)*(?:(?:::|\\.|->)(?:\\s|/\\*.*\\*/|//.*|#.*)*\\w+(?:\\(.*\\))?)?)?\\)", - "options": { - "case_sensitive": true, - "min_length": 5 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-933-170", - "name": "PHP Injection Attack: Serialized Object Injection", - "tags": { - "type": "php_code_injection", - "crs_id": "933170", - "category": "attack_attempt", - "cwe": "502", - "capec": "1000/152/586", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "[oOcC]:\\d+:\\\".+?\\\":\\d+:{[\\W\\w]*}", - "options": { - "case_sensitive": true, - "min_length": 12 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-933-200", - "name": "PHP Injection Attack: Wrapper scheme detected", - "tags": { - "type": "php_code_injection", - "crs_id": "933200", - "category": "attack_attempt", - "cwe": "502", - "capec": "1000/152/586" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:(?:bzip|ssh)2|z(?:lib|ip)|(?:ph|r)ar|expect|glob|ogg)://", - "options": { - "case_sensitive": true, - "min_length": 6 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "crs-934-100", - "name": "Node.js Injection Attack 1/2", - "tags": { - "type": "js_code_injection", - "crs_id": "934100", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?:(?:l(?:(?:utimes|chmod)(?:Sync)?|(?:stat|ink)Sync)|w(?:rite(?:(?:File|v)(?:Sync)?|Sync)|atchFile)|u(?:n(?:watchFile|linkSync)|times(?:Sync)?)|s(?:(?:ymlink|tat)Sync|pawn(?:File|Sync))|ex(?:ec(?:File(?:Sync)?|Sync)|istsSync)|a(?:ppendFile|ccess)(?:Sync)?|(?:Caveat|Inode)s|open(?:dir)?Sync|new\\s+Function|Availability|\\beval)\\s*\\(|m(?:ain(?:Module\\s*(?:\\W*\\s*(?:constructor|require)|\\[)|\\s*(?:\\W*\\s*(?:constructor|require)|\\[))|kd(?:temp(?:Sync)?|irSync)\\s*\\(|odule\\.exports\\s*=)|c(?:(?:(?:h(?:mod|own)|lose)Sync|reate(?:Write|Read)Stream|p(?:Sync)?)\\s*\\(|o(?:nstructor\\s*(?:\\W*\\s*_load|\\[)|pyFile(?:Sync)?\\s*\\())|f(?:(?:(?:s(?:(?:yncS)?|tatS)|datas(?:yncS)?)ync|ch(?:mod|own)(?:Sync)?)\\s*\\(|u(?:nction\\s*\\(\\s*\\)\\s*{|times(?:Sync)?\\s*\\())|r(?:e(?:(?:ad(?:(?:File|link|dir)?Sync|v(?:Sync)?)|nameSync)\\s*\\(|quire\\s*(?:\\W*\\s*main|\\[))|m(?:Sync)?\\s*\\()|process\\s*(?:\\W*\\s*(?:mainModule|binding)|\\[)|t(?:his\\.constructor|runcateSync\\s*\\()|_(?:\\$\\$ND_FUNC\\$\\$_|_js_function)|global\\s*(?:\\W*\\s*process|\\[)|String\\s*\\.\\s*fromCharCode|binding\\s*\\[)", - "options": { - "case_sensitive": true, - "min_length": 3 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-934-101", - "name": "Node.js Injection Attack 2/2", - "tags": { - "type": "js_code_injection", - "crs_id": "934101", - "category": "attack_attempt", - "confidence": "1", - "cwe": "94", - "capec": "1000/152/242" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?:w(?:atch|rite)|(?:spaw|ope)n|exists|close|fork|read)\\s*\\(", - "options": { - "case_sensitive": true, - "min_length": 5 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-941-110", - "name": "XSS Filter - Category 1: Script Tag Vector", - "tags": { - "type": "xss", - "crs_id": "941110", - "category": "attack_attempt", - "cwe": "80", - "capec": "1000/152/242/63/591", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "referer" - ] - }, - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "]*>[\\s\\S]*?", - "options": { - "case_sensitive": false, - "min_length": 8 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls", - "urlDecodeUni" - ] - }, - { - "id": "crs-941-120", - "name": "XSS Filter - Category 2: Event Handler Vector", - "tags": { - "type": "xss", - "crs_id": "941120", - "category": "attack_attempt", - "cwe": "83", - "capec": "1000/152/242/63/591/243", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "referer" - ] - }, - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\bon(?:d(?:r(?:ag(?:en(?:ter|d)|leave|start|over)?|op)|urationchange|blclick)|s(?:e(?:ek(?:ing|ed)|arch|lect)|u(?:spend|bmit)|talled|croll|how)|m(?:ouse(?:(?:lea|mo)ve|o(?:ver|ut)|enter|down|up)|essage)|p(?:a(?:ge(?:hide|show)|(?:st|us)e)|lay(?:ing)?|rogress|aste|ointer(?:cancel|down|enter|leave|move|out|over|rawupdate|up))|c(?:anplay(?:through)?|o(?:ntextmenu|py)|hange|lick|ut)|a(?:nimation(?:iteration|start|end)|(?:fterprin|bor)t|uxclick|fterscriptexecute)|t(?:o(?:uch(?:cancel|start|move|end)|ggle)|imeupdate)|f(?:ullscreen(?:change|error)|ocus(?:out|in)?|inish)|(?:(?:volume|hash)chang|o(?:ff|n)lin)e|b(?:efore(?:unload|print)|lur)|load(?:ed(?:meta)?data|start|end)?|r(?:es(?:ize|et)|atechange)|key(?:press|down|up)|w(?:aiting|heel)|in(?:valid|put)|e(?:nded|rror)|unload)[\\s\\x0B\\x09\\x0C\\x3B\\x2C\\x28\\x3B]*?=[^=]", - "options": { - "min_length": 8 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls", - "urlDecodeUni" - ] - }, - { - "id": "crs-941-140", - "name": "XSS Filter - Category 4: Javascript URI Vector", - "tags": { - "type": "xss", - "crs_id": "941140", - "category": "attack_attempt", - "cwe": "84", - "capec": "1000/152/242/63/591/244", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "referer" - ] - }, - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "[a-z]+=(?:[^:=]+:.+;)*?[^:=]+:url\\(javascript", - "options": { - "min_length": 18 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls", - "urlDecodeUni" - ] - }, - { - "id": "crs-941-170", - "name": "NoScript XSS InjectionChecker: Attribute Injection", - "tags": { - "type": "xss", - "crs_id": "941170", - "category": "attack_attempt", - "cwe": "83", - "capec": "1000/152/242/63/591/243", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "referer" - ] - }, - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:\\W|^)(?:javascript:(?:[\\s\\S]+[=\\x5c\\(\\[\\.<]|[\\s\\S]*?(?:\\bname\\b|\\x5c[ux]\\d)))|@\\W*?i\\W*?m\\W*?p\\W*?o\\W*?r\\W*?t\\W*?(?:/\\*[\\s\\S]*?)?(?:[\\\"']|\\W*?u\\W*?r\\W*?l[\\s\\S]*?\\()|[^-]*?-\\W*?m\\W*?o\\W*?z\\W*?-\\W*?b\\W*?i\\W*?n\\W*?d\\W*?i\\W*?n\\W*?g[^:]*?:\\W*?u\\W*?r\\W*?l[\\s\\S]*?\\(", - "options": { - "min_length": 6 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls", - "urlDecodeUni" - ] - }, - { - "id": "crs-941-180", - "name": "Node-Validator Deny List Keywords", - "tags": { - "type": "xss", - "crs_id": "941180", - "category": "attack_attempt", - "cwe": "79", - "capec": "1000/152/242/63/591" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "options": { - "enforce_word_boundary": true - }, - "list": [ - "document.cookie", - "document.write", - ".parentnode", - ".innerhtml", - "window.location", - "-moz-binding" - ] - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "removeNulls", - "lowercase" - ] - }, - { - "id": "crs-941-200", - "name": "IE XSS Filters - Attack Detected via vmlframe tag", - "tags": { - "type": "xss", - "crs_id": "941200", - "category": "attack_attempt", - "cwe": "80", - "capec": "1000/152/242/63/591", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i:<.*[:]?vmlframe.*?[\\s/+]*?src[\\s/+]*=)", - "options": { - "case_sensitive": true, - "min_length": 13 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "crs-941-210", - "name": "IE XSS Filters - Obfuscated Attack Detected via javascript injection", - "tags": { - "type": "xss", - "crs_id": "941210", - "category": "attack_attempt", - "cwe": "80", - "capec": "1000/152/242/63/591", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i:(?:j|&#x?0*(?:74|4A|106|6A);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:a|&#x?0*(?:65|41|97|61);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:v|&#x?0*(?:86|56|118|76);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:a|&#x?0*(?:65|41|97|61);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:s|&#x?0*(?:83|53|115|73);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:c|&#x?0*(?:67|43|99|63);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:r|&#x?0*(?:82|52|114|72);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:i|&#x?0*(?:73|49|105|69);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:p|&#x?0*(?:80|50|112|70);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:t|&#x?0*(?:84|54|116|74);?)(?:\\t|\\n|\\r|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?::|&(?:#x?0*(?:58|3A);?|colon;)).)", - "options": { - "case_sensitive": true, - "min_length": 12 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "crs-941-220", - "name": "IE XSS Filters - Obfuscated Attack Detected via vbscript injection", - "tags": { - "type": "xss", - "crs_id": "941220", - "category": "attack_attempt", - "cwe": "80", - "capec": "1000/152/242/63/591", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i:(?:v|&#x?0*(?:86|56|118|76);?)(?:\\t|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:b|&#x?0*(?:66|42|98|62);?)(?:\\t|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:s|&#x?0*(?:83|53|115|73);?)(?:\\t|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:c|&#x?0*(?:67|43|99|63);?)(?:\\t|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:r|&#x?0*(?:82|52|114|72);?)(?:\\t|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:i|&#x?0*(?:73|49|105|69);?)(?:\\t|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:p|&#x?0*(?:80|50|112|70);?)(?:\\t|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?:t|&#x?0*(?:84|54|116|74);?)(?:\\t|&(?:#x?0*(?:9|13|10|A|D);?|tab;|newline;))*(?::|&(?:#x?0*(?:58|3A);?|colon;)).)", - "options": { - "case_sensitive": true, - "min_length": 10 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "crs-941-230", - "name": "IE XSS Filters - Attack Detected via embed tag", - "tags": { - "type": "xss", - "crs_id": "941230", - "category": "attack_attempt", - "cwe": "83", - "capec": "1000/152/242/63/591/243", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "]", - "options": { - "min_length": 8 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "crs-941-300", - "name": "IE XSS Filters - Attack Detected via object tag", - "tags": { - "type": "xss", - "crs_id": "941300", - "category": "attack_attempt", - "cwe": "83", - "capec": "1000/152/242/63/591/243", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": ")|<.*\\+AD4-", - "options": { - "case_sensitive": true, - "min_length": 6 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-941-360", - "name": "JSFuck / Hieroglyphy obfuscation detected", - "tags": { - "type": "xss", - "crs_id": "941360", - "category": "attack_attempt", - "cwe": "87", - "capec": "1000/152/242/63/591/199" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "![!+ ]\\[\\]", - "options": { - "case_sensitive": true, - "min_length": 4 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-941-390", - "name": "Javascript method detected", - "tags": { - "type": "xss", - "crs_id": "941390", - "category": "attack_attempt", - "confidence": "1", - "cwe": "79", - "capec": "1000/152/242/63/591" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?i:eval|settimeout|setinterval|new\\s+Function|alert|prompt)[\\s+]*\\([^\\)]", - "options": { - "case_sensitive": true, - "min_length": 5 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-942-100", - "name": "SQL Injection Attack Detected via libinjection", - "tags": { - "type": "sql_injection", - "crs_id": "942100", - "category": "attack_attempt", - "cwe": "89", - "capec": "1000/152/248/66" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ] - }, - "operator": "is_sqli" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "crs-942-160", - "name": "Detects blind sqli tests using sleep() or benchmark()", - "tags": { - "type": "sql_injection", - "crs_id": "942160", - "category": "attack_attempt", - "cwe": "89", - "capec": "1000/152/248/66/7", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i:sleep\\(\\s*?\\d*?\\s*?\\)|benchmark\\(.*?\\,.*?\\))", - "options": { - "case_sensitive": true, - "min_length": 7 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-942-240", - "name": "Detects MySQL charset switch and MSSQL DoS attempts", - "tags": { - "type": "sql_injection", - "crs_id": "942240", - "category": "attack_attempt", - "cwe": "89", - "capec": "1000/152/248/66/7", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:[\\\"'`](?:;*?\\s*?waitfor\\s+(?:delay|time)\\s+[\\\"'`]|;.*?:\\s*?goto)|alter\\s*?\\w+.*?cha(?:racte)?r\\s+set\\s+\\w+)", - "options": { - "min_length": 7 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-942-250", - "name": "Detects MATCH AGAINST, MERGE and EXECUTE IMMEDIATE injections", - "tags": { - "type": "sql_injection", - "crs_id": "942250", - "category": "attack_attempt", - "cwe": "89", - "capec": "1000/152/248/66" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i:merge.*?using\\s*?\\(|execute\\s*?immediate\\s*?[\\\"'`]|match\\s*?[\\w(?:),+-]+\\s*?against\\s*?\\()", - "options": { - "case_sensitive": true, - "min_length": 11 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-942-270", - "name": "Basic SQL injection", - "tags": { - "type": "sql_injection", - "crs_id": "942270", - "category": "attack_attempt", - "cwe": "89", - "capec": "1000/152/248/66" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "union.*?select.*?from", - "options": { - "min_length": 15 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-942-280", - "name": "SQL Injection with delay functions", - "tags": { - "type": "sql_injection", - "crs_id": "942280", - "category": "attack_attempt", - "cwe": "89", - "capec": "1000/152/248/66/7", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:;\\s*?shutdown\\s*?(?:[#;{]|\\/\\*|--)|waitfor\\s*?delay\\s?[\\\"'`]+\\s?\\d|select\\s*?pg_sleep)", - "options": { - "min_length": 10 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-942-290", - "name": "Finds basic MongoDB SQL injection attempts", - "tags": { - "type": "nosql_injection", - "crs_id": "942290", - "category": "attack_attempt", - "cwe": "943", - "capec": "1000/152/248/676" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i:(?:\\[?\\$(?:(?:s(?:lic|iz)|wher)e|e(?:lemMatch|xists|q)|n(?:o[rt]|in?|e)|l(?:ike|te?)|t(?:ext|ype)|a(?:ll|nd)|jsonSchema|between|regex|x?or|div|mod)\\]?)\\b)", - "options": { - "case_sensitive": true, - "min_length": 3 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "keys_only" - ] - }, - { - "id": "crs-942-360", - "name": "Detects concatenated basic SQL injection and SQLLFI attempts", - "tags": { - "type": "sql_injection", - "crs_id": "942360", - "category": "attack_attempt", - "cwe": "89", - "capec": "1000/152/248/66/470" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:^[\\W\\d]+\\s*?(?:alter\\s*(?:a(?:(?:pplication\\s*rol|ggregat)e|s(?:ymmetric\\s*ke|sembl)y|u(?:thorization|dit)|vailability\\s*group)|c(?:r(?:yptographic\\s*provider|edential)|o(?:l(?:latio|um)|nversio)n|ertificate|luster)|s(?:e(?:rv(?:ice|er)|curity|quence|ssion|arch)|y(?:mmetric\\s*key|nonym)|togroup|chema)|m(?:a(?:s(?:ter\\s*key|k)|terialized)|e(?:ssage\\s*type|thod)|odule)|l(?:o(?:g(?:file\\s*group|in)|ckdown)|a(?:ngua|r)ge|ibrary)|t(?:(?:abl(?:espac)?|yp)e|r(?:igger|usted)|hreshold|ext)|p(?:a(?:rtition|ckage)|ro(?:cedur|fil)e|ermission)|d(?:i(?:mension|skgroup)|atabase|efault|omain)|r(?:o(?:l(?:lback|e)|ute)|e(?:sourc|mot)e)|f(?:u(?:lltext|nction)|lashback|oreign)|e(?:xte(?:nsion|rnal)|(?:ndpoi|ve)nt)|in(?:dex(?:type)?|memory|stance)|b(?:roker\\s*priority|ufferpool)|x(?:ml\\s*schema|srobject)|w(?:ork(?:load)?|rapper)|hi(?:erarchy|stogram)|o(?:perator|utline)|(?:nicknam|queu)e|us(?:age|er)|group|java|view)|union\\s*(?:(?:distin|sele)ct|all))\\b|\\b(?:(?:(?:trunc|cre|upd)at|renam)e|(?:inser|selec)t|de(?:lete|sc)|alter|load)\\s+(?:group_concat|load_file|char)\\b\\s*\\(?|[\\s(]load_file\\s*?\\(|[\\\"'`]\\s+regexp\\W)", - "options": { - "min_length": 5 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-942-500", - "name": "MySQL in-line comment detected", - "tags": { - "type": "sql_injection", - "crs_id": "942500", - "category": "attack_attempt", - "cwe": "89", - "capec": "1000/152/248/66" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i:/\\*[!+](?:[\\w\\s=_\\-(?:)]+)?\\*/)", - "options": { - "case_sensitive": true, - "min_length": 5 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-943-100", - "name": "Possible Session Fixation Attack: Setting Cookie Values in HTML", - "tags": { - "type": "http_protocol_violation", - "crs_id": "943100", - "category": "attack_attempt", - "cwe": "384", - "capec": "1000/225/21/593/61", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i:\\.cookie\\b.*?;\\W*?(?:expires|domain)\\W*?=|\\bhttp-equiv\\W+set-cookie\\b)", - "options": { - "case_sensitive": true, - "min_length": 15 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-944-100", - "name": "Remote Command Execution: Suspicious Java class detected", - "tags": { - "type": "java_code_injection", - "crs_id": "944100", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "java\\.lang\\.(?:runtime|processbuilder)", - "options": { - "case_sensitive": true, - "min_length": 17 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-944-110", - "name": "Remote Command Execution: Java process spawn (CVE-2017-9805)", - "tags": { - "type": "java_code_injection", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:unmarshaller|base64data|java\\.).*(?:runtime|processbuilder)", - "options": { - "case_sensitive": false, - "min_length": 13 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "crs-944-130", - "name": "Suspicious Java class detected", - "tags": { - "type": "java_code_injection", - "crs_id": "944130", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "list": [ - "com.opensymphony.xwork2", - "com.sun.org.apache", - "java.io.bufferedinputstream", - "java.io.bufferedreader", - "java.io.bytearrayinputstream", - "java.io.bytearrayoutputstream", - "java.io.chararrayreader", - "java.io.datainputstream", - "java.io.file", - "java.io.fileoutputstream", - "java.io.filepermission", - "java.io.filewriter", - "java.io.filterinputstream", - "java.io.filteroutputstream", - "java.io.filterreader", - "java.io.inputstream", - "java.io.inputstreamreader", - "java.io.linenumberreader", - "java.io.objectoutputstream", - "java.io.outputstream", - "java.io.pipedoutputstream", - "java.io.pipedreader", - "java.io.printstream", - "java.io.pushbackinputstream", - "java.io.reader", - "java.io.stringreader", - "java.lang.class", - "java.lang.integer", - "java.lang.number", - "java.lang.object", - "java.lang.process", - "java.lang.reflect", - "java.lang.runtime", - "java.lang.string", - "java.lang.stringbuilder", - "java.lang.system", - "javax.script.scriptenginemanager", - "org.apache.commons", - "org.apache.struts", - "org.apache.struts2", - "org.omg.corba", - "java.beans.xmldecode" - ], - "options": { - "enforce_word_boundary": true - } - }, - "operator": "phrase_match" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "crs-944-260", - "name": "Remote Command Execution: Malicious class-loading payload", - "tags": { - "type": "java_code_injection", - "crs_id": "944260", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:class\\.module\\.classLoader\\.resources\\.context\\.parent\\.pipeline|springframework\\.context\\.support\\.FileSystemXmlApplicationContext)", - "options": { - "case_sensitive": true, - "min_length": 58 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-000-001", - "name": "Look for Cassandra injections", - "tags": { - "type": "nosql_injection", - "category": "attack_attempt", - "cwe": "943", - "capec": "1000/152/248/676" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - }, - { - "address": "server.request.headers.no_cookies" - } - ], - "regex": "\\ballow\\s+filtering\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeComments" - ] - }, - { - "id": "dog-000-002", - "name": "OGNL - Look for formatting injection patterns", - "tags": { - "type": "java_code_injection", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - }, - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - }, - { - "address": "server.request.headers.no_cookies" - } - ], - "regex": "[#%$]{(?:[^}]+[^\\w\\s}\\-_][^}]+|\\d+-\\d+)}", - "options": { - "case_sensitive": true - } - } - } - ], - "transformers": [] - }, - { - "id": "dog-000-003", - "name": "OGNL - Detect OGNL exploitation primitives", - "tags": { - "type": "java_code_injection", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "[@#]ognl", - "options": { - "case_sensitive": true - } - } - } - ], - "transformers": [] - }, - { - "id": "dog-000-004", - "name": "Spring4Shell - Attempts to exploit the Spring4shell vulnerability", - "tags": { - "type": "exploit_detection", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.body" - } - ], - "regex": "^class\\.module\\.classLoader\\.", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [ - "keys_only" - ] - }, - { - "id": "dog-000-005", - "name": "Node.js: Prototype pollution through __proto__", - "tags": { - "type": "js_code_injection", - "category": "attack_attempt", - "cwe": "1321", - "capec": "1000/152/242", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - } - ], - "regex": "^__proto__$" - }, - "operator": "match_regex" - } - ], - "transformers": [ - "keys_only" - ] - }, - { - "id": "dog-000-006", - "name": "Node.js: Prototype pollution through constructor.prototype", - "tags": { - "type": "js_code_injection", - "category": "attack_attempt", - "cwe": "1321", - "capec": "1000/152/242", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - } - ], - "regex": "^constructor$" - }, - "operator": "match_regex" - }, - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - } - ], - "regex": "^prototype$" - }, - "operator": "match_regex" - } - ], - "transformers": [ - "keys_only" - ] - }, - { - "id": "dog-000-007", - "name": "Server side template injection: Velocity & Freemarker", - "tags": { - "type": "java_code_injection", - "category": "attack_attempt", - "cwe": "1336", - "capec": "1000/152/242/19", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "#(?:set|foreach|macro|parse|if)\\(.*\\)|<#assign.*>" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-001", - "name": "BurpCollaborator OOB domain", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "tool_name": "BurpCollaborator", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?:burpcollaborator\\.net|oastify\\.com)\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-002", - "name": "Qualys OOB domain", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "tool_name": "Qualys", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\bqualysperiscope\\.com\\b|\\.oscomm\\." - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-003", - "name": "Probely OOB domain", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "tool_name": "Probely", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\bprbly\\.win\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-004", - "name": "Known malicious out-of-band interaction domain", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?:webhook\\.site|\\.canarytokens\\.com|vii\\.one|act1on3\\.ru|gdsburp\\.com|arcticwolf\\.net|oob\\.li|htbiw\\.com|h4\\.vc|mochan\\.cloud|imshopping\\.com|bootstrapnodejs\\.com|mooo-ng\\.com|securitytrails\\.com|canyouhackit\\.io|7bae\\.xyz)\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-005", - "name": "Known suspicious out-of-band interaction domain", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?:\\.ngrok\\.io|requestbin\\.com|requestbin\\.net)\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-006", - "name": "Rapid7 OOB domain", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "tool_name": "Rapid7", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\bappspidered\\.rapid7\\." - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-007", - "name": "Interact.sh OOB domain", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "tool_name": "interact.sh", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?:interact\\.sh|oast\\.(?:pro|live|site|online|fun|me)|indusfacefinder\\.in|where\\.land|syhunt\\.net|tssrt\\.de|boardofcyber\\.io|assetnote-callback\\.com|praetorianlabs\\.dev|netspi\\.sh)\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-008", - "name": "Netsparker OOB domain", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "tool_name": "Netsparker", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b(?:\\.|(?:\\\\|&#)(?:0*46|x0*2e);)?r87(?:\\.|(?:\\\\|&#)(?:0*46|x0*2e);)(?:me|com)\\b", - "options": { - "case_sensitive": false, - "min_length": 7 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-009", - "name": "WhiteHat Security OOB domain", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "tool_name": "WhiteHatSecurity", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\bwhsec(?:\\.|(?:\\\\|&#)(?:0*46|x0*2e);)us\\b", - "options": { - "case_sensitive": false, - "min_length": 8 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-010", - "name": "Nessus OOB domain", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "tool_name": "Nessus", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\b\\.nessus\\.org\\b", - "options": { - "case_sensitive": false, - "min_length": 8 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-011", - "name": "Watchtowr OOB domain", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "tool_name": "Watchtowr", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\bwatchtowr\\.com\\b", - "options": { - "case_sensitive": false, - "min_length": 8 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-913-012", - "name": "AppCheck NG OOB domain", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "tool_name": "AppCheckNG", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\bptst\\.io\\b", - "options": { - "case_sensitive": false, - "min_length": 7 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-920-001", - "name": "JWT authentication bypass", - "tags": { - "type": "http_protocol_violation", - "category": "attack_attempt", - "cwe": "287", - "capec": "1000/225/115", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.cookies" - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "authorization" - ] - } - ], - "regex": "^(?:Bearer )?ey[A-Za-z0-9+_\\-/]*([QY][UW]x[Hn]Ij([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]Ij([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDogI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]IiA6ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]Ij([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciIDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgOiJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]IiA6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]Ij([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciOiJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]IjogI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]IiA6I[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6I[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6I[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciIDogI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]IiA6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]IiA6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ciO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6I[km]5[Pv][Tb][km][U-X]|[QY][UW]x[Hn]IiA6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ID([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gI[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yIgO([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[\\x2b\\x2f-9A-Za-z]ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*ICJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]I([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*IDoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]A6I[km]5[Pv][Tb][km][U-X]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]y([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiJ[Ou][Tb][02]5[Fl]|[QY][UW]x[Hn]Ijoi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z]{2}[159BFJNRVZdhlptx][Bh][Tb][EG]ci([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[048AEIMQUYcgkosw]gOiAi[Tb][km]9[Ou][RZ][Q-Za-f]|[\\x2b\\x2f-9A-Za-z][02EGUWkm]F[Ms][RZ]yI6([048ACEIMQSUYcgikoswy]|[\\x2b\\x2f-9A-Za-z]I)*[CSiy]Ai[Tb][km]9[Ou][RZ][Q-Za-f])[A-Za-z0-9+-/]*\\.[A-Za-z0-9+_\\-/]+\\.(?:[A-Za-z0-9+_\\-/]+)?$", - "options": { - "case_sensitive": true - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-931-001", - "name": "RFI: URL Payload to well known RFI target", - "tags": { - "type": "rfi", - "category": "attack_attempt", - "cwe": "98", - "capec": "1000/152/175/253/193", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "^(?i:file|ftps?|https?).*/rfiinc\\.txt\\?+$", - "options": { - "case_sensitive": true, - "min_length": 17 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-932-100", - "name": "Shell spawn executing network command", - "tags": { - "type": "command_injection", - "category": "attack_attempt", - "cwe": "77", - "capec": "1000/152/248/88", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:(?:['\"\\x60({|;&]|(?:^|['\"\\x60({|;&])(?:cmd(?:\\.exe)?\\s+(?:/\\w(?::\\w+)?\\s+)*))(?:ping|curl|wget|telnet)|\\bnslookup)[\\s,]", - "options": { - "case_sensitive": true, - "min_length": 5 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-934-001", - "name": "XXE - XML file loads external entity", - "tags": { - "type": "xxe", - "category": "attack_attempt", - "cwe": "91", - "capec": "1000/152/248/250", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.body" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?:<\\?xml[^>]*>.*)]+SYSTEM\\s+[^>]+>", - "options": { - "case_sensitive": false, - "min_length": 24 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "dog-941-001", - "name": "XSS in source property", - "tags": { - "type": "xss", - "category": "attack_attempt", - "cwe": "83", - "capec": "1000/152/242/63/591/243", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - }, - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "referer" - ] - }, - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "<(?:iframe|esi:include)(?:(?:\\s|/)*\\w+=[\"'\\w]+)*(?:\\s|/)*src(?:doc)?=[\"']?(?:data:|javascript:|http:|dns:|//)[^\\s'\"]+['\"]?", - "options": { - "min_length": 14 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls", - "urlDecodeUni" - ] - }, - { - "id": "dog-942-001", - "name": "Blind XSS callback domains", - "tags": { - "type": "xss", - "category": "attack_attempt", - "cwe": "83", - "capec": "1000/152/242/63/591/243", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "https?:\\/\\/(?:.*\\.)?(?:bxss\\.(?:in|me)|xss\\.ht|js\\.rip)", - "options": { - "case_sensitive": false - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "nfd-000-001", - "name": "Detect common directory discovery scans", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "phrase_match", - "parameters": { - "options": { - "enforce_word_boundary": true - }, - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "list": [ - "/wordpress/", - "/etc/", - "/login.php", - "/install.php", - "/administrator", - "/admin.php", - "/wp-config", - "/phpmyadmin", - "/fckeditor", - "/mysql", - "/manager/html", - ".htaccess", - "/config.php", - "/configuration", - "/cgi-bin/php", - "/search.php", - "/tinymce", - "/tiny_mce", - "/settings.php", - "../../..", - "/install/", - "/download.php", - "/webdav", - "/forum.php", - "/user.php", - "/style.php", - "/jmx-console", - "/modules.php", - "/include.php", - "/default.asp", - "/help.php", - "/database.yml", - "/database.yml.pgsql", - "/database.yml.sqlite3", - "/database.yml.sqlite", - "/database.yml.mysql", - ".%2e/", - "/view.php", - "/header.php", - "/search.asp", - "%5c%5c", - "/server/php/", - "/invoker/jmxinvokerservlet", - "/phpmyadmin/index.php", - "/data/admin/allowurl.txt", - "/verify.php", - "/misc/ajax.js", - "/.idea", - "/module.php", - "/backup.rar", - "/backup.tar", - "/backup.zip", - "/backup.7z", - "/backup.gz", - "/backup.tgz", - "/backup.tar.gz", - "waitfor%20delay", - "/calendar.php", - "/news.php", - "/dompdf.php", - "))))))))))))))))", - "/web.config", - "tree.php", - "/cgi-bin-sdb/printenv", - "/comments.php", - "/detail.asp", - "/license.txt", - "/admin.asp", - "/auth.php", - "/list.php", - "/content.php", - "/mod.php", - "/mini.php", - "/install.pgsql", - "/install.mysql", - "/install.sqlite", - "/install.sqlite3", - "/install.txt", - "/install.md", - "/doku.php", - "/main.asp", - "/myadmin", - "/force-download.php", - "/iisprotect/admin", - "/.gitignore", - "/print.php", - "/common.php", - "/mainfile.php", - "/functions.php", - "/scripts/setup.php", - "/faq.php", - "/op/op.login.php", - "/home.php", - "/includes/hnmain.inc.php3", - "/preview.php", - "/dump.rar", - "/dump.tar", - "/dump.zip", - "/dump.7z", - "/dump.gz", - "/dump.tgz", - "/dump.tar.gz", - "/thumbnail.php", - "/sendcard.php", - "/global.asax", - "/directory.php", - "/footer.php", - "/error.asp", - "/forum.asp", - "/save.php", - "/htmlsax3.php", - "/adm/krgourl.php", - "/includes/converter.inc.php", - "/nucleus/libs/pluginadmin.php", - "/base_qry_common.php", - "/fileadmin", - "/bitrix/admin/", - "/adm.php", - "/util/barcode.php", - "/action.php", - "/rss.asp", - "/downloads.php", - "/page.php", - "/snarf_ajax.php", - "/fck/editor", - "/sendmail.php", - "/detail.php", - "/iframe.php", - "/swfupload.swf", - "/jenkins/login", - "/phpmyadmin/main.php", - "/phpmyadmin/scripts/setup.php", - "/user/index.php", - "/checkout.php", - "/process.php", - "/ks_inc/ajax.js", - "/export.php", - "/register.php", - "/cart.php", - "/console.php", - "/friend.php", - "/readmsg.php", - "/install.asp", - "/dagent/downloadreport.asp", - "/system/index.php", - "/core/changelog.txt", - "/js/util.js", - "/interna.php", - "/gallery.php", - "/links.php", - "/data/admin/ver.txt", - "/language/zh-cn.xml", - "/productdetails.asp", - "/admin/template/article_more/config.htm", - "/components/com_moofaq/includes/file_includer.php", - "/licence.txt", - "/rss.xsl", - "/vtigerservice.php", - "/mysql/main.php", - "/passwiki.php", - "/scr/soustab.php", - "/global.php", - "/email.php", - "/user.asp", - "/msd", - "/products.php", - "/cultbooking.php", - "/cron.php", - "/static/js/admincp.js", - "/comment.php", - "/maintainers", - "/modules/plain/adminpart/addplain.php", - "/wp-content/plugins/ungallery/source_vuln.php", - "/upgrade.txt", - "/category.php", - "/index_logged.php", - "/members.asp", - "/script/html.js", - "/images/ad.js", - "/awstats/awstats.pl", - "/includes/esqueletos/skel_null.php", - "/modules/profile/user.php", - "/window_top.php", - "/openbrowser.php", - "/thread.php", - "tinfoil_xss", - "/includes/include.php", - "/urheber.php", - "/header.inc.php", - "/mysqldumper", - "/display.php", - "/website.php", - "/stats.php", - "/assets/plugins/mp3_id/mp3_id.php", - "/siteminderagent/forms/smpwservices.fcc", - "/eval-stdin.php" - ] - } - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "nfd-000-002", - "name": "Detect failed attempt to fetch readme files", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "readme\\.[\\.a-z0-9]+$", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "nfd-000-003", - "name": "Detect failed attempt to fetch Java EE resource files", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "^(?:.*web\\-inf)(?:.*web\\.xml).*$", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "nfd-000-004", - "name": "Detect failed attempt to fetch code files", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "\\.(java|pyc?|rb|class)\\b", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "nfd-000-005", - "name": "Detect failed attempt to fetch source code archives", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "\\.(sql|log|ndb|gz|zip|tar\\.gz|tar|regVV|reg|conf|bz2|ini|db|war|bat|inc|btr|server|ds|conf|config|admin|master|sln|bak)\\b(?:[^.]|$)", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "nfd-000-006", - "name": "Detect failed attempt to fetch sensitive files", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "\\.(cgi|bat|dll|exe|key|cert|crt|pem|der|pkcs|pkcs|pkcs[0-9]*|nsf|jsa|war|java|class|vb|vba|so|git|svn|hg|cvs)([^a-zA-Z0-9_]|$)", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "nfd-000-007", - "name": "Detect failed attempt to fetch archives", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "/[\\d\\-_]*\\.(rar|tar|zip|7z|gz|tgz|tar.gz)", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "nfd-000-008", - "name": "Detect failed attempt to trigger incorrect application behavior", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "(/(administrator/components/com.*\\.php|response\\.write\\(.+\\))|select\\(.+\\)from|\\(.*sleep\\(.+\\)|(%[a-zA-Z0-9]{2}[a-zA-Z]{0,1})+\\))", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "nfd-000-009", - "name": "Detect failed attempt to leak the structure of the application", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "/(login\\.rol|LICENSE|[\\w-]+\\.(plx|pwd))$", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "nfd-000-010", - "name": "Detect failed attempts to find API documentation", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "0" - }, - "conditions": [ - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.response.status" - } - ], - "regex": "^404$", - "options": { - "case_sensitive": true - } - } - }, - { - "operator": "match_regex", - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - } - ], - "regex": "(?:/swagger\\b|/api[-/]docs?\\b)", - "options": { - "case_sensitive": false - } - } - } - ], - "transformers": [] - }, - { - "id": "rasp-930-100", - "name": "Local file inclusion exploit", - "tags": { - "type": "lfi", - "category": "vulnerability_trigger", - "cwe": "22", - "capec": "1000/255/153/126", - "confidence": "0", - "module": "rasp" - }, - "conditions": [ - { - "parameters": { - "resource": [ - { - "address": "server.io.fs.file" - } - ], - "params": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ] - }, - "operator": "lfi_detector" - } - ], - "transformers": [], - "on_match": [ - "stack_trace" - ] - }, - { - "id": "rasp-932-100", - "name": "Command injection exploit", - "tags": { - "type": "command_injection", - "category": "vulnerability_trigger", - "cwe": "77", - "capec": "1000/152/248/88", - "confidence": "0", - "module": "rasp" - }, - "conditions": [ - { - "parameters": { - "resource": [ - { - "address": "server.sys.shell.cmd" - } - ], - "params": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ] - }, - "operator": "shi_detector" - } - ], - "transformers": [], - "on_match": [ - "stack_trace" - ] - }, - { - "id": "rasp-934-100", - "name": "Server-side request forgery exploit", - "tags": { - "type": "ssrf", - "category": "vulnerability_trigger", - "cwe": "918", - "capec": "1000/225/115/664", - "confidence": "0", - "module": "rasp" - }, - "conditions": [ - { - "parameters": { - "resource": [ - { - "address": "server.io.net.url" - } - ], - "params": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ] - }, - "operator": "ssrf_detector" - } - ], - "transformers": [], - "on_match": [ - "stack_trace" - ] - }, - { - "id": "rasp-942-100", - "name": "SQL injection exploit", - "tags": { - "type": "sql_injection", - "category": "vulnerability_trigger", - "cwe": "89", - "capec": "1000/152/248/66", - "confidence": "0", - "module": "rasp" - }, - "conditions": [ - { - "parameters": { - "resource": [ - { - "address": "server.db.statement" - } - ], - "params": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "db_type": [ - { - "address": "server.db.system" - } - ] - }, - "operator": "sqli_detector@v2" - } - ], - "transformers": [], - "on_match": [ - "stack_trace" - ] - }, - { - "id": "sqr-000-001", - "name": "SSRF: Try to access the credential manager of the main cloud services", - "tags": { - "type": "ssrf", - "category": "attack_attempt", - "cwe": "918", - "capec": "1000/225/115/664", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i)^\\W*((http|ftp)s?://)?\\W*((::f{4}:)?(169|(0x)?0*a9|0+251)\\.?(254|(0x)?0*fe|0+376)[0-9a-fx\\.:]+|metadata\\.google\\.internal|metadata\\.goog)\\W*/", - "options": { - "min_length": 4 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "sqr-000-002", - "name": "Server-side Javascript injection: Try to detect obvious JS injection", - "tags": { - "type": "js_code_injection", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "require\\(['\"][\\w\\.]+['\"]\\)|process\\.\\w+\\([\\w\\.]*\\)|\\.toString\\(\\)", - "options": { - "min_length": 4 - } - }, - "operator": "match_regex" - } - ], - "transformers": [ - "removeNulls" - ] - }, - { - "id": "sqr-000-008", - "name": "Windows: Detect attempts to exfiltrate .ini files", - "tags": { - "type": "command_injection", - "category": "attack_attempt", - "cwe": "78", - "capec": "1000/152/248/88", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i)[&|]\\s*type\\s+%\\w+%\\\\+\\w+\\.ini\\s*[&|]" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "sqr-000-009", - "name": "Linux: Detect attempts to exfiltrate passwd files", - "tags": { - "type": "command_injection", - "category": "attack_attempt", - "cwe": "78", - "capec": "1000/152/248/88", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i)[&|]\\s*cat\\s*\\/etc\\/[\\w\\.\\/]*passwd\\s*[&|]" - }, - "operator": "match_regex" - } - ], - "transformers": [ - "cmdLine" - ] - }, - { - "id": "sqr-000-010", - "name": "Windows: Detect attempts to timeout a shell", - "tags": { - "type": "command_injection", - "category": "attack_attempt", - "cwe": "78", - "capec": "1000/152/248/88", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(?i)[&|]\\s*timeout\\s+/t\\s+\\d+\\s*[&|]" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "sqr-000-011", - "name": "SSRF: Try to access internal OMI service (CVE-2021-38647)", - "tags": { - "type": "ssrf", - "category": "attack_attempt", - "cwe": "918", - "capec": "1000/225/115/664", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "http(s?):\\/\\/([A-Za-z0-9\\.\\-\\_]+|\\[[A-Fa-f0-9\\:]+\\]|):5986\\/wsman", - "options": { - "min_length": 4 - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "sqr-000-012", - "name": "SSRF: Detect SSRF attempt on internal service", - "tags": { - "type": "ssrf", - "category": "attack_attempt", - "cwe": "918", - "capec": "1000/225/115/664", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "^(jar:)?(http|https):\\/\\/([0-9oq]{1,5}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}|[0-9]{1,10})(:[0-9]{1,5})?(\\/[^:@]*)?$" - }, - "operator": "match_regex" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "sqr-000-013", - "name": "SSRF: Detect SSRF attempts using IPv6 or octal/hexdecimal obfuscation", - "tags": { - "type": "ssrf", - "category": "attack_attempt", - "cwe": "918", - "capec": "1000/225/115/664", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "^(jar:)?(http|https):\\/\\/((\\[)?[:0-9a-f\\.x]{2,}(\\])?)(:[0-9]{1,5})?(\\/[^:@]*)?$" - }, - "operator": "match_regex" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "sqr-000-014", - "name": "SSRF: Detect SSRF domain redirection bypass", - "tags": { - "type": "ssrf", - "category": "attack_attempt", - "cwe": "918", - "capec": "1000/225/115/664", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "grpc.server.request.message" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "(http|https):\\/\\/(?:.*\\.)?(?:burpcollaborator\\.net|localtest\\.me|mail\\.ebc\\.apple\\.com|bugbounty\\.dod\\.network|.*\\.[nx]ip\\.io|oastify\\.com|oast\\.(?:pro|live|site|online|fun|me)|sslip\\.io|requestbin\\.com|requestbin\\.net|hookbin\\.com|webhook\\.site|canarytokens\\.com|interact\\.sh|ngrok\\.io|bugbounty\\.click|prbly\\.win|qualysperiscope\\.com|vii\\.one|act1on3\\.ru)" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "sqr-000-015", - "name": "SSRF: Detect SSRF attempt using non HTTP protocol", - "tags": { - "type": "ssrf", - "category": "attack_attempt", - "cwe": "918", - "capec": "1000/225/115/664", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "^(jar:)?((file|netdoc):\\/\\/[\\\\\\/]+|(dict|gopher|ldap|sftp|tftp):\\/\\/.*:[0-9]{1,5})" - }, - "operator": "match_regex" - } - ], - "transformers": [ - "lowercase" - ] - }, - { - "id": "sqr-000-017", - "name": "Log4shell: Attempt to exploit log4j CVE-2021-44228", - "tags": { - "type": "exploit_detection", - "category": "attack_attempt", - "cwe": "94", - "capec": "1000/152/242", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.uri.raw" - }, - { - "address": "server.request.query" - }, - { - "address": "server.request.body" - }, - { - "address": "server.request.path_params" - }, - { - "address": "server.request.headers.no_cookies" - }, - { - "address": "graphql.server.all_resolvers" - }, - { - "address": "graphql.server.resolver" - } - ], - "regex": "\\${[^j]*j[^n]*n[^d]*d[^i]*i[^:]*:[^}]*}" - }, - "operator": "match_regex" - } - ], - "transformers": [ - "unicode_normalize" - ] - }, - { - "id": "ua0-600-0xx", - "name": "Joomla exploitation tool", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Joomla exploitation tool", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "JDatabaseDriverMysqli" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-10x", - "name": "Nessus", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Nessus", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)^Nessus(/|([ :]+SOAP))" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-12x", - "name": "Arachni", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Arachni", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "^Arachni\\/v" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-13x", - "name": "Jorgee", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Jorgee", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bJorgee\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-14x", - "name": "Probely", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Probely", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bProbely\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-15x", - "name": "Metis", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Metis", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bmetis\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-16x", - "name": "SQL power injector", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "SQLPowerInjector", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "sql power injector" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-18x", - "name": "N-Stealth", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "N-Stealth", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bn-stealth\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-19x", - "name": "Brutus", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Brutus", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bbrutus\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-1xx", - "name": "Shellshock exploitation tool", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "\\(\\) \\{ :; *\\}" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-20x", - "name": "Netsparker", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Netsparker", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "\\bnetsparker\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-22x", - "name": "JAASCois", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "JAASCois", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bjaascois\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-26x", - "name": "Nsauditor", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Nsauditor", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bnsauditor\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-27x", - "name": "Paros", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Paros", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)Mozilla/.* Paros/" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-28x", - "name": "DirBuster", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "DirBuster", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bdirbuster\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-29x", - "name": "Pangolin", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Pangolin", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bpangolin\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-2xx", - "name": "Qualys", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Qualys", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bqualys\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-30x", - "name": "SQLNinja", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "SQLNinja", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bsqlninja\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-31x", - "name": "Nikto", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Nikto", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "\\(Nikto/[\\d\\.]+\\)" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-33x", - "name": "BlackWidow", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "BlackWidow", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bblack\\s?widow\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-34x", - "name": "Grendel-Scan", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Grendel-Scan", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bgrendel-scan\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-35x", - "name": "Havij", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Havij", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bhavij\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-36x", - "name": "w3af", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "w3af", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bw3af\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-37x", - "name": "Nmap", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Nmap", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "nmap (nse|scripting engine)" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-39x", - "name": "Nessus Scripted", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Nessus", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)^'?[a-z0-9_]+\\.nasl'?$" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-3xx", - "name": "Evil Scanner", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "EvilScanner", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bevilScanner\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-40x", - "name": "WebFuck", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "WebFuck", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bWebFuck\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-42x", - "name": "OpenVAS", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "OpenVAS", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)OpenVAS\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-43x", - "name": "Spider-Pig", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Spider-Pig", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "Powered by Spider-Pig by tinfoilsecurity\\.com" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-44x", - "name": "Zgrab", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Zgrab", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "Mozilla/\\d+.\\d+ zgrab" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-45x", - "name": "Zmeu", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Zmeu", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bZmEu\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-47x", - "name": "GoogleSecurityScanner", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "GoogleSecurityScanner", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bGoogleSecurityScanner\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-48x", - "name": "Commix", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Commix", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "^commix\\/" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-49x", - "name": "Gobuster", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Gobuster", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "^gobuster\\/" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-4xx", - "name": "CGIchk", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "CGIchk", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bcgichk\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-51x", - "name": "FFUF", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "FFUF", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)^Fuzz Faster U Fool\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-52x", - "name": "Nuclei", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Nuclei", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)^Nuclei\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-53x", - "name": "Tsunami", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Tsunami", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bTsunamiSecurityScanner\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-54x", - "name": "Nimbostratus", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Nimbostratus", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bnimbostratus-bot\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-55x", - "name": "Datadog test scanner: user-agent", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Datadog Canary Test", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - }, - { - "address": "grpc.server.request.metadata", - "key_path": [ - "dd-canary" - ] - } - ], - "regex": "^dd-test-scanner-log(?:$|/|\\s)" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-56x", - "name": "Datadog test scanner - blocking version: user-agent", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Datadog Canary Test", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - }, - { - "address": "grpc.server.request.metadata", - "key_path": [ - "dd-canary" - ] - } - ], - "regex": "^dd-test-scanner-log-block(?:$|/|\\s)" - }, - "operator": "match_regex" - } - ], - "transformers": [], - "on_match": [ - "block" - ] - }, - { - "id": "ua0-600-57x", - "name": "AlertLogic", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "AlertLogic", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "\\bAlertLogic-MDR-" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-58x", - "name": "wfuzz", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "wfuzz", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "\\bwfuzz\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-59x", - "name": "Detectify", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Detectify", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "\\bdetectify\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-5xx", - "name": "Blind SQL Injection Brute Forcer", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "BSQLBF", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)\\bbsqlbf\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-60x", - "name": "masscan", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "masscan", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "^masscan/" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-61x", - "name": "WPScan", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "WPScan", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "^wpscan\\b" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-62x", - "name": "Aon pentesting services", - "tags": { - "type": "commercial_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Aon", - "confidence": "0" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "^Aon/" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-63x", - "name": "FeroxBuster", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "feroxbuster", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "^feroxbuster/" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-6xx", - "name": "Stealthy scanner", - "tags": { - "type": "security_scanner", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "mozilla/4\\.0 \\(compatible(; msie (?:6\\.0; (?:win32|Windows NT 5\\.0)|4\\.0; Windows NT))?\\)", - "options": { - "case_sensitive": false - } - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-7xx", - "name": "SQLmap", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "SQLmap", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "^sqlmap/" - }, - "operator": "match_regex" - } - ], - "transformers": [] - }, - { - "id": "ua0-600-9xx", - "name": "Skipfish", - "tags": { - "type": "attack_tool", - "category": "attack_attempt", - "cwe": "200", - "capec": "1000/118/169", - "tool_name": "Skipfish", - "confidence": "1" - }, - "conditions": [ - { - "parameters": { - "inputs": [ - { - "address": "server.request.headers.no_cookies", - "key_path": [ - "user-agent" - ] - } - ], - "regex": "(?i)mozilla/5\\.0 sf/" - }, - "operator": "match_regex" - } - ], - "transformers": [] - } - ], - "processors": [ - { - "id": "http-endpoint-fingerprint", - "generator": "http_endpoint_fingerprint", - "conditions": [ - { - "operator": "exists", - "parameters": { - "inputs": [ - { - "address": "waf.context.event" - }, - { - "address": "server.business_logic.users.login.failure" - }, - { - "address": "server.business_logic.users.login.success" - } - ] - } - } - ], - "parameters": { - "mappings": [ - { - "method": [ - { - "address": "server.request.method" - } - ], - "uri_raw": [ - { - "address": "server.request.uri.raw" - } - ], - "body": [ - { - "address": "server.request.body" - } - ], - "query": [ - { - "address": "server.request.query" - } - ], - "output": "_dd.appsec.fp.http.endpoint" - } - ] - }, - "evaluate": false, - "output": true - }, - { - "id": "extract-content", - "generator": "extract_schema", - "conditions": [ - { - "operator": "equals", - "parameters": { - "inputs": [ - { - "address": "waf.context.processor", - "key_path": [ - "extract-schema" - ] - } - ], - "type": "boolean", - "value": true - } - } - ], - "parameters": { - "mappings": [ - { - "inputs": [ - { - "address": "server.request.body" - } - ], - "output": "_dd.appsec.s.req.body" - }, - { - "inputs": [ - { - "address": "server.request.cookies" - } - ], - "output": "_dd.appsec.s.req.cookies" - }, - { - "inputs": [ - { - "address": "server.request.query" - } - ], - "output": "_dd.appsec.s.req.query" - }, - { - "inputs": [ - { - "address": "server.request.path_params" - } - ], - "output": "_dd.appsec.s.req.params" - }, - { - "inputs": [ - { - "address": "server.response.body" - } - ], - "output": "_dd.appsec.s.res.body" - }, - { - "inputs": [ - { - "address": "graphql.server.all_resolvers" - } - ], - "output": "_dd.appsec.s.graphql.all_resolvers" - }, - { - "inputs": [ - { - "address": "graphql.server.resolver" - } - ], - "output": "_dd.appsec.s.graphql.resolver" - } - ], - "scanners": [ - { - "tags": { - "category": "payment" - } - }, - { - "tags": { - "category": "pii" - } - } - ] - }, - "evaluate": false, - "output": true - }, - { - "id": "extract-headers", - "generator": "extract_schema", - "conditions": [ - { - "operator": "equals", - "parameters": { - "inputs": [ - { - "address": "waf.context.processor", - "key_path": [ - "extract-schema" - ] - } - ], - "type": "boolean", - "value": true - } - } - ], - "parameters": { - "mappings": [ - { - "inputs": [ - { - "address": "server.request.headers.no_cookies" - } - ], - "output": "_dd.appsec.s.req.headers" - }, - { - "inputs": [ - { - "address": "server.response.headers.no_cookies" - } - ], - "output": "_dd.appsec.s.res.headers" - } - ], - "scanners": [ - { - "tags": { - "category": "credentials" - } - }, - { - "tags": { - "category": "pii" - } - } - ] - }, - "evaluate": false, - "output": true - }, - { - "id": "http-header-fingerprint", - "generator": "http_header_fingerprint", - "conditions": [ - { - "operator": "exists", - "parameters": { - "inputs": [ - { - "address": "waf.context.event" - }, - { - "address": "server.business_logic.users.login.failure" - }, - { - "address": "server.business_logic.users.login.success" - } - ] - } - } - ], - "parameters": { - "mappings": [ - { - "headers": [ - { - "address": "server.request.headers.no_cookies" - } - ], - "output": "_dd.appsec.fp.http.header" - } - ] - }, - "evaluate": false, - "output": true - }, - { - "id": "http-network-fingerprint", - "generator": "http_network_fingerprint", - "conditions": [ - { - "operator": "exists", - "parameters": { - "inputs": [ - { - "address": "waf.context.event" - }, - { - "address": "server.business_logic.users.login.failure" - }, - { - "address": "server.business_logic.users.login.success" - } - ] - } - } - ], - "parameters": { - "mappings": [ - { - "headers": [ - { - "address": "server.request.headers.no_cookies" - } - ], - "output": "_dd.appsec.fp.http.network" - } - ] - }, - "evaluate": false, - "output": true - }, - { - "id": "session-fingerprint", - "generator": "session_fingerprint", - "conditions": [ - { - "operator": "exists", - "parameters": { - "inputs": [ - { - "address": "waf.context.event" - }, - { - "address": "server.business_logic.users.login.failure" - }, - { - "address": "server.business_logic.users.login.success" - } - ] - } - } - ], - "parameters": { - "mappings": [ - { - "cookies": [ - { - "address": "server.request.cookies" - } - ], - "session_id": [ - { - "address": "usr.session_id" - } - ], - "user_id": [ - { - "address": "usr.id" - } - ], - "output": "_dd.appsec.fp.session" - } - ] - }, - "evaluate": false, - "output": true - } - ], - "scanners": [ - { - "id": "406f8606-52c4-4663-8db9-df70f9e8766c", - "name": "ZIP Code", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:zip|postal)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "^[0-9]{5}(?:-[0-9]{4})?$", - "options": { - "case_sensitive": true, - "min_length": 5 - } - } - }, - "tags": { - "type": "zipcode", - "category": "address" - } - }, - { - "id": "JU1sRk3mSzqSUJn6GrVn7g", - "name": "American Express Card Scanner (4+4+4+3 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b3[47]\\d{2}(?:(?:\\s\\d{4}\\s\\d{4}\\s\\d{3})|(?:\\,\\d{4}\\,\\d{4}\\,\\d{3})|(?:-\\d{4}-\\d{4}-\\d{3})|(?:\\.\\d{4}\\.\\d{4}\\.\\d{3}))\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "amex", - "category": "payment" - } - }, - { - "id": "edmH513UTQWcRiQ9UnzHlw-mod", - "name": "American Express Card Scanner (4+6|5+5|6 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b3[47]\\d{2}(?:(?:\\s\\d{5,6}\\s\\d{5,6})|(?:\\.\\d{5,6}\\.\\d{5,6})|(?:-\\d{5,6}-\\d{5,6})|(?:,\\d{5,6},\\d{5,6}))\\b", - "options": { - "case_sensitive": false, - "min_length": 17 - } - } - }, - "tags": { - "type": "card", - "card_type": "amex", - "category": "payment" - } - }, - { - "id": "e6K4h_7qTLaMiAbaNXoSZA", - "name": "American Express Card Scanner (8+7 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b3[47]\\d{6}(?:(?:\\s\\d{7})|(?:\\,\\d{7})|(?:-\\d{7})|(?:\\.\\d{7}))\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "amex", - "category": "payment" - } - }, - { - "id": "K2rZflWzRhGM9HiTc6whyQ", - "name": "American Express Card Scanner (1x15 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b3[47]\\d{13}\\b", - "options": { - "case_sensitive": false, - "min_length": 15 - } - } - }, - "tags": { - "type": "card", - "card_type": "amex", - "category": "payment" - } - }, - { - "id": "9d7756e343cefa22a5c098e1092590f806eb5446", - "name": "Basic Authentication Scanner", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\bauthorization\\b", - "options": { - "case_sensitive": false, - "min_length": 13 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "^basic\\s+[A-Za-z0-9+/=]+", - "options": { - "case_sensitive": false, - "min_length": 7 - } - } - }, - "tags": { - "type": "basic_auth", - "category": "credentials" - } - }, - { - "id": "mZy8XjZLReC9smpERXWnnw", - "name": "Bearer Authentication Scanner", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\bauthorization\\b", - "options": { - "case_sensitive": false, - "min_length": 13 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "^bearer\\s+[-a-z0-9._~+/]{4,}", - "options": { - "case_sensitive": false, - "min_length": 11 - } - } - }, - "tags": { - "type": "bearer_token", - "category": "credentials" - } - }, - { - "id": "450239afc250a19799b6c03dc0e16fd6a4b2a1af", - "name": "Canadian Social Insurance Number Scanner", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:social[\\s_]?(?:insurance(?:\\s+number)?)?|SIN|Canadian[\\s_]?(?:social[\\s_]?(?:insurance)?|insurance[\\s_]?number)?)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b\\d{3}-\\d{3}-\\d{3}\\b", - "options": { - "case_sensitive": false, - "min_length": 11 - } - } - }, - "tags": { - "type": "canadian_sin", - "category": "pii" - } - }, - { - "id": "87a879ff33693b46c8a614d8211f5a2c289beca0", - "name": "Digest Authentication Scanner", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\bauthorization\\b", - "options": { - "case_sensitive": false, - "min_length": 13 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "^digest\\s+", - "options": { - "case_sensitive": false, - "min_length": 7 - } - } - }, - "tags": { - "type": "digest_auth", - "category": "credentials" - } - }, - { - "id": "qWumeP1GQUa_E4ffAnT-Yg", - "name": "American Express Card Scanner (1x14 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "(?:30[0-59]\\d|3[689]\\d{2})(?:\\d{10})", - "options": { - "case_sensitive": false, - "min_length": 14 - } - } - }, - "tags": { - "type": "card", - "card_type": "diners", - "category": "payment" - } - }, - { - "id": "NlTWWM5LS6W0GSqBLuvtRw", - "name": "Diners Card Scanner (4+4+4+2 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:30[0-59]\\d|3[689]\\d{2})(?:(?:\\s\\d{4}\\s\\d{4}\\s\\d{2})|(?:\\,\\d{4}\\,\\d{4}\\,\\d{2})|(?:-\\d{4}-\\d{4}-\\d{2})|(?:\\.\\d{4}\\.\\d{4}\\.\\d{2}))\\b", - "options": { - "case_sensitive": false, - "min_length": 17 - } - } - }, - "tags": { - "type": "card", - "card_type": "diners", - "category": "payment" - } - }, - { - "id": "Xr5VdbQSTXitYGGiTfxBpw", - "name": "Diners Card Scanner (4+6+4 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:30[0-59]\\d|3[689]\\d{2})(?:(?:\\s\\d{6}\\s\\d{4})|(?:\\.\\d{6}\\.\\d{4})|(?:-\\d{6}-\\d{4})|(?:,\\d{6},\\d{4}))\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "diners", - "category": "payment" - } - }, - { - "id": "gAbunN_WQNytxu54DjcbAA-mod", - "name": "Diners Card Scanner (8+6 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:30[0-59]\\d{5}|3[689]\\d{6})\\s?(?:(?:\\s\\d{6})|(?:\\,\\d{6})|(?:-\\d{6})|(?:\\.\\d{6}))\\b", - "options": { - "case_sensitive": false, - "min_length": 14 - } - } - }, - "tags": { - "type": "card", - "card_type": "diners", - "category": "payment" - } - }, - { - "id": "9cs4qCfEQBeX17U7AepOvQ", - "name": "MasterCard Scanner (2x8 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:6221(?:2[6-9]|[3-9][0-9])\\d{2}(?:,\\d{8}|\\s\\d{8}|-\\d{8}|\\.\\d{8})|6229(?:[01][0-9]|2[0-5])\\d{2}(?:,\\d{8}|\\s\\d{8}|-\\d{8}|\\.\\d{8})|(?:6011|65\\d{2}|64[4-9]\\d|622[2-8])\\d{4}(?:,\\d{8}|\\s\\d{8}|-\\d{8}|\\.\\d{8}))\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "discover", - "category": "payment" - } - }, - { - "id": "YBIDWJIvQWW_TFOyU0CGJg", - "name": "Discover Card Scanner (4x4 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:(?:(?:6221(?:2[6-9]|[3-9][0-9])\\d{2}(?:,\\d{4}){2})|(?:6221\\s(?:2[6-9]|[3-9][0-9])\\d{2}(?:\\s\\d{4}){2})|(?:6221\\.(?:2[6-9]|[3-9][0-9])\\d{2}(?:\\.\\d{4}){2})|(?:6221-(?:2[6-9]|[3-9][0-9])\\d{2}(?:-\\d{4}){2}))|(?:(?:6229(?:[01][0-9]|2[0-5])\\d{2}(?:,\\d{4}){2})|(?:6229\\s(?:[01][0-9]|2[0-5])\\d{2}(?:\\s\\d{4}){2})|(?:6229\\.(?:[01][0-9]|2[0-5])\\d{2}(?:\\.\\d{4}){2})|(?:6229-(?:[01][0-9]|2[0-5])\\d{2}(?:-\\d{4}){2}))|(?:(?:6011|65\\d{2}|64[4-9]\\d|622[2-8])(?:(?:\\s\\d{4}){3}|(?:\\.\\d{4}){3}|(?:-\\d{4}){3}|(?:,\\d{4}){3})))\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "discover", - "category": "payment" - } - }, - { - "id": "12cpbjtVTMaMutFhh9sojQ", - "name": "Discover Card Scanner (1x16 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:6221(?:2[6-9]|[3-9][0-9])\\d{10}|6229(?:[01][0-9]|2[0-5])\\d{10}|(?:6011|65\\d{2}|64[4-9]\\d|622[2-8])\\d{12})\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "discover", - "category": "payment" - } - }, - { - "id": "PuXiVTCkTHOtj0Yad1ppsw", - "name": "Standard E-mail Address", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:(?:e[-\\s]?)?mail|address|sender|\\bto\\b|from|recipient)\\b", - "options": { - "case_sensitive": false, - "min_length": 2 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b[\\w!#$%&'*+/=?`{|}~^-]+(?:\\.[\\w!#$%&'*+/=?`{|}~^-]+)*(%40|@)(?:[a-zA-Z0-9-]+\\.)+[a-zA-Z]{2,6}\\b", - "options": { - "case_sensitive": false, - "min_length": 5 - } - } - }, - "tags": { - "type": "email", - "category": "pii" - } - }, - { - "id": "8VS2RKxzR8a_95L5fuwaXQ", - "name": "IBAN", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:iban|account|sender|receiver)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:NO\\d{2}(?:[ \\-]?\\d{4}){2}[ \\-]?\\d{3}|BE\\d{2}(?:[ \\-]?\\d{4}){3}|(?:DK|FO|FI|GL|SD)\\d{2}(?:[ \\-]?\\d{4}){3}[ \\-]?\\d{2}|NL\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?\\d{4}){2}[ \\-]?\\d{2}|MK\\d{2}[ \\-]?\\d{3}[A-Z0-9](?:[ \\-]?[A-Z0-9]{4}){2}[ \\-]?[A-Z0-9]\\d{2}|SI\\d{17}|(?:AT|BA|EE|LT|XK)\\d{18}|(?:LU|KZ|EE|LT)\\d{5}[A-Z0-9]{13}|LV\\d{2}[A-Z]{4}[A-Z0-9]{13}|(?:LI|CH)\\d{2}[ \\-]?\\d{4}[ \\-]?\\d[A-Z0-9]{3}(?:[ \\-]?[A-Z0-9]{4}){2}[ \\-]?[A-Z0-9]|HR\\d{2}(?:[ \\-]?\\d{4}){4}[ \\-]?\\d|GE\\d{2}[ \\-]?[A-Z0-9]{2}\\d{2}\\d{14}|VA\\d{20}|BG\\d{2}[A-Z]{4}\\d{6}[A-Z0-9]{8}|BH\\d{2}[A-Z]{4}[A-Z0-9]{14}|GB\\d{2}[A-Z]{4}(?:[ \\-]?\\d{4}){3}[ \\-]?\\d{2}|IE\\d{2}[ \\-]?[A-Z0-9]{4}(?:[ \\-]?\\d{4}){3}[ \\-]?\\d{2}|(?:CR|DE|ME|RS)\\d{2}(?:[ \\-]?\\d{4}){4}[ \\-]?\\d{2}|(?:AE|TL|IL)\\d{2}(?:[ \\-]?\\d{4}){4}[ \\-]?\\d{3}|GI\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?[A-Z0-9]{4}){3}[ \\-]?[A-Z0-9]{3}|IQ\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?\\d{4}){3}[ \\-]?\\d{3}|MD\\d{2}(?:[ \\-]?[A-Z0-9]{4}){5}|SA\\d{2}[ \\-]?\\d{2}[A-Z0-9]{2}(?:[ \\-]?[A-Z0-9]{4}){4}|RO\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?[A-Z0-9]{4}){4}|(?:PK|VG)\\d{2}[ \\-]?[A-Z0-9]{4}(?:[ \\-]?\\d{4}){4}|AD\\d{2}(?:[ \\-]?\\d{4}){2}(?:[ \\-]?[A-Z0-9]{4}){3}|(?:CZ|SK|ES|SE|TN)\\d{2}(?:[ \\-]?\\d{4}){5}|(?:LY|PT|ST)\\d{2}(?:[ \\-]?\\d{4}){5}[ \\-]?\\d|TR\\d{2}[ \\-]?\\d{4}[ \\-]?\\d[A-Z0-9]{3}(?:[ \\-]?[A-Z0-9]{4}){3}[ \\-]?[A-Z0-9]{2}|IS\\d{2}(?:[ \\-]?\\d{4}){5}[ \\-]?\\d{2}|(?:IT|SM)\\d{2}[ \\-]?[A-Z]\\d{3}[ \\-]?\\d{4}[ \\-]?\\d{3}[A-Z0-9](?:[ \\-]?[A-Z0-9]{4}){2}[ \\-]?[A-Z0-9]{3}|GR\\d{2}[ \\-]?\\d{4}[ \\-]?\\d{3}[A-Z0-9](?:[ \\-]?[A-Z0-9]{4}){3}[A-Z0-9]{3}|(?:FR|MC)\\d{2}(?:[ \\-]?\\d{4}){2}[ \\-]?\\d{2}[A-Z0-9]{2}(?:[ \\-]?[A-Z0-9]{4}){2}[ \\-]?[A-Z0-9]\\d{2}|MR\\d{2}(?:[ \\-]?\\d{4}){5}[ \\-]?\\d{3}|(?:SV|DO)\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?\\d{4}){5}|BY\\d{2}[ \\-]?[A-Z]{4}[ \\-]?\\d{4}(?:[ \\-]?[A-Z0-9]{4}){4}|GT\\d{2}(?:[ \\-]?[A-Z0-9]{4}){6}|AZ\\d{2}[ \\-]?[A-Z0-9]{4}(?:[ \\-]?\\d{5}){4}|LB\\d{2}[ \\-]?\\d{4}(?:[ \\-]?[A-Z0-9]{5}){4}|(?:AL|CY)\\d{2}(?:[ \\-]?\\d{4}){2}(?:[ \\-]?[A-Z0-9]{4}){4}|(?:HU|PL)\\d{2}(?:[ \\-]?\\d{4}){6}|QA\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?[A-Z0-9]{4}){5}[ \\-]?[A-Z0-9]|PS\\d{2}[ \\-]?[A-Z0-9]{4}(?:[ \\-]?\\d{4}){5}[ \\-]?\\d|UA\\d{2}[ \\-]?\\d{4}[ \\-]?\\d{2}[A-Z0-9]{2}(?:[ \\-]?[A-Z0-9]{4}){4}[ \\-]?[A-Z0-9]|BR\\d{2}(?:[ \\-]?\\d{4}){5}[ \\-]?\\d{3}[A-Z0-9][ \\-]?[A-Z0-9]|EG\\d{2}(?:[ \\-]?\\d{4}){6}\\d|MU\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?\\d{4}){4}\\d{3}[A-Z][ \\-]?[A-Z]{2}|(?:KW|JO)\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?[A-Z0-9]{4}){5}[ \\-]?[A-Z0-9]{2}|MT\\d{2}[ \\-]?[A-Z]{4}[ \\-]?\\d{4}[ \\-]?\\d[A-Z0-9]{3}(?:[ \\-]?[A-Z0-9]{3}){4}[ \\-]?[A-Z0-9]{3}|SC\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?\\d{4}){5}[ \\-]?[A-Z]{3}|LC\\d{2}[ \\-]?[A-Z]{4}(?:[ \\-]?[A-Z0-9]{4}){6})\\b", - "options": { - "case_sensitive": false, - "min_length": 15 - } - } - }, - "tags": { - "type": "iban", - "category": "payment" - } - }, - { - "id": "h6WJcecQTwqvN9KeEtwDvg", - "name": "JCB Card Scanner (1x16 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b35(?:2[89]|[3-9][0-9])(?:\\d{12})\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "jcb", - "category": "payment" - } - }, - { - "id": "gcEaMu_VSJ2-bGCEkgyC0w", - "name": "JCB Card Scanner (2x8 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b35(?:2[89]|[3-9][0-9])\\d{4}(?:(?:,\\d{8})|(?:-\\d{8})|(?:\\s\\d{8})|(?:\\.\\d{8}))\\b", - "options": { - "case_sensitive": false, - "min_length": 17 - } - } - }, - "tags": { - "type": "card", - "card_type": "jcb", - "category": "payment" - } - }, - { - "id": "imTliuhXT5GAeRNhqChXQQ", - "name": "JCB Card Scanner (4x4 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b35(?:2[89]|[3-9][0-9])(?:(?:\\s\\d{4}){3}|(?:\\.\\d{4}){3}|(?:-\\d{4}){3}|(?:,\\d{4}){3})\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "jcb", - "category": "payment" - } - }, - { - "id": "9osY3xc9Q7ONAV0zw9Uz4A", - "name": "JSON Web Token", - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\bey[I-L][\\w=-]+\\.ey[I-L][\\w=-]+(\\.[\\w.+\\/=-]+)?\\b", - "options": { - "case_sensitive": false, - "min_length": 20 - } - } - }, - "tags": { - "type": "json_web_token", - "category": "credentials" - } - }, - { - "id": "d1Q9D3YMRxuVKf6CZInJPw", - "name": "Maestro Card Scanner (1x16 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:5[06-9]\\d{2}|6\\d{3})(?:\\d{12})\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "maestro", - "category": "payment" - } - }, - { - "id": "M3YIQKKjRVmoeQuM3pjzrw", - "name": "Maestro Card Scanner (2x8 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:5[06-9]\\d{6}|6\\d{7})(?:\\s\\d{8}|\\.\\d{8}|-\\d{8}|,\\d{8})\\b", - "options": { - "case_sensitive": false, - "min_length": 17 - } - } - }, - "tags": { - "type": "card", - "card_type": "maestro", - "category": "payment" - } - }, - { - "id": "hRxiQBlSSVKcjh5U7LZYLA", - "name": "Maestro Card Scanner (4x4 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:5[06-9]\\d{2}|6\\d{3})(?:(?:\\s\\d{4}){3}|(?:\\.\\d{4}){3}|(?:-\\d{4}){3}|(?:,\\d{4}){3})\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "maestro", - "category": "payment" - } - }, - { - "id": "NwhIYNS4STqZys37WlaIKA", - "name": "MasterCard Scanner (2x8 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:(?:5[1-5]\\d{2})|(?:222[1-9])|(?:22[3-9]\\d)|(?:2[3-6]\\d{2})|(?:27[0-1]\\d)|(?:2720))(?:(?:\\d{4}(?:(?:,\\d{8})|(?:-\\d{8})|(?:\\s\\d{8})|(?:\\.\\d{8}))))\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "mastercard", - "category": "payment" - } - }, - { - "id": "axxJkyjhRTOuhjwlsA35Vw", - "name": "MasterCard Scanner (4x4 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:(?:5[1-5]\\d{2})|(?:222[1-9])|(?:22[3-9]\\d)|(?:2[3-6]\\d{2})|(?:27[0-1]\\d)|(?:2720))(?:(?:\\s\\d{4}){3}|(?:\\.\\d{4}){3}|(?:-\\d{4}){3}|(?:,\\d{4}){3})\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "mastercard", - "category": "payment" - } - }, - { - "id": "76EhmoK3TPqJcpM-fK0pLw", - "name": "MasterCard Scanner (1x16 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:(?:5[1-5]\\d{2})|(?:222[1-9])|(?:22[3-9]\\d)|(?:2[3-6]\\d{2})|(?:27[0-1]\\d)|(?:2720))(?:\\d{12})\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "mastercard", - "category": "payment" - } - }, - { - "id": "18b608bd7a764bff5b2344c0", - "name": "Phone number", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\bphone|number|mobile\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "^(?:\\(\\+\\d{1,3}\\)|\\+\\d{1,3}|00\\d{1,3})?[-\\s\\.]?(?:\\(\\d{3}\\)[-\\s\\.]?)?(?:\\d[-\\s\\.]?){6,10}$", - "options": { - "case_sensitive": false, - "min_length": 6 - } - } - }, - "tags": { - "type": "phone", - "category": "pii" - } - }, - { - "id": "de0899e0cbaaa812bb624cf04c912071012f616d-mod", - "name": "UK National Insurance Number Scanner", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "^nin$|\\binsurance\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b[A-Z]{2}[\\s-]?\\d{6}[\\s-]?[A-Z]?\\b", - "options": { - "case_sensitive": false, - "min_length": 8 - } - } - }, - "tags": { - "type": "uk_nin", - "category": "pii" - } - }, - { - "id": "d962f7ddb3f55041e39195a60ff79d4814a7c331", - "name": "US Passport Scanner", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\bpassport\\b", - "options": { - "case_sensitive": false, - "min_length": 8 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b[0-9A-Z]{9}\\b|\\b[0-9]{6}[A-Z][0-9]{2}\\b", - "options": { - "case_sensitive": false, - "min_length": 8 - } - } - }, - "tags": { - "type": "passport_number", - "category": "pii" - } - }, - { - "id": "7771fc3b-b205-4b93-bcef-28608c5c1b54", - "name": "United States Social Security Number Scanner", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:SSN|(?:(?:social)?[\\s_]?(?:security)?[\\s_]?(?:number)?)?)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b\\d{3}[-\\s\\.]{1}\\d{2}[-\\s\\.]{1}\\d{4}\\b", - "options": { - "case_sensitive": false, - "min_length": 11 - } - } - }, - "tags": { - "type": "us_ssn", - "category": "pii" - } - }, - { - "id": "ac6d683cbac77f6e399a14990793dd8fd0fca333", - "name": "US Vehicle Identification Number Scanner", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:vehicle[_\\s-]*identification[_\\s-]*number|vin)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b[A-HJ-NPR-Z0-9]{17}\\b", - "options": { - "case_sensitive": false, - "min_length": 17 - } - } - }, - "tags": { - "type": "vin", - "category": "pii" - } - }, - { - "id": "wJIgOygRQhKkR69b_9XbRQ", - "name": "Visa Card Scanner (2x8 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b4\\d{3}(?:(?:\\d{4}(?:(?:,\\d{8})|(?:-\\d{8})|(?:\\s\\d{8})|(?:\\.\\d{8}))))\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "visa", - "category": "payment" - } - }, - { - "id": "0o71SJxXQNK7Q6gMbBesFQ", - "name": "Visa Card Scanner (4x4 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "\\b4\\d{3}(?:(?:,\\d{4}){3}|(?:\\s\\d{4}){3}|(?:\\.\\d{4}){3}|(?:-\\d{4}){3})\\b", - "options": { - "case_sensitive": false, - "min_length": 16 - } - } - }, - "tags": { - "type": "card", - "card_type": "visa", - "category": "payment" - } - }, - { - "id": "QrHD6AfgQm6z-j0wStxTvA", - "name": "Visa Card Scanner (1x15 & 1x16 & 1x19 digits)", - "key": { - "operator": "match_regex", - "parameters": { - "regex": "\\b(?:card|cc|credit|debit|payment|amex|visa|mastercard|maestro|discover|jcb|diner)\\b", - "options": { - "case_sensitive": false, - "min_length": 3 - } - } - }, - "value": { - "operator": "match_regex", - "parameters": { - "regex": "4[0-9]{12}(?:[0-9]{3})?", - "options": { - "case_sensitive": false, - "min_length": 13 - } - } - }, - "tags": { - "type": "card", - "card_type": "visa", - "category": "payment" - } - } - ] -} \ No newline at end of file diff --git a/vendor/github.com/DataDog/appsec-internal-go/httpsec/client_ip.go b/vendor/github.com/DataDog/appsec-internal-go/httpsec/client_ip.go deleted file mode 100644 index 3761a773..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/httpsec/client_ip.go +++ /dev/null @@ -1,126 +0,0 @@ -package httpsec - -import ( - "net" - "net/textproto" - "strings" - - "github.com/DataDog/appsec-internal-go/netip" -) - -const ( - // RemoteIPTag is the tag name used for the remote HTTP request IP address. - RemoteIPTag = "network.client.ip" - // ClientIPTag is the tag name used for the client IP deduced from the HTTP - // request headers with ClientIP(). - ClientIPTag = "http.client_ip" -) - -// ClientIPTags returns the resulting Datadog span tags `http.client_ip` -// containing the client IP and `network.client.ip` containing the remote IP. -// The tags are present only if a valid ip address has been returned by -// ClientIP(). -func ClientIPTags(remoteIP, clientIP netip.Addr) (tags map[string]string) { - remoteIPValid := remoteIP.IsValid() - clientIPValid := clientIP.IsValid() - if !remoteIPValid && !clientIPValid { - return nil - } - - tags = make(map[string]string, 2) - if remoteIPValid { - tags[RemoteIPTag] = remoteIP.String() - } - if clientIPValid { - tags[ClientIPTag] = clientIP.String() - } - return tags -} - -// ClientIP returns the first public IP address found in the given headers. If -// none is present, it returns the first valid IP address present, possibly -// being a local IP address. The remote address, when valid, is used as fallback -// when no IP address has been found at all. -func ClientIP(hdrs map[string][]string, hasCanonicalHeaders bool, remoteAddr string, monitoredHeaders []string) (remoteIP, clientIP netip.Addr) { - // Walk IP-related headers - var foundIP netip.Addr -headersLoop: - for _, headerName := range monitoredHeaders { - if hasCanonicalHeaders { - headerName = textproto.CanonicalMIMEHeaderKey(headerName) - } - - headerValues, exists := hdrs[headerName] - if !exists { - continue // this monitored header is not present - } - - // Assuming a list of comma-separated IP addresses, split them and build - // the list of values to try to parse as IP addresses - var ips []string - for _, ip := range headerValues { - ips = append(ips, strings.Split(ip, ",")...) - } - - // Look for the first valid or global IP address in the comma-separated list - for _, ipstr := range ips { - ip := parseIP(strings.TrimSpace(ipstr)) - if !ip.IsValid() { - continue - } - // Replace foundIP if still not valid in order to keep the oldest - if !foundIP.IsValid() { - foundIP = ip - } - if isGlobal(ip) { - foundIP = ip - break headersLoop - } - } - } - - // Decide which IP address is the client one by starting with the remote IP - if ip := parseIP(remoteAddr); ip.IsValid() { - remoteIP = ip - clientIP = ip - } - - // The IP address found in the headers supersedes a private remote IP address. - if foundIP.IsValid() && !isGlobal(remoteIP) || isGlobal(foundIP) { - clientIP = foundIP - } - - return remoteIP, clientIP -} - -func parseIP(s string) netip.Addr { - if ip, err := netip.ParseAddr(s); err == nil { - return ip - } - if h, _, err := net.SplitHostPort(s); err == nil { - if ip, err := netip.ParseAddr(h); err == nil { - return ip - } - } - return netip.Addr{} -} - -var ipv6SpecialNetworks = [...]netip.Prefix{ - netip.MustParsePrefix("fec0::/10"), // site local -} - -func isGlobal(ip netip.Addr) bool { - // IsPrivate also checks for ipv6 ULA. - // We care to check for these addresses are not considered public, hence not global. - // See https://www.rfc-editor.org/rfc/rfc4193.txt for more details. - isGlobal := ip.IsValid() && !ip.IsPrivate() && !ip.IsLoopback() && !ip.IsLinkLocalUnicast() - if !isGlobal || !ip.Is6() { - return isGlobal - } - for _, n := range ipv6SpecialNetworks { - if n.Contains(ip) { - return false - } - } - return isGlobal -} diff --git a/vendor/github.com/DataDog/appsec-internal-go/limiter/limiter.go b/vendor/github.com/DataDog/appsec-internal-go/limiter/limiter.go deleted file mode 100644 index f1f16d36..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/limiter/limiter.go +++ /dev/null @@ -1,147 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -// Package limiter provides simple rate limiting primitives, and an implementation of a token bucket rate limiter. -package limiter - -import ( - "time" - - "sync/atomic" -) - -// Limiter is used to abstract the rate limiter implementation to only expose the needed function for rate limiting. -// This is for example useful for testing, allowing us to use a modified rate limiter tuned for testing through the same -// interface. -type Limiter interface { - Allow() bool -} - -// TokenTicker is a thread-safe and lock-free rate limiter based on a token bucket. -// The idea is to have a goroutine that will update the bucket with fresh tokens at regular intervals using a time.Ticker. -// The advantage of using a goroutine here is that the implementation becomes easily thread-safe using a few -// atomic operations with little overhead overall. TokenTicker.Start() *should* be called before the first call to -// TokenTicker.Allow() and TokenTicker.Stop() *must* be called once done using. Note that calling TokenTicker.Allow() -// before TokenTicker.Start() is valid, but it means the bucket won't be refilling until the call to TokenTicker.Start() is made -type TokenTicker struct { - tokens atomic.Int64 // The amount of tokens currently available - maxTokens int64 // The maximum amount of tokens the bucket can hold - ticker *time.Ticker // The ticker used to update the bucket (nil if not started yet) - stopChan chan struct{} // The channel to stop the ticker updater (nil if not started yet) -} - -// NewTokenTicker is a utility function that allocates a token ticker, initializes necessary fields and returns it -func NewTokenTicker(tokens, maxTokens int64) *TokenTicker { - t := &TokenTicker{ - maxTokens: maxTokens, - } - t.tokens.Store(tokens) - return t -} - -// updateBucket performs a select loop to update the token amount in the bucket. -// Used in a goroutine by the rate limiter. -func (t *TokenTicker) updateBucket(startTime time.Time, ticksChan <-chan time.Time, stopChan <-chan struct{}, syncChan chan<- struct{}) { - nsPerToken := time.Second.Nanoseconds() / t.maxTokens - elapsedNs := int64(0) - prevStamp := startTime - - for { - select { - case <-stopChan: - if syncChan != nil { - close(syncChan) - } - return - case stamp, ok := <-ticksChan: - if !ok { - // The ticker has been closed, stamp is a zero-value, we ignore that. We nil-out the - // ticksChan so we don't get stuck endlessly reading from this closed channel again. - ticksChan = nil - continue - } - - // Compute the time in nanoseconds that passed between the previous timestamp and this one - // This will be used to know how many tokens can be added into the bucket depending on the limiter rate - elapsedNs += stamp.Sub(prevStamp).Nanoseconds() - if elapsedNs > t.maxTokens*nsPerToken { - elapsedNs = t.maxTokens * nsPerToken - } - prevStamp = stamp - // Update the number of tokens in the bucket if enough nanoseconds have passed - if elapsedNs >= nsPerToken { - // Atomic spin lock to make sure we don't race for `t.tokens` - for { - tokens := t.tokens.Load() - if tokens == t.maxTokens { - break // Bucket is already full, nothing to do - } - inc := elapsedNs / nsPerToken - // Make sure not to add more tokens than we are allowed to into the bucket - if tokens+inc > t.maxTokens { - inc -= (tokens + inc) % t.maxTokens - } - if t.tokens.CompareAndSwap(tokens, tokens+inc) { - // Keep track of remaining elapsed ns that were not taken into account for this computation, - // so that increment computation remains precise over time - elapsedNs = elapsedNs % nsPerToken - break - } - } - } - // Sync channel used to signify that the goroutine is done updating the bucket. Used for tests to guarantee - // that the goroutine ticked at least once. - if syncChan != nil { - syncChan <- struct{}{} - } - } - } -} - -// Start starts the ticker and launches the goroutine responsible for updating the token bucket. -// The ticker is set to tick at a fixed rate of 500us. -func (t *TokenTicker) Start() { - timeNow := time.Now() - t.ticker = time.NewTicker(500 * time.Microsecond) - t.start(timeNow, t.ticker.C, nil) -} - -// start is used for internal testing. Controlling the ticker means being able to test per-tick -// rather than per-duration, which is more reliable if the app is under a lot of stress. The -// syncChan, if non-nil, will receive one message after each tick from the ticksChan has been -// processed, providing a strong synchronization primitive. The limiter will close the syncChan when -// it is stopped, signaling that no further ticks will be processed. -func (t *TokenTicker) start(startTime time.Time, ticksChan <-chan time.Time, syncChan chan<- struct{}) { - t.stopChan = make(chan struct{}) - go t.updateBucket(startTime, ticksChan, t.stopChan, syncChan) -} - -// Stop shuts down the rate limiter, taking care stopping the ticker and closing all channels -func (t *TokenTicker) Stop() { - // Stop the ticker only if it has been instantiated (not the case when testing by calling start() directly) - if t.ticker != nil { - t.ticker.Stop() - t.ticker = nil // Ensure stop can be called multiple times idempotently. - } - // Close the stop channel only if it has been created. This covers the case where Stop() is called without any prior - // call to Start() - if t.stopChan != nil { - close(t.stopChan) - t.stopChan = nil // Ensure stop can be called multiple times idempotently. - } -} - -// Allow checks and returns whether a token can be retrieved from the bucket and consumed. -// Thread-safe. -func (t *TokenTicker) Allow() bool { - for { - tokens := t.tokens.Load() - if tokens == 0 { - return false - } else if t.tokens.CompareAndSwap(tokens, tokens-1) { - return true - } - } -} diff --git a/vendor/github.com/DataDog/appsec-internal-go/log/backend.go b/vendor/github.com/DataDog/appsec-internal-go/log/backend.go deleted file mode 100644 index b9d94f5c..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/log/backend.go +++ /dev/null @@ -1,138 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -package log - -import ( - "fmt" - "log" - "os" - "strings" -) - -var ( - backend = Backend{ - Trace: defaultWithLevel(logLevelTrace), - Debug: defaultWithLevel(logLevelDebug), - Info: defaultWithLevel(logLevelInfo), - Warn: defaultWithLevel(logLevelWarn), - Errorf: defaultErrorfWithLevel(logLevelError), - Criticalf: defaultErrorfWithLevel(logLevelCritical), - } - defaultBackendLogLevel = logLevelError -) - -type Backend struct { - Trace func(string, ...any) - Debug func(string, ...any) - Info func(string, ...any) - Warn func(string, ...any) - Errorf func(string, ...any) error - Criticalf func(string, ...any) error -} - -// SetBackend replaces the active log backend with the provided one. Any nil -// function in the new backend will silently ignore any message logged at that -// level. -func SetBackend(newBackend Backend) { - if newBackend.Trace == nil { - newBackend.Trace = noopLogger - } - if newBackend.Debug == nil { - newBackend.Debug = noopLogger - } - if newBackend.Info == nil { - newBackend.Info = noopLogger - } - if newBackend.Warn == nil { - newBackend.Warn = noopLogger - } - if newBackend.Errorf == nil { - newBackend.Errorf = fmt.Errorf - } - if newBackend.Criticalf == nil { - newBackend.Criticalf = fmt.Errorf - } - - backend = newBackend -} - -// defaultWithLevel returns the default log backend function for the provided -// logLevel. This returns a no-op function if the default backend logLevel does -// not enable logging at that level. -func defaultWithLevel(level logLevel) func(string, ...any) { - if defaultBackendLogLevel < level { - return noopLogger - } - return func(format string, args ...any) { - log.Printf(fmt.Sprintf("[%s] %s\n", level, format), args...) - } -} - -// defaultErrorfWithLevel returns the default log backend function for the -// provided error logLevel. -func defaultErrorfWithLevel(level logLevel) func(string, ...any) error { - if defaultBackendLogLevel < level { - return fmt.Errorf - } - return func(format string, args ...any) error { - err := fmt.Errorf(format, args...) - log.Printf("[%s] %v", level, err) - return err - } -} - -// noopLogger does nothing. -func noopLogger(string, ...any) { /* noop */ } - -type logLevel uint8 - -const ( - logLevelTrace logLevel = 1 << iota - logLevelDebug - logLevelInfo - logLevelWarn - logLevelError - logLevelCritical -) - -func (l logLevel) String() string { - switch l { - case logLevelTrace: - return "TRACE" - case logLevelDebug: - return "DEBUG" - case logLevelInfo: - return "INFO" - case logLevelWarn: - return "WARN" - case logLevelError: - return "ERROR" - case logLevelCritical: - return "CRITICAL" - default: - return "UNKNOWN" - } -} - -func init() { - ddLogLevel := os.Getenv("DD_LOG_LEVEL") - switch strings.ToUpper(ddLogLevel) { - case "TRACE": - defaultBackendLogLevel = logLevelTrace - case "DEBUG": - defaultBackendLogLevel = logLevelDebug - case "INFO": - defaultBackendLogLevel = logLevelInfo - case "WARN": - defaultBackendLogLevel = logLevelWarn - case "ERROR": - defaultBackendLogLevel = logLevelError - case "CRITICAL": - defaultBackendLogLevel = logLevelCritical - default: - // Ignore invalid/unexpected values - } -} diff --git a/vendor/github.com/DataDog/appsec-internal-go/log/log.go b/vendor/github.com/DataDog/appsec-internal-go/log/log.go deleted file mode 100644 index a34f578d..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/log/log.go +++ /dev/null @@ -1,45 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -// Package log provides a logging facility that is used by this library, and -// which can be configured to piggyback on another logging facility where -// available. If not explicitly configured, this will log messages using the Go -// standar library log package, filtered according to the log level set in the -// `DD_LOG_LEVEL` environment variable (or `ERROR` if none is set). -// -// Custom logger intergrations are configured by calling the SetBackend function. -package log - -// Trace logs a message with format using the TRACE log level. -func Trace(format string, args ...any) { - backend.Trace(format, args...) -} - -// Debug logs a message with format using the DEBUG log level. -func Debug(format string, args ...any) { - backend.Debug(format, args...) -} - -// Info logs a message with format using the INFO log level. -func Info(format string, args ...any) { - backend.Info(format, args...) -} - -// Warn logs a message with format using the WARN log level. -func Warn(format string, args ...any) { - backend.Warn(format, args...) -} - -// Errorf logs a message with format using the ERROR log level and returns an -// error containing the formatted log message. -func Errorf(format string, args ...any) error { - return backend.Errorf(format, args...) -} - -// Errorf logs a message with format using the CRITICAL log level and returns an -// error containing the formatted log message. -func Criticalf(format string, args ...any) error { - return backend.Criticalf(format, args...) -} diff --git a/vendor/github.com/DataDog/appsec-internal-go/netip/ip.go b/vendor/github.com/DataDog/appsec-internal-go/netip/ip.go deleted file mode 100644 index 99e1e627..00000000 --- a/vendor/github.com/DataDog/appsec-internal-go/netip/ip.go +++ /dev/null @@ -1,31 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022 Datadog, Inc. - -package netip - -import "net/netip" - -// Addr wraps a netip.Addr value -type Addr = netip.Addr - -// Prefix wraps a netip.Prefix value -type Prefix = netip.Prefix - -var ( - // ParseAddr wraps the netip.ParseAddr function - ParseAddr = netip.ParseAddr - // MustParsePrefix wraps the netip.MustParsePrefix function - MustParsePrefix = netip.MustParsePrefix - // MustParseAddr wraps the netip.MustParseAddr function - MustParseAddr = netip.MustParseAddr - // AddrFrom16 wraps the netIP.AddrFrom16 function - AddrFrom16 = netip.AddrFrom16 -) - -// IPv4 wraps the netip.AddrFrom4 function -func IPv4(a, b, c, d byte) Addr { - e := [4]byte{a, b, c, d} - return netip.AddrFrom4(e) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/LICENSE b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/LICENSE deleted file mode 100644 index b370545b..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/LICENSE +++ /dev/null @@ -1,200 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-present Datadog, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/cache.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/cache.go deleted file mode 100644 index 837b2b15..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/cache.go +++ /dev/null @@ -1,90 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "fmt" - "time" - - "github.com/outcaste-io/ristretto" -) - -// measuredCache is a wrapper on top of *ristretto.Cache which additionally -// sends metrics (hits and misses) every 10 seconds. -type measuredCache struct { - *ristretto.Cache - - // close allows sending shutdown notification. - close chan struct{} - statsd StatsClient -} - -// Close gracefully closes the cache when active. -func (c *measuredCache) Close() { - if c.Cache == nil { - return - } - c.close <- struct{}{} - <-c.close -} - -func (c *measuredCache) statsLoop() { - defer func() { - c.close <- struct{}{} - }() - tick := time.NewTicker(10 * time.Second) - defer tick.Stop() - mx := c.Cache.Metrics - for { - select { - case <-tick.C: - _ = c.statsd.Gauge("datadog.trace_agent.obfuscation.sql_cache.hits", float64(mx.Hits()), nil, 1) //nolint:errcheck - _ = c.statsd.Gauge("datadog.trace_agent.obfuscation.sql_cache.misses", float64(mx.Misses()), nil, 1) //nolint:errcheck - case <-c.close: - c.Cache.Close() - return - } - } -} - -type cacheOptions struct { - On bool - Statsd StatsClient -} - -// newMeasuredCache returns a new measuredCache. -func newMeasuredCache(opts cacheOptions) *measuredCache { - if !opts.On { - // a nil *ristretto.Cache is a no-op cache - return &measuredCache{} - } - cfg := &ristretto.Config{ - // We know that the maximum allowed resource length is 5K. This means that - // in 5MB we can store a minimum of 1000 queries. - MaxCost: 5000000, - - // An appromixated worst-case scenario when the cache is filled with small - // queries averaged as being of length 11 ("LOCK TABLES"), we would be able - // to fit 476K of them into 5MB of cost. - // - // We average it to 500K and multiply 10x as the documentation recommends. - NumCounters: 500000 * 10, - - BufferItems: 64, // default recommended value - Metrics: true, // enable hit/miss counters - } - cache, err := ristretto.NewCache(cfg) - if err != nil { - panic(fmt.Errorf("Error starting obfuscator query cache: %v", err)) - } - c := measuredCache{ - close: make(chan struct{}), - statsd: opts.Statsd, - Cache: cache, - } - go c.statsLoop() - return &c -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/credit_cards.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/credit_cards.go deleted file mode 100644 index b172b2c1..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/credit_cards.go +++ /dev/null @@ -1,269 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "strings" -) - -// creditCard maintains credit card obfuscation state and processing. -type creditCard struct { - luhn bool -} - -func newCCObfuscator(config *CreditCardsConfig) *creditCard { - return &creditCard{ - luhn: config.Luhn, - } -} - -// ObfuscateCreditCardNumber obfuscates any "credit card like" numbers in value for keys not in the allow-list -func (o *Obfuscator) ObfuscateCreditCardNumber(key, val string) string { - switch key { - case "_sample_rate", - "_sampling_priority_v1", - "account_id", - "aws_account", - "error", - "error.msg", - "error.type", - "error.stack", - "env", - "graphql.field", - "graphql.query", - "graphql.type", - "graphql.operation.name", - "grpc.code", - "grpc.method", - "grpc.request", - "http.status_code", - "http.method", - "runtime-id", - "out.host", - "out.port", - "sampling.priority", - "span.type", - "span.name", - "service.name", - "service", - "sql.query", - "version": - // these tags are known to not be credit card numbers - return val - } - if strings.HasPrefix(key, "_") { - return val - } - if o.ccObfuscator.IsCardNumber(val) { - return "?" - } - return val -} - -// IsCardNumber checks if b could be a credit card number by checking the digit count and IIN prefix. -// If validateLuhn is true, the Luhn checksum is also applied to potential candidates. -func (cc *creditCard) IsCardNumber(b string) (ok bool) { - // - // Just credit card numbers for now, based on: - // • https://baymard.com/checkout-usability/credit-card-patterns - // • https://www.regular-expressions.info/creditcard.html - // - if len(b) == 0 { - return false - } - if len(b) < 12 { - // fast path: can not be a credit card - return false - } - if b[0] != ' ' && b[0] != '-' && (b[0] < '0' || b[0] > '9') { - // fast path: only valid characters are 0-9, space (" ") and dash("-") - return false - } - prefix := 0 // holds up to b[:6] digits as a numeric value (for example []byte{"523"} becomes int(523)) for checking prefixes - count := 0 // counts digits encountered - foundPrefix := false // reports whether we've detected a valid prefix - recdigit := func(_ byte) {} // callback on each found digit; no-op by default (we only need this for Luhn) - if cc.luhn { - // we need Luhn checksum validation, so we have to take additional action - // and record all digits found - buf := make([]byte, 0, len(b)) - recdigit = func(b byte) { buf = append(buf, b) } - defer func() { - if !ok { - // if isCardNumber returned false, it means that b can not be - // a credit card number - return - } - // potentially a credit card number, run the Luhn checksum - ok = luhnValid(buf) - }() - } -loop: - for i := range b { - // We traverse and search b for a valid IIN credit card prefix based - // on the digits found, ignoring spaces and dashes. - // Source: https://www.regular-expressions.info/creditcard.html - switch b[i] { - case ' ', '-': - // ignore space (' ') and dash ('-') - continue loop - } - if b[i] < '0' || b[i] > '9' { - // not a 0 to 9 digit; can not be a credit card number; abort - return false - } - count++ - recdigit(b[i]) - if !foundPrefix { - // we have not yet found a valid prefix so we convert the digits - // that we have so far into a numeric value: - prefix = prefix*10 + (int(b[i]) - '0') - maybe, yes := validCardPrefix(prefix) - if yes { - // we've found a valid prefix; continue counting - foundPrefix = true - } else if !maybe { - // this is not a valid prefix and we should not continue looking - return false - } - } - if count > 16 { - // too many digits - return false - } - } - if count < 12 { - // too few digits - return false - } - return foundPrefix -} - -// luhnValid checks that the number represented in the given string validates the Luhn Checksum algorithm. -// str is expected to contain exclusively digits at all positions. -// -// See: -// • https://en.wikipedia.org/wiki/Luhn_algorithm -// • https://dev.to/shiraazm/goluhn-a-simple-library-for-generating-calculating-and-verifying-luhn-numbers-588j -func luhnValid(str []byte) bool { - var ( - sum int - alt bool - ) - n := len(str) - for i := n - 1; i > -1; i-- { - if str[i] < '0' || str[i] > '9' { - return false // not a number! - } - mod := int(str[i] - 0x30) // convert byte to int - if alt { - mod *= 2 - if mod > 9 { - mod = (mod % 10) + 1 - } - } - alt = !alt - sum += mod - } - return sum%10 == 0 -} - -// validCardPrefix validates whether b is a valid card prefix. Maybe returns true if -// the prefix could be an IIN once more digits are revealed and yes reports whether -// b is a fully valid IIN. -// -// If yes is false and maybe is false, there is no reason to continue searching. The -// prefix is invalid. -// -// IMPORTANT: If adding new prefixes to this algorithm, make sure that you update -// the "maybe" clauses above, in the shorter prefixes than the one you are adding. -// This refers to the cases which return true, false. -// -// TODO(x): this whole code could be code generated from a prettier data structure. -// Ultimately, it could even be user-configurable. -func validCardPrefix(n int) (maybe, yes bool) { - // Validates IIN prefix possibilities - // Source: https://www.regular-expressions.info/creditcard.html - if n > 699999 { - // too long for any known prefix; stop looking - return false, false - } - if n < 10 { - switch n { - case 1, 4: - // 1 & 4 are valid IIN - return false, true - case 2, 3, 5, 6: - // 2, 3, 5, 6 could be the start of valid IIN - return true, false - default: - // invalid IIN - return false, false - } - } - if n < 100 { - if (n >= 34 && n <= 39) || - (n >= 51 && n <= 55) || - n == 62 || - n == 65 { - // 34-39, 51-55, 62, 65 are valid IIN - return false, true - } - if n == 30 || n == 63 || n == 64 || n == 50 || n == 60 || - (n >= 22 && n <= 27) || (n >= 56 && n <= 58) || (n >= 60 && n <= 69) { - // 30, 63, 64, 50, 60, 22-27, 56-58, 60-69 may end up as valid IIN - return true, false - } - } - if n < 1000 { - if (n >= 300 && n <= 305) || - (n >= 644 && n <= 649) || - n == 309 || - n == 636 { - // 300‑305, 309, 636, 644‑649 are valid IIN - return false, true - } - if (n >= 352 && n <= 358) || n == 501 || n == 601 || - (n >= 222 && n <= 272) || (n >= 500 && n <= 509) || - (n >= 560 && n <= 589) || (n >= 600 && n <= 699) { - // 352-358, 501, 601, 222-272, 500-509, 560-589, 600-699 may be a 4 or 6 digit IIN prefix - return true, false - } - } - if n < 10000 { - if (n >= 3528 && n <= 3589) || - n == 5019 || - n == 6011 { - // 3528‑3589, 5019, 6011 are valid IINs - return false, true - } - if (n >= 2221 && n <= 2720) || (n >= 5000 && n <= 5099) || - (n >= 5600 && n <= 5899) || (n >= 6000 && n <= 6999) { - // maybe a 6-digit IIN - return true, false - } - } - if n < 100000 { - if (n >= 22210 && n <= 27209) || - (n >= 50000 && n <= 50999) || - (n >= 56000 && n <= 58999) || - (n >= 60000 && n <= 69999) { - // maybe a 6-digit IIN - return true, false - } - } - if n < 1000000 { - if (n >= 222100 && n <= 272099) || - (n >= 500000 && n <= 509999) || - (n >= 560000 && n <= 589999) || - (n >= 600000 && n <= 699999) { - // 222100‑272099, 500000‑509999, 560000‑589999, 600000‑699999 are valid IIN - return false, true - } - } - // unknown IIN - return false, false -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/http.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/http.go deleted file mode 100644 index d9a00084..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/http.go +++ /dev/null @@ -1,60 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "net/url" - "strings" -) - -// obfuscateUserInfo returns a URL string that obfuscates any userinfo by setting url.User to nil. -func obfuscateUserInfo(val string) string { - u, err := url.Parse(val) - if err != nil { - return val - } - u.User = nil - return u.String() -} - -// ObfuscateURLString obfuscates the given URL. It must be a valid URL. -func (o *Obfuscator) ObfuscateURLString(val string) string { - if !o.opts.HTTP.RemoveQueryString && !o.opts.HTTP.RemovePathDigits { - // nothing to do - return obfuscateUserInfo(val) - } - u, err := url.Parse(val) - if err != nil { - // should not happen for valid URLs, but better obfuscate everything - // rather than expose sensitive information when this option is on. - return "?" - } - u.User = nil - if o.opts.HTTP.RemoveQueryString && u.RawQuery != "" { - u.ForceQuery = true // add the '?' - u.RawQuery = "" - } - if o.opts.HTTP.RemovePathDigits { - segs := strings.Split(u.Path, "/") - var changed bool - for i, seg := range segs { - for _, ch := range []byte(seg) { - if ch >= '0' && ch <= '9' { - // we can not set the question mark directly here because the url - // package will escape it into %3F, so we use this placeholder and - // replace it further down. - segs[i] = "/REDACTED/" - changed = true - break - } - } - } - if changed { - u.Path = strings.Join(segs, "/") - } - } - return strings.Replace(u.String(), "/REDACTED/", "?", -1) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/ip_address.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/ip_address.go deleted file mode 100644 index 7639453b..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/ip_address.go +++ /dev/null @@ -1,168 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "net" - "net/netip" - "regexp" - "strings" -) - -// QuantizePeerIPAddresses quantizes a comma separated list of hosts. Each entry which is an IP address is replaced using quantizeIP. -// Duplicate entries post-quantization or collapsed into a single unique value. -// Entries which are not IP addresses are left unchanged. -// Comma-separated host lists are common for peer tags like peer.cassandra.contact.points, peer.couchbase.seed.nodes, peer.kafka.bootstrap.servers -func QuantizePeerIPAddresses(raw string) string { - values := strings.Split(raw, ",") - uniq := values[:0] - uniqSet := make(map[string]bool) - for _, v := range values { - q := quantizeIP(v) - if !uniqSet[q] { - uniqSet[q] = true - uniq = append(uniq, q) - } - } - return strings.Join(uniq, ",") -} - -var protocolRegex = regexp.MustCompile(`((?:dnspoll|ftp|file|http|https):/{2,3}).*`) - -var allowedIPAddresses = map[string]bool{ - // localhost - "127.0.0.1": true, - "::1": true, - // link-local cloud provider metadata server addresses - "169.254.169.254": true, - "fd00:ec2::254": true, - // ECS task metadata - "169.254.170.2": true, -} - -func splitPrefix(raw string) (prefix, after string) { - if after, ok := strings.CutPrefix(raw, "ip-"); ok { // AWS EC2 hostnames e.g. ip-10-123-4-567.ec2.internal - return "ip-", after - } - subMatches := protocolRegex.FindStringSubmatch(raw) - if len(subMatches) >= 2 { - prefix = subMatches[1] - } - return prefix, raw[len(prefix):] -} - -// quantizeIP quantizes the ip address in the provided string, only if it exactly matches an ip with an optional port -// if the string is not an ip then empty string is returned -func quantizeIP(raw string) string { - prefix, rawNoPrefix := splitPrefix(raw) - host, port, suffix := parseIPAndPort(rawNoPrefix) - if host == "" { - // not an ip address - return raw - } - if allowedIPAddresses[host] { - return raw - } - replacement := prefix + "blocked-ip-address" - if port != "" { - // we're keeping the original port as part of the key because ports are much lower cardinality - // than ip addresses, and they also tend to correspond more closely to a protocol (i.e. 443 is HTTPS) - // so it's likely safe and probably also useful to leave them in - replacement = replacement + ":" + port - } - return replacement + suffix -} - -// parseIPAndPort returns (host, port) if the host is a valid ip address with an optional port, else returns empty strings. -func parseIPAndPort(input string) (host, port, suffix string) { - host, port, err := net.SplitHostPort(input) - if err != nil { - host = input - } - if ok, i := isParseableIP(host); ok { - return host[:i], port, host[i:] - } - return "", "", "" -} - -func isParseableIP(s string) (parsed bool, lastIndex int) { - if len(s) == 0 { - return false, -1 - } - // Must start with a hex digit, or IPv6 can have a preceding ':' - switch s[0] { - case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', - 'a', 'b', 'c', 'd', 'e', 'f', - 'A', 'B', 'C', 'D', 'E', 'F', - ':': - default: - return false, -1 - } - for i := 0; i < len(s); i++ { - switch s[i] { - case '.', '_', '-': - return parseIPv4(s, s[i]) - case ':': - // IPv6 - if _, err := netip.ParseAddr(s); err == nil { - return true, len(s) - } - return false, -1 - case '%': - // Assume that this was trying to be an IPv6 address with - // a zone specifier, but the address is missing. - return false, -1 - } - } - return false, -1 -} - -// parseIsIPv4 parses s as an IPv4 address and returns whether it is an IP address -// modified from netip to accept alternate separators besides '.' -// also modified to return true if s is an IPv4 address with trailing characters -func parseIPv4(s string, sep byte) (parsed bool, lastIndex int) { - var fields [4]uint8 - var val, pos int - var digLen int // number of digits in current octet - for i := 0; i < len(s); i++ { - if s[i] >= '0' && s[i] <= '9' { - if digLen == 1 && val == 0 { - return false, -1 - } - val = val*10 + int(s[i]) - '0' - digLen++ - if val > 255 { - return false, -1 - } - } else if s[i] == sep { - // .1.2.3 - // 1.2.3. - // 1..2.3 - if i == 0 || i == len(s)-1 || s[i-1] == sep { - return false, -1 - } - // 1.2.3.4.5 - if pos == 3 { - return true, i - } - fields[pos] = uint8(val) - pos++ - val = 0 - digLen = 0 - } else { - if pos == 3 && digLen > 0 { - fields[3] = uint8(val) - return true, i - } - return false, -1 - } - } - if pos < 3 { - return false, -1 - } - fields[3] = uint8(val) - return true, len(s) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/json.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/json.go deleted file mode 100644 index d2a60ec6..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/json.go +++ /dev/null @@ -1,234 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "bytes" - "strconv" - "strings" - "sync" -) - -// ObfuscateMongoDBString obfuscates the given MongoDB JSON query. -func (o *Obfuscator) ObfuscateMongoDBString(cmd string) string { - return obfuscateJSONString(cmd, o.mongo) -} - -// ObfuscateElasticSearchString obfuscates the given ElasticSearch JSON query. -func (o *Obfuscator) ObfuscateElasticSearchString(cmd string) string { - return obfuscateJSONString(cmd, o.es) -} - -// ObfuscateOpenSearchString obfuscates the given OpenSearch JSON query. -func (o *Obfuscator) ObfuscateOpenSearchString(cmd string) string { - return obfuscateJSONString(cmd, o.openSearch) -} - -// obfuscateJSONString obfuscates the given span's tag using the given obfuscator. If the obfuscator is -// nil it is considered disabled. -func obfuscateJSONString(cmd string, obfuscator *jsonObfuscator) string { - if obfuscator == nil || cmd == "" { - // obfuscator is disabled or string is empty - return cmd - } - out, _ := obfuscator.obfuscate([]byte(cmd)) - // we should accept whatever the obfuscator returns, even if it's an error: a parsing - // error simply means that the JSON was invalid, meaning that we've only obfuscated - // as much of it as we could. It is safe to accept the output, even if partial. - return out -} - -type jsonObfuscator struct { - buffPool sync.Pool // pool for fixed-length buffers (50 showed to be the optimal running benchmarks with different length) - statePool sync.Pool // pool for jsonObfuscatorState values - keepKeys map[string]bool // the values for these keys will not be obfuscated - transformKeys map[string]bool // the values for these keys pass through the transformer - transformer func(string) string -} - -func newJSONObfuscator(cfg *JSONConfig, o *Obfuscator) *jsonObfuscator { - keepValue := make(map[string]bool, len(cfg.KeepValues)) - for _, v := range cfg.KeepValues { - keepValue[v] = true - } - var ( - transformKeys map[string]bool - transformer func(string) string - ) - if len(cfg.ObfuscateSQLValues) > 0 { - transformer = sqlObfuscationTransformer(o) - transformKeys = make(map[string]bool, len(cfg.ObfuscateSQLValues)) - for _, v := range cfg.ObfuscateSQLValues { - transformKeys[v] = true - } - } - return &jsonObfuscator{ - keepKeys: keepValue, - transformKeys: transformKeys, - transformer: transformer, - buffPool: sync.Pool{ - New: func() any { - return new(bytes.Buffer) - }, - }, - statePool: sync.Pool{ - New: func() any { - return &jsonObfuscatorState{ - closures: []bool{}, - } - }, - }, - } -} - -func sqlObfuscationTransformer(o *Obfuscator) func(string) string { - return func(s string) string { - result, err := o.ObfuscateSQLString(s) - if err != nil { - o.log.Debugf("Failed to obfuscate SQL string '%s': %s", s, err.Error()) - // instead of returning an empty string we explicitly return an error string here within the result in order - // to surface the problem clearly to the user - return "Datadog-agent failed to obfuscate SQL string. Enable agent debug logs for more info." - } - return result.Query - } -} - -type jsonObfuscatorState struct { - scan scanner // scanner - closures []bool // closure stack, true if object (e.g. {[{ => []bool{true, false, true}) - keepDepth int // the depth at which we've stopped obfuscating - key bool // true if scanning a key - wiped bool // true if obfuscation string (`"?"`) was already written for current value - keeping bool // true if not obfuscating - transformingValue bool // true if collecting the next literal for transformation -} - -func (st *jsonObfuscatorState) reset() { - st.scan.reset() - st.closures = st.closures[0:0] - st.keepDepth = 0 - st.key = false - st.wiped = false - st.keeping = false - st.transformingValue = false -} - -// setKey verifies if we are currently scanning a key based on the current state -// and updates the state accordingly. It must be called only after a closure or a -// value scan has ended. -func (st *jsonObfuscatorState) setKey() { - n := len(st.closures) - st.key = n == 0 || st.closures[n-1] // true if we are at top level or in an object - st.wiped = false -} - -func (p *jsonObfuscator) obfuscate(data []byte) (string, error) { - if len(data) == 0 { - return "", nil - } - - var out strings.Builder - st := p.statePool.Get().(*jsonObfuscatorState) - st.reset() - - buf := p.buffPool.Get().(*bytes.Buffer) // recording current token - buf.Reset() - defer func() { - p.statePool.Put(st) - p.buffPool.Put(buf) - }() - - out.Grow(len(data)) - buf.Grow(len(data) / 10) // Benchmarks show that the optimal point is a tenth of the data length. - for _, c := range data { - st.scan.bytes++ - op := st.scan.step(&st.scan, c) - depth := len(st.closures) - switch op { - case scanBeginObject: - // object begins: { - st.closures = append(st.closures, true) - st.setKey() - st.transformingValue = false - case scanBeginArray: - // array begins: [ - st.closures = append(st.closures, false) - st.setKey() - st.transformingValue = false - case scanEndArray, scanEndObject: - // array or object closing - if n := len(st.closures) - 1; n > 0 { - st.closures = st.closures[:n] - } - fallthrough - case scanObjectValue, scanArrayValue: - // done scanning value - st.setKey() - if st.transformingValue && p.transformer != nil { - v, err := strconv.Unquote(buf.String()) - if err != nil { - v = buf.String() - } - result := p.transformer(v) - out.WriteByte('"') - out.WriteString(result) - out.WriteByte('"') - st.transformingValue = false - buf.Reset() - } else if st.keeping && depth < st.keepDepth { - st.keeping = false - } - case scanBeginLiteral, scanContinue: - // starting or continuing a literal - if st.transformingValue { - buf.WriteByte(c) - continue - } else if st.key { - // it's a key - buf.WriteByte(c) - } else if !st.keeping { - // it's a value we're not keeping - if !st.wiped { - out.WriteString(`"?"`) - st.wiped = true - } - continue - } - case scanObjectKey: - // done scanning key - k := string(bytes.Trim(buf.Bytes(), `"`)) - if !st.keeping && p.keepKeys[k] { - // we should not obfuscate values of this key - st.keeping = true - st.keepDepth = depth + 1 - } else if !st.transformingValue && p.transformer != nil && p.transformKeys[k] { - // the string value immediately following this key will be passed through the value transformer - // if anything other than a literal is found then sql obfuscation is stopped and json obfuscation - // proceeds as usual - st.transformingValue = true - } - buf.Reset() - st.key = false - case scanSkipSpace: - continue - case scanError: - // we've encountered an error, mark that there might be more JSON - // using the ellipsis and return whatever we've managed to obfuscate - // thus far. - out.WriteString("...") - return out.String(), st.scan.err - } - out.WriteByte(c) - } - if st.scan.eof() == scanError { - // if an error occurred it's fine, simply add the ellipsis to indicate - // that the input has been truncated. - out.Write([]byte("...")) - return out.String(), st.scan.err - } - return out.String(), nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/json_scanner.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/json_scanner.go deleted file mode 100644 index 6c490bbc..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/json_scanner.go +++ /dev/null @@ -1,560 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// -// The code that follows is copied from go/src/encoding/json/scanner.go -// It may contain minor edits, such as allowing multiple JSON objects within -// the same input string (see stateEndTop) -// - -package obfuscate - -import "strconv" - -// A SyntaxError is a description of a JSON syntax error. -type SyntaxError struct { - msg string // description of error - Offset int64 // error occurred after reading Offset bytes -} - -func (e *SyntaxError) Error() string { return e.msg } - -// A scanner is a JSON scanning state machine. -// Callers call scan.reset() and then pass bytes in one at a time -// by calling scan.step(&scan, c) for each byte. -// The return value, referred to as an opcode, tells the -// caller about significant parsing events like beginning -// and ending literals, objects, and arrays, so that the -// caller can follow along if it wishes. -// The return value scanEnd indicates that a single top-level -// JSON value has been completed, *before* the byte that -// just got passed in. (The indication must be delayed in order -// to recognize the end of numbers: is 123 a whole value or -// the beginning of 12345e+6?). -type scanner struct { - // The step is a func to be called to execute the next transition. - // Also tried using an integer constant and a single func - // with a switch, but using the func directly was 10% faster - // on a 64-bit Mac Mini, and it's nicer to read. - step func(*scanner, byte) int - - // Reached end of top-level value. - endTop bool - - // Stack of what we're in the middle of - array values, object keys, object values. - parseState []int - - // Error that happened, if any. - err error - - // total bytes consumed, updated by decoder.Decode - bytes int64 -} - -// These values are returned by the state transition functions -// assigned to scanner.state and the method scanner.eof. -// They give details about the current state of the scan that -// callers might be interested to know about. -// It is okay to ignore the return value of any particular -// call to scanner.state: if one call returns scanError, -// every subsequent call will return scanError too. -const ( - // Continue. - scanContinue = iota // uninteresting byte - scanBeginLiteral // end implied by next result != scanContinue - scanBeginObject // begin object - scanObjectKey // just finished object key (string) - scanObjectValue // just finished non-last object value - scanEndObject // end object (implies scanObjectValue if possible) - scanBeginArray // begin array - scanArrayValue // just finished array value - scanEndArray // end array (implies scanArrayValue if possible) - scanSkipSpace // space byte; can skip; known to be last "continue" result - - // Stop. - scanEnd // top-level value ended *before* this byte; known to be first "stop" result - scanError // hit an error, scanner.err. -) - -// These values are stored in the parseState stack. -// They give the current state of a composite value -// being scanned. If the parser is inside a nested value -// the parseState describes the nested state, outermost at entry 0. -const ( - parseObjectKey = iota // parsing object key (before colon) - parseObjectValue // parsing object value (after colon) - parseArrayValue // parsing array value -) - -// reset prepares the scanner for use. -// It must be called before calling s.step. -func (s *scanner) reset() { - s.step = stateBeginValue - s.parseState = s.parseState[0:0] - s.err = nil - s.endTop = false -} - -// eof tells the scanner that the end of input has been reached. -// It returns a scan status just as s.step does. -func (s *scanner) eof() int { - if s.err != nil { - return scanError - } - if s.endTop { - return scanEnd - } - s.step(s, ' ') - if s.endTop { - return scanEnd - } - if s.err == nil { - s.err = &SyntaxError{"unexpected end of JSON input", s.bytes} - } - return scanError -} - -// pushParseState pushes a new parse state p onto the parse stack. -func (s *scanner) pushParseState(p int) { - s.parseState = append(s.parseState, p) -} - -// popParseState pops a parse state (already obtained) off the stack -// and updates s.step accordingly. -func (s *scanner) popParseState() { - n := len(s.parseState) - 1 - if n == 0 { - s.step = stateEndTop - s.endTop = true - return - } - s.parseState = s.parseState[0:n] - s.step = stateEndValue -} - -func isSpace(c byte) bool { - return c == ' ' || c == '\t' || c == '\r' || c == '\n' -} - -// stateBeginValueOrEmpty is the state after reading `[`. -func stateBeginValueOrEmpty(s *scanner, c byte) int { - if c <= ' ' && isSpace(c) { - return scanSkipSpace - } - if c == ']' { - return stateEndValue(s, c) - } - return stateBeginValue(s, c) -} - -// stateBeginValue is the state at the beginning of the input. -func stateBeginValue(s *scanner, c byte) int { - if c <= ' ' && isSpace(c) { - return scanSkipSpace - } - switch c { - case '{': - s.step = stateBeginStringOrEmpty - s.pushParseState(parseObjectKey) - return scanBeginObject - case '[': - s.step = stateBeginValueOrEmpty - s.pushParseState(parseArrayValue) - return scanBeginArray - case '"': - s.step = stateInString - return scanBeginLiteral - case '-': - s.step = stateNeg - return scanBeginLiteral - case '0': // beginning of 0.123 - s.step = state0 - return scanBeginLiteral - case 't': // beginning of true - s.step = stateT - return scanBeginLiteral - case 'f': // beginning of false - s.step = stateF - return scanBeginLiteral - case 'n': // beginning of null - s.step = stateN - return scanBeginLiteral - } - if '1' <= c && c <= '9' { // beginning of 1234.5 - s.step = state1 - return scanBeginLiteral - } - return s.error(c, "looking for beginning of value") -} - -// stateBeginStringOrEmpty is the state after reading `{`. -func stateBeginStringOrEmpty(s *scanner, c byte) int { - if c <= ' ' && isSpace(c) { - return scanSkipSpace - } - n := len(s.parseState) - if c == '}' && n > 0 { - s.parseState[n-1] = parseObjectValue - return stateEndValue(s, c) - } - return stateBeginString(s, c) -} - -// stateBeginString is the state after reading `{"key": value,`. -func stateBeginString(s *scanner, c byte) int { - if c <= ' ' && isSpace(c) { - return scanSkipSpace - } - if c == '"' { - s.step = stateInString - return scanBeginLiteral - } - return s.error(c, "looking for beginning of object key string") -} - -// stateEndValue is the state after completing a value, -// such as after reading `{}` or `true` or `["x"`. -func stateEndValue(s *scanner, c byte) int { - n := len(s.parseState) - if n == 0 { - // Completed top-level before the current byte. - s.step = stateEndTop - s.endTop = true - return stateEndTop(s, c) - } - if c <= ' ' && isSpace(c) { - s.step = stateEndValue - return scanSkipSpace - } - ps := s.parseState[n-1] - switch ps { - case parseObjectKey: - if c == ':' { - s.parseState[n-1] = parseObjectValue - s.step = stateBeginValue - return scanObjectKey - } - return s.error(c, "after object key") - case parseObjectValue: - if c == ',' { - s.parseState[n-1] = parseObjectKey - s.step = stateBeginString - return scanObjectValue - } - if c == '}' { - s.popParseState() - return scanEndObject - } - return s.error(c, "after object key:value pair") - case parseArrayValue: - if c == ',' { - s.step = stateBeginValue - return scanArrayValue - } - if c == ']' { - s.popParseState() - return scanEndArray - } - return s.error(c, "after array element") - } - return s.error(c, "") -} - -// stateEndTop is the state after finishing the top-level value, -// such as after reading `{}` or `[1,2,3]`. -// Only space characters should be seen now. -func stateEndTop(s *scanner, c byte) int { - if c != ' ' && c != '\t' && c != '\r' && c != '\n' { - // The former behaviour has been removed. Now, if anything - // other than whitespace follows, we assume a new JSON string - // might be starting. This allows us to continue obfuscating - // further strings in cases where there are multiple JSON - // objects enumerated sequentially within the same input. - // This is a common case for ElasticSearch response bodies. - s.reset() - return s.step(s, c) - } - return scanEnd -} - -// stateInString is the state after reading `"`. -func stateInString(s *scanner, c byte) int { - if c == '"' { - s.step = stateEndValue - return scanContinue - } - if c == '\\' { - s.step = stateInStringEsc - return scanContinue - } - if c < 0x20 { - return s.error(c, "in string literal") - } - return scanContinue -} - -// stateInStringEsc is the state after reading `"\` during a quoted string. -func stateInStringEsc(s *scanner, c byte) int { - switch c { - case 'b', 'f', 'n', 'r', 't', '\\', '/', '"': - s.step = stateInString - return scanContinue - case 'u': - s.step = stateInStringEscU - return scanContinue - } - return s.error(c, "in string escape code") -} - -// stateInStringEscU is the state after reading `"\u` during a quoted string. -func stateInStringEscU(s *scanner, c byte) int { - if '0' <= c && c <= '9' || 'a' <= c && c <= 'f' || 'A' <= c && c <= 'F' { - s.step = stateInStringEscU1 - return scanContinue - } - // numbers - return s.error(c, "in \\u hexadecimal character escape") -} - -// stateInStringEscU1 is the state after reading `"\u1` during a quoted string. -func stateInStringEscU1(s *scanner, c byte) int { - if '0' <= c && c <= '9' || 'a' <= c && c <= 'f' || 'A' <= c && c <= 'F' { - s.step = stateInStringEscU12 - return scanContinue - } - // numbers - return s.error(c, "in \\u hexadecimal character escape") -} - -// stateInStringEscU12 is the state after reading `"\u12` during a quoted string. -func stateInStringEscU12(s *scanner, c byte) int { - if '0' <= c && c <= '9' || 'a' <= c && c <= 'f' || 'A' <= c && c <= 'F' { - s.step = stateInStringEscU123 - return scanContinue - } - // numbers - return s.error(c, "in \\u hexadecimal character escape") -} - -// stateInStringEscU123 is the state after reading `"\u123` during a quoted string. -func stateInStringEscU123(s *scanner, c byte) int { - if '0' <= c && c <= '9' || 'a' <= c && c <= 'f' || 'A' <= c && c <= 'F' { - s.step = stateInString - return scanContinue - } - // numbers - return s.error(c, "in \\u hexadecimal character escape") -} - -// stateNeg is the state after reading `-` during a number. -func stateNeg(s *scanner, c byte) int { - if c == '0' { - s.step = state0 - return scanContinue - } - if '1' <= c && c <= '9' { - s.step = state1 - return scanContinue - } - return s.error(c, "in numeric literal") -} - -// state1 is the state after reading a non-zero integer during a number, -// such as after reading `1` or `100` but not `0`. -func state1(s *scanner, c byte) int { - if '0' <= c && c <= '9' { - s.step = state1 - return scanContinue - } - return state0(s, c) -} - -// state0 is the state after reading `0` during a number. -func state0(s *scanner, c byte) int { - if c == '.' { - s.step = stateDot - return scanContinue - } - if c == 'e' || c == 'E' { - s.step = stateE - return scanContinue - } - return stateEndValue(s, c) -} - -// stateDot is the state after reading the integer and decimal point in a number, -// such as after reading `1.`. -func stateDot(s *scanner, c byte) int { - if '0' <= c && c <= '9' { - s.step = stateDot0 - return scanContinue - } - return s.error(c, "after decimal point in numeric literal") -} - -// stateDot0 is the state after reading the integer, decimal point, and subsequent -// digits of a number, such as after reading `3.14`. -func stateDot0(s *scanner, c byte) int { - if '0' <= c && c <= '9' { - return scanContinue - } - if c == 'e' || c == 'E' { - s.step = stateE - return scanContinue - } - return stateEndValue(s, c) -} - -// stateE is the state after reading the mantissa and e in a number, -// such as after reading `314e` or `0.314e`. -func stateE(s *scanner, c byte) int { - if c == '+' || c == '-' { - s.step = stateESign - return scanContinue - } - return stateESign(s, c) -} - -// stateESign is the state after reading the mantissa, e, and sign in a number, -// such as after reading `314e-` or `0.314e+`. -func stateESign(s *scanner, c byte) int { - if '0' <= c && c <= '9' { - s.step = stateE0 - return scanContinue - } - return s.error(c, "in exponent of numeric literal") -} - -// stateE0 is the state after reading the mantissa, e, optional sign, -// and at least one digit of the exponent in a number, -// such as after reading `314e-2` or `0.314e+1` or `3.14e0`. -func stateE0(s *scanner, c byte) int { - if '0' <= c && c <= '9' { - return scanContinue - } - return stateEndValue(s, c) -} - -// stateT is the state after reading `t`. -func stateT(s *scanner, c byte) int { - if c == 'r' { - s.step = stateTr - return scanContinue - } - return s.error(c, "in literal true (expecting 'r')") -} - -// stateTr is the state after reading `tr`. -func stateTr(s *scanner, c byte) int { - if c == 'u' { - s.step = stateTru - return scanContinue - } - return s.error(c, "in literal true (expecting 'u')") -} - -// stateTru is the state after reading `tru`. -func stateTru(s *scanner, c byte) int { - if c == 'e' { - s.step = stateEndValue - return scanContinue - } - return s.error(c, "in literal true (expecting 'e')") -} - -// stateF is the state after reading `f`. -func stateF(s *scanner, c byte) int { - if c == 'a' { - s.step = stateFa - return scanContinue - } - return s.error(c, "in literal false (expecting 'a')") -} - -// stateFa is the state after reading `fa`. -func stateFa(s *scanner, c byte) int { - if c == 'l' { - s.step = stateFal - return scanContinue - } - return s.error(c, "in literal false (expecting 'l')") -} - -// stateFal is the state after reading `fal`. -func stateFal(s *scanner, c byte) int { - if c == 's' { - s.step = stateFals - return scanContinue - } - return s.error(c, "in literal false (expecting 's')") -} - -// stateFals is the state after reading `fals`. -func stateFals(s *scanner, c byte) int { - if c == 'e' { - s.step = stateEndValue - return scanContinue - } - return s.error(c, "in literal false (expecting 'e')") -} - -// stateN is the state after reading `n`. -func stateN(s *scanner, c byte) int { - if c == 'u' { - s.step = stateNu - return scanContinue - } - return s.error(c, "in literal null (expecting 'u')") -} - -// stateNu is the state after reading `nu`. -func stateNu(s *scanner, c byte) int { - if c == 'l' { - s.step = stateNul - return scanContinue - } - return s.error(c, "in literal null (expecting 'l')") -} - -// stateNul is the state after reading `nul`. -func stateNul(s *scanner, c byte) int { - if c == 'l' { - s.step = stateEndValue - return scanContinue - } - return s.error(c, "in literal null (expecting 'l')") -} - -// stateError is the state after reaching a syntax error, -// such as after reading `[1}` or `5.1.2`. -func stateError(_ *scanner, _ byte) int { - return scanError -} - -// error records an error and switches to the error state. -func (s *scanner) error(c byte, context string) int { - s.step = stateError - s.err = &SyntaxError{"invalid character " + quoteChar(c) + " " + context, s.bytes} - return scanError -} - -// quoteChar formats c as a quoted character literal -func quoteChar(c byte) string { - // special cases - different from quoted strings - if c == '\'' { - return `'\''` - } - if c == '"' { - return `'"'` - } - - // use quoted string with different quotation marks - s := strconv.Quote(string(c)) - return "'" + s[1:len(s)-1] + "'" -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/memcached.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/memcached.go deleted file mode 100644 index 5fd821fd..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/memcached.go +++ /dev/null @@ -1,26 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "strings" -) - -// ObfuscateMemcachedString obfuscates the Memcached command cmd. -func (o *Obfuscator) ObfuscateMemcachedString(cmd string) string { - if !o.opts.Memcached.KeepCommand { - // If the command shouldn't be kept, then the entire tag will - // be dropped. - return "" - } - // All memcached commands end with new lines [1]. In the case of storage - // commands, key values follow after. Knowing this, all we have to do - // to obfuscate the values is to remove everything that follows - // a new line. For non-storage commands, this will have no effect. - // [1]: https://github.com/memcached/memcached/blob/master/doc/protocol.txt - truncated := strings.SplitN(cmd, "\r\n", 2)[0] - return strings.TrimSpace(truncated) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/obfuscate.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/obfuscate.go deleted file mode 100644 index fd5ac9dd..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/obfuscate.go +++ /dev/null @@ -1,354 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package obfuscate implements quantizing and obfuscating of tags and resources for -// a set of spans matching a certain criteria. -// -// This module is used in the Datadog Agent, the Go tracing client (dd-trace-go) and in the -// OpenTelemetry Collector Datadog exporter./ End-user behavior is stable, but there are no -// stability guarantees on its public Go API. Nonetheless, if editing try to avoid breaking -// API changes if possible and double check the API usage on all module dependents. -package obfuscate - -import ( - "bytes" - - "go.uber.org/atomic" - - "github.com/DataDog/datadog-go/v5/statsd" -) - -// Obfuscator quantizes and obfuscates spans. The obfuscator is not safe for -// concurrent use. -type Obfuscator struct { - opts *Config - es *jsonObfuscator // nil if disabled - openSearch *jsonObfuscator // nil if disabled - mongo *jsonObfuscator // nil if disabled - sqlExecPlan *jsonObfuscator // nil if disabled - sqlExecPlanNormalize *jsonObfuscator // nil if disabled - ccObfuscator *creditCard // nil if disabled - // sqlLiteralEscapes reports whether we should treat escape characters literally or as escape characters. - // Different SQL engines behave in different ways and the tokenizer needs to be generic. - sqlLiteralEscapes *atomic.Bool - // queryCache keeps a cache of already obfuscated queries. - queryCache *measuredCache - log Logger -} - -// Logger is able to log certain log messages. -type Logger interface { - // Debugf logs the given message using the given format. - Debugf(format string, params ...interface{}) -} - -type noopLogger struct{} - -func (noopLogger) Debugf(_ string, _ ...interface{}) {} - -// setSQLLiteralEscapes sets whether or not escape characters should be treated literally by the SQL obfuscator. -func (o *Obfuscator) setSQLLiteralEscapes(ok bool) { - if ok { - o.sqlLiteralEscapes.Store(true) - } else { - o.sqlLiteralEscapes.Store(false) - } -} - -// useSQLLiteralEscapes reports whether escape characters will be treated literally by the SQL obfuscator. -// Some SQL engines require it and others don't. It will be detected as SQL queries are being obfuscated -// through calls to ObfuscateSQLString and automatically set for future. -func (o *Obfuscator) useSQLLiteralEscapes() bool { - return o.sqlLiteralEscapes.Load() -} - -// Config holds the configuration for obfuscating sensitive data for various span types. -type Config struct { - // SQL holds the obfuscation configuration for SQL queries. - SQL SQLConfig - - // ES holds the obfuscation configuration for ElasticSearch bodies. - ES JSONConfig - - // OpenSearch holds the obfuscation configuration for OpenSearch bodies. - OpenSearch JSONConfig - - // Mongo holds the obfuscation configuration for MongoDB queries. - Mongo JSONConfig - - // SQLExecPlan holds the obfuscation configuration for SQL Exec Plans. This is strictly for safety related obfuscation, - // not normalization. Normalization of exec plans is configured in SQLExecPlanNormalize. - SQLExecPlan JSONConfig - - // SQLExecPlanNormalize holds the normalization configuration for SQL Exec Plans. - SQLExecPlanNormalize JSONConfig - - // HTTP holds the obfuscation settings for HTTP URLs. - HTTP HTTPConfig - - // Redis holds the obfuscation settings for Redis commands. - Redis RedisConfig - - // Memcached holds the obfuscation settings for Memcached commands. - Memcached MemcachedConfig - - // Memcached holds the obfuscation settings for obfuscation of CC numbers in meta. - CreditCard CreditCardsConfig - - // Statsd specifies the statsd client to use for reporting metrics. - Statsd StatsClient - - // Logger specifies the logger to use when outputting messages. - // If unset, no logs will be outputted. - Logger Logger -} - -// StatsClient implementations are able to emit stats. -type StatsClient interface { - // Gauge reports a gauge stat with the given name, value, tags and rate. - Gauge(name string, value float64, tags []string, rate float64) error -} - -// ObfuscationMode specifies the obfuscation mode to use for go-sqllexer pkg. -type ObfuscationMode string - -// ObfuscationMode valid values -const ( - NormalizeOnly = ObfuscationMode("normalize_only") - ObfuscateOnly = ObfuscationMode("obfuscate_only") - ObfuscateAndNormalize = ObfuscationMode("obfuscate_and_normalize") -) - -// SQLConfig holds the config for obfuscating SQL. -type SQLConfig struct { - // DBMS identifies the type of database management system (e.g. MySQL, Postgres, and SQL Server). - // Valid values for this can be found at https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/trace/semantic_conventions/database.md#connection-level-attributes - DBMS string `json:"dbms"` - - // TableNames specifies whether the obfuscator should also extract the table names that a query addresses, - // in addition to obfuscating. - TableNames bool `json:"table_names" yaml:"table_names"` - - // CollectCommands specifies whether the obfuscator should extract and return commands as SQL metadata when obfuscating. - CollectCommands bool `json:"collect_commands" yaml:"collect_commands"` - - // CollectComments specifies whether the obfuscator should extract and return comments as SQL metadata when obfuscating. - CollectComments bool `json:"collect_comments" yaml:"collect_comments"` - - // CollectProcedures specifies whether the obfuscator should extract and return procedure names as SQL metadata when obfuscating. - CollectProcedures bool `json:"collect_procedures" yaml:"collect_procedures"` - - // ReplaceDigits specifies whether digits in table names and identifiers should be obfuscated. - ReplaceDigits bool `json:"replace_digits" yaml:"replace_digits"` - - // KeepSQLAlias reports whether SQL aliases ("AS") should be truncated. - KeepSQLAlias bool `json:"keep_sql_alias"` - - // DollarQuotedFunc reports whether to treat "$func$" delimited dollar-quoted strings - // differently and not obfuscate them as a string. To read more about dollar quoted - // strings see: - // - // https://www.postgresql.org/docs/current/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING - DollarQuotedFunc bool `json:"dollar_quoted_func"` - - // ObfuscationMode specifies the obfuscation mode to use for go-sqllexer pkg. - // When specified, obfuscator will attempt to use go-sqllexer pkg to obfuscate (and normalize) SQL queries. - // Valid values are "normalize_only", "obfuscate_only", "obfuscate_and_normalize" - ObfuscationMode ObfuscationMode `json:"obfuscation_mode" yaml:"obfuscation_mode"` - - // RemoveSpaceBetweenParentheses specifies whether to remove spaces between parentheses. - // By default, spaces are inserted between parentheses during normalization. - // This option is only valid when ObfuscationMode is "normalize_only" or "obfuscate_and_normalize". - RemoveSpaceBetweenParentheses bool `json:"remove_space_between_parentheses" yaml:"remove_space_between_parentheses"` - - // KeepNull specifies whether to disable obfuscate NULL value with ?. - // This option is only valid when ObfuscationMode is "obfuscate_only" or "obfuscate_and_normalize". - KeepNull bool `json:"keep_null" yaml:"keep_null"` - - // KeepBoolean specifies whether to disable obfuscate boolean value with ?. - // This option is only valid when ObfuscationMode is "obfuscate_only" or "obfuscate_and_normalize". - KeepBoolean bool `json:"keep_boolean" yaml:"keep_boolean"` - - // KeepPositionalParameter specifies whether to disable obfuscate positional parameter with ?. - // This option is only valid when ObfuscationMode is "obfuscate_only" or "obfuscate_and_normalize". - KeepPositionalParameter bool `json:"keep_positional_parameter" yaml:"keep_positional_parameter"` - - // KeepTrailingSemicolon specifies whether to keep trailing semicolon. - // By default, trailing semicolon is removed during normalization. - // This option is only valid when ObfuscationMode is "normalize_only" or "obfuscate_and_normalize". - KeepTrailingSemicolon bool `json:"keep_trailing_semicolon" yaml:"keep_trailing_semicolon"` - - // KeepIdentifierQuotation specifies whether to keep identifier quotation, e.g. "my_table" or [my_table]. - // By default, identifier quotation is removed during normalization. - // This option is only valid when ObfuscationMode is "normalize_only" or "obfuscate_and_normalize". - KeepIdentifierQuotation bool `json:"keep_identifier_quotation" yaml:"keep_identifier_quotation"` - - // Cache reports whether the obfuscator should use a LRU look-up cache for SQL obfuscations. - Cache bool -} - -// SQLMetadata holds metadata collected throughout the obfuscation of an SQL statement. It is only -// collected when enabled via SQLConfig. -type SQLMetadata struct { - // Size holds the byte size of the metadata collected. - Size int64 - // TablesCSV is a comma-separated list of tables that the query addresses. - TablesCSV string `json:"tables_csv"` - // Commands holds commands executed in an SQL statement. - // e.g. SELECT, UPDATE, INSERT, DELETE, etc. - Commands []string `json:"commands"` - // Comments holds comments in an SQL statement. - Comments []string `json:"comments"` - // Procedures holds procedure names in an SQL statement. - Procedures []string `json:"procedures"` -} - -// HTTPConfig holds the configuration settings for HTTP obfuscation. -type HTTPConfig struct { - // RemoveQueryStrings determines query strings to be removed from HTTP URLs. - RemoveQueryString bool `mapstructure:"remove_query_string" json:"remove_query_string"` - - // RemovePathDigits determines digits in path segments to be obfuscated. - RemovePathDigits bool `mapstructure:"remove_paths_with_digits" json:"remove_path_digits"` -} - -// RedisConfig holds the configuration settings for Redis obfuscation -type RedisConfig struct { - // Enabled specifies whether this feature should be enabled. - Enabled bool `mapstructure:"enabled"` - - // RemoveAllArgs specifies whether all arguments to a given Redis - // command should be obfuscated. - RemoveAllArgs bool `mapstructure:"remove_all_args"` -} - -// MemcachedConfig holds the configuration settings for Memcached obfuscation -type MemcachedConfig struct { - // Enabled specifies whether this feature should be enabled. - Enabled bool `mapstructure:"enabled"` - - // KeepCommand specifies whether the command of a given Memcached - // query should be kept. If false, the entire tag is removed. - KeepCommand bool `mapstructure:"keep_command"` -} - -// JSONConfig holds the obfuscation configuration for sensitive -// data found in JSON objects. -type JSONConfig struct { - // Enabled will specify whether obfuscation should be enabled. - Enabled bool `mapstructure:"enabled"` - - // KeepValues will specify a set of keys for which their values will - // not be obfuscated. - KeepValues []string `mapstructure:"keep_values"` - - // ObfuscateSQLValues will specify a set of keys for which their values - // will be passed through SQL obfuscation - ObfuscateSQLValues []string `mapstructure:"obfuscate_sql_values"` -} - -// CreditCardsConfig holds the configuration for credit card obfuscation in -// (Meta) tags. -type CreditCardsConfig struct { - // Enabled specifies whether this feature should be enabled. - Enabled bool `mapstructure:"enabled"` - - // Luhn specifies whether Luhn checksum validation should be enabled. - // https://dev.to/shiraazm/goluhn-a-simple-library-for-generating-calculating-and-verifying-luhn-numbers-588j - // It reduces false positives, but increases the CPU time X3. - Luhn bool `mapstructure:"luhn"` -} - -// NewObfuscator creates a new obfuscator -func NewObfuscator(cfg Config) *Obfuscator { - if cfg.Logger == nil { - cfg.Logger = noopLogger{} - } - o := Obfuscator{ - opts: &cfg, - queryCache: newMeasuredCache(cacheOptions{On: cfg.SQL.Cache, Statsd: cfg.Statsd}), - sqlLiteralEscapes: atomic.NewBool(false), - log: cfg.Logger, - } - if cfg.ES.Enabled { - o.es = newJSONObfuscator(&cfg.ES, &o) - } - if cfg.OpenSearch.Enabled { - o.openSearch = newJSONObfuscator(&cfg.OpenSearch, &o) - } - if cfg.Mongo.Enabled { - o.mongo = newJSONObfuscator(&cfg.Mongo, &o) - } - if cfg.SQLExecPlan.Enabled { - o.sqlExecPlan = newJSONObfuscator(&cfg.SQLExecPlan, &o) - } - if cfg.SQLExecPlanNormalize.Enabled { - o.sqlExecPlanNormalize = newJSONObfuscator(&cfg.SQLExecPlanNormalize, &o) - } - if cfg.CreditCard.Enabled { - o.ccObfuscator = newCCObfuscator(&cfg.CreditCard) - } - if cfg.Statsd == nil { - cfg.Statsd = &statsd.NoOpClient{} - } - return &o -} - -// Stop cleans up after a finished Obfuscator. -func (o *Obfuscator) Stop() { - o.queryCache.Close() -} - -// compactWhitespaces compacts all whitespaces in t. -func compactWhitespaces(t string) string { - n := len(t) - r := make([]byte, n) - spaceCode := uint8(32) - isWhitespace := func(char uint8) bool { return char == spaceCode } - nr := 0 - offset := 0 - for i := 0; i < n; i++ { - if isWhitespace(t[i]) { - copy(r[nr:], t[nr+offset:i]) - r[i-offset] = spaceCode - nr = i + 1 - offset - for j := i + 1; j < n; j++ { - if !isWhitespace(t[j]) { - offset += j - i - 1 - i = j - break - } else if j == n-1 { - offset += j - i - i = j - break - } - } - } - } - copy(r[nr:], t[nr+offset:n]) - r = r[:n-offset] - return string(bytes.Trim(r, " ")) -} - -// replaceDigits replaces consecutive sequences of digits with '?', -// example: "jobs_2020_1597876964" --> "jobs_?_?" -func replaceDigits(buffer []byte) []byte { - scanningDigit := false - filtered := buffer[:0] - for _, b := range buffer { - // digits are encoded as 1 byte in utf8 - if isDigit(rune(b)) { - if scanningDigit { - continue - } - scanningDigit = true - filtered = append(filtered, byte('?')) - continue - } - scanningDigit = false - filtered = append(filtered, b) - } - return filtered -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/redis.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/redis.go deleted file mode 100644 index 70a1323e..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/redis.go +++ /dev/null @@ -1,301 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "strings" -) - -// redisTruncationMark is used as suffix by tracing libraries to indicate that a -// command was truncated. -const redisTruncationMark = "..." - -const maxRedisNbCommands = 3 - -// Redis commands consisting in 2 words -var redisCompoundCommandSet = map[string]bool{ - "CLIENT": true, "CLUSTER": true, "COMMAND": true, "CONFIG": true, "DEBUG": true, "SCRIPT": true} - -// QuantizeRedisString returns a quantized version of a Redis query. -// -// TODO(gbbr): Refactor this method to use the tokenizer and -// remove "compactWhitespaces". This method is buggy when commands -// contain quoted strings with newlines. -func (*Obfuscator) QuantizeRedisString(query string) string { - query = compactWhitespaces(query) - - var resource strings.Builder - truncated := false - nbCmds := 0 - - for len(query) > 0 && nbCmds < maxRedisNbCommands { - var rawLine string - - // Read the next command - idx := strings.IndexByte(query, '\n') - if idx == -1 { - rawLine = query - query = "" - } else { - rawLine = query[:idx] - query = query[idx+1:] - } - - line := strings.Trim(rawLine, " ") - if len(line) == 0 { - continue - } - - // Parse arguments - args := strings.SplitN(line, " ", 3) - - if strings.HasSuffix(args[0], redisTruncationMark) { - truncated = true - continue - } - - command := strings.ToUpper(args[0]) - - if redisCompoundCommandSet[command] && len(args) > 1 { - if strings.HasSuffix(args[1], redisTruncationMark) { - truncated = true - continue - } - - command += " " + strings.ToUpper(args[1]) - } - - // Write the command representation - resource.WriteByte(' ') - resource.WriteString(command) - - nbCmds++ - truncated = false - } - - if nbCmds == maxRedisNbCommands || truncated { - resource.WriteString(" ...") - } - - return strings.Trim(resource.String(), " ") -} - -// ObfuscateRedisString obfuscates the given Redis command. -func (*Obfuscator) ObfuscateRedisString(rediscmd string) string { - t := newRedisTokenizer([]byte(rediscmd)) - var ( - str strings.Builder - cmd string - args []string - ) - for { - tok, typ, done := t.scan() - switch typ { - case redisTokenCommand: - // new command starting - if cmd != "" { - // a previous command was buffered, obfuscate it - obfuscateRedisCmd(&str, cmd, args...) - str.WriteByte('\n') - } - cmd = tok - args = args[:0] - case redisTokenArgument: - args = append(args, tok) - } - if done { - // last command - obfuscateRedisCmd(&str, cmd, args...) - break - } - } - return str.String() -} - -func obfuscateRedisCmd(out *strings.Builder, cmd string, args ...string) { - out.WriteString(cmd) - if len(args) == 0 { - return - } - out.WriteByte(' ') - - switch strings.ToUpper(cmd) { - case "AUTH": - // Obfuscate everything after command - // • AUTH password - if len(args) > 0 { - args[0] = "?" - args = args[:1] - } - - case "APPEND", "GETSET", "LPUSHX", "GEORADIUSBYMEMBER", "RPUSHX", - "SET", "SETNX", "SISMEMBER", "ZRANK", "ZREVRANK", "ZSCORE": - // Obfuscate 2nd argument: - // • APPEND key value - // • GETSET key value - // • LPUSHX key value - // • GEORADIUSBYMEMBER key member radius m|km|ft|mi [WITHCOORD] [WITHDIST] [WITHHASH] [COUNT count] [ASC|DESC] [STORE key] [STOREDIST key] - // • RPUSHX key value - // • SET key value [expiration EX seconds|PX milliseconds] [NX|XX] - // • SETNX key value - // • SISMEMBER key member - // • ZRANK key member - // • ZREVRANK key member - // • ZSCORE key member - obfuscateRedisArgN(args, 1) - - case "HSET", "HSETNX", "LREM", "LSET", "SETBIT", "SETEX", "PSETEX", - "SETRANGE", "ZINCRBY", "SMOVE", "RESTORE": - // Obfuscate 3rd argument: - // • HSET key field value - // • HSETNX key field value - // • LREM key count value - // • LSET key index value - // • SETBIT key offset value - // • SETEX key seconds value - // • PSETEX key milliseconds value - // • SETRANGE key offset value - // • ZINCRBY key increment member - // • SMOVE source destination member - // • RESTORE key ttl serialized-value [REPLACE] - obfuscateRedisArgN(args, 2) - - case "LINSERT": - // Obfuscate 4th argument: - // • LINSERT key BEFORE|AFTER pivot value - obfuscateRedisArgN(args, 3) - - case "GEOHASH", "GEOPOS", "GEODIST", "LPUSH", "RPUSH", "SREM", - "ZREM", "SADD": - // Obfuscate all arguments after the first one. - // • GEOHASH key member [member ...] - // • GEOPOS key member [member ...] - // • GEODIST key member1 member2 [unit] - // • LPUSH key value [value ...] - // • RPUSH key value [value ...] - // • SREM key member [member ...] - // • ZREM key member [member ...] - // • SADD key member [member ...] - if len(args) > 1 { - args[1] = "?" - args = args[:2] - } - - case "GEOADD": - // Obfuscating every 3rd argument starting from first - // • GEOADD key longitude latitude member [longitude latitude member ...] - obfuscateRedisArgsStep(args, 1, 3) - - case "HMSET": - // Every 2nd argument starting from first. - // • HMSET key field value [field value ...] - obfuscateRedisArgsStep(args, 1, 2) - - case "MSET", "MSETNX": - // Every 2nd argument starting from command. - // • MSET key value [key value ...] - // • MSETNX key value [key value ...] - obfuscateRedisArgsStep(args, 0, 2) - - case "CONFIG": - // Obfuscate 2nd argument to SET sub-command. - // • CONFIG SET parameter value - if strings.ToUpper(args[0]) == "SET" { - obfuscateRedisArgN(args, 2) - } - - case "BITFIELD": - // Obfuscate 3rd argument to SET sub-command: - // • BITFIELD key [GET type offset] [SET type offset value] [INCRBY type offset increment] [OVERFLOW WRAP|SAT|FAIL] - var n int - for i, arg := range args { - if strings.ToUpper(arg) == "SET" { - n = i - } - if n > 0 && i-n == 3 { - args[i] = "?" - break - } - } - - case "ZADD": - // Obfuscate every 2nd argument after potential optional ones. - // • ZADD key [NX|XX] [CH] [INCR] score member [score member ...] - var i int - loop: - for i = range args { - if i == 0 { - continue // key - } - switch args[i] { - case "NX", "XX", "CH", "INCR": - // continue - default: - break loop - } - } - obfuscateRedisArgsStep(args, i, 2) - - default: - // Obfuscate nothing. - } - out.WriteString(strings.Join(args, " ")) -} - -// RemoveAllRedisArgs will take in a command and obfuscate all arguments following -// the command, regardless of if the command is valid Redis or not -func (*Obfuscator) RemoveAllRedisArgs(rediscmd string) string { - fullCmd := strings.Fields(rediscmd) - if len(fullCmd) == 0 { - return "" - } - cmd, args := fullCmd[0], fullCmd[1:] - - var out strings.Builder - out.WriteString(cmd) - if len(args) == 0 { - return out.String() - } - - out.WriteByte(' ') - switch strings.ToUpper(cmd) { - case "BITFIELD": - out.WriteString("?") - for _, a := range args { - arg := strings.ToUpper(a) - if arg == "SET" || arg == "GET" || arg == "INCRBY" { - out.WriteString(strings.Join([]string{"", a, "?"}, " ")) - } - } - case "CONFIG": - arg := strings.ToUpper(args[0]) - if arg == "GET" || arg == "SET" || arg == "RESETSTAT" || arg == "REWRITE" { - out.WriteString(strings.Join([]string{args[0], "?"}, " ")) - } else { - out.WriteString("?") - } - default: - out.WriteString("?") - } - - return out.String() -} - -func obfuscateRedisArgN(args []string, n int) { - if len(args) > n { - args[n] = "?" - } -} - -func obfuscateRedisArgsStep(args []string, start, step int) { - if start+step-1 >= len(args) { - // can't reach target - return - } - for i := start + step - 1; i < len(args); i += step { - args[i] = "?" - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/redis_tokenizer.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/redis_tokenizer.go deleted file mode 100644 index d4ef2dc3..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/redis_tokenizer.go +++ /dev/null @@ -1,187 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "bytes" - "strings" -) - -// redisTokenType specifies the token type returned by the tokenizer. -type redisTokenType int - -const ( - // redisTokenCommand is a command token. For compound tokens, it is - // only the first part up to a space. - redisTokenCommand redisTokenType = iota - - // redisTokenArgument is an argument token. - redisTokenArgument -) - -// String implements fmt.Stringer. -func (t redisTokenType) String() string { - return map[redisTokenType]string{ - redisTokenCommand: "command", - redisTokenArgument: "argument", - }[t] -} - -// redisTokenizer tokenizes a Redis command string. The string can be on -// multiple lines. The tokenizer is capable of parsing quoted strings and escape -// sequences inside them. -type redisTokenizer struct { - data []byte - ch byte - off int - done bool - state redisParseState -} - -// redisParseState specifies the current state of the tokenizer. -type redisParseState int - -const ( - // redisStateCommand specifies that we are about to parse a command. - // It is usually the state at the beginning of the scan or after a - // new line. - redisStateCommand redisParseState = iota - - // redisStateArgument specifies that we are about to parse an argument - // to a command or the rest of the tokens in a compound command. - redisStateArgument -) - -// newRedisTokenizer returns a new tokenizer for the given data. -func newRedisTokenizer(data []byte) *redisTokenizer { - return &redisTokenizer{ - data: bytes.TrimSpace(data), - off: -1, - state: redisStateCommand, - } -} - -// scan returns the next token, it's type and a bool. The boolean specifies if -// the returned token was the last one. -func (t *redisTokenizer) scan() (tok string, typ redisTokenType, done bool) { - switch t.state { - case redisStateCommand: - return t.scanCommand() - default: - return t.scanArg() - } -} - -// next advances the scanner to the next character. -func (t *redisTokenizer) next() { - t.off++ - if t.off <= len(t.data)-1 { - t.ch = t.data[t.off] - return - } - t.done = true -} - -// scanCommand scans a command from the buffer. -func (t *redisTokenizer) scanCommand() (tok string, typ redisTokenType, done bool) { - var ( - str strings.Builder - started bool - ) - for { - t.next() - if t.done { - return str.String(), typ, t.done - } - switch t.ch { - case ' ': - if !started { - // skip spaces preceding token - t.skipSpace() - break - } - // done scanning command - t.state = redisStateArgument - t.skipSpace() - return str.String(), redisTokenCommand, t.done - case '\n': - return str.String(), redisTokenCommand, t.done - default: - str.WriteByte(t.ch) - } - started = true - } -} - -// scanArg scans an argument from the buffer. -func (t *redisTokenizer) scanArg() (tok string, typ redisTokenType, done bool) { - var ( - str strings.Builder - quoted bool // in quoted string - escape bool // escape sequence - ) - for { - t.next() - if t.done { - return str.String(), redisTokenArgument, t.done - } - switch t.ch { - case '\\': - str.WriteByte('\\') - if !escape { - // next character could be escaped - escape = true - continue - } - case '\n': - if !quoted { - // last argument, new command follows - t.state = redisStateCommand - return str.String(), redisTokenArgument, t.done - } - str.WriteByte('\n') - case '"': - str.WriteByte('"') - if !escape { - // this quote wasn't escaped, toggle quoted mode - quoted = !quoted - } - case ' ': - if !quoted { - t.skipSpace() - return str.String(), redisTokenArgument, t.done - } - str.WriteByte(' ') - default: - str.WriteByte(t.ch) - } - escape = false - } -} - -// unread is the reverse of next, unreading a character. -func (t *redisTokenizer) unread() { - if t.off < 1 { - return - } - t.off-- - t.ch = t.data[t.off] -} - -// skipSpace moves the cursor forward until it meets the last space -// in a sequence of contiguous spaces. -func (t *redisTokenizer) skipSpace() { - for t.ch == ' ' || t.ch == '\t' || t.ch == '\r' && !t.done { - t.next() - } - if t.ch == '\n' { - // next token is a command - t.state = redisStateCommand - } else { - // don't steal the first non-space character - t.unread() - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/sql.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/sql.go deleted file mode 100644 index 18fc120a..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/sql.go +++ /dev/null @@ -1,502 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "bytes" - "errors" - "fmt" - "strings" - "unicode" - "unicode/utf8" - - sqllexer "github.com/DataDog/go-sqllexer" -) - -var questionMark = []byte("?") - -// metadataFinderFilter is a filter which attempts to collect metadata from a query, such as comments and tables. -// It is meant to run before all the other filters. -type metadataFinderFilter struct { - collectTableNames bool - collectCommands bool - collectComments bool - replaceDigits bool - - // size holds the byte size of the metadata collected by the filter. - size int64 - // tablesSeen keeps track of unique table names encountered by the filter. - tablesSeen map[string]struct{} - // tablesCSV specifies a comma-separated list of tables. - tablesCSV strings.Builder - // commands keeps track of commands encountered by the filter. - commands []string - // comments keeps track of comments encountered by the filter. - comments []string -} - -func (f *metadataFinderFilter) Filter(token, lastToken TokenKind, buffer []byte) (TokenKind, []byte, error) { - if f.collectComments && token == Comment { - // A comment with line-breaks will be brought to a single line. - comment := strings.TrimSpace(strings.Replace(string(buffer), "\n", " ", -1)) - f.size += int64(len(comment)) - f.comments = append(f.comments, comment) - } - if f.collectCommands { - switch token { - case Select, Update, Insert, Delete, Join, Alter, Drop, Create, Grant, Revoke, Commit, Begin, Truncate: - command := strings.ToUpper(token.String()) - f.size += int64(len(command)) - f.commands = append(f.commands, command) - } - } - if f.collectTableNames { - switch lastToken { - case From, Join: - // SELECT ... FROM [tableName] - // DELETE FROM [tableName] - // ... JOIN [tableName] - if r, _ := utf8.DecodeRune(buffer); !unicode.IsLetter(r) { - // first character in buffer is not a letter; we might have a nested - // query like SELECT * FROM (SELECT ...) - break - } - fallthrough - case Update, Into: - // UPDATE [tableName] - // INSERT INTO [tableName] - tableName := string(buffer) - if f.replaceDigits { - tableNameCopy := make([]byte, len(buffer)) - copy(tableNameCopy, buffer) - tableName = string(replaceDigits(tableNameCopy)) - } - f.storeTableName(tableName) - return TableName, buffer, nil - } - } - return token, buffer, nil -} - -func (f *metadataFinderFilter) storeTableName(name string) { - if _, ok := f.tablesSeen[name]; ok { - return - } - if f.tablesSeen == nil { - f.tablesSeen = make(map[string]struct{}, 1) - } - f.tablesSeen[name] = struct{}{} - if f.tablesCSV.Len() > 0 { - f.size++ - f.tablesCSV.WriteByte(',') - } - f.size += int64(len(name)) - f.tablesCSV.WriteString(name) -} - -// Results returns metadata collected by the filter for an SQL statement. -func (f *metadataFinderFilter) Results() SQLMetadata { - return SQLMetadata{ - Size: f.size, - TablesCSV: f.tablesCSV.String(), - Commands: f.commands, - Comments: f.comments, - } -} - -// Reset implements tokenFilter. -func (f *metadataFinderFilter) Reset() { - for k := range f.tablesSeen { - delete(f.tablesSeen, k) - } - f.size = 0 - f.tablesCSV.Reset() - f.commands = f.commands[:0] - f.comments = f.comments[:0] -} - -// discardFilter is a token filter which discards certain elements from a query, such as -// comments and AS aliases by returning a nil buffer. -type discardFilter struct { - keepSQLAlias bool -} - -// Filter the given token so that a `nil` slice is returned if the token is in the token filtered list. -func (f *discardFilter) Filter(token, lastToken TokenKind, buffer []byte) (TokenKind, []byte, error) { - // filters based on previous token - switch lastToken { - case FilteredBracketedIdentifier: - if token != ']' { - // we haven't found the closing bracket yet, keep going - if token != ID { - // the token between the brackets *must* be an identifier, - // otherwise the query is invalid. - return LexError, nil, fmt.Errorf("expected identifier in bracketed filter, got %d", token) - } - return FilteredBracketedIdentifier, nil, nil - } - fallthrough - case As: - if token == '[' { - // the identifier followed by AS is an MSSQL bracketed identifier - // and will continue to be discarded until we find the corresponding - // closing bracket counter-part. See GitHub issue DataDog/datadog-trace-agent#475. - return FilteredBracketedIdentifier, nil, nil - } - if f.keepSQLAlias { - return token, buffer, nil - } - return Filtered, nil, nil - } - - // filters based on the current token; if the next token should be ignored, - // return the same token value (not FilteredGroupable) and nil - switch token { - case Comment: - return Filtered, nil, nil - case ';': - return markFilteredGroupable(token), nil, nil - case As: - if !f.keepSQLAlias { - return As, nil, nil - } - fallthrough - default: - return token, buffer, nil - } -} - -// Reset implements tokenFilter. -func (f *discardFilter) Reset() {} - -// replaceFilter is a token filter which obfuscates strings and numbers in queries by replacing them -// with the "?" character. -type replaceFilter struct { - replaceDigits bool -} - -// Filter the given token so that it will be replaced if in the token replacement list -func (f *replaceFilter) Filter(token, lastToken TokenKind, buffer []byte) (tokenType TokenKind, tokenBytes []byte, err error) { - switch lastToken { - case Savepoint: - return markFilteredGroupable(token), questionMark, nil - case '=': - switch token { - case DoubleQuotedString: - // double-quoted strings after assignments are eligible for obfuscation - return markFilteredGroupable(token), questionMark, nil - } - } - switch token { - case DollarQuotedString, String, Number, Null, Variable, PreparedStatement, BooleanLiteral, EscapeSequence: - return markFilteredGroupable(token), questionMark, nil - case '?': - // Cases like 'ARRAY [ ?, ? ]' should be collapsed into 'ARRAY [ ? ]' - return markFilteredGroupable(token), questionMark, nil - case TableName, ID: - if f.replaceDigits { - return token, replaceDigits(buffer), nil - } - fallthrough - default: - return token, buffer, nil - } -} - -// Reset implements tokenFilter. -func (f *replaceFilter) Reset() {} - -// groupingFilter is a token filter which groups together items replaced by the replaceFilter. It is meant -// to run immediately after it. -type groupingFilter struct { - groupFilter int // counts the number of values, e.g. 3 = ?, ?, ? - groupMulti int // counts the number of groups, e.g. 2 = (?, ?), (?, ?, ?) -} - -// Filter the given token so that it will be discarded if a grouping pattern -// has been recognized. A grouping is composed by items like: -// - '( ?, ?, ? )' -// - '( ?, ? ), ( ?, ? )' -func (f *groupingFilter) Filter(token, lastToken TokenKind, buffer []byte) (tokenType TokenKind, tokenBytes []byte, err error) { - // increasing the number of groups means that we're filtering an entire group - // because it can be represented with a single '( ? )' - if (lastToken == '(' && isFilteredGroupable(token)) || (token == '(' && f.groupMulti > 0) { - f.groupMulti++ - } - - // Potential commands that could indicate the start of a subquery. - isStartOfSubquery := token == Select || token == Delete || token == Update || token == ID - - switch { - case f.groupMulti > 0 && lastToken == FilteredGroupableParenthesis && isStartOfSubquery: - // this is the start of a new group that seems to be a nested query; - // cancel grouping. - f.Reset() - return token, append([]byte("( "), buffer...), nil - case isFilteredGroupable(token): - // the previous filter has dropped this token so we should start - // counting the group filter so that we accept only one '?' for - // the same group - f.groupFilter++ - - if f.groupFilter > 1 { - return markFilteredGroupable(token), nil, nil - } - case f.groupFilter > 0 && (token == ',' || token == '?'): - // if we are in a group drop all commas - return markFilteredGroupable(token), nil, nil - case f.groupMulti > 1: - // drop all tokens since we're in a counting group - // and they're duplicated - return markFilteredGroupable(token), nil, nil - case token != ',' && token != '(' && token != ')' && !isFilteredGroupable(token): - // when we're out of a group reset the filter state - f.Reset() - } - - return token, buffer, nil -} - -// isFilteredGroupable reports whether token is to be considered filtered groupable. -func isFilteredGroupable(token TokenKind) bool { - switch token { - case FilteredGroupable, FilteredGroupableParenthesis: - return true - default: - return false - } -} - -// markFilteredGroupable returns the appropriate TokenKind to mark this token as -// filtered groupable. -func markFilteredGroupable(token TokenKind) TokenKind { - switch token { - case '(': - return FilteredGroupableParenthesis - default: - return FilteredGroupable - } -} - -// Reset resets the groupingFilter so that it may be used again. -func (f *groupingFilter) Reset() { - f.groupFilter = 0 - f.groupMulti = 0 -} - -// ObfuscateSQLString quantizes and obfuscates the given input SQL query string. Quantization removes -// some elements such as comments and aliases and obfuscation attempts to hide sensitive information -// in strings and numbers by redacting them. -func (o *Obfuscator) ObfuscateSQLString(in string) (*ObfuscatedQuery, error) { - return o.ObfuscateSQLStringWithOptions(in, &o.opts.SQL) -} - -// ObfuscateSQLStringWithOptions accepts an optional SQLOptions to change the behavior of the obfuscator -// to quantize and obfuscate the given input SQL query string. Quantization removes some elements such as comments -// and aliases and obfuscation attempts to hide sensitive information in strings and numbers by redacting them. -func (o *Obfuscator) ObfuscateSQLStringWithOptions(in string, opts *SQLConfig) (*ObfuscatedQuery, error) { - if opts.ObfuscationMode != "" { - // If obfuscation mode is specified, we will use go-sqllexer pkg - // to obfuscate (and normalize) the query. - return o.ObfuscateWithSQLLexer(in, opts) - } - - if v, ok := o.queryCache.Get(in); ok { - return v.(*ObfuscatedQuery), nil - } - oq, err := o.obfuscateSQLString(in, opts) - if err != nil { - return oq, err - } - o.queryCache.Set(in, oq, oq.Cost()) - return oq, nil -} - -func (o *Obfuscator) obfuscateSQLString(in string, opts *SQLConfig) (*ObfuscatedQuery, error) { - lesc := o.useSQLLiteralEscapes() - tok := NewSQLTokenizer(in, lesc, opts) - out, err := attemptObfuscation(tok) - if err != nil && tok.SeenEscape() { - // If the tokenizer failed, but saw an escape character in the process, - // try again treating escapes differently - tok = NewSQLTokenizer(in, !lesc, opts) - if out, err2 := attemptObfuscation(tok); err2 == nil { - // If the second attempt succeeded, change the default behavior so that - // on the next run we get it right in the first run. - o.setSQLLiteralEscapes(!lesc) - return out, nil - } - } - return out, err -} - -// ObfuscatedQuery specifies information about an obfuscated SQL query. -type ObfuscatedQuery struct { - Query string `json:"query"` // the obfuscated SQL query - Metadata SQLMetadata `json:"metadata"` // metadata extracted from the SQL query -} - -// Cost returns the number of bytes needed to store all the fields -// of this ObfuscatedQuery. -func (oq *ObfuscatedQuery) Cost() int64 { - return int64(len(oq.Query)) + oq.Metadata.Size -} - -// attemptObfuscation attempts to obfuscate the SQL query loaded into the tokenizer, using the given set of filters. -func attemptObfuscation(tokenizer *SQLTokenizer) (*ObfuscatedQuery, error) { - var ( - out = bytes.NewBuffer(make([]byte, 0, len(tokenizer.buf))) - err error - lastToken TokenKind - metadata = metadataFinderFilter{ - collectTableNames: tokenizer.cfg.TableNames, - collectCommands: tokenizer.cfg.CollectCommands, - collectComments: tokenizer.cfg.CollectComments, - replaceDigits: tokenizer.cfg.ReplaceDigits, - } - discard = discardFilter{keepSQLAlias: tokenizer.cfg.KeepSQLAlias} - replace = replaceFilter{replaceDigits: tokenizer.cfg.ReplaceDigits} - grouping groupingFilter - ) - defer metadata.Reset() - // call Scan() function until tokens are available or if a LEX_ERROR is raised. After - // retrieving a token, send it to the tokenFilter chains so that the token is discarded - // or replaced. - for { - token, buff := tokenizer.Scan() - if token == EndChar { - break - } - if token == LexError { - return nil, fmt.Errorf("%v", tokenizer.Err()) - } - - if token, buff, err = metadata.Filter(token, lastToken, buff); err != nil { - return nil, err - } - if token, buff, err = discard.Filter(token, lastToken, buff); err != nil { - return nil, err - } - if token, buff, err = replace.Filter(token, lastToken, buff); err != nil { - return nil, err - } - if token, buff, err = grouping.Filter(token, lastToken, buff); err != nil { - return nil, err - } - if buff != nil { - if out.Len() != 0 { - switch token { - case ',': - case '=': - if lastToken == ':' { - // do not add a space before an equals if a colon was - // present before it. - break - } - fallthrough - default: - out.WriteRune(' ') - } - } - out.Write(buff) - } - lastToken = token - } - if out.Len() == 0 { - return nil, errors.New("result is empty") - } - return &ObfuscatedQuery{ - Query: out.String(), - Metadata: metadata.Results(), - }, nil -} - -// ObfuscateSQLExecPlan obfuscates query conditions in the provided JSON encoded execution plan. If normalize=True, -// then cost and row estimates are also obfuscated away. -func (o *Obfuscator) ObfuscateSQLExecPlan(jsonPlan string, normalize bool) (string, error) { - if normalize { - return o.sqlExecPlanNormalize.obfuscate([]byte(jsonPlan)) - } - return o.sqlExecPlan.obfuscate([]byte(jsonPlan)) -} - -// ObfuscateWithSQLLexer obfuscates the given SQL query using the go-sqllexer package. -// If ObfuscationMode is set to ObfuscateOnly, the query will be obfuscated without normalizing it. -func (o *Obfuscator) ObfuscateWithSQLLexer(in string, opts *SQLConfig) (*ObfuscatedQuery, error) { - if opts.ObfuscationMode != NormalizeOnly && opts.ObfuscationMode != ObfuscateOnly && opts.ObfuscationMode != ObfuscateAndNormalize { - return nil, fmt.Errorf("invalid obfuscation mode: %s", opts.ObfuscationMode) - } - - var obfuscator *sqllexer.Obfuscator - - if opts.ObfuscationMode == ObfuscateOnly || opts.ObfuscationMode == ObfuscateAndNormalize { - obfuscator = sqllexer.NewObfuscator( - sqllexer.WithReplaceDigits(opts.ReplaceDigits), - sqllexer.WithDollarQuotedFunc(opts.DollarQuotedFunc), - sqllexer.WithReplacePositionalParameter(!opts.KeepPositionalParameter), - sqllexer.WithReplaceBoolean(!opts.KeepBoolean), - sqllexer.WithReplaceNull(!opts.KeepNull), - ) - } - - if opts.ObfuscationMode == ObfuscateOnly { - // Obfuscate the query without normalizing it. - out := obfuscator.Obfuscate(in, sqllexer.WithDBMS(sqllexer.DBMSType(opts.DBMS))) - return &ObfuscatedQuery{ - Query: out, - }, nil - } - - // we only want to cache normalized queries - if v, ok := o.queryCache.Get(in); ok { - return v.(*ObfuscatedQuery), nil - } - - // Obfuscate the query and normalize it. - normalizer := sqllexer.NewNormalizer( - sqllexer.WithCollectComments(opts.CollectComments), - sqllexer.WithCollectCommands(opts.CollectCommands), - sqllexer.WithCollectTables(opts.TableNames), - sqllexer.WithCollectProcedures(opts.CollectProcedures), - sqllexer.WithKeepSQLAlias(opts.KeepSQLAlias), - sqllexer.WithRemoveSpaceBetweenParentheses(opts.RemoveSpaceBetweenParentheses), - sqllexer.WithKeepTrailingSemicolon(opts.KeepTrailingSemicolon), - sqllexer.WithKeepIdentifierQuotation(opts.KeepIdentifierQuotation), - ) - - var out string - var statementMetadata *sqllexer.StatementMetadata - var err error - - if opts.ObfuscationMode == NormalizeOnly { - // Normalize the query without obfuscating it. - out, statementMetadata, err = normalizer.Normalize(in, sqllexer.WithDBMS(sqllexer.DBMSType(opts.DBMS))) - } else { - out, statementMetadata, err = sqllexer.ObfuscateAndNormalize( - in, - obfuscator, - normalizer, - sqllexer.WithDBMS(sqllexer.DBMSType(opts.DBMS)), - ) - } - if err != nil { - return nil, err - } - oq := &ObfuscatedQuery{ - Query: out, - Metadata: SQLMetadata{ - Size: int64(statementMetadata.Size), - TablesCSV: strings.Join(statementMetadata.Tables, ","), - Commands: statementMetadata.Commands, - Comments: statementMetadata.Comments, - Procedures: statementMetadata.Procedures, - }, - } - - o.queryCache.Set(in, oq, oq.Cost()) - - return oq, nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/sql_tokenizer.go b/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/sql_tokenizer.go deleted file mode 100644 index e379d7dd..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/obfuscate/sql_tokenizer.go +++ /dev/null @@ -1,929 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package obfuscate - -import ( - "bytes" - "fmt" - "strings" - "unicode" - "unicode/utf8" -) - -// tokenizer.go implemenents a lexer-like iterator that tokenizes SQL and CQL -// strings, so that an external component can filter or alter each token of the -// string. This implementation can't be used as a real SQL lexer (so a parser -// cannot build the AST) because many rules are ignored to make the tokenizer -// simpler. -// This implementation was inspired by https://github.com/youtube/vitess sql parser -// TODO: add the license to the NOTICE file - -// TokenKind specifies the type of the token being scanned. It may be one of the defined -// constants below or in some cases the actual rune itself. -type TokenKind uint32 - -// EndChar is used to signal that the scanner has finished reading the query. This happens when -// there are no more characters left in the query or when invalid encoding is discovered. EndChar -// is an invalid rune value that can not be found in any valid string. -const EndChar = unicode.MaxRune + 1 - -// list of available tokens; this list has been reduced because we don't -// need a full-fledged tokenizer to implement a Lexer -const ( - LexError = TokenKind(57346) + iota - - ID - Limit - Null - String - DoubleQuotedString - DollarQuotedString // https://www.postgresql.org/docs/current/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING - DollarQuotedFunc // a dollar-quoted string delimited by the tag "$func$"; gets special treatment when feature "dollar_quoted_func" is set - Number - BooleanLiteral - ValueArg - ListArg - Comment - Variable - Savepoint - PreparedStatement - EscapeSequence - NullSafeEqual - LE - GE - NE - Not - As - Alter - Drop - Create - Grant - Revoke - Commit - Begin - Truncate - Select - From - Update - Delete - Insert - Into - Join - TableName - ColonCast - - // PostgreSQL specific JSON operators - JSONSelect // -> - JSONSelectText // ->> - JSONSelectPath // #> - JSONSelectPathText // #>> - JSONContains // @> - JSONContainsLeft // <@ - JSONKeyExists // ? - JSONAnyKeysExist // ?| - JSONAllKeysExist // ?& - JSONDelete // #- - - // FilteredGroupable specifies that the given token has been discarded by one of the - // token filters and that it is groupable together with consecutive FilteredGroupable - // tokens. - FilteredGroupable - - // FilteredGroupableParenthesis is a parenthesis marked as filtered groupable. It is the - // beginning of either a group of values ('(') or a nested query. We track is as - // a special case for when it may start a nested query as opposed to just another - // value group to be obfuscated. - FilteredGroupableParenthesis - - // Filtered specifies that the token is a comma and was discarded by one - // of the filters. - Filtered - - // FilteredBracketedIdentifier specifies that we are currently discarding - // a bracketed identifier (MSSQL). - // See issue https://github.com/DataDog/datadog-trace-agent/issues/475. - FilteredBracketedIdentifier -) - -var tokenKindStrings = map[TokenKind]string{ - LexError: "LexError", - ID: "ID", - Limit: "Limit", - Null: "Null", - String: "String", - DoubleQuotedString: "DoubleQuotedString", - DollarQuotedString: "DollarQuotedString", - DollarQuotedFunc: "DollarQuotedFunc", - Number: "Number", - BooleanLiteral: "BooleanLiteral", - ValueArg: "ValueArg", - ListArg: "ListArg", - Comment: "Comment", - Variable: "Variable", - Savepoint: "Savepoint", - PreparedStatement: "PreparedStatement", - EscapeSequence: "EscapeSequence", - NullSafeEqual: "NullSafeEqual", - LE: "LE", - GE: "GE", - NE: "NE", - Not: "NOT", - As: "As", - Alter: "Alter", - Drop: "Drop", - Create: "Create", - Grant: "Grant", - Revoke: "Revoke", - Commit: "Commit", - Begin: "Begin", - Truncate: "Truncate", - Select: "Select", - From: "From", - Update: "Update", - Delete: "Delete", - Insert: "Insert", - Into: "Into", - Join: "Join", - TableName: "TableName", - ColonCast: "ColonCast", - FilteredGroupable: "FilteredGroupable", - FilteredGroupableParenthesis: "FilteredGroupableParenthesis", - Filtered: "Filtered", - FilteredBracketedIdentifier: "FilteredBracketedIdentifier", - JSONSelect: "JSONSelect", - JSONSelectText: "JSONSelectText", - JSONSelectPath: "JSONSelectPath", - JSONSelectPathText: "JSONSelectPathText", - JSONContains: "JSONContains", - JSONContainsLeft: "JSONContainsLeft", - JSONKeyExists: "JSONKeyExists", - JSONAnyKeysExist: "JSONAnyKeysExist", - JSONAllKeysExist: "JSONAllKeysExist", - JSONDelete: "JSONDelete", -} - -func (k TokenKind) String() string { - str, ok := tokenKindStrings[k] - if !ok { - return "" - } - return str -} - -const ( - // DBMSSQLServer is a MS SQL Server - DBMSSQLServer = "mssql" - // DBMSPostgres is a PostgreSQL Server - DBMSPostgres = "postgresql" - // DBMSMySQL is a MySQL Server - DBMSMySQL = "mysql" - // DBMSOracle is an Oracle Server - DBMSOracle = "oracle" -) - -const escapeCharacter = '\\' - -// SQLTokenizer is the struct used to generate SQL -// tokens for the parser. -type SQLTokenizer struct { - pos int // byte offset of lastChar - lastChar rune // last read rune - buf []byte // buf holds the query that we are parsing - off int // off is the index into buf where the unread portion of the query begins. - err error // any error occurred while reading - - curlys uint32 // number of active open curly braces in top-level SQL escape sequences. - - literalEscapes bool // indicates we should not treat backslashes as escape characters - seenEscape bool // indicates whether this tokenizer has seen an escape character within a string - - cfg *SQLConfig -} - -// NewSQLTokenizer creates a new SQLTokenizer for the given SQL string. The literalEscapes argument specifies -// whether escape characters should be treated literally or as such. -func NewSQLTokenizer(sql string, literalEscapes bool, cfg *SQLConfig) *SQLTokenizer { - if cfg == nil { - cfg = new(SQLConfig) - } - return &SQLTokenizer{ - buf: []byte(sql), - cfg: cfg, - literalEscapes: literalEscapes, - } -} - -// Reset the underlying buffer and positions -func (tkn *SQLTokenizer) Reset(in string) { - tkn.pos = 0 - tkn.lastChar = 0 - tkn.buf = []byte(in) - tkn.off = 0 - tkn.err = nil -} - -// keywords used to recognize string tokens -var keywords = map[string]TokenKind{ - "NULL": Null, - "TRUE": BooleanLiteral, - "FALSE": BooleanLiteral, - "SAVEPOINT": Savepoint, - "LIMIT": Limit, - "AS": As, - "ALTER": Alter, - "CREATE": Create, - "GRANT": Grant, - "REVOKE": Revoke, - "COMMIT": Commit, - "BEGIN": Begin, - "TRUNCATE": Truncate, - "DROP": Drop, - "SELECT": Select, - "FROM": From, - "UPDATE": Update, - "DELETE": Delete, - "INSERT": Insert, - "INTO": Into, - "JOIN": Join, -} - -// Err returns the last error that the tokenizer encountered, or nil. -func (tkn *SQLTokenizer) Err() error { return tkn.err } - -func (tkn *SQLTokenizer) setErr(format string, args ...interface{}) { - if tkn.err != nil { - return - } - tkn.err = fmt.Errorf("at position %d: %v", tkn.pos, fmt.Errorf(format, args...)) -} - -// SeenEscape returns whether or not this tokenizer has seen an escape character within a scanned string -func (tkn *SQLTokenizer) SeenEscape() bool { return tkn.seenEscape } - -// Scan scans the tokenizer for the next token and returns -// the token type and the token buffer. -func (tkn *SQLTokenizer) Scan() (TokenKind, []byte) { - if tkn.lastChar == 0 { - tkn.advance() - } - tkn.SkipBlank() - - switch ch := tkn.lastChar; { - case isLeadingLetter(ch) && - !(tkn.cfg.DBMS == DBMSPostgres && ch == '@'): - // The '@' symbol should not be considered part of an identifier in - // postgres, so we skip this in the case where the DBMS is postgres - // and ch is '@'. - return tkn.scanIdentifier() - case isDigit(ch): - return tkn.scanNumber(false) - default: - tkn.advance() - if tkn.lastChar == EndChar && tkn.err != nil { - // advance discovered an invalid encoding. We should return early. - return LexError, nil - } - switch ch { - case EndChar: - if tkn.err != nil { - return LexError, nil - } - return EndChar, nil - case ':': - if tkn.lastChar == ':' { - tkn.advance() - return ColonCast, []byte("::") - } - if unicode.IsSpace(tkn.lastChar) { - // example scenario: "autovacuum: VACUUM ANALYZE fake.table" - return TokenKind(ch), tkn.bytes() - } - if tkn.lastChar != '=' { - return tkn.scanBindVar() - } - fallthrough - case '~': - switch tkn.lastChar { - case '*': - tkn.advance() - return TokenKind('~'), []byte("~*") - default: - return TokenKind(ch), tkn.bytes() - } - case '?': - if tkn.cfg.DBMS == DBMSPostgres { - switch tkn.lastChar { - case '|': - tkn.advance() - return JSONAnyKeysExist, []byte("?|") - case '&': - tkn.advance() - return JSONAllKeysExist, []byte("?&") - default: - return JSONKeyExists, tkn.bytes() - } - } - fallthrough - case '=', ',', ';', '(', ')', '+', '*', '&', '|', '^', ']': - return TokenKind(ch), tkn.bytes() - case '[': - if tkn.cfg.DBMS == DBMSSQLServer { - return tkn.scanString(']', DoubleQuotedString) - } - return TokenKind(ch), tkn.bytes() - case '.': - if isDigit(tkn.lastChar) { - return tkn.scanNumber(true) - } - return TokenKind(ch), tkn.bytes() - case '/': - switch tkn.lastChar { - case '/': - tkn.advance() - return tkn.scanCommentType1("//") - case '*': - tkn.advance() - return tkn.scanCommentType2() - default: - return TokenKind(ch), tkn.bytes() - } - case '-': - switch { - case tkn.lastChar == '-': - tkn.advance() - return tkn.scanCommentType1("--") - case tkn.lastChar == '>': - if tkn.cfg.DBMS == DBMSPostgres { - tkn.advance() - switch tkn.lastChar { - case '>': - tkn.advance() - return JSONSelectText, []byte("->>") - default: - return JSONSelect, []byte("->") - } - } - fallthrough - case isDigit(tkn.lastChar): - return tkn.scanNumber(false) - case tkn.lastChar == '.': - tkn.advance() - if isDigit(tkn.lastChar) { - return tkn.scanNumber(true) - } - tkn.lastChar = '.' - tkn.pos-- - fallthrough - default: - return TokenKind(ch), tkn.bytes() - } - case '#': - switch tkn.cfg.DBMS { - case DBMSSQLServer: - return tkn.scanIdentifier() - case DBMSPostgres: - switch tkn.lastChar { - case '>': - tkn.advance() - switch tkn.lastChar { - case '>': - tkn.advance() - return JSONSelectPathText, []byte("#>>") - default: - return JSONSelectPath, []byte("#>") - } - case '-': - tkn.advance() - return JSONDelete, []byte("#-") - default: - return TokenKind(ch), tkn.bytes() - } - default: - tkn.advance() - return tkn.scanCommentType1("#") - } - case '<': - switch tkn.lastChar { - case '>': - tkn.advance() - return NE, []byte("<>") - case '=': - tkn.advance() - switch tkn.lastChar { - case '>': - tkn.advance() - return NullSafeEqual, []byte("<=>") - default: - return LE, []byte("<=") - } - case '@': - if tkn.cfg.DBMS == DBMSPostgres { - // check for JSONContainsLeft (<@) - tkn.advance() - return JSONContainsLeft, []byte("<@") - } - fallthrough - default: - return TokenKind(ch), tkn.bytes() - } - case '>': - if tkn.lastChar == '=' { - tkn.advance() - return GE, []byte(">=") - } - return TokenKind(ch), tkn.bytes() - case '!': - switch tkn.lastChar { - case '=': - tkn.advance() - return NE, []byte("!=") - case '~': - tkn.advance() - switch tkn.lastChar { - case '*': - tkn.advance() - return NE, []byte("!~*") - default: - return NE, []byte("!~") - } - default: - if isValidCharAfterOperator(tkn.lastChar) { - return Not, tkn.bytes() - } - tkn.setErr(`unexpected char "%c" (%d) after "!"`, tkn.lastChar, tkn.lastChar) - return LexError, tkn.bytes() - } - case '\'': - return tkn.scanString(ch, String) - case '"': - return tkn.scanString(ch, DoubleQuotedString) - case '`': - return tkn.scanString(ch, ID) - case '%': - if tkn.lastChar == '(' { - return tkn.scanVariableIdentifier('%') - } - if isLetter(tkn.lastChar) { - // format parameter (e.g. '%s') - return tkn.scanFormatParameter('%') - } - // modulo operator (e.g. 'id % 8') - return TokenKind(ch), tkn.bytes() - case '$': - if isDigit(tkn.lastChar) { - // TODO(gbbr): the first digit after $ does not necessarily guarantee - // that this isn't a dollar-quoted string constant. We might eventually - // want to cover for this use-case too (e.g. $1$some text$1$). - return tkn.scanPreparedStatement('$') - } - - // A special case for a string starts with single $ but does not end with $. - // For example in SQLServer, you can have "MG..... OUTPUT $action, inserted.*" - // $action in the OUTPUT clause of a MERGE statement is a special identifier - // that returns one of three values for each row: 'INSERT', 'UPDATE', or 'DELETE'. - // See: https://docs.microsoft.com/en-us/sql/t-sql/statements/merge-transact-sql?view=sql-server-ver15 - if tkn.cfg.DBMS == DBMSSQLServer && isLetter(tkn.lastChar) { - // When the DBMS is SQLServer and the last character is a letter, - // we should scan an identifier instead of a string. - return tkn.scanIdentifier() - } - - kind, tok := tkn.scanDollarQuotedString() - if kind == DollarQuotedFunc { - // this is considered an embedded query, we should try and - // obfuscate it - out, err := attemptObfuscation(NewSQLTokenizer(string(tok), tkn.literalEscapes, tkn.cfg)) - if err != nil { - // if we can't obfuscate it, treat it as a regular string - return DollarQuotedString, tok - } - tok = append(append([]byte("$func$"), []byte(out.Query)...), []byte("$func$")...) - } - return kind, tok - case '@': - if tkn.cfg.DBMS == DBMSPostgres { - // For postgres the @ symbol is reserved as an operator - // https://www.postgresql.org/docs/current/sql-syntax-lexical.html#SQL-SYNTAX-OPERATORS - // And is used as a json operator - // https://www.postgresql.org/docs/9.5/functions-json.html - switch tkn.lastChar { - case '>': - tkn.advance() - return JSONContains, []byte("@>") - default: - return TokenKind(ch), tkn.bytes() - } - } - fallthrough - case '{': - if tkn.pos == 1 || tkn.curlys > 0 { - // Do not fully obfuscate top-level SQL escape sequences like {{[?=]call procedure-name[([parameter][,parameter]...)]}. - // We want these to display a bit more context than just a plain '?' - // See: https://docs.oracle.com/cd/E13157_01/wlevs/docs30/jdbc_drivers/sqlescape.html - tkn.curlys++ - return TokenKind(ch), tkn.bytes() - } - return tkn.scanEscapeSequence('{') - case '}': - if tkn.curlys == 0 { - // A closing curly brace has no place outside an in-progress top-level SQL escape sequence - // started by the '{' switch-case. - tkn.setErr(`unexpected byte %d`, ch) - return LexError, tkn.bytes() - } - tkn.curlys-- - return TokenKind(ch), tkn.bytes() - default: - tkn.setErr(`unexpected byte %d`, ch) - return LexError, tkn.bytes() - } - } -} - -// SkipBlank moves the tokenizer forward until hitting a non-whitespace character -// The whitespace definition used here is the same as unicode.IsSpace -func (tkn *SQLTokenizer) SkipBlank() { - for unicode.IsSpace(tkn.lastChar) { - tkn.advance() - } - tkn.bytes() -} - -// toUpper is a modified version of bytes.ToUpper. It returns an upper-cased version of the byte -// slice src with all Unicode letters mapped to their upper case. It is modified to also accept a -// byte slice dst as an argument, the underlying storage of which (up to the capacity of dst) -// will be used as the destination of the upper-case copy of src, if it fits. As a special case, -// toUpper will return src if the byte slice is already upper-case. This function is used rather -// than bytes.ToUpper to improve the memory performance of the obfuscator by saving unnecessary -// allocations happening in bytes.ToUpper -func toUpper(src, dst []byte) []byte { - dst = dst[:0] - isASCII, hasLower := true, false - for i := 0; i < len(src); i++ { - c := src[i] - if c >= utf8.RuneSelf { - isASCII = false - break - } - hasLower = hasLower || ('a' <= c && c <= 'z') - } - if cap(dst) < len(src) { - dst = make([]byte, 0, len(src)) - } - if isASCII { // optimize for ASCII-only byte slices. - if !hasLower { - // Just return src. - return src - } - dst = dst[:len(src)] - for i := 0; i < len(src); i++ { - c := src[i] - if 'a' <= c && c <= 'z' { - c -= 'a' - 'A' - } - dst[i] = c - } - return dst - } - // This *could* be optimized, but it's an uncommon case. - return bytes.Map(unicode.ToUpper, src) -} - -func (tkn *SQLTokenizer) scanIdentifier() (TokenKind, []byte) { - tkn.advance() - for isLetter(tkn.lastChar) || isDigit(tkn.lastChar) || strings.ContainsRune(".*$", tkn.lastChar) { - tkn.advance() - } - - t := tkn.bytes() - // Space allows us to upper-case identifiers 256 bytes long or less without allocating heap - // storage for them, since space is allocated on the stack. A size of 256 bytes was chosen - // based on the allowed length of sql identifiers in various sql implementations. - var space [256]byte - upper := toUpper(t, space[:0]) - if keywordID, found := keywords[string(upper)]; found { - return keywordID, t - } - return ID, t -} - -func (tkn *SQLTokenizer) scanVariableIdentifier(_ rune) (TokenKind, []byte) { - for tkn.advance(); tkn.lastChar != ')' && tkn.lastChar != EndChar; tkn.advance() { - continue - } - tkn.advance() - if !isLetter(tkn.lastChar) { - tkn.setErr(`invalid character after variable identifier: "%c" (%d)`, tkn.lastChar, tkn.lastChar) - return LexError, tkn.bytes() - } - tkn.advance() - return Variable, tkn.bytes() -} - -func (tkn *SQLTokenizer) scanFormatParameter(_ rune) (TokenKind, []byte) { - tkn.advance() - return Variable, tkn.bytes() -} - -// scanDollarQuotedString scans a Postgres dollar-quoted string constant. -// See: https://www.postgresql.org/docs/current/sql-syntax-lexical.html#SQL-SYNTAX-DOLLAR-QUOTING -func (tkn *SQLTokenizer) scanDollarQuotedString() (TokenKind, []byte) { - kind, tag := tkn.scanString('$', String) - if kind == LexError { - return kind, tkn.bytes() - } - var ( - got int - buf bytes.Buffer - ) - delim := tag - // on empty strings, tkn.scanString returns the delimiters - if string(delim) != "$$" { - // on non-empty strings, the delimiter is $tag$ - delim = append([]byte{'$'}, delim...) - delim = append(delim, '$') - } - for { - ch := tkn.lastChar - tkn.advance() - if ch == EndChar { - tkn.setErr("unexpected EOF in dollar-quoted string") - return LexError, buf.Bytes() - } - if byte(ch) == delim[got] { - got++ - if got == len(delim) { - break - } - continue - } - if got > 0 { - _, err := buf.Write(delim[:got]) - if err != nil { - tkn.setErr("error reading dollar-quoted string: %v", err) - return LexError, buf.Bytes() - } - got = 0 - } - buf.WriteRune(ch) - } - if tkn.cfg.DollarQuotedFunc && string(delim) == "$func$" { - return DollarQuotedFunc, buf.Bytes() - } - return DollarQuotedString, buf.Bytes() -} - -func (tkn *SQLTokenizer) scanPreparedStatement(_ rune) (TokenKind, []byte) { - // a prepared statement expect a digit identifier like $1 - if !isDigit(tkn.lastChar) { - tkn.setErr(`prepared statements must start with digits, got "%c" (%d)`, tkn.lastChar, tkn.lastChar) - return LexError, tkn.bytes() - } - - // scanNumber keeps the prefix rune intact. - // read numbers and return an error if any - token, buff := tkn.scanNumber(false) - if token == LexError { - tkn.setErr("invalid number") - return LexError, tkn.bytes() - } - return PreparedStatement, buff -} - -func (tkn *SQLTokenizer) scanEscapeSequence(_ rune) (TokenKind, []byte) { - for tkn.lastChar != '}' && tkn.lastChar != EndChar { - tkn.advance() - } - - // we've reached the end of the string without finding - // the closing curly braces - if tkn.lastChar == EndChar { - tkn.setErr("unexpected EOF in escape sequence") - return LexError, tkn.bytes() - } - - tkn.advance() - return EscapeSequence, tkn.bytes() -} - -func (tkn *SQLTokenizer) scanBindVar() (TokenKind, []byte) { - token := ValueArg - if tkn.lastChar == ':' { - token = ListArg - tkn.advance() - } - if !isLetter(tkn.lastChar) && !isDigit(tkn.lastChar) { - tkn.setErr(`bind variables should start with letters or digits, got "%c" (%d)`, tkn.lastChar, tkn.lastChar) - return LexError, tkn.bytes() - } - for isLetter(tkn.lastChar) || isDigit(tkn.lastChar) || tkn.lastChar == '.' { - tkn.advance() - } - return token, tkn.bytes() -} - -func (tkn *SQLTokenizer) scanMantissa(base int) { - for digitVal(tkn.lastChar) < base { - tkn.advance() - } -} - -func (tkn *SQLTokenizer) scanNumber(seenDecimalPoint bool) (TokenKind, []byte) { - if seenDecimalPoint { - tkn.scanMantissa(10) - goto exponent - } - - if tkn.lastChar == '0' { - // int or float - tkn.advance() - if tkn.lastChar == 'x' || tkn.lastChar == 'X' { - // hexadecimal int - tkn.advance() - tkn.scanMantissa(16) - } else { - // octal int or float - tkn.scanMantissa(8) - if tkn.lastChar == '8' || tkn.lastChar == '9' { - tkn.scanMantissa(10) - } - if tkn.lastChar == '.' || tkn.lastChar == 'e' || tkn.lastChar == 'E' { - goto fraction - } - } - goto exit - } - - // decimal int or float - tkn.scanMantissa(10) - -fraction: - if tkn.lastChar == '.' { - tkn.advance() - tkn.scanMantissa(10) - } - -exponent: - if tkn.lastChar == 'e' || tkn.lastChar == 'E' { - tkn.advance() - if tkn.lastChar == '+' || tkn.lastChar == '-' { - tkn.advance() - } - tkn.scanMantissa(10) - } - -exit: - t := tkn.bytes() - if len(t) == 0 { - tkn.setErr("Parse error: ended up with zero-length number.") - return LexError, nil - } - return Number, t -} - -func (tkn *SQLTokenizer) scanString(delim rune, kind TokenKind) (TokenKind, []byte) { - buf := bytes.NewBuffer(tkn.buf[:0]) - for { - ch := tkn.lastChar - tkn.advance() - if ch == delim { - if tkn.lastChar == delim { - // doubling a delimiter is the default way to embed the delimiter within a string - tkn.advance() - } else { - // a single delimiter denotes the end of the string - break - } - } else if ch == escapeCharacter { - tkn.seenEscape = true - - if !tkn.literalEscapes { - // treat as an escape character - ch = tkn.lastChar - tkn.advance() - } - } - if ch == EndChar { - tkn.setErr("unexpected EOF in string") - return LexError, buf.Bytes() - } - buf.WriteRune(ch) - } - if kind == ID && buf.Len() == 0 || bytes.IndexFunc(buf.Bytes(), func(r rune) bool { return !unicode.IsSpace(r) }) == -1 { - // This string is an empty or white-space only identifier. - // We should keep the start and end delimiters in order to - // avoid creating invalid queries. - // See: https://github.com/DataDog/datadog-trace-agent/issues/316 - return kind, append(runeBytes(delim), runeBytes(delim)...) - } - return kind, buf.Bytes() -} - -func (tkn *SQLTokenizer) scanCommentType1(_ string) (TokenKind, []byte) { - for tkn.lastChar != EndChar { - if tkn.lastChar == '\n' { - tkn.advance() - break - } - tkn.advance() - } - return Comment, tkn.bytes() -} - -func (tkn *SQLTokenizer) scanCommentType2() (TokenKind, []byte) { - for { - if tkn.lastChar == '*' { - tkn.advance() - if tkn.lastChar == '/' { - tkn.advance() - break - } - continue - } - if tkn.lastChar == EndChar { - tkn.setErr("unexpected EOF in comment") - return LexError, tkn.bytes() - } - tkn.advance() - } - return Comment, tkn.bytes() -} - -// advance advances the tokenizer to the next rune. If the decoder encounters an error decoding, or -// the end of the buffer is reached, tkn.lastChar will be set to EndChar. In case of a decoding -// error, tkn.err will also be set. -func (tkn *SQLTokenizer) advance() { - ch, n := utf8.DecodeRune(tkn.buf[tkn.off:]) - if ch == utf8.RuneError && n < 2 { - tkn.pos++ - tkn.lastChar = EndChar - if n == 1 { - tkn.setErr("invalid UTF-8 encoding beginning with 0x%x", tkn.buf[tkn.off]) - } - return - } - if tkn.lastChar != 0 || tkn.pos > 0 { - // we are past the first character - tkn.pos += n - } - tkn.off += n - tkn.lastChar = ch -} - -// bytes returns all the bytes that were advanced over since its last call. -// This excludes tkn.lastChar, which will remain in the buffer -func (tkn *SQLTokenizer) bytes() []byte { - if tkn.lastChar == EndChar { - ret := tkn.buf[:tkn.off] - tkn.buf = tkn.buf[tkn.off:] - tkn.off = 0 - return ret - } - lastLen := utf8.RuneLen(tkn.lastChar) - ret := tkn.buf[:tkn.off-lastLen] - tkn.buf = tkn.buf[tkn.off-lastLen:] - tkn.off = lastLen - return ret -} - -// Position exports the tokenizer's current position in the query -func (tkn *SQLTokenizer) Position() int { - return tkn.pos -} - -func isLeadingLetter(ch rune) bool { - return unicode.IsLetter(ch) || ch == '_' || ch == '@' -} - -func isLetter(ch rune) bool { - return isLeadingLetter(ch) || ch == '#' -} - -func digitVal(ch rune) int { - switch { - case '0' <= ch && ch <= '9': - return int(ch) - '0' - case 'a' <= ch && ch <= 'f': - return int(ch) - 'a' + 10 - case 'A' <= ch && ch <= 'F': - return int(ch) - 'A' + 10 - } - return 16 // larger than any legal digit val -} - -func isDigit(ch rune) bool { return '0' <= ch && ch <= '9' } - -// runeBytes converts the given rune to a slice of bytes. -func runeBytes(r rune) []byte { - buf := make([]byte, utf8.UTFMax) - n := utf8.EncodeRune(buf, r) - return buf[:n] -} - -// isValidCharAfterOperator returns true if c is a valid character after an operator -func isValidCharAfterOperator(c rune) bool { - return c == '(' || c == '`' || c == '\'' || c == '"' || c == '+' || c == '-' || unicode.IsSpace(c) || isLetter(c) || isDigit(c) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/LICENSE b/vendor/github.com/DataDog/datadog-agent/pkg/proto/LICENSE deleted file mode 100644 index b370545b..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/LICENSE +++ /dev/null @@ -1,200 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-present Datadog, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload.pb.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload.pb.go deleted file mode 100644 index 5d803ea9..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload.pb.go +++ /dev/null @@ -1,240 +0,0 @@ -// protoc -I. -I$GOPATH/src --gogofaster_out=. span.proto tracer_payload.proto agent_payload.proto - -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.34.0 -// protoc v5.26.1 -// source: datadog/trace/agent_payload.proto - -package trace - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -// AgentPayload represents payload the agent sends to the intake. -type AgentPayload struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // hostName specifies hostname of where the agent is running. - HostName string `protobuf:"bytes,1,opt,name=hostName,proto3" json:"hostName,omitempty"` - // env specifies `env` set in agent configuration. - Env string `protobuf:"bytes,2,opt,name=env,proto3" json:"env,omitempty"` - // tracerPayloads specifies list of the payloads received from tracers. - TracerPayloads []*TracerPayload `protobuf:"bytes,5,rep,name=tracerPayloads,proto3" json:"tracerPayloads,omitempty"` - // tags specifies tags common in all `tracerPayloads`. - Tags map[string]string `protobuf:"bytes,6,rep,name=tags,proto3" json:"tags,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - // agentVersion specifies version of the agent. - AgentVersion string `protobuf:"bytes,7,opt,name=agentVersion,proto3" json:"agentVersion,omitempty"` - // targetTPS holds `TargetTPS` value in AgentConfig. - TargetTPS float64 `protobuf:"fixed64,8,opt,name=targetTPS,proto3" json:"targetTPS,omitempty"` - // errorTPS holds `ErrorTPS` value in AgentConfig. - ErrorTPS float64 `protobuf:"fixed64,9,opt,name=errorTPS,proto3" json:"errorTPS,omitempty"` - // rareSamplerEnabled holds `RareSamplerEnabled` value in AgentConfig - RareSamplerEnabled bool `protobuf:"varint,10,opt,name=rareSamplerEnabled,proto3" json:"rareSamplerEnabled,omitempty"` -} - -func (x *AgentPayload) Reset() { - *x = AgentPayload{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_agent_payload_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *AgentPayload) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*AgentPayload) ProtoMessage() {} - -func (x *AgentPayload) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_agent_payload_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use AgentPayload.ProtoReflect.Descriptor instead. -func (*AgentPayload) Descriptor() ([]byte, []int) { - return file_datadog_trace_agent_payload_proto_rawDescGZIP(), []int{0} -} - -func (x *AgentPayload) GetHostName() string { - if x != nil { - return x.HostName - } - return "" -} - -func (x *AgentPayload) GetEnv() string { - if x != nil { - return x.Env - } - return "" -} - -func (x *AgentPayload) GetTracerPayloads() []*TracerPayload { - if x != nil { - return x.TracerPayloads - } - return nil -} - -func (x *AgentPayload) GetTags() map[string]string { - if x != nil { - return x.Tags - } - return nil -} - -func (x *AgentPayload) GetAgentVersion() string { - if x != nil { - return x.AgentVersion - } - return "" -} - -func (x *AgentPayload) GetTargetTPS() float64 { - if x != nil { - return x.TargetTPS - } - return 0 -} - -func (x *AgentPayload) GetErrorTPS() float64 { - if x != nil { - return x.ErrorTPS - } - return 0 -} - -func (x *AgentPayload) GetRareSamplerEnabled() bool { - if x != nil { - return x.RareSamplerEnabled - } - return false -} - -var File_datadog_trace_agent_payload_proto protoreflect.FileDescriptor - -var file_datadog_trace_agent_payload_proto_rawDesc = []byte{ - 0x0a, 0x21, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, - 0x61, 0x67, 0x65, 0x6e, 0x74, 0x5f, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, - 0x63, 0x65, 0x1a, 0x22, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, - 0x65, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x5f, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x84, 0x03, 0x0a, 0x0c, 0x41, 0x67, 0x65, 0x6e, 0x74, - 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x4e, - 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, 0x4e, - 0x61, 0x6d, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x76, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x03, 0x65, 0x6e, 0x76, 0x12, 0x44, 0x0a, 0x0e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x50, - 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x73, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, - 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x54, 0x72, - 0x61, 0x63, 0x65, 0x72, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x52, 0x0e, 0x74, 0x72, 0x61, - 0x63, 0x65, 0x72, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x73, 0x12, 0x39, 0x0a, 0x04, 0x74, - 0x61, 0x67, 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x64, 0x61, 0x74, 0x61, - 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x50, - 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x54, 0x61, 0x67, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, - 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x12, 0x22, 0x0a, 0x0c, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x56, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x67, - 0x65, 0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1c, 0x0a, 0x09, 0x74, 0x61, - 0x72, 0x67, 0x65, 0x74, 0x54, 0x50, 0x53, 0x18, 0x08, 0x20, 0x01, 0x28, 0x01, 0x52, 0x09, 0x74, - 0x61, 0x72, 0x67, 0x65, 0x74, 0x54, 0x50, 0x53, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x72, 0x72, 0x6f, - 0x72, 0x54, 0x50, 0x53, 0x18, 0x09, 0x20, 0x01, 0x28, 0x01, 0x52, 0x08, 0x65, 0x72, 0x72, 0x6f, - 0x72, 0x54, 0x50, 0x53, 0x12, 0x2e, 0x0a, 0x12, 0x72, 0x61, 0x72, 0x65, 0x53, 0x61, 0x6d, 0x70, - 0x6c, 0x65, 0x72, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, - 0x52, 0x12, 0x72, 0x61, 0x72, 0x65, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x72, 0x45, 0x6e, 0x61, - 0x62, 0x6c, 0x65, 0x64, 0x1a, 0x37, 0x0a, 0x09, 0x54, 0x61, 0x67, 0x73, 0x45, 0x6e, 0x74, 0x72, - 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, - 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x16, 0x5a, - 0x14, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x70, 0x62, 0x67, 0x6f, 0x2f, - 0x74, 0x72, 0x61, 0x63, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_datadog_trace_agent_payload_proto_rawDescOnce sync.Once - file_datadog_trace_agent_payload_proto_rawDescData = file_datadog_trace_agent_payload_proto_rawDesc -) - -func file_datadog_trace_agent_payload_proto_rawDescGZIP() []byte { - file_datadog_trace_agent_payload_proto_rawDescOnce.Do(func() { - file_datadog_trace_agent_payload_proto_rawDescData = protoimpl.X.CompressGZIP(file_datadog_trace_agent_payload_proto_rawDescData) - }) - return file_datadog_trace_agent_payload_proto_rawDescData -} - -var file_datadog_trace_agent_payload_proto_msgTypes = make([]protoimpl.MessageInfo, 2) -var file_datadog_trace_agent_payload_proto_goTypes = []interface{}{ - (*AgentPayload)(nil), // 0: datadog.trace.AgentPayload - nil, // 1: datadog.trace.AgentPayload.TagsEntry - (*TracerPayload)(nil), // 2: datadog.trace.TracerPayload -} -var file_datadog_trace_agent_payload_proto_depIdxs = []int32{ - 2, // 0: datadog.trace.AgentPayload.tracerPayloads:type_name -> datadog.trace.TracerPayload - 1, // 1: datadog.trace.AgentPayload.tags:type_name -> datadog.trace.AgentPayload.TagsEntry - 2, // [2:2] is the sub-list for method output_type - 2, // [2:2] is the sub-list for method input_type - 2, // [2:2] is the sub-list for extension type_name - 2, // [2:2] is the sub-list for extension extendee - 0, // [0:2] is the sub-list for field type_name -} - -func init() { file_datadog_trace_agent_payload_proto_init() } -func file_datadog_trace_agent_payload_proto_init() { - if File_datadog_trace_agent_payload_proto != nil { - return - } - file_datadog_trace_tracer_payload_proto_init() - if !protoimpl.UnsafeEnabled { - file_datadog_trace_agent_payload_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*AgentPayload); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_datadog_trace_agent_payload_proto_rawDesc, - NumEnums: 0, - NumMessages: 2, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_datadog_trace_agent_payload_proto_goTypes, - DependencyIndexes: file_datadog_trace_agent_payload_proto_depIdxs, - MessageInfos: file_datadog_trace_agent_payload_proto_msgTypes, - }.Build() - File_datadog_trace_agent_payload_proto = out.File - file_datadog_trace_agent_payload_proto_rawDesc = nil - file_datadog_trace_agent_payload_proto_goTypes = nil - file_datadog_trace_agent_payload_proto_depIdxs = nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload_gen.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload_gen.go deleted file mode 100644 index 26cefad5..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload_gen.go +++ /dev/null @@ -1,200 +0,0 @@ -package trace - -// Code generated by github.com/tinylib/msgp DO NOT EDIT. - -import ( - "github.com/tinylib/msgp/msgp" -) - -// MarshalMsg implements msgp.Marshaler -func (z *AgentPayload) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // map header, size 8 - // string "HostName" - o = append(o, 0x88, 0xa8, 0x48, 0x6f, 0x73, 0x74, 0x4e, 0x61, 0x6d, 0x65) - o = msgp.AppendString(o, z.HostName) - // string "Env" - o = append(o, 0xa3, 0x45, 0x6e, 0x76) - o = msgp.AppendString(o, z.Env) - // string "TracerPayloads" - o = append(o, 0xae, 0x54, 0x72, 0x61, 0x63, 0x65, 0x72, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.TracerPayloads))) - for za0001 := range z.TracerPayloads { - if z.TracerPayloads[za0001] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z.TracerPayloads[za0001].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, "TracerPayloads", za0001) - return - } - } - } - // string "Tags" - o = append(o, 0xa4, 0x54, 0x61, 0x67, 0x73) - o = msgp.AppendMapHeader(o, uint32(len(z.Tags))) - for za0002, za0003 := range z.Tags { - o = msgp.AppendString(o, za0002) - o = msgp.AppendString(o, za0003) - } - // string "AgentVersion" - o = append(o, 0xac, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - o = msgp.AppendString(o, z.AgentVersion) - // string "TargetTPS" - o = append(o, 0xa9, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x54, 0x50, 0x53) - o = msgp.AppendFloat64(o, z.TargetTPS) - // string "ErrorTPS" - o = append(o, 0xa8, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x54, 0x50, 0x53) - o = msgp.AppendFloat64(o, z.ErrorTPS) - // string "RareSamplerEnabled" - o = append(o, 0xb2, 0x52, 0x61, 0x72, 0x65, 0x53, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x72, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x64) - o = msgp.AppendBool(o, z.RareSamplerEnabled) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *AgentPayload) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "HostName": - z.HostName, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "HostName") - return - } - case "Env": - z.Env, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Env") - return - } - case "TracerPayloads": - var zb0002 uint32 - zb0002, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "TracerPayloads") - return - } - if cap(z.TracerPayloads) >= int(zb0002) { - z.TracerPayloads = (z.TracerPayloads)[:zb0002] - } else { - z.TracerPayloads = make([]*TracerPayload, zb0002) - } - for za0001 := range z.TracerPayloads { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - z.TracerPayloads[za0001] = nil - } else { - if z.TracerPayloads[za0001] == nil { - z.TracerPayloads[za0001] = new(TracerPayload) - } - bts, err = z.TracerPayloads[za0001].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, "TracerPayloads", za0001) - return - } - } - } - case "Tags": - var zb0003 uint32 - zb0003, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - if z.Tags == nil { - z.Tags = make(map[string]string, zb0003) - } else if len(z.Tags) > 0 { - for key := range z.Tags { - delete(z.Tags, key) - } - } - for zb0003 > 0 { - var za0002 string - var za0003 string - zb0003-- - za0002, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - za0003, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags", za0002) - return - } - z.Tags[za0002] = za0003 - } - case "AgentVersion": - z.AgentVersion, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "AgentVersion") - return - } - case "TargetTPS": - z.TargetTPS, bts, err = msgp.ReadFloat64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "TargetTPS") - return - } - case "ErrorTPS": - z.ErrorTPS, bts, err = msgp.ReadFloat64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "ErrorTPS") - return - } - case "RareSamplerEnabled": - z.RareSamplerEnabled, bts, err = msgp.ReadBoolBytes(bts) - if err != nil { - err = msgp.WrapError(err, "RareSamplerEnabled") - return - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *AgentPayload) Msgsize() (s int) { - s = 1 + 9 + msgp.StringPrefixSize + len(z.HostName) + 4 + msgp.StringPrefixSize + len(z.Env) + 15 + msgp.ArrayHeaderSize - for za0001 := range z.TracerPayloads { - if z.TracerPayloads[za0001] == nil { - s += msgp.NilSize - } else { - s += z.TracerPayloads[za0001].Msgsize() - } - } - s += 5 + msgp.MapHeaderSize - if z.Tags != nil { - for za0002, za0003 := range z.Tags { - _ = za0003 - s += msgp.StringPrefixSize + len(za0002) + msgp.StringPrefixSize + len(za0003) - } - } - s += 13 + msgp.StringPrefixSize + len(z.AgentVersion) + 10 + msgp.Float64Size + 9 + msgp.Float64Size + 19 + msgp.BoolSize - return -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload_vtproto.pb.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload_vtproto.pb.go deleted file mode 100644 index e4d4f171..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/agent_payload_vtproto.pb.go +++ /dev/null @@ -1,523 +0,0 @@ -// Code generated by protoc-gen-go-vtproto. DO NOT EDIT. -// protoc-gen-go-vtproto version: v0.4.0 -// source: datadog/trace/agent_payload.proto - -package trace - -import ( - binary "encoding/binary" - fmt "fmt" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - io "io" - math "math" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -func (m *AgentPayload) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *AgentPayload) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *AgentPayload) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if m.RareSamplerEnabled { - i-- - if m.RareSamplerEnabled { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x50 - } - if m.ErrorTPS != 0 { - i -= 8 - binary.LittleEndian.PutUint64(dAtA[i:], uint64(math.Float64bits(float64(m.ErrorTPS)))) - i-- - dAtA[i] = 0x49 - } - if m.TargetTPS != 0 { - i -= 8 - binary.LittleEndian.PutUint64(dAtA[i:], uint64(math.Float64bits(float64(m.TargetTPS)))) - i-- - dAtA[i] = 0x41 - } - if len(m.AgentVersion) > 0 { - i -= len(m.AgentVersion) - copy(dAtA[i:], m.AgentVersion) - i = encodeVarint(dAtA, i, uint64(len(m.AgentVersion))) - i-- - dAtA[i] = 0x3a - } - if len(m.Tags) > 0 { - for k := range m.Tags { - v := m.Tags[k] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarint(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarint(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarint(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x32 - } - } - if len(m.TracerPayloads) > 0 { - for iNdEx := len(m.TracerPayloads) - 1; iNdEx >= 0; iNdEx-- { - size, err := m.TracerPayloads[iNdEx].MarshalToSizedBufferVT(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarint(dAtA, i, uint64(size)) - i-- - dAtA[i] = 0x2a - } - } - if len(m.Env) > 0 { - i -= len(m.Env) - copy(dAtA[i:], m.Env) - i = encodeVarint(dAtA, i, uint64(len(m.Env))) - i-- - dAtA[i] = 0x12 - } - if len(m.HostName) > 0 { - i -= len(m.HostName) - copy(dAtA[i:], m.HostName) - i = encodeVarint(dAtA, i, uint64(len(m.HostName))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *AgentPayload) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.HostName) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Env) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if len(m.TracerPayloads) > 0 { - for _, e := range m.TracerPayloads { - l = e.SizeVT() - n += 1 + l + sov(uint64(l)) - } - } - if len(m.Tags) > 0 { - for k, v := range m.Tags { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sov(uint64(len(k))) + 1 + len(v) + sov(uint64(len(v))) - n += mapEntrySize + 1 + sov(uint64(mapEntrySize)) - } - } - l = len(m.AgentVersion) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if m.TargetTPS != 0 { - n += 9 - } - if m.ErrorTPS != 0 { - n += 9 - } - if m.RareSamplerEnabled { - n += 2 - } - n += len(m.unknownFields) - return n -} - -func (m *AgentPayload) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: AgentPayload: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: AgentPayload: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field HostName", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.HostName = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Env", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Env = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TracerPayloads", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.TracerPayloads = append(m.TracerPayloads, &TracerPayload{}) - if err := m.TracerPayloads[len(m.TracerPayloads)-1].UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Tags", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Tags == nil { - m.Tags = make(map[string]string) - } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLength - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLength - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLength - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue < 0 { - return ErrInvalidLength - } - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Tags[mapkey] = mapvalue - iNdEx = postIndex - case 7: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AgentVersion", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AgentVersion = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 8: - if wireType != 1 { - return fmt.Errorf("proto: wrong wireType = %d for field TargetTPS", wireType) - } - var v uint64 - if (iNdEx + 8) > l { - return io.ErrUnexpectedEOF - } - v = uint64(binary.LittleEndian.Uint64(dAtA[iNdEx:])) - iNdEx += 8 - m.TargetTPS = float64(math.Float64frombits(v)) - case 9: - if wireType != 1 { - return fmt.Errorf("proto: wrong wireType = %d for field ErrorTPS", wireType) - } - var v uint64 - if (iNdEx + 8) > l { - return io.ErrUnexpectedEOF - } - v = uint64(binary.LittleEndian.Uint64(dAtA[iNdEx:])) - iNdEx += 8 - m.ErrorTPS = float64(math.Float64frombits(v)) - case 10: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field RareSamplerEnabled", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.RareSamplerEnabled = bool(v != 0) - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/decoder_bytes.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/decoder_bytes.go deleted file mode 100644 index d50cf8d7..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/decoder_bytes.go +++ /dev/null @@ -1,275 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package trace defines the types and functions to encode/decode traces. -package trace - -import ( - "bytes" - "errors" - "math" - "strings" - "unicode/utf8" - - "github.com/tinylib/msgp/msgp" -) - -// repairUTF8 ensures all characters in s are UTF-8 by replacing non-UTF-8 characters -// with the replacement char � -func repairUTF8(s string) string { - in := strings.NewReader(s) - var out bytes.Buffer - out.Grow(len(s)) - - for { - r, _, err := in.ReadRune() - if err != nil { - // note: by contract, if `in` contains non-valid utf-8, no error is returned. Rather the utf-8 replacement - // character is returned. Therefore, the only error should usually be io.EOF indicating end of string. - // If any other error is returned by chance, we quit as well, outputting whatever part of the string we - // had already constructed. - return out.String() - } - out.WriteRune(r) - } -} - -// parseStringBytes reads the next type in the msgpack payload and -// converts the BinType or the StrType in a valid string. -func parseStringBytes(bts []byte) (string, []byte, error) { - if msgp.IsNil(bts) { - bts, err := msgp.ReadNilBytes(bts) - return "", bts, err - } - // read the generic representation type without decoding - t := msgp.NextType(bts) - - var ( - err error - i []byte - ) - switch t { - case msgp.BinType: - i, bts, err = msgp.ReadBytesZC(bts) - case msgp.StrType: - i, bts, err = msgp.ReadStringZC(bts) - default: - return "", bts, msgp.TypeError{Encoded: t, Method: msgp.StrType} - } - if err != nil { - return "", bts, err - } - if utf8.Valid(i) { - return string(i), bts, nil - } - return repairUTF8(msgp.UnsafeString(i)), bts, nil -} - -// parseFloat64Bytes parses a float64 even if the sent value is an int64 or an uint64; -// this is required because the encoding library could remove bytes from the encoded -// payload to reduce the size, if they're not needed. -func parseFloat64Bytes(bts []byte) (float64, []byte, error) { - if msgp.IsNil(bts) { - bts, err := msgp.ReadNilBytes(bts) - return 0, bts, err - } - // read the generic representation type without decoding - t := msgp.NextType(bts) - - var err error - switch t { - case msgp.IntType: - var i int64 - i, bts, err = msgp.ReadInt64Bytes(bts) - if err != nil { - return 0, bts, err - } - - return float64(i), bts, nil - case msgp.UintType: - var i uint64 - i, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - return 0, bts, err - } - - return float64(i), bts, nil - case msgp.Float64Type: - var f float64 - f, bts, err = msgp.ReadFloat64Bytes(bts) - if err != nil { - return 0, bts, err - } - - return f, bts, nil - default: - return 0, bts, msgp.TypeError{Encoded: t, Method: msgp.Float64Type} - } -} - -// cast to int64 values that are int64 but that are sent in uint64 -// over the wire. Set to 0 if they overflow the MaxInt64 size. This -// cast should be used ONLY while decoding int64 values that are -// sent as uint64 to reduce the payload size, otherwise the approach -// is not correct in the general sense. -func castInt64(v uint64) (int64, bool) { - if v > math.MaxInt64 { - return 0, false - } - return int64(v), true -} - -// parseInt64Bytes parses an int64 even if the sent value is an uint64; -// this is required because the encoding library could remove bytes from the encoded -// payload to reduce the size, if they're not needed. -func parseInt64Bytes(bts []byte) (int64, []byte, error) { - if msgp.IsNil(bts) { - bts, err := msgp.ReadNilBytes(bts) - return 0, bts, err - } - // read the generic representation type without decoding - t := msgp.NextType(bts) - - var ( - i int64 - u uint64 - err error - ) - switch t { - case msgp.IntType: - i, bts, err = msgp.ReadInt64Bytes(bts) - if err != nil { - return 0, bts, err - } - return i, bts, nil - case msgp.UintType: - u, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - return 0, bts, err - } - - // force-cast - i, ok := castInt64(u) - if !ok { - return 0, bts, errors.New("found uint64, overflows int64") - } - return i, bts, nil - default: - return 0, bts, msgp.TypeError{Encoded: t, Method: msgp.IntType} - } -} - -// parseUint64Bytes parses an uint64 even if the sent value is an int64; -// this is required because the language used for the encoding library -// may not have unsigned types. An example is early version of Java -// (and so JRuby interpreter) that encodes uint64 as int64: -// http://docs.oracle.com/javase/tutorial/java/nutsandbolts/datatypes.html -func parseUint64Bytes(bts []byte) (uint64, []byte, error) { - if msgp.IsNil(bts) { - bts, err := msgp.ReadNilBytes(bts) - return 0, bts, err - } - // read the generic representation type without decoding - t := msgp.NextType(bts) - - var ( - i int64 - u uint64 - err error - ) - switch t { - case msgp.UintType: - u, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - return 0, bts, err - } - return u, bts, err - case msgp.IntType: - i, bts, err = msgp.ReadInt64Bytes(bts) - if err != nil { - return 0, bts, err - } - return uint64(i), bts, nil - default: - return 0, bts, msgp.TypeError{Encoded: t, Method: msgp.IntType} - } -} - -// cast to int32 values that are int32 but that are sent in uint32 -// over the wire. Set to 0 if they overflow the MaxInt32 size. This -// cast should be used ONLY while decoding int32 values that are -// sent as uint32 to reduce the payload size, otherwise the approach -// is not correct in the general sense. -func castInt32(v uint32) (int32, bool) { - if v > math.MaxInt32 { - return 0, false - } - return int32(v), true -} - -// parseInt32Bytes parses an int32 even if the sent value is an uint32; -// this is required because the encoding library could remove bytes from the encoded -// payload to reduce the size, if they're not needed. -func parseInt32Bytes(bts []byte) (int32, []byte, error) { - if msgp.IsNil(bts) { - bts, err := msgp.ReadNilBytes(bts) - return 0, bts, err - } - // read the generic representation type without decoding - t := msgp.NextType(bts) - - var ( - i int32 - u uint32 - err error - ) - switch t { - case msgp.IntType: - i, bts, err = msgp.ReadInt32Bytes(bts) - if err != nil { - return 0, bts, err - } - return i, bts, nil - case msgp.UintType: - u, bts, err = msgp.ReadUint32Bytes(bts) - if err != nil { - return 0, bts, err - } - - // force-cast - i, ok := castInt32(u) - if !ok { - return 0, bts, errors.New("found uint32, overflows int32") - } - return i, bts, nil - default: - return 0, bts, msgp.TypeError{Encoded: t, Method: msgp.IntType} - } -} - -// parseBytes reads the next BinType in the msgpack payload. -// -//nolint:unused // potentially useful; was used with prior proto definitions -func parseBytes(bts []byte) ([]byte, []byte, error) { - if msgp.IsNil(bts) { - bts, err := msgp.ReadNilBytes(bts) - return nil, bts, err - } - // read the generic representation type without decoding - t := msgp.NextType(bts) - - switch t { - case msgp.BinType: - unsafeBytes, bts, err := msgp.ReadBytesZC(bts) - if err != nil { - return nil, bts, err - } - safeBytes := make([]byte, len(unsafeBytes)) - copy(safeBytes, unsafeBytes) - return safeBytes, bts, nil - default: - return nil, bts, msgp.TypeError{Encoded: t, Method: msgp.BinType} - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/decoder_v05.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/decoder_v05.go deleted file mode 100644 index f88e6cc8..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/decoder_v05.go +++ /dev/null @@ -1,223 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package trace - -import ( - "errors" - "fmt" - - "github.com/tinylib/msgp/msgp" -) - -// dictionaryString reads an int from decoder dc and returns the string -// at that index from dict. -func dictionaryString(bts []byte, dict []string) (string, []byte, error) { - var ( - ui uint32 - err error - ) - ui, bts, err = msgp.ReadUint32Bytes(bts) - if err != nil { - return "", bts, err - } - idx := int(ui) - if idx >= len(dict) { - return "", bts, fmt.Errorf("dictionary index %d out of range", idx) - } - return dict[idx], bts, nil -} - -// UnmarshalMsgDictionary decodes a trace using the specification from the v0.5 endpoint. -// For details, see the documentation for endpoint v0.5 in pkg/trace/api/version.go -func (t *Traces) UnmarshalMsgDictionary(bts []byte) error { - var err error - if _, bts, err = safeReadHeaderBytes(bts, msgp.ReadArrayHeaderBytes); err != nil { - return err - } - // read dictionary - var sz uint32 - if sz, bts, err = safeReadHeaderBytes(bts, msgp.ReadArrayHeaderBytes); err != nil { - return err - } - dict := make([]string, sz) - for i := range dict { - var str string - str, bts, err = parseStringBytes(bts) - if err != nil { - return err - } - dict[i] = str - } - // read traces - sz, bts, err = safeReadHeaderBytes(bts, msgp.ReadArrayHeaderBytes) - if err != nil { - return err - } - if cap(*t) >= int(sz) { - *t = (*t)[:sz] - } else { - *t = make(Traces, sz) - } - for i := range *t { - sz, bts, err = safeReadHeaderBytes(bts, msgp.ReadArrayHeaderBytes) - if err != nil { - return err - } - if cap((*t)[i]) >= int(sz) { - (*t)[i] = (*t)[i][:sz] - } else { - (*t)[i] = make(Trace, sz) - } - for j := range (*t)[i] { - if (*t)[i][j] == nil { - (*t)[i][j] = new(Span) - } - if bts, err = (*t)[i][j].UnmarshalMsgDictionary(bts, dict); err != nil { - return err - } - } - } - return nil -} - -// spanPropertyCount specifies the number of top-level properties that a span -// has. -const spanPropertyCount = 12 - -// UnmarshalMsgDictionary decodes a span from the given decoder dc, looking up strings -// in the given dictionary dict. For details, see the documentation for endpoint v0.5 -// in pkg/trace/api/version.go -func (z *Span) UnmarshalMsgDictionary(bts []byte, dict []string) ([]byte, error) { - var ( - sz uint32 - err error - ) - sz, bts, err = safeReadHeaderBytes(bts, msgp.ReadArrayHeaderBytes) - if err != nil { - return bts, err - } - if sz != spanPropertyCount { - return bts, errors.New("encoded span needs exactly 12 elements in array") - } - // Service (0) - z.Service, bts, err = dictionaryString(bts, dict) - if err != nil { - return bts, err - } - // Name (1) - z.Name, bts, err = dictionaryString(bts, dict) - if err != nil { - return bts, err - } - // Resource (2) - z.Resource, bts, err = dictionaryString(bts, dict) - if err != nil { - return bts, err - } - // TraceID (3) - z.TraceID, bts, err = parseUint64Bytes(bts) - if err != nil { - return bts, err - } - // SpanID (4) - z.SpanID, bts, err = parseUint64Bytes(bts) - if err != nil { - return bts, err - } - // ParentID (5) - z.ParentID, bts, err = parseUint64Bytes(bts) - if err != nil { - return bts, err - } - // Start (6) - z.Start, bts, err = parseInt64Bytes(bts) - if err != nil { - return bts, err - } - // Duration (7) - z.Duration, bts, err = parseInt64Bytes(bts) - if err != nil { - return bts, err - } - // Error (8) - z.Error, bts, err = parseInt32Bytes(bts) - if err != nil { - return bts, err - } - // Meta (9) - sz, bts, err = safeReadHeaderBytes(bts, msgp.ReadMapHeaderBytes) - if err != nil { - return bts, err - } - if z.Meta == nil && sz > 0 { - z.Meta = make(map[string]string, sz) - } else if len(z.Meta) > 0 { - for key := range z.Meta { - delete(z.Meta, key) - } - } - for sz > 0 { - sz-- - var key, val string - key, bts, err = dictionaryString(bts, dict) - if err != nil { - return bts, err - } - val, bts, err = dictionaryString(bts, dict) - if err != nil { - return bts, err - } - z.Meta[key] = val - } - // Metrics (10) - sz, bts, err = safeReadHeaderBytes(bts, msgp.ReadMapHeaderBytes) - if err != nil { - return bts, err - } - if z.Metrics == nil && sz > 0 { - z.Metrics = make(map[string]float64, sz) - } else if len(z.Metrics) > 0 { - for key := range z.Metrics { - delete(z.Metrics, key) - } - } - for sz > 0 { - sz-- - var ( - key string - val float64 - ) - key, bts, err = dictionaryString(bts, dict) - if err != nil { - return bts, err - } - val, bts, err = parseFloat64Bytes(bts) - if err != nil { - return bts, err - } - z.Metrics[key] = val - } - // Type (11) - z.Type, bts, err = dictionaryString(bts, dict) - if err != nil { - return bts, err - } - return bts, nil -} - -// safeReadHeaderBytes wraps msgp header readers (typically ReadArrayHeaderBytes and ReadMapHeaderBytes). -// It enforces the dictionary max size of 25MB and protects the caller from making unbounded allocations through `make(any, sz)`. -func safeReadHeaderBytes(b []byte, read func([]byte) (uint32, []byte, error)) (uint32, []byte, error) { - sz, bts, err := read(b) - if err != nil { - return 0, nil, err - } - if sz > 25*1e6 { - // Dictionary can't be larger than 25 MB - return 0, nil, errors.New("too long payload") - } - return sz, bts, err -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span.pb.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span.pb.go deleted file mode 100644 index be7ee2bd..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span.pb.go +++ /dev/null @@ -1,448 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.34.0 -// protoc v5.26.1 -// source: datadog/trace/span.proto - -package trace - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type SpanLink struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // @gotags: json:"trace_id" msg:"trace_id" - TraceID uint64 `protobuf:"varint,1,opt,name=traceID,proto3" json:"trace_id" msg:"trace_id"` // Required. - // @gotags: json:"trace_id_high" msg:"trace_id_high,omitempty" - TraceIDHigh uint64 `protobuf:"varint,2,opt,name=traceID_high,json=traceIDHigh,proto3" json:"trace_id_high" msg:"trace_id_high,omitempty"` // Optional. The high 64 bits of a referenced trace id. - // @gotags: json:"span_id" msg:"span_id" - SpanID uint64 `protobuf:"varint,3,opt,name=spanID,proto3" json:"span_id" msg:"span_id"` // Required. - // @gotags: msg:"attributes,omitempty" - Attributes map[string]string `protobuf:"bytes,4,rep,name=attributes,proto3" json:"attributes,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3" msg:"attributes,omitempty"` // Optional. Simple mapping of keys to string values. - // @gotags: msg:"tracestate,omitempty" - Tracestate string `protobuf:"bytes,5,opt,name=tracestate,proto3" json:"tracestate,omitempty" msg:"tracestate,omitempty"` // Optional. W3C tracestate. - // @gotags: msg:"flags,omitempty" - Flags uint32 `protobuf:"varint,6,opt,name=flags,proto3" json:"flags,omitempty" msg:"flags,omitempty"` // Optional. W3C trace flags. If set, the high bit (bit 31) must be set. -} - -func (x *SpanLink) Reset() { - *x = SpanLink{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_span_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *SpanLink) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*SpanLink) ProtoMessage() {} - -func (x *SpanLink) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_span_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use SpanLink.ProtoReflect.Descriptor instead. -func (*SpanLink) Descriptor() ([]byte, []int) { - return file_datadog_trace_span_proto_rawDescGZIP(), []int{0} -} - -func (x *SpanLink) GetTraceID() uint64 { - if x != nil { - return x.TraceID - } - return 0 -} - -func (x *SpanLink) GetTraceIDHigh() uint64 { - if x != nil { - return x.TraceIDHigh - } - return 0 -} - -func (x *SpanLink) GetSpanID() uint64 { - if x != nil { - return x.SpanID - } - return 0 -} - -func (x *SpanLink) GetAttributes() map[string]string { - if x != nil { - return x.Attributes - } - return nil -} - -func (x *SpanLink) GetTracestate() string { - if x != nil { - return x.Tracestate - } - return "" -} - -func (x *SpanLink) GetFlags() uint32 { - if x != nil { - return x.Flags - } - return 0 -} - -type Span struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // service is the name of the service with which this span is associated. - // @gotags: json:"service" msg:"service" - Service string `protobuf:"bytes,1,opt,name=service,proto3" json:"service" msg:"service"` - // name is the operation name of this span. - // @gotags: json:"name" msg:"name" - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name" msg:"name"` - // resource is the resource name of this span, also sometimes called the endpoint (for web spans). - // @gotags: json:"resource" msg:"resource" - Resource string `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource" msg:"resource"` - // traceID is the ID of the trace to which this span belongs. - // @gotags: json:"trace_id" msg:"trace_id" - TraceID uint64 `protobuf:"varint,4,opt,name=traceID,proto3" json:"trace_id" msg:"trace_id"` - // spanID is the ID of this span. - // @gotags: json:"span_id" msg:"span_id" - SpanID uint64 `protobuf:"varint,5,opt,name=spanID,proto3" json:"span_id" msg:"span_id"` - // parentID is the ID of this span's parent, or zero if this span has no parent. - // @gotags: json:"parent_id" msg:"parent_id" - ParentID uint64 `protobuf:"varint,6,opt,name=parentID,proto3" json:"parent_id" msg:"parent_id"` - // start is the number of nanoseconds between the Unix epoch and the beginning of this span. - // @gotags: json:"start" msg:"start" - Start int64 `protobuf:"varint,7,opt,name=start,proto3" json:"start" msg:"start"` - // duration is the time length of this span in nanoseconds. - // @gotags: json:"duration" msg:"duration" - Duration int64 `protobuf:"varint,8,opt,name=duration,proto3" json:"duration" msg:"duration"` - // error is 1 if there is an error associated with this span, or 0 if there is not. - // @gotags: json:"error" msg:"error" - Error int32 `protobuf:"varint,9,opt,name=error,proto3" json:"error" msg:"error"` - // meta is a mapping from tag name to tag value for string-valued tags. - // @gotags: json:"meta,omitempty" msg:"meta,omitempty" - Meta map[string]string `protobuf:"bytes,10,rep,name=meta,proto3" json:"meta,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3" msg:"meta,omitempty"` - // metrics is a mapping from tag name to tag value for numeric-valued tags. - // @gotags: json:"metrics,omitempty" msg:"metrics,omitempty" - Metrics map[string]float64 `protobuf:"bytes,11,rep,name=metrics,proto3" json:"metrics,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"fixed64,2,opt,name=value,proto3" msg:"metrics,omitempty"` - // type is the type of the service with which this span is associated. Example values: web, db, lambda. - // @gotags: json:"type" msg:"type" - Type string `protobuf:"bytes,12,opt,name=type,proto3" json:"type" msg:"type"` - // meta_struct is a registry of structured "other" data used by, e.g., AppSec. - // @gotags: json:"meta_struct,omitempty" msg:"meta_struct,omitempty" - MetaStruct map[string][]byte `protobuf:"bytes,13,rep,name=meta_struct,json=metaStruct,proto3" json:"meta_struct,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3" msg:"meta_struct,omitempty"` - // span_links represents a collection of links, where each link defines a causal relationship between two spans. - // @gotags: json:"span_links,omitempty" msg:"span_links,omitempty" - SpanLinks []*SpanLink `protobuf:"bytes,14,rep,name=spanLinks,proto3" json:"span_links,omitempty" msg:"span_links,omitempty"` -} - -func (x *Span) Reset() { - *x = Span{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_span_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Span) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Span) ProtoMessage() {} - -func (x *Span) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_span_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Span.ProtoReflect.Descriptor instead. -func (*Span) Descriptor() ([]byte, []int) { - return file_datadog_trace_span_proto_rawDescGZIP(), []int{1} -} - -func (x *Span) GetService() string { - if x != nil { - return x.Service - } - return "" -} - -func (x *Span) GetName() string { - if x != nil { - return x.Name - } - return "" -} - -func (x *Span) GetResource() string { - if x != nil { - return x.Resource - } - return "" -} - -func (x *Span) GetTraceID() uint64 { - if x != nil { - return x.TraceID - } - return 0 -} - -func (x *Span) GetSpanID() uint64 { - if x != nil { - return x.SpanID - } - return 0 -} - -func (x *Span) GetParentID() uint64 { - if x != nil { - return x.ParentID - } - return 0 -} - -func (x *Span) GetStart() int64 { - if x != nil { - return x.Start - } - return 0 -} - -func (x *Span) GetDuration() int64 { - if x != nil { - return x.Duration - } - return 0 -} - -func (x *Span) GetError() int32 { - if x != nil { - return x.Error - } - return 0 -} - -func (x *Span) GetMeta() map[string]string { - if x != nil { - return x.Meta - } - return nil -} - -func (x *Span) GetMetrics() map[string]float64 { - if x != nil { - return x.Metrics - } - return nil -} - -func (x *Span) GetType() string { - if x != nil { - return x.Type - } - return "" -} - -func (x *Span) GetMetaStruct() map[string][]byte { - if x != nil { - return x.MetaStruct - } - return nil -} - -func (x *Span) GetSpanLinks() []*SpanLink { - if x != nil { - return x.SpanLinks - } - return nil -} - -var File_datadog_trace_span_proto protoreflect.FileDescriptor - -var file_datadog_trace_span_proto_rawDesc = []byte{ - 0x0a, 0x18, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, - 0x73, 0x70, 0x61, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x64, 0x61, 0x74, 0x61, - 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x22, 0x9d, 0x02, 0x0a, 0x08, 0x53, 0x70, - 0x61, 0x6e, 0x4c, 0x69, 0x6e, 0x6b, 0x12, 0x18, 0x0a, 0x07, 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, - 0x44, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x07, 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, 0x44, - 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, 0x44, 0x5f, 0x68, 0x69, 0x67, 0x68, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, 0x44, 0x48, - 0x69, 0x67, 0x68, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x70, 0x61, 0x6e, 0x49, 0x44, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x04, 0x52, 0x06, 0x73, 0x70, 0x61, 0x6e, 0x49, 0x44, 0x12, 0x47, 0x0a, 0x0a, 0x61, - 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, - 0x27, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, - 0x53, 0x70, 0x61, 0x6e, 0x4c, 0x69, 0x6e, 0x6b, 0x2e, 0x41, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, - 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, - 0x75, 0x74, 0x65, 0x73, 0x12, 0x1e, 0x0a, 0x0a, 0x74, 0x72, 0x61, 0x63, 0x65, 0x73, 0x74, 0x61, - 0x74, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x74, 0x72, 0x61, 0x63, 0x65, 0x73, - 0x74, 0x61, 0x74, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x18, 0x06, 0x20, - 0x01, 0x28, 0x0d, 0x52, 0x05, 0x66, 0x6c, 0x61, 0x67, 0x73, 0x1a, 0x3d, 0x0a, 0x0f, 0x41, 0x74, - 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, - 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, - 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, - 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x22, 0x9a, 0x05, 0x0a, 0x04, 0x53, 0x70, - 0x61, 0x6e, 0x12, 0x18, 0x0a, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, - 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, - 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x18, 0x0a, 0x07, - 0x74, 0x72, 0x61, 0x63, 0x65, 0x49, 0x44, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x07, 0x74, - 0x72, 0x61, 0x63, 0x65, 0x49, 0x44, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x70, 0x61, 0x6e, 0x49, 0x44, - 0x18, 0x05, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x73, 0x70, 0x61, 0x6e, 0x49, 0x44, 0x12, 0x1a, - 0x0a, 0x08, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x49, 0x44, 0x18, 0x06, 0x20, 0x01, 0x28, 0x04, - 0x52, 0x08, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x49, 0x44, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, - 0x61, 0x72, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x03, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, - 0x12, 0x1a, 0x0a, 0x08, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x08, 0x20, 0x01, - 0x28, 0x03, 0x52, 0x08, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x14, 0x0a, 0x05, - 0x65, 0x72, 0x72, 0x6f, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x65, 0x72, 0x72, - 0x6f, 0x72, 0x12, 0x31, 0x0a, 0x04, 0x6d, 0x65, 0x74, 0x61, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x0b, - 0x32, 0x1d, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, - 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, - 0x04, 0x6d, 0x65, 0x74, 0x61, 0x12, 0x3a, 0x0a, 0x07, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, - 0x18, 0x0b, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, - 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x2e, 0x4d, 0x65, 0x74, 0x72, - 0x69, 0x63, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x07, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, - 0x73, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x44, 0x0a, 0x0b, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x73, 0x74, - 0x72, 0x75, 0x63, 0x74, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x64, 0x61, 0x74, - 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x53, 0x70, 0x61, 0x6e, 0x2e, - 0x4d, 0x65, 0x74, 0x61, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, - 0x0a, 0x6d, 0x65, 0x74, 0x61, 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x12, 0x35, 0x0a, 0x09, 0x73, - 0x70, 0x61, 0x6e, 0x4c, 0x69, 0x6e, 0x6b, 0x73, 0x18, 0x0e, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x17, - 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x53, - 0x70, 0x61, 0x6e, 0x4c, 0x69, 0x6e, 0x6b, 0x52, 0x09, 0x73, 0x70, 0x61, 0x6e, 0x4c, 0x69, 0x6e, - 0x6b, 0x73, 0x1a, 0x37, 0x0a, 0x09, 0x4d, 0x65, 0x74, 0x61, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, - 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, - 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x3a, 0x0a, 0x0c, 0x4d, - 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, - 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, - 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, - 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x1a, 0x3d, 0x0a, 0x0f, 0x4d, 0x65, 0x74, 0x61, 0x53, - 0x74, 0x72, 0x75, 0x63, 0x74, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, - 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, - 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x05, 0x76, 0x61, 0x6c, - 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x16, 0x5a, 0x14, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x2f, 0x70, 0x62, 0x67, 0x6f, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x62, 0x06, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_datadog_trace_span_proto_rawDescOnce sync.Once - file_datadog_trace_span_proto_rawDescData = file_datadog_trace_span_proto_rawDesc -) - -func file_datadog_trace_span_proto_rawDescGZIP() []byte { - file_datadog_trace_span_proto_rawDescOnce.Do(func() { - file_datadog_trace_span_proto_rawDescData = protoimpl.X.CompressGZIP(file_datadog_trace_span_proto_rawDescData) - }) - return file_datadog_trace_span_proto_rawDescData -} - -var file_datadog_trace_span_proto_msgTypes = make([]protoimpl.MessageInfo, 6) -var file_datadog_trace_span_proto_goTypes = []interface{}{ - (*SpanLink)(nil), // 0: datadog.trace.SpanLink - (*Span)(nil), // 1: datadog.trace.Span - nil, // 2: datadog.trace.SpanLink.AttributesEntry - nil, // 3: datadog.trace.Span.MetaEntry - nil, // 4: datadog.trace.Span.MetricsEntry - nil, // 5: datadog.trace.Span.MetaStructEntry -} -var file_datadog_trace_span_proto_depIdxs = []int32{ - 2, // 0: datadog.trace.SpanLink.attributes:type_name -> datadog.trace.SpanLink.AttributesEntry - 3, // 1: datadog.trace.Span.meta:type_name -> datadog.trace.Span.MetaEntry - 4, // 2: datadog.trace.Span.metrics:type_name -> datadog.trace.Span.MetricsEntry - 5, // 3: datadog.trace.Span.meta_struct:type_name -> datadog.trace.Span.MetaStructEntry - 0, // 4: datadog.trace.Span.spanLinks:type_name -> datadog.trace.SpanLink - 5, // [5:5] is the sub-list for method output_type - 5, // [5:5] is the sub-list for method input_type - 5, // [5:5] is the sub-list for extension type_name - 5, // [5:5] is the sub-list for extension extendee - 0, // [0:5] is the sub-list for field type_name -} - -func init() { file_datadog_trace_span_proto_init() } -func file_datadog_trace_span_proto_init() { - if File_datadog_trace_span_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_datadog_trace_span_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*SpanLink); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_datadog_trace_span_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Span); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_datadog_trace_span_proto_rawDesc, - NumEnums: 0, - NumMessages: 6, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_datadog_trace_span_proto_goTypes, - DependencyIndexes: file_datadog_trace_span_proto_depIdxs, - MessageInfos: file_datadog_trace_span_proto_msgTypes, - }.Build() - File_datadog_trace_span_proto = out.File - file_datadog_trace_span_proto_rawDesc = nil - file_datadog_trace_span_proto_goTypes = nil - file_datadog_trace_span_proto_depIdxs = nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_gen.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_gen.go deleted file mode 100644 index c1b14871..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_gen.go +++ /dev/null @@ -1,577 +0,0 @@ -package trace - -// Code generated by github.com/tinylib/msgp DO NOT EDIT. - -import ( - "github.com/tinylib/msgp/msgp" -) - -// MarshalMsg implements msgp.Marshaler -func (z *Span) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // omitempty: check for empty values - zb0001Len := uint32(14) - var zb0001Mask uint16 /* 14 bits */ - if z.Meta == nil { - zb0001Len-- - zb0001Mask |= 0x200 - } - if z.Metrics == nil { - zb0001Len-- - zb0001Mask |= 0x400 - } - if z.MetaStruct == nil { - zb0001Len-- - zb0001Mask |= 0x1000 - } - if z.SpanLinks == nil { - zb0001Len-- - zb0001Mask |= 0x2000 - } - // variable map header, size zb0001Len - o = append(o, 0x80|uint8(zb0001Len)) - if zb0001Len == 0 { - return - } - // string "service" - o = append(o, 0xa7, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65) - o = msgp.AppendString(o, z.Service) - // string "name" - o = append(o, 0xa4, 0x6e, 0x61, 0x6d, 0x65) - o = msgp.AppendString(o, z.Name) - // string "resource" - o = append(o, 0xa8, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65) - o = msgp.AppendString(o, z.Resource) - // string "trace_id" - o = append(o, 0xa8, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x69, 0x64) - o = msgp.AppendUint64(o, z.TraceID) - // string "span_id" - o = append(o, 0xa7, 0x73, 0x70, 0x61, 0x6e, 0x5f, 0x69, 0x64) - o = msgp.AppendUint64(o, z.SpanID) - // string "parent_id" - o = append(o, 0xa9, 0x70, 0x61, 0x72, 0x65, 0x6e, 0x74, 0x5f, 0x69, 0x64) - o = msgp.AppendUint64(o, z.ParentID) - // string "start" - o = append(o, 0xa5, 0x73, 0x74, 0x61, 0x72, 0x74) - o = msgp.AppendInt64(o, z.Start) - // string "duration" - o = append(o, 0xa8, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e) - o = msgp.AppendInt64(o, z.Duration) - // string "error" - o = append(o, 0xa5, 0x65, 0x72, 0x72, 0x6f, 0x72) - o = msgp.AppendInt32(o, z.Error) - if (zb0001Mask & 0x200) == 0 { // if not empty - // string "meta" - o = append(o, 0xa4, 0x6d, 0x65, 0x74, 0x61) - o = msgp.AppendMapHeader(o, uint32(len(z.Meta))) - for za0001, za0002 := range z.Meta { - o = msgp.AppendString(o, za0001) - o = msgp.AppendString(o, za0002) - } - } - if (zb0001Mask & 0x400) == 0 { // if not empty - // string "metrics" - o = append(o, 0xa7, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73) - o = msgp.AppendMapHeader(o, uint32(len(z.Metrics))) - for za0003, za0004 := range z.Metrics { - o = msgp.AppendString(o, za0003) - o = msgp.AppendFloat64(o, za0004) - } - } - // string "type" - o = append(o, 0xa4, 0x74, 0x79, 0x70, 0x65) - o = msgp.AppendString(o, z.Type) - if (zb0001Mask & 0x1000) == 0 { // if not empty - // string "meta_struct" - o = append(o, 0xab, 0x6d, 0x65, 0x74, 0x61, 0x5f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74) - o = msgp.AppendMapHeader(o, uint32(len(z.MetaStruct))) - for za0005, za0006 := range z.MetaStruct { - o = msgp.AppendString(o, za0005) - o = msgp.AppendBytes(o, za0006) - } - } - if (zb0001Mask & 0x2000) == 0 { // if not empty - // string "span_links" - o = append(o, 0xaa, 0x73, 0x70, 0x61, 0x6e, 0x5f, 0x6c, 0x69, 0x6e, 0x6b, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.SpanLinks))) - for za0007 := range z.SpanLinks { - if z.SpanLinks[za0007] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z.SpanLinks[za0007].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, "SpanLinks", za0007) - return - } - } - } - } - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *Span) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "service": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Service = "" - break - } - z.Service, bts, err = parseStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - case "name": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Name = "" - break - } - z.Name, bts, err = parseStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - case "resource": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Resource = "" - break - } - z.Resource, bts, err = parseStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - case "trace_id": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.TraceID = 0 - break - } - z.TraceID, bts, err = parseUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "TraceID") - return - } - case "span_id": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.SpanID = 0 - break - } - z.SpanID, bts, err = parseUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "SpanID") - return - } - case "parent_id": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.ParentID = 0 - break - } - z.ParentID, bts, err = parseUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "ParentID") - return - } - case "start": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Start = 0 - break - } - z.Start, bts, err = parseInt64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Start") - return - } - case "duration": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Duration = 0 - break - } - z.Duration, bts, err = parseInt64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Duration") - return - } - case "error": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Error = 0 - break - } - z.Error, bts, err = parseInt32Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Error") - return - } - case "meta": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Meta = nil - break - } - var zb0002 uint32 - zb0002, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Meta") - return - } - if z.Meta == nil && zb0002 > 0 { - z.Meta = make(map[string]string, zb0002) - } else if len(z.Meta) > 0 { - for key := range z.Meta { - delete(z.Meta, key) - } - } - for zb0002 > 0 { - var za0001 string - var za0002 string - zb0002-- - za0001, bts, err = parseStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Meta") - return - } - za0002, bts, err = parseStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Meta", za0001) - return - } - z.Meta[za0001] = za0002 - } - case "metrics": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Metrics = nil - break - } - var zb0003 uint32 - zb0003, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Metrics") - return - } - if z.Metrics == nil && zb0003 > 0 { - z.Metrics = make(map[string]float64, zb0003) - } else if len(z.Metrics) > 0 { - for key := range z.Metrics { - delete(z.Metrics, key) - } - } - for zb0003 > 0 { - var za0003 string - var za0004 float64 - zb0003-- - za0003, bts, err = parseStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Metrics") - return - } - za0004, bts, err = parseFloat64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Metrics", za0003) - return - } - z.Metrics[za0003] = za0004 - } - case "type": - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - z.Type = "" - break - } - z.Type, bts, err = parseStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Type") - return - } - case "meta_struct": - var zb0004 uint32 - zb0004, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "MetaStruct") - return - } - if z.MetaStruct == nil { - z.MetaStruct = make(map[string][]byte, zb0004) - } else if len(z.MetaStruct) > 0 { - for key := range z.MetaStruct { - delete(z.MetaStruct, key) - } - } - for zb0004 > 0 { - var za0005 string - var za0006 []byte - zb0004-- - za0005, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "MetaStruct") - return - } - za0006, bts, err = msgp.ReadBytesBytes(bts, za0006) - if err != nil { - err = msgp.WrapError(err, "MetaStruct", za0005) - return - } - z.MetaStruct[za0005] = za0006 - } - case "span_links": - var zb0005 uint32 - zb0005, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "SpanLinks") - return - } - if cap(z.SpanLinks) >= int(zb0005) { - z.SpanLinks = (z.SpanLinks)[:zb0005] - } else { - z.SpanLinks = make([]*SpanLink, zb0005) - } - for za0007 := range z.SpanLinks { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - z.SpanLinks[za0007] = nil - } else { - if z.SpanLinks[za0007] == nil { - z.SpanLinks[za0007] = new(SpanLink) - } - bts, err = z.SpanLinks[za0007].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, "SpanLinks", za0007) - return - } - } - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *Span) Msgsize() (s int) { - s = 1 + 8 + msgp.StringPrefixSize + len(z.Service) + 5 + msgp.StringPrefixSize + len(z.Name) + 9 + msgp.StringPrefixSize + len(z.Resource) + 9 + msgp.Uint64Size + 8 + msgp.Uint64Size + 10 + msgp.Uint64Size + 6 + msgp.Int64Size + 9 + msgp.Int64Size + 6 + msgp.Int32Size + 5 + msgp.MapHeaderSize - if z.Meta != nil { - for za0001, za0002 := range z.Meta { - _ = za0002 - s += msgp.StringPrefixSize + len(za0001) + msgp.StringPrefixSize + len(za0002) - } - } - s += 8 + msgp.MapHeaderSize - if z.Metrics != nil { - for za0003, za0004 := range z.Metrics { - _ = za0004 - s += msgp.StringPrefixSize + len(za0003) + msgp.Float64Size - } - } - s += 5 + msgp.StringPrefixSize + len(z.Type) + 12 + msgp.MapHeaderSize - if z.MetaStruct != nil { - for za0005, za0006 := range z.MetaStruct { - _ = za0006 - s += msgp.StringPrefixSize + len(za0005) + msgp.BytesPrefixSize + len(za0006) - } - } - s += 11 + msgp.ArrayHeaderSize - for za0007 := range z.SpanLinks { - if z.SpanLinks[za0007] == nil { - s += msgp.NilSize - } else { - s += z.SpanLinks[za0007].Msgsize() - } - } - return -} - -// MarshalMsg implements msgp.Marshaler -func (z *SpanLink) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // omitempty: check for empty values - zb0001Len := uint32(6) - var zb0001Mask uint8 /* 6 bits */ - if z.TraceIDHigh == 0 { - zb0001Len-- - zb0001Mask |= 0x2 - } - if z.Attributes == nil { - zb0001Len-- - zb0001Mask |= 0x8 - } - if z.Tracestate == "" { - zb0001Len-- - zb0001Mask |= 0x10 - } - if z.Flags == 0 { - zb0001Len-- - zb0001Mask |= 0x20 - } - // variable map header, size zb0001Len - o = append(o, 0x80|uint8(zb0001Len)) - if zb0001Len == 0 { - return - } - // string "trace_id" - o = append(o, 0xa8, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x69, 0x64) - o = msgp.AppendUint64(o, z.TraceID) - if (zb0001Mask & 0x2) == 0 { // if not empty - // string "trace_id_high" - o = append(o, 0xad, 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x69, 0x64, 0x5f, 0x68, 0x69, 0x67, 0x68) - o = msgp.AppendUint64(o, z.TraceIDHigh) - } - // string "span_id" - o = append(o, 0xa7, 0x73, 0x70, 0x61, 0x6e, 0x5f, 0x69, 0x64) - o = msgp.AppendUint64(o, z.SpanID) - if (zb0001Mask & 0x8) == 0 { // if not empty - // string "attributes" - o = append(o, 0xaa, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73) - o = msgp.AppendMapHeader(o, uint32(len(z.Attributes))) - for za0001, za0002 := range z.Attributes { - o = msgp.AppendString(o, za0001) - o = msgp.AppendString(o, za0002) - } - } - if (zb0001Mask & 0x10) == 0 { // if not empty - // string "tracestate" - o = append(o, 0xaa, 0x74, 0x72, 0x61, 0x63, 0x65, 0x73, 0x74, 0x61, 0x74, 0x65) - o = msgp.AppendString(o, z.Tracestate) - } - if (zb0001Mask & 0x20) == 0 { // if not empty - // string "flags" - o = append(o, 0xa5, 0x66, 0x6c, 0x61, 0x67, 0x73) - o = msgp.AppendUint32(o, z.Flags) - } - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *SpanLink) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "trace_id": - z.TraceID, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "TraceID") - return - } - case "trace_id_high": - z.TraceIDHigh, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "TraceIDHigh") - return - } - case "span_id": - z.SpanID, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "SpanID") - return - } - case "attributes": - var zb0002 uint32 - zb0002, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Attributes") - return - } - if z.Attributes == nil { - z.Attributes = make(map[string]string, zb0002) - } else if len(z.Attributes) > 0 { - for key := range z.Attributes { - delete(z.Attributes, key) - } - } - for zb0002 > 0 { - var za0001 string - var za0002 string - zb0002-- - za0001, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Attributes") - return - } - za0002, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Attributes", za0001) - return - } - z.Attributes[za0001] = za0002 - } - case "tracestate": - z.Tracestate, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tracestate") - return - } - case "flags": - z.Flags, bts, err = msgp.ReadUint32Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Flags") - return - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *SpanLink) Msgsize() (s int) { - s = 1 + 9 + msgp.Uint64Size + 14 + msgp.Uint64Size + 8 + msgp.Uint64Size + 11 + msgp.MapHeaderSize - if z.Attributes != nil { - for za0001, za0002 := range z.Attributes { - _ = za0002 - s += msgp.StringPrefixSize + len(za0001) + msgp.StringPrefixSize + len(za0002) - } - } - s += 11 + msgp.StringPrefixSize + len(z.Tracestate) + 6 + msgp.Uint32Size - return -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_utils.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_utils.go deleted file mode 100644 index 7c4919a2..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_utils.go +++ /dev/null @@ -1,53 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package trace - -// spanCopiedFields records the fields that are copied in ShallowCopy. -// This should match exactly the fields set in (*Span).ShallowCopy. -// This is used by tests to enforce the correctness of ShallowCopy. -var spanCopiedFields = map[string]struct{}{ - "Service": {}, - "Name": {}, - "Resource": {}, - "TraceID": {}, - "SpanID": {}, - "ParentID": {}, - "Start": {}, - "Duration": {}, - "Error": {}, - "Meta": {}, - "Metrics": {}, - "Type": {}, - "MetaStruct": {}, - "SpanLinks": {}, -} - -// ShallowCopy returns a shallow copy of the copy-able portion of a Span. These are the -// public fields which will have a Get* method for them. The completeness of this -// method is enforced by the init function above. Instead of using pkg/proto/utils.ProtoCopier, -// which incurs heavy reflection cost for every copy at runtime, we use reflection once at -// startup to ensure our method is complete. -func (s *Span) ShallowCopy() *Span { - if s == nil { - return &Span{} - } - return &Span{ - Service: s.Service, - Name: s.Name, - Resource: s.Resource, - TraceID: s.TraceID, - SpanID: s.SpanID, - ParentID: s.ParentID, - Start: s.Start, - Duration: s.Duration, - Error: s.Error, - Meta: s.Meta, - Metrics: s.Metrics, - Type: s.Type, - MetaStruct: s.MetaStruct, - SpanLinks: s.SpanLinks, - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_vtproto.pb.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_vtproto.pb.go deleted file mode 100644 index 7b6a7a03..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/span_vtproto.pb.go +++ /dev/null @@ -1,1445 +0,0 @@ -// Code generated by protoc-gen-go-vtproto. DO NOT EDIT. -// protoc-gen-go-vtproto version: v0.4.0 -// source: datadog/trace/span.proto - -package trace - -import ( - binary "encoding/binary" - fmt "fmt" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - io "io" - math "math" - bits "math/bits" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -func (m *SpanLink) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *SpanLink) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *SpanLink) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if m.Flags != 0 { - i = encodeVarint(dAtA, i, uint64(m.Flags)) - i-- - dAtA[i] = 0x30 - } - if len(m.Tracestate) > 0 { - i -= len(m.Tracestate) - copy(dAtA[i:], m.Tracestate) - i = encodeVarint(dAtA, i, uint64(len(m.Tracestate))) - i-- - dAtA[i] = 0x2a - } - if len(m.Attributes) > 0 { - for k := range m.Attributes { - v := m.Attributes[k] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarint(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarint(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarint(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x22 - } - } - if m.SpanID != 0 { - i = encodeVarint(dAtA, i, uint64(m.SpanID)) - i-- - dAtA[i] = 0x18 - } - if m.TraceIDHigh != 0 { - i = encodeVarint(dAtA, i, uint64(m.TraceIDHigh)) - i-- - dAtA[i] = 0x10 - } - if m.TraceID != 0 { - i = encodeVarint(dAtA, i, uint64(m.TraceID)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *Span) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *Span) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *Span) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if len(m.SpanLinks) > 0 { - for iNdEx := len(m.SpanLinks) - 1; iNdEx >= 0; iNdEx-- { - size, err := m.SpanLinks[iNdEx].MarshalToSizedBufferVT(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarint(dAtA, i, uint64(size)) - i-- - dAtA[i] = 0x72 - } - } - if len(m.MetaStruct) > 0 { - for k := range m.MetaStruct { - v := m.MetaStruct[k] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarint(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarint(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarint(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x6a - } - } - if len(m.Type) > 0 { - i -= len(m.Type) - copy(dAtA[i:], m.Type) - i = encodeVarint(dAtA, i, uint64(len(m.Type))) - i-- - dAtA[i] = 0x62 - } - if len(m.Metrics) > 0 { - for k := range m.Metrics { - v := m.Metrics[k] - baseI := i - i -= 8 - binary.LittleEndian.PutUint64(dAtA[i:], uint64(math.Float64bits(float64(v)))) - i-- - dAtA[i] = 0x11 - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarint(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarint(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x5a - } - } - if len(m.Meta) > 0 { - for k := range m.Meta { - v := m.Meta[k] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarint(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarint(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarint(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x52 - } - } - if m.Error != 0 { - i = encodeVarint(dAtA, i, uint64(m.Error)) - i-- - dAtA[i] = 0x48 - } - if m.Duration != 0 { - i = encodeVarint(dAtA, i, uint64(m.Duration)) - i-- - dAtA[i] = 0x40 - } - if m.Start != 0 { - i = encodeVarint(dAtA, i, uint64(m.Start)) - i-- - dAtA[i] = 0x38 - } - if m.ParentID != 0 { - i = encodeVarint(dAtA, i, uint64(m.ParentID)) - i-- - dAtA[i] = 0x30 - } - if m.SpanID != 0 { - i = encodeVarint(dAtA, i, uint64(m.SpanID)) - i-- - dAtA[i] = 0x28 - } - if m.TraceID != 0 { - i = encodeVarint(dAtA, i, uint64(m.TraceID)) - i-- - dAtA[i] = 0x20 - } - if len(m.Resource) > 0 { - i -= len(m.Resource) - copy(dAtA[i:], m.Resource) - i = encodeVarint(dAtA, i, uint64(len(m.Resource))) - i-- - dAtA[i] = 0x1a - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarint(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0x12 - } - if len(m.Service) > 0 { - i -= len(m.Service) - copy(dAtA[i:], m.Service) - i = encodeVarint(dAtA, i, uint64(len(m.Service))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func encodeVarint(dAtA []byte, offset int, v uint64) int { - offset -= sov(v) - base := offset - for v >= 1<<7 { - dAtA[offset] = uint8(v&0x7f | 0x80) - v >>= 7 - offset++ - } - dAtA[offset] = uint8(v) - return base -} -func (m *SpanLink) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.TraceID != 0 { - n += 1 + sov(uint64(m.TraceID)) - } - if m.TraceIDHigh != 0 { - n += 1 + sov(uint64(m.TraceIDHigh)) - } - if m.SpanID != 0 { - n += 1 + sov(uint64(m.SpanID)) - } - if len(m.Attributes) > 0 { - for k, v := range m.Attributes { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sov(uint64(len(k))) + 1 + len(v) + sov(uint64(len(v))) - n += mapEntrySize + 1 + sov(uint64(mapEntrySize)) - } - } - l = len(m.Tracestate) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if m.Flags != 0 { - n += 1 + sov(uint64(m.Flags)) - } - n += len(m.unknownFields) - return n -} - -func (m *Span) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Service) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Name) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Resource) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if m.TraceID != 0 { - n += 1 + sov(uint64(m.TraceID)) - } - if m.SpanID != 0 { - n += 1 + sov(uint64(m.SpanID)) - } - if m.ParentID != 0 { - n += 1 + sov(uint64(m.ParentID)) - } - if m.Start != 0 { - n += 1 + sov(uint64(m.Start)) - } - if m.Duration != 0 { - n += 1 + sov(uint64(m.Duration)) - } - if m.Error != 0 { - n += 1 + sov(uint64(m.Error)) - } - if len(m.Meta) > 0 { - for k, v := range m.Meta { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sov(uint64(len(k))) + 1 + len(v) + sov(uint64(len(v))) - n += mapEntrySize + 1 + sov(uint64(mapEntrySize)) - } - } - if len(m.Metrics) > 0 { - for k, v := range m.Metrics { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sov(uint64(len(k))) + 1 + 8 - n += mapEntrySize + 1 + sov(uint64(mapEntrySize)) - } - } - l = len(m.Type) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if len(m.MetaStruct) > 0 { - for k, v := range m.MetaStruct { - _ = k - _ = v - l = 1 + len(v) + sov(uint64(len(v))) - mapEntrySize := 1 + len(k) + sov(uint64(len(k))) + l - n += mapEntrySize + 1 + sov(uint64(mapEntrySize)) - } - } - if len(m.SpanLinks) > 0 { - for _, e := range m.SpanLinks { - l = e.SizeVT() - n += 1 + l + sov(uint64(l)) - } - } - n += len(m.unknownFields) - return n -} - -func sov(x uint64) (n int) { - return (bits.Len64(x|1) + 6) / 7 -} -func soz(x uint64) (n int) { - return sov(uint64((x << 1) ^ uint64((int64(x) >> 63)))) -} -func (m *SpanLink) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: SpanLink: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: SpanLink: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field TraceID", wireType) - } - m.TraceID = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.TraceID |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field TraceIDHigh", wireType) - } - m.TraceIDHigh = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.TraceIDHigh |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 3: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field SpanID", wireType) - } - m.SpanID = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.SpanID |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Attributes", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Attributes == nil { - m.Attributes = make(map[string]string) - } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLength - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLength - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLength - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue < 0 { - return ErrInvalidLength - } - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Attributes[mapkey] = mapvalue - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Tracestate", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Tracestate = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 6: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Flags", wireType) - } - m.Flags = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Flags |= uint32(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *Span) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: Span: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: Span: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Service = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Resource", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Resource = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 4: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field TraceID", wireType) - } - m.TraceID = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.TraceID |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 5: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field SpanID", wireType) - } - m.SpanID = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.SpanID |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 6: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field ParentID", wireType) - } - m.ParentID = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.ParentID |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 7: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Start", wireType) - } - m.Start = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Start |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 8: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Duration", wireType) - } - m.Duration = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Duration |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 9: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Error", wireType) - } - m.Error = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Error |= int32(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Meta", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Meta == nil { - m.Meta = make(map[string]string) - } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLength - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLength - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLength - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue < 0 { - return ErrInvalidLength - } - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Meta[mapkey] = mapvalue - iNdEx = postIndex - case 11: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Metrics", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Metrics == nil { - m.Metrics = make(map[string]float64) - } - var mapkey string - var mapvalue float64 - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLength - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLength - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var mapvaluetemp uint64 - if (iNdEx + 8) > l { - return io.ErrUnexpectedEOF - } - mapvaluetemp = uint64(binary.LittleEndian.Uint64(dAtA[iNdEx:])) - iNdEx += 8 - mapvalue = math.Float64frombits(mapvaluetemp) - } else { - iNdEx = entryPreIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Metrics[mapkey] = mapvalue - iNdEx = postIndex - case 12: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Type = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 13: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field MetaStruct", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.MetaStruct == nil { - m.MetaStruct = make(map[string][]byte) - } - var mapkey string - var mapvalue []byte - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLength - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLength - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var mapbyteLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - mapbyteLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intMapbyteLen := int(mapbyteLen) - if intMapbyteLen < 0 { - return ErrInvalidLength - } - postbytesIndex := iNdEx + intMapbyteLen - if postbytesIndex < 0 { - return ErrInvalidLength - } - if postbytesIndex > l { - return io.ErrUnexpectedEOF - } - mapvalue = make([]byte, mapbyteLen) - copy(mapvalue, dAtA[iNdEx:postbytesIndex]) - iNdEx = postbytesIndex - } else { - iNdEx = entryPreIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.MetaStruct[mapkey] = mapvalue - iNdEx = postIndex - case 14: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field SpanLinks", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.SpanLinks = append(m.SpanLinks, &SpanLink{}) - if err := m.SpanLinks[len(m.SpanLinks)-1].UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} - -func skip(dAtA []byte) (n int, err error) { - l := len(dAtA) - iNdEx := 0 - depth := 0 - for iNdEx < l { - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflow - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= (uint64(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - wireType := int(wire & 0x7) - switch wireType { - case 0: - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflow - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - iNdEx++ - if dAtA[iNdEx-1] < 0x80 { - break - } - } - case 1: - iNdEx += 8 - case 2: - var length int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return 0, ErrIntOverflow - } - if iNdEx >= l { - return 0, io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - length |= (int(b) & 0x7F) << shift - if b < 0x80 { - break - } - } - if length < 0 { - return 0, ErrInvalidLength - } - iNdEx += length - case 3: - depth++ - case 4: - if depth == 0 { - return 0, ErrUnexpectedEndOfGroup - } - depth-- - case 5: - iNdEx += 4 - default: - return 0, fmt.Errorf("proto: illegal wireType %d", wireType) - } - if iNdEx < 0 { - return 0, ErrInvalidLength - } - if depth == 0 { - return iNdEx, nil - } - } - return 0, io.ErrUnexpectedEOF -} - -var ( - ErrInvalidLength = fmt.Errorf("proto: negative length found during unmarshaling") - ErrIntOverflow = fmt.Errorf("proto: integer overflow") - ErrUnexpectedEndOfGroup = fmt.Errorf("proto: unexpected end of group") -) diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats.pb.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats.pb.go deleted file mode 100644 index 52d51fff..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats.pb.go +++ /dev/null @@ -1,837 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.34.0 -// protoc v5.26.1 -// source: datadog/trace/stats.proto - -package trace - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -// Trilean is an expanded boolean type that is meant to differentiate between being unset and false. -type Trilean int32 - -const ( - Trilean_NOT_SET Trilean = 0 - Trilean_TRUE Trilean = 1 - Trilean_FALSE Trilean = 2 -) - -// Enum value maps for Trilean. -var ( - Trilean_name = map[int32]string{ - 0: "NOT_SET", - 1: "TRUE", - 2: "FALSE", - } - Trilean_value = map[string]int32{ - "NOT_SET": 0, - "TRUE": 1, - "FALSE": 2, - } -) - -func (x Trilean) Enum() *Trilean { - p := new(Trilean) - *p = x - return p -} - -func (x Trilean) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (Trilean) Descriptor() protoreflect.EnumDescriptor { - return file_datadog_trace_stats_proto_enumTypes[0].Descriptor() -} - -func (Trilean) Type() protoreflect.EnumType { - return &file_datadog_trace_stats_proto_enumTypes[0] -} - -func (x Trilean) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use Trilean.Descriptor instead. -func (Trilean) EnumDescriptor() ([]byte, []int) { - return file_datadog_trace_stats_proto_rawDescGZIP(), []int{0} -} - -type TraceRootFlag int32 - -const ( - TraceRootFlag_DEPRECATED_NOT_SET TraceRootFlag = 0 - TraceRootFlag_DEPRECATED_TRUE TraceRootFlag = 1 - TraceRootFlag_DEPRECATED_FALSE TraceRootFlag = 2 -) - -// Enum value maps for TraceRootFlag. -var ( - TraceRootFlag_name = map[int32]string{ - 0: "DEPRECATED_NOT_SET", - 1: "DEPRECATED_TRUE", - 2: "DEPRECATED_FALSE", - } - TraceRootFlag_value = map[string]int32{ - "DEPRECATED_NOT_SET": 0, - "DEPRECATED_TRUE": 1, - "DEPRECATED_FALSE": 2, - } -) - -func (x TraceRootFlag) Enum() *TraceRootFlag { - p := new(TraceRootFlag) - *p = x - return p -} - -func (x TraceRootFlag) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (TraceRootFlag) Descriptor() protoreflect.EnumDescriptor { - return file_datadog_trace_stats_proto_enumTypes[1].Descriptor() -} - -func (TraceRootFlag) Type() protoreflect.EnumType { - return &file_datadog_trace_stats_proto_enumTypes[1] -} - -func (x TraceRootFlag) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use TraceRootFlag.Descriptor instead. -func (TraceRootFlag) EnumDescriptor() ([]byte, []int) { - return file_datadog_trace_stats_proto_rawDescGZIP(), []int{1} -} - -// StatsPayload is the payload used to send stats from the agent to the backend. -type StatsPayload struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - AgentHostname string `protobuf:"bytes,1,opt,name=agentHostname,proto3" json:"agentHostname,omitempty"` - AgentEnv string `protobuf:"bytes,2,opt,name=agentEnv,proto3" json:"agentEnv,omitempty"` - // @gotags: json:"stats,omitempty" msg:"Stats,omitempty" - Stats []*ClientStatsPayload `protobuf:"bytes,3,rep,name=stats,proto3" json:"stats,omitempty" msg:"Stats,omitempty"` - AgentVersion string `protobuf:"bytes,4,opt,name=agentVersion,proto3" json:"agentVersion,omitempty"` - ClientComputed bool `protobuf:"varint,5,opt,name=clientComputed,proto3" json:"clientComputed,omitempty"` - // splitPayload indicates if the payload is actually one of several payloads split out from a larger payload. - // This field can be used in the backend to signal if re-aggregation is necessary. - SplitPayload bool `protobuf:"varint,6,opt,name=splitPayload,proto3" json:"splitPayload,omitempty"` -} - -func (x *StatsPayload) Reset() { - *x = StatsPayload{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_stats_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *StatsPayload) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*StatsPayload) ProtoMessage() {} - -func (x *StatsPayload) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_stats_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use StatsPayload.ProtoReflect.Descriptor instead. -func (*StatsPayload) Descriptor() ([]byte, []int) { - return file_datadog_trace_stats_proto_rawDescGZIP(), []int{0} -} - -func (x *StatsPayload) GetAgentHostname() string { - if x != nil { - return x.AgentHostname - } - return "" -} - -func (x *StatsPayload) GetAgentEnv() string { - if x != nil { - return x.AgentEnv - } - return "" -} - -func (x *StatsPayload) GetStats() []*ClientStatsPayload { - if x != nil { - return x.Stats - } - return nil -} - -func (x *StatsPayload) GetAgentVersion() string { - if x != nil { - return x.AgentVersion - } - return "" -} - -func (x *StatsPayload) GetClientComputed() bool { - if x != nil { - return x.ClientComputed - } - return false -} - -func (x *StatsPayload) GetSplitPayload() bool { - if x != nil { - return x.SplitPayload - } - return false -} - -// ClientStatsPayload is the first layer of span stats aggregation. It is also -// the payload sent by tracers to the agent when stats in tracer are enabled. -type ClientStatsPayload struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // Hostname is the tracer hostname. It's extracted from spans with "_dd.hostname" meta - // or set by tracer stats payload when hostname reporting is enabled. - Hostname string `protobuf:"bytes,1,opt,name=hostname,proto3" json:"hostname,omitempty"` - Env string `protobuf:"bytes,2,opt,name=env,proto3" json:"env,omitempty"` // env tag set on spans or in the tracers, used for aggregation - Version string `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"` // version tag set on spans or in the tracers, used for aggregation - // @gotags: json:"stats,omitempty" msg:"Stats,omitempty" - Stats []*ClientStatsBucket `protobuf:"bytes,4,rep,name=stats,proto3" json:"stats,omitempty" msg:"Stats,omitempty"` - Lang string `protobuf:"bytes,5,opt,name=lang,proto3" json:"lang,omitempty"` // informative field not used for aggregation - TracerVersion string `protobuf:"bytes,6,opt,name=tracerVersion,proto3" json:"tracerVersion,omitempty"` // informative field not used for aggregation - RuntimeID string `protobuf:"bytes,7,opt,name=runtimeID,proto3" json:"runtimeID,omitempty"` // used on stats payloads sent by the tracer to identify uniquely a message - Sequence uint64 `protobuf:"varint,8,opt,name=sequence,proto3" json:"sequence,omitempty"` // used on stats payloads sent by the tracer to identify uniquely a message - // AgentAggregation is set by the agent on tracer payloads modified by the agent aggregation layer - // characterizes counts only and distributions only payloads - AgentAggregation string `protobuf:"bytes,9,opt,name=agentAggregation,proto3" json:"agentAggregation,omitempty"` - // Service is the main service of the tracer. - // It is part of unified tagging: https://docs.datadoghq.com/getting_started/tagging/unified_service_tagging - Service string `protobuf:"bytes,10,opt,name=service,proto3" json:"service,omitempty"` - // ContainerID specifies the origin container ID. It is meant to be populated by the client and may - // be enhanced by the agent to ensure it is unique. - ContainerID string `protobuf:"bytes,11,opt,name=containerID,proto3" json:"containerID,omitempty"` - // Tags specifies a set of tags obtained from the orchestrator (where applicable) using the specified containerID. - // This field should be left empty by the client. It only applies to some specific environment. - Tags []string `protobuf:"bytes,12,rep,name=tags,proto3" json:"tags,omitempty"` - // The git commit SHA is obtained from a trace, where it may be set through a tracer <-> source code integration. - GitCommitSha string `protobuf:"bytes,13,opt,name=git_commit_sha,json=gitCommitSha,proto3" json:"git_commit_sha,omitempty"` - // The image tag is obtained from a container's set of tags. - ImageTag string `protobuf:"bytes,14,opt,name=image_tag,json=imageTag,proto3" json:"image_tag,omitempty"` -} - -func (x *ClientStatsPayload) Reset() { - *x = ClientStatsPayload{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_stats_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *ClientStatsPayload) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*ClientStatsPayload) ProtoMessage() {} - -func (x *ClientStatsPayload) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_stats_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use ClientStatsPayload.ProtoReflect.Descriptor instead. -func (*ClientStatsPayload) Descriptor() ([]byte, []int) { - return file_datadog_trace_stats_proto_rawDescGZIP(), []int{1} -} - -func (x *ClientStatsPayload) GetHostname() string { - if x != nil { - return x.Hostname - } - return "" -} - -func (x *ClientStatsPayload) GetEnv() string { - if x != nil { - return x.Env - } - return "" -} - -func (x *ClientStatsPayload) GetVersion() string { - if x != nil { - return x.Version - } - return "" -} - -func (x *ClientStatsPayload) GetStats() []*ClientStatsBucket { - if x != nil { - return x.Stats - } - return nil -} - -func (x *ClientStatsPayload) GetLang() string { - if x != nil { - return x.Lang - } - return "" -} - -func (x *ClientStatsPayload) GetTracerVersion() string { - if x != nil { - return x.TracerVersion - } - return "" -} - -func (x *ClientStatsPayload) GetRuntimeID() string { - if x != nil { - return x.RuntimeID - } - return "" -} - -func (x *ClientStatsPayload) GetSequence() uint64 { - if x != nil { - return x.Sequence - } - return 0 -} - -func (x *ClientStatsPayload) GetAgentAggregation() string { - if x != nil { - return x.AgentAggregation - } - return "" -} - -func (x *ClientStatsPayload) GetService() string { - if x != nil { - return x.Service - } - return "" -} - -func (x *ClientStatsPayload) GetContainerID() string { - if x != nil { - return x.ContainerID - } - return "" -} - -func (x *ClientStatsPayload) GetTags() []string { - if x != nil { - return x.Tags - } - return nil -} - -func (x *ClientStatsPayload) GetGitCommitSha() string { - if x != nil { - return x.GitCommitSha - } - return "" -} - -func (x *ClientStatsPayload) GetImageTag() string { - if x != nil { - return x.ImageTag - } - return "" -} - -// ClientStatsBucket is a time bucket containing aggregated stats. -type ClientStatsBucket struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Start uint64 `protobuf:"varint,1,opt,name=start,proto3" json:"start,omitempty"` // bucket start in nanoseconds - Duration uint64 `protobuf:"varint,2,opt,name=duration,proto3" json:"duration,omitempty"` // bucket duration in nanoseconds - // @gotags: json:"stats,omitempty" msg:"Stats,omitempty" - Stats []*ClientGroupedStats `protobuf:"bytes,3,rep,name=stats,proto3" json:"stats,omitempty" msg:"Stats,omitempty"` - // AgentTimeShift is the shift applied by the agent stats aggregator on bucket start - // when the received bucket start is outside of the agent aggregation window - AgentTimeShift int64 `protobuf:"varint,4,opt,name=agentTimeShift,proto3" json:"agentTimeShift,omitempty"` -} - -func (x *ClientStatsBucket) Reset() { - *x = ClientStatsBucket{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_stats_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *ClientStatsBucket) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*ClientStatsBucket) ProtoMessage() {} - -func (x *ClientStatsBucket) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_stats_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use ClientStatsBucket.ProtoReflect.Descriptor instead. -func (*ClientStatsBucket) Descriptor() ([]byte, []int) { - return file_datadog_trace_stats_proto_rawDescGZIP(), []int{2} -} - -func (x *ClientStatsBucket) GetStart() uint64 { - if x != nil { - return x.Start - } - return 0 -} - -func (x *ClientStatsBucket) GetDuration() uint64 { - if x != nil { - return x.Duration - } - return 0 -} - -func (x *ClientStatsBucket) GetStats() []*ClientGroupedStats { - if x != nil { - return x.Stats - } - return nil -} - -func (x *ClientStatsBucket) GetAgentTimeShift() int64 { - if x != nil { - return x.AgentTimeShift - } - return 0 -} - -// ClientGroupedStats aggregate stats on spans grouped by service, name, resource, status_code, type -type ClientGroupedStats struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Service string `protobuf:"bytes,1,opt,name=service,proto3" json:"service,omitempty"` - Name string `protobuf:"bytes,2,opt,name=name,proto3" json:"name,omitempty"` - Resource string `protobuf:"bytes,3,opt,name=resource,proto3" json:"resource,omitempty"` - HTTPStatusCode uint32 `protobuf:"varint,4,opt,name=HTTP_status_code,json=HTTPStatusCode,proto3" json:"HTTP_status_code,omitempty"` - Type string `protobuf:"bytes,5,opt,name=type,proto3" json:"type,omitempty"` - DBType string `protobuf:"bytes,6,opt,name=DB_type,json=DBType,proto3" json:"DB_type,omitempty"` // db_type might be used in the future to help in the obfuscation step - Hits uint64 `protobuf:"varint,7,opt,name=hits,proto3" json:"hits,omitempty"` // count of all spans aggregated in the groupedstats - Errors uint64 `protobuf:"varint,8,opt,name=errors,proto3" json:"errors,omitempty"` // count of error spans aggregated in the groupedstats - Duration uint64 `protobuf:"varint,9,opt,name=duration,proto3" json:"duration,omitempty"` // total duration in nanoseconds of spans aggregated in the bucket - OkSummary []byte `protobuf:"bytes,10,opt,name=okSummary,proto3" json:"okSummary,omitempty"` // ddsketch summary of ok spans latencies encoded in protobuf - ErrorSummary []byte `protobuf:"bytes,11,opt,name=errorSummary,proto3" json:"errorSummary,omitempty"` // ddsketch summary of error spans latencies encoded in protobuf - Synthetics bool `protobuf:"varint,12,opt,name=synthetics,proto3" json:"synthetics,omitempty"` // set to true on spans generated by synthetics traffic - TopLevelHits uint64 `protobuf:"varint,13,opt,name=topLevelHits,proto3" json:"topLevelHits,omitempty"` // count of top level spans aggregated in the groupedstats - SpanKind string `protobuf:"bytes,15,opt,name=span_kind,json=spanKind,proto3" json:"span_kind,omitempty"` // value of the span.kind tag on the span - // peer_tags are supplementary tags that further describe a peer entity - // E.g., `grpc.target` to describe the name of a gRPC peer, or `db.hostname` to describe the name of peer DB - PeerTags []string `protobuf:"bytes,16,rep,name=peer_tags,json=peerTags,proto3" json:"peer_tags,omitempty"` - IsTraceRoot Trilean `protobuf:"varint,17,opt,name=is_trace_root,json=isTraceRoot,proto3,enum=datadog.trace.Trilean" json:"is_trace_root,omitempty"` // this field's value is equal to span's ParentID == 0. -} - -func (x *ClientGroupedStats) Reset() { - *x = ClientGroupedStats{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_stats_proto_msgTypes[3] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *ClientGroupedStats) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*ClientGroupedStats) ProtoMessage() {} - -func (x *ClientGroupedStats) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_stats_proto_msgTypes[3] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use ClientGroupedStats.ProtoReflect.Descriptor instead. -func (*ClientGroupedStats) Descriptor() ([]byte, []int) { - return file_datadog_trace_stats_proto_rawDescGZIP(), []int{3} -} - -func (x *ClientGroupedStats) GetService() string { - if x != nil { - return x.Service - } - return "" -} - -func (x *ClientGroupedStats) GetName() string { - if x != nil { - return x.Name - } - return "" -} - -func (x *ClientGroupedStats) GetResource() string { - if x != nil { - return x.Resource - } - return "" -} - -func (x *ClientGroupedStats) GetHTTPStatusCode() uint32 { - if x != nil { - return x.HTTPStatusCode - } - return 0 -} - -func (x *ClientGroupedStats) GetType() string { - if x != nil { - return x.Type - } - return "" -} - -func (x *ClientGroupedStats) GetDBType() string { - if x != nil { - return x.DBType - } - return "" -} - -func (x *ClientGroupedStats) GetHits() uint64 { - if x != nil { - return x.Hits - } - return 0 -} - -func (x *ClientGroupedStats) GetErrors() uint64 { - if x != nil { - return x.Errors - } - return 0 -} - -func (x *ClientGroupedStats) GetDuration() uint64 { - if x != nil { - return x.Duration - } - return 0 -} - -func (x *ClientGroupedStats) GetOkSummary() []byte { - if x != nil { - return x.OkSummary - } - return nil -} - -func (x *ClientGroupedStats) GetErrorSummary() []byte { - if x != nil { - return x.ErrorSummary - } - return nil -} - -func (x *ClientGroupedStats) GetSynthetics() bool { - if x != nil { - return x.Synthetics - } - return false -} - -func (x *ClientGroupedStats) GetTopLevelHits() uint64 { - if x != nil { - return x.TopLevelHits - } - return 0 -} - -func (x *ClientGroupedStats) GetSpanKind() string { - if x != nil { - return x.SpanKind - } - return "" -} - -func (x *ClientGroupedStats) GetPeerTags() []string { - if x != nil { - return x.PeerTags - } - return nil -} - -func (x *ClientGroupedStats) GetIsTraceRoot() Trilean { - if x != nil { - return x.IsTraceRoot - } - return Trilean_NOT_SET -} - -var File_datadog_trace_stats_proto protoreflect.FileDescriptor - -var file_datadog_trace_stats_proto_rawDesc = []byte{ - 0x0a, 0x19, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, - 0x73, 0x74, 0x61, 0x74, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x64, 0x61, 0x74, - 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x22, 0xf9, 0x01, 0x0a, 0x0c, 0x53, - 0x74, 0x61, 0x74, 0x73, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x24, 0x0a, 0x0d, 0x61, - 0x67, 0x65, 0x6e, 0x74, 0x48, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0d, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x48, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, - 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x6e, 0x76, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x08, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x6e, 0x76, 0x12, 0x37, 0x0a, - 0x05, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x64, - 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x43, 0x6c, 0x69, - 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x52, - 0x05, 0x73, 0x74, 0x61, 0x74, 0x73, 0x12, 0x22, 0x0a, 0x0c, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x56, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x67, - 0x65, 0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x26, 0x0a, 0x0e, 0x63, 0x6c, - 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, - 0x28, 0x08, 0x52, 0x0e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, - 0x65, 0x64, 0x12, 0x22, 0x0a, 0x0c, 0x73, 0x70, 0x6c, 0x69, 0x74, 0x50, 0x61, 0x79, 0x6c, 0x6f, - 0x61, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x73, 0x70, 0x6c, 0x69, 0x74, 0x50, - 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x22, 0xc7, 0x03, 0x0a, 0x12, 0x43, 0x6c, 0x69, 0x65, 0x6e, - 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x12, 0x1a, 0x0a, - 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x08, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x76, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, 0x65, 0x6e, 0x76, 0x12, 0x18, 0x0a, 0x07, 0x76, - 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x76, 0x65, - 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x36, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, 0x73, 0x18, 0x04, - 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, - 0x72, 0x61, 0x63, 0x65, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, - 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, 0x73, 0x12, 0x12, 0x0a, - 0x04, 0x6c, 0x61, 0x6e, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6c, 0x61, 0x6e, - 0x67, 0x12, 0x24, 0x0a, 0x0d, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x56, 0x65, 0x72, 0x73, 0x69, - 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, - 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1c, 0x0a, 0x09, 0x72, 0x75, 0x6e, 0x74, 0x69, - 0x6d, 0x65, 0x49, 0x44, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x72, 0x75, 0x6e, 0x74, - 0x69, 0x6d, 0x65, 0x49, 0x44, 0x12, 0x1a, 0x0a, 0x08, 0x73, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, - 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x04, 0x52, 0x08, 0x73, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, - 0x65, 0x12, 0x2a, 0x0a, 0x10, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, - 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x61, 0x67, 0x65, - 0x6e, 0x74, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x18, 0x0a, - 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, - 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x61, - 0x69, 0x6e, 0x65, 0x72, 0x49, 0x44, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6f, - 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x49, 0x44, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x61, 0x67, - 0x73, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x09, 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x12, 0x24, 0x0a, - 0x0e, 0x67, 0x69, 0x74, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x69, 0x74, 0x5f, 0x73, 0x68, 0x61, 0x18, - 0x0d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x67, 0x69, 0x74, 0x43, 0x6f, 0x6d, 0x6d, 0x69, 0x74, - 0x53, 0x68, 0x61, 0x12, 0x1b, 0x0a, 0x09, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x61, 0x67, - 0x18, 0x0e, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x69, 0x6d, 0x61, 0x67, 0x65, 0x54, 0x61, 0x67, - 0x22, 0xa6, 0x01, 0x0a, 0x11, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x61, 0x74, 0x73, - 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, - 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x1a, 0x0a, 0x08, - 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x08, - 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x37, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x74, - 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, - 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x47, 0x72, - 0x6f, 0x75, 0x70, 0x65, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, 0x52, 0x05, 0x73, 0x74, 0x61, 0x74, - 0x73, 0x12, 0x26, 0x0a, 0x0e, 0x61, 0x67, 0x65, 0x6e, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x53, 0x68, - 0x69, 0x66, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0e, 0x61, 0x67, 0x65, 0x6e, 0x74, - 0x54, 0x69, 0x6d, 0x65, 0x53, 0x68, 0x69, 0x66, 0x74, 0x22, 0xff, 0x03, 0x0a, 0x12, 0x43, 0x6c, - 0x69, 0x65, 0x6e, 0x74, 0x47, 0x72, 0x6f, 0x75, 0x70, 0x65, 0x64, 0x53, 0x74, 0x61, 0x74, 0x73, - 0x12, 0x18, 0x0a, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, - 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, - 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, - 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x28, 0x0a, 0x10, 0x48, 0x54, - 0x54, 0x50, 0x5f, 0x73, 0x74, 0x61, 0x74, 0x75, 0x73, 0x5f, 0x63, 0x6f, 0x64, 0x65, 0x18, 0x04, - 0x20, 0x01, 0x28, 0x0d, 0x52, 0x0e, 0x48, 0x54, 0x54, 0x50, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, - 0x43, 0x6f, 0x64, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x05, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x17, 0x0a, 0x07, 0x44, 0x42, 0x5f, 0x74, - 0x79, 0x70, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x44, 0x42, 0x54, 0x79, 0x70, - 0x65, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x69, 0x74, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x04, 0x52, - 0x04, 0x68, 0x69, 0x74, 0x73, 0x12, 0x16, 0x0a, 0x06, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x73, 0x18, - 0x08, 0x20, 0x01, 0x28, 0x04, 0x52, 0x06, 0x65, 0x72, 0x72, 0x6f, 0x72, 0x73, 0x12, 0x1a, 0x0a, - 0x08, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x09, 0x20, 0x01, 0x28, 0x04, 0x52, - 0x08, 0x64, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x1c, 0x0a, 0x09, 0x6f, 0x6b, 0x53, - 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x09, 0x6f, 0x6b, - 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x22, 0x0a, 0x0c, 0x65, 0x72, 0x72, 0x6f, 0x72, - 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x65, - 0x72, 0x72, 0x6f, 0x72, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x1e, 0x0a, 0x0a, 0x73, - 0x79, 0x6e, 0x74, 0x68, 0x65, 0x74, 0x69, 0x63, 0x73, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x08, 0x52, - 0x0a, 0x73, 0x79, 0x6e, 0x74, 0x68, 0x65, 0x74, 0x69, 0x63, 0x73, 0x12, 0x22, 0x0a, 0x0c, 0x74, - 0x6f, 0x70, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x48, 0x69, 0x74, 0x73, 0x18, 0x0d, 0x20, 0x01, 0x28, - 0x04, 0x52, 0x0c, 0x74, 0x6f, 0x70, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x48, 0x69, 0x74, 0x73, 0x12, - 0x1b, 0x0a, 0x09, 0x73, 0x70, 0x61, 0x6e, 0x5f, 0x6b, 0x69, 0x6e, 0x64, 0x18, 0x0f, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x08, 0x73, 0x70, 0x61, 0x6e, 0x4b, 0x69, 0x6e, 0x64, 0x12, 0x1b, 0x0a, 0x09, - 0x70, 0x65, 0x65, 0x72, 0x5f, 0x74, 0x61, 0x67, 0x73, 0x18, 0x10, 0x20, 0x03, 0x28, 0x09, 0x52, - 0x08, 0x70, 0x65, 0x65, 0x72, 0x54, 0x61, 0x67, 0x73, 0x12, 0x3a, 0x0a, 0x0d, 0x69, 0x73, 0x5f, - 0x74, 0x72, 0x61, 0x63, 0x65, 0x5f, 0x72, 0x6f, 0x6f, 0x74, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0e, - 0x32, 0x16, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, - 0x2e, 0x54, 0x72, 0x69, 0x6c, 0x65, 0x61, 0x6e, 0x52, 0x0b, 0x69, 0x73, 0x54, 0x72, 0x61, 0x63, - 0x65, 0x52, 0x6f, 0x6f, 0x74, 0x4a, 0x04, 0x08, 0x0e, 0x10, 0x0f, 0x2a, 0x2b, 0x0a, 0x07, 0x54, - 0x72, 0x69, 0x6c, 0x65, 0x61, 0x6e, 0x12, 0x0b, 0x0a, 0x07, 0x4e, 0x4f, 0x54, 0x5f, 0x53, 0x45, - 0x54, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x54, 0x52, 0x55, 0x45, 0x10, 0x01, 0x12, 0x09, 0x0a, - 0x05, 0x46, 0x41, 0x4c, 0x53, 0x45, 0x10, 0x02, 0x2a, 0x52, 0x0a, 0x0d, 0x54, 0x72, 0x61, 0x63, - 0x65, 0x52, 0x6f, 0x6f, 0x74, 0x46, 0x6c, 0x61, 0x67, 0x12, 0x16, 0x0a, 0x12, 0x44, 0x45, 0x50, - 0x52, 0x45, 0x43, 0x41, 0x54, 0x45, 0x44, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x53, 0x45, 0x54, 0x10, - 0x00, 0x12, 0x13, 0x0a, 0x0f, 0x44, 0x45, 0x50, 0x52, 0x45, 0x43, 0x41, 0x54, 0x45, 0x44, 0x5f, - 0x54, 0x52, 0x55, 0x45, 0x10, 0x01, 0x12, 0x14, 0x0a, 0x10, 0x44, 0x45, 0x50, 0x52, 0x45, 0x43, - 0x41, 0x54, 0x45, 0x44, 0x5f, 0x46, 0x41, 0x4c, 0x53, 0x45, 0x10, 0x02, 0x42, 0x16, 0x5a, 0x14, - 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x70, 0x62, 0x67, 0x6f, 0x2f, 0x74, - 0x72, 0x61, 0x63, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_datadog_trace_stats_proto_rawDescOnce sync.Once - file_datadog_trace_stats_proto_rawDescData = file_datadog_trace_stats_proto_rawDesc -) - -func file_datadog_trace_stats_proto_rawDescGZIP() []byte { - file_datadog_trace_stats_proto_rawDescOnce.Do(func() { - file_datadog_trace_stats_proto_rawDescData = protoimpl.X.CompressGZIP(file_datadog_trace_stats_proto_rawDescData) - }) - return file_datadog_trace_stats_proto_rawDescData -} - -var file_datadog_trace_stats_proto_enumTypes = make([]protoimpl.EnumInfo, 2) -var file_datadog_trace_stats_proto_msgTypes = make([]protoimpl.MessageInfo, 4) -var file_datadog_trace_stats_proto_goTypes = []interface{}{ - (Trilean)(0), // 0: datadog.trace.Trilean - (TraceRootFlag)(0), // 1: datadog.trace.TraceRootFlag - (*StatsPayload)(nil), // 2: datadog.trace.StatsPayload - (*ClientStatsPayload)(nil), // 3: datadog.trace.ClientStatsPayload - (*ClientStatsBucket)(nil), // 4: datadog.trace.ClientStatsBucket - (*ClientGroupedStats)(nil), // 5: datadog.trace.ClientGroupedStats -} -var file_datadog_trace_stats_proto_depIdxs = []int32{ - 3, // 0: datadog.trace.StatsPayload.stats:type_name -> datadog.trace.ClientStatsPayload - 4, // 1: datadog.trace.ClientStatsPayload.stats:type_name -> datadog.trace.ClientStatsBucket - 5, // 2: datadog.trace.ClientStatsBucket.stats:type_name -> datadog.trace.ClientGroupedStats - 0, // 3: datadog.trace.ClientGroupedStats.is_trace_root:type_name -> datadog.trace.Trilean - 4, // [4:4] is the sub-list for method output_type - 4, // [4:4] is the sub-list for method input_type - 4, // [4:4] is the sub-list for extension type_name - 4, // [4:4] is the sub-list for extension extendee - 0, // [0:4] is the sub-list for field type_name -} - -func init() { file_datadog_trace_stats_proto_init() } -func file_datadog_trace_stats_proto_init() { - if File_datadog_trace_stats_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_datadog_trace_stats_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*StatsPayload); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_datadog_trace_stats_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ClientStatsPayload); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_datadog_trace_stats_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ClientStatsBucket); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_datadog_trace_stats_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*ClientGroupedStats); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_datadog_trace_stats_proto_rawDesc, - NumEnums: 2, - NumMessages: 4, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_datadog_trace_stats_proto_goTypes, - DependencyIndexes: file_datadog_trace_stats_proto_depIdxs, - EnumInfos: file_datadog_trace_stats_proto_enumTypes, - MessageInfos: file_datadog_trace_stats_proto_msgTypes, - }.Build() - File_datadog_trace_stats_proto = out.File - file_datadog_trace_stats_proto_rawDesc = nil - file_datadog_trace_stats_proto_goTypes = nil - file_datadog_trace_stats_proto_depIdxs = nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats_gen.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats_gen.go deleted file mode 100644 index 0747621c..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats_gen.go +++ /dev/null @@ -1,1844 +0,0 @@ -package trace - -// Code generated by github.com/tinylib/msgp DO NOT EDIT. - -import ( - "github.com/tinylib/msgp/msgp" -) - -// DecodeMsg implements msgp.Decodable -func (z *ClientGroupedStats) DecodeMsg(dc *msgp.Reader) (err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, err = dc.ReadMapHeader() - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, err = dc.ReadMapKeyPtr() - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "Service": - z.Service, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - case "Name": - z.Name, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Name") - return - } - case "Resource": - z.Resource, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Resource") - return - } - case "HTTPStatusCode": - z.HTTPStatusCode, err = dc.ReadUint32() - if err != nil { - err = msgp.WrapError(err, "HTTPStatusCode") - return - } - case "Type": - z.Type, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Type") - return - } - case "DBType": - z.DBType, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "DBType") - return - } - case "Hits": - z.Hits, err = dc.ReadUint64() - if err != nil { - err = msgp.WrapError(err, "Hits") - return - } - case "Errors": - z.Errors, err = dc.ReadUint64() - if err != nil { - err = msgp.WrapError(err, "Errors") - return - } - case "Duration": - z.Duration, err = dc.ReadUint64() - if err != nil { - err = msgp.WrapError(err, "Duration") - return - } - case "OkSummary": - z.OkSummary, err = dc.ReadBytes(z.OkSummary) - if err != nil { - err = msgp.WrapError(err, "OkSummary") - return - } - case "ErrorSummary": - z.ErrorSummary, err = dc.ReadBytes(z.ErrorSummary) - if err != nil { - err = msgp.WrapError(err, "ErrorSummary") - return - } - case "Synthetics": - z.Synthetics, err = dc.ReadBool() - if err != nil { - err = msgp.WrapError(err, "Synthetics") - return - } - case "TopLevelHits": - z.TopLevelHits, err = dc.ReadUint64() - if err != nil { - err = msgp.WrapError(err, "TopLevelHits") - return - } - case "SpanKind": - z.SpanKind, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "SpanKind") - return - } - case "PeerTags": - var zb0002 uint32 - zb0002, err = dc.ReadArrayHeader() - if err != nil { - err = msgp.WrapError(err, "PeerTags") - return - } - if cap(z.PeerTags) >= int(zb0002) { - z.PeerTags = (z.PeerTags)[:zb0002] - } else { - z.PeerTags = make([]string, zb0002) - } - for za0001 := range z.PeerTags { - z.PeerTags[za0001], err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "PeerTags", za0001) - return - } - } - case "IsTraceRoot": - { - var zb0003 int32 - zb0003, err = dc.ReadInt32() - if err != nil { - err = msgp.WrapError(err, "IsTraceRoot") - return - } - z.IsTraceRoot = Trilean(zb0003) - } - default: - err = dc.Skip() - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - return -} - -// EncodeMsg implements msgp.Encodable -func (z *ClientGroupedStats) EncodeMsg(en *msgp.Writer) (err error) { - // map header, size 16 - // write "Service" - err = en.Append(0xde, 0x0, 0x10, 0xa7, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65) - if err != nil { - return - } - err = en.WriteString(z.Service) - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - // write "Name" - err = en.Append(0xa4, 0x4e, 0x61, 0x6d, 0x65) - if err != nil { - return - } - err = en.WriteString(z.Name) - if err != nil { - err = msgp.WrapError(err, "Name") - return - } - // write "Resource" - err = en.Append(0xa8, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65) - if err != nil { - return - } - err = en.WriteString(z.Resource) - if err != nil { - err = msgp.WrapError(err, "Resource") - return - } - // write "HTTPStatusCode" - err = en.Append(0xae, 0x48, 0x54, 0x54, 0x50, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65) - if err != nil { - return - } - err = en.WriteUint32(z.HTTPStatusCode) - if err != nil { - err = msgp.WrapError(err, "HTTPStatusCode") - return - } - // write "Type" - err = en.Append(0xa4, 0x54, 0x79, 0x70, 0x65) - if err != nil { - return - } - err = en.WriteString(z.Type) - if err != nil { - err = msgp.WrapError(err, "Type") - return - } - // write "DBType" - err = en.Append(0xa6, 0x44, 0x42, 0x54, 0x79, 0x70, 0x65) - if err != nil { - return - } - err = en.WriteString(z.DBType) - if err != nil { - err = msgp.WrapError(err, "DBType") - return - } - // write "Hits" - err = en.Append(0xa4, 0x48, 0x69, 0x74, 0x73) - if err != nil { - return - } - err = en.WriteUint64(z.Hits) - if err != nil { - err = msgp.WrapError(err, "Hits") - return - } - // write "Errors" - err = en.Append(0xa6, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x73) - if err != nil { - return - } - err = en.WriteUint64(z.Errors) - if err != nil { - err = msgp.WrapError(err, "Errors") - return - } - // write "Duration" - err = en.Append(0xa8, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e) - if err != nil { - return - } - err = en.WriteUint64(z.Duration) - if err != nil { - err = msgp.WrapError(err, "Duration") - return - } - // write "OkSummary" - err = en.Append(0xa9, 0x4f, 0x6b, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79) - if err != nil { - return - } - err = en.WriteBytes(z.OkSummary) - if err != nil { - err = msgp.WrapError(err, "OkSummary") - return - } - // write "ErrorSummary" - err = en.Append(0xac, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79) - if err != nil { - return - } - err = en.WriteBytes(z.ErrorSummary) - if err != nil { - err = msgp.WrapError(err, "ErrorSummary") - return - } - // write "Synthetics" - err = en.Append(0xaa, 0x53, 0x79, 0x6e, 0x74, 0x68, 0x65, 0x74, 0x69, 0x63, 0x73) - if err != nil { - return - } - err = en.WriteBool(z.Synthetics) - if err != nil { - err = msgp.WrapError(err, "Synthetics") - return - } - // write "TopLevelHits" - err = en.Append(0xac, 0x54, 0x6f, 0x70, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x48, 0x69, 0x74, 0x73) - if err != nil { - return - } - err = en.WriteUint64(z.TopLevelHits) - if err != nil { - err = msgp.WrapError(err, "TopLevelHits") - return - } - // write "SpanKind" - err = en.Append(0xa8, 0x53, 0x70, 0x61, 0x6e, 0x4b, 0x69, 0x6e, 0x64) - if err != nil { - return - } - err = en.WriteString(z.SpanKind) - if err != nil { - err = msgp.WrapError(err, "SpanKind") - return - } - // write "PeerTags" - err = en.Append(0xa8, 0x50, 0x65, 0x65, 0x72, 0x54, 0x61, 0x67, 0x73) - if err != nil { - return - } - err = en.WriteArrayHeader(uint32(len(z.PeerTags))) - if err != nil { - err = msgp.WrapError(err, "PeerTags") - return - } - for za0001 := range z.PeerTags { - err = en.WriteString(z.PeerTags[za0001]) - if err != nil { - err = msgp.WrapError(err, "PeerTags", za0001) - return - } - } - // write "IsTraceRoot" - err = en.Append(0xab, 0x49, 0x73, 0x54, 0x72, 0x61, 0x63, 0x65, 0x52, 0x6f, 0x6f, 0x74) - if err != nil { - return - } - err = en.WriteInt32(int32(z.IsTraceRoot)) - if err != nil { - err = msgp.WrapError(err, "IsTraceRoot") - return - } - return -} - -// MarshalMsg implements msgp.Marshaler -func (z *ClientGroupedStats) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // map header, size 16 - // string "Service" - o = append(o, 0xde, 0x0, 0x10, 0xa7, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65) - o = msgp.AppendString(o, z.Service) - // string "Name" - o = append(o, 0xa4, 0x4e, 0x61, 0x6d, 0x65) - o = msgp.AppendString(o, z.Name) - // string "Resource" - o = append(o, 0xa8, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65) - o = msgp.AppendString(o, z.Resource) - // string "HTTPStatusCode" - o = append(o, 0xae, 0x48, 0x54, 0x54, 0x50, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x43, 0x6f, 0x64, 0x65) - o = msgp.AppendUint32(o, z.HTTPStatusCode) - // string "Type" - o = append(o, 0xa4, 0x54, 0x79, 0x70, 0x65) - o = msgp.AppendString(o, z.Type) - // string "DBType" - o = append(o, 0xa6, 0x44, 0x42, 0x54, 0x79, 0x70, 0x65) - o = msgp.AppendString(o, z.DBType) - // string "Hits" - o = append(o, 0xa4, 0x48, 0x69, 0x74, 0x73) - o = msgp.AppendUint64(o, z.Hits) - // string "Errors" - o = append(o, 0xa6, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x73) - o = msgp.AppendUint64(o, z.Errors) - // string "Duration" - o = append(o, 0xa8, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e) - o = msgp.AppendUint64(o, z.Duration) - // string "OkSummary" - o = append(o, 0xa9, 0x4f, 0x6b, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79) - o = msgp.AppendBytes(o, z.OkSummary) - // string "ErrorSummary" - o = append(o, 0xac, 0x45, 0x72, 0x72, 0x6f, 0x72, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79) - o = msgp.AppendBytes(o, z.ErrorSummary) - // string "Synthetics" - o = append(o, 0xaa, 0x53, 0x79, 0x6e, 0x74, 0x68, 0x65, 0x74, 0x69, 0x63, 0x73) - o = msgp.AppendBool(o, z.Synthetics) - // string "TopLevelHits" - o = append(o, 0xac, 0x54, 0x6f, 0x70, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x48, 0x69, 0x74, 0x73) - o = msgp.AppendUint64(o, z.TopLevelHits) - // string "SpanKind" - o = append(o, 0xa8, 0x53, 0x70, 0x61, 0x6e, 0x4b, 0x69, 0x6e, 0x64) - o = msgp.AppendString(o, z.SpanKind) - // string "PeerTags" - o = append(o, 0xa8, 0x50, 0x65, 0x65, 0x72, 0x54, 0x61, 0x67, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.PeerTags))) - for za0001 := range z.PeerTags { - o = msgp.AppendString(o, z.PeerTags[za0001]) - } - // string "IsTraceRoot" - o = append(o, 0xab, 0x49, 0x73, 0x54, 0x72, 0x61, 0x63, 0x65, 0x52, 0x6f, 0x6f, 0x74) - o = msgp.AppendInt32(o, int32(z.IsTraceRoot)) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *ClientGroupedStats) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "Service": - z.Service, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - case "Name": - z.Name, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Name") - return - } - case "Resource": - z.Resource, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Resource") - return - } - case "HTTPStatusCode": - z.HTTPStatusCode, bts, err = msgp.ReadUint32Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "HTTPStatusCode") - return - } - case "Type": - z.Type, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Type") - return - } - case "DBType": - z.DBType, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "DBType") - return - } - case "Hits": - z.Hits, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Hits") - return - } - case "Errors": - z.Errors, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Errors") - return - } - case "Duration": - z.Duration, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Duration") - return - } - case "OkSummary": - z.OkSummary, bts, err = msgp.ReadBytesBytes(bts, z.OkSummary) - if err != nil { - err = msgp.WrapError(err, "OkSummary") - return - } - case "ErrorSummary": - z.ErrorSummary, bts, err = msgp.ReadBytesBytes(bts, z.ErrorSummary) - if err != nil { - err = msgp.WrapError(err, "ErrorSummary") - return - } - case "Synthetics": - z.Synthetics, bts, err = msgp.ReadBoolBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Synthetics") - return - } - case "TopLevelHits": - z.TopLevelHits, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "TopLevelHits") - return - } - case "SpanKind": - z.SpanKind, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "SpanKind") - return - } - case "PeerTags": - var zb0002 uint32 - zb0002, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "PeerTags") - return - } - if cap(z.PeerTags) >= int(zb0002) { - z.PeerTags = (z.PeerTags)[:zb0002] - } else { - z.PeerTags = make([]string, zb0002) - } - for za0001 := range z.PeerTags { - z.PeerTags[za0001], bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "PeerTags", za0001) - return - } - } - case "IsTraceRoot": - { - var zb0003 int32 - zb0003, bts, err = msgp.ReadInt32Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "IsTraceRoot") - return - } - z.IsTraceRoot = Trilean(zb0003) - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *ClientGroupedStats) Msgsize() (s int) { - s = 3 + 8 + msgp.StringPrefixSize + len(z.Service) + 5 + msgp.StringPrefixSize + len(z.Name) + 9 + msgp.StringPrefixSize + len(z.Resource) + 15 + msgp.Uint32Size + 5 + msgp.StringPrefixSize + len(z.Type) + 7 + msgp.StringPrefixSize + len(z.DBType) + 5 + msgp.Uint64Size + 7 + msgp.Uint64Size + 9 + msgp.Uint64Size + 10 + msgp.BytesPrefixSize + len(z.OkSummary) + 13 + msgp.BytesPrefixSize + len(z.ErrorSummary) + 11 + msgp.BoolSize + 13 + msgp.Uint64Size + 9 + msgp.StringPrefixSize + len(z.SpanKind) + 9 + msgp.ArrayHeaderSize - for za0001 := range z.PeerTags { - s += msgp.StringPrefixSize + len(z.PeerTags[za0001]) - } - s += 12 + msgp.Int32Size - return -} - -// DecodeMsg implements msgp.Decodable -func (z *ClientStatsBucket) DecodeMsg(dc *msgp.Reader) (err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, err = dc.ReadMapHeader() - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, err = dc.ReadMapKeyPtr() - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "Start": - z.Start, err = dc.ReadUint64() - if err != nil { - err = msgp.WrapError(err, "Start") - return - } - case "Duration": - z.Duration, err = dc.ReadUint64() - if err != nil { - err = msgp.WrapError(err, "Duration") - return - } - case "Stats": - var zb0002 uint32 - zb0002, err = dc.ReadArrayHeader() - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - if cap(z.Stats) >= int(zb0002) { - z.Stats = (z.Stats)[:zb0002] - } else { - z.Stats = make([]*ClientGroupedStats, zb0002) - } - for za0001 := range z.Stats { - if dc.IsNil() { - err = dc.ReadNil() - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - z.Stats[za0001] = nil - } else { - if z.Stats[za0001] == nil { - z.Stats[za0001] = new(ClientGroupedStats) - } - err = z.Stats[za0001].DecodeMsg(dc) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - case "AgentTimeShift": - z.AgentTimeShift, err = dc.ReadInt64() - if err != nil { - err = msgp.WrapError(err, "AgentTimeShift") - return - } - default: - err = dc.Skip() - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - return -} - -// EncodeMsg implements msgp.Encodable -func (z *ClientStatsBucket) EncodeMsg(en *msgp.Writer) (err error) { - // omitempty: check for empty values - zb0001Len := uint32(4) - var zb0001Mask uint8 /* 4 bits */ - if z.Stats == nil { - zb0001Len-- - zb0001Mask |= 0x4 - } - // variable map header, size zb0001Len - err = en.Append(0x80 | uint8(zb0001Len)) - if err != nil { - return - } - if zb0001Len == 0 { - return - } - // write "Start" - err = en.Append(0xa5, 0x53, 0x74, 0x61, 0x72, 0x74) - if err != nil { - return - } - err = en.WriteUint64(z.Start) - if err != nil { - err = msgp.WrapError(err, "Start") - return - } - // write "Duration" - err = en.Append(0xa8, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e) - if err != nil { - return - } - err = en.WriteUint64(z.Duration) - if err != nil { - err = msgp.WrapError(err, "Duration") - return - } - if (zb0001Mask & 0x4) == 0 { // if not empty - // write "Stats" - err = en.Append(0xa5, 0x53, 0x74, 0x61, 0x74, 0x73) - if err != nil { - return - } - err = en.WriteArrayHeader(uint32(len(z.Stats))) - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - err = en.WriteNil() - if err != nil { - return - } - } else { - err = z.Stats[za0001].EncodeMsg(en) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - } - // write "AgentTimeShift" - err = en.Append(0xae, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x53, 0x68, 0x69, 0x66, 0x74) - if err != nil { - return - } - err = en.WriteInt64(z.AgentTimeShift) - if err != nil { - err = msgp.WrapError(err, "AgentTimeShift") - return - } - return -} - -// MarshalMsg implements msgp.Marshaler -func (z *ClientStatsBucket) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // omitempty: check for empty values - zb0001Len := uint32(4) - var zb0001Mask uint8 /* 4 bits */ - if z.Stats == nil { - zb0001Len-- - zb0001Mask |= 0x4 - } - // variable map header, size zb0001Len - o = append(o, 0x80|uint8(zb0001Len)) - if zb0001Len == 0 { - return - } - // string "Start" - o = append(o, 0xa5, 0x53, 0x74, 0x61, 0x72, 0x74) - o = msgp.AppendUint64(o, z.Start) - // string "Duration" - o = append(o, 0xa8, 0x44, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e) - o = msgp.AppendUint64(o, z.Duration) - if (zb0001Mask & 0x4) == 0 { // if not empty - // string "Stats" - o = append(o, 0xa5, 0x53, 0x74, 0x61, 0x74, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.Stats))) - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z.Stats[za0001].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - } - // string "AgentTimeShift" - o = append(o, 0xae, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x53, 0x68, 0x69, 0x66, 0x74) - o = msgp.AppendInt64(o, z.AgentTimeShift) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *ClientStatsBucket) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "Start": - z.Start, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Start") - return - } - case "Duration": - z.Duration, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Duration") - return - } - case "Stats": - var zb0002 uint32 - zb0002, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - if cap(z.Stats) >= int(zb0002) { - z.Stats = (z.Stats)[:zb0002] - } else { - z.Stats = make([]*ClientGroupedStats, zb0002) - } - for za0001 := range z.Stats { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - z.Stats[za0001] = nil - } else { - if z.Stats[za0001] == nil { - z.Stats[za0001] = new(ClientGroupedStats) - } - bts, err = z.Stats[za0001].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - case "AgentTimeShift": - z.AgentTimeShift, bts, err = msgp.ReadInt64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "AgentTimeShift") - return - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *ClientStatsBucket) Msgsize() (s int) { - s = 1 + 6 + msgp.Uint64Size + 9 + msgp.Uint64Size + 6 + msgp.ArrayHeaderSize - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - s += msgp.NilSize - } else { - s += z.Stats[za0001].Msgsize() - } - } - s += 15 + msgp.Int64Size - return -} - -// DecodeMsg implements msgp.Decodable -func (z *ClientStatsPayload) DecodeMsg(dc *msgp.Reader) (err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, err = dc.ReadMapHeader() - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, err = dc.ReadMapKeyPtr() - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "Hostname": - z.Hostname, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Hostname") - return - } - case "Env": - z.Env, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Env") - return - } - case "Version": - z.Version, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Version") - return - } - case "Stats": - var zb0002 uint32 - zb0002, err = dc.ReadArrayHeader() - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - if cap(z.Stats) >= int(zb0002) { - z.Stats = (z.Stats)[:zb0002] - } else { - z.Stats = make([]*ClientStatsBucket, zb0002) - } - for za0001 := range z.Stats { - if dc.IsNil() { - err = dc.ReadNil() - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - z.Stats[za0001] = nil - } else { - if z.Stats[za0001] == nil { - z.Stats[za0001] = new(ClientStatsBucket) - } - err = z.Stats[za0001].DecodeMsg(dc) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - case "Lang": - z.Lang, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Lang") - return - } - case "TracerVersion": - z.TracerVersion, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "TracerVersion") - return - } - case "RuntimeID": - z.RuntimeID, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "RuntimeID") - return - } - case "Sequence": - z.Sequence, err = dc.ReadUint64() - if err != nil { - err = msgp.WrapError(err, "Sequence") - return - } - case "AgentAggregation": - z.AgentAggregation, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "AgentAggregation") - return - } - case "Service": - z.Service, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - case "ContainerID": - z.ContainerID, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "ContainerID") - return - } - case "Tags": - var zb0003 uint32 - zb0003, err = dc.ReadArrayHeader() - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - if cap(z.Tags) >= int(zb0003) { - z.Tags = (z.Tags)[:zb0003] - } else { - z.Tags = make([]string, zb0003) - } - for za0002 := range z.Tags { - z.Tags[za0002], err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "Tags", za0002) - return - } - } - case "GitCommitSha": - z.GitCommitSha, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "GitCommitSha") - return - } - case "ImageTag": - z.ImageTag, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "ImageTag") - return - } - default: - err = dc.Skip() - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - return -} - -// EncodeMsg implements msgp.Encodable -func (z *ClientStatsPayload) EncodeMsg(en *msgp.Writer) (err error) { - // omitempty: check for empty values - zb0001Len := uint32(14) - var zb0001Mask uint16 /* 14 bits */ - if z.Stats == nil { - zb0001Len-- - zb0001Mask |= 0x8 - } - // variable map header, size zb0001Len - err = en.Append(0x80 | uint8(zb0001Len)) - if err != nil { - return - } - if zb0001Len == 0 { - return - } - // write "Hostname" - err = en.Append(0xa8, 0x48, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65) - if err != nil { - return - } - err = en.WriteString(z.Hostname) - if err != nil { - err = msgp.WrapError(err, "Hostname") - return - } - // write "Env" - err = en.Append(0xa3, 0x45, 0x6e, 0x76) - if err != nil { - return - } - err = en.WriteString(z.Env) - if err != nil { - err = msgp.WrapError(err, "Env") - return - } - // write "Version" - err = en.Append(0xa7, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - if err != nil { - return - } - err = en.WriteString(z.Version) - if err != nil { - err = msgp.WrapError(err, "Version") - return - } - if (zb0001Mask & 0x8) == 0 { // if not empty - // write "Stats" - err = en.Append(0xa5, 0x53, 0x74, 0x61, 0x74, 0x73) - if err != nil { - return - } - err = en.WriteArrayHeader(uint32(len(z.Stats))) - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - err = en.WriteNil() - if err != nil { - return - } - } else { - err = z.Stats[za0001].EncodeMsg(en) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - } - // write "Lang" - err = en.Append(0xa4, 0x4c, 0x61, 0x6e, 0x67) - if err != nil { - return - } - err = en.WriteString(z.Lang) - if err != nil { - err = msgp.WrapError(err, "Lang") - return - } - // write "TracerVersion" - err = en.Append(0xad, 0x54, 0x72, 0x61, 0x63, 0x65, 0x72, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - if err != nil { - return - } - err = en.WriteString(z.TracerVersion) - if err != nil { - err = msgp.WrapError(err, "TracerVersion") - return - } - // write "RuntimeID" - err = en.Append(0xa9, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x49, 0x44) - if err != nil { - return - } - err = en.WriteString(z.RuntimeID) - if err != nil { - err = msgp.WrapError(err, "RuntimeID") - return - } - // write "Sequence" - err = en.Append(0xa8, 0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65) - if err != nil { - return - } - err = en.WriteUint64(z.Sequence) - if err != nil { - err = msgp.WrapError(err, "Sequence") - return - } - // write "AgentAggregation" - err = en.Append(0xb0, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e) - if err != nil { - return - } - err = en.WriteString(z.AgentAggregation) - if err != nil { - err = msgp.WrapError(err, "AgentAggregation") - return - } - // write "Service" - err = en.Append(0xa7, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65) - if err != nil { - return - } - err = en.WriteString(z.Service) - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - // write "ContainerID" - err = en.Append(0xab, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x49, 0x44) - if err != nil { - return - } - err = en.WriteString(z.ContainerID) - if err != nil { - err = msgp.WrapError(err, "ContainerID") - return - } - // write "Tags" - err = en.Append(0xa4, 0x54, 0x61, 0x67, 0x73) - if err != nil { - return - } - err = en.WriteArrayHeader(uint32(len(z.Tags))) - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - for za0002 := range z.Tags { - err = en.WriteString(z.Tags[za0002]) - if err != nil { - err = msgp.WrapError(err, "Tags", za0002) - return - } - } - // write "GitCommitSha" - err = en.Append(0xac, 0x47, 0x69, 0x74, 0x43, 0x6f, 0x6d, 0x6d, 0x69, 0x74, 0x53, 0x68, 0x61) - if err != nil { - return - } - err = en.WriteString(z.GitCommitSha) - if err != nil { - err = msgp.WrapError(err, "GitCommitSha") - return - } - // write "ImageTag" - err = en.Append(0xa8, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x54, 0x61, 0x67) - if err != nil { - return - } - err = en.WriteString(z.ImageTag) - if err != nil { - err = msgp.WrapError(err, "ImageTag") - return - } - return -} - -// MarshalMsg implements msgp.Marshaler -func (z *ClientStatsPayload) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // omitempty: check for empty values - zb0001Len := uint32(14) - var zb0001Mask uint16 /* 14 bits */ - if z.Stats == nil { - zb0001Len-- - zb0001Mask |= 0x8 - } - // variable map header, size zb0001Len - o = append(o, 0x80|uint8(zb0001Len)) - if zb0001Len == 0 { - return - } - // string "Hostname" - o = append(o, 0xa8, 0x48, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65) - o = msgp.AppendString(o, z.Hostname) - // string "Env" - o = append(o, 0xa3, 0x45, 0x6e, 0x76) - o = msgp.AppendString(o, z.Env) - // string "Version" - o = append(o, 0xa7, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - o = msgp.AppendString(o, z.Version) - if (zb0001Mask & 0x8) == 0 { // if not empty - // string "Stats" - o = append(o, 0xa5, 0x53, 0x74, 0x61, 0x74, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.Stats))) - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z.Stats[za0001].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - } - // string "Lang" - o = append(o, 0xa4, 0x4c, 0x61, 0x6e, 0x67) - o = msgp.AppendString(o, z.Lang) - // string "TracerVersion" - o = append(o, 0xad, 0x54, 0x72, 0x61, 0x63, 0x65, 0x72, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - o = msgp.AppendString(o, z.TracerVersion) - // string "RuntimeID" - o = append(o, 0xa9, 0x52, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x49, 0x44) - o = msgp.AppendString(o, z.RuntimeID) - // string "Sequence" - o = append(o, 0xa8, 0x53, 0x65, 0x71, 0x75, 0x65, 0x6e, 0x63, 0x65) - o = msgp.AppendUint64(o, z.Sequence) - // string "AgentAggregation" - o = append(o, 0xb0, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x41, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x69, 0x6f, 0x6e) - o = msgp.AppendString(o, z.AgentAggregation) - // string "Service" - o = append(o, 0xa7, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65) - o = msgp.AppendString(o, z.Service) - // string "ContainerID" - o = append(o, 0xab, 0x43, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x49, 0x44) - o = msgp.AppendString(o, z.ContainerID) - // string "Tags" - o = append(o, 0xa4, 0x54, 0x61, 0x67, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.Tags))) - for za0002 := range z.Tags { - o = msgp.AppendString(o, z.Tags[za0002]) - } - // string "GitCommitSha" - o = append(o, 0xac, 0x47, 0x69, 0x74, 0x43, 0x6f, 0x6d, 0x6d, 0x69, 0x74, 0x53, 0x68, 0x61) - o = msgp.AppendString(o, z.GitCommitSha) - // string "ImageTag" - o = append(o, 0xa8, 0x49, 0x6d, 0x61, 0x67, 0x65, 0x54, 0x61, 0x67) - o = msgp.AppendString(o, z.ImageTag) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *ClientStatsPayload) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "Hostname": - z.Hostname, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Hostname") - return - } - case "Env": - z.Env, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Env") - return - } - case "Version": - z.Version, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Version") - return - } - case "Stats": - var zb0002 uint32 - zb0002, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - if cap(z.Stats) >= int(zb0002) { - z.Stats = (z.Stats)[:zb0002] - } else { - z.Stats = make([]*ClientStatsBucket, zb0002) - } - for za0001 := range z.Stats { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - z.Stats[za0001] = nil - } else { - if z.Stats[za0001] == nil { - z.Stats[za0001] = new(ClientStatsBucket) - } - bts, err = z.Stats[za0001].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - case "Lang": - z.Lang, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Lang") - return - } - case "TracerVersion": - z.TracerVersion, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "TracerVersion") - return - } - case "RuntimeID": - z.RuntimeID, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "RuntimeID") - return - } - case "Sequence": - z.Sequence, bts, err = msgp.ReadUint64Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Sequence") - return - } - case "AgentAggregation": - z.AgentAggregation, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "AgentAggregation") - return - } - case "Service": - z.Service, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Service") - return - } - case "ContainerID": - z.ContainerID, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "ContainerID") - return - } - case "Tags": - var zb0003 uint32 - zb0003, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - if cap(z.Tags) >= int(zb0003) { - z.Tags = (z.Tags)[:zb0003] - } else { - z.Tags = make([]string, zb0003) - } - for za0002 := range z.Tags { - z.Tags[za0002], bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags", za0002) - return - } - } - case "GitCommitSha": - z.GitCommitSha, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "GitCommitSha") - return - } - case "ImageTag": - z.ImageTag, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "ImageTag") - return - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *ClientStatsPayload) Msgsize() (s int) { - s = 1 + 9 + msgp.StringPrefixSize + len(z.Hostname) + 4 + msgp.StringPrefixSize + len(z.Env) + 8 + msgp.StringPrefixSize + len(z.Version) + 6 + msgp.ArrayHeaderSize - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - s += msgp.NilSize - } else { - s += z.Stats[za0001].Msgsize() - } - } - s += 5 + msgp.StringPrefixSize + len(z.Lang) + 14 + msgp.StringPrefixSize + len(z.TracerVersion) + 10 + msgp.StringPrefixSize + len(z.RuntimeID) + 9 + msgp.Uint64Size + 17 + msgp.StringPrefixSize + len(z.AgentAggregation) + 8 + msgp.StringPrefixSize + len(z.Service) + 12 + msgp.StringPrefixSize + len(z.ContainerID) + 5 + msgp.ArrayHeaderSize - for za0002 := range z.Tags { - s += msgp.StringPrefixSize + len(z.Tags[za0002]) - } - s += 13 + msgp.StringPrefixSize + len(z.GitCommitSha) + 9 + msgp.StringPrefixSize + len(z.ImageTag) - return -} - -// DecodeMsg implements msgp.Decodable -func (z *StatsPayload) DecodeMsg(dc *msgp.Reader) (err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, err = dc.ReadMapHeader() - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, err = dc.ReadMapKeyPtr() - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "AgentHostname": - z.AgentHostname, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "AgentHostname") - return - } - case "AgentEnv": - z.AgentEnv, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "AgentEnv") - return - } - case "Stats": - var zb0002 uint32 - zb0002, err = dc.ReadArrayHeader() - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - if cap(z.Stats) >= int(zb0002) { - z.Stats = (z.Stats)[:zb0002] - } else { - z.Stats = make([]*ClientStatsPayload, zb0002) - } - for za0001 := range z.Stats { - if dc.IsNil() { - err = dc.ReadNil() - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - z.Stats[za0001] = nil - } else { - if z.Stats[za0001] == nil { - z.Stats[za0001] = new(ClientStatsPayload) - } - err = z.Stats[za0001].DecodeMsg(dc) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - case "AgentVersion": - z.AgentVersion, err = dc.ReadString() - if err != nil { - err = msgp.WrapError(err, "AgentVersion") - return - } - case "ClientComputed": - z.ClientComputed, err = dc.ReadBool() - if err != nil { - err = msgp.WrapError(err, "ClientComputed") - return - } - case "SplitPayload": - z.SplitPayload, err = dc.ReadBool() - if err != nil { - err = msgp.WrapError(err, "SplitPayload") - return - } - default: - err = dc.Skip() - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - return -} - -// EncodeMsg implements msgp.Encodable -func (z *StatsPayload) EncodeMsg(en *msgp.Writer) (err error) { - // omitempty: check for empty values - zb0001Len := uint32(6) - var zb0001Mask uint8 /* 6 bits */ - if z.Stats == nil { - zb0001Len-- - zb0001Mask |= 0x4 - } - // variable map header, size zb0001Len - err = en.Append(0x80 | uint8(zb0001Len)) - if err != nil { - return - } - if zb0001Len == 0 { - return - } - // write "AgentHostname" - err = en.Append(0xad, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x48, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65) - if err != nil { - return - } - err = en.WriteString(z.AgentHostname) - if err != nil { - err = msgp.WrapError(err, "AgentHostname") - return - } - // write "AgentEnv" - err = en.Append(0xa8, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x6e, 0x76) - if err != nil { - return - } - err = en.WriteString(z.AgentEnv) - if err != nil { - err = msgp.WrapError(err, "AgentEnv") - return - } - if (zb0001Mask & 0x4) == 0 { // if not empty - // write "Stats" - err = en.Append(0xa5, 0x53, 0x74, 0x61, 0x74, 0x73) - if err != nil { - return - } - err = en.WriteArrayHeader(uint32(len(z.Stats))) - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - err = en.WriteNil() - if err != nil { - return - } - } else { - err = z.Stats[za0001].EncodeMsg(en) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - } - // write "AgentVersion" - err = en.Append(0xac, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - if err != nil { - return - } - err = en.WriteString(z.AgentVersion) - if err != nil { - err = msgp.WrapError(err, "AgentVersion") - return - } - // write "ClientComputed" - err = en.Append(0xae, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x64) - if err != nil { - return - } - err = en.WriteBool(z.ClientComputed) - if err != nil { - err = msgp.WrapError(err, "ClientComputed") - return - } - // write "SplitPayload" - err = en.Append(0xac, 0x53, 0x70, 0x6c, 0x69, 0x74, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64) - if err != nil { - return - } - err = en.WriteBool(z.SplitPayload) - if err != nil { - err = msgp.WrapError(err, "SplitPayload") - return - } - return -} - -// MarshalMsg implements msgp.Marshaler -func (z *StatsPayload) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // omitempty: check for empty values - zb0001Len := uint32(6) - var zb0001Mask uint8 /* 6 bits */ - if z.Stats == nil { - zb0001Len-- - zb0001Mask |= 0x4 - } - // variable map header, size zb0001Len - o = append(o, 0x80|uint8(zb0001Len)) - if zb0001Len == 0 { - return - } - // string "AgentHostname" - o = append(o, 0xad, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x48, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65) - o = msgp.AppendString(o, z.AgentHostname) - // string "AgentEnv" - o = append(o, 0xa8, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x45, 0x6e, 0x76) - o = msgp.AppendString(o, z.AgentEnv) - if (zb0001Mask & 0x4) == 0 { // if not empty - // string "Stats" - o = append(o, 0xa5, 0x53, 0x74, 0x61, 0x74, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.Stats))) - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z.Stats[za0001].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - } - // string "AgentVersion" - o = append(o, 0xac, 0x41, 0x67, 0x65, 0x6e, 0x74, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - o = msgp.AppendString(o, z.AgentVersion) - // string "ClientComputed" - o = append(o, 0xae, 0x43, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x64) - o = msgp.AppendBool(o, z.ClientComputed) - // string "SplitPayload" - o = append(o, 0xac, 0x53, 0x70, 0x6c, 0x69, 0x74, 0x50, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64) - o = msgp.AppendBool(o, z.SplitPayload) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *StatsPayload) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "AgentHostname": - z.AgentHostname, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "AgentHostname") - return - } - case "AgentEnv": - z.AgentEnv, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "AgentEnv") - return - } - case "Stats": - var zb0002 uint32 - zb0002, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Stats") - return - } - if cap(z.Stats) >= int(zb0002) { - z.Stats = (z.Stats)[:zb0002] - } else { - z.Stats = make([]*ClientStatsPayload, zb0002) - } - for za0001 := range z.Stats { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - z.Stats[za0001] = nil - } else { - if z.Stats[za0001] == nil { - z.Stats[za0001] = new(ClientStatsPayload) - } - bts, err = z.Stats[za0001].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, "Stats", za0001) - return - } - } - } - case "AgentVersion": - z.AgentVersion, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "AgentVersion") - return - } - case "ClientComputed": - z.ClientComputed, bts, err = msgp.ReadBoolBytes(bts) - if err != nil { - err = msgp.WrapError(err, "ClientComputed") - return - } - case "SplitPayload": - z.SplitPayload, bts, err = msgp.ReadBoolBytes(bts) - if err != nil { - err = msgp.WrapError(err, "SplitPayload") - return - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *StatsPayload) Msgsize() (s int) { - s = 1 + 14 + msgp.StringPrefixSize + len(z.AgentHostname) + 9 + msgp.StringPrefixSize + len(z.AgentEnv) + 6 + msgp.ArrayHeaderSize - for za0001 := range z.Stats { - if z.Stats[za0001] == nil { - s += msgp.NilSize - } else { - s += z.Stats[za0001].Msgsize() - } - } - s += 13 + msgp.StringPrefixSize + len(z.AgentVersion) + 15 + msgp.BoolSize + 13 + msgp.BoolSize - return -} - -// DecodeMsg implements msgp.Decodable -func (z *TraceRootFlag) DecodeMsg(dc *msgp.Reader) (err error) { - { - var zb0001 int32 - zb0001, err = dc.ReadInt32() - if err != nil { - err = msgp.WrapError(err) - return - } - (*z) = TraceRootFlag(zb0001) - } - return -} - -// EncodeMsg implements msgp.Encodable -func (z TraceRootFlag) EncodeMsg(en *msgp.Writer) (err error) { - err = en.WriteInt32(int32(z)) - if err != nil { - err = msgp.WrapError(err) - return - } - return -} - -// MarshalMsg implements msgp.Marshaler -func (z TraceRootFlag) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - o = msgp.AppendInt32(o, int32(z)) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *TraceRootFlag) UnmarshalMsg(bts []byte) (o []byte, err error) { - { - var zb0001 int32 - zb0001, bts, err = msgp.ReadInt32Bytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - (*z) = TraceRootFlag(zb0001) - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z TraceRootFlag) Msgsize() (s int) { - s = msgp.Int32Size - return -} - -// DecodeMsg implements msgp.Decodable -func (z *Trilean) DecodeMsg(dc *msgp.Reader) (err error) { - { - var zb0001 int32 - zb0001, err = dc.ReadInt32() - if err != nil { - err = msgp.WrapError(err) - return - } - (*z) = Trilean(zb0001) - } - return -} - -// EncodeMsg implements msgp.Encodable -func (z Trilean) EncodeMsg(en *msgp.Writer) (err error) { - err = en.WriteInt32(int32(z)) - if err != nil { - err = msgp.WrapError(err) - return - } - return -} - -// MarshalMsg implements msgp.Marshaler -func (z Trilean) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - o = msgp.AppendInt32(o, int32(z)) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *Trilean) UnmarshalMsg(bts []byte) (o []byte, err error) { - { - var zb0001 int32 - zb0001, bts, err = msgp.ReadInt32Bytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - (*z) = Trilean(zb0001) - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z Trilean) Msgsize() (s int) { - s = msgp.Int32Size - return -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats_vtproto.pb.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats_vtproto.pb.go deleted file mode 100644 index 002bfad3..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/stats_vtproto.pb.go +++ /dev/null @@ -1,1968 +0,0 @@ -// Code generated by protoc-gen-go-vtproto. DO NOT EDIT. -// protoc-gen-go-vtproto version: v0.4.0 -// source: datadog/trace/stats.proto - -package trace - -import ( - fmt "fmt" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - io "io" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -func (m *StatsPayload) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *StatsPayload) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *StatsPayload) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if m.SplitPayload { - i-- - if m.SplitPayload { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x30 - } - if m.ClientComputed { - i-- - if m.ClientComputed { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x28 - } - if len(m.AgentVersion) > 0 { - i -= len(m.AgentVersion) - copy(dAtA[i:], m.AgentVersion) - i = encodeVarint(dAtA, i, uint64(len(m.AgentVersion))) - i-- - dAtA[i] = 0x22 - } - if len(m.Stats) > 0 { - for iNdEx := len(m.Stats) - 1; iNdEx >= 0; iNdEx-- { - size, err := m.Stats[iNdEx].MarshalToSizedBufferVT(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarint(dAtA, i, uint64(size)) - i-- - dAtA[i] = 0x1a - } - } - if len(m.AgentEnv) > 0 { - i -= len(m.AgentEnv) - copy(dAtA[i:], m.AgentEnv) - i = encodeVarint(dAtA, i, uint64(len(m.AgentEnv))) - i-- - dAtA[i] = 0x12 - } - if len(m.AgentHostname) > 0 { - i -= len(m.AgentHostname) - copy(dAtA[i:], m.AgentHostname) - i = encodeVarint(dAtA, i, uint64(len(m.AgentHostname))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *ClientStatsPayload) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *ClientStatsPayload) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *ClientStatsPayload) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if len(m.ImageTag) > 0 { - i -= len(m.ImageTag) - copy(dAtA[i:], m.ImageTag) - i = encodeVarint(dAtA, i, uint64(len(m.ImageTag))) - i-- - dAtA[i] = 0x72 - } - if len(m.GitCommitSha) > 0 { - i -= len(m.GitCommitSha) - copy(dAtA[i:], m.GitCommitSha) - i = encodeVarint(dAtA, i, uint64(len(m.GitCommitSha))) - i-- - dAtA[i] = 0x6a - } - if len(m.Tags) > 0 { - for iNdEx := len(m.Tags) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.Tags[iNdEx]) - copy(dAtA[i:], m.Tags[iNdEx]) - i = encodeVarint(dAtA, i, uint64(len(m.Tags[iNdEx]))) - i-- - dAtA[i] = 0x62 - } - } - if len(m.ContainerID) > 0 { - i -= len(m.ContainerID) - copy(dAtA[i:], m.ContainerID) - i = encodeVarint(dAtA, i, uint64(len(m.ContainerID))) - i-- - dAtA[i] = 0x5a - } - if len(m.Service) > 0 { - i -= len(m.Service) - copy(dAtA[i:], m.Service) - i = encodeVarint(dAtA, i, uint64(len(m.Service))) - i-- - dAtA[i] = 0x52 - } - if len(m.AgentAggregation) > 0 { - i -= len(m.AgentAggregation) - copy(dAtA[i:], m.AgentAggregation) - i = encodeVarint(dAtA, i, uint64(len(m.AgentAggregation))) - i-- - dAtA[i] = 0x4a - } - if m.Sequence != 0 { - i = encodeVarint(dAtA, i, uint64(m.Sequence)) - i-- - dAtA[i] = 0x40 - } - if len(m.RuntimeID) > 0 { - i -= len(m.RuntimeID) - copy(dAtA[i:], m.RuntimeID) - i = encodeVarint(dAtA, i, uint64(len(m.RuntimeID))) - i-- - dAtA[i] = 0x3a - } - if len(m.TracerVersion) > 0 { - i -= len(m.TracerVersion) - copy(dAtA[i:], m.TracerVersion) - i = encodeVarint(dAtA, i, uint64(len(m.TracerVersion))) - i-- - dAtA[i] = 0x32 - } - if len(m.Lang) > 0 { - i -= len(m.Lang) - copy(dAtA[i:], m.Lang) - i = encodeVarint(dAtA, i, uint64(len(m.Lang))) - i-- - dAtA[i] = 0x2a - } - if len(m.Stats) > 0 { - for iNdEx := len(m.Stats) - 1; iNdEx >= 0; iNdEx-- { - size, err := m.Stats[iNdEx].MarshalToSizedBufferVT(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarint(dAtA, i, uint64(size)) - i-- - dAtA[i] = 0x22 - } - } - if len(m.Version) > 0 { - i -= len(m.Version) - copy(dAtA[i:], m.Version) - i = encodeVarint(dAtA, i, uint64(len(m.Version))) - i-- - dAtA[i] = 0x1a - } - if len(m.Env) > 0 { - i -= len(m.Env) - copy(dAtA[i:], m.Env) - i = encodeVarint(dAtA, i, uint64(len(m.Env))) - i-- - dAtA[i] = 0x12 - } - if len(m.Hostname) > 0 { - i -= len(m.Hostname) - copy(dAtA[i:], m.Hostname) - i = encodeVarint(dAtA, i, uint64(len(m.Hostname))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *ClientStatsBucket) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *ClientStatsBucket) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *ClientStatsBucket) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if m.AgentTimeShift != 0 { - i = encodeVarint(dAtA, i, uint64(m.AgentTimeShift)) - i-- - dAtA[i] = 0x20 - } - if len(m.Stats) > 0 { - for iNdEx := len(m.Stats) - 1; iNdEx >= 0; iNdEx-- { - size, err := m.Stats[iNdEx].MarshalToSizedBufferVT(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarint(dAtA, i, uint64(size)) - i-- - dAtA[i] = 0x1a - } - } - if m.Duration != 0 { - i = encodeVarint(dAtA, i, uint64(m.Duration)) - i-- - dAtA[i] = 0x10 - } - if m.Start != 0 { - i = encodeVarint(dAtA, i, uint64(m.Start)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *ClientGroupedStats) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *ClientGroupedStats) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *ClientGroupedStats) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if m.IsTraceRoot != 0 { - i = encodeVarint(dAtA, i, uint64(m.IsTraceRoot)) - i-- - dAtA[i] = 0x1 - i-- - dAtA[i] = 0x88 - } - if len(m.PeerTags) > 0 { - for iNdEx := len(m.PeerTags) - 1; iNdEx >= 0; iNdEx-- { - i -= len(m.PeerTags[iNdEx]) - copy(dAtA[i:], m.PeerTags[iNdEx]) - i = encodeVarint(dAtA, i, uint64(len(m.PeerTags[iNdEx]))) - i-- - dAtA[i] = 0x1 - i-- - dAtA[i] = 0x82 - } - } - if len(m.SpanKind) > 0 { - i -= len(m.SpanKind) - copy(dAtA[i:], m.SpanKind) - i = encodeVarint(dAtA, i, uint64(len(m.SpanKind))) - i-- - dAtA[i] = 0x7a - } - if m.TopLevelHits != 0 { - i = encodeVarint(dAtA, i, uint64(m.TopLevelHits)) - i-- - dAtA[i] = 0x68 - } - if m.Synthetics { - i-- - if m.Synthetics { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x60 - } - if len(m.ErrorSummary) > 0 { - i -= len(m.ErrorSummary) - copy(dAtA[i:], m.ErrorSummary) - i = encodeVarint(dAtA, i, uint64(len(m.ErrorSummary))) - i-- - dAtA[i] = 0x5a - } - if len(m.OkSummary) > 0 { - i -= len(m.OkSummary) - copy(dAtA[i:], m.OkSummary) - i = encodeVarint(dAtA, i, uint64(len(m.OkSummary))) - i-- - dAtA[i] = 0x52 - } - if m.Duration != 0 { - i = encodeVarint(dAtA, i, uint64(m.Duration)) - i-- - dAtA[i] = 0x48 - } - if m.Errors != 0 { - i = encodeVarint(dAtA, i, uint64(m.Errors)) - i-- - dAtA[i] = 0x40 - } - if m.Hits != 0 { - i = encodeVarint(dAtA, i, uint64(m.Hits)) - i-- - dAtA[i] = 0x38 - } - if len(m.DBType) > 0 { - i -= len(m.DBType) - copy(dAtA[i:], m.DBType) - i = encodeVarint(dAtA, i, uint64(len(m.DBType))) - i-- - dAtA[i] = 0x32 - } - if len(m.Type) > 0 { - i -= len(m.Type) - copy(dAtA[i:], m.Type) - i = encodeVarint(dAtA, i, uint64(len(m.Type))) - i-- - dAtA[i] = 0x2a - } - if m.HTTPStatusCode != 0 { - i = encodeVarint(dAtA, i, uint64(m.HTTPStatusCode)) - i-- - dAtA[i] = 0x20 - } - if len(m.Resource) > 0 { - i -= len(m.Resource) - copy(dAtA[i:], m.Resource) - i = encodeVarint(dAtA, i, uint64(len(m.Resource))) - i-- - dAtA[i] = 0x1a - } - if len(m.Name) > 0 { - i -= len(m.Name) - copy(dAtA[i:], m.Name) - i = encodeVarint(dAtA, i, uint64(len(m.Name))) - i-- - dAtA[i] = 0x12 - } - if len(m.Service) > 0 { - i -= len(m.Service) - copy(dAtA[i:], m.Service) - i = encodeVarint(dAtA, i, uint64(len(m.Service))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *StatsPayload) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.AgentHostname) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.AgentEnv) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if len(m.Stats) > 0 { - for _, e := range m.Stats { - l = e.SizeVT() - n += 1 + l + sov(uint64(l)) - } - } - l = len(m.AgentVersion) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if m.ClientComputed { - n += 2 - } - if m.SplitPayload { - n += 2 - } - n += len(m.unknownFields) - return n -} - -func (m *ClientStatsPayload) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Hostname) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Env) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Version) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if len(m.Stats) > 0 { - for _, e := range m.Stats { - l = e.SizeVT() - n += 1 + l + sov(uint64(l)) - } - } - l = len(m.Lang) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.TracerVersion) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.RuntimeID) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if m.Sequence != 0 { - n += 1 + sov(uint64(m.Sequence)) - } - l = len(m.AgentAggregation) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Service) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.ContainerID) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if len(m.Tags) > 0 { - for _, s := range m.Tags { - l = len(s) - n += 1 + l + sov(uint64(l)) - } - } - l = len(m.GitCommitSha) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.ImageTag) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - n += len(m.unknownFields) - return n -} - -func (m *ClientStatsBucket) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Start != 0 { - n += 1 + sov(uint64(m.Start)) - } - if m.Duration != 0 { - n += 1 + sov(uint64(m.Duration)) - } - if len(m.Stats) > 0 { - for _, e := range m.Stats { - l = e.SizeVT() - n += 1 + l + sov(uint64(l)) - } - } - if m.AgentTimeShift != 0 { - n += 1 + sov(uint64(m.AgentTimeShift)) - } - n += len(m.unknownFields) - return n -} - -func (m *ClientGroupedStats) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.Service) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Name) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Resource) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if m.HTTPStatusCode != 0 { - n += 1 + sov(uint64(m.HTTPStatusCode)) - } - l = len(m.Type) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.DBType) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if m.Hits != 0 { - n += 1 + sov(uint64(m.Hits)) - } - if m.Errors != 0 { - n += 1 + sov(uint64(m.Errors)) - } - if m.Duration != 0 { - n += 1 + sov(uint64(m.Duration)) - } - l = len(m.OkSummary) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.ErrorSummary) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if m.Synthetics { - n += 2 - } - if m.TopLevelHits != 0 { - n += 1 + sov(uint64(m.TopLevelHits)) - } - l = len(m.SpanKind) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if len(m.PeerTags) > 0 { - for _, s := range m.PeerTags { - l = len(s) - n += 2 + l + sov(uint64(l)) - } - } - if m.IsTraceRoot != 0 { - n += 2 + sov(uint64(m.IsTraceRoot)) - } - n += len(m.unknownFields) - return n -} - -func (m *StatsPayload) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: StatsPayload: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: StatsPayload: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AgentHostname", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AgentHostname = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AgentEnv", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AgentEnv = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Stats", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Stats = append(m.Stats, &ClientStatsPayload{}) - if err := m.Stats[len(m.Stats)-1].UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AgentVersion", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AgentVersion = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 5: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field ClientComputed", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.ClientComputed = bool(v != 0) - case 6: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field SplitPayload", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.SplitPayload = bool(v != 0) - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ClientStatsPayload) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ClientStatsPayload: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ClientStatsPayload: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Hostname", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Hostname = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Env", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Env = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Version", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Version = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Stats", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Stats = append(m.Stats, &ClientStatsBucket{}) - if err := m.Stats[len(m.Stats)-1].UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Lang", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Lang = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TracerVersion", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.TracerVersion = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 7: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field RuntimeID", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.RuntimeID = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 8: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Sequence", wireType) - } - m.Sequence = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Sequence |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 9: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AgentAggregation", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AgentAggregation = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Service = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 11: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ContainerID", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ContainerID = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 12: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Tags", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Tags = append(m.Tags, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 13: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field GitCommitSha", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.GitCommitSha = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 14: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ImageTag", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ImageTag = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ClientStatsBucket) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ClientStatsBucket: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ClientStatsBucket: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Start", wireType) - } - m.Start = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Start |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 2: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Duration", wireType) - } - m.Duration = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Duration |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Stats", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Stats = append(m.Stats, &ClientGroupedStats{}) - if err := m.Stats[len(m.Stats)-1].UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 4: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field AgentTimeShift", wireType) - } - m.AgentTimeShift = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.AgentTimeShift |= int64(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *ClientGroupedStats) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: ClientGroupedStats: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: ClientGroupedStats: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Service", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Service = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Name", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Name = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Resource", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Resource = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 4: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field HTTPStatusCode", wireType) - } - m.HTTPStatusCode = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.HTTPStatusCode |= uint32(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Type", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Type = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field DBType", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.DBType = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 7: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Hits", wireType) - } - m.Hits = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Hits |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 8: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Errors", wireType) - } - m.Errors = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Errors |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 9: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Duration", wireType) - } - m.Duration = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Duration |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field OkSummary", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.OkSummary = append(m.OkSummary[:0], dAtA[iNdEx:postIndex]...) - if m.OkSummary == nil { - m.OkSummary = []byte{} - } - iNdEx = postIndex - case 11: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ErrorSummary", wireType) - } - var byteLen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - byteLen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if byteLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + byteLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ErrorSummary = append(m.ErrorSummary[:0], dAtA[iNdEx:postIndex]...) - if m.ErrorSummary == nil { - m.ErrorSummary = []byte{} - } - iNdEx = postIndex - case 12: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Synthetics", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.Synthetics = bool(v != 0) - case 13: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field TopLevelHits", wireType) - } - m.TopLevelHits = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.TopLevelHits |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 15: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field SpanKind", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.SpanKind = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 16: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field PeerTags", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.PeerTags = append(m.PeerTags, string(dAtA[iNdEx:postIndex])) - iNdEx = postIndex - case 17: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field IsTraceRoot", wireType) - } - m.IsTraceRoot = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.IsTraceRoot |= Trilean(b&0x7F) << shift - if b < 0x80 { - break - } - } - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/trace.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/trace.go deleted file mode 100644 index 94fd0eda..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/trace.go +++ /dev/null @@ -1,52 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package trace - -//go:generate go run github.com/tinylib/msgp -file=span.pb.go -o span_gen.go -io=false -//go:generate go run github.com/tinylib/msgp -file=tracer_payload.pb.go -o tracer_payload_gen.go -io=false -//go:generate go run github.com/tinylib/msgp -io=false - -// Trace is a collection of spans with the same trace ID -type Trace []*Span - -// Traces is a list of traces. This model matters as this is what we unpack from msgp. -type Traces []Trace - -// RemoveChunk removes a chunk by its index. -func (p *TracerPayload) RemoveChunk(i int) { - if i < 0 || i >= len(p.Chunks) { - return - } - p.Chunks[i] = p.Chunks[len(p.Chunks)-1] - p.Chunks = p.Chunks[:len(p.Chunks)-1] -} - -// Cut cuts off a new tracer payload from the `p` with [0, i-1] chunks -// and keeps [i, n-1] chunks in the original payload `p`. -func (p *TracerPayload) Cut(i int) *TracerPayload { - if i < 0 { - i = 0 - } - if i > len(p.Chunks) { - i = len(p.Chunks) - } - newPayload := TracerPayload{ - ContainerID: p.GetContainerID(), - LanguageName: p.GetLanguageName(), - LanguageVersion: p.GetLanguageVersion(), - TracerVersion: p.GetTracerVersion(), - RuntimeID: p.GetRuntimeID(), - Env: p.GetEnv(), - Hostname: p.GetHostname(), - AppVersion: p.GetAppVersion(), - Tags: p.GetTags(), - } - - newPayload.Chunks = p.Chunks[:i] - p.Chunks = p.Chunks[i:] - - return &newPayload -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/trace_gen.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/trace_gen.go deleted file mode 100644 index 2a2865f3..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/trace_gen.go +++ /dev/null @@ -1,158 +0,0 @@ -package trace - -// Code generated by github.com/tinylib/msgp DO NOT EDIT. - -import ( - "github.com/tinylib/msgp/msgp" -) - -// MarshalMsg implements msgp.Marshaler -func (z Trace) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - o = msgp.AppendArrayHeader(o, uint32(len(z))) - for za0001 := range z { - if z[za0001] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z[za0001].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, za0001) - return - } - } - } - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *Trace) UnmarshalMsg(bts []byte) (o []byte, err error) { - var zb0002 uint32 - zb0002, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - if cap((*z)) >= int(zb0002) { - (*z) = (*z)[:zb0002] - } else { - (*z) = make(Trace, zb0002) - } - for zb0001 := range *z { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - (*z)[zb0001] = nil - } else { - if (*z)[zb0001] == nil { - (*z)[zb0001] = new(Span) - } - bts, err = (*z)[zb0001].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, zb0001) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z Trace) Msgsize() (s int) { - s = msgp.ArrayHeaderSize - for zb0003 := range z { - if z[zb0003] == nil { - s += msgp.NilSize - } else { - s += z[zb0003].Msgsize() - } - } - return -} - -// MarshalMsg implements msgp.Marshaler -func (z Traces) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - o = msgp.AppendArrayHeader(o, uint32(len(z))) - for za0001 := range z { - o = msgp.AppendArrayHeader(o, uint32(len(z[za0001]))) - for za0002 := range z[za0001] { - if z[za0001][za0002] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z[za0001][za0002].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, za0001, za0002) - return - } - } - } - } - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *Traces) UnmarshalMsg(bts []byte) (o []byte, err error) { - var zb0003 uint32 - zb0003, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - if cap((*z)) >= int(zb0003) { - (*z) = (*z)[:zb0003] - } else { - (*z) = make(Traces, zb0003) - } - for zb0001 := range *z { - var zb0004 uint32 - zb0004, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, zb0001) - return - } - if cap((*z)[zb0001]) >= int(zb0004) { - (*z)[zb0001] = ((*z)[zb0001])[:zb0004] - } else { - (*z)[zb0001] = make(Trace, zb0004) - } - for zb0002 := range (*z)[zb0001] { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - (*z)[zb0001][zb0002] = nil - } else { - if (*z)[zb0001][zb0002] == nil { - (*z)[zb0001][zb0002] = new(Span) - } - bts, err = (*z)[zb0001][zb0002].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, zb0001, zb0002) - return - } - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z Traces) Msgsize() (s int) { - s = msgp.ArrayHeaderSize - for zb0005 := range z { - s += msgp.ArrayHeaderSize - for zb0006 := range z[zb0005] { - if z[zb0005][zb0006] == nil { - s += msgp.NilSize - } else { - s += z[zb0005][zb0006].Msgsize() - } - } - } - return -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload.pb.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload.pb.go deleted file mode 100644 index 7e7e2b0c..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload.pb.go +++ /dev/null @@ -1,391 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.34.0 -// protoc v5.26.1 -// source: datadog/trace/tracer_payload.proto - -package trace - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -// TraceChunk represents a list of spans with the same trace ID. In other words, a chunk of a trace. -type TraceChunk struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // priority specifies sampling priority of the trace. - // @gotags: json:"priority" msg:"priority" - Priority int32 `protobuf:"varint,1,opt,name=priority,proto3" json:"priority" msg:"priority"` - // origin specifies origin product ("lambda", "rum", etc.) of the trace. - // @gotags: json:"origin" msg:"origin" - Origin string `protobuf:"bytes,2,opt,name=origin,proto3" json:"origin" msg:"origin"` - // spans specifies list of containing spans. - // @gotags: json:"spans" msg:"spans" - Spans []*Span `protobuf:"bytes,3,rep,name=spans,proto3" json:"spans" msg:"spans"` - // tags specifies tags common in all `spans`. - // @gotags: json:"tags" msg:"tags" - Tags map[string]string `protobuf:"bytes,4,rep,name=tags,proto3" json:"tags" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3" msg:"tags"` - // droppedTrace specifies whether the trace was dropped by samplers or not. - // @gotags: json:"dropped_trace" msg:"dropped_trace" - DroppedTrace bool `protobuf:"varint,5,opt,name=droppedTrace,proto3" json:"dropped_trace" msg:"dropped_trace"` -} - -func (x *TraceChunk) Reset() { - *x = TraceChunk{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_tracer_payload_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *TraceChunk) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*TraceChunk) ProtoMessage() {} - -func (x *TraceChunk) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_tracer_payload_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use TraceChunk.ProtoReflect.Descriptor instead. -func (*TraceChunk) Descriptor() ([]byte, []int) { - return file_datadog_trace_tracer_payload_proto_rawDescGZIP(), []int{0} -} - -func (x *TraceChunk) GetPriority() int32 { - if x != nil { - return x.Priority - } - return 0 -} - -func (x *TraceChunk) GetOrigin() string { - if x != nil { - return x.Origin - } - return "" -} - -func (x *TraceChunk) GetSpans() []*Span { - if x != nil { - return x.Spans - } - return nil -} - -func (x *TraceChunk) GetTags() map[string]string { - if x != nil { - return x.Tags - } - return nil -} - -func (x *TraceChunk) GetDroppedTrace() bool { - if x != nil { - return x.DroppedTrace - } - return false -} - -// TracerPayload represents a payload the trace agent receives from tracers. -type TracerPayload struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // containerID specifies the ID of the container where the tracer is running on. - // @gotags: json:"container_id" msg:"container_id" - ContainerID string `protobuf:"bytes,1,opt,name=containerID,proto3" json:"container_id" msg:"container_id"` - // languageName specifies language of the tracer. - // @gotags: json:"language_name" msg:"language_name" - LanguageName string `protobuf:"bytes,2,opt,name=languageName,proto3" json:"language_name" msg:"language_name"` - // languageVersion specifies language version of the tracer. - // @gotags: json:"language_version" msg:"language_version" - LanguageVersion string `protobuf:"bytes,3,opt,name=languageVersion,proto3" json:"language_version" msg:"language_version"` - // tracerVersion specifies version of the tracer. - // @gotags: json:"tracer_version" msg:"tracer_version" - TracerVersion string `protobuf:"bytes,4,opt,name=tracerVersion,proto3" json:"tracer_version" msg:"tracer_version"` - // runtimeID specifies V4 UUID representation of a tracer session. - // @gotags: json:"runtime_id" msg:"runtime_id" - RuntimeID string `protobuf:"bytes,5,opt,name=runtimeID,proto3" json:"runtime_id" msg:"runtime_id"` - // chunks specifies list of containing trace chunks. - // @gotags: json:"chunks" msg:"chunks" - Chunks []*TraceChunk `protobuf:"bytes,6,rep,name=chunks,proto3" json:"chunks" msg:"chunks"` - // tags specifies tags common in all `chunks`. - // @gotags: json:"tags" msg:"tags" - Tags map[string]string `protobuf:"bytes,7,rep,name=tags,proto3" json:"tags" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3" msg:"tags"` - // env specifies `env` tag that set with the tracer. - // @gotags: json:"env" msg:"env" - Env string `protobuf:"bytes,8,opt,name=env,proto3" json:"env" msg:"env"` - // hostname specifies hostname of where the tracer is running. - // @gotags: json:"hostname" msg:"hostname" - Hostname string `protobuf:"bytes,9,opt,name=hostname,proto3" json:"hostname" msg:"hostname"` - // version specifies `version` tag that set with the tracer. - // @gotags: json:"app_version" msg:"app_version" - AppVersion string `protobuf:"bytes,10,opt,name=appVersion,proto3" json:"app_version" msg:"app_version"` -} - -func (x *TracerPayload) Reset() { - *x = TracerPayload{} - if protoimpl.UnsafeEnabled { - mi := &file_datadog_trace_tracer_payload_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *TracerPayload) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*TracerPayload) ProtoMessage() {} - -func (x *TracerPayload) ProtoReflect() protoreflect.Message { - mi := &file_datadog_trace_tracer_payload_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use TracerPayload.ProtoReflect.Descriptor instead. -func (*TracerPayload) Descriptor() ([]byte, []int) { - return file_datadog_trace_tracer_payload_proto_rawDescGZIP(), []int{1} -} - -func (x *TracerPayload) GetContainerID() string { - if x != nil { - return x.ContainerID - } - return "" -} - -func (x *TracerPayload) GetLanguageName() string { - if x != nil { - return x.LanguageName - } - return "" -} - -func (x *TracerPayload) GetLanguageVersion() string { - if x != nil { - return x.LanguageVersion - } - return "" -} - -func (x *TracerPayload) GetTracerVersion() string { - if x != nil { - return x.TracerVersion - } - return "" -} - -func (x *TracerPayload) GetRuntimeID() string { - if x != nil { - return x.RuntimeID - } - return "" -} - -func (x *TracerPayload) GetChunks() []*TraceChunk { - if x != nil { - return x.Chunks - } - return nil -} - -func (x *TracerPayload) GetTags() map[string]string { - if x != nil { - return x.Tags - } - return nil -} - -func (x *TracerPayload) GetEnv() string { - if x != nil { - return x.Env - } - return "" -} - -func (x *TracerPayload) GetHostname() string { - if x != nil { - return x.Hostname - } - return "" -} - -func (x *TracerPayload) GetAppVersion() string { - if x != nil { - return x.AppVersion - } - return "" -} - -var File_datadog_trace_tracer_payload_proto protoreflect.FileDescriptor - -var file_datadog_trace_tracer_payload_proto_rawDesc = []byte{ - 0x0a, 0x22, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2f, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2f, - 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x5f, 0x70, 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x70, - 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0d, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, - 0x61, 0x63, 0x65, 0x1a, 0x18, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2f, 0x74, 0x72, 0x61, - 0x63, 0x65, 0x2f, 0x73, 0x70, 0x61, 0x6e, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x81, 0x02, - 0x0a, 0x0a, 0x54, 0x72, 0x61, 0x63, 0x65, 0x43, 0x68, 0x75, 0x6e, 0x6b, 0x12, 0x1a, 0x0a, 0x08, - 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x08, - 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x72, 0x69, 0x67, - 0x69, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e, - 0x12, 0x29, 0x0a, 0x05, 0x73, 0x70, 0x61, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, - 0x13, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, - 0x53, 0x70, 0x61, 0x6e, 0x52, 0x05, 0x73, 0x70, 0x61, 0x6e, 0x73, 0x12, 0x37, 0x0a, 0x04, 0x74, - 0x61, 0x67, 0x73, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x23, 0x2e, 0x64, 0x61, 0x74, 0x61, - 0x64, 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x43, - 0x68, 0x75, 0x6e, 0x6b, 0x2e, 0x54, 0x61, 0x67, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x04, - 0x74, 0x61, 0x67, 0x73, 0x12, 0x22, 0x0a, 0x0c, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x54, - 0x72, 0x61, 0x63, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0c, 0x64, 0x72, 0x6f, 0x70, - 0x70, 0x65, 0x64, 0x54, 0x72, 0x61, 0x63, 0x65, 0x1a, 0x37, 0x0a, 0x09, 0x54, 0x61, 0x67, 0x73, - 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, - 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, - 0x01, 0x22, 0xb9, 0x03, 0x0a, 0x0d, 0x54, 0x72, 0x61, 0x63, 0x65, 0x72, 0x50, 0x61, 0x79, 0x6c, - 0x6f, 0x61, 0x64, 0x12, 0x20, 0x0a, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, - 0x49, 0x44, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, - 0x6e, 0x65, 0x72, 0x49, 0x44, 0x12, 0x22, 0x0a, 0x0c, 0x6c, 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, - 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x6c, 0x61, 0x6e, - 0x67, 0x75, 0x61, 0x67, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x28, 0x0a, 0x0f, 0x6c, 0x61, 0x6e, - 0x67, 0x75, 0x61, 0x67, 0x65, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0f, 0x6c, 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, 0x56, 0x65, 0x72, 0x73, - 0x69, 0x6f, 0x6e, 0x12, 0x24, 0x0a, 0x0d, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x56, 0x65, 0x72, - 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x74, 0x72, 0x61, 0x63, - 0x65, 0x72, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x1c, 0x0a, 0x09, 0x72, 0x75, 0x6e, - 0x74, 0x69, 0x6d, 0x65, 0x49, 0x44, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x72, 0x75, - 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x49, 0x44, 0x12, 0x31, 0x0a, 0x06, 0x63, 0x68, 0x75, 0x6e, 0x6b, - 0x73, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x19, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, 0x6f, - 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x43, 0x68, 0x75, - 0x6e, 0x6b, 0x52, 0x06, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x73, 0x12, 0x3a, 0x0a, 0x04, 0x74, 0x61, - 0x67, 0x73, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x64, 0x61, 0x74, 0x61, 0x64, - 0x6f, 0x67, 0x2e, 0x74, 0x72, 0x61, 0x63, 0x65, 0x2e, 0x54, 0x72, 0x61, 0x63, 0x65, 0x72, 0x50, - 0x61, 0x79, 0x6c, 0x6f, 0x61, 0x64, 0x2e, 0x54, 0x61, 0x67, 0x73, 0x45, 0x6e, 0x74, 0x72, 0x79, - 0x52, 0x04, 0x74, 0x61, 0x67, 0x73, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x76, 0x18, 0x08, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x03, 0x65, 0x6e, 0x76, 0x12, 0x1a, 0x0a, 0x08, 0x68, 0x6f, 0x73, 0x74, - 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x68, 0x6f, 0x73, 0x74, - 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x61, 0x70, 0x70, 0x56, 0x65, 0x72, 0x73, 0x69, - 0x6f, 0x6e, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x61, 0x70, 0x70, 0x56, 0x65, 0x72, - 0x73, 0x69, 0x6f, 0x6e, 0x1a, 0x37, 0x0a, 0x09, 0x54, 0x61, 0x67, 0x73, 0x45, 0x6e, 0x74, 0x72, - 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x03, - 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, 0x42, 0x16, 0x5a, - 0x14, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x70, 0x62, 0x67, 0x6f, 0x2f, - 0x74, 0x72, 0x61, 0x63, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_datadog_trace_tracer_payload_proto_rawDescOnce sync.Once - file_datadog_trace_tracer_payload_proto_rawDescData = file_datadog_trace_tracer_payload_proto_rawDesc -) - -func file_datadog_trace_tracer_payload_proto_rawDescGZIP() []byte { - file_datadog_trace_tracer_payload_proto_rawDescOnce.Do(func() { - file_datadog_trace_tracer_payload_proto_rawDescData = protoimpl.X.CompressGZIP(file_datadog_trace_tracer_payload_proto_rawDescData) - }) - return file_datadog_trace_tracer_payload_proto_rawDescData -} - -var file_datadog_trace_tracer_payload_proto_msgTypes = make([]protoimpl.MessageInfo, 4) -var file_datadog_trace_tracer_payload_proto_goTypes = []interface{}{ - (*TraceChunk)(nil), // 0: datadog.trace.TraceChunk - (*TracerPayload)(nil), // 1: datadog.trace.TracerPayload - nil, // 2: datadog.trace.TraceChunk.TagsEntry - nil, // 3: datadog.trace.TracerPayload.TagsEntry - (*Span)(nil), // 4: datadog.trace.Span -} -var file_datadog_trace_tracer_payload_proto_depIdxs = []int32{ - 4, // 0: datadog.trace.TraceChunk.spans:type_name -> datadog.trace.Span - 2, // 1: datadog.trace.TraceChunk.tags:type_name -> datadog.trace.TraceChunk.TagsEntry - 0, // 2: datadog.trace.TracerPayload.chunks:type_name -> datadog.trace.TraceChunk - 3, // 3: datadog.trace.TracerPayload.tags:type_name -> datadog.trace.TracerPayload.TagsEntry - 4, // [4:4] is the sub-list for method output_type - 4, // [4:4] is the sub-list for method input_type - 4, // [4:4] is the sub-list for extension type_name - 4, // [4:4] is the sub-list for extension extendee - 0, // [0:4] is the sub-list for field type_name -} - -func init() { file_datadog_trace_tracer_payload_proto_init() } -func file_datadog_trace_tracer_payload_proto_init() { - if File_datadog_trace_tracer_payload_proto != nil { - return - } - file_datadog_trace_span_proto_init() - if !protoimpl.UnsafeEnabled { - file_datadog_trace_tracer_payload_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*TraceChunk); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_datadog_trace_tracer_payload_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*TracerPayload); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_datadog_trace_tracer_payload_proto_rawDesc, - NumEnums: 0, - NumMessages: 4, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_datadog_trace_tracer_payload_proto_goTypes, - DependencyIndexes: file_datadog_trace_tracer_payload_proto_depIdxs, - MessageInfos: file_datadog_trace_tracer_payload_proto_msgTypes, - }.Build() - File_datadog_trace_tracer_payload_proto = out.File - file_datadog_trace_tracer_payload_proto_rawDesc = nil - file_datadog_trace_tracer_payload_proto_goTypes = nil - file_datadog_trace_tracer_payload_proto_depIdxs = nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_gen.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_gen.go deleted file mode 100644 index cd2b3925..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_gen.go +++ /dev/null @@ -1,384 +0,0 @@ -package trace - -// Code generated by github.com/tinylib/msgp DO NOT EDIT. - -import ( - "github.com/tinylib/msgp/msgp" -) - -// MarshalMsg implements msgp.Marshaler -func (z *TraceChunk) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // map header, size 5 - // string "priority" - o = append(o, 0x85, 0xa8, 0x70, 0x72, 0x69, 0x6f, 0x72, 0x69, 0x74, 0x79) - o = msgp.AppendInt32(o, z.Priority) - // string "origin" - o = append(o, 0xa6, 0x6f, 0x72, 0x69, 0x67, 0x69, 0x6e) - o = msgp.AppendString(o, z.Origin) - // string "spans" - o = append(o, 0xa5, 0x73, 0x70, 0x61, 0x6e, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.Spans))) - for za0001 := range z.Spans { - if z.Spans[za0001] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z.Spans[za0001].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, "Spans", za0001) - return - } - } - } - // string "tags" - o = append(o, 0xa4, 0x74, 0x61, 0x67, 0x73) - o = msgp.AppendMapHeader(o, uint32(len(z.Tags))) - for za0002, za0003 := range z.Tags { - o = msgp.AppendString(o, za0002) - o = msgp.AppendString(o, za0003) - } - // string "dropped_trace" - o = append(o, 0xad, 0x64, 0x72, 0x6f, 0x70, 0x70, 0x65, 0x64, 0x5f, 0x74, 0x72, 0x61, 0x63, 0x65) - o = msgp.AppendBool(o, z.DroppedTrace) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *TraceChunk) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "priority": - z.Priority, bts, err = msgp.ReadInt32Bytes(bts) - if err != nil { - err = msgp.WrapError(err, "Priority") - return - } - case "origin": - z.Origin, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Origin") - return - } - case "spans": - var zb0002 uint32 - zb0002, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Spans") - return - } - if cap(z.Spans) >= int(zb0002) { - z.Spans = (z.Spans)[:zb0002] - } else { - z.Spans = make([]*Span, zb0002) - } - for za0001 := range z.Spans { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - z.Spans[za0001] = nil - } else { - if z.Spans[za0001] == nil { - z.Spans[za0001] = new(Span) - } - bts, err = z.Spans[za0001].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, "Spans", za0001) - return - } - } - } - case "tags": - var zb0003 uint32 - zb0003, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - if z.Tags == nil { - z.Tags = make(map[string]string, zb0003) - } else if len(z.Tags) > 0 { - for key := range z.Tags { - delete(z.Tags, key) - } - } - for zb0003 > 0 { - var za0002 string - var za0003 string - zb0003-- - za0002, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - za0003, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags", za0002) - return - } - z.Tags[za0002] = za0003 - } - case "dropped_trace": - z.DroppedTrace, bts, err = msgp.ReadBoolBytes(bts) - if err != nil { - err = msgp.WrapError(err, "DroppedTrace") - return - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *TraceChunk) Msgsize() (s int) { - s = 1 + 9 + msgp.Int32Size + 7 + msgp.StringPrefixSize + len(z.Origin) + 6 + msgp.ArrayHeaderSize - for za0001 := range z.Spans { - if z.Spans[za0001] == nil { - s += msgp.NilSize - } else { - s += z.Spans[za0001].Msgsize() - } - } - s += 5 + msgp.MapHeaderSize - if z.Tags != nil { - for za0002, za0003 := range z.Tags { - _ = za0003 - s += msgp.StringPrefixSize + len(za0002) + msgp.StringPrefixSize + len(za0003) - } - } - s += 14 + msgp.BoolSize - return -} - -// MarshalMsg implements msgp.Marshaler -func (z *TracerPayload) MarshalMsg(b []byte) (o []byte, err error) { - o = msgp.Require(b, z.Msgsize()) - // map header, size 10 - // string "container_id" - o = append(o, 0x8a, 0xac, 0x63, 0x6f, 0x6e, 0x74, 0x61, 0x69, 0x6e, 0x65, 0x72, 0x5f, 0x69, 0x64) - o = msgp.AppendString(o, z.ContainerID) - // string "language_name" - o = append(o, 0xad, 0x6c, 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65) - o = msgp.AppendString(o, z.LanguageName) - // string "language_version" - o = append(o, 0xb0, 0x6c, 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - o = msgp.AppendString(o, z.LanguageVersion) - // string "tracer_version" - o = append(o, 0xae, 0x74, 0x72, 0x61, 0x63, 0x65, 0x72, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - o = msgp.AppendString(o, z.TracerVersion) - // string "runtime_id" - o = append(o, 0xaa, 0x72, 0x75, 0x6e, 0x74, 0x69, 0x6d, 0x65, 0x5f, 0x69, 0x64) - o = msgp.AppendString(o, z.RuntimeID) - // string "chunks" - o = append(o, 0xa6, 0x63, 0x68, 0x75, 0x6e, 0x6b, 0x73) - o = msgp.AppendArrayHeader(o, uint32(len(z.Chunks))) - for za0001 := range z.Chunks { - if z.Chunks[za0001] == nil { - o = msgp.AppendNil(o) - } else { - o, err = z.Chunks[za0001].MarshalMsg(o) - if err != nil { - err = msgp.WrapError(err, "Chunks", za0001) - return - } - } - } - // string "tags" - o = append(o, 0xa4, 0x74, 0x61, 0x67, 0x73) - o = msgp.AppendMapHeader(o, uint32(len(z.Tags))) - for za0002, za0003 := range z.Tags { - o = msgp.AppendString(o, za0002) - o = msgp.AppendString(o, za0003) - } - // string "env" - o = append(o, 0xa3, 0x65, 0x6e, 0x76) - o = msgp.AppendString(o, z.Env) - // string "hostname" - o = append(o, 0xa8, 0x68, 0x6f, 0x73, 0x74, 0x6e, 0x61, 0x6d, 0x65) - o = msgp.AppendString(o, z.Hostname) - // string "app_version" - o = append(o, 0xab, 0x61, 0x70, 0x70, 0x5f, 0x76, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e) - o = msgp.AppendString(o, z.AppVersion) - return -} - -// UnmarshalMsg implements msgp.Unmarshaler -func (z *TracerPayload) UnmarshalMsg(bts []byte) (o []byte, err error) { - var field []byte - _ = field - var zb0001 uint32 - zb0001, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - for zb0001 > 0 { - zb0001-- - field, bts, err = msgp.ReadMapKeyZC(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - switch msgp.UnsafeString(field) { - case "container_id": - z.ContainerID, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "ContainerID") - return - } - case "language_name": - z.LanguageName, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "LanguageName") - return - } - case "language_version": - z.LanguageVersion, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "LanguageVersion") - return - } - case "tracer_version": - z.TracerVersion, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "TracerVersion") - return - } - case "runtime_id": - z.RuntimeID, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "RuntimeID") - return - } - case "chunks": - var zb0002 uint32 - zb0002, bts, err = msgp.ReadArrayHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Chunks") - return - } - if cap(z.Chunks) >= int(zb0002) { - z.Chunks = (z.Chunks)[:zb0002] - } else { - z.Chunks = make([]*TraceChunk, zb0002) - } - for za0001 := range z.Chunks { - if msgp.IsNil(bts) { - bts, err = msgp.ReadNilBytes(bts) - if err != nil { - return - } - z.Chunks[za0001] = nil - } else { - if z.Chunks[za0001] == nil { - z.Chunks[za0001] = new(TraceChunk) - } - bts, err = z.Chunks[za0001].UnmarshalMsg(bts) - if err != nil { - err = msgp.WrapError(err, "Chunks", za0001) - return - } - } - } - case "tags": - var zb0003 uint32 - zb0003, bts, err = msgp.ReadMapHeaderBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - if z.Tags == nil { - z.Tags = make(map[string]string, zb0003) - } else if len(z.Tags) > 0 { - for key := range z.Tags { - delete(z.Tags, key) - } - } - for zb0003 > 0 { - var za0002 string - var za0003 string - zb0003-- - za0002, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags") - return - } - za0003, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Tags", za0002) - return - } - z.Tags[za0002] = za0003 - } - case "env": - z.Env, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Env") - return - } - case "hostname": - z.Hostname, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "Hostname") - return - } - case "app_version": - z.AppVersion, bts, err = msgp.ReadStringBytes(bts) - if err != nil { - err = msgp.WrapError(err, "AppVersion") - return - } - default: - bts, err = msgp.Skip(bts) - if err != nil { - err = msgp.WrapError(err) - return - } - } - } - o = bts - return -} - -// Msgsize returns an upper bound estimate of the number of bytes occupied by the serialized message -func (z *TracerPayload) Msgsize() (s int) { - s = 1 + 13 + msgp.StringPrefixSize + len(z.ContainerID) + 14 + msgp.StringPrefixSize + len(z.LanguageName) + 17 + msgp.StringPrefixSize + len(z.LanguageVersion) + 15 + msgp.StringPrefixSize + len(z.TracerVersion) + 11 + msgp.StringPrefixSize + len(z.RuntimeID) + 7 + msgp.ArrayHeaderSize - for za0001 := range z.Chunks { - if z.Chunks[za0001] == nil { - s += msgp.NilSize - } else { - s += z.Chunks[za0001].Msgsize() - } - } - s += 5 + msgp.MapHeaderSize - if z.Tags != nil { - for za0002, za0003 := range z.Tags { - _ = za0003 - s += msgp.StringPrefixSize + len(za0002) + msgp.StringPrefixSize + len(za0003) - } - } - s += 4 + msgp.StringPrefixSize + len(z.Env) + 9 + msgp.StringPrefixSize + len(z.Hostname) + 12 + msgp.StringPrefixSize + len(z.AppVersion) - return -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_utils.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_utils.go deleted file mode 100644 index 9f7fabba..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_utils.go +++ /dev/null @@ -1,35 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package trace - -// traceChunkCopiedFields records the fields that are copied in ShallowCopy. -// This should match exactly the fields set in (*TraceChunk).ShallowCopy. -// This is used by tests to enforce the correctness of ShallowCopy. -var traceChunkCopiedFields = map[string]struct{}{ - "Priority": {}, - "Origin": {}, - "Spans": {}, - "Tags": {}, - "DroppedTrace": {}, -} - -// ShallowCopy returns a shallow copy of the copy-able portion of a TraceChunk. These are the -// public fields which will have a Get* method for them. The completeness of this -// method is enforced by the init function above. Instead of using pkg/proto/utils.ProtoCopier, -// which incurs heavy reflection cost for every copy at runtime, we use reflection once at -// startup to ensure our method is complete. -func (t *TraceChunk) ShallowCopy() *TraceChunk { - if t == nil { - return nil - } - return &TraceChunk{ - Priority: t.Priority, - Origin: t.Origin, - Spans: t.Spans, - Tags: t.Tags, - DroppedTrace: t.DroppedTrace, - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_vtproto.pb.go b/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_vtproto.pb.go deleted file mode 100644 index b1544fa2..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace/tracer_payload_vtproto.pb.go +++ /dev/null @@ -1,1066 +0,0 @@ -// Code generated by protoc-gen-go-vtproto. DO NOT EDIT. -// protoc-gen-go-vtproto version: v0.4.0 -// source: datadog/trace/tracer_payload.proto - -package trace - -import ( - fmt "fmt" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - io "io" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -func (m *TraceChunk) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *TraceChunk) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *TraceChunk) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if m.DroppedTrace { - i-- - if m.DroppedTrace { - dAtA[i] = 1 - } else { - dAtA[i] = 0 - } - i-- - dAtA[i] = 0x28 - } - if len(m.Tags) > 0 { - for k := range m.Tags { - v := m.Tags[k] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarint(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarint(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarint(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x22 - } - } - if len(m.Spans) > 0 { - for iNdEx := len(m.Spans) - 1; iNdEx >= 0; iNdEx-- { - size, err := m.Spans[iNdEx].MarshalToSizedBufferVT(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarint(dAtA, i, uint64(size)) - i-- - dAtA[i] = 0x1a - } - } - if len(m.Origin) > 0 { - i -= len(m.Origin) - copy(dAtA[i:], m.Origin) - i = encodeVarint(dAtA, i, uint64(len(m.Origin))) - i-- - dAtA[i] = 0x12 - } - if m.Priority != 0 { - i = encodeVarint(dAtA, i, uint64(m.Priority)) - i-- - dAtA[i] = 0x8 - } - return len(dAtA) - i, nil -} - -func (m *TracerPayload) MarshalVT() (dAtA []byte, err error) { - if m == nil { - return nil, nil - } - size := m.SizeVT() - dAtA = make([]byte, size) - n, err := m.MarshalToSizedBufferVT(dAtA[:size]) - if err != nil { - return nil, err - } - return dAtA[:n], nil -} - -func (m *TracerPayload) MarshalToVT(dAtA []byte) (int, error) { - size := m.SizeVT() - return m.MarshalToSizedBufferVT(dAtA[:size]) -} - -func (m *TracerPayload) MarshalToSizedBufferVT(dAtA []byte) (int, error) { - if m == nil { - return 0, nil - } - i := len(dAtA) - _ = i - var l int - _ = l - if m.unknownFields != nil { - i -= len(m.unknownFields) - copy(dAtA[i:], m.unknownFields) - } - if len(m.AppVersion) > 0 { - i -= len(m.AppVersion) - copy(dAtA[i:], m.AppVersion) - i = encodeVarint(dAtA, i, uint64(len(m.AppVersion))) - i-- - dAtA[i] = 0x52 - } - if len(m.Hostname) > 0 { - i -= len(m.Hostname) - copy(dAtA[i:], m.Hostname) - i = encodeVarint(dAtA, i, uint64(len(m.Hostname))) - i-- - dAtA[i] = 0x4a - } - if len(m.Env) > 0 { - i -= len(m.Env) - copy(dAtA[i:], m.Env) - i = encodeVarint(dAtA, i, uint64(len(m.Env))) - i-- - dAtA[i] = 0x42 - } - if len(m.Tags) > 0 { - for k := range m.Tags { - v := m.Tags[k] - baseI := i - i -= len(v) - copy(dAtA[i:], v) - i = encodeVarint(dAtA, i, uint64(len(v))) - i-- - dAtA[i] = 0x12 - i -= len(k) - copy(dAtA[i:], k) - i = encodeVarint(dAtA, i, uint64(len(k))) - i-- - dAtA[i] = 0xa - i = encodeVarint(dAtA, i, uint64(baseI-i)) - i-- - dAtA[i] = 0x3a - } - } - if len(m.Chunks) > 0 { - for iNdEx := len(m.Chunks) - 1; iNdEx >= 0; iNdEx-- { - size, err := m.Chunks[iNdEx].MarshalToSizedBufferVT(dAtA[:i]) - if err != nil { - return 0, err - } - i -= size - i = encodeVarint(dAtA, i, uint64(size)) - i-- - dAtA[i] = 0x32 - } - } - if len(m.RuntimeID) > 0 { - i -= len(m.RuntimeID) - copy(dAtA[i:], m.RuntimeID) - i = encodeVarint(dAtA, i, uint64(len(m.RuntimeID))) - i-- - dAtA[i] = 0x2a - } - if len(m.TracerVersion) > 0 { - i -= len(m.TracerVersion) - copy(dAtA[i:], m.TracerVersion) - i = encodeVarint(dAtA, i, uint64(len(m.TracerVersion))) - i-- - dAtA[i] = 0x22 - } - if len(m.LanguageVersion) > 0 { - i -= len(m.LanguageVersion) - copy(dAtA[i:], m.LanguageVersion) - i = encodeVarint(dAtA, i, uint64(len(m.LanguageVersion))) - i-- - dAtA[i] = 0x1a - } - if len(m.LanguageName) > 0 { - i -= len(m.LanguageName) - copy(dAtA[i:], m.LanguageName) - i = encodeVarint(dAtA, i, uint64(len(m.LanguageName))) - i-- - dAtA[i] = 0x12 - } - if len(m.ContainerID) > 0 { - i -= len(m.ContainerID) - copy(dAtA[i:], m.ContainerID) - i = encodeVarint(dAtA, i, uint64(len(m.ContainerID))) - i-- - dAtA[i] = 0xa - } - return len(dAtA) - i, nil -} - -func (m *TraceChunk) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - if m.Priority != 0 { - n += 1 + sov(uint64(m.Priority)) - } - l = len(m.Origin) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if len(m.Spans) > 0 { - for _, e := range m.Spans { - l = e.SizeVT() - n += 1 + l + sov(uint64(l)) - } - } - if len(m.Tags) > 0 { - for k, v := range m.Tags { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sov(uint64(len(k))) + 1 + len(v) + sov(uint64(len(v))) - n += mapEntrySize + 1 + sov(uint64(mapEntrySize)) - } - } - if m.DroppedTrace { - n += 2 - } - n += len(m.unknownFields) - return n -} - -func (m *TracerPayload) SizeVT() (n int) { - if m == nil { - return 0 - } - var l int - _ = l - l = len(m.ContainerID) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.LanguageName) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.LanguageVersion) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.TracerVersion) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.RuntimeID) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - if len(m.Chunks) > 0 { - for _, e := range m.Chunks { - l = e.SizeVT() - n += 1 + l + sov(uint64(l)) - } - } - if len(m.Tags) > 0 { - for k, v := range m.Tags { - _ = k - _ = v - mapEntrySize := 1 + len(k) + sov(uint64(len(k))) + 1 + len(v) + sov(uint64(len(v))) - n += mapEntrySize + 1 + sov(uint64(mapEntrySize)) - } - } - l = len(m.Env) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.Hostname) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - l = len(m.AppVersion) - if l > 0 { - n += 1 + l + sov(uint64(l)) - } - n += len(m.unknownFields) - return n -} - -func (m *TraceChunk) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: TraceChunk: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: TraceChunk: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field Priority", wireType) - } - m.Priority = 0 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - m.Priority |= int32(b&0x7F) << shift - if b < 0x80 { - break - } - } - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Origin", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Origin = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Spans", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Spans = append(m.Spans, &Span{}) - if err := m.Spans[len(m.Spans)-1].UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Tags", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Tags == nil { - m.Tags = make(map[string]string) - } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLength - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLength - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLength - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue < 0 { - return ErrInvalidLength - } - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Tags[mapkey] = mapvalue - iNdEx = postIndex - case 5: - if wireType != 0 { - return fmt.Errorf("proto: wrong wireType = %d for field DroppedTrace", wireType) - } - var v int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - v |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - m.DroppedTrace = bool(v != 0) - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} -func (m *TracerPayload) UnmarshalVT(dAtA []byte) error { - l := len(dAtA) - iNdEx := 0 - for iNdEx < l { - preIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - wireType := int(wire & 0x7) - if wireType == 4 { - return fmt.Errorf("proto: TracerPayload: wiretype end group for non-group") - } - if fieldNum <= 0 { - return fmt.Errorf("proto: TracerPayload: illegal tag %d (wire type %d)", fieldNum, wire) - } - switch fieldNum { - case 1: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field ContainerID", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.ContainerID = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 2: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field LanguageName", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.LanguageName = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 3: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field LanguageVersion", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.LanguageVersion = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 4: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field TracerVersion", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.TracerVersion = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 5: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field RuntimeID", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.RuntimeID = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 6: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Chunks", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Chunks = append(m.Chunks, &TraceChunk{}) - if err := m.Chunks[len(m.Chunks)-1].UnmarshalVT(dAtA[iNdEx:postIndex]); err != nil { - return err - } - iNdEx = postIndex - case 7: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Tags", wireType) - } - var msglen int - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - msglen |= int(b&0x7F) << shift - if b < 0x80 { - break - } - } - if msglen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + msglen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - if m.Tags == nil { - m.Tags = make(map[string]string) - } - var mapkey string - var mapvalue string - for iNdEx < postIndex { - entryPreIndex := iNdEx - var wire uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - wire |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - fieldNum := int32(wire >> 3) - if fieldNum == 1 { - var stringLenmapkey uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapkey |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapkey := int(stringLenmapkey) - if intStringLenmapkey < 0 { - return ErrInvalidLength - } - postStringIndexmapkey := iNdEx + intStringLenmapkey - if postStringIndexmapkey < 0 { - return ErrInvalidLength - } - if postStringIndexmapkey > l { - return io.ErrUnexpectedEOF - } - mapkey = string(dAtA[iNdEx:postStringIndexmapkey]) - iNdEx = postStringIndexmapkey - } else if fieldNum == 2 { - var stringLenmapvalue uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLenmapvalue |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLenmapvalue := int(stringLenmapvalue) - if intStringLenmapvalue < 0 { - return ErrInvalidLength - } - postStringIndexmapvalue := iNdEx + intStringLenmapvalue - if postStringIndexmapvalue < 0 { - return ErrInvalidLength - } - if postStringIndexmapvalue > l { - return io.ErrUnexpectedEOF - } - mapvalue = string(dAtA[iNdEx:postStringIndexmapvalue]) - iNdEx = postStringIndexmapvalue - } else { - iNdEx = entryPreIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > postIndex { - return io.ErrUnexpectedEOF - } - iNdEx += skippy - } - } - m.Tags[mapkey] = mapvalue - iNdEx = postIndex - case 8: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Env", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Env = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 9: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field Hostname", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.Hostname = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - case 10: - if wireType != 2 { - return fmt.Errorf("proto: wrong wireType = %d for field AppVersion", wireType) - } - var stringLen uint64 - for shift := uint(0); ; shift += 7 { - if shift >= 64 { - return ErrIntOverflow - } - if iNdEx >= l { - return io.ErrUnexpectedEOF - } - b := dAtA[iNdEx] - iNdEx++ - stringLen |= uint64(b&0x7F) << shift - if b < 0x80 { - break - } - } - intStringLen := int(stringLen) - if intStringLen < 0 { - return ErrInvalidLength - } - postIndex := iNdEx + intStringLen - if postIndex < 0 { - return ErrInvalidLength - } - if postIndex > l { - return io.ErrUnexpectedEOF - } - m.AppVersion = string(dAtA[iNdEx:postIndex]) - iNdEx = postIndex - default: - iNdEx = preIndex - skippy, err := skip(dAtA[iNdEx:]) - if err != nil { - return err - } - if (skippy < 0) || (iNdEx+skippy) < 0 { - return ErrInvalidLength - } - if (iNdEx + skippy) > l { - return io.ErrUnexpectedEOF - } - m.unknownFields = append(m.unknownFields, dAtA[iNdEx:iNdEx+skippy]...) - iNdEx += skippy - } - } - - if iNdEx > l { - return io.ErrUnexpectedEOF - } - return nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/LICENSE b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/LICENSE deleted file mode 100644 index b370545b..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/LICENSE +++ /dev/null @@ -1,200 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-present Datadog, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/README.md b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/README.md deleted file mode 100644 index a42ffb54..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/README.md +++ /dev/null @@ -1,5 +0,0 @@ -# Remote Config Go client - -This package powers the Remote Config client shipped in the Go tracer and in all the agent processes (core-agent, trace-agent, system-probe, ...). - -To add a new product simply add it to `products.go` as a constant and in the `validProducts` set. diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/agent_config.go b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/agent_config.go deleted file mode 100644 index f6df6a93..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/agent_config.go +++ /dev/null @@ -1,159 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2023-present Datadog, Inc. - -package state - -import ( - "encoding/json" - "fmt" - "regexp" - - "github.com/pkg/errors" -) - -const agentConfigOrderID = "configuration_order" - -var datadogConfigIDRegexp = regexp.MustCompile(`^datadog/\d+/AGENT_CONFIG/([^/]+)/[^/]+$`) - -// AgentConfig is a deserialized agent configuration file -// along with the associated metadata -type AgentConfig struct { - Config agentConfigData - Metadata Metadata -} - -// ConfigContent contains the configurations set by remote-config -type ConfigContent struct { - LogLevel string `json:"log_level"` -} - -type agentConfigData struct { - Name string `json:"name"` - Config ConfigContent `json:"config"` -} - -// AgentConfigOrder is a deserialized agent configuration file -// along with the associated metadata -type AgentConfigOrder struct { - Config agentConfigOrderData - Metadata Metadata -} - -type agentConfigOrderData struct { - Order []string `json:"order"` - InternalOrder []string `json:"internal_order"` -} - -// AgentConfigState contains the state of the config in case of fallback or override -type AgentConfigState struct { - FallbackLogLevel string - LatestLogLevel string -} - -// parseConfigAgentConfig parses an agent task config -func parseConfigAgentConfig(data []byte, metadata Metadata) (AgentConfig, error) { - var d agentConfigData - - err := json.Unmarshal(data, &d) - if err != nil { - return AgentConfig{}, fmt.Errorf("Unexpected AGENT_CONFIG received through remote-config: %s", err) - } - - return AgentConfig{ - Config: d, - Metadata: metadata, - }, nil -} - -// parseConfigAgentConfig parses an agent task config -func parseConfigAgentConfigOrder(data []byte, metadata Metadata) (AgentConfigOrder, error) { - var d agentConfigOrderData - - err := json.Unmarshal(data, &d) - if err != nil { - return AgentConfigOrder{}, fmt.Errorf("Unexpected AGENT_CONFIG received through remote-config: %s", err) - } - - return AgentConfigOrder{ - Config: d, - Metadata: metadata, - }, nil -} - -// MergeRCAgentConfig is the callback function called when there is an AGENT_CONFIG config update -// The RCClient can directly call back listeners, because there would be no way to send back -// RCTE2 configuration applied state to RC backend. -func MergeRCAgentConfig(applyStatus func(cfgPath string, status ApplyStatus), updates map[string]RawConfig) (ConfigContent, error) { - var orderFile AgentConfigOrder - var hasError bool - var fullErr error - parsedLayers := map[string]AgentConfig{} - - for configPath, c := range updates { - var err error - matched := datadogConfigIDRegexp.FindStringSubmatch(configPath) - if len(matched) != 2 { - err = fmt.Errorf("config file path '%s' has wrong format", configPath) - hasError = true - fullErr = errors.Wrap(fullErr, err.Error()) - applyStatus(configPath, ApplyStatus{ - State: ApplyStateError, - Error: err.Error(), - }) - // If a layer is wrong, fail later to parse the rest and check them all - continue - } - - parsedConfigID := matched[1] - - // Ignore the configuration order file - if parsedConfigID == agentConfigOrderID { - orderFile, err = parseConfigAgentConfigOrder(c.Config, c.Metadata) - if err != nil { - hasError = true - fullErr = errors.Wrap(fullErr, err.Error()) - applyStatus(configPath, ApplyStatus{ - State: ApplyStateError, - Error: err.Error(), - }) - // If a layer is wrong, fail later to parse the rest and check them all - continue - } - } else { - cfg, err := parseConfigAgentConfig(c.Config, c.Metadata) - if err != nil { - hasError = true - applyStatus(configPath, ApplyStatus{ - State: ApplyStateError, - Error: err.Error(), - }) - // If a layer is wrong, fail later to parse the rest and check them all - continue - } - parsedLayers[parsedConfigID] = cfg - } - } - - // If there was at least one error, don't apply any config - if hasError || (len(orderFile.Config.Order) == 0 && len(orderFile.Config.InternalOrder) == 0) { - return ConfigContent{}, fullErr - } - - // Go through all the layers that were sent, and apply them one by one to the merged structure - mergedConfig := ConfigContent{} - for i := len(orderFile.Config.Order) - 1; i >= 0; i-- { - if layer, found := parsedLayers[orderFile.Config.Order[i]]; found { - mergedConfig.LogLevel = layer.Config.Config.LogLevel - } - } - // Same for internal config - for i := len(orderFile.Config.InternalOrder) - 1; i >= 0; i-- { - if layer, found := parsedLayers[orderFile.Config.InternalOrder[i]]; found { - mergedConfig.LogLevel = layer.Config.Config.LogLevel - } - } - - return mergedConfig, nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs.go b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs.go deleted file mode 100644 index 06fdb273..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs.go +++ /dev/null @@ -1,123 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -package state - -import ( - "encoding/json" - "errors" - "fmt" - - "github.com/DataDog/go-tuf/data" -) - -// ErrNoConfigVersion occurs when a target file's custom meta is missing the config version -var ErrNoConfigVersion = errors.New("version missing in custom file meta") - -func parseConfig(product string, raw []byte, metadata Metadata) (interface{}, error) { - if _, validProduct := validProducts[product]; !validProduct { - return nil, fmt.Errorf("unknown product: %s", product) - } - - switch product { - // ASM products are parsed directly in this client - case ProductASMFeatures: - return parseASMFeaturesConfig(raw, metadata) - case ProductASMDD: - return parseConfigASMDD(raw, metadata) - case ProductASMData: - return parseConfigASMData(raw, metadata) - // case ProductAgentTask: - // return ParseConfigAgentTask(raw, metadata) - // Other products are parsed separately - default: - return RawConfig{ - Config: raw, - Metadata: metadata, - }, nil - } -} - -// RawConfig holds a config that will be parsed separately -type RawConfig struct { - Config []byte - Metadata Metadata -} - -// GetConfigs returns the current configs of a given product -func (r *Repository) GetConfigs(product string) map[string]RawConfig { - typedConfigs := make(map[string]RawConfig) - configs := r.getConfigs(product) - - for path, conf := range configs { - // We control this, so if this has gone wrong something has gone horribly wrong - typed, ok := conf.(RawConfig) - if !ok { - panic("unexpected config stored as RawConfig") - } - - typedConfigs[path] = typed - } - - return typedConfigs -} - -// Metadata stores remote config metadata for a given configuration -type Metadata struct { - Product string - ID string - Name string - Version uint64 - RawLength uint64 - Hashes map[string][]byte - ApplyStatus ApplyStatus -} - -func newConfigMetadata(parsedPath configPath, tfm data.TargetFileMeta) (Metadata, error) { - var m Metadata - m.ID = parsedPath.ConfigID - m.Product = parsedPath.Product - m.Name = parsedPath.Name - m.RawLength = uint64(tfm.Length) - m.Hashes = make(map[string][]byte) - for k, v := range tfm.Hashes { - m.Hashes[k] = []byte(v) - } - v, err := fileMetaVersion(tfm) - if err != nil { - return Metadata{}, err - } - m.Version = v - - return m, nil -} - -type fileMetaCustom struct { - Version *uint64 `json:"v"` -} - -func fileMetaVersion(fm data.TargetFileMeta) (uint64, error) { - if fm.Custom == nil { - return 0, ErrNoConfigVersion - } - fmc, err := parseFileMetaCustom(*fm.Custom) - if err != nil { - return 0, err - } - - return *fmc.Version, nil -} - -func parseFileMetaCustom(rawCustom []byte) (fileMetaCustom, error) { - var custom fileMetaCustom - err := json.Unmarshal(rawCustom, &custom) - if err != nil { - return fileMetaCustom{}, err - } - if custom.Version == nil { - return fileMetaCustom{}, ErrNoConfigVersion - } - return custom, nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs_agent_task.go b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs_agent_task.go deleted file mode 100644 index 618bf733..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs_agent_task.go +++ /dev/null @@ -1,59 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2023-present Datadog, Inc. - -package state - -import ( - "encoding/json" - "fmt" -) - -// AgentTaskConfig is a deserialized agent task configuration file -// along with the associated metadata -type AgentTaskConfig struct { - Config AgentTaskData - Metadata Metadata -} - -// AgentTaskData is the content of a agent task configuration file -type AgentTaskData struct { - TaskType string `json:"task_type"` - UUID string `json:"uuid"` - TaskArgs map[string]string `json:"args"` -} - -// ParseConfigAgentTask parses an agent task config -func ParseConfigAgentTask(data []byte, metadata Metadata) (AgentTaskConfig, error) { - var d AgentTaskData - - err := json.Unmarshal(data, &d) - if err != nil { - return AgentTaskConfig{}, fmt.Errorf("Unexpected AGENT_TASK received through remote-config: %s", err) - } - - return AgentTaskConfig{ - Config: d, - Metadata: metadata, - }, nil -} - -// AgentTaskConfigs returns the currently active AGENT_TASK configs -func (r *Repository) AgentTaskConfigs() map[string]AgentTaskConfig { - typedConfigs := make(map[string]AgentTaskConfig) - - configs := r.getConfigs(ProductAgentTask) - - for path, conf := range configs { - // We control this, so if this has gone wrong something has gone horribly wrong - typed, ok := conf.(AgentTaskConfig) - if !ok { - panic("unexpected config stored as AgentTaskConfigs") - } - - typedConfigs[path] = typed - } - - return typedConfigs -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs_asm.go b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs_asm.go deleted file mode 100644 index 00b377db..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/configs_asm.go +++ /dev/null @@ -1,166 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -package state - -import ( - "encoding/json" -) - -// ConfigASMDD is a deserialized ASM DD configuration file along with its -// associated remote config metadata -type ConfigASMDD struct { - Config []byte - Metadata Metadata -} - -func parseConfigASMDD(data []byte, metadata Metadata) (ConfigASMDD, error) { - return ConfigASMDD{ - Config: data, - Metadata: metadata, - }, nil -} - -// ASMDDConfigs returns the currently active ASMDD configs -func (r *Repository) ASMDDConfigs() map[string]ConfigASMDD { - typedConfigs := make(map[string]ConfigASMDD) - - configs := r.getConfigs(ProductASMDD) - - for path, conf := range configs { - // We control this, so if this has gone wrong something has gone horribly wrong - typed, ok := conf.(ConfigASMDD) - if !ok { - panic("unexpected config stored as ASMDD Config") - } - - typedConfigs[path] = typed - } - - return typedConfigs -} - -// ASMFeaturesConfig is a deserialized configuration file that indicates whether ASM should be enabled -// within a tracer, along with its associated remote config metadata. -type ASMFeaturesConfig struct { - Config ASMFeaturesData - Metadata Metadata -} - -// ASMFeaturesData describes the state of ASM and some of its features -type ASMFeaturesData struct { - ASM struct { - Enabled bool `json:"enabled"` - } `json:"asm"` - APISecurity struct { - RequestSampleRate float64 `json:"request_sample_rate"` - } `json:"api_security"` -} - -func parseASMFeaturesConfig(data []byte, metadata Metadata) (ASMFeaturesConfig, error) { - var f ASMFeaturesData - - err := json.Unmarshal(data, &f) - if err != nil { - return ASMFeaturesConfig{}, nil - } - - return ASMFeaturesConfig{ - Config: f, - Metadata: metadata, - }, nil -} - -// ASMFeaturesConfigs returns the currently active ASMFeatures configs -func (r *Repository) ASMFeaturesConfigs() map[string]ASMFeaturesConfig { - typedConfigs := make(map[string]ASMFeaturesConfig) - - configs := r.getConfigs(ProductASMFeatures) - - for path, conf := range configs { - // We control this, so if this has gone wrong something has gone horribly wrong - typed, ok := conf.(ASMFeaturesConfig) - if !ok { - panic("unexpected config stored as ASMFeaturesConfig") - } - - typedConfigs[path] = typed - } - - return typedConfigs -} - -// ApplyState represents the status of a configuration application by a remote configuration client -// Clients need to either ack the correct application of received configurations, or communicate that -// they haven't applied it yet, or communicate any error that may have happened while doing so -type ApplyState uint64 - -const ( - //ApplyStateUnknown indicates that a client does not support the ApplyState feature - ApplyStateUnknown ApplyState = iota - // ApplyStateUnacknowledged indicates a client has received the config but has not specified success or failure - ApplyStateUnacknowledged - // ApplyStateAcknowledged indicates a client has successfully applied the config - ApplyStateAcknowledged - // ApplyStateError indicates that a client has failed to apply the config - ApplyStateError -) - -// ApplyStatus is the processing status for a given configuration. -// It basically represents whether a config was successfully processed and apply, or if an error occurred -type ApplyStatus struct { - State ApplyState - Error string -} - -// ASMDataConfig is a deserialized configuration file that holds rules data that can be used -// by the ASM WAF for specific features (example: ip blocking). -type ASMDataConfig struct { - Config ASMDataRulesData - Metadata Metadata -} - -// ASMDataRulesData is a serializable array of rules data entries -type ASMDataRulesData struct { - RulesData []ASMDataRuleData `json:"rules_data"` -} - -// ASMDataRuleData is an entry in the rules data list held by an ASMData configuration -type ASMDataRuleData struct { - ID string `json:"id"` - Type string `json:"type"` - Data []ASMDataRuleDataEntry `json:"data"` -} - -// ASMDataRuleDataEntry represents a data entry in a rule data file -type ASMDataRuleDataEntry struct { - Expiration int64 `json:"expiration,omitempty"` - Value string `json:"value"` -} - -func parseConfigASMData(data []byte, metadata Metadata) (ASMDataConfig, error) { - cfg := ASMDataConfig{ - Metadata: metadata, - } - err := json.Unmarshal(data, &cfg.Config) - return cfg, err -} - -// ASMDataConfigs returns the currently active ASMData configs -func (r *Repository) ASMDataConfigs() map[string]ASMDataConfig { - typedConfigs := make(map[string]ASMDataConfig) - configs := r.getConfigs(ProductASMData) - - for path, cfg := range configs { - // We control this, so if this has gone wrong something has gone horribly wrong - typed, ok := cfg.(ASMDataConfig) - if !ok { - panic("unexpected config stored as ASMDataConfig") - } - typedConfigs[path] = typed - } - - return typedConfigs -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/path.go b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/path.go deleted file mode 100644 index d1a4d69e..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/path.go +++ /dev/null @@ -1,100 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -package state - -import ( - "fmt" - "regexp" - "strconv" - "strings" -) - -var ( - // matches datadog//// for datadog//// - datadogPathRegexp = regexp.MustCompile(`^datadog/(\d+)/([^/]+)/([^/]+)/([^/]+)$`) - datadogPathRegexpGroups = 4 - - // matches employee/// for employee//// - employeePathRegexp = regexp.MustCompile(`^employee/([^/]+)/([^/]+)/([^/]+)$`) - employeePathRegexpGroups = 3 -) - -type source uint - -const ( - sourceUnknown source = iota - sourceDatadog - sourceEmployee -) - -type configPath struct { - Source source - OrgID int64 - Product string - ConfigID string - Name string -} - -func parseConfigPath(path string) (configPath, error) { - configType := parseConfigPathSource(path) - switch configType { - case sourceDatadog: - return parseDatadogConfigPath(path) - case sourceEmployee: - return parseEmployeeConfigPath(path) - } - return configPath{}, fmt.Errorf("config path '%s' has unknown source", path) -} - -func parseDatadogConfigPath(path string) (configPath, error) { - matchedGroups := datadogPathRegexp.FindStringSubmatch(path) - if len(matchedGroups) != datadogPathRegexpGroups+1 { - return configPath{}, fmt.Errorf("config file path '%s' has wrong format", path) - } - rawOrgID := matchedGroups[1] - orgID, err := strconv.ParseInt(rawOrgID, 10, 64) - if err != nil { - return configPath{}, fmt.Errorf("could not parse orgID '%s' in config file path: %v", rawOrgID, err) - } - rawProduct := matchedGroups[2] - if len(rawProduct) == 0 { - return configPath{}, fmt.Errorf("product is empty") - } - return configPath{ - Source: sourceDatadog, - OrgID: orgID, - Product: rawProduct, - ConfigID: matchedGroups[3], - Name: matchedGroups[4], - }, nil -} - -func parseEmployeeConfigPath(path string) (configPath, error) { - matchedGroups := employeePathRegexp.FindStringSubmatch(path) - if len(matchedGroups) != employeePathRegexpGroups+1 { - return configPath{}, fmt.Errorf("config file path '%s' has wrong format", path) - } - rawProduct := matchedGroups[1] - if len(rawProduct) == 0 { - return configPath{}, fmt.Errorf("product is empty") - } - return configPath{ - Source: sourceEmployee, - Product: rawProduct, - ConfigID: matchedGroups[2], - Name: matchedGroups[3], - }, nil -} - -func parseConfigPathSource(path string) source { - switch { - case strings.HasPrefix(path, "datadog/"): - return sourceDatadog - case strings.HasPrefix(path, "employee/"): - return sourceEmployee - } - return sourceUnknown -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/products.go b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/products.go deleted file mode 100644 index 35974c5e..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/products.go +++ /dev/null @@ -1,84 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -package state - -var validProducts = map[string]struct{}{ - ProductUpdaterCatalogDD: {}, - ProductUpdaterAgent: {}, - ProductUpdaterTask: {}, - ProductAgentConfig: {}, - ProductAgentFailover: {}, - ProductAgentTask: {}, - ProductAgentIntegrations: {}, - ProductAPMSampling: {}, - ProductCWSDD: {}, - ProductCWSCustom: {}, - ProductCWSProfiles: {}, - ProductCSMSideScanning: {}, - ProductASM: {}, - ProductASMFeatures: {}, - ProductASMDD: {}, - ProductASMData: {}, - ProductAPMTracing: {}, - ProductSDSRules: {}, - ProductSDSAgentConfig: {}, - ProductLiveDebugging: {}, - ProductContainerAutoscalingSettings: {}, - ProductContainerAutoscalingValues: {}, - ProductTesting1: {}, - ProductTesting2: {}, -} - -const ( - // ProductUpdaterCatalogDD is the product used to receive the package catalog from datadog - ProductUpdaterCatalogDD = "UPDATER_CATALOG_DD" - // ProductUpdaterAgent is the product used to receive defaults versions to install - ProductUpdaterAgent = "UPDATER_AGENT" - // ProductUpdaterTask is the product used to receive tasks to execute - ProductUpdaterTask = "UPDATER_TASK" - // ProductAgentConfig is to receive agent configurations, like the log level - ProductAgentConfig = "AGENT_CONFIG" - // ProductAgentFailover is to receive the multi-region failover configuration - ProductAgentFailover = "AGENT_FAILOVER" - // ProductAgentIntegrations is to receive integrations to schedule - ProductAgentIntegrations = "AGENT_INTEGRATIONS" - // ProductAgentTask is to receive agent task instruction, like a flare - ProductAgentTask = "AGENT_TASK" - // ProductAPMSampling is the apm sampling product - ProductAPMSampling = "APM_SAMPLING" - // ProductCWSDD is the cloud workload security product managed by datadog employees - ProductCWSDD = "CWS_DD" - // ProductCWSCustom is the cloud workload security product managed by datadog customers - ProductCWSCustom = "CWS_CUSTOM" - // ProductCWSProfiles is the cloud workload security profile product - ProductCWSProfiles = "CWS_SECURITY_PROFILES" - // ProductCSMSideScanning is the side scanning product - ProductCSMSideScanning = "CSM_SIDE_SCANNING" - // ProductASM is the ASM product used by customers to issue rules configurations - ProductASM = "ASM" - // ProductASMFeatures is the ASM product used form ASM activation through remote config - ProductASMFeatures = "ASM_FEATURES" - // ProductASMDD is the application security monitoring product managed by datadog employees - ProductASMDD = "ASM_DD" - // ProductASMData is the ASM product used to configure WAF rules data - ProductASMData = "ASM_DATA" - // ProductAPMTracing is the apm tracing product - ProductAPMTracing = "APM_TRACING" - // ProductSDSRules is the SDS definitions product - ProductSDSRules = "SDS_RULES_DD" - // ProductSDSAgentConfig is the user SDS configurations product. - ProductSDSAgentConfig = "SDS_AGENT_CONFIG" - // ProductLiveDebugging is the dynamic instrumentation product - ProductLiveDebugging = "LIVE_DEBUGGING" - // ProductContainerAutoscalingSettings receives definition of container autoscaling - ProductContainerAutoscalingSettings = "CONTAINER_AUTOSCALING_SETTINGS" - // ProductContainerAutoscalingValues receives values for container autoscaling - ProductContainerAutoscalingValues = "CONTAINER_AUTOSCALING_VALUES" - // ProductTesting1 is a product used for testing remote config - ProductTesting1 = "TESTING1" - // ProductTesting2 is a product used for testing remote config - ProductTesting2 = "TESTING2" -) diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/repository.go b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/repository.go deleted file mode 100644 index 031d20f2..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/repository.go +++ /dev/null @@ -1,444 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -// Package state provides the types and logic needed to track the current TUF repository -// state for a client. -package state - -import ( - "bytes" - "encoding/json" - "errors" - "fmt" - "log" - "strings" - - "github.com/DataDog/go-tuf/data" -) - -var ( - // ErrMalformedEmbeddedRoot occurs when the TUF root provided is invalid - ErrMalformedEmbeddedRoot = errors.New("malformed embedded TUF root file provided") -) - -// RepositoryState contains all of the information about the current config files -// stored by the client to be able to make an update request to an Agent -type RepositoryState struct { - Configs []ConfigState - CachedFiles []CachedFile - TargetsVersion int64 - RootsVersion int64 - OpaqueBackendState []byte -} - -// ConfigState describes an applied config by the agent client. -type ConfigState struct { - Product string - ID string - Version uint64 - ApplyStatus ApplyStatus -} - -// CachedFile describes a cached file stored by the agent client -// -// Note: You may be wondering why this exists when `ConfigState` exists -// as well. The API for requesting updates does not mandate that a client -// cache config files. This implementation just happens to do so. -type CachedFile struct { - Path string - Length uint64 - Hashes map[string][]byte -} - -// An Update contains all the data needed to update a client's remote config repository state -type Update struct { - // TUFRoots contains, in order, updated roots that this repository needs to keep up with TUF validation - TUFRoots [][]byte - // TUFTargets is the latest TUF Targets file and is used to validate raw config files - TUFTargets []byte - // TargetFiles stores the raw config files by their full TUF path - TargetFiles map[string][]byte - // ClientcConfigs is a list of TUF path's corresponding to config files designated for this repository - ClientConfigs []string -} - -// isEmpty returns whether or not all the fields of `Update` are empty -func (u *Update) isEmpty() bool { - return len(u.TUFRoots) == 0 && len(u.TUFTargets) == 0 && (u.TargetFiles == nil || len(u.TargetFiles) == 0) && len(u.ClientConfigs) == 0 -} - -// Repository is a remote config client used in a downstream process to retrieve -// remote config updates from an Agent. -type Repository struct { - // TUF related data - latestTargets *data.Targets - tufRootsClient *tufRootsClient - opaqueBackendState []byte - - // Unverified mode - tufVerificationEnabled bool - latestRootVersion int64 - - // Config file storage - metadata map[string]Metadata - configs map[string]map[string]interface{} -} - -// NewRepository creates a new remote config repository that will track -// both TUF metadata and raw config files for a client. -func NewRepository(embeddedRoot []byte) (*Repository, error) { - if embeddedRoot == nil { - return nil, ErrMalformedEmbeddedRoot - } - - configs := make(map[string]map[string]interface{}) - for product := range validProducts { - configs[product] = make(map[string]interface{}) - } - - tufRootsClient, err := newTufRootsClient(embeddedRoot) - if err != nil { - return nil, err - } - - return &Repository{ - latestTargets: data.NewTargets(), - tufRootsClient: tufRootsClient, - metadata: make(map[string]Metadata), - configs: configs, - tufVerificationEnabled: true, - }, nil -} - -// NewUnverifiedRepository creates a new remote config repository that will -// track config files for a client WITHOUT verifying any TUF related metadata. -// -// When creating this we pretend we have a root version of 1, as the backend expects -// to not have to send the initial "embedded" root. -func NewUnverifiedRepository() (*Repository, error) { - configs := make(map[string]map[string]interface{}) - for product := range validProducts { - configs[product] = make(map[string]interface{}) - } - - return &Repository{ - latestTargets: data.NewTargets(), - metadata: make(map[string]Metadata), - configs: configs, - tufVerificationEnabled: false, - latestRootVersion: 1, // The backend expects us to start with a root version of 1. - }, nil -} - -// Update processes the ClientGetConfigsResponse from the Agent and updates the -// configuration state -func (r *Repository) Update(update Update) ([]string, error) { - var err error - var updatedTargets *data.Targets - var tmpRootClient *tufRootsClient - - // If there's literally nothing in the update, it's not an error. - if update.isEmpty() { - return []string{}, nil - } - - // TUF: Update the roots and verify the TUF Targets file (optional) - // - // We don't want to partially update the state, so we need a temporary client to hold the new root - // data until we know it's valid. Since verification is optional, if the repository was configured - // to not do TUF verification we only deserialize the TUF targets file. - if r.tufVerificationEnabled { - tmpRootClient, err = r.tufRootsClient.clone() - if err != nil { - return nil, err - } - err = tmpRootClient.updateRoots(update.TUFRoots) - if err != nil { - return nil, err - } - - updatedTargets, err = tmpRootClient.validateTargets(update.TUFTargets) - if err != nil { - return nil, err - } - } else { - updatedTargets, err = unsafeUnmarshalTargets(update.TUFTargets) - if err != nil { - return nil, err - } - } - - clientConfigsMap := make(map[string]struct{}) - for _, f := range update.ClientConfigs { - clientConfigsMap[f] = struct{}{} - } - - result := newUpdateResult() - - // 2: Check the config list and mark any missing configs as "to be removed" - for _, configs := range r.configs { - for path := range configs { - if _, ok := clientConfigsMap[path]; !ok { - result.removed = append(result.removed, path) - parsedPath, err := parseConfigPath(path) - if err != nil { - return nil, err - } - result.productsUpdated[parsedPath.Product] = true - } - } - } - - // 3: For all the files referenced in this update - for _, path := range update.ClientConfigs { - targetFileMetadata, ok := updatedTargets.Targets[path] - if !ok { - return nil, fmt.Errorf("missing config file in TUF targets - %s", path) - } - - // 3.a: Extract the product and ID from the path - parsedPath, err := parseConfigPath(path) - if err != nil { - return nil, err - } - - // 3.b and 3.c: Check if this configuration is either new or has been modified - storedMetadata, exists := r.metadata[path] - if exists && hashesEqual(targetFileMetadata.Hashes, storedMetadata.Hashes) { - continue - } - - // 3.d: Ensure that the raw configuration file is present in the - // update payload. - raw, ok := update.TargetFiles[path] - if !ok { - return nil, fmt.Errorf("missing update file - %s", path) - } - - // TUF: Validate the hash of the raw target file and ensure that it matches - // the TUF metadata - err = validateTargetFileHash(targetFileMetadata, raw) - if err != nil { - return nil, fmt.Errorf("error validating %s hash with TUF metadata - %v", path, err) - } - - // 3.e: Deserialize the configuration. - // 3.f: Store the update details for application later - // - // Note: We don't have to worry about extra fields as mentioned - // in the RFC because the encoding/json library handles that for us. - m, err := newConfigMetadata(parsedPath, targetFileMetadata) - if err != nil { - return nil, err - } - config, err := parseConfig(parsedPath.Product, raw, m) - if err != nil { - return nil, err - } - result.metadata[path] = m - result.changed[parsedPath.Product][path] = config - result.productsUpdated[parsedPath.Product] = true - } - - // 4.a: Store the new targets.signed.custom.opaque_client_state - // TUF: Store the updated roots now that everything has validated - if r.tufVerificationEnabled { - r.tufRootsClient = tmpRootClient - } else if update.TUFRoots != nil && len(update.TUFRoots) > 0 { - v, err := extractRootVersion(update.TUFRoots[len(update.TUFRoots)-1]) - if err != nil { - return nil, err - } - r.latestRootVersion = v - } - r.latestTargets = updatedTargets - if r.latestTargets.Custom != nil { - r.opaqueBackendState = extractOpaqueBackendState(*r.latestTargets.Custom) - } - - // Upstream may not want to take any actions if the update result doesn't - // change any configs. - if result.isEmpty() { - return nil, nil - } - - changedProducts := make([]string, 0) - for product, updated := range result.productsUpdated { - if updated { - changedProducts = append(changedProducts, product) - } - } - - // 4.b/4.rave the new state and apply cleanups - r.applyUpdateResult(update, result) - - return changedProducts, nil -} - -// UpdateApplyStatus updates the config's metadata to reflect its processing state -// Can be used after a call to Update() in order to tell the repository which config was acked, which -// wasn't and which errors occurred while processing. -// Note: it is the responsibility of the caller to ensure that no new Update() call was made between -// the first Update() call and the call to UpdateApplyStatus() so as to keep the repository state accurate. -func (r *Repository) UpdateApplyStatus(cfgPath string, status ApplyStatus) { - if m, ok := r.metadata[cfgPath]; ok { - m.ApplyStatus = status - r.metadata[cfgPath] = m - } -} - -func (r *Repository) getConfigs(product string) map[string]interface{} { - configs, ok := r.configs[product] - if !ok { - return nil - } - - return configs -} - -// applyUpdateResult changes the state of the client based on the given update. -// -// The update is guaranteed to succeed at this point, having been vetted and the details -// needed to apply the update stored in the `updateResult`. -func (r *Repository) applyUpdateResult(_ Update, result updateResult) { - // 4.b Save all the updated and new config files - for product, configs := range result.changed { - for path, config := range configs { - m := r.configs[product] - m[path] = config - } - } - for path, metadata := range result.metadata { - r.metadata[path] = metadata - } - - // 5.b Clean up the cache of any removed configs - for _, path := range result.removed { - delete(r.metadata, path) - for _, configs := range r.configs { - delete(configs, path) - } - } -} - -// CurrentState returns all of the information needed to -// make an update for new configurations. -func (r *Repository) CurrentState() (RepositoryState, error) { - var configs []ConfigState - var cached []CachedFile - - for path, metadata := range r.metadata { - configs = append(configs, configStateFromMetadata(metadata)) - cached = append(cached, cachedFileFromMetadata(path, metadata)) - } - - var latestRootVersion int64 - if r.tufVerificationEnabled { - root, err := r.tufRootsClient.latestRoot() - if err != nil { - return RepositoryState{}, err - } - latestRootVersion = root.Version - } else { - latestRootVersion = r.latestRootVersion - } - - return RepositoryState{ - Configs: configs, - CachedFiles: cached, - TargetsVersion: r.latestTargets.Version, - RootsVersion: latestRootVersion, - OpaqueBackendState: r.opaqueBackendState, - }, nil -} - -// An updateResult allows the client to apply the update as a transaction -// after validating all required preconditions -type updateResult struct { - removed []string - metadata map[string]Metadata - changed map[string]map[string]interface{} - productsUpdated map[string]bool -} - -func newUpdateResult() updateResult { - changed := make(map[string]map[string]interface{}) - - for product := range validProducts { - changed[product] = make(map[string]interface{}) - } - - return updateResult{ - removed: make([]string, 0), - metadata: make(map[string]Metadata), - changed: changed, - productsUpdated: map[string]bool{}, - } -} - -func (ur updateResult) Log() { - log.Printf("Removed Configs: %v", ur.removed) - - var b strings.Builder - b.WriteString("Changed configs: [") - for path := range ur.metadata { - b.WriteString(path) - b.WriteString(" ") - } - b.WriteString("]") - - log.Println(b.String()) -} - -func (ur updateResult) isEmpty() bool { - return len(ur.removed) == 0 && len(ur.metadata) == 0 -} - -func configStateFromMetadata(m Metadata) ConfigState { - return ConfigState{ - Product: m.Product, - ID: m.ID, - Version: m.Version, - ApplyStatus: m.ApplyStatus, - } -} - -func cachedFileFromMetadata(path string, m Metadata) CachedFile { - return CachedFile{ - Path: path, - Length: m.RawLength, - Hashes: m.Hashes, - } -} - -// hashesEqual checks if the hash values in the TUF metadata file match the stored -// hash values for a given config -func hashesEqual(tufHashes data.Hashes, storedHashes map[string][]byte) bool { - for algorithm, value := range tufHashes { - v, ok := storedHashes[algorithm] - if !ok { - continue - } - - if !bytes.Equal(value, v) { - return false - } - } - - return true -} - -func extractOpaqueBackendState(targetsCustom []byte) []byte { - state := struct { - State []byte `json:"opaque_backend_state"` - }{nil} - - err := json.Unmarshal(targetsCustom, &state) - if err != nil { - return []byte{} - } - - return state.State -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/tuf.go b/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/tuf.go deleted file mode 100644 index f67ab9c1..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/remoteconfig/state/tuf.go +++ /dev/null @@ -1,233 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022-present Datadog, Inc. - -package state - -import ( - "bytes" - "encoding/json" - "fmt" - "io" - "strconv" - "strings" - - "github.com/DataDog/go-tuf/client" - "github.com/DataDog/go-tuf/data" - "github.com/DataDog/go-tuf/util" - "github.com/DataDog/go-tuf/verify" -) - -type tufRootsClient struct { - rootClient *client.Client - rootLocalStore client.LocalStore - rootRemoteStore *rootClientRemoteStore -} - -func newTufRootsClient(root []byte) (*tufRootsClient, error) { - rootLocalStore := client.MemoryLocalStore() - rootRemoteStore := &rootClientRemoteStore{} - rootClient := client.NewClient(rootLocalStore, rootRemoteStore) - - err := rootClient.Init(root) - if err != nil { - return nil, err - } - - return &tufRootsClient{ - rootClient: rootClient, - rootLocalStore: rootLocalStore, - rootRemoteStore: rootRemoteStore, - }, nil -} - -func (trc *tufRootsClient) clone() (*tufRootsClient, error) { - root, err := trc.latestRootRaw() - if err != nil { - return nil, err - } - - return newTufRootsClient(root) -} - -func (trc *tufRootsClient) updateRoots(newRoots [][]byte) error { - if len(newRoots) == 0 { - return nil - } - - trc.rootRemoteStore.roots = append(trc.rootRemoteStore.roots, newRoots...) - - return trc.rootClient.UpdateRoots() -} - -func (trc *tufRootsClient) latestRoot() (*data.Root, error) { - raw, err := trc.latestRootRaw() - if err != nil { - return nil, err - } - - return unsafeUnmarshalRoot(raw) -} - -func (trc *tufRootsClient) latestRootRaw() ([]byte, error) { - metas, err := trc.rootLocalStore.GetMeta() - if err != nil { - return nil, err - } - rawRoot := metas["root.json"] - - return rawRoot, nil -} - -func (trc *tufRootsClient) validateTargets(rawTargets []byte) (*data.Targets, error) { - root, err := trc.latestRoot() - if err != nil { - return nil, err - } - - db := verify.NewDB() - for _, key := range root.Keys { - for _, id := range key.IDs() { - if err := db.AddKey(id, key); err != nil { - return nil, err - } - } - } - targetsRole, hasRoleTargets := root.Roles["targets"] - if !hasRoleTargets { - return nil, fmt.Errorf("root is missing a targets role") - } - role := &data.Role{Threshold: targetsRole.Threshold, KeyIDs: targetsRole.KeyIDs} - if err := db.AddRole("targets", role); err != nil { - return nil, fmt.Errorf("could not add targets role to db: %v", err) - } - var targets data.Targets - err = db.Unmarshal(rawTargets, &targets, "targets", 0) - if err != nil { - return nil, err - } - - return &targets, nil -} - -type rootClientRemoteStore struct { - roots [][]byte -} - -func (s *rootClientRemoteStore) GetMeta(name string) (stream io.ReadCloser, size int64, err error) { - metaPath, err := parseMetaPath(name) - if err != nil { - return nil, 0, err - } - if metaPath.role != roleRoot || !metaPath.versionSet { - return nil, 0, client.ErrNotFound{File: name} - } - for _, root := range s.roots { - parsedRoot, err := unsafeUnmarshalRoot(root) - if err != nil { - return nil, 0, err - } - if parsedRoot.Version == metaPath.version { - return io.NopCloser(bytes.NewReader(root)), int64(len(root)), nil - } - } - return nil, 0, client.ErrNotFound{File: name} -} - -func (s *rootClientRemoteStore) GetTarget(path string) (stream io.ReadCloser, size int64, err error) { - return nil, 0, client.ErrNotFound{File: path} -} - -type role string - -const ( - roleRoot role = "root" -) - -type metaPath struct { - role role - version int64 - versionSet bool -} - -func parseMetaPath(rawMetaPath string) (metaPath, error) { - splitRawMetaPath := strings.SplitN(rawMetaPath, ".", 3) - if len(splitRawMetaPath) != 2 && len(splitRawMetaPath) != 3 { - return metaPath{}, fmt.Errorf("invalid metadata path '%s'", rawMetaPath) - } - suffix := splitRawMetaPath[len(splitRawMetaPath)-1] - if suffix != "json" { - return metaPath{}, fmt.Errorf("invalid metadata path (suffix) '%s'", rawMetaPath) - } - rawRole := splitRawMetaPath[len(splitRawMetaPath)-2] - if rawRole == "" { - return metaPath{}, fmt.Errorf("invalid metadata path (role) '%s'", rawMetaPath) - } - if len(splitRawMetaPath) == 2 { - return metaPath{ - role: role(rawRole), - }, nil - } - rawVersion, err := strconv.ParseInt(splitRawMetaPath[0], 10, 64) - if err != nil { - return metaPath{}, fmt.Errorf("invalid metadata path (version) '%s': %w", rawMetaPath, err) - } - return metaPath{ - role: role(rawRole), - version: rawVersion, - versionSet: true, - }, nil -} - -func validateTargetFileHash(targetMeta data.TargetFileMeta, targetFile []byte) error { - if len(targetMeta.HashAlgorithms()) == 0 { - return fmt.Errorf("target file has no hash") - } - generatedMeta, err := util.GenerateFileMeta(bytes.NewBuffer(targetFile), targetMeta.HashAlgorithms()...) - if err != nil { - return err - } - err = util.FileMetaEqual(targetMeta.FileMeta, generatedMeta) - if err != nil { - return err - } - return nil -} - -func unsafeUnmarshalRoot(raw []byte) (*data.Root, error) { - var signedRoot data.Signed - err := json.Unmarshal(raw, &signedRoot) - if err != nil { - return nil, err - } - var root data.Root - err = json.Unmarshal(signedRoot.Signed, &root) - if err != nil { - return nil, err - } - return &root, err -} - -func unsafeUnmarshalTargets(raw []byte) (*data.Targets, error) { - var signedTargets data.Signed - err := json.Unmarshal(raw, &signedTargets) - if err != nil { - return nil, err - } - var targets data.Targets - err = json.Unmarshal(signedTargets.Signed, &targets) - if err != nil { - return nil, err - } - return &targets, err -} - -func extractRootVersion(raw []byte) (int64, error) { - root, err := unsafeUnmarshalRoot(raw) - if err != nil { - return 0, err - } - - return root.Version, nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/LICENSE b/vendor/github.com/DataDog/datadog-agent/pkg/trace/LICENSE deleted file mode 100644 index b370545b..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/LICENSE +++ /dev/null @@ -1,200 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-present Datadog, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/client.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/client.go deleted file mode 100644 index b46de4fa..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/client.go +++ /dev/null @@ -1,70 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package config contains the configuration for the trace-agent. -package config - -import ( - "net/http" - "sync" - "time" -) - -// TODO(gbbr): Perhaps this is not the best place for this structure. - -// ResetClient wraps (http.Client).Do and resets the underlying connections at the -// configured interval -type ResetClient struct { - httpClientFactory func() *http.Client - resetInterval time.Duration - - mu sync.RWMutex - httpClient *http.Client - lastReset time.Time -} - -// NewResetClient returns an initialized Client resetting connections at the passed resetInterval ("0" -// means that no reset is performed). -// The underlying http.Client used will be created using the passed http client factory. -func NewResetClient(resetInterval time.Duration, httpClientFactory func() *http.Client) *ResetClient { - return &ResetClient{ - httpClientFactory: httpClientFactory, - resetInterval: resetInterval, - httpClient: httpClientFactory(), - lastReset: time.Now(), - } -} - -// Do wraps (http.Client).Do. Thread safe. -func (c *ResetClient) Do(req *http.Request) (*http.Response, error) { - c.checkReset() - - c.mu.RLock() - httpClient := c.httpClient - c.mu.RUnlock() - - return httpClient.Do(req) -} - -// checkReset checks whether a client reset should be performed, and performs it -// if so -func (c *ResetClient) checkReset() { - if c.resetInterval == 0 { - return - } - - c.mu.Lock() - defer c.mu.Unlock() - if time.Since(c.lastReset) < c.resetInterval { - return - } - - c.lastReset = time.Now() - // Close idle connections on underlying client. Safe to do while other goroutines use the client. - // This is a best effort: if other goroutine(s) are currently using the client, - // the related open connection(s) will remain open until the client is GC'ed - c.httpClient.CloseIdleConnections() - c.httpClient = c.httpClientFactory() -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/config.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/config.go deleted file mode 100644 index 2ada0ea2..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/config.go +++ /dev/null @@ -1,621 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package config - -import ( - "crypto/tls" - "errors" - "net" - "net/http" - "net/url" - "os" - "regexp" - "time" - - "github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes" - - "github.com/DataDog/datadog-agent/pkg/obfuscate" - "github.com/DataDog/datadog-agent/pkg/remoteconfig/state" - "github.com/DataDog/datadog-agent/pkg/trace/log" - "github.com/DataDog/datadog-agent/pkg/trace/traceutil" -) - -// ServiceName specifies the service name used in the operating system. -const ServiceName = "datadog-trace-agent" - -// ErrMissingAPIKey is returned when the config could not be validated due to missing API key. -var ErrMissingAPIKey = errors.New("you must specify an API Key, either via a configuration file or the DD_API_KEY env var") - -// Endpoint specifies an endpoint that the trace agent will write data (traces, stats & services) to. -type Endpoint struct { - APIKey string `json:"-"` // never marshal this - Host string - - // NoProxy will be set to true when the proxy setting for the trace API endpoint - // needs to be ignored (e.g. it is part of the "no_proxy" list in the yaml settings). - NoProxy bool -} - -// TelemetryEndpointPrefix specifies the prefix of the telemetry endpoint URL. -const TelemetryEndpointPrefix = "https://instrumentation-telemetry-intake." - -// OTLP holds the configuration for the OpenTelemetry receiver. -type OTLP struct { - // BindHost specifies the host to bind the receiver to. - BindHost string `mapstructure:"-"` - - // GRPCPort specifies the port to use for the plain HTTP receiver. - // If unset (or 0), the receiver will be off. - GRPCPort int `mapstructure:"grpc_port"` - - // SpanNameRemappings is the map of datadog span names and preferred name to map to. This can be used to - // automatically map Datadog Span Operation Names to an updated value. All entries should be key/value pairs. - SpanNameRemappings map[string]string `mapstructure:"span_name_remappings"` - - // SpanNameAsResourceName specifies whether the OpenTelemetry span's name should be - // used as the Datadog span's operation name. By default (when this is false), the - // operation name is deduced from a combination between the instrumentation scope - // name and the span kind. - // - // For context, the OpenTelemetry 'Span Name' is equivalent to the Datadog 'resource name'. - // The Datadog Span's Operation Name equivalent in OpenTelemetry does not exist, but the span's - // kind comes close. - SpanNameAsResourceName bool `mapstructure:"span_name_as_resource_name"` - - // MaxRequestBytes specifies the maximum number of bytes that will be read - // from an incoming HTTP request. - MaxRequestBytes int64 `mapstructure:"-"` - - // ProbabilisticSampling specifies the percentage of traces to ingest. Exceptions are made for errors - // and rare traces (outliers) if "RareSamplerEnabled" is true. Invalid values are equivalent to 100. - // If spans have the "sampling.priority" attribute set, probabilistic sampling is skipped and the user's - // decision is followed. - ProbabilisticSampling float64 - - // AttributesTranslator specifies an OTLP to Datadog attributes translator. - AttributesTranslator *attributes.Translator `mapstructure:"-"` -} - -// ObfuscationConfig holds the configuration for obfuscating sensitive data -// for various span types. -type ObfuscationConfig struct { - // ES holds the obfuscation configuration for ElasticSearch bodies. - ES obfuscate.JSONConfig `mapstructure:"elasticsearch"` - - // OpenSearch holds the obfuscation configuration for OpenSearch bodies. - OpenSearch obfuscate.JSONConfig `mapstructure:"opensearch"` - - // Mongo holds the obfuscation configuration for MongoDB queries. - Mongo obfuscate.JSONConfig `mapstructure:"mongodb"` - - // SQLExecPlan holds the obfuscation configuration for SQL Exec Plans. This is strictly for safety related obfuscation, - // not normalization. Normalization of exec plans is configured in SQLExecPlanNormalize. - SQLExecPlan obfuscate.JSONConfig `mapstructure:"sql_exec_plan"` - - // SQLExecPlanNormalize holds the normalization configuration for SQL Exec Plans. - SQLExecPlanNormalize obfuscate.JSONConfig `mapstructure:"sql_exec_plan_normalize"` - - // HTTP holds the obfuscation settings for HTTP URLs. - HTTP obfuscate.HTTPConfig `mapstructure:"http"` - - // RemoveStackTraces specifies whether stack traces should be removed. - // More specifically "error.stack" tag values will be cleared. - RemoveStackTraces bool `mapstructure:"remove_stack_traces"` - - // Redis holds the configuration for obfuscating the "redis.raw_command" tag - // for spans of type "redis". - Redis obfuscate.RedisConfig `mapstructure:"redis"` - - // Memcached holds the configuration for obfuscating the "memcached.command" tag - // for spans of type "memcached". - Memcached obfuscate.MemcachedConfig `mapstructure:"memcached"` - - // CreditCards holds the configuration for obfuscating credit cards. - CreditCards obfuscate.CreditCardsConfig `mapstructure:"credit_cards"` -} - -// Export returns an obfuscate.Config matching o. -func (o *ObfuscationConfig) Export(conf *AgentConfig) obfuscate.Config { - return obfuscate.Config{ - SQL: obfuscate.SQLConfig{ - TableNames: conf.HasFeature("table_names"), - ReplaceDigits: conf.HasFeature("quantize_sql_tables") || conf.HasFeature("replace_sql_digits"), - KeepSQLAlias: conf.HasFeature("keep_sql_alias"), - DollarQuotedFunc: conf.HasFeature("dollar_quoted_func"), - Cache: conf.HasFeature("sql_cache"), - }, - ES: o.ES, - OpenSearch: o.OpenSearch, - Mongo: o.Mongo, - SQLExecPlan: o.SQLExecPlan, - SQLExecPlanNormalize: o.SQLExecPlanNormalize, - HTTP: o.HTTP, - Redis: o.Redis, - Memcached: o.Memcached, - CreditCard: o.CreditCards, - Logger: new(debugLogger), - } -} - -type debugLogger struct{} - -func (debugLogger) Debugf(format string, params ...interface{}) { - log.Debugf(format, params...) -} - -// Enablable can represent any option that has an "enabled" boolean sub-field. -type Enablable struct { - Enabled bool `mapstructure:"enabled"` -} - -// TelemetryConfig holds Instrumentation telemetry Endpoints information -type TelemetryConfig struct { - Enabled bool `mapstructure:"enabled"` - Endpoints []*Endpoint -} - -// ReplaceRule specifies a replace rule. -type ReplaceRule struct { - // Name specifies the name of the tag that the replace rule addresses. However, - // some exceptions apply such as: - // • "resource.name" will target the resource - // • "*" will target all tags and the resource - Name string `mapstructure:"name"` - - // Pattern specifies the regexp pattern to be used when replacing. It must compile. - Pattern string `mapstructure:"pattern"` - - // Re holds the compiled Pattern and is only used internally. - Re *regexp.Regexp `mapstructure:"-"` - - // Repl specifies the replacement string to be used when Pattern matches. - Repl string `mapstructure:"repl"` -} - -// WriterConfig specifies configuration for an API writer. -type WriterConfig struct { - // ConnectionLimit specifies the maximum number of concurrent outgoing - // connections allowed for the sender. - ConnectionLimit int `mapstructure:"connection_limit"` - - // QueueSize specifies the maximum number or payloads allowed to be queued - // in the sender. - QueueSize int `mapstructure:"queue_size"` - - // FlushPeriodSeconds specifies the frequency at which the writer's buffer - // will be flushed to the sender, in seconds. Fractions are permitted. - FlushPeriodSeconds float64 `mapstructure:"flush_period_seconds"` -} - -// FargateOrchestratorName is a Fargate orchestrator name. -type FargateOrchestratorName string - -const ( - // OrchestratorECS represents AWS ECS - OrchestratorECS FargateOrchestratorName = "ECS" - // OrchestratorEKS represents AWS EKS - OrchestratorEKS FargateOrchestratorName = "EKS" - // OrchestratorUnknown is used when we cannot retrieve the orchestrator - OrchestratorUnknown FargateOrchestratorName = "Unknown" -) - -// ProfilingProxyConfig ... -type ProfilingProxyConfig struct { - // DDURL ... - DDURL string - // AdditionalEndpoints ... - AdditionalEndpoints map[string][]string -} - -// EVPProxy contains the settings for the EVPProxy proxy. -type EVPProxy struct { - // Enabled reports whether EVPProxy is enabled (true by default). - Enabled bool - // DDURL is the Datadog site to forward payloads to (defaults to the Site setting if not set). - DDURL string - // APIKey is the main API Key (defaults to the main API key). - APIKey string `json:"-"` // Never marshal this field - // ApplicationKey to be used for requests with the X-Datadog-NeedsAppKey set (defaults to the top-level Application Key). - ApplicationKey string `json:"-"` // Never marshal this field - // AdditionalEndpoints is a map of additional Datadog sites to API keys. - AdditionalEndpoints map[string][]string - // MaxPayloadSize indicates the size at which payloads will be rejected, in bytes. - MaxPayloadSize int64 - // ReceiverTimeout indicates the maximum time an EVPProxy request can take. Value in seconds. - ReceiverTimeout int -} - -// InstallSignatureConfig contains the information on how the agent was installed -// and a unique identifier that distinguishes this agent from others. -type InstallSignatureConfig struct { - Found bool `json:"-"` - InstallID string `json:"install_id"` - InstallType string `json:"install_type"` - InstallTime int64 `json:"install_time"` -} - -// DebuggerProxyConfig ... -type DebuggerProxyConfig struct { - // DDURL ... - DDURL string - // APIKey ... - APIKey string `json:"-"` // Never marshal this field - // AdditionalEndpoints is a map of additional Datadog sites to API keys. - AdditionalEndpoints map[string][]string `json:"-"` // Never marshal this field -} - -// SymDBProxyConfig ... -type SymDBProxyConfig struct { - // DDURL ... - DDURL string - // APIKey ... - APIKey string `json:"-"` // Never marshal this field - // AdditionalEndpoints is a map of additional Datadog endpoints to API keys. - AdditionalEndpoints map[string][]string `json:"-"` // Never marshal this field -} - -// AgentConfig handles the interpretation of the configuration (with default -// behaviors) in one place. It is also a simple structure to share across all -// the Agent components, with 100% safe and reliable values. -// It is exposed with expvar, so make sure to exclude any sensible field -// from JSON encoding. Use New() to create an instance. -type AgentConfig struct { - Features map[string]struct{} - - Enabled bool - AgentVersion string - GitCommit string - Site string // the intake site to use (e.g. "datadoghq.com") - - // FargateOrchestrator specifies the name of the Fargate orchestrator. e.g. "ECS", "EKS", "Unknown" - FargateOrchestrator FargateOrchestratorName - - // Global - Hostname string - DefaultEnv string // the traces will default to this environment - ConfigPath string // the source of this config, if any - - // Endpoints specifies the set of hosts and API keys where traces and stats - // will be uploaded to. The first endpoint is the main configuration endpoint; - // any following ones are read from the 'additional_endpoints' parts of the - // configuration file, if present. - Endpoints []*Endpoint - - // Concentrator - BucketInterval time.Duration // the size of our pre-aggregation per bucket - ExtraAggregators []string // DEPRECATED - PeerTagsAggregation bool // enables/disables stats aggregation for peer entity tags, used by Concentrator and ClientStatsAggregator - ComputeStatsBySpanKind bool // enables/disables the computing of stats based on a span's `span.kind` field - PeerTags []string // additional tags to use for peer entity stats aggregation - - // Sampler configuration - ExtraSampleRate float64 - TargetTPS float64 - ErrorTPS float64 - MaxEPS float64 - MaxRemoteTPS float64 - - // Rare Sampler configuration - RareSamplerEnabled bool - RareSamplerTPS int - RareSamplerCooldownPeriod time.Duration - RareSamplerCardinality int - - // Probabilistic Sampler configuration - ProbabilisticSamplerEnabled bool - ProbabilisticSamplerHashSeed uint32 - ProbabilisticSamplerSamplingPercentage float32 - - // Receiver - ReceiverEnabled bool // specifies whether Receiver listeners are enabled. Unless OTLPReceiver is used, this should always be true. - ReceiverHost string - ReceiverPort int - ReceiverSocket string // if not empty, UDS will be enabled on unix:// - ConnectionLimit int // for rate-limiting, how many unique connections to allow in a lease period (30s) - ReceiverTimeout int - MaxRequestBytes int64 // specifies the maximum allowed request size for incoming trace payloads - TraceBuffer int // specifies the number of traces to buffer before blocking. - Decoders int // specifies the number of traces that can be concurrently decoded. - MaxConnections int // specifies the maximum number of concurrent incoming connections allowed. - DecoderTimeout int // specifies the maximum time in milliseconds that the decoders will wait for a turn to accept a payload before returning 429 - - WindowsPipeName string - PipeBufferSize int - PipeSecurityDescriptor string - - GUIPort string // the port of the Datadog Agent GUI (for control access) - - // Writers - SynchronousFlushing bool // Mode where traces are only submitted when FlushAsync is called, used for Serverless Extension - StatsWriter *WriterConfig - TraceWriter *WriterConfig - ConnectionResetInterval time.Duration // frequency at which outgoing connections are reset. 0 means no reset is performed - // MaxSenderRetries is the maximum number of retries that a sender will perform - // before giving up. Note that the sender may not perform all MaxSenderRetries if - // the agent is under load and the outgoing payload queue is full. In that - // case, the sender will drop failed payloads when it is unable to enqueue - // them for another retry. - MaxSenderRetries int - // HTTP client used in writer connections. If nil, default client values will be used. - HTTPClientFunc func() *http.Client `json:"-"` - - // internal telemetry - StatsdEnabled bool - StatsdHost string - StatsdPort int - StatsdPipeName string // for Windows Pipes - StatsdSocket string // for UDS Sockets - - // logging - LogFilePath string - - // watchdog - MaxMemory float64 // MaxMemory is the threshold (bytes allocated) above which program panics and exits, to be restarted - MaxCPU float64 // MaxCPU is the max UserAvg CPU the program should consume - WatchdogInterval time.Duration // WatchdogInterval is the delay between 2 watchdog checks - - // http/s proxying - ProxyURL *url.URL - SkipSSLValidation bool - - // filtering - Ignore map[string][]string - - // ReplaceTags is used to filter out sensitive information from tag values. - // It maps tag keys to a set of replacements. Only supported in A6. - ReplaceTags []*ReplaceRule - - // GlobalTags list metadata that will be added to all spans - GlobalTags map[string]string - - // transaction analytics - AnalyzedRateByServiceLegacy map[string]float64 - AnalyzedSpansByService map[string]map[string]float64 - - // infrastructure agent binary - DDAgentBin string - - // Obfuscation holds sensitive data obufscator's configuration. - Obfuscation *ObfuscationConfig - - // MaxResourceLen the maximum length the resource can have - MaxResourceLen int - - // RequireTags specifies a list of tags which must be present on the root span in order for a trace to be accepted. - RequireTags []*Tag - - // RejectTags specifies a list of tags which must be absent on the root span in order for a trace to be accepted. - RejectTags []*Tag - - // RequireTagsRegex specifies a list of regexp for tags which must be present on the root span in order for a trace to be accepted. - RequireTagsRegex []*TagRegex - - // RejectTagsRegex specifies a list of regexp for tags which must be absent on the root span in order for a trace to be accepted. - RejectTagsRegex []*TagRegex - - // OTLPReceiver holds the configuration for OpenTelemetry receiver. - OTLPReceiver *OTLP - - // ProfilingProxy specifies settings for the profiling proxy. - ProfilingProxy ProfilingProxyConfig - - // Telemetry settings - TelemetryConfig *TelemetryConfig - - // EVPProxy contains the settings for the EVPProxy proxy. - EVPProxy EVPProxy - - // DebuggerProxy contains the settings for the Live Debugger proxy. - DebuggerProxy DebuggerProxyConfig - - // DebuggerDiagnosticsProxy contains the settings for the Live Debugger diagnostics proxy. - DebuggerDiagnosticsProxy DebuggerProxyConfig - - // SymDBProxy contains the settings for the Symbol Database proxy. - SymDBProxy SymDBProxyConfig - - // Proxy specifies a function to return a proxy for a given Request. - // See (net/http.Transport).Proxy for more details. - Proxy func(*http.Request) (*url.URL, error) `json:"-"` - - // MaxCatalogEntries specifies the maximum number of services to be added to the priority sampler's - // catalog. If not set (0) it will default to 5000. - MaxCatalogEntries int - - // RemoteConfigClient retrieves sampling updates from the remote config backend - RemoteConfigClient RemoteClient `json:"-"` - - // ContainerTags ... - ContainerTags func(cid string) ([]string, error) `json:"-"` - - // ContainerProcRoot is the root dir for `proc` info - ContainerProcRoot string - - // DebugServerPort defines the port used by the debug server - DebugServerPort int - - // Install Signature - InstallSignature InstallSignatureConfig - - // Lambda function name - LambdaFunctionName string -} - -// RemoteClient client is used to APM Sampling Updates from a remote source. -// This is an interface around the client provided by pkg/config/remote to allow for easier testing. -type RemoteClient interface { - Close() - Start() - Subscribe(string, func(update map[string]state.RawConfig, applyStateCallback func(string, state.ApplyStatus))) - UpdateApplyStatus(cfgPath string, status state.ApplyStatus) -} - -// Tag represents a key/value pair. -type Tag struct { - K, V string -} - -// TagRegex represents a key/value regex pattern pair. -type TagRegex struct { - K string - V *regexp.Regexp -} - -// New returns a configuration with the default values. -func New() *AgentConfig { - return &AgentConfig{ - Enabled: true, - DefaultEnv: "none", - Endpoints: []*Endpoint{{Host: "https://trace.agent.datadoghq.com"}}, - FargateOrchestrator: OrchestratorUnknown, - Site: "datadoghq.com", - MaxCatalogEntries: 5000, - - BucketInterval: time.Duration(10) * time.Second, - - ExtraSampleRate: 1.0, - TargetTPS: 10, - ErrorTPS: 10, - MaxEPS: 200, - MaxRemoteTPS: 100, - - RareSamplerEnabled: false, - RareSamplerTPS: 5, - RareSamplerCooldownPeriod: 5 * time.Minute, - RareSamplerCardinality: 200, - - ReceiverEnabled: true, - ReceiverHost: "localhost", - ReceiverPort: 8126, - MaxRequestBytes: 25 * 1024 * 1024, // 25MB - PipeBufferSize: 1_000_000, - PipeSecurityDescriptor: "D:AI(A;;GA;;;WD)", - GUIPort: "5002", - - StatsWriter: new(WriterConfig), - TraceWriter: new(WriterConfig), - ConnectionResetInterval: 0, // disabled - MaxSenderRetries: 4, - - StatsdHost: "localhost", - StatsdPort: 8125, - StatsdEnabled: true, - - LambdaFunctionName: os.Getenv("AWS_LAMBDA_FUNCTION_NAME"), - - MaxMemory: 5e8, // 500 Mb, should rarely go above 50 Mb - MaxCPU: 0.5, // 50%, well behaving agents keep below 5% - WatchdogInterval: 10 * time.Second, - - Ignore: make(map[string][]string), - AnalyzedRateByServiceLegacy: make(map[string]float64), - AnalyzedSpansByService: make(map[string]map[string]float64), - Obfuscation: &ObfuscationConfig{}, - MaxResourceLen: 5000, - - GlobalTags: computeGlobalTags(), - - Proxy: http.ProxyFromEnvironment, - OTLPReceiver: &OTLP{}, - ContainerTags: noopContainerTagsFunc, - TelemetryConfig: &TelemetryConfig{ - Endpoints: []*Endpoint{{Host: TelemetryEndpointPrefix + "datadoghq.com"}}, - }, - EVPProxy: EVPProxy{ - Enabled: true, - MaxPayloadSize: 5 * 1024 * 1024, - }, - - Features: make(map[string]struct{}), - } -} - -func computeGlobalTags() map[string]string { - if inAzureAppServices() { - return traceutil.GetAppServicesTags() - } - return make(map[string]string) -} - -// ErrContainerTagsFuncNotDefined is returned when the containerTags function is not defined. -var ErrContainerTagsFuncNotDefined = errors.New("containerTags function not defined") - -func noopContainerTagsFunc(_ string) ([]string, error) { - return nil, ErrContainerTagsFuncNotDefined -} - -// APIKey returns the first (main) endpoint's API key. -func (c *AgentConfig) APIKey() string { - if len(c.Endpoints) == 0 { - return "" - } - return c.Endpoints[0].APIKey -} - -// NewHTTPClient returns a new http.Client to be used for outgoing connections to the -// Datadog API. -func (c *AgentConfig) NewHTTPClient() *ResetClient { - // If a custom HTTPClientFunc been set, use it. Otherwise use default client values - if c.HTTPClientFunc != nil { - return NewResetClient(c.ConnectionResetInterval, c.HTTPClientFunc) - } - return NewResetClient(c.ConnectionResetInterval, func() *http.Client { - return &http.Client{ - Timeout: 10 * time.Second, - Transport: c.NewHTTPTransport(), - } - }) -} - -// NewHTTPTransport returns a new http.Transport to be used for outgoing connections to -// the Datadog API. -func (c *AgentConfig) NewHTTPTransport() *http.Transport { - transport := &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: c.SkipSSLValidation}, - // below field values are from http.DefaultTransport (go1.12) - Proxy: c.Proxy, - DialContext: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - DualStack: true, - }).DialContext, - MaxIdleConns: 100, - IdleConnTimeout: 30 * time.Second, - TLSHandshakeTimeout: 10 * time.Second, - ExpectContinueTimeout: 1 * time.Second, - } - return transport -} - -// HasFeature returns true if the agent has the given feature flag. -func (c *AgentConfig) HasFeature(feat string) bool { - _, ok := c.Features[feat] - return ok -} - -// AllFeatures returns a slice of all the feature flags the agent has. -func (c *AgentConfig) AllFeatures() []string { - feats := []string{} - for feat := range c.Features { - feats = append(feats, feat) - } - return feats -} - -// ConfiguredPeerTags returns the set of peer tags that should be used -// for aggregation based on the various config values and the base set of tags. -func (c *AgentConfig) ConfiguredPeerTags() []string { - if !c.PeerTagsAggregation { - return nil - } - return preparePeerTags(append(basePeerTags, c.PeerTags...)) -} - -func inAzureAppServices() bool { - _, existsLinux := os.LookupEnv("WEBSITE_STACK") - _, existsWin := os.LookupEnv("WEBSITE_APPSERVICEAPPLOGS_TRACE_ENABLED") - return existsLinux || existsWin -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/peer_tags.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/peer_tags.go deleted file mode 100644 index 6b2a58c9..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/peer_tags.go +++ /dev/null @@ -1,55 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package config - -import ( - _ "embed" //nolint:revive - "sort" - "strings" - - "github.com/DataDog/datadog-agent/pkg/util/log" - "gopkg.in/ini.v1" -) - -//go:embed peer_tags.ini -var peerTagFile []byte - -// basePeerTags is the base set of peer tag precursors (tags from which peer tags -// are derived) we aggregate on when peer tag aggregation is enabled. -var basePeerTags = func() []string { - var precursors []string = []string{"_dd.base_service"} - - cfg, err := ini.Load(peerTagFile) - if err != nil { - log.Error("Error loading file for peer tags: ", err) - return precursors - } - peerTags := cfg.Section("dd.apm.peer.tags").Keys() - - for _, t := range peerTags { - ps := strings.Split(t.Value(), ",") - precursors = append(precursors, ps...) - } - sort.Strings(precursors) - - return precursors -}() - -func preparePeerTags(tags []string) []string { - if len(tags) == 0 { - return nil - } - var deduped []string - seen := make(map[string]struct{}) - for _, t := range tags { - if _, ok := seen[t]; !ok { - seen[t] = struct{}{} - deduped = append(deduped, t) - } - } - sort.Strings(deduped) - return deduped -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/peer_tags.ini b/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/peer_tags.ini deleted file mode 100644 index 34badd12..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/config/peer_tags.ini +++ /dev/null @@ -1,18 +0,0 @@ -# Generated - DO NOT EDIT -# Source: https://github.com/DataDog/semantic-core/ -[dd.apm.peer.tags] -peer.aws.dynamodb.table = "tablename" -peer.aws.kinesis.stream = "streamname" -peer.aws.s3.bucket = "bucketname,aws.s3.bucket" -peer.aws.sqs.queue = "queuename" -peer.cassandra.contact.points = "db.cassandra.contact.points" -peer.couchbase.seed.nodes = "db.couchbase.seed.nodes" -peer.db.name = "db.name,mongodb.db,db.instance,cassandra.keyspace,db.namespace" -peer.db.system = "db.system" -peer.hostname = "peer.hostname,hostname,net.peer.name,db.hostname,network.destination.name,grpc.host,http.host,server.address,http.server_name,out.host,dns.hostname" -peer.kafka.bootstrap.servers = "messaging.kafka.bootstrap.servers" -peer.messaging.destination = "topicname,messaging.destination,messaging.destination.name,messaging.rabbitmq.exchange,amqp.destination,amqp.queue,amqp.exchange,msmq.queue.path,aws.queue.name" -peer.messaging.system = "messaging.system" -peer.rpc.service = "rpc.service" -peer.rpc.system = "rpc.system" -peer.service = "peer.service" diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/buflogger.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/buflogger.go deleted file mode 100644 index 90672147..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/buflogger.go +++ /dev/null @@ -1,97 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build test - -package log - -import ( - "bytes" - "fmt" - "sync" -) - -var _ Logger = (*buflogger)(nil) - -// NewBufferLogger creates a new Logger which outputs everything to the given buffer. -// It is synchronised for concurrent use; as such, it is not optimal for use outside -// testing environments. -func NewBufferLogger(out *bytes.Buffer) Logger { - return &buflogger{buf: out} -} - -type buflogger struct { - mu sync.Mutex - buf *bytes.Buffer -} - -func (b *buflogger) logWithLevel(lvl string, msg string) { - b.mu.Lock() - defer b.mu.Unlock() - b.buf.WriteString(fmt.Sprintf("[%s] %s", lvl, msg)) -} - -// Trace implements Logger. -func (b *buflogger) Trace(v ...interface{}) { b.logWithLevel("TRACE", fmt.Sprint(v...)) } - -// Tracef implements Logger. -func (b *buflogger) Tracef(format string, params ...interface{}) { - b.logWithLevel("TRACE", fmt.Sprintf(format, params...)) -} - -// Debug implements Logger. -func (b *buflogger) Debug(v ...interface{}) { b.logWithLevel("DEBUG", fmt.Sprint(v...)) } - -// Debugf implements Logger. -func (b *buflogger) Debugf(format string, params ...interface{}) { - b.logWithLevel("DEBUG", fmt.Sprintf(format, params...)) -} - -// Info implements Logger. -func (b *buflogger) Info(v ...interface{}) { b.logWithLevel("INFO", fmt.Sprint(v...)) } - -// Infof implements Logger. -func (b *buflogger) Infof(format string, params ...interface{}) { - b.logWithLevel("INFO", fmt.Sprintf(format, params...)) -} - -// Warn implements Logger. -func (b *buflogger) Warn(v ...interface{}) error { - b.logWithLevel("WARN", fmt.Sprint(v...)) - return nil -} - -// Warnf implements Logger. -func (b *buflogger) Warnf(format string, params ...interface{}) error { - b.logWithLevel("WARN", fmt.Sprintf(format, params...)) - return nil -} - -// Error implements Logger. -func (b *buflogger) Error(v ...interface{}) error { - b.logWithLevel("ERROR", fmt.Sprint(v...)) - return nil -} - -// Errorf implements Logger. -func (b *buflogger) Errorf(format string, params ...interface{}) error { - b.logWithLevel("ERROR", fmt.Sprintf(format, params...)) - return nil -} - -// Critical implements Logger. -func (b *buflogger) Critical(v ...interface{}) error { - b.logWithLevel("CRITICAL", fmt.Sprint(v...)) - return nil -} - -// Criticalf implements Logger. -func (b *buflogger) Criticalf(format string, params ...interface{}) error { - b.logWithLevel("CRITICAL", fmt.Sprintf(format, params...)) - return nil -} - -// Flush implements Logger. -func (b *buflogger) Flush() {} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/logger.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/logger.go deleted file mode 100644 index 552eeaa0..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/logger.go +++ /dev/null @@ -1,196 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package log implements the trace-agent logger. -package log - -import ( - "sync" -) - -var ( - mu sync.RWMutex - logger Logger = NoopLogger -) - -// SetLogger sets l as the default Logger and returns the old logger. -func SetLogger(l Logger) Logger { - mu.Lock() - oldlogger := logger - logger = l - mu.Unlock() - return oldlogger -} - -// IsSet returns whether the logger has been set up. -func IsSet() bool { - mu.Lock() - defer mu.Unlock() - return logger != NoopLogger -} - -// Logger implements the core logger interface. -type Logger interface { - Trace(v ...interface{}) - Tracef(format string, params ...interface{}) - Debug(v ...interface{}) - Debugf(format string, params ...interface{}) - Info(v ...interface{}) - Infof(format string, params ...interface{}) - Warn(v ...interface{}) error - Warnf(format string, params ...interface{}) error - Error(v ...interface{}) error - Errorf(format string, params ...interface{}) error - Critical(v ...interface{}) error - Criticalf(format string, params ...interface{}) error - Flush() -} - -// Trace formats message using the default formats for its operands -// and writes to log with level = Trace -func Trace(v ...interface{}) { - mu.RLock() - logger.Trace(v...) - mu.RUnlock() -} - -// Tracef formats message according to format specifier -// and writes to log with level = Trace. -func Tracef(format string, params ...interface{}) { - mu.RLock() - logger.Tracef(format, params...) - mu.RUnlock() -} - -// Debug formats message using the default formats for its operands -// and writes to log with level = Debug -func Debug(v ...interface{}) { - mu.RLock() - logger.Debug(v...) - mu.RUnlock() -} - -// Debugf formats message according to format specifier -// and writes to log with level = Debug. -func Debugf(format string, params ...interface{}) { - mu.RLock() - logger.Debugf(format, params...) - mu.RUnlock() -} - -// Info formats message using the default formats for its operands -// and writes to log with level = Info -func Info(v ...interface{}) { - mu.RLock() - logger.Info(v...) - mu.RUnlock() -} - -// Infof formats message according to format specifier -// and writes to log with level = Info. -func Infof(format string, params ...interface{}) { - mu.RLock() - logger.Infof(format, params...) - mu.RUnlock() -} - -// Warn formats message using the default formats for its operands -// and writes to log with level = Warn -func Warn(v ...interface{}) { - mu.RLock() - logger.Warn(v...) //nolint:errcheck - mu.RUnlock() -} - -// Warnf formats message according to format specifier -// and writes to log with level = Warn. -func Warnf(format string, params ...interface{}) { - mu.RLock() - logger.Warnf(format, params...) //nolint:errcheck - mu.RUnlock() -} - -// Error formats message using the default formats for its operands -// and writes to log with level = Error -func Error(v ...interface{}) { - mu.RLock() - logger.Error(v...) //nolint:errcheck - mu.RUnlock() -} - -// Errorf formats message according to format specifier -// and writes to log with level = Error. -func Errorf(format string, params ...interface{}) { - mu.RLock() - logger.Errorf(format, params...) //nolint:errcheck - mu.RUnlock() -} - -// Critical formats message using the default formats for its operands -// and writes to log with level = Critical -func Critical(v ...interface{}) { - mu.RLock() - logger.Critical(v...) //nolint:errcheck - mu.RUnlock() -} - -// Criticalf formats message according to format specifier -// and writes to log with level = Critical. -func Criticalf(format string, params ...interface{}) { - mu.RLock() - logger.Criticalf(format, params...) //nolint:errcheck - mu.RUnlock() -} - -// Flush flushes all the messages in the logger. -func Flush() { - mu.RLock() - logger.Flush() - mu.RUnlock() -} - -// NoopLogger is a logger which has no effect upon calling. -var NoopLogger = noopLogger{} - -type noopLogger struct{} - -// Trace implements Logger. -func (noopLogger) Trace(_ ...interface{}) {} - -// Tracef implements Logger. -func (noopLogger) Tracef(_ string, _ ...interface{}) {} - -// Debug implements Logger. -func (noopLogger) Debug(_ ...interface{}) {} - -// Debugf implements Logger. -func (noopLogger) Debugf(_ string, _ ...interface{}) {} - -// Info implements Logger. -func (noopLogger) Info(_ ...interface{}) {} - -// Infof implements Logger. -func (noopLogger) Infof(_ string, _ ...interface{}) {} - -// Warn implements Logger. -func (noopLogger) Warn(_ ...interface{}) error { return nil } - -// Warnf implements Logger. -func (noopLogger) Warnf(_ string, _ ...interface{}) error { return nil } - -// Error implements Logger. -func (noopLogger) Error(_ ...interface{}) error { return nil } - -// Errorf implements Logger. -func (noopLogger) Errorf(_ string, _ ...interface{}) error { return nil } - -// Critical implements Logger. -func (noopLogger) Critical(_ ...interface{}) error { return nil } - -// Criticalf implements Logger. -func (noopLogger) Criticalf(_ string, _ ...interface{}) error { return nil } - -// Flush implements Logger. -func (noopLogger) Flush() {} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/throttled.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/throttled.go deleted file mode 100644 index 3b81cee4..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/log/throttled.go +++ /dev/null @@ -1,63 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package log - -import ( - "time" - - "go.uber.org/atomic" -) - -// NewThrottled returns a new throttled logger. The returned logger will allow up to n calls in -// a time period of length d. -func NewThrottled(n int, d time.Duration) *ThrottledLogger { - return &ThrottledLogger{ - n: uint64(n), - c: atomic.NewUint64(0), - d: d, - } -} - -// ThrottledLogger limits the number of log calls during a time window. To create a new logger -// use NewThrottled. -type ThrottledLogger struct { - n uint64 // number of log calls allowed during interval d - c *atomic.Uint64 // number of log calls performed during an interval d - d time.Duration -} - -type loggerFunc func(format string, params ...interface{}) - -func (tl *ThrottledLogger) log(logFunc loggerFunc, format string, params ...interface{}) { - c := tl.c.Inc() - 1 - if c == 0 { - // first call, trigger the reset - time.AfterFunc(tl.d, func() { tl.c.Store(0) }) - } - if c >= tl.n { - if c == tl.n { - logFunc("Too many similar messages, pausing up to %s...", tl.d) - } - return - } - logFunc(format, params...) -} - -// Error logs the message at the error level. -func (tl *ThrottledLogger) Error(format string, params ...interface{}) { - tl.log(Errorf, format, params...) -} - -// Warn logs the message at the warning level. -func (tl *ThrottledLogger) Warn(format string, params ...interface{}) { - tl.log(Warnf, format, params...) -} - -// Write implements io.Writer. -func (tl *ThrottledLogger) Write(p []byte) (n int, err error) { - tl.Error(string(p)) - return len(p), nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/aggregation.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/aggregation.go deleted file mode 100644 index fcaf5017..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/aggregation.go +++ /dev/null @@ -1,130 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package stats contains the logic to process APM stats. -package stats - -import ( - "hash/fnv" - "sort" - "strconv" - "strings" - - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - "github.com/DataDog/datadog-agent/pkg/trace/log" -) - -const ( - tagStatusCode = "http.status_code" - tagSynthetics = "synthetics" - tagSpanKind = "span.kind" - tagBaseService = "_dd.base_service" -) - -// Aggregation contains all the dimension on which we aggregate statistics. -type Aggregation struct { - BucketsAggregationKey - PayloadAggregationKey -} - -// BucketsAggregationKey specifies the key by which a bucket is aggregated. -type BucketsAggregationKey struct { - Service string - Name string - Resource string - Type string - SpanKind string - StatusCode uint32 - Synthetics bool - PeerTagsHash uint64 - IsTraceRoot pb.Trilean -} - -// PayloadAggregationKey specifies the key by which a payload is aggregated. -type PayloadAggregationKey struct { - Env string - Hostname string - Version string - ContainerID string - GitCommitSha string - ImageTag string -} - -func getStatusCode(meta map[string]string, metrics map[string]float64) uint32 { - code, ok := metrics[tagStatusCode] - if ok { - // only 7.39.0+, for lesser versions, always use Meta - return uint32(code) - } - strC := meta[tagStatusCode] - if strC == "" { - return 0 - } - c, err := strconv.ParseUint(strC, 10, 32) - if err != nil { - log.Debugf("Invalid status code %s. Using 0.", strC) - return 0 - } - return uint32(c) -} - -// NewAggregationFromSpan creates a new aggregation from the provided span and env -func NewAggregationFromSpan(s *StatSpan, origin string, aggKey PayloadAggregationKey) Aggregation { - synthetics := strings.HasPrefix(origin, tagSynthetics) - var isTraceRoot pb.Trilean - if s.parentID == 0 { - isTraceRoot = pb.Trilean_TRUE - } else { - isTraceRoot = pb.Trilean_FALSE - } - agg := Aggregation{ - PayloadAggregationKey: aggKey, - BucketsAggregationKey: BucketsAggregationKey{ - Resource: s.resource, - Service: s.service, - Name: s.name, - SpanKind: s.spanKind, - Type: s.typ, - StatusCode: s.statusCode, - Synthetics: synthetics, - IsTraceRoot: isTraceRoot, - PeerTagsHash: peerTagsHash(s.matchingPeerTags), - }, - } - return agg -} - -func peerTagsHash(tags []string) uint64 { - if len(tags) == 0 { - return 0 - } - if !sort.StringsAreSorted(tags) { - sort.Strings(tags) - } - h := fnv.New64a() - for i, t := range tags { - if i > 0 { - h.Write([]byte{0}) - } - h.Write([]byte(t)) - } - return h.Sum64() -} - -// NewAggregationFromGroup gets the Aggregation key of grouped stats. -func NewAggregationFromGroup(g *pb.ClientGroupedStats) Aggregation { - return Aggregation{ - BucketsAggregationKey: BucketsAggregationKey{ - Resource: g.Resource, - Service: g.Service, - Name: g.Name, - SpanKind: g.SpanKind, - StatusCode: g.HTTPStatusCode, - Synthetics: g.Synthetics, - PeerTagsHash: peerTagsHash(g.PeerTags), - IsTraceRoot: g.IsTraceRoot, - }, - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/client_stats_aggregator.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/client_stats_aggregator.go deleted file mode 100644 index 0c3e8fef..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/client_stats_aggregator.go +++ /dev/null @@ -1,438 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package stats - -import ( - "time" - - "github.com/DataDog/datadog-agent/pkg/trace/version" - "github.com/DataDog/sketches-go/ddsketch" - "github.com/DataDog/sketches-go/ddsketch/mapping" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" - "github.com/DataDog/sketches-go/ddsketch/store" - - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - "github.com/DataDog/datadog-agent/pkg/trace/config" - "github.com/DataDog/datadog-agent/pkg/trace/log" - "github.com/DataDog/datadog-agent/pkg/trace/watchdog" - - "github.com/DataDog/datadog-go/v5/statsd" - - "google.golang.org/protobuf/proto" -) - -const ( - bucketDuration = 2 * time.Second - clientBucketDuration = 10 * time.Second - oldestBucketStart = 20 * time.Second -) - -var ( - ddsketchMapping, _ = mapping.NewLogarithmicMapping(relativeAccuracy) -) - -// ClientStatsAggregator aggregates client stats payloads on buckets of bucketDuration -// If a single payload is received on a bucket, this Aggregator is a passthrough. -// If two or more payloads collide, their counts will be aggregated into one bucket. -// Multiple payloads will be sent: -// - Original payloads with their distributions will be sent with counts zeroed. -// - A single payload with the bucket aggregated counts will be sent. -// This and the aggregator timestamp alignment ensure that all counts will have at most one point per second per agent for a specific granularity. -// While distributions are not tied to the agent. -type ClientStatsAggregator struct { - In chan *pb.ClientStatsPayload - writer Writer - buckets map[int64]*bucket // buckets used to aggregate client stats - conf *config.AgentConfig - - flushTicker *time.Ticker - oldestTs time.Time - agentEnv string - agentHostname string - agentVersion string - - exit chan struct{} - done chan struct{} - - statsd statsd.ClientInterface -} - -// NewClientStatsAggregator initializes a new aggregator ready to be started -func NewClientStatsAggregator(conf *config.AgentConfig, writer Writer, statsd statsd.ClientInterface) *ClientStatsAggregator { - c := &ClientStatsAggregator{ - flushTicker: time.NewTicker(time.Second), - In: make(chan *pb.ClientStatsPayload, 10), - buckets: make(map[int64]*bucket, 20), - conf: conf, - writer: writer, - agentEnv: conf.DefaultEnv, - agentHostname: conf.Hostname, - agentVersion: conf.AgentVersion, - oldestTs: alignAggTs(time.Now().Add(bucketDuration - oldestBucketStart)), - exit: make(chan struct{}), - done: make(chan struct{}), - statsd: statsd, - } - return c -} - -// Start starts the aggregator. -func (a *ClientStatsAggregator) Start() { - go func() { - defer watchdog.LogOnPanic(a.statsd) - for { - select { - case t := <-a.flushTicker.C: - a.flushOnTime(t) - case input := <-a.In: - a.add(time.Now(), input) - case <-a.exit: - a.flushAll() - close(a.done) - return - } - } - }() -} - -// Stop stops the aggregator. Calling Stop twice will panic. -func (a *ClientStatsAggregator) Stop() { - close(a.exit) - a.flushTicker.Stop() - <-a.done -} - -// flushOnTime flushes all buckets up to flushTs, except the last one. -func (a *ClientStatsAggregator) flushOnTime(now time.Time) { - flushTs := alignAggTs(now.Add(bucketDuration - oldestBucketStart)) - for t := a.oldestTs; t.Before(flushTs); t = t.Add(bucketDuration) { - if b, ok := a.buckets[t.Unix()]; ok { - a.flush(b.aggregationToPayloads()) - delete(a.buckets, t.Unix()) - } - } - a.oldestTs = flushTs -} - -func (a *ClientStatsAggregator) flushAll() { - for _, b := range a.buckets { - a.flush(b.aggregationToPayloads()) - } -} - -// getAggregationBucketTime returns unix time at which we aggregate the bucket. -// We timeshift payloads older than a.oldestTs to a.oldestTs. -// Payloads in the future are timeshifted to the latest bucket. -func (a *ClientStatsAggregator) getAggregationBucketTime(now, bs time.Time) time.Time { - if bs.Before(a.oldestTs) { - return a.oldestTs - } - if bs.After(now) { - return alignAggTs(now) - } - return alignAggTs(bs) -} - -// add takes a new ClientStatsPayload and aggregates its stats in the internal buckets. -func (a *ClientStatsAggregator) add(now time.Time, p *pb.ClientStatsPayload) { - // populate container tags data on the payload - a.setVersionDataFromContainerTags(p) - // compute the PayloadAggregationKey, common for all buckets within the payload - payloadAggKey := newPayloadAggregationKey(p.Env, p.Hostname, p.Version, p.ContainerID, p.GitCommitSha, p.ImageTag) - - for _, clientBucket := range p.Stats { - clientBucketStart := time.Unix(0, int64(clientBucket.Start)) - ts := a.getAggregationBucketTime(now, clientBucketStart) - b, ok := a.buckets[ts.Unix()] - if !ok { - b = &bucket{ - ts: ts, - agg: make(map[PayloadAggregationKey]map[BucketsAggregationKey]*aggregatedStats), - } - a.buckets[ts.Unix()] = b - } - b.aggregateStatsBucket(clientBucket, payloadAggKey) - } -} - -func (a *ClientStatsAggregator) flush(p []*pb.ClientStatsPayload) { - if len(p) == 0 { - return - } - - a.writer.Write(&pb.StatsPayload{ - Stats: p, - AgentEnv: a.agentEnv, - AgentHostname: a.agentHostname, - AgentVersion: a.agentVersion, - ClientComputed: true, - }) -} - -func (a *ClientStatsAggregator) setVersionDataFromContainerTags(p *pb.ClientStatsPayload) { - // No need to go any further if we already have the information in the payload. - if p.ImageTag != "" && p.GitCommitSha != "" { - return - } - if p.ContainerID != "" { - gitCommitSha, imageTag, err := version.GetVersionDataFromContainerTags(p.ContainerID, a.conf) - if err != nil { - log.Error("Client stats aggregator is unable to resolve container ID (%s) to container tags: %v", p.ContainerID, err) - } else { - // Only override if the payload's original values were empty strings. - if p.ImageTag == "" { - p.ImageTag = imageTag - } - if p.GitCommitSha == "" { - p.GitCommitSha = gitCommitSha - } - } - } -} - -// alignAggTs aligns time to the aggregator timestamps. -// Timestamps from the aggregator are never aligned with concentrator timestamps. -// This ensures that all counts sent by a same agent host are never on the same second. -// aggregator timestamps: 2ks+1s (1s, 3s, 5s, 7s, 9s, 11s) -// concentrator timestamps: 10ks (0s, 10s, 20s ..) -func alignAggTs(t time.Time) time.Time { - return t.Truncate(bucketDuration).Add(time.Second) -} - -type bucket struct { - // ts is the timestamp attached to the payload - ts time.Time - // agg contains the aggregated Hits/Errors/Duration counts - agg map[PayloadAggregationKey]map[BucketsAggregationKey]*aggregatedStats -} - -// aggregateStatsBucket takes a ClientStatsBucket and a PayloadAggregationKey, and aggregates all counts -// and distributions from the ClientGroupedStats inside the bucket. -func (b *bucket) aggregateStatsBucket(sb *pb.ClientStatsBucket, payloadAggKey PayloadAggregationKey) { - payloadAgg, ok := b.agg[payloadAggKey] - if !ok { - payloadAgg = make(map[BucketsAggregationKey]*aggregatedStats, len(sb.Stats)) - b.agg[payloadAggKey] = payloadAgg - } - for _, gs := range sb.Stats { - if gs == nil { - continue - } - aggKey := newBucketAggregationKey(gs) - agg, ok := payloadAgg[aggKey] - if !ok { - agg = &aggregatedStats{ - hits: gs.Hits, - topLevelHits: gs.TopLevelHits, - errors: gs.Errors, - duration: gs.Duration, - peerTags: gs.PeerTags, - okDistributionRaw: gs.OkSummary, // store encoded version only - errDistributionRaw: gs.ErrorSummary, // store encoded version only - } - payloadAgg[aggKey] = agg - continue - } - - // aggregate counts - agg.hits += gs.Hits - agg.topLevelHits += gs.TopLevelHits - agg.errors += gs.Errors - agg.duration += gs.Duration - - // Decode, if needed, the raw ddsketches from the first payload that reached the bucket - if agg.okDistributionRaw != nil { - sketch, err := decodeSketch(agg.okDistributionRaw) - if err != nil { - log.Error("Unable to decode OK distribution ddsketch: %v", err) - } else { - agg.okDistribution = normalizeSketch(sketch) - } - agg.okDistributionRaw = nil - } - if agg.errDistributionRaw != nil { - sketch, err := decodeSketch(agg.errDistributionRaw) - if err != nil { - log.Error("Unable to decode Error distribution ddsketch: %v", err) - } else { - agg.errDistribution = normalizeSketch(sketch) - } - agg.errDistributionRaw = nil - } - - // aggregate distributions - if sketch, err := mergeSketch(agg.okDistribution, gs.OkSummary); err == nil { - agg.okDistribution = sketch - } else { - log.Error("Unable to merge OK distribution ddsketch: %v", err) - } - - if sketch, err := mergeSketch(agg.errDistribution, gs.ErrorSummary); err == nil { - agg.errDistribution = sketch - } else { - log.Error("Unable to merge Error distribution ddsketch: %v", err) - } - } -} - -// aggregationToPayloads converts the contents of the bucket into ClientStatsPayloads -func (b *bucket) aggregationToPayloads() []*pb.ClientStatsPayload { - res := make([]*pb.ClientStatsPayload, 0, len(b.agg)) - for payloadKey, aggrStats := range b.agg { - groupedStats := make([]*pb.ClientGroupedStats, 0, len(aggrStats)) - for aggrKey, stats := range aggrStats { - gs, err := exporGroupedStats(aggrKey, stats) - if err != nil { - log.Errorf("Dropping stats bucket due to encoding error: %v.", err) - continue - } - groupedStats = append(groupedStats, gs) - } - clientBuckets := []*pb.ClientStatsBucket{ - { - Start: uint64(b.ts.UnixNano()), - Duration: uint64(clientBucketDuration.Nanoseconds()), - Stats: groupedStats, - }} - res = append(res, &pb.ClientStatsPayload{ - Hostname: payloadKey.Hostname, - Env: payloadKey.Env, - Version: payloadKey.Version, - ImageTag: payloadKey.ImageTag, - GitCommitSha: payloadKey.GitCommitSha, - Stats: clientBuckets, - }) - } - return res -} - -func exporGroupedStats(aggrKey BucketsAggregationKey, stats *aggregatedStats) (*pb.ClientGroupedStats, error) { - // if the raw sketches are still present (only one payload received), we use them directly. - // Otherwise the aggregated DDSketches are serialized. - okSummary := stats.okDistributionRaw - errSummary := stats.errDistributionRaw - - var err error - if stats.okDistribution != nil { - msg := stats.okDistribution.ToProto() - okSummary, err = proto.Marshal(msg) - if err != nil { - return &pb.ClientGroupedStats{}, err - } - } - if stats.errDistribution != nil { - msg := stats.errDistribution.ToProto() - errSummary, err = proto.Marshal(msg) - if err != nil { - return &pb.ClientGroupedStats{}, err - } - } - return &pb.ClientGroupedStats{ - Service: aggrKey.Service, - Name: aggrKey.Name, - SpanKind: aggrKey.SpanKind, - Resource: aggrKey.Resource, - HTTPStatusCode: aggrKey.StatusCode, - Type: aggrKey.Type, - Synthetics: aggrKey.Synthetics, - IsTraceRoot: aggrKey.IsTraceRoot, - PeerTags: stats.peerTags, - TopLevelHits: stats.topLevelHits, - Hits: stats.hits, - Errors: stats.errors, - Duration: stats.duration, - OkSummary: okSummary, - ErrorSummary: errSummary, - }, nil -} - -func newPayloadAggregationKey(env, hostname, version, cid string, gitCommitSha string, imageTag string) PayloadAggregationKey { - return PayloadAggregationKey{ - Env: env, - Hostname: hostname, - Version: version, - ContainerID: cid, - GitCommitSha: gitCommitSha, - ImageTag: imageTag, - } -} - -func newBucketAggregationKey(b *pb.ClientGroupedStats) BucketsAggregationKey { - k := BucketsAggregationKey{ - Service: b.Service, - Name: b.Name, - SpanKind: b.SpanKind, - Resource: b.Resource, - Type: b.Type, - Synthetics: b.Synthetics, - StatusCode: b.HTTPStatusCode, - IsTraceRoot: b.IsTraceRoot, - } - if tags := b.GetPeerTags(); len(tags) > 0 { - k.PeerTagsHash = peerTagsHash(tags) - } - return k -} - -// aggregatedStats holds aggregated counts and distributions -type aggregatedStats struct { - // aggregated counts - hits, topLevelHits, errors, duration uint64 - peerTags []string - - // aggregated DDSketches - okDistribution, errDistribution *ddsketch.DDSketch - - // raw (encoded) DDSketches. Only present if a single payload is received on the active bucket, - // allowing the bucket to not decode the sketch. If a second payload matches the bucket, - // sketches will be decoded and stored in the okDistribution and errDistribution fields. - okDistributionRaw, errDistributionRaw []byte -} - -// mergeSketch take an existing DDSketch, and merges a second one, decoding its contents -func mergeSketch(s1 *ddsketch.DDSketch, raw []byte) (*ddsketch.DDSketch, error) { - if raw == nil { - return s1, nil - } - - s2, err := decodeSketch(raw) - if err != nil { - return s1, err - } - s2 = normalizeSketch(s2) - - if s1 == nil { - return s2, nil - } - - if err = s1.MergeWith(s2); err != nil { - return nil, err - } - return s1, nil -} - -func normalizeSketch(s *ddsketch.DDSketch) *ddsketch.DDSketch { - if s.IndexMapping.Equals(ddsketchMapping) { - // already normalized - return s - } - - return s.ChangeMapping(ddsketchMapping, store.NewCollapsingLowestDenseStore(maxNumBins), store.NewCollapsingLowestDenseStore(maxNumBins), 1) -} - -func decodeSketch(data []byte) (*ddsketch.DDSketch, error) { - if len(data) == 0 { - return nil, nil - } - - var sketch sketchpb.DDSketch - err := proto.Unmarshal(data, &sketch) - if err != nil { - return nil, err - } - - return ddsketch.FromProto(&sketch) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/concentrator.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/concentrator.go deleted file mode 100644 index 1cb5a7b3..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/concentrator.go +++ /dev/null @@ -1,182 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package stats - -import ( - "sync" - "time" - - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - "github.com/DataDog/datadog-agent/pkg/trace/config" - "github.com/DataDog/datadog-agent/pkg/trace/log" - "github.com/DataDog/datadog-agent/pkg/trace/traceutil" - "github.com/DataDog/datadog-agent/pkg/trace/watchdog" - - "github.com/DataDog/datadog-go/v5/statsd" -) - -// defaultBufferLen represents the default buffer length; the number of bucket size -// units used by the concentrator. -const defaultBufferLen = 2 - -// Writer is an interface for something that can Write Stats Payloads -type Writer interface { - // Write this payload - Write(*pb.StatsPayload) -} - -// Concentrator produces time bucketed statistics from a stream of raw traces. -// https://en.wikipedia.org/wiki/Knelson_concentrator -// Gets an imperial shitton of traces, and outputs pre-computed data structures -// allowing to find the gold (stats) amongst the traces. -type Concentrator struct { - Writer Writer - - spanConcentrator *SpanConcentrator - // bucket duration in nanoseconds - bsize int64 - exit chan struct{} - exitWG sync.WaitGroup - agentEnv string - agentHostname string - agentVersion string - statsd statsd.ClientInterface - peerTagKeys []string -} - -// NewConcentrator initializes a new concentrator ready to be started -func NewConcentrator(conf *config.AgentConfig, writer Writer, now time.Time, statsd statsd.ClientInterface) *Concentrator { - bsize := conf.BucketInterval.Nanoseconds() - sc := NewSpanConcentrator(&SpanConcentratorConfig{ - ComputeStatsBySpanKind: conf.ComputeStatsBySpanKind, - BucketInterval: bsize, - }, now) - c := Concentrator{ - spanConcentrator: sc, - Writer: writer, - exit: make(chan struct{}), - agentEnv: conf.DefaultEnv, - agentHostname: conf.Hostname, - agentVersion: conf.AgentVersion, - statsd: statsd, - bsize: bsize, - peerTagKeys: conf.ConfiguredPeerTags(), - } - return &c -} - -// Start starts the concentrator. -func (c *Concentrator) Start() { - c.exitWG.Add(1) - go func() { - defer watchdog.LogOnPanic(c.statsd) - defer c.exitWG.Done() - c.Run() - }() -} - -// Run runs the main loop of the concentrator goroutine. Traces are received -// through `Add`, this loop only deals with flushing. -func (c *Concentrator) Run() { - // flush with the same period as stats buckets - flushTicker := time.NewTicker(time.Duration(c.bsize) * time.Nanosecond) - defer flushTicker.Stop() - - log.Debug("Starting concentrator") - - for { - select { - case <-flushTicker.C: - c.Writer.Write(c.Flush(false)) - case <-c.exit: - log.Info("Exiting concentrator, computing remaining stats") - c.Writer.Write(c.Flush(true)) - return - } - } -} - -// Stop stops the main Run loop. -func (c *Concentrator) Stop() { - close(c.exit) - c.exitWG.Wait() -} - -// Input specifies a set of traces originating from a certain payload. -type Input struct { - Traces []traceutil.ProcessedTrace - ContainerID string - ContainerTags []string -} - -// NewStatsInput allocates a stats input for an incoming trace payload -func NewStatsInput(numChunks int, containerID string, clientComputedStats bool, conf *config.AgentConfig) Input { - if clientComputedStats { - return Input{} - } - in := Input{Traces: make([]traceutil.ProcessedTrace, 0, numChunks)} - _, enabledCIDStats := conf.Features["enable_cid_stats"] - _, disabledCIDStats := conf.Features["disable_cid_stats"] - enableContainers := enabledCIDStats || (conf.FargateOrchestrator != config.OrchestratorUnknown) - if enableContainers && !disabledCIDStats { - // only allow the ContainerID stats dimension if we're in a Fargate instance or it's - // been explicitly enabled and it's not prohibited by the disable_cid_stats feature flag. - in.ContainerID = containerID - } - return in -} - -// Add applies the given input to the concentrator. -func (c *Concentrator) Add(t Input) { - for _, trace := range t.Traces { - c.addNow(&trace, t.ContainerID, t.ContainerTags) - } -} - -// addNow adds the given input into the concentrator. -// Callers must guard! -func (c *Concentrator) addNow(pt *traceutil.ProcessedTrace, containerID string, containerTags []string) { - hostname := pt.TracerHostname - if hostname == "" { - hostname = c.agentHostname - } - env := pt.TracerEnv - if env == "" { - env = c.agentEnv - } - weight := weight(pt.Root) - aggKey := PayloadAggregationKey{ - Env: env, - Hostname: hostname, - Version: pt.AppVersion, - ContainerID: containerID, - GitCommitSha: pt.GitCommitSha, - ImageTag: pt.ImageTag, - } - for _, s := range pt.TraceChunk.Spans { - statSpan, ok := c.spanConcentrator.NewStatSpanFromPB(s, c.peerTagKeys) - if ok { - c.spanConcentrator.addSpan(statSpan, aggKey, containerID, containerTags, pt.TraceChunk.Origin, weight) - } - } -} - -// Flush deletes and returns complete statistic buckets. -// The force boolean guarantees flushing all buckets if set to true. -func (c *Concentrator) Flush(force bool) *pb.StatsPayload { - return c.flushNow(time.Now().UnixNano(), force) -} - -func (c *Concentrator) flushNow(now int64, force bool) *pb.StatsPayload { - sb := c.spanConcentrator.Flush(now, force) - return &pb.StatsPayload{Stats: sb, AgentHostname: c.agentHostname, AgentEnv: c.agentEnv, AgentVersion: c.agentVersion} -} - -// alignTs returns the provided timestamp truncated to the bucket size. -// It gives us the start time of the time bucket in which such timestamp falls. -func alignTs(ts int64, bsize int64) int64 { - return ts - ts%bsize -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/otel_util.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/otel_util.go deleted file mode 100644 index 1c72b6fa..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/otel_util.go +++ /dev/null @@ -1,149 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package stats - -import ( - "slices" - - "go.opentelemetry.io/collector/pdata/pcommon" - "go.opentelemetry.io/collector/pdata/ptrace" - semconv "go.opentelemetry.io/collector/semconv/v1.17.0" - - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - "github.com/DataDog/datadog-agent/pkg/trace/config" - "github.com/DataDog/datadog-agent/pkg/trace/traceutil" -) - -// chunkKey is used to group TraceChunks -type chunkKey struct { - traceIDUInt64 uint64 - env string - version string - hostname string - cid string -} - -// OTLPTracesToConcentratorInputs converts eligible OTLP spans to Concentrator.Input. -// The converted Inputs only have the minimal number of fields for APM stats calculation and are only meant -// to be used in Concentrator.Add(). Do not use them for other purposes. -func OTLPTracesToConcentratorInputs( - traces ptrace.Traces, - conf *config.AgentConfig, - containerTagKeys []string, - peerTagKeys []string, -) []Input { - spanByID, resByID, scopeByID := traceutil.IndexOTelSpans(traces) - topLevelByKind := conf.HasFeature("enable_otlp_compute_top_level_by_span_kind") - topLevelSpans := traceutil.GetTopLevelOTelSpans(spanByID, resByID, topLevelByKind) - ignoreResNames := make(map[string]struct{}) - for _, resName := range conf.Ignore["resource"] { - ignoreResNames[resName] = struct{}{} - } - chunks := make(map[chunkKey]*pb.TraceChunk) - containerTagsByID := make(map[string][]string) - for spanID, otelspan := range spanByID { - otelres := resByID[spanID] - if _, exists := ignoreResNames[traceutil.GetOTelResource(otelspan, otelres)]; exists { - continue - } - // TODO(songy23): use AttributeDeploymentEnvironmentName once collector version upgrade is unblocked - env := traceutil.GetOTelAttrValInResAndSpanAttrs(otelspan, otelres, true, "deployment.environment.name", semconv.AttributeDeploymentEnvironment) - hostname := traceutil.GetOTelHostname(otelspan, otelres, conf.OTLPReceiver.AttributesTranslator, conf.Hostname) - version := traceutil.GetOTelAttrValInResAndSpanAttrs(otelspan, otelres, true, semconv.AttributeServiceVersion) - cid := traceutil.GetOTelAttrValInResAndSpanAttrs(otelspan, otelres, true, semconv.AttributeContainerID, semconv.AttributeK8SPodUID) - var ctags []string - if cid != "" { - ctags = traceutil.GetOTelContainerTags(otelres.Attributes(), containerTagKeys) - if ctags != nil { - // Make sure container tags are sorted per APM stats intake requirement - if !slices.IsSorted(ctags) { - slices.Sort(ctags) - } - containerTagsByID[cid] = ctags - } - } - ckey := chunkKey{ - traceIDUInt64: traceutil.OTelTraceIDToUint64(otelspan.TraceID()), - env: env, - version: version, - hostname: hostname, - cid: cid, - } - chunk, ok := chunks[ckey] - if !ok { - chunk = &pb.TraceChunk{} - chunks[ckey] = chunk - } - _, isTop := topLevelSpans[spanID] - chunk.Spans = append(chunk.Spans, otelSpanToDDSpan(otelspan, otelres, scopeByID[spanID], isTop, topLevelByKind, conf, peerTagKeys)) - } - - inputs := make([]Input, 0, len(chunks)) - for ckey, chunk := range chunks { - pt := traceutil.ProcessedTrace{ - TraceChunk: chunk, - Root: traceutil.GetRoot(chunk.Spans), - TracerEnv: ckey.env, - AppVersion: ckey.version, - TracerHostname: ckey.hostname, - } - inputs = append(inputs, Input{ - Traces: []traceutil.ProcessedTrace{pt}, - ContainerID: ckey.cid, - ContainerTags: containerTagsByID[ckey.cid], - }) - } - return inputs -} - -// otelSpanToDDSpan converts an OTel span to a DD span. -// The converted DD span only has the minimal number of fields for APM stats calculation and is only meant -// to be used in OTLPTracesToConcentratorInputs. Do not use them for other purposes. -// TODO(OTEL-1726): use the same function here and in pkg/trace/api/otlp.go -func otelSpanToDDSpan( - otelspan ptrace.Span, - otelres pcommon.Resource, - lib pcommon.InstrumentationScope, - isTopLevel, topLevelByKind bool, - conf *config.AgentConfig, - peerTagKeys []string, -) *pb.Span { - ddspan := &pb.Span{ - Service: traceutil.GetOTelService(otelspan, otelres, true), - Name: traceutil.GetOTelOperationName(otelspan, otelres, lib, conf.OTLPReceiver.SpanNameAsResourceName, conf.OTLPReceiver.SpanNameRemappings, true), - Resource: traceutil.GetOTelResource(otelspan, otelres), - TraceID: traceutil.OTelTraceIDToUint64(otelspan.TraceID()), - SpanID: traceutil.OTelSpanIDToUint64(otelspan.SpanID()), - ParentID: traceutil.OTelSpanIDToUint64(otelspan.ParentSpanID()), - Start: int64(otelspan.StartTimestamp()), - Duration: int64(otelspan.EndTimestamp()) - int64(otelspan.StartTimestamp()), - Type: traceutil.GetOTelSpanType(otelspan, otelres), - } - spanKind := otelspan.Kind() - traceutil.SetMeta(ddspan, "span.kind", traceutil.OTelSpanKindName(spanKind)) - code := traceutil.GetOTelStatusCode(otelspan) - if code != 0 { - traceutil.SetMetric(ddspan, tagStatusCode, float64(code)) - } - if otelspan.Status().Code() == ptrace.StatusCodeError { - ddspan.Error = 1 - } - if isTopLevel { - traceutil.SetTopLevel(ddspan, true) - } - if isMeasured := traceutil.GetOTelAttrVal(otelspan.Attributes(), false, "_dd.measured"); isMeasured == "1" { - traceutil.SetMeasured(ddspan, true) - } else if topLevelByKind && (spanKind == ptrace.SpanKindClient || spanKind == ptrace.SpanKindProducer) { - // When enable_otlp_compute_top_level_by_span_kind is true, compute stats for client-side spans - traceutil.SetMeasured(ddspan, true) - } - for _, peerTagKey := range peerTagKeys { - if peerTagVal := traceutil.GetOTelAttrValInResAndSpanAttrs(otelspan, otelres, false, peerTagKey); peerTagVal != "" { - traceutil.SetMeta(ddspan, peerTagKey, peerTagVal) - } - } - return ddspan -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/span_concentrator.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/span_concentrator.go deleted file mode 100644 index e48f937f..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/span_concentrator.go +++ /dev/null @@ -1,253 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package stats - -import ( - "slices" - "strings" - "sync" - "time" - - "github.com/DataDog/datadog-agent/pkg/obfuscate" - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - "github.com/DataDog/datadog-agent/pkg/trace/log" - "github.com/DataDog/datadog-agent/pkg/trace/traceutil" -) - -// SpanConcentratorConfig exposes configuration options for a SpanConcentrator -type SpanConcentratorConfig struct { - // ComputeStatsBySpanKind enables/disables the computing of stats based on a span's `span.kind` field - ComputeStatsBySpanKind bool - // BucketInterval the size of our pre-aggregation per bucket - BucketInterval int64 -} - -// StatSpan holds all the required fields from a span needed to calculate stats -type StatSpan struct { - service string - resource string - name string - typ string - error int32 - parentID uint64 - start int64 - duration int64 - - //Fields below this are derived on creation - - spanKind string - statusCode uint32 - isTopLevel bool - matchingPeerTags []string -} - -func matchingPeerTags(meta map[string]string, peerTagKeys []string) []string { - if len(peerTagKeys) == 0 { - return nil - } - var pt []string - for _, t := range peerTagKeysToAggregateForSpan(meta[tagSpanKind], meta[tagBaseService], peerTagKeys) { - if v, ok := meta[t]; ok && v != "" { - v = obfuscate.QuantizePeerIPAddresses(v) - pt = append(pt, t+":"+v) - } - } - return pt -} - -// peerTagKeysToAggregateForSpan returns the set of peerTagKeys to use for stats aggregation for the given -// span.kind and _dd.base_service -func peerTagKeysToAggregateForSpan(spanKind string, baseService string, peerTagKeys []string) []string { - if len(peerTagKeys) == 0 { - return nil - } - spanKind = strings.ToLower(spanKind) - if (spanKind == "" || spanKind == "internal") && baseService != "" { - // it's a service override on an internal span so it comes from custom instrumentation and does not represent - // a client|producer|consumer span which is talking to a peer entity - // in this case only the base service tag is relevant for stats aggregation - return []string{tagBaseService} - } - if spanKind == "client" || spanKind == "producer" || spanKind == "consumer" { - return peerTagKeys - } - return nil -} - -// SpanConcentrator produces time bucketed statistics from a stream of raw spans. -type SpanConcentrator struct { - computeStatsBySpanKind bool - // bucket duration in nanoseconds - bsize int64 - // Timestamp of the oldest time bucket for which we allow data. - // Any ingested stats older than it get added to this bucket. - oldestTs int64 - // bufferLen is the number of 10s stats bucket we keep in memory before flushing them. - // It means that we can compute stats only for the last `bufferLen * bsize` and that we - // wait such time before flushing the stats. - // This only applies to past buckets. Stats buckets in the future are allowed with no restriction. - bufferLen int - - // mu protects the buckets field - mu sync.Mutex - buckets map[int64]*RawBucket -} - -// NewSpanConcentrator builds a new SpanConcentrator object -func NewSpanConcentrator(cfg *SpanConcentratorConfig, now time.Time) *SpanConcentrator { - sc := &SpanConcentrator{ - computeStatsBySpanKind: cfg.ComputeStatsBySpanKind, - bsize: cfg.BucketInterval, - oldestTs: alignTs(now.UnixNano(), cfg.BucketInterval), - bufferLen: defaultBufferLen, - mu: sync.Mutex{}, - buckets: make(map[int64]*RawBucket), - } - return sc -} - -// NewStatSpanFromPB is a helper version of NewStatSpan that builds a StatSpan from a pb.Span. -func (sc *SpanConcentrator) NewStatSpanFromPB(s *pb.Span, peerTags []string) (statSpan *StatSpan, ok bool) { - return sc.NewStatSpan(s.Service, s.Resource, s.Name, s.Type, s.ParentID, s.Start, s.Duration, s.Error, s.Meta, s.Metrics, peerTags) -} - -// NewStatSpan builds a StatSpan from the required fields for stats calculation -// peerTags is the configured list of peer tags to look for -// returns (nil,false) if the provided fields indicate a span should not have stats calculated -func (sc *SpanConcentrator) NewStatSpan( - service, resource, name string, - typ string, - parentID uint64, - start, duration int64, - error int32, - meta map[string]string, - metrics map[string]float64, - peerTags []string, -) (statSpan *StatSpan, ok bool) { - if meta == nil { - meta = make(map[string]string) - } - if metrics == nil { - metrics = make(map[string]float64) - } - eligibleSpanKind := sc.computeStatsBySpanKind && computeStatsForSpanKind(meta["span.kind"]) - isTopLevel := traceutil.HasTopLevelMetrics(metrics) - if !(isTopLevel || traceutil.IsMeasuredMetrics(metrics) || eligibleSpanKind) { - return nil, false - } - if traceutil.IsPartialSnapshotMetrics(metrics) { - return nil, false - } - return &StatSpan{ - service: service, - resource: resource, - name: name, - typ: typ, - error: error, - parentID: parentID, - start: start, - duration: duration, - spanKind: meta[tagSpanKind], - statusCode: getStatusCode(meta, metrics), - isTopLevel: isTopLevel, - matchingPeerTags: matchingPeerTags(meta, peerTags), - }, true -} - -// computeStatsForSpanKind returns true if the span.kind value makes the span eligible for stats computation. -func computeStatsForSpanKind(kind string) bool { - k := strings.ToLower(kind) - return slices.Contains(KindsComputed, k) -} - -// KindsComputed is the list of span kinds that will have stats computed on them -// when computeStatsByKind is enabled in the concentrator. -var KindsComputed = []string{ - "server", - "consumer", - "client", - "producer", -} - -func (sc *SpanConcentrator) addSpan(s *StatSpan, aggKey PayloadAggregationKey, containerID string, containerTags []string, origin string, weight float64) { - sc.mu.Lock() - defer sc.mu.Unlock() - end := s.start + s.duration - btime := end - end%sc.bsize - - // If too far in the past, count in the oldest-allowed time bucket instead. - if btime < sc.oldestTs { - btime = sc.oldestTs - } - - b, ok := sc.buckets[btime] - if !ok { - b = NewRawBucket(uint64(btime), uint64(sc.bsize)) - if containerID != "" && len(containerTags) > 0 { - b.containerTagsByID[containerID] = containerTags - } - sc.buckets[btime] = b - } - b.HandleSpan(s, weight, origin, aggKey) -} - -// AddSpan to the SpanConcentrator, appending the new data to the appropriate internal bucket. -func (sc *SpanConcentrator) AddSpan(s *StatSpan, aggKey PayloadAggregationKey, containerID string, containerTags []string, origin string) { - sc.addSpan(s, aggKey, containerID, containerTags, origin, 1) -} - -// Flush deletes and returns complete ClientStatsPayloads. -// The force boolean guarantees flushing all buckets if set to true. -func (sc *SpanConcentrator) Flush(now int64, force bool) []*pb.ClientStatsPayload { - m := make(map[PayloadAggregationKey][]*pb.ClientStatsBucket) - containerTagsByID := make(map[string][]string) - - sc.mu.Lock() - for ts, srb := range sc.buckets { - // Always keep `bufferLen` buckets (default is 2: current + previous one). - // This is a trade-off: we accept slightly late traces (clock skew and stuff) - // but we delay flushing by at most `bufferLen` buckets. - // - // This delay might result in not flushing stats payload (data loss) - // if the agent stops while the latest buckets aren't old enough to be flushed. - // The "force" boolean skips the delay and flushes all buckets, typically on agent shutdown. - if !force && ts > now-int64(sc.bufferLen)*sc.bsize { - log.Tracef("Bucket %d is not old enough to be flushed, keeping it", ts) - continue - } - log.Debugf("Flushing bucket %d", ts) - for k, b := range srb.Export() { - m[k] = append(m[k], b) - if ctags, ok := srb.containerTagsByID[k.ContainerID]; ok { - containerTagsByID[k.ContainerID] = ctags - } - } - delete(sc.buckets, ts) - } - // After flushing, update the oldest timestamp allowed to prevent having stats for - // an already-flushed bucket. - newOldestTs := alignTs(now, sc.bsize) - int64(sc.bufferLen-1)*sc.bsize - if newOldestTs > sc.oldestTs { - log.Debugf("Update oldestTs to %d", newOldestTs) - sc.oldestTs = newOldestTs - } - sc.mu.Unlock() - sb := make([]*pb.ClientStatsPayload, 0, len(m)) - for k, s := range m { - p := &pb.ClientStatsPayload{ - Env: k.Env, - Hostname: k.Hostname, - ContainerID: k.ContainerID, - Version: k.Version, - GitCommitSha: k.GitCommitSha, - ImageTag: k.ImageTag, - Stats: s, - Tags: containerTagsByID[k.ContainerID], - } - sb = append(sb, p) - } - return sb -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/statsraw.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/statsraw.go deleted file mode 100644 index a1b97826..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/statsraw.go +++ /dev/null @@ -1,206 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package stats - -import ( - "math" - "math/rand" - - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - "github.com/DataDog/datadog-agent/pkg/trace/log" - - "github.com/golang/protobuf/proto" - - "github.com/DataDog/sketches-go/ddsketch" -) - -const ( - // relativeAccuracy is the value accuracy we have on the percentiles. For example, we can - // say that p99 is 100ms +- 1ms - relativeAccuracy = 0.01 - // maxNumBins is the maximum number of bins of the ddSketch we use to store percentiles. - // It can affect relative accuracy, but in practice, 2048 bins is enough to have 1% relative accuracy from - // 80 micro second to 1 year: http://www.vldb.org/pvldb/vol12/p2195-masson.pdf - maxNumBins = 2048 -) - -// Most "algorithm" stuff here is tested with stats_test.go as what is important -// is that the final data, the one with send after a call to Export(), is correct. - -type groupedStats struct { - // using float64 here to avoid the accumulation of rounding issues. - hits float64 - topLevelHits float64 - errors float64 - duration float64 - okDistribution *ddsketch.DDSketch - errDistribution *ddsketch.DDSketch - peerTags []string -} - -// round a float to an int, uniformly choosing -// between the lower and upper approximations. -func round(f float64) uint64 { - i := uint64(f) - if rand.Float64() < f-float64(i) { - i++ - } - return i -} - -func (s *groupedStats) export(a Aggregation) (*pb.ClientGroupedStats, error) { - msg := s.okDistribution.ToProto() - okSummary, err := proto.Marshal(msg) - if err != nil { - return &pb.ClientGroupedStats{}, err - } - msg = s.errDistribution.ToProto() - errSummary, err := proto.Marshal(msg) - if err != nil { - return &pb.ClientGroupedStats{}, err - } - return &pb.ClientGroupedStats{ - Service: a.Service, - Name: a.Name, - Resource: a.Resource, - HTTPStatusCode: a.StatusCode, - Type: a.Type, - Hits: round(s.hits), - Errors: round(s.errors), - Duration: round(s.duration), - TopLevelHits: round(s.topLevelHits), - OkSummary: okSummary, - ErrorSummary: errSummary, - Synthetics: a.Synthetics, - SpanKind: a.SpanKind, - PeerTags: s.peerTags, - IsTraceRoot: a.IsTraceRoot, - }, nil -} - -func newGroupedStats() *groupedStats { - okSketch, err := ddsketch.LogCollapsingLowestDenseDDSketch(relativeAccuracy, maxNumBins) - if err != nil { - log.Errorf("Error when creating ddsketch: %v", err) - } - errSketch, err := ddsketch.LogCollapsingLowestDenseDDSketch(relativeAccuracy, maxNumBins) - if err != nil { - log.Errorf("Error when creating ddsketch: %v", err) - } - return &groupedStats{ - okDistribution: okSketch, - errDistribution: errSketch, - } -} - -// RawBucket is used to compute span data and aggregate it -// within a time-framed bucket. This should not be used outside -// the agent, use ClientStatsBucket for this. -type RawBucket struct { - // This should really have no public fields. At all. - - start uint64 // timestamp of start in our format - duration uint64 // duration of a bucket in nanoseconds - - // this should really remain private as it's subject to refactoring - data map[Aggregation]*groupedStats - - containerTagsByID map[string][]string // a map from container ID to container tags -} - -// NewRawBucket opens a new calculation bucket for time ts and initializes it properly -func NewRawBucket(ts, d uint64) *RawBucket { - // The only non-initialized value is the Duration which should be set by whoever closes that bucket - return &RawBucket{ - start: ts, - duration: d, - data: make(map[Aggregation]*groupedStats), - containerTagsByID: make(map[string][]string), - } -} - -// Export transforms a RawBucket into a ClientStatsBucket, typically used -// before communicating data to the API, as RawBucket is the internal -// type while ClientStatsBucket is the public, shared one. -func (sb *RawBucket) Export() map[PayloadAggregationKey]*pb.ClientStatsBucket { - m := make(map[PayloadAggregationKey]*pb.ClientStatsBucket) - for k, v := range sb.data { - b, err := v.export(k) - if err != nil { - log.Errorf("Dropping stats bucket due to encoding error: %v.", err) - continue - } - key := PayloadAggregationKey{ - Hostname: k.Hostname, - Version: k.Version, - Env: k.Env, - ContainerID: k.ContainerID, - GitCommitSha: k.GitCommitSha, - ImageTag: k.ImageTag, - } - s, ok := m[key] - if !ok { - s = &pb.ClientStatsBucket{ - Start: sb.start, - Duration: sb.duration, - } - } - s.Stats = append(s.Stats, b) - m[key] = s - } - return m -} - -// HandleSpan adds the span to this bucket stats, aggregated with the finest grain matching given aggregators -func (sb *RawBucket) HandleSpan(s *StatSpan, weight float64, origin string, aggKey PayloadAggregationKey) { - if aggKey.Env == "" { - panic("env should never be empty") - } - aggr := NewAggregationFromSpan(s, origin, aggKey) - sb.add(s, weight, aggr) -} - -func (sb *RawBucket) add(s *StatSpan, weight float64, aggr Aggregation) { - var gs *groupedStats - var ok bool - - if gs, ok = sb.data[aggr]; !ok { - gs = newGroupedStats() - gs.peerTags = s.matchingPeerTags - sb.data[aggr] = gs - } - if s.isTopLevel { - gs.topLevelHits += weight - } - gs.hits += weight - if s.error != 0 { - gs.errors += weight - } - gs.duration += float64(s.duration) * weight - // alter resolution of duration distro - trundur := nsTimestampToFloat(s.duration) - if s.error != 0 { - if err := gs.errDistribution.Add(trundur); err != nil { - log.Debugf("Error adding error distribution stats: %v", err) - } - } else { - if err := gs.okDistribution.Add(trundur); err != nil { - log.Debugf("Error adding distribution stats: %v", err) - } - } -} - -// nsTimestampToFloat converts a nanosec timestamp into a float nanosecond timestamp truncated to a fixed precision -func nsTimestampToFloat(ns int64) float64 { - b := math.Float64bits(float64(ns)) - // IEEE-754 - // the mask include 1 bit sign 11 bits exponent (0xfff) - // then we filter the mantissa to 10bits (0xff8) (9 bits as it has implicit value of 1) - // 10 bits precision (any value will be +/- 1/1024) - // https://en.wikipedia.org/wiki/Double-precision_floating-point_format - b &= 0xfffff80000000000 - return math.Float64frombits(b) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/weight.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/weight.go deleted file mode 100644 index d28ca5e4..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/stats/weight.go +++ /dev/null @@ -1,24 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package stats - -import pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - -// keySamplingRateGlobal is a metric key holding the global sampling rate. -const keySamplingRateGlobal = "_sample_rate" - -// weight returns the weight of the span as defined for sampling, i.e. the -// inverse of the sampling rate. -func weight(s *pb.Span) float64 { - if s == nil { - return 1 - } - sampleRate, ok := s.Metrics[keySamplingRateGlobal] - if !ok || sampleRate <= 0.0 || sampleRate > 1.0 { - return 1 - } - return 1.0 / sampleRate -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/azure.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/azure.go deleted file mode 100644 index 111ecc66..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/azure.go +++ /dev/null @@ -1,166 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package traceutil - -import ( - "fmt" - "os" - "runtime" - "strings" -) - -const ( - aasInstanceID = "aas.environment.instance_id" - aasInstanceName = "aas.environment.instance_name" - aasOperatingSystem = "aas.environment.os" - aasRuntime = "aas.environment.runtime" - aasExtensionVersion = "aas.environment.extension_version" - aasFunctionRuntime = "aas.environment.function_runtime" - aasResourceGroup = "aas.resource.group" - aasResourceID = "aas.resource.id" - aasSiteKind = "aas.site.kind" - aasSiteName = "aas.site.name" - aasSiteType = "aas.site.type" - aasSubscriptionID = "aas.subscription.id" - - dotnetFramework = ".NET" - nodeFramework = "Node.js" - javaFramework = "Java" - pythonFramework = "Python" - phpFramework = "PHP" - goFramework = "Go" - containerFramework = "Container" - unknown = "unknown" - - appService = "app" -) - -// GetAppServicesTags returns the env vars pulled from the Azure App Service instance. -// In some cases we will need to add extra tags for function apps. -func GetAppServicesTags() map[string]string { - siteName := os.Getenv("WEBSITE_SITE_NAME") - ownerName := os.Getenv("WEBSITE_OWNER_NAME") - resourceGroup := os.Getenv("WEBSITE_RESOURCE_GROUP") - instanceID := getEnvOrUnknown("WEBSITE_INSTANCE_ID") - computerName := getEnvOrUnknown("COMPUTERNAME") - extensionVersion := os.Getenv("DD_AAS_EXTENSION_VERSION") - - // Windows and linux environments provide the OS differently - // We should grab it from GO's builtin runtime pkg - websiteOS := runtime.GOOS - - currentRuntime := getRuntime(websiteOS) - subscriptionID := parseAzureSubscriptionID(ownerName) - resourceID := compileAzureResourceID(subscriptionID, resourceGroup, siteName) - - tags := map[string]string{ - aasInstanceID: instanceID, - aasInstanceName: computerName, - aasOperatingSystem: websiteOS, - aasRuntime: currentRuntime, - aasResourceGroup: resourceGroup, - aasResourceID: resourceID, - aasSiteKind: appService, - aasSiteName: siteName, - aasSiteType: appService, - aasSubscriptionID: subscriptionID, - } - - // Remove the Java and .NET logic once non-universal extensions are deprecated - if websiteOS == "windows" { - if extensionVersion != "" { - tags[aasExtensionVersion] = extensionVersion - } else if val := os.Getenv("DD_AAS_JAVA_EXTENSION_VERSION"); val != "" { - tags[aasExtensionVersion] = val - } else if val := os.Getenv("DD_AAS_DOTNET_EXTENSION_VERSION"); val != "" { - tags[aasExtensionVersion] = val - } - } - - // Function Apps require a different runtime and kind - if rt, ok := os.LookupEnv("FUNCTIONS_WORKER_RUNTIME"); ok { - tags[aasRuntime] = rt - tags[aasFunctionRuntime] = os.Getenv("FUNCTIONS_EXTENSION_VERSION") - tags[aasSiteKind] = "functionapp" - } - - return tags -} - -func getEnvOrUnknown(env string) string { - if val, ok := os.LookupEnv(env); ok { - return val - } - return unknown -} - -func getRuntime(websiteOS string) (rt string) { - switch websiteOS { - case "windows": - rt = getWindowsRuntime() - case "linux", "darwin": - rt = getLinuxRuntime() - default: - rt = unknown - } - - return rt -} - -func getWindowsRuntime() (rt string) { - if os.Getenv("WEBSITE_STACK") == "JAVA" { - rt = javaFramework - } else if val := os.Getenv("WEBSITE_NODE_DEFAULT_VERSION"); val != "" { - rt = nodeFramework - } else { - // FIXME: Windows AAS only supports Java, Node, and .NET so we can infer this - // Needs to be inferred because no other env vars give us context on the runtime - rt = dotnetFramework - } - - return rt -} - -func getLinuxRuntime() (rt string) { - rt = unknown - - switch os.Getenv("WEBSITE_STACK") { - case "DOCKER": - rt = containerFramework - case "": - if val := os.Getenv("DOCKER_SERVER_VERSION"); val != "" { - rt = containerFramework - } - case "NODE": - rt = nodeFramework - case "PYTHON": - rt = pythonFramework - case "JAVA", "TOMCAT": - rt = javaFramework - case "DOTNETCORE": - rt = dotnetFramework - case "PHP": - rt = phpFramework - } - - return rt -} - -func parseAzureSubscriptionID(subID string) (id string) { - parsedSubID := strings.SplitN(subID, "+", 2) - if len(parsedSubID) > 1 { - id = parsedSubID[0] - } - return -} - -func compileAzureResourceID(subID, resourceGroup, siteName string) (id string) { - if len(subID) > 0 && len(resourceGroup) > 0 && len(siteName) > 0 { - id = fmt.Sprintf("/subscriptions/%s/resourcegroups/%s/providers/microsoft.web/sites/%s", - subID, resourceGroup, siteName) - } - return -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/doc.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/doc.go deleted file mode 100644 index ac2de89f..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/doc.go +++ /dev/null @@ -1,8 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package traceutil contains functions for extracting and processing traces. It should -// only import payload and nothing else. -package traceutil diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/normalize.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/normalize.go deleted file mode 100644 index 78636cbc..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/normalize.go +++ /dev/null @@ -1,356 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package traceutil - -import ( - "errors" - "strings" - "sync" - "unicode" - "unicode/utf8" -) - -const ( - // DefaultSpanName is the default name we assign a span if it's missing and we have no reasonable fallback - DefaultSpanName = "unnamed_operation" - // DefaultServiceName is the default name we assign a service if it's missing and we have no reasonable fallback - DefaultServiceName = "unnamed-service" -) - -const ( - // MaxNameLen the maximum length a name can have - MaxNameLen = 100 - // MaxServiceLen the maximum length a service can have - MaxServiceLen = 100 - // MaxResourceLen the maximum length a resource can have - MaxResourceLen = 5000 -) - -var ( - // ErrEmpty specifies that the passed input was empty. - ErrEmpty = errors.New("empty") - // ErrTooLong signifies that the input was too long. - ErrTooLong = errors.New("too long") - // ErrInvalid signifies that the input was invalid. - ErrInvalid = errors.New("invalid") -) - -// NormalizeName normalizes a span name and returns an error describing the reason -// (if any) why the name was modified. -func NormalizeName(name string) (string, error) { - if name == "" { - return DefaultSpanName, ErrEmpty - } - var err error - if len(name) > MaxNameLen { - name = TruncateUTF8(name, MaxNameLen) - err = ErrTooLong - } - name, ok := normMetricNameParse(name) - if !ok { - return DefaultSpanName, ErrInvalid - } - return name, err -} - -// NormalizeService normalizes a span service and returns an error describing the reason -// (if any) why the name was modified. -func NormalizeService(svc string, lang string) (string, error) { - if svc == "" { - return fallbackService(lang), ErrEmpty - } - var err error - if len(svc) > MaxServiceLen { - svc = TruncateUTF8(svc, MaxServiceLen) - err = ErrTooLong - } - // We are normalizing just the tag value. - s := NormalizeTagValue(svc) - if s == "" { - return fallbackService(lang), ErrInvalid - } - return s, err -} - -// NormalizePeerService normalizes a span's peer.service and returns an error describing the reason -// (if any) why the name was modified. -func NormalizePeerService(svc string) (string, error) { - if svc == "" { - return "", nil - } - var err error - if len(svc) > MaxServiceLen { - svc = TruncateUTF8(svc, MaxServiceLen) - err = ErrTooLong - } - // We are normalizing just the tag value. - s := NormalizeTagValue(svc) - if s == "" { - return "", ErrInvalid - } - return s, err -} - -// fallbackServiceNames is a cache of default service names to use -// when the span's service is unset or invalid. -var fallbackServiceNames sync.Map - -// fallbackService returns the fallback service name for a service -// belonging to language lang. -func fallbackService(lang string) string { - if lang == "" { - return DefaultServiceName - } - if v, ok := fallbackServiceNames.Load(lang); ok { - return v.(string) - } - var str strings.Builder - str.WriteString("unnamed-") - str.WriteString(lang) - str.WriteString("-service") - fallbackServiceNames.Store(lang, str.String()) - return str.String() -} - -const maxTagLength = 200 - -// NormalizeTag applies some normalization to ensure the full tag_key:tag_value string matches the backend requirements. -func NormalizeTag(v string) string { - return normalize(v, true) -} - -// NormalizeTagValue applies some normalization to ensure the tag value matches the backend requirements. -// It should be used for cases where we have just the tag_value as the input (instead of tag_key:tag_value). -func NormalizeTagValue(v string) string { - return normalize(v, false) -} - -func normalize(v string, allowDigitStartChar bool) string { - // Fast path: Check if the tag is valid and only contains ASCII characters, - // if yes return it as-is right away. For most use-cases this reduces CPU usage. - if isNormalizedASCIITag(v, allowDigitStartChar) { - return v - } - // the algorithm works by creating a set of cuts marking start and end offsets in v - // that have to be replaced with underscore (_) - if len(v) == 0 { - return "" - } - var ( - trim int // start character (if trimming) - cuts [][2]int // sections to discard: (start, end) pairs - chars int // number of characters processed - ) - var ( - i int // current byte - r rune // current rune - jump int // tracks how many bytes the for range advances on its next iteration - ) - tag := []byte(v) - for i, r = range v { - jump = utf8.RuneLen(r) // next i will be i+jump - if r == utf8.RuneError { - // On invalid UTF-8, the for range advances only 1 byte (see: https://golang.org/ref/spec#For_range (point 2)). - // However, utf8.RuneError is equivalent to unicode.ReplacementChar so we should rely on utf8.DecodeRune to tell - // us whether this is an actual error or just a unicode.ReplacementChar that was present in the string. - _, width := utf8.DecodeRune(tag[i:]) - jump = width - } - // fast path; all letters (and colons) are ok - switch { - case r >= 'a' && r <= 'z' || r == ':': - chars++ - goto end - case r >= 'A' && r <= 'Z': - // lower-case - tag[i] += 'a' - 'A' - chars++ - goto end - } - if unicode.IsUpper(r) { - // lowercase this character - if low := unicode.ToLower(r); utf8.RuneLen(r) == utf8.RuneLen(low) { - // but only if the width of the lowercased character is the same; - // there are some rare edge-cases where this is not the case, such - // as \u017F (ſ) - utf8.EncodeRune(tag[i:], low) - r = low - } - } - switch { - case unicode.IsLetter(r): - chars++ - // If it's not a unicode letter, and it's the first char, and digits are allowed for the start char, - // we should goto end because the remaining cases are not valid for a start char. - case allowDigitStartChar && chars == 0: - trim = i + jump - goto end - case unicode.IsDigit(r) || r == '.' || r == '/' || r == '-': - chars++ - default: - // illegal character - chars++ - if n := len(cuts); n > 0 && cuts[n-1][1] >= i { - // merge intersecting cuts - cuts[n-1][1] += jump - } else { - // start a new cut - cuts = append(cuts, [2]int{i, i + jump}) - } - } - end: - if i+jump >= 2*maxTagLength { - // bail early if the tag contains a lot of non-letter/digit characters. - // If a tag is test🍣🍣[...]🍣, then it's unlikely to be a properly formatted tag - break - } - if chars >= maxTagLength { - // we've reached the maximum - break - } - } - - tag = tag[trim : i+jump] // trim start and end - if len(cuts) == 0 { - // tag was ok, return it as it is - return string(tag) - } - delta := trim // cut offsets delta - for _, cut := range cuts { - // start and end of cut, including delta from previous cuts: - start, end := cut[0]-delta, cut[1]-delta - - if end >= len(tag) { - // this cut includes the end of the string; discard it - // completely and finish the loop. - tag = tag[:start] - break - } - // replace the beginning of the cut with '_' - tag[start] = '_' - if end-start == 1 { - // nothing to discard - continue - } - // discard remaining characters in the cut - copy(tag[start+1:], tag[end:]) - - // shorten the slice - tag = tag[:len(tag)-(end-start)+1] - - // count the new delta for future cuts - delta += cut[1] - cut[0] - 1 - } - return string(tag) -} - -// This code is borrowed from dd-go metric normalization - -// fast isAlpha for ascii -func isAlpha(b byte) bool { - return (b >= 'a' && b <= 'z') || (b >= 'A' && b <= 'Z') -} - -// fast isAlphaNumeric for ascii -func isAlphaNum(b byte) bool { - return isAlpha(b) || (b >= '0' && b <= '9') -} - -// normMetricNameParse normalizes metric names with a parser instead of using -// garbage-creating string replacement routines. -func normMetricNameParse(name string) (string, bool) { - if name == "" || len(name) > MaxNameLen { - return name, false - } - - var i, ptr int - var resa [MaxNameLen]byte - res := resa[:0] - - // skip non-alphabetic characters - for ; i < len(name) && !isAlpha(name[i]); i++ { - continue - } - - // if there were no alphabetic characters it wasn't valid - if i == len(name) { - return "", false - } - - for ; i < len(name); i++ { - switch { - case isAlphaNum(name[i]): - res = append(res, name[i]) - ptr++ - case name[i] == '.': - // we skipped all non-alpha chars up front so we have seen at least one - switch res[ptr-1] { - // overwrite underscores that happen before periods - case '_': - res[ptr-1] = '.' - default: - res = append(res, '.') - ptr++ - } - default: - // we skipped all non-alpha chars up front so we have seen at least one - switch res[ptr-1] { - // no double underscores, no underscores after periods - case '.', '_': - default: - res = append(res, '_') - ptr++ - } - } - } - - if res[ptr-1] == '_' { - res = res[:ptr-1] - } - - return string(res), true -} - -func isNormalizedASCIITag(tag string, checkValidStartChar bool) bool { - if len(tag) == 0 { - return true - } - if len(tag) > maxTagLength { - return false - } - i := 0 - if checkValidStartChar { - if !isValidASCIIStartChar(tag[0]) { - return false - } - i++ - } - for ; i < len(tag); i++ { - b := tag[i] - // TODO: Attempt to optimize this check using SIMD/vectorization. - if isValidASCIITagChar(b) { - continue - } - if b == '_' { - // an underscore is only okay if followed by a valid non-underscore character - i++ - if i == len(tag) || !isValidASCIITagChar(tag[i]) { - return false - } - } else { - return false - } - } - return true -} - -func isValidASCIIStartChar(c byte) bool { - return ('a' <= c && c <= 'z') || c == ':' -} - -func isValidASCIITagChar(c byte) bool { - return isValidASCIIStartChar(c) || ('0' <= c && c <= '9') || c == '.' || c == '/' || c == '-' -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/otel_util.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/otel_util.go deleted file mode 100644 index 1be778af..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/otel_util.go +++ /dev/null @@ -1,329 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package traceutil - -import ( - "context" - "encoding/binary" - "strings" - - "github.com/DataDog/datadog-agent/pkg/trace/log" - "github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes" - "github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source" - "go.opentelemetry.io/collector/pdata/pcommon" - "go.opentelemetry.io/collector/pdata/ptrace" - semconv117 "go.opentelemetry.io/collector/semconv/v1.17.0" - semconv "go.opentelemetry.io/collector/semconv/v1.6.1" - "go.opentelemetry.io/otel/attribute" -) - -// Util functions for converting OTel semantics to DD semantics. -// TODO(OTEL-1726): reuse the same mapping code for ReceiveResourceSpans and Concentrator - -var ( - // SignalTypeSet is the OTel attribute set for traces. - SignalTypeSet = attribute.NewSet(attribute.String("signal", "traces")) -) - -// IndexOTelSpans iterates over the input OTel spans and returns 3 maps: -// OTel spans indexed by span ID, OTel resources indexed by span ID, OTel instrumentation scopes indexed by span ID. -// Skips spans with invalid trace ID or span ID. If there are multiple spans with the same (non-zero) span ID, the last one wins. -func IndexOTelSpans(traces ptrace.Traces) (map[pcommon.SpanID]ptrace.Span, map[pcommon.SpanID]pcommon.Resource, map[pcommon.SpanID]pcommon.InstrumentationScope) { - spanByID := make(map[pcommon.SpanID]ptrace.Span) - resByID := make(map[pcommon.SpanID]pcommon.Resource) - scopeByID := make(map[pcommon.SpanID]pcommon.InstrumentationScope) - rspanss := traces.ResourceSpans() - for i := 0; i < rspanss.Len(); i++ { - rspans := rspanss.At(i) - res := rspans.Resource() - for j := 0; j < rspans.ScopeSpans().Len(); j++ { - libspans := rspans.ScopeSpans().At(j) - for k := 0; k < libspans.Spans().Len(); k++ { - span := libspans.Spans().At(k) - if span.TraceID().IsEmpty() || span.SpanID().IsEmpty() { - continue - } - spanByID[span.SpanID()] = span - resByID[span.SpanID()] = res - scopeByID[span.SpanID()] = libspans.Scope() - } - } - } - return spanByID, resByID, scopeByID -} - -// GetTopLevelOTelSpans returns the span IDs of the top level OTel spans. -func GetTopLevelOTelSpans(spanByID map[pcommon.SpanID]ptrace.Span, resByID map[pcommon.SpanID]pcommon.Resource, topLevelByKind bool) map[pcommon.SpanID]struct{} { - topLevelSpans := make(map[pcommon.SpanID]struct{}) - for spanID, span := range spanByID { - if span.ParentSpanID().IsEmpty() { - // case 1: root span - topLevelSpans[spanID] = struct{}{} - continue - } - - if topLevelByKind { - // New behavior for computing top level OTel spans, see computeTopLevelAndMeasured in pkg/trace/api/otlp.go - spanKind := span.Kind() - if spanKind == ptrace.SpanKindServer || spanKind == ptrace.SpanKindConsumer { - // span is a server-side span, mark as top level - topLevelSpans[spanID] = struct{}{} - } - continue - } - - // Otherwise, fall back to old behavior in ComputeTopLevel - parentSpan, ok := spanByID[span.ParentSpanID()] - if !ok { - // case 2: parent span not in the same chunk, presumably it belongs to another service - topLevelSpans[spanID] = struct{}{} - continue - } - - svc := GetOTelService(span, resByID[spanID], true) - parentSvc := GetOTelService(parentSpan, resByID[parentSpan.SpanID()], true) - if svc != parentSvc { - // case 3: parent is not in the same service - topLevelSpans[spanID] = struct{}{} - } - } - return topLevelSpans -} - -// GetOTelAttrVal returns the matched value as a string in the input map with the given keys. -// If there are multiple keys present, the first matched one is returned. -// If normalize is true, normalize the return value with NormalizeTagValue. -func GetOTelAttrVal(attrs pcommon.Map, normalize bool, keys ...string) string { - val := "" - for _, key := range keys { - attrval, exists := attrs.Get(key) - if exists { - val = attrval.AsString() - } - } - - if normalize { - val = NormalizeTagValue(val) - } - - return val -} - -// GetOTelAttrValInResAndSpanAttrs returns the matched value as a string in the OTel resource attributes and span attributes with the given keys. -// If there are multiple keys present, the first matched one is returned. -// If the key is present in both resource attributes and span attributes, resource attributes take precedence. -// If normalize is true, normalize the return value with NormalizeTagValue. -func GetOTelAttrValInResAndSpanAttrs(span ptrace.Span, res pcommon.Resource, normalize bool, keys ...string) string { - if val := GetOTelAttrVal(res.Attributes(), normalize, keys...); val != "" { - return val - } - return GetOTelAttrVal(span.Attributes(), normalize, keys...) -} - -// GetOTelSpanType returns the DD span type based on OTel span kind and attributes. -func GetOTelSpanType(span ptrace.Span, res pcommon.Resource) string { - typ := GetOTelAttrValInResAndSpanAttrs(span, res, false, "span.type") - if typ != "" { - return typ - } - switch span.Kind() { - case ptrace.SpanKindServer: - typ = "web" - case ptrace.SpanKindClient: - db := GetOTelAttrValInResAndSpanAttrs(span, res, true, semconv.AttributeDBSystem) - if db == "redis" || db == "memcached" { - typ = "cache" - } else if db != "" { - typ = "db" - } else { - typ = "http" - } - default: - typ = "custom" - } - return typ -} - -// GetOTelService returns the DD service name based on OTel span and resource attributes. -func GetOTelService(span ptrace.Span, res pcommon.Resource, normalize bool) string { - // No need to normalize with NormalizeTagValue since we will do NormalizeService later - svc := GetOTelAttrValInResAndSpanAttrs(span, res, false, semconv.AttributeServiceName) - if svc == "" { - svc = "otlpresourcenoservicename" - } - if normalize { - newsvc, err := NormalizeService(svc, "") - switch err { - case ErrTooLong: - log.Debugf("Fixing malformed trace. Service is too long (reason:service_truncate), truncating span.service to length=%d: %s", MaxServiceLen, svc) - case ErrInvalid: - log.Debugf("Fixing malformed trace. Service is invalid (reason:service_invalid), replacing invalid span.service=%s with fallback span.service=%s", svc, newsvc) - } - svc = newsvc - } - return svc -} - -// GetOTelResource returns the DD resource name based on OTel span and resource attributes. -func GetOTelResource(span ptrace.Span, res pcommon.Resource) (resName string) { - resName = GetOTelAttrValInResAndSpanAttrs(span, res, false, "resource.name") - if resName == "" { - if m := GetOTelAttrValInResAndSpanAttrs(span, res, false, "http.request.method", semconv.AttributeHTTPMethod); m != "" { - // use the HTTP method + route (if available) - resName = m - if route := GetOTelAttrValInResAndSpanAttrs(span, res, false, semconv.AttributeHTTPRoute); route != "" { - resName = resName + " " + route - } - } else if m := GetOTelAttrValInResAndSpanAttrs(span, res, false, semconv.AttributeMessagingOperation); m != "" { - resName = m - // use the messaging operation - if dest := GetOTelAttrValInResAndSpanAttrs(span, res, false, semconv.AttributeMessagingDestination, semconv117.AttributeMessagingDestinationName); dest != "" { - resName = resName + " " + dest - } - } else if m := GetOTelAttrValInResAndSpanAttrs(span, res, false, semconv.AttributeRPCMethod); m != "" { - resName = m - // use the RPC method - if svc := GetOTelAttrValInResAndSpanAttrs(span, res, false, semconv.AttributeRPCService); m != "" { - // ...and service if available - resName = resName + " " + svc - } - } else { - resName = span.Name() - } - } - if len(resName) > MaxResourceLen { - resName = resName[:MaxResourceLen] - } - return -} - -// GetOTelOperationName returns the DD operation name based on OTel span and resource attributes and given configs. -func GetOTelOperationName( - span ptrace.Span, - res pcommon.Resource, - lib pcommon.InstrumentationScope, - spanNameAsResourceName bool, - spanNameRemappings map[string]string, - normalize bool) string { - // No need to normalize with NormalizeTagValue since we will do NormalizeName later - name := GetOTelAttrValInResAndSpanAttrs(span, res, false, "operation.name") - if name == "" { - if spanNameAsResourceName { - name = span.Name() - } else { - name = strings.ToLower(span.Kind().String()) - if lib.Name() != "" { - name = lib.Name() + "." + name - } else { - name = "opentelemetry." + name - } - } - } - if v, ok := spanNameRemappings[name]; ok { - name = v - } - - if normalize { - normalizeName, err := NormalizeName(name) - switch err { - case ErrEmpty: - log.Debugf("Fixing malformed trace. Name is empty (reason:span_name_empty), setting span.name=%s", normalizeName) - case ErrTooLong: - log.Debugf("Fixing malformed trace. Name is too long (reason:span_name_truncate), truncating span.name to length=%d", MaxServiceLen) - case ErrInvalid: - log.Debugf("Fixing malformed trace. Name is invalid (reason:span_name_invalid), setting span.name=%s", normalizeName) - } - name = normalizeName - } - - return name -} - -// GetOTelHostname returns the DD hostname based on OTel span and resource attributes. -func GetOTelHostname(span ptrace.Span, res pcommon.Resource, tr *attributes.Translator, fallbackHost string) string { - ctx := context.Background() - src, srcok := tr.ResourceToSource(ctx, res, SignalTypeSet) - if !srcok { - if v := GetOTelAttrValInResAndSpanAttrs(span, res, false, "_dd.hostname"); v != "" { - src = source.Source{Kind: source.HostnameKind, Identifier: v} - srcok = true - } - } - if srcok { - switch src.Kind { - case source.HostnameKind: - return src.Identifier - default: - // We are not on a hostname (serverless), hence the hostname is empty - return "" - } - } else { - // fallback hostname from Agent conf.Hostname - return fallbackHost - } -} - -// GetOTelStatusCode returns the DD status code of the OTel span. -func GetOTelStatusCode(span ptrace.Span) uint32 { - if code, ok := span.Attributes().Get("http.response.status_code"); ok { - return uint32(code.Int()) - } - if code, ok := span.Attributes().Get(semconv.AttributeHTTPStatusCode); ok { - return uint32(code.Int()) - } - return 0 -} - -// GetOTelContainerTags returns a list of DD container tags in the OTel resource attributes. -// Tags are always normalized. -func GetOTelContainerTags(rattrs pcommon.Map, tagKeys []string) []string { - var containerTags []string - containerTagsMap := attributes.ContainerTagsFromResourceAttributes(rattrs) - for _, key := range tagKeys { - if mappedKey, ok := attributes.ContainerMappings[key]; ok { - // If the key has a mapping in ContainerMappings, use the mapped key - if val, ok := containerTagsMap[mappedKey]; ok { - t := NormalizeTag(mappedKey + ":" + val) - containerTags = append(containerTags, t) - } - } else { - // Otherwise populate as additional container tags - if val := GetOTelAttrVal(rattrs, false, key); val != "" { - t := NormalizeTag(key + ":" + val) - containerTags = append(containerTags, t) - } - } - } - return containerTags -} - -// OTelTraceIDToUint64 converts an OTel trace ID to an uint64 -func OTelTraceIDToUint64(b [16]byte) uint64 { - return binary.BigEndian.Uint64(b[len(b)-8:]) -} - -// OTelSpanIDToUint64 converts an OTel span ID to an uint64 -func OTelSpanIDToUint64(b [8]byte) uint64 { - return binary.BigEndian.Uint64(b[:]) -} - -var spanKindNames = map[ptrace.SpanKind]string{ - ptrace.SpanKindUnspecified: "unspecified", - ptrace.SpanKindInternal: "internal", - ptrace.SpanKindServer: "server", - ptrace.SpanKindClient: "client", - ptrace.SpanKindProducer: "producer", - ptrace.SpanKindConsumer: "consumer", -} - -// OTelSpanKindName converts the given SpanKind to a valid Datadog span kind name. -func OTelSpanKindName(k ptrace.SpanKind) string { - name, ok := spanKindNames[k] - if !ok { - return "unspecified" - } - return name -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/processed_trace.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/processed_trace.go deleted file mode 100644 index 913e4127..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/processed_trace.go +++ /dev/null @@ -1,53 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package traceutil - -import ( - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" -) - -// ProcessedTrace represents a trace being processed in the agent. -type ProcessedTrace struct { - TraceChunk *pb.TraceChunk - Root *pb.Span - TracerEnv string - AppVersion string - TracerHostname string - ClientDroppedP0sWeight float64 - GitCommitSha string - ImageTag string -} - -// Clone creates a copy of ProcessedTrace, cloning p, p.TraceChunk, and p.Root. This means it is -// safe to modify the returned ProcessedTrace's (pt's) fields along with fields in -// pt.TraceChunk and fields in pt.Root. -// -// The most important consequence of this is that the TraceChunk's Spans field can be assigned, -// *BUT* the Spans value itself should not be modified. i.e. This is ok: -// -// pt2 := pt.Clone() -// pt2.TraceChunk.Spans = make([]*pb.Span) -// -// but this is NOT ok: -// -// pt2 := pt.Clone() -// pt2.TraceChunk.Spans[0] = &pb.Span{} // This will be visible in pt. -func (pt *ProcessedTrace) Clone() *ProcessedTrace { - if pt == nil { - return nil - } - ptClone := new(ProcessedTrace) - *ptClone = *pt - if pt.TraceChunk != nil { - c := pt.TraceChunk.ShallowCopy() - ptClone.TraceChunk = c - } - if pt.Root != nil { - r := pt.Root.ShallowCopy() - ptClone.Root = r - } - return ptClone -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/span.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/span.go deleted file mode 100644 index 2b416531..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/span.go +++ /dev/null @@ -1,175 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package traceutil - -import ( - "bytes" - - "github.com/tinylib/msgp/msgp" - - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" -) - -const ( - // topLevelKey is a special metric, it's 1 if the span is top-level, 0 if not, this is kept for backwards - // compatibility but will eventually be replaced with just using the preferred tracerTopLevelKey - topLevelKey = "_top_level" - // measuredKey is a special metric flag that marks a span for trace metrics calculation. - measuredKey = "_dd.measured" - // tracerTopLevelKey is a metric flag set by tracers on top_level spans - tracerTopLevelKey = "_dd.top_level" - // partialVersionKey is a metric carrying the snapshot seq number in the case the span is a partial snapshot - partialVersionKey = "_dd.partial_version" -) - -// HasTopLevel returns true if span is top-level. -func HasTopLevel(s *pb.Span) bool { - return HasTopLevelMetrics(s.Metrics) -} - -// HasTopLevelMetrics returns true if the provided metrics map indicates the span is top-level. -func HasTopLevelMetrics(metrics map[string]float64) bool { - return metrics[topLevelKey] == 1 || metrics[tracerTopLevelKey] == 1 -} - -// UpdateTracerTopLevel sets _top_level tag on spans flagged by the tracer -func UpdateTracerTopLevel(s *pb.Span) { - if s.Metrics[tracerTopLevelKey] == 1 { - SetMetric(s, topLevelKey, 1) - } -} - -// IsMeasured returns true if a span should be measured (i.e., it should get trace metrics calculated). -func IsMeasured(s *pb.Span) bool { - return IsMeasuredMetrics(s.Metrics) -} - -// IsMeasuredMetrics returns true if a span should be measured (i.e., it should get trace metrics calculated). -func IsMeasuredMetrics(metrics map[string]float64) bool { - return metrics[measuredKey] == 1 -} - -// IsPartialSnapshot returns true if the span is a partial snapshot. -// This kind of spans are partial images of long-running spans. -// When incomplete, a partial snapshot has a metric _dd.partial_version which is a positive integer. -// The metric usually increases each time a new version of the same span is sent by the tracer -func IsPartialSnapshot(s *pb.Span) bool { - return IsPartialSnapshotMetrics(s.Metrics) -} - -// IsPartialSnapshotMetrics returns true if the span is a partial snapshot. -// These kinds of spans are partial images of long-running spans. -// When incomplete, a partial snapshot has a metric _dd.partial_version which is a positive integer. -// The metric usually increases each time a new version of the same span is sent by the tracer -func IsPartialSnapshotMetrics(metrics map[string]float64) bool { - v, ok := metrics[partialVersionKey] - return ok && v >= 0 -} - -// SetTopLevel sets the top-level attribute of the span. -func SetTopLevel(s *pb.Span, topLevel bool) { - if !topLevel { - if s.Metrics == nil { - return - } - delete(s.Metrics, topLevelKey) - return - } - // Setting the metrics value, so that code downstream in the pipeline - // can identify this as top-level without recomputing everything. - SetMetric(s, topLevelKey, 1) -} - -// SetMeasured sets the measured attribute of the span. -func SetMeasured(s *pb.Span, measured bool) { - if !measured { - if s.Metrics == nil { - return - } - delete(s.Metrics, measuredKey) - return - } - // Setting the metrics value, so that code downstream in the pipeline - // can identify this as top-level without recomputing everything. - SetMetric(s, measuredKey, 1) -} - -// SetMetric sets the metric at key to the val on the span s. -func SetMetric(s *pb.Span, key string, val float64) { - if s.Metrics == nil { - s.Metrics = make(map[string]float64) - } - s.Metrics[key] = val -} - -// SetMeta sets the metadata at key to the val on the span s. -func SetMeta(s *pb.Span, key, val string) { - if s.Meta == nil { - s.Meta = make(map[string]string) - } - s.Meta[key] = val -} - -// GetMeta gets the metadata value in the span Meta map. -func GetMeta(s *pb.Span, key string) (string, bool) { - if s.Meta == nil { - return "", false - } - val, ok := s.Meta[key] - return val, ok -} - -// GetMetaDefault gets the metadata value in the span Meta map and fallbacks to fallback. -func GetMetaDefault(s *pb.Span, key, fallback string) string { - if s.Meta == nil { - return fallback - } - if val, ok := s.Meta[key]; ok { - return val - } - return fallback -} - -// SetMetaStruct sets the structured metadata at key to the val on the span s. -func SetMetaStruct(s *pb.Span, key string, val interface{}) error { - var b bytes.Buffer - - if s.MetaStruct == nil { - s.MetaStruct = make(map[string][]byte) - } - writer := msgp.NewWriter(&b) - err := writer.WriteIntf(val) - if err != nil { - return err - } - writer.Flush() - s.MetaStruct[key] = b.Bytes() - return nil -} - -// GetMetaStruct gets the structured metadata value in the span MetaStruct map. -func GetMetaStruct(s *pb.Span, key string) (interface{}, bool) { - if s.MetaStruct == nil { - return nil, false - } - if rawVal, ok := s.MetaStruct[key]; ok { - val, _, err := msgp.ReadIntfBytes(rawVal) - if err != nil { - ok = false - } - return val, ok - } - return nil, false -} - -// GetMetric gets the metadata value in the span Metrics map. -func GetMetric(s *pb.Span, key string) (float64, bool) { - if s.Metrics == nil { - return 0, false - } - val, ok := s.Metrics[key] - return val, ok -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/trace.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/trace.go deleted file mode 100644 index ef8a0f29..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/trace.go +++ /dev/null @@ -1,119 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package traceutil - -import ( - pb "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - "github.com/DataDog/datadog-agent/pkg/trace/log" -) - -const ( - envKey = "env" -) - -// GetEnv returns the first "env" tag found in trace t. -// Search starts by root -func GetEnv(root *pb.Span, t *pb.TraceChunk) string { - if v, ok := root.Meta[envKey]; ok { - return v - } - for _, s := range t.Spans { - if s.SpanID == root.SpanID { - continue - } - if v, ok := s.Meta[envKey]; ok { - return v - } - } - return "" -} - -// GetRoot extracts the root span from a trace -func GetRoot(t pb.Trace) *pb.Span { - // That should be caught beforehand - if len(t) == 0 { - return nil - } - // General case: go over all spans and check for one which matching parent - parentIDToChild := map[uint64]*pb.Span{} - - for i := range t { - // Common case optimization: check for span with ParentID == 0, starting from the end, - // since some clients report the root last - j := len(t) - 1 - i - if t[j].ParentID == 0 { - return t[j] - } - parentIDToChild[t[j].ParentID] = t[j] - } - - for i := range t { - delete(parentIDToChild, t[i].SpanID) - } - - // Here, if the trace is valid, we should have len(parentIDToChild) == 1 - if len(parentIDToChild) != 1 { - log.Debugf("Didn't reliably find the root span for traceID:%v", t[0].TraceID) - } - - // Have a safe behavior if that's not the case - // Pick the first span without its parent - for parentID := range parentIDToChild { - return parentIDToChild[parentID] - } - - // Gracefully fail with the last span of the trace - return t[len(t)-1] -} - -// ChildrenMap returns a map containing for each span id the list of its -// direct children. -func ChildrenMap(t pb.Trace) map[uint64][]*pb.Span { - childrenMap := make(map[uint64][]*pb.Span) - - for i := range t { - span := t[i] - if span.ParentID == 0 { - continue - } - childrenMap[span.ParentID] = append(childrenMap[span.ParentID], span) - } - - return childrenMap -} - -// ComputeTopLevel updates all the spans top-level attribute. -// -// A span is considered top-level if: -// - it's a root span -// - OR its parent is unknown (other part of the code, distributed trace) -// - OR its parent belongs to another service (in that case it's a "local root" -// being the highest ancestor of other spans belonging to this service and -// attached to it). -func ComputeTopLevel(trace pb.Trace) { - spanIDToIndex := make(map[uint64]int, len(trace)) - for i, span := range trace { - spanIDToIndex[span.SpanID] = i - } - for _, span := range trace { - if span.ParentID == 0 { - // span is a root span - SetTopLevel(span, true) - continue - } - parentIndex, ok := spanIDToIndex[span.ParentID] - if !ok { - // span has no parent in chunk - SetTopLevel(span, true) - continue - } - if trace[parentIndex].Service != span.Service { - // parent is not in the same service - SetTopLevel(span, true) - continue - } - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/truncate.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/truncate.go deleted file mode 100644 index 88d34d93..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/traceutil/truncate.go +++ /dev/null @@ -1,37 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package traceutil - -import "unicode/utf8" - -// TruncateUTF8 truncates the given string to make sure it uses less than limit bytes. -// If the last character is an utf8 character that would be splitten, it removes it -// entirely to make sure the resulting string is not broken. -func TruncateUTF8(s string, limit int) string { - if len(s) <= limit { - return s - } - s = s[:limit] - // The max length of a valid code point is 4 bytes, therefore if we see all valid - // code points in the last 4 bytes we know we have a fully valid utf-8 string - // If not we can truncate one byte at a time until the end of the string is valid utf-8 - for len(s) >= 1 { - if len(s) >= 4 && utf8.Valid([]byte(s[len(s)-4:])) { - break - } - if len(s) >= 3 && utf8.Valid([]byte(s[len(s)-3:])) { - break - } - if len(s) >= 2 && utf8.Valid([]byte(s[len(s)-2:])) { - break - } - if len(s) >= 1 && utf8.Valid([]byte(s[len(s)-1:])) { - break - } - s = s[:len(s)-1] - } - return s -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/version/version.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/version/version.go deleted file mode 100644 index 4a93fd59..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/version/version.go +++ /dev/null @@ -1,78 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package version comprises functions that are used to retrieve *app* version data from incoming traces. -package version - -import ( - "errors" - "strings" - - "github.com/DataDog/datadog-agent/pkg/proto/pbgo/trace" - "github.com/DataDog/datadog-agent/pkg/trace/config" -) - -const ( - versionField = "version" - gitCommitShaField = "_dd.git.commit.sha" - gitCommitShaTagPrefix = "git.commit.sha:" - imageTagPrefix = "image_tag:" -) - -// GetVersionDataFromContainerTags will return the git commit sha and image tag from container tags, if present. -func GetVersionDataFromContainerTags(containerID string, conf *config.AgentConfig) (gitCommitSha, imageTag string, err error) { - if conf == nil || conf.ContainerTags == nil { - return "", "", nil - } - cTags, err := conf.ContainerTags(containerID) - if err != nil { - if errors.Is(err, config.ErrContainerTagsFuncNotDefined) { - return "", "", nil - } - return "", "", err - } - for _, t := range cTags { - if gitCommitSha == "" { - if sha, ok := strings.CutPrefix(t, gitCommitShaTagPrefix); ok { - gitCommitSha = sha - } - } - if imageTag == "" { - if image, ok := strings.CutPrefix(t, imageTagPrefix); ok { - imageTag = image - } - } - if gitCommitSha != "" && imageTag != "" { - break - } - } - return gitCommitSha, imageTag, nil -} - -// GetGitCommitShaFromTrace returns the first "git_commit_sha" tag found in trace t. -func GetGitCommitShaFromTrace(root *trace.Span, t *trace.TraceChunk) string { - return searchTraceForField(root, t, gitCommitShaField) -} - -// GetAppVersionFromTrace returns the first "version" tag found in trace t. -// Search starts by root -func GetAppVersionFromTrace(root *trace.Span, t *trace.TraceChunk) string { - return searchTraceForField(root, t, versionField) -} - -func searchTraceForField(root *trace.Span, t *trace.TraceChunk, field string) string { - if v, ok := root.Meta[field]; ok { - return v - } - for _, s := range t.Spans { - if s.SpanID == root.SpanID { - continue - } - if v, ok := s.Meta[field]; ok { - return v - } - } - return "" -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu.go deleted file mode 100644 index a1799701..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu.go +++ /dev/null @@ -1,51 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build !windows && !aix - -// Package watchdog monitors the trace-agent resource usage. -package watchdog - -import ( - "os" - "path/filepath" - "strconv" - - "github.com/DataDog/datadog-agent/pkg/trace/log" - "github.com/shirou/gopsutil/v3/process" -) - -func getpid() int { - // Based on gopsutil's HostProc https://github.com/shirou/gopsutil/blob/672e2518f2ce365ab8504c9f1a8038dc3ad09cf6/internal/common/common.go#L343-L345 - // This PID needs to match the one in the procfs that gopsutil is going to look in. - p := os.Getenv("HOST_PROC") - if p == "" { - p = "/proc" - } - self := filepath.Join(p, "self") - pidf, err := os.Readlink(self) - if err != nil { - log.Warnf("Failed to read pid from %s: %s. Falling back to os.Getpid", self, err) - return os.Getpid() - } - pid, err := strconv.Atoi(filepath.Base(pidf)) - if err != nil { - log.Warnf("Failed to parse pid from %s: %s. Falling back to os.Getpid", pidf, err) - return os.Getpid() - } - return pid -} - -func cpuTimeUser(pid int32) (float64, error) { - p, err := process.NewProcess(pid) - if err != nil { - return 0, err - } - times, err := p.Times() - if err != nil { - return 0, err - } - return times.User, nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu_aix.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu_aix.go deleted file mode 100644 index 318f098d..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu_aix.go +++ /dev/null @@ -1,111 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-2020 Datadog, Inc. - -package watchdog - -import ( - "encoding/binary" - "fmt" - "os" - "time" -) - -// From proc(5) on AIX 7.2 -// status -// Contains state information about the process and one of its -// representative thread. The file is formatted as a struct pstatus -// type containing the following members: -// -// uint32_t pr_flag; /* process flags from proc struct p_flag */ -// uint32_t pr_flag2; /* process flags from proc struct p_flag2 */ -// uint32_t pr_flags; /* /proc flags */ -// uint32_t pr_nlwp; /* number of threads in the process */ -// char pr_stat; /* process state from proc p_stat */ -// char pr_dmodel; /* data model for the process */ -// char pr__pad1[6]; /* reserved for future use */ -// pr_sigset_t pr_sigpend; /* set of process pending signals */ -// prptr64_t pr_brkbase; /* address of the process heap */ -// uint64_t pr_brksize; /* size of the process heap, in bytes */ -// prptr64_t pr_stkbase; /* address of the process stack */ -// uint64_t pr_stksize; /* size of the process stack, in bytes */ -// pid64_t pr_pid; /* process id */ -// pid64_t pr_ppid; /* parent process id */ -// pid64_t pr_pgid; /* process group id */ -// pid64_t pr_sid; /* session id */ -// struct pr_timestruc64_t pr_utime; /* process user cpu time */ -// struct pr_timestruc64_t pr_stime; /* process system cpu time */ -// struct pr_timestruc64_t pr_cutime; /* sum of children's user times */ -// struct pr_timestruc64_t pr_cstime; /* sum of children's system times */ -// pr_sigset_t pr_sigtrace; /* mask of traced signals */ -// fltset_t pr_flttrace; /* mask of traced hardware faults */ -// uint32_t pr_sysentry_offset; /* offset into pstatus file of sysset_t -// * identifying system calls traced on -// -// * entry. If 0, then no entry syscalls -// * are being traced. */ -// uint32_t pr_sysexit_offset; /* offset into pstatus file of sysset_t -// * identifying system calls traced on -// * exit. If 0, then no exit syscalls -// * are being traced. */ -// uint64_t pr__pad[8]; /* reserved for future use */ -// lwpstatus_t pr_lwp; /* "representative" thread status */ -// -// From /usr/include/sys/procfs.h -// typedef struct pr_sigset -// { -// uint64_t ss_set[4]; /* signal set */ -// } pr_sigset_t; -// -// typedef struct pr_timestruc64 -// { -// int64_t tv_sec; /* 64 bit time_t value */ -// int32_t tv_nsec; /* 32 bit suseconds_t value */ -// uint32_t __pad; /* reserved for future use */ -// } pr_timestruc64_t; -// -// typedef void * prptr64_t; -// -// The fields before the user cpu time (pr_utime) are: -// uint32_t pr_flag; 4 4 -// uint32_t pr_flag2; 4 8 -// uint32_t pr_flags; 4 12 -// uint32_t pr_nlwp; 4 16 -// char pr_stat; 1 17 -// char pr_dmodel; 1 18 -// char pr__pad1[6]; 6 24 -// pr_sigset_t pr_sigpend; (4 * 8) = 32 56 -// prptr64_t pr_brkbase; 8 64 -// uint64_t pr_brksize; 8 72 -// prptr64_t pr_stkbase; 8 80 -// uint64_t pr_stksize; 8 88 -// pid64_t pr_pid; 8 96 -// pid64_t pr_ppid; 8 104 -// pid64_t pr_pgid; 8 112 -// pid64_t pr_sid; 8 120 -// total: 120 -// followed by: -// struct pr_timestruc64_t pr_utime; /* process user cpu time */ - -func cpuTimeUser(pid int32) (float64, error) { - f, err := os.Open(fmt.Sprintf("/proc/%d/status", pid)) - if err != nil { - return 0, err - } - defer f.Close() - // As explained above, we will skip 120 bytes into the status file to locate the user CPU time. - f.Seek(120, os.SEEK_SET) - var ( - userSecs int64 - userNsecs int32 - ) - binary.Read(f, binary.BigEndian, &userSecs) - binary.Read(f, binary.BigEndian, &userNsecs) - time := float64(userSecs) + (float64(userNsecs) / float64(time.Second)) - return time, nil -} - -func getpid() int { - return os.Getpid() -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu_windows.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu_windows.go deleted file mode 100644 index 6613e30c..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/cpu_windows.go +++ /dev/null @@ -1,56 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package watchdog monitors the trace-agent resource usage. -package watchdog - -import ( - "os" - - "golang.org/x/sys/windows" -) - -func getpid() int { - return os.Getpid() -} - -// this code was copied over from shirou/gopsutil/process because we can't import this package on Windows, -// due to its "wmi" dependency. - -func cpuTimeUser(pid int32) (float64, error) { - t, err := getProcessCPUTimes(pid) - if err != nil { - return 0, err - } - return float64(t.UserTime.HighDateTime)*429.4967296 + float64(t.UserTime.LowDateTime)*1e-7, nil -} - -type systemTimes struct { - CreateTime windows.Filetime - ExitTime windows.Filetime - KernelTime windows.Filetime - UserTime windows.Filetime -} - -func getProcessCPUTimes(pid int32) (systemTimes, error) { - var times systemTimes - - // PROCESS_QUERY_LIMITED_INFORMATION is 0x1000 - h, err := windows.OpenProcess(0x1000, false, uint32(pid)) - if err != nil { - return times, err - } - defer windows.CloseHandle(h) - - err = windows.GetProcessTimes( - windows.Handle(h), - ×.CreateTime, - ×.ExitTime, - ×.KernelTime, - ×.UserTime, - ) - - return times, err -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/info.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/info.go deleted file mode 100644 index 5522df7f..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/info.go +++ /dev/null @@ -1,99 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package watchdog - -import ( - "runtime" - "sync" - "time" -) - -const ( - // cacheDelay should be long enough so that we don't poll the info - // too often and waste resources doing it, and also long enough - // so that it's not jittering (CPU can be volatile). - // OTOH it should be short enough to get up-to-date recent info. - cacheDelay = 20 * time.Second -) - -// CPUInfo contains basic CPU info -type CPUInfo struct { - // UserAvg is the average of the user CPU usage since last time - // it was polled. 0 means "not used at all" and 1 means "1 CPU was - // totally full for that period". So it might be greater than 1 if - // the process is monopolizing several cores. - UserAvg float64 -} - -// MemInfo contains basic memory info -type MemInfo struct { - // Alloc is the number of bytes allocated and not yet freed - // as described in runtime.MemStats.Alloc - Alloc uint64 -} - -// Info contains all the watchdog infos, to be published by expvar -type Info struct { - // CPU contains basic CPU info - CPU CPUInfo - // Mem contains basic Mem info - Mem MemInfo -} - -// CurrentInfo is used to query CPU and Mem info, it keeps data from -// the previous calls to calculate averages. It is not thread safe. -type CurrentInfo struct { - pid int32 - mu sync.Mutex - cacheDelay time.Duration - - lastCPUTime time.Time - lastCPUUser float64 - lastCPU CPUInfo -} - -// NewCurrentInfo creates a new CurrentInfo referring to the current running program. -func NewCurrentInfo() *CurrentInfo { - return &CurrentInfo{ - pid: int32(getpid()), - cacheDelay: cacheDelay, - } -} - -// CPU returns basic CPU info, or the previous valid CPU info and an error. -func (pi *CurrentInfo) CPU(now time.Time) (CPUInfo, error) { - pi.mu.Lock() - defer pi.mu.Unlock() - - dt := now.Sub(pi.lastCPUTime) - if dt <= pi.cacheDelay { - return pi.lastCPU, nil // don't query too often, cache a little bit - } - pi.lastCPUTime = now - - userTime, err := cpuTimeUser(pi.pid) - if err != nil { - return pi.lastCPU, err - } - - dua := userTime - pi.lastCPUUser - pi.lastCPUUser = userTime - if dua <= 0 { - pi.lastCPU.UserAvg = 0 // shouldn't happen, but make sure result is always > 0 - } else { - pi.lastCPU.UserAvg = float64(time.Second) * dua / float64(dt) - pi.lastCPUUser = userTime - } - - return pi.lastCPU, nil -} - -// Mem returns basic memory info. -func (pi *CurrentInfo) Mem() MemInfo { - var ms runtime.MemStats - runtime.ReadMemStats(&ms) - return MemInfo{Alloc: ms.Alloc} -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/logonpanic.go b/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/logonpanic.go deleted file mode 100644 index a69934a5..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/trace/watchdog/logonpanic.go +++ /dev/null @@ -1,49 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package watchdog - -import ( - "fmt" - "runtime" - - "github.com/DataDog/datadog-agent/pkg/trace/log" - - "github.com/DataDog/datadog-go/v5/statsd" -) - -const shortErrMsgLen = 17 // 20 char max with tailing "..." - -// shortMsg shortens the length of error message to avoid having high -// cardinality on "err:" tags -func shortErrMsg(msg string) string { - if len(msg) <= shortErrMsgLen { - return msg - } - return msg[:shortErrMsgLen] + "..." -} - -// LogOnPanic catches panics and logs them on the fly. It also flushes -// the log file, ensuring the message appears. Then it propagates the panic -// so that the program flow remains unchanged. -func LogOnPanic(statsd statsd.ClientInterface) { - if err := recover(); err != nil { - // Full print of the trace in the logs - buf := make([]byte, 4096) - length := runtime.Stack(buf, false) - stacktrace := string(buf[:length]) - errMsg := fmt.Sprintf("%v", err) - logMsg := "Unexpected panic: " + errMsg + "\n" + stacktrace - - _ = statsd.Gauge("datadog.trace_agent.panic", 1, []string{ - "err:" + shortErrMsg(errMsg), - }, 1) - - log.Error(logMsg) - log.Flush() - - panic(err) - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/LICENSE b/vendor/github.com/DataDog/datadog-agent/pkg/util/log/LICENSE deleted file mode 100644 index b370545b..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/LICENSE +++ /dev/null @@ -1,200 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-present Datadog, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/klog_redirect.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/log/klog_redirect.go deleted file mode 100644 index fad01af4..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/klog_redirect.go +++ /dev/null @@ -1,59 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package log - -import "strings" - -// KlogRedirectLogger is used to redirect klog logs to datadog logs. klog is -// client-go's logger, logging to STDERR by default, which makes all severities -// into ERROR, along with the formatting just being off. To make the -// conversion, we set a KlogRedirectLogger as klog's output, and parse the severity -// and log message out of every log line. -// NOTE: on klog v2 this parsing is no longer necessary, as it allows us to use -// kSetLogger() instead of kSetOutputBySeverity(). unfortunately we -// still have some dependencies stuck on v1, so we keep the parsing. -type KlogRedirectLogger struct { - stackDepth int -} - -// NewKlogRedirectLogger creates a new KlogRedirectLogger with provided stack depth -func NewKlogRedirectLogger(stackDepth int) KlogRedirectLogger { - return KlogRedirectLogger{ - stackDepth: stackDepth, - } -} - -func (l KlogRedirectLogger) Write(b []byte) (int, error) { - // klog log lines have the following format: - // Lmmdd hh:mm:ss.uuuuuu threadid file:line] msg... - // so we parse L to decide in which level to log, and we try to find - // the ']' character, to ignore anything up to that point, as we don't - // care about the header outside of the log level. - - msg := string(b) - - i := strings.IndexByte(msg, ']') - if i >= 0 { - // if we find a ']', we ignore anything 2 positions from it - // (itself, plus a blank space) - msg = msg[i+2:] - } - - switch b[0] { - case 'I': - InfoStackDepth(l.stackDepth, msg) - case 'W': - _ = WarnStackDepth(l.stackDepth, msg) - case 'E': - _ = ErrorStackDepth(l.stackDepth, msg) - case 'F': - _ = CriticalStackDepth(l.stackDepth, msg) - default: - InfoStackDepth(l.stackDepth, msg) - } - - return 0, nil -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log.go deleted file mode 100644 index 0e1ecaa2..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log.go +++ /dev/null @@ -1,1046 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package log implements logging for the datadog agent. It wraps seelog, and -// supports logging to multiple destinations, buffering messages logged before -// setup, and scrubbing secrets from log messages. -// -// # Compatibility -// -// This module is exported and can be used outside of the datadog-agent -// repository, but is not designed as a general-purpose logging system. Its -// API may change incompatibly. -package log - -import ( - "bytes" - "errors" - "fmt" - "os" - "strings" - "sync" - - "github.com/cihub/seelog" - "go.uber.org/atomic" - - "github.com/DataDog/datadog-agent/pkg/util/scrubber" -) - -type loggerPointer struct { - atomic.Pointer[DatadogLogger] -} - -var ( - // Logger is the main DatadogLogger - logger loggerPointer - jmxLogger loggerPointer - - // This buffer holds log lines sent to the logger before its - // initialization. Even if initializing the logger is one of the first - // things the agent does, we still: load the conf, resolve secrets inside, - // compute the final proxy settings, ... - // - // This buffer should be very short lived. - logsBuffer = []func(){} - bufferMutex sync.Mutex - defaultStackDepth = 3 - - // for testing purposes - scrubBytesFunc = scrubber.ScrubBytes -) - -// DatadogLogger wrapper structure for seelog -type DatadogLogger struct { - inner seelog.LoggerInterface - level seelog.LogLevel - extra map[string]seelog.LoggerInterface - l sync.RWMutex -} - -/* -* Setup and initialization of the logger - */ - -// SetupLogger setup agent wide logger -func SetupLogger(i seelog.LoggerInterface, level string) { - logger.Store(setupCommonLogger(i, level)) - - // Flush the log entries logged before initialization now that the logger is initialized - bufferMutex.Lock() - defer bufferMutex.Unlock() - for _, logLine := range logsBuffer { - logLine() - } - logsBuffer = []func(){} -} - -func setupCommonLogger(i seelog.LoggerInterface, level string) *DatadogLogger { - l := &DatadogLogger{ - inner: i, - extra: make(map[string]seelog.LoggerInterface), - } - - lvl, ok := seelog.LogLevelFromString(level) - if !ok { - lvl = seelog.InfoLvl - } - l.level = lvl - - // We're not going to call DatadogLogger directly, but using the - // exported functions, that will give us two frames in the stack - // trace that should be skipped to get to the original caller. - // - // The fact we need a constant "additional depth" means some - // theoretical refactor to avoid duplication in the functions - // below cannot be performed. - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - - return l -} - -func addLogToBuffer(logHandle func()) { - bufferMutex.Lock() - defer bufferMutex.Unlock() - - logsBuffer = append(logsBuffer, logHandle) -} - -func (sw *DatadogLogger) scrub(s string) string { - if scrubbed, err := scrubBytesFunc([]byte(s)); err == nil { - return string(scrubbed) - } - return s -} - -/* -* Operation on the **logger level** - */ - -// ChangeLogLevel changes the current log level, valid levels are trace, debug, -// info, warn, error, critical and off, it requires a new seelog logger because -// an existing one cannot be updated -func ChangeLogLevel(li seelog.LoggerInterface, level string) error { - if err := logger.changeLogLevel(level); err != nil { - return err - } - - // See detailed explanation in SetupLogger(...) - if err := li.SetAdditionalStackDepth(defaultStackDepth); err != nil { - return err - } - - logger.replaceInnerLogger(li) - return nil - - // need to return something, just set to Info (expected default) -} -func (sw *loggerPointer) changeLogLevel(level string) error { - l := sw.Load() - if l == nil { - return errors.New("cannot change loglevel: logger not initialized") - } - - l.l.Lock() - defer l.l.Unlock() - - if l.inner == nil { - return errors.New("cannot change loglevel: logger is initialized however logger.inner is nil") - } - - lvl, ok := seelog.LogLevelFromString(strings.ToLower(level)) - if !ok { - return errors.New("bad log level") - } - l.level = lvl - return nil -} - -// GetLogLevel returns a seelog native representation of the current log level -func GetLogLevel() (seelog.LogLevel, error) { - return logger.getLogLevel() -} -func (sw *loggerPointer) getLogLevel() (seelog.LogLevel, error) { - l := sw.Load() - if l == nil { - return seelog.InfoLvl, errors.New("cannot get loglevel: logger not initialized") - } - - l.l.RLock() - defer l.l.RUnlock() - - if l.inner == nil { - return seelog.InfoLvl, errors.New("cannot get loglevel: logger not initialized") - } - - return l.level, nil -} - -// ShouldLog returns whether a given log level should be logged by the default logger -func ShouldLog(lvl seelog.LogLevel) bool { - // The lock stay in the exported function due to the use of `shouldLog` in function that already hold the lock - l := logger.Load() - if l != nil { - l.l.RLock() - defer l.l.RUnlock() - return l.shouldLog(lvl) - } - return false -} - -// This function should be called with `sw.l` held -func (sw *DatadogLogger) shouldLog(level seelog.LogLevel) bool { - return level >= sw.level -} - -// ValidateLogLevel validates the given log level and returns the corresponding Seelog log level. -// If the log level is "warning", it is converted to "warn" to handle a common gotcha when used with agent5. -// If the log level is not recognized, an error is returned. -func ValidateLogLevel(logLevel string) (string, error) { - seelogLogLevel := strings.ToLower(logLevel) - if seelogLogLevel == "warning" { // Common gotcha when used to agent5 - seelogLogLevel = "warn" - } - - if _, found := seelog.LogLevelFromString(seelogLogLevel); !found { - return "", fmt.Errorf("unknown log level: %s", seelogLogLevel) - } - return seelogLogLevel, nil -} - -/* -* Operation on the **logger** - */ - -// RegisterAdditionalLogger registers an additional logger for logging -func RegisterAdditionalLogger(n string, li seelog.LoggerInterface) error { - return logger.registerAdditionalLogger(n, li) -} -func (sw *loggerPointer) registerAdditionalLogger(n string, li seelog.LoggerInterface) error { - l := sw.Load() - if l == nil { - return errors.New("cannot register: logger not initialized") - } - - l.l.Lock() - defer l.l.Unlock() - - if l.inner == nil { - return errors.New("cannot register: logger not initialized") - } - - if l.extra == nil { - - return errors.New("logger not fully initialized, additional logging unavailable") - } - - if _, ok := l.extra[n]; ok { - return errors.New("logger already registered with that name") - } - l.extra[n] = li - - return nil -} - -// ReplaceLogger allows replacing the internal logger, returns old logger -func ReplaceLogger(li seelog.LoggerInterface) seelog.LoggerInterface { - return logger.replaceInnerLogger(li) -} -func (sw *loggerPointer) replaceInnerLogger(li seelog.LoggerInterface) seelog.LoggerInterface { - l := sw.Load() - if l == nil { - return nil // Return nil if logger is not initialized - } - - l.l.Lock() - defer l.l.Unlock() - - if l.inner == nil { - return nil // Return nil if logger.inner is not initialized - } - - old := l.inner - l.inner = li - - return old -} - -// Flush flushes the underlying inner log -func Flush() { - logger.flush() - jmxLogger.flush() -} -func (sw *loggerPointer) flush() { - l := sw.Load() - if l == nil { - return - } - - l.l.Lock() - defer l.l.Unlock() - - if l.inner != nil { - l.inner.Flush() - } -} - -/* -* log functions - */ - -// log logs a message at the given level, using either bufferFunc (if logging is not yet set up) or -// scrubAndLogFunc, and treating the variadic args as the message. -func log(logLevel seelog.LogLevel, bufferFunc func(), scrubAndLogFunc func(string), v ...interface{}) { - l := logger.Load() - - if l == nil { - addLogToBuffer(bufferFunc) - return - } - - l.l.Lock() - defer l.l.Unlock() - - if l.inner == nil { - addLogToBuffer(bufferFunc) - } else if l.shouldLog(logLevel) { - s := BuildLogEntry(v...) - scrubAndLogFunc(s) - } - -} -func logWithError(logLevel seelog.LogLevel, bufferFunc func(), scrubAndLogFunc func(string) error, fallbackStderr bool, v ...interface{}) error { - l := logger.Load() - - if l == nil { - addLogToBuffer(bufferFunc) - err := formatError(v...) - if fallbackStderr { - fmt.Fprintf(os.Stderr, "%s: %s\n", logLevel.String(), err.Error()) - } - return err - } - - l.l.Lock() - - isInnerNil := l.inner == nil - - if isInnerNil { - if !fallbackStderr { - addLogToBuffer(bufferFunc) - } - } else if l.shouldLog(logLevel) { - defer l.l.Unlock() - s := BuildLogEntry(v...) - return scrubAndLogFunc(s) - } - - l.l.Unlock() - - err := formatError(v...) - // Originally (PR 6436) fallbackStderr check had been added to handle a small window - // where error messages had been lost before Logger had been initialized. Adjusting - // just for that case because if the error log should not be logged - because it has - // been suppressed then it should be taken into account. - if fallbackStderr && isInnerNil { - fmt.Fprintf(os.Stderr, "%s: %s\n", logLevel.String(), err.Error()) - } - return err -} - -/* -* logFormat functions - */ - -func logFormat(logLevel seelog.LogLevel, bufferFunc func(), scrubAndLogFunc func(string, ...interface{}), format string, params ...interface{}) { - l := logger.Load() - - if l == nil { - addLogToBuffer(bufferFunc) - return - } - - l.l.Lock() - defer l.l.Unlock() - - if l.inner == nil { - addLogToBuffer(bufferFunc) - } else if l.shouldLog(logLevel) { - scrubAndLogFunc(format, params...) - } -} -func logFormatWithError(logLevel seelog.LogLevel, bufferFunc func(), scrubAndLogFunc func(string, ...interface{}) error, format string, fallbackStderr bool, params ...interface{}) error { - l := logger.Load() - - if l == nil { - addLogToBuffer(bufferFunc) - err := formatErrorf(format, params...) - if fallbackStderr { - fmt.Fprintf(os.Stderr, "%s: %s\n", logLevel.String(), err.Error()) - } - return err - } - - l.l.Lock() - - isInnerNil := l.inner == nil - - if isInnerNil { - if !fallbackStderr { - addLogToBuffer(bufferFunc) - } - } else if l.shouldLog(logLevel) { - defer l.l.Unlock() - return scrubAndLogFunc(format, params...) - } - - l.l.Unlock() - - err := formatErrorf(format, params...) - // Originally (PR 6436) fallbackStderr check had been added to handle a small window - // where error messages had been lost before Logger had been initialized. Adjusting - // just for that case because if the error log should not be logged - because it has - // been suppressed then it should be taken into account. - if fallbackStderr && isInnerNil { - fmt.Fprintf(os.Stderr, "%s: %s\n", logLevel.String(), err.Error()) - } - return err -} - -/* -* logContext functions - */ - -func logContext(logLevel seelog.LogLevel, bufferFunc func(), scrubAndLogFunc func(string), message string, depth int, context ...interface{}) { - l := logger.Load() - - if l == nil { - addLogToBuffer(bufferFunc) - return - } - - l.l.Lock() - defer l.l.Unlock() - - if l.inner == nil { - addLogToBuffer(bufferFunc) - } else if l.shouldLog(logLevel) { - l.inner.SetContext(context) - l.inner.SetAdditionalStackDepth(defaultStackDepth + depth) //nolint:errcheck - scrubAndLogFunc(message) - l.inner.SetContext(nil) - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - } -} -func logContextWithError(logLevel seelog.LogLevel, bufferFunc func(), scrubAndLogFunc func(string) error, message string, fallbackStderr bool, depth int, context ...interface{}) error { - l := logger.Load() - - if l == nil { - addLogToBuffer(bufferFunc) - err := formatErrorc(message, context...) - if fallbackStderr { - fmt.Fprintf(os.Stderr, "%s: %s\n", logLevel.String(), err.Error()) - } - return err - } - - l.l.Lock() - - isInnerNil := l.inner == nil - - if isInnerNil { - if !fallbackStderr { - addLogToBuffer(bufferFunc) - } - } else if l.shouldLog(logLevel) { - l.inner.SetContext(context) - l.inner.SetAdditionalStackDepth(defaultStackDepth + depth) //nolint:errcheck - err := scrubAndLogFunc(message) - l.inner.SetContext(nil) - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - defer l.l.Unlock() - return err - } - - l.l.Unlock() - - err := formatErrorc(message, context...) - if fallbackStderr && isInnerNil { - fmt.Fprintf(os.Stderr, "%s: %s\n", logLevel.String(), err.Error()) - } - return err -} - -// trace logs at the trace level, called with sw.l held -func (sw *loggerPointer) trace(s string) { - l := sw.Load() - - if l == nil { - return - } - - scrubbed := l.scrub(s) - l.inner.Trace(scrubbed) - - for _, l := range l.extra { - l.Trace(scrubbed) - } -} - -// trace logs at the trace level and the current stack depth plus the -// additional given one, called with sw.l held -func (sw *loggerPointer) traceStackDepth(s string, depth int) { - l := sw.Load() - scrubbed := l.scrub(s) - - l.inner.SetAdditionalStackDepth(defaultStackDepth + depth) //nolint:errcheck - l.inner.Trace(scrubbed) - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - - for _, l := range l.extra { - l.Trace(scrubbed) - } -} - -// debug logs at the debug level, called with sw.l held -func (sw *loggerPointer) debug(s string) { - l := sw.Load() - scrubbed := l.scrub(s) - l.inner.Debug(scrubbed) - - for _, l := range l.extra { - l.Debug(scrubbed) - } -} - -// debug logs at the debug level and the current stack depth plus the additional given one, called with sw.l held -func (sw *loggerPointer) debugStackDepth(s string, depth int) { - l := sw.Load() - scrubbed := l.scrub(s) - l.inner.SetAdditionalStackDepth(defaultStackDepth + depth) //nolint:errcheck - l.inner.Debug(scrubbed) - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - - for _, l := range l.extra { - l.Debug(scrubbed) //nolint:errcheck - } -} - -// info logs at the info level, called with sw.l held -func (sw *loggerPointer) info(s string) { - l := sw.Load() - scrubbed := l.scrub(s) - l.inner.Info(scrubbed) - for _, l := range l.extra { - l.Info(scrubbed) - } -} - -// info logs at the info level and the current stack depth plus the additional given one, called with sw.l held -func (sw *loggerPointer) infoStackDepth(s string, depth int) { - l := sw.Load() - scrubbed := l.scrub(s) - l.inner.SetAdditionalStackDepth(defaultStackDepth + depth) //nolint:errcheck - l.inner.Info(scrubbed) - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - - for _, l := range l.extra { - l.Info(scrubbed) //nolint:errcheck - } -} - -// warn logs at the warn level, called with sw.l held -func (sw *loggerPointer) warn(s string) error { - l := sw.Load() - scrubbed := l.scrub(s) - err := l.inner.Warn(scrubbed) - - for _, l := range l.extra { - l.Warn(scrubbed) //nolint:errcheck - } - - return err -} - -// error logs at the error level and the current stack depth plus the additional given one, called with sw.l held -func (sw *loggerPointer) warnStackDepth(s string, depth int) error { - l := sw.Load() - scrubbed := l.scrub(s) - l.inner.SetAdditionalStackDepth(defaultStackDepth + depth) //nolint:errcheck - err := l.inner.Warn(scrubbed) - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - - for _, l := range l.extra { - l.Warn(scrubbed) //nolint:errcheck - } - - return err -} - -// error logs at the error level, called with sw.l held -func (sw *loggerPointer) error(s string) error { - l := sw.Load() - scrubbed := l.scrub(s) - err := l.inner.Error(scrubbed) - - for _, l := range l.extra { - l.Error(scrubbed) //nolint:errcheck - } - - return err -} - -// error logs at the error level and the current stack depth plus the additional given one, called with sw.l held -func (sw *loggerPointer) errorStackDepth(s string, depth int) error { - l := sw.Load() - scrubbed := l.scrub(s) - l.inner.SetAdditionalStackDepth(defaultStackDepth + depth) //nolint:errcheck - err := l.inner.Error(scrubbed) - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - - for _, l := range l.extra { - l.Error(scrubbed) //nolint:errcheck - } - - return err -} - -// critical logs at the critical level, called with sw.l held -func (sw *loggerPointer) critical(s string) error { - l := sw.Load() - scrubbed := l.scrub(s) - err := l.inner.Critical(scrubbed) - - for _, l := range l.extra { - l.Critical(scrubbed) //nolint:errcheck - } - - return err -} - -// critical logs at the critical level and the current stack depth plus the additional given one, called with sw.l held -func (sw *loggerPointer) criticalStackDepth(s string, depth int) error { - l := sw.Load() - scrubbed := l.scrub(s) - l.inner.SetAdditionalStackDepth(defaultStackDepth + depth) //nolint:errcheck - err := l.inner.Critical(scrubbed) - l.inner.SetAdditionalStackDepth(defaultStackDepth) //nolint:errcheck - - for _, l := range l.extra { - l.Critical(scrubbed) //nolint:errcheck - } - - return err -} - -// tracef logs with format at the trace level, called with sw.l held -func (sw *loggerPointer) tracef(format string, params ...interface{}) { - l := sw.Load() - scrubbed := l.scrub(fmt.Sprintf(format, params...)) - l.inner.Trace(scrubbed) - - for _, l := range l.extra { - l.Trace(scrubbed) - } -} - -// debugf logs with format at the debug level, called with sw.l held -func (sw *loggerPointer) debugf(format string, params ...interface{}) { - l := sw.Load() - scrubbed := l.scrub(fmt.Sprintf(format, params...)) - l.inner.Debug(scrubbed) - - for _, l := range l.extra { - l.Debug(scrubbed) - } -} - -// infof logs with format at the info level, called with sw.l held -func (sw *loggerPointer) infof(format string, params ...interface{}) { - l := sw.Load() - scrubbed := l.scrub(fmt.Sprintf(format, params...)) - l.inner.Info(scrubbed) - - for _, l := range l.extra { - l.Info(scrubbed) - } -} - -// warnf logs with format at the warn level, called with sw.l held -func (sw *loggerPointer) warnf(format string, params ...interface{}) error { - l := sw.Load() - scrubbed := l.scrub(fmt.Sprintf(format, params...)) - err := l.inner.Warn(scrubbed) - - for _, l := range l.extra { - l.Warn(scrubbed) //nolint:errcheck - } - - return err -} - -// errorf logs with format at the error level, called with sw.l held -func (sw *loggerPointer) errorf(format string, params ...interface{}) error { - l := sw.Load() - scrubbed := l.scrub(fmt.Sprintf(format, params...)) - err := l.inner.Error(scrubbed) - - for _, l := range l.extra { - l.Error(scrubbed) //nolint:errcheck - } - - return err -} - -// criticalf logs with format at the critical level, called with sw.l held -func (sw *loggerPointer) criticalf(format string, params ...interface{}) error { - l := sw.Load() - scrubbed := l.scrub(fmt.Sprintf(format, params...)) - err := l.inner.Critical(scrubbed) - - for _, l := range l.extra { - l.Critical(scrubbed) //nolint:errcheck - } - - return err -} - -// BuildLogEntry concatenates all inputs with spaces -func BuildLogEntry(v ...interface{}) string { - var fmtBuffer bytes.Buffer - - for i := 0; i < len(v)-1; i++ { - fmtBuffer.WriteString("%v ") - } - fmtBuffer.WriteString("%v") - - return fmt.Sprintf(fmtBuffer.String(), v...) -} - -func scrubMessage(message string) string { - msgScrubbed, err := scrubBytesFunc([]byte(message)) - if err == nil { - return string(msgScrubbed) - } - return "[REDACTED] - failure to clean the message" -} - -func formatErrorf(format string, params ...interface{}) error { - msg := scrubMessage(fmt.Sprintf(format, params...)) - return errors.New(msg) -} - -func formatError(v ...interface{}) error { - msg := scrubMessage(fmt.Sprint(v...)) - return errors.New(msg) -} - -func formatErrorc(message string, context ...interface{}) error { - // Build a format string like this: - // message (%s:%v, %s:%v, ... %s:%v) - var fmtBuffer bytes.Buffer - fmtBuffer.WriteString(message) - if len(context) > 0 && len(context)%2 == 0 { - fmtBuffer.WriteString(" (") - for i := 0; i < len(context); i += 2 { - fmtBuffer.WriteString("%s:%v") - if i != len(context)-2 { - fmtBuffer.WriteString(", ") - } - } - fmtBuffer.WriteString(")") - } - - msg := fmt.Sprintf(fmtBuffer.String(), context...) - return errors.New(scrubMessage(msg)) -} - -// Trace logs at the trace level -func Trace(v ...interface{}) { - log(seelog.TraceLvl, func() { Trace(v...) }, logger.trace, v...) -} - -// Tracef logs with format at the trace level -func Tracef(format string, params ...interface{}) { - logFormat(seelog.TraceLvl, func() { Tracef(format, params...) }, logger.tracef, format, params...) -} - -// TracefStackDepth logs with format at the trace level and the current stack depth plus the given depth -func TracefStackDepth(depth int, format string, params ...interface{}) { - currentLevel, _ := GetLogLevel() - if currentLevel > seelog.TraceLvl { - return - } - msg := fmt.Sprintf(format, params...) - log(seelog.TraceLvl, func() { TraceStackDepth(depth, msg) }, func(s string) { - logger.traceStackDepth(s, depth) - }, msg) -} - -// TracecStackDepth logs at the trace level with context and the current stack depth plus the additional given one -func TracecStackDepth(message string, depth int, context ...interface{}) { - logContext(seelog.TraceLvl, func() { Tracec(message, context...) }, logger.trace, message, depth, context...) -} - -// Tracec logs at the trace level with context -func Tracec(message string, context ...interface{}) { - TracecStackDepth(message, 1, context...) -} - -// TraceFunc calls and logs the result of 'logFunc' if and only if Trace (or more verbose) logs are enabled -func TraceFunc(logFunc func() string) { - currentLevel, _ := GetLogLevel() - if currentLevel <= seelog.TraceLvl { - TraceStackDepth(2, logFunc()) - } -} - -// Debug logs at the debug level -func Debug(v ...interface{}) { - log(seelog.DebugLvl, func() { Debug(v...) }, logger.debug, v...) -} - -// Debugf logs with format at the debug level -func Debugf(format string, params ...interface{}) { - logFormat(seelog.DebugLvl, func() { Debugf(format, params...) }, logger.debugf, format, params...) -} - -// DebugfStackDepth logs with format at the debug level and the current stack depth plus the given depth -func DebugfStackDepth(depth int, format string, params ...interface{}) { - currentLevel, _ := GetLogLevel() - if currentLevel > seelog.DebugLvl { - return - } - msg := fmt.Sprintf(format, params...) - log(seelog.DebugLvl, func() { DebugStackDepth(depth, msg) }, func(s string) { - logger.debugStackDepth(s, depth) - }, msg) -} - -// DebugcStackDepth logs at the debug level with context and the current stack depth plus the additional given one -func DebugcStackDepth(message string, depth int, context ...interface{}) { - logContext(seelog.DebugLvl, func() { Debugc(message, context...) }, logger.debug, message, depth, context...) -} - -// Debugc logs at the debug level with context -func Debugc(message string, context ...interface{}) { - DebugcStackDepth(message, 1, context...) -} - -// DebugFunc calls and logs the result of 'logFunc' if and only if Debug (or more verbose) logs are enabled -func DebugFunc(logFunc func() string) { - currentLevel, _ := GetLogLevel() - if currentLevel <= seelog.DebugLvl { - DebugStackDepth(2, logFunc()) - } -} - -// Info logs at the info level -func Info(v ...interface{}) { - log(seelog.InfoLvl, func() { Info(v...) }, logger.info, v...) -} - -// Infof logs with format at the info level -func Infof(format string, params ...interface{}) { - logFormat(seelog.InfoLvl, func() { Infof(format, params...) }, logger.infof, format, params...) -} - -// InfofStackDepth logs with format at the info level and the current stack depth plus the given depth -func InfofStackDepth(depth int, format string, params ...interface{}) { - currentLevel, _ := GetLogLevel() - if currentLevel > seelog.InfoLvl { - return - } - msg := fmt.Sprintf(format, params...) - log(seelog.InfoLvl, func() { InfoStackDepth(depth, msg) }, func(s string) { - logger.infoStackDepth(s, depth) - }, msg) -} - -// InfocStackDepth logs at the info level with context and the current stack depth plus the additional given one -func InfocStackDepth(message string, depth int, context ...interface{}) { - logContext(seelog.InfoLvl, func() { Infoc(message, context...) }, logger.info, message, depth, context...) -} - -// Infoc logs at the info level with context -func Infoc(message string, context ...interface{}) { - InfocStackDepth(message, 1, context...) -} - -// InfoFunc calls and logs the result of 'logFunc' if and only if Info (or more verbose) logs are enabled -func InfoFunc(logFunc func() string) { - currentLevel, _ := GetLogLevel() - if currentLevel <= seelog.InfoLvl { - InfoStackDepth(2, logFunc()) - } -} - -// Warn logs at the warn level and returns an error containing the formated log message -func Warn(v ...interface{}) error { - return logWithError(seelog.WarnLvl, func() { _ = Warn(v...) }, logger.warn, false, v...) -} - -// Warnf logs with format at the warn level and returns an error containing the formated log message -func Warnf(format string, params ...interface{}) error { - return logFormatWithError(seelog.WarnLvl, func() { _ = Warnf(format, params...) }, logger.warnf, format, false, params...) -} - -// WarnfStackDepth logs with format at the warn level and the current stack depth plus the given depth -func WarnfStackDepth(depth int, format string, params ...interface{}) error { - msg := fmt.Sprintf(format, params...) - return logWithError(seelog.WarnLvl, func() { _ = WarnStackDepth(depth, msg) }, func(s string) error { - return logger.warnStackDepth(s, depth) - }, false, msg) -} - -// WarncStackDepth logs at the warn level with context and the current stack depth plus the additional given one and returns an error containing the formated log message -func WarncStackDepth(message string, depth int, context ...interface{}) error { - return logContextWithError(seelog.WarnLvl, func() { _ = Warnc(message, context...) }, logger.warn, message, false, depth, context...) -} - -// Warnc logs at the warn level with context and returns an error containing the formated log message -func Warnc(message string, context ...interface{}) error { - return WarncStackDepth(message, 1, context...) -} - -// WarnFunc calls and logs the result of 'logFunc' if and only if Warn (or more verbose) logs are enabled -func WarnFunc(logFunc func() string) { - currentLevel, _ := GetLogLevel() - if currentLevel <= seelog.WarnLvl { - _ = WarnStackDepth(2, logFunc()) - } -} - -// Error logs at the error level and returns an error containing the formated log message -func Error(v ...interface{}) error { - return logWithError(seelog.ErrorLvl, func() { _ = Error(v...) }, logger.error, true, v...) -} - -// Errorf logs with format at the error level and returns an error containing the formated log message -func Errorf(format string, params ...interface{}) error { - return logFormatWithError(seelog.ErrorLvl, func() { _ = Errorf(format, params...) }, logger.errorf, format, true, params...) -} - -// ErrorfStackDepth logs with format at the error level and the current stack depth plus the given depth -func ErrorfStackDepth(depth int, format string, params ...interface{}) error { - msg := fmt.Sprintf(format, params...) - return logWithError(seelog.ErrorLvl, func() { _ = ErrorStackDepth(depth, msg) }, func(s string) error { - return logger.errorStackDepth(s, depth) - }, true, msg) -} - -// ErrorcStackDepth logs at the error level with context and the current stack depth plus the additional given one and returns an error containing the formated log message -func ErrorcStackDepth(message string, depth int, context ...interface{}) error { - return logContextWithError(seelog.ErrorLvl, func() { _ = Errorc(message, context...) }, logger.error, message, true, depth, context...) -} - -// Errorc logs at the error level with context and returns an error containing the formated log message -func Errorc(message string, context ...interface{}) error { - return ErrorcStackDepth(message, 1, context...) -} - -// ErrorFunc calls and logs the result of 'logFunc' if and only if Error (or more verbose) logs are enabled -func ErrorFunc(logFunc func() string) { - currentLevel, _ := GetLogLevel() - if currentLevel <= seelog.ErrorLvl { - _ = ErrorStackDepth(2, logFunc()) - } -} - -// Critical logs at the critical level and returns an error containing the formated log message -func Critical(v ...interface{}) error { - return logWithError(seelog.CriticalLvl, func() { _ = Critical(v...) }, logger.critical, true, v...) -} - -// Criticalf logs with format at the critical level and returns an error containing the formated log message -func Criticalf(format string, params ...interface{}) error { - return logFormatWithError(seelog.CriticalLvl, func() { _ = Criticalf(format, params...) }, logger.criticalf, format, true, params...) -} - -// CriticalfStackDepth logs with format at the critical level and the current stack depth plus the given depth -func CriticalfStackDepth(depth int, format string, params ...interface{}) error { - msg := fmt.Sprintf(format, params...) - return logWithError(seelog.CriticalLvl, func() { _ = CriticalStackDepth(depth, msg) }, func(s string) error { - return logger.criticalStackDepth(s, depth) - }, false, msg) -} - -// CriticalcStackDepth logs at the critical level with context and the current stack depth plus the additional given one and returns an error containing the formated log message -func CriticalcStackDepth(message string, depth int, context ...interface{}) error { - return logContextWithError(seelog.CriticalLvl, func() { _ = Criticalc(message, context...) }, logger.critical, message, true, depth, context...) -} - -// Criticalc logs at the critical level with context and returns an error containing the formated log message -func Criticalc(message string, context ...interface{}) error { - return CriticalcStackDepth(message, 1, context...) -} - -// CriticalFunc calls and logs the result of 'logFunc' if and only if Critical (or more verbose) logs are enabled -func CriticalFunc(logFunc func() string) { - currentLevel, _ := GetLogLevel() - if currentLevel <= seelog.CriticalLvl { - _ = CriticalStackDepth(2, logFunc()) - } -} - -// InfoStackDepth logs at the info level and the current stack depth plus the additional given one -func InfoStackDepth(depth int, v ...interface{}) { - log(seelog.InfoLvl, func() { InfoStackDepth(depth, v...) }, func(s string) { - logger.infoStackDepth(s, depth) - }, v...) -} - -// WarnStackDepth logs at the warn level and the current stack depth plus the additional given one and returns an error containing the formated log message -func WarnStackDepth(depth int, v ...interface{}) error { - return logWithError(seelog.WarnLvl, func() { _ = WarnStackDepth(depth, v...) }, func(s string) error { - return logger.warnStackDepth(s, depth) - }, false, v...) -} - -// DebugStackDepth logs at the debug level and the current stack depth plus the additional given one and returns an error containing the formated log message -func DebugStackDepth(depth int, v ...interface{}) { - log(seelog.DebugLvl, func() { DebugStackDepth(depth, v...) }, func(s string) { - logger.debugStackDepth(s, depth) - }, v...) -} - -// TraceStackDepth logs at the trace level and the current stack depth plus the additional given one and returns an error containing the formated log message -func TraceStackDepth(depth int, v ...interface{}) { - log(seelog.TraceLvl, func() { TraceStackDepth(depth, v...) }, func(s string) { - logger.traceStackDepth(s, depth) - }, v...) -} - -// ErrorStackDepth logs at the error level and the current stack depth plus the additional given one and returns an error containing the formated log message -func ErrorStackDepth(depth int, v ...interface{}) error { - return logWithError(seelog.ErrorLvl, func() { _ = ErrorStackDepth(depth, v...) }, func(s string) error { - return logger.errorStackDepth(s, depth) - }, true, v...) -} - -// CriticalStackDepth logs at the critical level and the current stack depth plus the additional given one and returns an error containing the formated log message -func CriticalStackDepth(depth int, v ...interface{}) error { - return logWithError(seelog.CriticalLvl, func() { _ = CriticalStackDepth(depth, v...) }, func(s string) error { - return logger.criticalStackDepth(s, depth) - }, true, v...) -} - -/* -* JMX Logger Section - */ - -// JMXError Logs for JMX check -func JMXError(v ...interface{}) error { - return logWithError(seelog.ErrorLvl, func() { _ = JMXError(v...) }, jmxLogger.error, true, v...) -} - -// JMXInfo Logs -func JMXInfo(v ...interface{}) { - log(seelog.InfoLvl, func() { JMXInfo(v...) }, jmxLogger.info, v...) -} - -// SetupJMXLogger setup JMXfetch specific logger -func SetupJMXLogger(i seelog.LoggerInterface, level string) { - jmxLogger.Store(setupCommonLogger(i, level)) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_limit.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_limit.go deleted file mode 100644 index 290382f3..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_limit.go +++ /dev/null @@ -1,74 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package log - -import ( - "time" - - "go.uber.org/atomic" -) - -// Limit is a utility that can be used to avoid logging noisily -type Limit struct { - // n is the times remaining that the Limit will return true for ShouldLog. - // we repeatedly subtract 1 from it, if it is nonzero. - n *atomic.Int32 - - // exit and ticker must be different channels - // because Stopping a ticker will not close the ticker channel, - // and we will otherwise leak memory - ticker *time.Ticker - exit chan struct{} -} - -// NewLogLimit creates a Limit where shouldLog will return -// true the first N times it is called, and will return true once every -// interval thereafter. -func NewLogLimit(n int, interval time.Duration) *Limit { - l := &Limit{ - n: atomic.NewInt32(int32(n)), - ticker: time.NewTicker(interval), - exit: make(chan struct{}), - } - - go l.resetLoop() - return l -} - -// ShouldLog returns true if the caller should log -func (l *Limit) ShouldLog() bool { - n := l.n.Load() - if n > 0 { - // try to decrement n, doing nothing on concurrent attempts - l.n.CompareAndSwap(n, n-1) - return true - } - - return false -} - -// Close will stop the underlying ticker -func (l *Limit) Close() { - l.ticker.Stop() - close(l.exit) -} - -func (l *Limit) resetLoop() { - for { - select { - case <-l.ticker.C: - l.resetCounter() - case <-l.exit: - return - } - } -} - -func (l *Limit) resetCounter() { - // c.n == 0, it means we have gotten through the first few logs, and after ticker.T we should - // do another log - l.n.CompareAndSwap(0, 1) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_not_serverless.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_not_serverless.go deleted file mode 100644 index 8b7d7688..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_not_serverless.go +++ /dev/null @@ -1,18 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build !serverless - -package log - -// DebugServerless logs at the debug level only in a serverless context -// no-op in a non serverless context -func DebugServerless(_ ...interface{}) { -} - -// DebugfServerless logs with format at the debug level only in a serverless context -// no-op in a non serverless context -func DebugfServerless(_ string, _ ...interface{}) { -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_serverless.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_serverless.go deleted file mode 100644 index 9ad3aa42..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_serverless.go +++ /dev/null @@ -1,18 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build serverless - -package log - -// DebugServerless logs at the debug level only in a serverless context -func DebugServerless(v ...interface{}) { - Debug(v...) -} - -// DebugfServerless logs with format at the debug level only in a serverless context -func DebugfServerless(format string, params ...interface{}) { - Debugf(format, params...) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_test_init.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_test_init.go deleted file mode 100644 index 7dd6bcd7..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/log_test_init.go +++ /dev/null @@ -1,22 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build test - -package log - -import ( - "os" - - "github.com/cihub/seelog" -) - -func init() { - level := os.Getenv("DD_LOG_LEVEL") - if level == "" { - level = "debug" - } - SetupLogger(seelog.Default, level) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/wrapper.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/log/wrapper.go deleted file mode 100644 index 52ff4c08..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/log/wrapper.go +++ /dev/null @@ -1,77 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package log - -// Wrapper wraps all the logger function on a struct. This is meant to be used by the comp/core/log component to expose -// the logger functionnality to components. This should only be use by the log component. -type Wrapper struct { - stackDepth int -} - -// NewWrapper returns a new Wrapper. This should only be use by the log component. -func NewWrapper(stackDepth int) *Wrapper { - return &Wrapper{stackDepth: stackDepth} -} - -// Until the log migration to component is done, we use *StackDepth to pkglog. The log component add 1 layer to the call -// stack and *StackDepth add another. -// -// We check the current log level to avoid calling Sprintf when it's not needed (Sprintf from Tracef uses a lot a CPU) - -// Trace implements Component#Trace. -func (l *Wrapper) Trace(v ...interface{}) { TraceStackDepth(l.stackDepth, v...) } - -// Tracef implements Component#Tracef. -func (l *Wrapper) Tracef(format string, params ...interface{}) { - TracefStackDepth(l.stackDepth, format, params...) -} - -// Debug implements Component#Debug. -func (l *Wrapper) Debug(v ...interface{}) { DebugStackDepth(l.stackDepth, v...) } - -// Debugf implements Component#Debugf. -func (l *Wrapper) Debugf(format string, params ...interface{}) { - DebugfStackDepth(l.stackDepth, format, params...) -} - -// Info implements Component#Info. -func (l *Wrapper) Info(v ...interface{}) { InfoStackDepth(l.stackDepth, v...) } - -// Infof implements Component#Infof. -func (l *Wrapper) Infof(format string, params ...interface{}) { - InfofStackDepth(l.stackDepth, format, params...) -} - -// Warn implements Component#Warn. -func (l *Wrapper) Warn(v ...interface{}) error { return WarnStackDepth(l.stackDepth, v...) } - -// Warnf implements Component#Warnf. -func (l *Wrapper) Warnf(format string, params ...interface{}) error { - return WarnfStackDepth(l.stackDepth, format, params...) -} - -// Error implements Component#Error. -func (l *Wrapper) Error(v ...interface{}) error { return ErrorStackDepth(l.stackDepth, v...) } - -// Errorf implements Component#Errorf. -func (l *Wrapper) Errorf(format string, params ...interface{}) error { - return ErrorfStackDepth(l.stackDepth, format, params...) -} - -// Critical implements Component#Critical. -func (l *Wrapper) Critical(v ...interface{}) error { - return CriticalStackDepth(l.stackDepth, v...) -} - -// Criticalf implements Component#Criticalf. -func (l *Wrapper) Criticalf(format string, params ...interface{}) error { - return CriticalfStackDepth(l.stackDepth, format, params...) -} - -// Flush implements Component#Flush. -func (l *Wrapper) Flush() { - Flush() -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/LICENSE b/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/LICENSE deleted file mode 100644 index b370545b..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/LICENSE +++ /dev/null @@ -1,200 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-present Datadog, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/default.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/default.go deleted file mode 100644 index 290592dd..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/default.go +++ /dev/null @@ -1,378 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package scrubber - -import ( - "fmt" - "regexp" - "slices" - "strings" - "sync" -) - -var ( - // DefaultScrubber is the scrubber used by the package-level cleaning functions. - // - // It includes a set of agent-specific replacers. It can scrub DataDog App - // and API keys, passwords from URLs, and multi-line PEM-formatted TLS keys and - // certificates. It contains special handling for YAML-like content (with - // lines of the form "key: value") and can scrub passwords, tokens, and SNMP - // community strings in such content. - // - // See default.go for details of these replacers. - DefaultScrubber = &Scrubber{} - - defaultReplacement = "********" - - // dynamicReplacers are replacers added at runtime. New Replacer can be added through configuration or by the - // secrets package for example. - dynamicReplacers = []Replacer{} - dynamicReplacersMutex = sync.Mutex{} -) - -func init() { - AddDefaultReplacers(DefaultScrubber) -} - -// AddDefaultReplacers to a scrubber. This is called automatically for -// DefaultScrubber, but can be used to initialize other, custom scrubbers with -// the default replacers. -func AddDefaultReplacers(scrubber *Scrubber) { - hintedAPIKeyReplacer := Replacer{ - // If hinted, mask the value regardless if it doesn't match 32-char hexadecimal string - Regex: regexp.MustCompile(`(api_?key=)\b[a-zA-Z0-9]+([a-zA-Z0-9]{5})\b`), - Hints: []string{"api_key", "apikey"}, - Repl: []byte(`$1***************************$2`), - } - hintedAPPKeyReplacer := Replacer{ - // If hinted, mask the value regardless if it doesn't match 40-char hexadecimal string - Regex: regexp.MustCompile(`(ap(?:p|plication)_?key=)\b[a-zA-Z0-9]+([a-zA-Z0-9]{5})\b`), - Hints: []string{"app_key", "appkey", "application_key"}, - Repl: []byte(`$1***********************************$2`), - } - - // replacers are check one by one in order. We first try to scrub 64 bytes token, keeping the last 5 digit. If - // the token has a different size we scrub it entirely. - hintedBearerReplacer := Replacer{ - Regex: regexp.MustCompile(`\bBearer [a-fA-F0-9]{59}([a-fA-F0-9]{5})\b`), - Hints: []string{"Bearer"}, - Repl: []byte(`Bearer ***********************************************************$1`), - } - // For this one we match any characters - hintedBearerInvalidReplacer := Replacer{ - Regex: regexp.MustCompile(`\bBearer\s+[^*]+\b`), - Hints: []string{"Bearer"}, - Repl: []byte("Bearer " + defaultReplacement), - } - - apiKeyReplacerYAML := Replacer{ - Regex: regexp.MustCompile(`(\-|\:|,|\[|\{)(\s+)?\b[a-fA-F0-9]{27}([a-fA-F0-9]{5})\b`), - Repl: []byte(`$1$2"***************************$3"`), - } - apiKeyReplacer := Replacer{ - Regex: regexp.MustCompile(`\b[a-fA-F0-9]{27}([a-fA-F0-9]{5})\b`), - Repl: []byte(`***************************$1`), - } - appKeyReplacerYAML := Replacer{ - Regex: regexp.MustCompile(`(\-|\:|,|\[|\{)(\s+)?\b[a-fA-F0-9]{35}([a-fA-F0-9]{5})\b`), - Repl: []byte(`$1$2"***********************************$3"`), - } - appKeyReplacer := Replacer{ - Regex: regexp.MustCompile(`\b[a-fA-F0-9]{35}([a-fA-F0-9]{5})\b`), - Repl: []byte(`***********************************$1`), - } - rcAppKeyReplacer := Replacer{ - Regex: regexp.MustCompile(`\bDDRCM_[A-Z0-9]+([A-Z0-9]{5})\b`), - Repl: []byte(`***********************************$1`), - } - // URI Generic Syntax - // https://tools.ietf.org/html/rfc3986 - uriPasswordReplacer := Replacer{ - Regex: regexp.MustCompile(`(?i)([a-z][a-z0-9+-.]+://|\b)([^:]+):([^\s|"]+)@`), - Repl: []byte(`$1$2:********@`), - } - yamlPasswordReplacer := matchYAMLKeyPart( - `(pass(word)?|pwd)`, - []string{"pass", "pwd"}, - []byte(`$1 "********"`), - ) - passwordReplacer := Replacer{ - // this regex has three parts: - // * key: case-insensitive, optionally quoted (pass | password | pswd | pwd), not anchored to match on args like --mysql_password= etc. - // * separator: (= or :) with optional opening quote we don't want to match as part of the password - // * password string: alphanum + special chars except quotes and semicolon - Regex: regexp.MustCompile(`(?i)(\"?(?:pass(?:word)?|pswd|pwd)\"?)((?:=| = |: )\"?)([0-9A-Za-z#!$%&()*+,\-./:<=>?@[\\\]^_{|}~]+)`), - // replace the 3rd capture group (password string) with ******** - Repl: []byte(`$1$2********`), - } - tokenReplacer := matchYAMLKeyEnding( - `token`, - []string{"token"}, - []byte(`$1 "********"`), - ) - snmpReplacer := matchYAMLKey( - `(community_string|authKey|privKey|community|authentication_key|privacy_key|Authorization|authorization)`, - []string{"community_string", "authKey", "privKey", "community", "authentication_key", "privacy_key", "Authorization", "authorization"}, - []byte(`$1 "********"`), - ) - snmpMultilineReplacer := matchYAMLKeyWithListValue( - "(community_strings)", - "community_strings", - []byte(`$1 "********"`), - ) - certReplacer := Replacer{ - /* - Try to match as accurately as possible. RFC 7468's ABNF - Backreferences are not available in go, so we cannot verify - here that the BEGIN label is the same as the END label. - */ - Regex: regexp.MustCompile(`-----BEGIN (?:.*)-----[A-Za-z0-9=\+\/\s]*-----END (?:.*)-----`), - Hints: []string{"BEGIN"}, - Repl: []byte(`********`), - } - - // The following replacers works on YAML object only - - apiKeyYaml := matchYAMLOnly( - `api_key`, - func(data interface{}) interface{} { - if apiKey, ok := data.(string); ok { - apiKey := strings.TrimSpace(apiKey) - if apiKey == "" { - return "" - } - if len(apiKey) == 32 { - return HideKeyExceptLastFiveChars(apiKey) - } - } - return defaultReplacement - }, - ) - - appKeyYaml := matchYAMLOnly( - `ap(?:p|plication)_?key`, - func(data interface{}) interface{} { - if appKey, ok := data.(string); ok { - appKey := strings.TrimSpace(appKey) - if appKey == "" { - return "" - } - if len(appKey) == 40 { - return HideKeyExceptLastFiveChars(appKey) - } - } - return defaultReplacement - }, - ) - - scrubber.AddReplacer(SingleLine, hintedAPIKeyReplacer) - scrubber.AddReplacer(SingleLine, hintedAPPKeyReplacer) - scrubber.AddReplacer(SingleLine, hintedBearerReplacer) - scrubber.AddReplacer(SingleLine, hintedBearerInvalidReplacer) - scrubber.AddReplacer(SingleLine, apiKeyReplacerYAML) - scrubber.AddReplacer(SingleLine, apiKeyReplacer) - scrubber.AddReplacer(SingleLine, appKeyReplacerYAML) - scrubber.AddReplacer(SingleLine, appKeyReplacer) - scrubber.AddReplacer(SingleLine, rcAppKeyReplacer) - scrubber.AddReplacer(SingleLine, uriPasswordReplacer) - scrubber.AddReplacer(SingleLine, yamlPasswordReplacer) - scrubber.AddReplacer(SingleLine, passwordReplacer) - scrubber.AddReplacer(SingleLine, tokenReplacer) - scrubber.AddReplacer(SingleLine, snmpReplacer) - - scrubber.AddReplacer(SingleLine, apiKeyYaml) - scrubber.AddReplacer(SingleLine, appKeyYaml) - - scrubber.AddReplacer(MultiLine, snmpMultilineReplacer) - scrubber.AddReplacer(MultiLine, certReplacer) - - dynamicReplacersMutex.Lock() - for _, r := range dynamicReplacers { - scrubber.AddReplacer(SingleLine, r) - } - dynamicReplacersMutex.Unlock() -} - -// Yaml helpers produce replacers that work on both a yaml object (aka map[interface{}]interface{}) and on a serialized -// YAML string. - -func matchYAMLKeyPart(part string, hints []string, repl []byte) Replacer { - return Replacer{ - Regex: regexp.MustCompile(fmt.Sprintf(`(\s*(\w|_)*%s(\w|_)*\s*:).+`, part)), - YAMLKeyRegex: regexp.MustCompile(part), - Hints: hints, - Repl: repl, - } -} - -func matchYAMLKey(key string, hints []string, repl []byte) Replacer { - return Replacer{ - Regex: regexp.MustCompile(fmt.Sprintf(`(\s*%s\s*:).+`, key)), - YAMLKeyRegex: regexp.MustCompile(fmt.Sprintf(`^%s$`, key)), - Hints: hints, - Repl: repl, - } -} - -func matchYAMLKeyEnding(ending string, hints []string, repl []byte) Replacer { - return Replacer{ - Regex: regexp.MustCompile(fmt.Sprintf(`(^\s*(\w|_)*%s\s*:).+`, ending)), - YAMLKeyRegex: regexp.MustCompile(fmt.Sprintf(`^.*%s$`, ending)), - Hints: hints, - Repl: repl, - } -} - -// This only works on a YAML object not on serialized YAML data -func matchYAMLOnly(key string, cb func(interface{}) interface{}) Replacer { - return Replacer{ - YAMLKeyRegex: regexp.MustCompile(key), - ProcessValue: cb, - } -} - -// matchYAMLKeyWithListValue matches YAML keys with array values. -// caveat: doesn't work if the array contain nested arrays. -// -// Example: -// -// key: [ -// [a, b, c], -// def] -func matchYAMLKeyWithListValue(key string, hints string, repl []byte) Replacer { - /* - Example 1: - network_devices: - snmp_traps: - community_strings: - - 'pass1' - - 'pass2' - - Example 2: - network_devices: - snmp_traps: - community_strings: ['pass1', 'pass2'] - - Example 3: - network_devices: - snmp_traps: - community_strings: [ - 'pass1', - 'pass2'] - */ - return Replacer{ - Regex: regexp.MustCompile(fmt.Sprintf(`(\s*%s\s*:)\s*(?:\n(?:\s+-\s+.*)*|\[(?:\n?.*?)*?\])`, key)), - /* ----------- --------------- ------------- - match key(s) | | - match multiple match anything - lines starting enclosed between `[` and `]` - with `-` - */ - YAMLKeyRegex: regexp.MustCompile(key), - Hints: []string{hints}, - Repl: repl, - } -} - -// ScrubFile scrubs credentials from the given file, using the -// default scrubber. -func ScrubFile(filePath string) ([]byte, error) { - return DefaultScrubber.ScrubFile(filePath) -} - -// ScrubBytes scrubs credentials from the given slice of bytes, -// using the default scrubber. -func ScrubBytes(file []byte) ([]byte, error) { - return DefaultScrubber.ScrubBytes(file) -} - -// ScrubYaml scrubs credentials from the given YAML by loading the data and scrubbing the object instead of the -// serialized string, using the default scrubber. -func ScrubYaml(data []byte) ([]byte, error) { - return DefaultScrubber.ScrubYaml(data) -} - -// ScrubYamlString scrubs credentials from the given YAML string by loading the data and scrubbing the object instead of -// the serialized string, using the default scrubber. -func ScrubYamlString(data string) (string, error) { - res, err := DefaultScrubber.ScrubYaml([]byte(data)) - if err != nil { - return "", err - } - return string(res), nil -} - -// ScrubJSON scrubs credentials from the given JSON by loading the data and scrubbing the object instead of the -// serialized string, using the default scrubber. -func ScrubJSON(data []byte) ([]byte, error) { - return DefaultScrubber.ScrubJSON(data) -} - -// ScrubJSONString scrubs credentials from the given JSON string by loading the data and scrubbing the object instead of -// the serialized string, using the default scrubber. -func ScrubJSONString(data string) (string, error) { - res, err := ScrubJSON([]byte(data)) - if err != nil { - return "", err - } - return string(res), nil -} - -// ScrubString scrubs credentials from the given string, using the default scrubber. -func ScrubString(data string) (string, error) { - res, err := DefaultScrubber.ScrubBytes([]byte(data)) - if err != nil { - return "", err - } - return string(res), nil -} - -// ScrubLine scrubs credentials from a single line of text, using the default -// scrubber. It can be safely applied to URLs or to strings containing URLs. -// It does not run multi-line replacers, and should not be used on multi-line -// inputs. -func ScrubLine(url string) string { - return DefaultScrubber.ScrubLine(url) -} - -// ScrubDataObj scrubs credentials from the data interface by recursively walking over all the nodes -func ScrubDataObj(data *interface{}) { - DefaultScrubber.ScrubDataObj(data) -} - -// HideKeyExceptLastFiveChars replaces all characters in the key with "*", except -// for the last 5 characters. If the key is an unrecognized length, replace -// all of it with the default string of "*"s instead. -func HideKeyExceptLastFiveChars(key string) string { - if len(key) != 32 && len(key) != 40 { - return defaultReplacement - } - return strings.Repeat("*", len(key)-5) + key[len(key)-5:] -} - -// AddStrippedKeys adds to the set of YAML keys that will be recognized and have their values stripped. This modifies -// the DefaultScrubber directly and be added to any created scrubbers. -func AddStrippedKeys(strippedKeys []string) { - // API and APP keys are already handled by default rules - strippedKeys = slices.Clone(strippedKeys) - strippedKeys = slices.DeleteFunc(strippedKeys, func(s string) bool { - return s == "api_key" || s == "app_key" - }) - - if len(strippedKeys) > 0 { - replacer := matchYAMLKey( - fmt.Sprintf("(%s)", strings.Join(strippedKeys, "|")), - strippedKeys, - []byte(`$1 "********"`), - ) - // We add the new replacer to the default scrubber and to the list of dynamicReplacers so any new - // scubber will inherit it. - DefaultScrubber.AddReplacer(SingleLine, replacer) - dynamicReplacersMutex.Lock() - dynamicReplacers = append(dynamicReplacers, replacer) - dynamicReplacersMutex.Unlock() - } -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/json_scrubber.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/json_scrubber.go deleted file mode 100644 index 34c65dd3..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/json_scrubber.go +++ /dev/null @@ -1,33 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package scrubber - -import ( - "fmt" - "os" - - "encoding/json" -) - -// ScrubJSON scrubs credentials from the given json by loading the data and scrubbing the -// object instead of the serialized string. -func (c *Scrubber) ScrubJSON(input []byte) ([]byte, error) { - var data *interface{} - err := json.Unmarshal(input, &data) - - // if we can't load the json run the default scrubber on the input - if len(input) != 0 && err == nil { - c.ScrubDataObj(data) - - newInput, err := json.Marshal(data) - if err == nil { - return newInput, nil - } - // Since the scrubber is a dependency of the logger we can't use it here. - fmt.Fprintf(os.Stderr, "error scrubbing json, falling back on text scrubber: %s\n", err) - } - return c.ScrubBytes(input) -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/scrubber.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/scrubber.go deleted file mode 100644 index 1aaad14c..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/scrubber.go +++ /dev/null @@ -1,196 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package scrubber implements support for cleaning sensitive information out of strings -// and files. -// -// # Compatibility -// -// This module's API is not yet stable, and may change incompatibly from version to version. -package scrubber - -import ( - "bufio" - "bytes" - "io" - "os" - "regexp" -) - -// Replacer represents a replacement of sensitive information with a "clean" version. -type Replacer struct { - // Regex must match the sensitive information - Regex *regexp.Regexp - // YAMLKeyRegex matches the key of sensitive information in a dict/map. This is used when iterating over a - // map[string]interface{} to scrub data for all matching key before being serialized. - YAMLKeyRegex *regexp.Regexp - // ProcessValue is a callback to be executed when YAMLKeyRegex matches the key of a map/dict in a YAML object. The - // value is passed to the function and replaced by the returned interface. This is useful to produce custom - // scrubbing. Example: keeping the last 5 digit of an api key. - ProcessValue func(data interface{}) interface{} - // Hints, if given, are strings which must also be present in the text for the regexp to match. - // Especially in single-line replacers, this can be used to limit the contexts where an otherwise - // very broad Regex is actually replaced. - Hints []string - // Repl is the text to replace the substring matching Regex. It can use the regexp package's - // replacement characters ($1, etc.) (see regexp#Regexp.ReplaceAll). - Repl []byte - // ReplFunc, if set, is called with the matched bytes (see regexp#Regexp.ReplaceAllFunc). Only - // one of Repl and ReplFunc should be set. - ReplFunc func(b []byte) []byte -} - -// ReplacerKind modifies how a Replacer is applied -type ReplacerKind int - -const ( - // SingleLine indicates to Cleaner#AddReplacer that the replacer applies to - // single lines. - SingleLine ReplacerKind = iota - // MultiLine indicates to Cleaner#AddReplacer that the replacer applies to - // entire multiline text values. - MultiLine -) - -var commentRegex = regexp.MustCompile(`^\s*#.*$`) -var blankRegex = regexp.MustCompile(`^\s*$`) - -// Scrubber implements support for cleaning sensitive information out of strings -// and files. Its intended use is to "clean" data before it is logged or -// transmitted to a remote system, so that the meaning of the data remains -// clear without disclosing any sensitive information. -// -// Scrubber works by applying a set of replacers, in order. It first applies -// all SingleLine replacers to each non-comment, non-blank line of the input. -// -// Comments and blank lines are omitted. Comments are considered to begin with `#`. -// -// It then applies all MultiLine replacers to the entire text of the input. -type Scrubber struct { - singleLineReplacers []Replacer - multiLineReplacers []Replacer -} - -// New creates a new scrubber with no replacers installed. -func New() *Scrubber { - return &Scrubber{ - singleLineReplacers: make([]Replacer, 0), - multiLineReplacers: make([]Replacer, 0), - } -} - -// NewWithDefaults creates a new scrubber with the default replacers installed. -func NewWithDefaults() *Scrubber { - s := New() - AddDefaultReplacers(s) - return s -} - -// AddReplacer adds a replacer of the given kind to the scrubber. -func (c *Scrubber) AddReplacer(kind ReplacerKind, replacer Replacer) { - switch kind { - case SingleLine: - c.singleLineReplacers = append(c.singleLineReplacers, replacer) - case MultiLine: - c.multiLineReplacers = append(c.multiLineReplacers, replacer) - } -} - -// ScrubFile scrubs credentials from file given by pathname -func (c *Scrubber) ScrubFile(filePath string) ([]byte, error) { - file, err := os.Open(filePath) - if err != nil { - return nil, err - } - defer file.Close() - - var sizeHint int - stats, err := file.Stat() - if err == nil { - sizeHint = int(stats.Size()) - } - - return c.scrubReader(file, sizeHint) -} - -// ScrubBytes scrubs credentials from slice of bytes -func (c *Scrubber) ScrubBytes(data []byte) ([]byte, error) { - r := bytes.NewReader(data) - return c.scrubReader(r, r.Len()) -} - -// ScrubLine scrubs credentials from a single line of text. It can be safely -// applied to URLs or to strings containing URLs. It does not run multi-line -// replacers, and should not be used on multi-line inputs. -func (c *Scrubber) ScrubLine(message string) string { - return string(c.scrub([]byte(message), c.singleLineReplacers)) -} - -// scrubReader applies the cleaning algorithm to a Reader -func (c *Scrubber) scrubReader(file io.Reader, sizeHint int) ([]byte, error) { - var cleanedBuffer bytes.Buffer - if sizeHint > 0 { - cleanedBuffer.Grow(sizeHint) - } - - scanner := bufio.NewScanner(file) - if sizeHint+1 > bufio.MaxScanTokenSize { - buffer := make([]byte, 0, sizeHint+1) - scanner.Buffer(buffer, sizeHint+1) - } - - // First, we go through the file line by line, applying any - // single-line replacer that matches the line. - first := true - for scanner.Scan() { - b := scanner.Bytes() - if blankRegex.Match(b) { - cleanedBuffer.WriteRune('\n') - } else if !commentRegex.Match(b) { - b = c.scrub(b, c.singleLineReplacers) - if !first { - cleanedBuffer.WriteRune('\n') - } - - cleanedBuffer.Write(b) - first = false - } - } - - if err := scanner.Err(); err != nil { - return nil, err - } - - // Then we apply multiline replacers on the cleaned file - cleanedFile := c.scrub(cleanedBuffer.Bytes(), c.multiLineReplacers) - - return cleanedFile, nil -} - -// scrub applies the given replacers to the given data. -func (c *Scrubber) scrub(data []byte, replacers []Replacer) []byte { - for _, repl := range replacers { - if repl.Regex == nil { - // ignoring YAML only replacers - continue - } - - containsHint := false - for _, hint := range repl.Hints { - if bytes.Contains(data, []byte(hint)) { - containsHint = true - break - } - } - if len(repl.Hints) == 0 || containsHint { - if repl.ReplFunc != nil { - data = repl.Regex.ReplaceAllFunc(data, repl.ReplFunc) - } else { - data = repl.Regex.ReplaceAll(data, repl.Repl) - } - } - } - return data -} diff --git a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/yaml_scrubber.go b/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/yaml_scrubber.go deleted file mode 100644 index 74016778..00000000 --- a/vendor/github.com/DataDog/datadog-agent/pkg/util/scrubber/yaml_scrubber.go +++ /dev/null @@ -1,117 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package scrubber - -import ( - "fmt" - "os" - - "gopkg.in/yaml.v2" -) - -type scrubCallback = func(string, interface{}) (bool, interface{}) - -func walkSlice(data []interface{}, callback scrubCallback) { - for _, k := range data { - switch v := k.(type) { - case map[interface{}]interface{}: - walkHash(v, callback) - case []interface{}: - walkSlice(v, callback) - case map[string]interface{}: - walkStringMap(v, callback) - } - } -} - -func walkHash(data map[interface{}]interface{}, callback scrubCallback) { - for k, v := range data { - if keyString, ok := k.(string); ok { - if match, newValue := callback(keyString, v); match { - data[keyString] = newValue - continue - } - } - - switch v := data[k].(type) { - case map[interface{}]interface{}: - walkHash(v, callback) - case []interface{}: - walkSlice(v, callback) - } - } -} - -func walkStringMap(data map[string]interface{}, callback scrubCallback) { - for k, v := range data { - if match, newValue := callback(k, v); match { - data[k] = newValue - continue - } - switch v := data[k].(type) { - case map[string]interface{}: - walkStringMap(v, callback) - case []interface{}: - walkSlice(v, callback) - } - - } -} - -// walk will go through loaded data and call callback on every strings allowing -// the callback to overwrite the string value -func walk(data *interface{}, callback scrubCallback) { - if data == nil { - return - } - - switch v := (*data).(type) { - case map[interface{}]interface{}: - walkHash(v, callback) - case []interface{}: - walkSlice(v, callback) - case map[string]interface{}: - walkStringMap(v, callback) - } -} - -// ScrubDataObj scrubs credentials from the data interface by recursively walking over all the nodes -func (c *Scrubber) ScrubDataObj(data *interface{}) { - walk(data, func(key string, value interface{}) (bool, interface{}) { - for _, replacer := range c.singleLineReplacers { - if replacer.YAMLKeyRegex == nil { - continue - } - if replacer.YAMLKeyRegex.Match([]byte(key)) { - if replacer.ProcessValue != nil { - return true, replacer.ProcessValue(value) - } - return true, defaultReplacement - } - } - return false, "" - }) -} - -// ScrubYaml scrubs credentials from the given YAML by loading the data and scrubbing the object instead of the -// serialized string. -func (c *Scrubber) ScrubYaml(input []byte) ([]byte, error) { - var data *interface{} - err := yaml.Unmarshal(input, &data) - - // if we can't load the yaml run the default scrubber on the input - if len(input) != 0 && err == nil { - c.ScrubDataObj(data) - newInput, err := yaml.Marshal(data) - if err == nil { - input = newInput - } else { - // Since the scrubber is a dependency of the logger we can use it here. - fmt.Fprintf(os.Stderr, "error scrubbing YAML, falling back on text scrubber: %s\n", err) - } - } - return c.ScrubBytes(input) -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/LICENSE.txt b/vendor/github.com/DataDog/datadog-go/v5/LICENSE.txt deleted file mode 100644 index 97cd06d7..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/LICENSE.txt +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2015 Datadog, Inc - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/README.md b/vendor/github.com/DataDog/datadog-go/v5/statsd/README.md deleted file mode 100644 index 2fc89968..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/README.md +++ /dev/null @@ -1,4 +0,0 @@ -## Overview - -Package `statsd` provides a Go [dogstatsd](http://docs.datadoghq.com/guides/dogstatsd/) client. Dogstatsd extends Statsd, adding tags -and histograms. diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/aggregator.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/aggregator.go deleted file mode 100644 index 33eb930a..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/aggregator.go +++ /dev/null @@ -1,298 +0,0 @@ -package statsd - -import ( - "strings" - "sync" - "sync/atomic" - "time" -) - -type ( - countsMap map[string]*countMetric - gaugesMap map[string]*gaugeMetric - setsMap map[string]*setMetric - bufferedMetricMap map[string]*bufferedMetric -) - -type aggregator struct { - nbContextGauge uint64 - nbContextCount uint64 - nbContextSet uint64 - - countsM sync.RWMutex - gaugesM sync.RWMutex - setsM sync.RWMutex - - gauges gaugesMap - counts countsMap - sets setsMap - histograms bufferedMetricContexts - distributions bufferedMetricContexts - timings bufferedMetricContexts - - closed chan struct{} - - client *Client - - // aggregator implements channelMode mechanism to receive histograms, - // distributions and timings. Since they need sampling they need to - // lock for random. When using both channelMode and ExtendedAggregation - // we don't want goroutine to fight over the lock. - inputMetrics chan metric - stopChannelMode chan struct{} - wg sync.WaitGroup -} - -func newAggregator(c *Client, maxSamplesPerContext int64) *aggregator { - return &aggregator{ - client: c, - counts: countsMap{}, - gauges: gaugesMap{}, - sets: setsMap{}, - histograms: newBufferedContexts(newHistogramMetric, maxSamplesPerContext), - distributions: newBufferedContexts(newDistributionMetric, maxSamplesPerContext), - timings: newBufferedContexts(newTimingMetric, maxSamplesPerContext), - closed: make(chan struct{}), - stopChannelMode: make(chan struct{}), - } -} - -func (a *aggregator) start(flushInterval time.Duration) { - ticker := time.NewTicker(flushInterval) - - go func() { - for { - select { - case <-ticker.C: - a.flush() - case <-a.closed: - ticker.Stop() - return - } - } - }() -} - -func (a *aggregator) startReceivingMetric(bufferSize int, nbWorkers int) { - a.inputMetrics = make(chan metric, bufferSize) - for i := 0; i < nbWorkers; i++ { - a.wg.Add(1) - go a.pullMetric() - } -} - -func (a *aggregator) stopReceivingMetric() { - close(a.stopChannelMode) - a.wg.Wait() -} - -func (a *aggregator) stop() { - a.closed <- struct{}{} -} - -func (a *aggregator) pullMetric() { - for { - select { - case m := <-a.inputMetrics: - switch m.metricType { - case histogram: - a.histogram(m.name, m.fvalue, m.tags, m.rate) - case distribution: - a.distribution(m.name, m.fvalue, m.tags, m.rate) - case timing: - a.timing(m.name, m.fvalue, m.tags, m.rate) - } - case <-a.stopChannelMode: - a.wg.Done() - return - } - } -} - -func (a *aggregator) flush() { - for _, m := range a.flushMetrics() { - a.client.sendBlocking(m) - } -} - -func (a *aggregator) flushTelemetryMetrics(t *Telemetry) { - if a == nil { - // aggregation is disabled - return - } - - t.AggregationNbContextGauge = atomic.LoadUint64(&a.nbContextGauge) - t.AggregationNbContextCount = atomic.LoadUint64(&a.nbContextCount) - t.AggregationNbContextSet = atomic.LoadUint64(&a.nbContextSet) - t.AggregationNbContextHistogram = a.histograms.getNbContext() - t.AggregationNbContextDistribution = a.distributions.getNbContext() - t.AggregationNbContextTiming = a.timings.getNbContext() -} - -func (a *aggregator) flushMetrics() []metric { - metrics := []metric{} - - // We reset the values to avoid sending 'zero' values for metrics not - // sampled during this flush interval - - a.setsM.Lock() - sets := a.sets - a.sets = setsMap{} - a.setsM.Unlock() - - for _, s := range sets { - metrics = append(metrics, s.flushUnsafe()...) - } - - a.gaugesM.Lock() - gauges := a.gauges - a.gauges = gaugesMap{} - a.gaugesM.Unlock() - - for _, g := range gauges { - metrics = append(metrics, g.flushUnsafe()) - } - - a.countsM.Lock() - counts := a.counts - a.counts = countsMap{} - a.countsM.Unlock() - - for _, c := range counts { - metrics = append(metrics, c.flushUnsafe()) - } - - metrics = a.histograms.flush(metrics) - metrics = a.distributions.flush(metrics) - metrics = a.timings.flush(metrics) - - atomic.AddUint64(&a.nbContextCount, uint64(len(counts))) - atomic.AddUint64(&a.nbContextGauge, uint64(len(gauges))) - atomic.AddUint64(&a.nbContextSet, uint64(len(sets))) - return metrics -} - -// getContext returns the context for a metric name and tags. -// -// The context is the metric name and tags separated by a separator symbol. -// It is not intended to be used as a metric name but as a unique key to aggregate -func getContext(name string, tags []string) string { - c, _ := getContextAndTags(name, tags) - return c -} - -// getContextAndTags returns the context and tags for a metric name and tags. -// -// See getContext for usage for context -// The tags are the tags separated by a separator symbol and can be re-used to pass down to the writer -func getContextAndTags(name string, tags []string) (string, string) { - if len(tags) == 0 { - return name, "" - } - n := len(name) + len(nameSeparatorSymbol) + len(tagSeparatorSymbol)*(len(tags)-1) - for _, s := range tags { - n += len(s) - } - - var sb strings.Builder - sb.Grow(n) - sb.WriteString(name) - sb.WriteString(nameSeparatorSymbol) - sb.WriteString(tags[0]) - for _, s := range tags[1:] { - sb.WriteString(tagSeparatorSymbol) - sb.WriteString(s) - } - - s := sb.String() - - return s, s[len(name)+len(nameSeparatorSymbol):] -} - -func (a *aggregator) count(name string, value int64, tags []string) error { - context := getContext(name, tags) - a.countsM.RLock() - if count, found := a.counts[context]; found { - count.sample(value) - a.countsM.RUnlock() - return nil - } - a.countsM.RUnlock() - - a.countsM.Lock() - // Check if another goroutines hasn't created the value betwen the RUnlock and 'Lock' - if count, found := a.counts[context]; found { - count.sample(value) - a.countsM.Unlock() - return nil - } - - a.counts[context] = newCountMetric(name, value, tags) - a.countsM.Unlock() - return nil -} - -func (a *aggregator) gauge(name string, value float64, tags []string) error { - context := getContext(name, tags) - a.gaugesM.RLock() - if gauge, found := a.gauges[context]; found { - gauge.sample(value) - a.gaugesM.RUnlock() - return nil - } - a.gaugesM.RUnlock() - - gauge := newGaugeMetric(name, value, tags) - - a.gaugesM.Lock() - // Check if another goroutines hasn't created the value betwen the 'RUnlock' and 'Lock' - if gauge, found := a.gauges[context]; found { - gauge.sample(value) - a.gaugesM.Unlock() - return nil - } - a.gauges[context] = gauge - a.gaugesM.Unlock() - return nil -} - -func (a *aggregator) set(name string, value string, tags []string) error { - context := getContext(name, tags) - a.setsM.RLock() - if set, found := a.sets[context]; found { - set.sample(value) - a.setsM.RUnlock() - return nil - } - a.setsM.RUnlock() - - a.setsM.Lock() - // Check if another goroutines hasn't created the value betwen the 'RUnlock' and 'Lock' - if set, found := a.sets[context]; found { - set.sample(value) - a.setsM.Unlock() - return nil - } - a.sets[context] = newSetMetric(name, value, tags) - a.setsM.Unlock() - return nil -} - -// Only histograms, distributions and timings are sampled with a rate since we -// only pack them in on message instead of aggregating them. Discarding the -// sample rate will have impacts on the CPU and memory usage of the Agent. - -// type alias for Client.sendToAggregator -type bufferedMetricSampleFunc func(name string, value float64, tags []string, rate float64) error - -func (a *aggregator) histogram(name string, value float64, tags []string, rate float64) error { - return a.histograms.sample(name, value, tags, rate) -} - -func (a *aggregator) distribution(name string, value float64, tags []string, rate float64) error { - return a.distributions.sample(name, value, tags, rate) -} - -func (a *aggregator) timing(name string, value float64, tags []string, rate float64) error { - return a.timings.sample(name, value, tags, rate) -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/buffer.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/buffer.go deleted file mode 100644 index 91f2e32b..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/buffer.go +++ /dev/null @@ -1,198 +0,0 @@ -package statsd - -import ( - "strconv" -) - -// MessageTooLongError is an error returned when a sample, event or service check is too large once serialized. See -// WithMaxBytesPerPayload option for more details. -type MessageTooLongError struct{} - -func (e MessageTooLongError) Error() string { - return "message too long. See 'WithMaxBytesPerPayload' documentation." -} - -var errBufferFull = MessageTooLongError{} - -type partialWriteError string - -func (e partialWriteError) Error() string { return string(e) } - -const errPartialWrite = partialWriteError("value partially written") - -const metricOverhead = 512 - -// statsdBuffer is a buffer containing statsd messages -// this struct methods are NOT safe for concurrent use -type statsdBuffer struct { - buffer []byte - maxSize int - maxElements int - elementCount int -} - -func newStatsdBuffer(maxSize, maxElements int) *statsdBuffer { - return &statsdBuffer{ - buffer: make([]byte, 0, maxSize+metricOverhead), // pre-allocate the needed size + metricOverhead to avoid having Go re-allocate on it's own if an element does not fit - maxSize: maxSize, - maxElements: maxElements, - } -} - -func (b *statsdBuffer) writeGauge(namespace string, globalTags []string, name string, value float64, tags []string, rate float64, timestamp int64) error { - if b.elementCount >= b.maxElements { - return errBufferFull - } - originalBuffer := b.buffer - b.buffer = appendGauge(b.buffer, namespace, globalTags, name, value, tags, rate) - b.buffer = appendTimestamp(b.buffer, timestamp) - b.writeSeparator() - return b.validateNewElement(originalBuffer) -} - -func (b *statsdBuffer) writeCount(namespace string, globalTags []string, name string, value int64, tags []string, rate float64, timestamp int64) error { - if b.elementCount >= b.maxElements { - return errBufferFull - } - originalBuffer := b.buffer - b.buffer = appendCount(b.buffer, namespace, globalTags, name, value, tags, rate) - b.buffer = appendTimestamp(b.buffer, timestamp) - b.writeSeparator() - return b.validateNewElement(originalBuffer) -} - -func (b *statsdBuffer) writeHistogram(namespace string, globalTags []string, name string, value float64, tags []string, rate float64) error { - if b.elementCount >= b.maxElements { - return errBufferFull - } - originalBuffer := b.buffer - b.buffer = appendHistogram(b.buffer, namespace, globalTags, name, value, tags, rate) - b.writeSeparator() - return b.validateNewElement(originalBuffer) -} - -// writeAggregated serialized as many values as possible in the current buffer and return the position in values where it stopped. -func (b *statsdBuffer) writeAggregated(metricSymbol []byte, namespace string, globalTags []string, name string, values []float64, tags string, tagSize int, precision int, rate float64) (int, error) { - if b.elementCount >= b.maxElements { - return 0, errBufferFull - } - - originalBuffer := b.buffer - b.buffer = appendHeader(b.buffer, namespace, name) - - // buffer already full - if len(b.buffer)+tagSize > b.maxSize { - b.buffer = originalBuffer - return 0, errBufferFull - } - - // We add as many value as possible - var position int - for idx, v := range values { - previousBuffer := b.buffer - if idx != 0 { - b.buffer = append(b.buffer, ':') - } - - b.buffer = strconv.AppendFloat(b.buffer, v, 'f', precision, 64) - - // Should we stop serializing and switch to another buffer - if len(b.buffer)+tagSize > b.maxSize { - b.buffer = previousBuffer - break - } - position = idx + 1 - } - - // we could not add a single value - if position == 0 { - b.buffer = originalBuffer - return 0, errBufferFull - } - - b.buffer = append(b.buffer, '|') - b.buffer = append(b.buffer, metricSymbol...) - b.buffer = appendRate(b.buffer, rate) - b.buffer = appendTagsAggregated(b.buffer, globalTags, tags) - b.buffer = appendContainerID(b.buffer) - b.writeSeparator() - b.elementCount++ - - if position != len(values) { - return position, errPartialWrite - } - return position, nil - -} - -func (b *statsdBuffer) writeDistribution(namespace string, globalTags []string, name string, value float64, tags []string, rate float64) error { - if b.elementCount >= b.maxElements { - return errBufferFull - } - originalBuffer := b.buffer - b.buffer = appendDistribution(b.buffer, namespace, globalTags, name, value, tags, rate) - b.writeSeparator() - return b.validateNewElement(originalBuffer) -} - -func (b *statsdBuffer) writeSet(namespace string, globalTags []string, name string, value string, tags []string, rate float64) error { - if b.elementCount >= b.maxElements { - return errBufferFull - } - originalBuffer := b.buffer - b.buffer = appendSet(b.buffer, namespace, globalTags, name, value, tags, rate) - b.writeSeparator() - return b.validateNewElement(originalBuffer) -} - -func (b *statsdBuffer) writeTiming(namespace string, globalTags []string, name string, value float64, tags []string, rate float64) error { - if b.elementCount >= b.maxElements { - return errBufferFull - } - originalBuffer := b.buffer - b.buffer = appendTiming(b.buffer, namespace, globalTags, name, value, tags, rate) - b.writeSeparator() - return b.validateNewElement(originalBuffer) -} - -func (b *statsdBuffer) writeEvent(event *Event, globalTags []string) error { - if b.elementCount >= b.maxElements { - return errBufferFull - } - originalBuffer := b.buffer - b.buffer = appendEvent(b.buffer, event, globalTags) - b.writeSeparator() - return b.validateNewElement(originalBuffer) -} - -func (b *statsdBuffer) writeServiceCheck(serviceCheck *ServiceCheck, globalTags []string) error { - if b.elementCount >= b.maxElements { - return errBufferFull - } - originalBuffer := b.buffer - b.buffer = appendServiceCheck(b.buffer, serviceCheck, globalTags) - b.writeSeparator() - return b.validateNewElement(originalBuffer) -} - -func (b *statsdBuffer) validateNewElement(originalBuffer []byte) error { - if len(b.buffer) > b.maxSize { - b.buffer = originalBuffer - return errBufferFull - } - b.elementCount++ - return nil -} - -func (b *statsdBuffer) writeSeparator() { - b.buffer = append(b.buffer, '\n') -} - -func (b *statsdBuffer) reset() { - b.buffer = b.buffer[:0] - b.elementCount = 0 -} - -func (b *statsdBuffer) bytes() []byte { - return b.buffer -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/buffer_pool.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/buffer_pool.go deleted file mode 100644 index 7a3e3c9d..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/buffer_pool.go +++ /dev/null @@ -1,40 +0,0 @@ -package statsd - -type bufferPool struct { - pool chan *statsdBuffer - bufferMaxSize int - bufferMaxElements int -} - -func newBufferPool(poolSize, bufferMaxSize, bufferMaxElements int) *bufferPool { - p := &bufferPool{ - pool: make(chan *statsdBuffer, poolSize), - bufferMaxSize: bufferMaxSize, - bufferMaxElements: bufferMaxElements, - } - for i := 0; i < poolSize; i++ { - p.addNewBuffer() - } - return p -} - -func (p *bufferPool) addNewBuffer() { - p.pool <- newStatsdBuffer(p.bufferMaxSize, p.bufferMaxElements) -} - -func (p *bufferPool) borrowBuffer() *statsdBuffer { - select { - case b := <-p.pool: - return b - default: - return newStatsdBuffer(p.bufferMaxSize, p.bufferMaxElements) - } -} - -func (p *bufferPool) returnBuffer(buffer *statsdBuffer) { - buffer.reset() - select { - case p.pool <- buffer: - default: - } -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/buffered_metric_context.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/buffered_metric_context.go deleted file mode 100644 index 94b31fe5..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/buffered_metric_context.go +++ /dev/null @@ -1,104 +0,0 @@ -package statsd - -import ( - "math/rand" - "sync" - "sync/atomic" - "time" -) - -// bufferedMetricContexts represent the contexts for Histograms, Distributions -// and Timing. Since those 3 metric types behave the same way and are sampled -// with the same type they're represented by the same class. -type bufferedMetricContexts struct { - nbContext uint64 - mutex sync.RWMutex - values bufferedMetricMap - newMetric func(string, float64, string, float64) *bufferedMetric - - // Each bufferedMetricContexts uses its own random source and random - // lock to prevent goroutines from contending for the lock on the - // "math/rand" package-global random source (e.g. calls like - // "rand.Float64()" must acquire a shared lock to get the next - // pseudorandom number). - random *rand.Rand - randomLock sync.Mutex -} - -func newBufferedContexts(newMetric func(string, float64, string, int64, float64) *bufferedMetric, maxSamples int64) bufferedMetricContexts { - return bufferedMetricContexts{ - values: bufferedMetricMap{}, - newMetric: func(name string, value float64, stringTags string, rate float64) *bufferedMetric { - return newMetric(name, value, stringTags, maxSamples, rate) - }, - // Note that calling "time.Now().UnixNano()" repeatedly quickly may return - // very similar values. That's fine for seeding the worker-specific random - // source because we just need an evenly distributed stream of float values. - // Do not use this random source for cryptographic randomness. - random: rand.New(rand.NewSource(time.Now().UnixNano())), - } -} - -func (bc *bufferedMetricContexts) flush(metrics []metric) []metric { - bc.mutex.Lock() - values := bc.values - bc.values = bufferedMetricMap{} - bc.mutex.Unlock() - - for _, d := range values { - d.Lock() - metrics = append(metrics, d.flushUnsafe()) - d.Unlock() - } - atomic.AddUint64(&bc.nbContext, uint64(len(values))) - return metrics -} - -func (bc *bufferedMetricContexts) sample(name string, value float64, tags []string, rate float64) error { - keepingSample := shouldSample(rate, bc.random, &bc.randomLock) - - // If we don't keep the sample, return early. If we do keep the sample - // we end up storing the *first* observed sampling rate in the metric. - // This is the *wrong* behavior but it's the one we had before and the alternative would increase lock contention too - // much with the current code. - // TODO: change this behavior in the future, probably by introducing thread-local storage and lockless stuctures. - // If this code is removed, also remove the observed sampling rate in the metric and fix `bufferedMetric.flushUnsafe()` - if !keepingSample { - return nil - } - - context, stringTags := getContextAndTags(name, tags) - var v *bufferedMetric - - bc.mutex.RLock() - v, _ = bc.values[context] - bc.mutex.RUnlock() - - // Create it if it wasn't found - if v == nil { - bc.mutex.Lock() - // It might have been created by another goroutine since last call - v, _ = bc.values[context] - if v == nil { - // If we might keep a sample that we should have skipped, but that should not drastically affect performances. - bc.values[context] = bc.newMetric(name, value, stringTags, rate) - // We added a new value, we need to unlock the mutex and quit - bc.mutex.Unlock() - return nil - } - bc.mutex.Unlock() - } - - // Now we can keep the sample or skip it - if keepingSample { - v.maybeKeepSample(value, bc.random, &bc.randomLock) - } else { - v.skipSample() - } - - return nil -} - -func (bc *bufferedMetricContexts) getNbContext() uint64 { - return atomic.LoadUint64(&bc.nbContext) -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/container.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/container.go deleted file mode 100644 index 20d69ef6..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/container.go +++ /dev/null @@ -1,19 +0,0 @@ -package statsd - -import ( - "sync" -) - -var ( - // containerID holds the container ID. - containerID = "" - - initOnce sync.Once -) - -// getContainerID returns the container ID configured at the client creation -// It can either be auto-discovered with origin detection or provided by the user. -// User-defined container ID is prioritized. -func getContainerID() string { - return containerID -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/container_linux.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/container_linux.go deleted file mode 100644 index ad74f7ab..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/container_linux.go +++ /dev/null @@ -1,206 +0,0 @@ -//go:build linux -// +build linux - -package statsd - -import ( - "bufio" - "fmt" - "io" - "os" - "path" - "regexp" - "strings" - "syscall" -) - -const ( - // cgroupPath is the path to the cgroup file where we can find the container id if one exists. - cgroupPath = "/proc/self/cgroup" - - // selfMountinfo is the path to the mountinfo path where we can find the container id in case cgroup namespace is preventing the use of /proc/self/cgroup - selfMountInfoPath = "/proc/self/mountinfo" - - // defaultCgroupMountPath is the default path to the cgroup mount point. - defaultCgroupMountPath = "/sys/fs/cgroup" - - // cgroupV1BaseController is the controller used to identify the container-id for cgroup v1 - cgroupV1BaseController = "memory" - - uuidSource = "[0-9a-f]{8}[-_][0-9a-f]{4}[-_][0-9a-f]{4}[-_][0-9a-f]{4}[-_][0-9a-f]{12}" - containerSource = "[0-9a-f]{64}" - taskSource = "[0-9a-f]{32}-\\d+" - - containerdSandboxPrefix = "sandboxes" - - // ContainerRegexpStr defines the regexp used to match container IDs - // ([0-9a-f]{64}) is standard container id used pretty much everywhere - // ([0-9a-f]{32}-[0-9]{10}) is container id used by AWS ECS - // ([0-9a-f]{8}(-[0-9a-f]{4}){4}$) is container id used by Garden - containerRegexpStr = "([0-9a-f]{64})|([0-9a-f]{32}-[0-9]{10})|([0-9a-f]{8}(-[0-9a-f]{4}){4}$)" - // cIDRegexpStr defines the regexp used to match container IDs in /proc/self/mountinfo - cIDRegexpStr = `.*/([^\s/]+)/(` + containerRegexpStr + `)/[\S]*hostname` - - // From https://github.com/torvalds/linux/blob/5859a2b1991101d6b978f3feb5325dad39421f29/include/linux/proc_ns.h#L41-L49 - // Currently, host namespace inode number are hardcoded, which can be used to detect - // if we're running in host namespace or not (does not work when running in DinD) - hostCgroupNamespaceInode = 0xEFFFFFFB -) - -var ( - // expLine matches a line in the /proc/self/cgroup file. It has a submatch for the last element (path), which contains the container ID. - expLine = regexp.MustCompile(`^\d+:[^:]*:(.+)$`) - - // expContainerID matches contained IDs and sources. Source: https://github.com/Qard/container-info/blob/master/index.js - expContainerID = regexp.MustCompile(fmt.Sprintf(`(%s|%s|%s)(?:.scope)?$`, uuidSource, containerSource, taskSource)) - - cIDMountInfoRegexp = regexp.MustCompile(cIDRegexpStr) - - // initContainerID initializes the container ID. - initContainerID = internalInitContainerID -) - -// parseContainerID finds the first container ID reading from r and returns it. -func parseContainerID(r io.Reader) string { - scn := bufio.NewScanner(r) - for scn.Scan() { - path := expLine.FindStringSubmatch(scn.Text()) - if len(path) != 2 { - // invalid entry, continue - continue - } - if parts := expContainerID.FindStringSubmatch(path[1]); len(parts) == 2 { - return parts[1] - } - } - return "" -} - -// readContainerID attempts to return the container ID from the provided file path or empty on failure. -func readContainerID(fpath string) string { - f, err := os.Open(fpath) - if err != nil { - return "" - } - defer f.Close() - return parseContainerID(f) -} - -// Parsing /proc/self/mountinfo is not always reliable in Kubernetes+containerd (at least) -// We're still trying to use it as it may help in some cgroupv2 configurations (Docker, ECS, raw containerd) -func parseMountinfo(r io.Reader) string { - scn := bufio.NewScanner(r) - for scn.Scan() { - line := scn.Text() - allMatches := cIDMountInfoRegexp.FindAllStringSubmatch(line, -1) - if len(allMatches) == 0 { - continue - } - - // We're interest in rightmost match - matches := allMatches[len(allMatches)-1] - if len(matches) > 0 && matches[1] != containerdSandboxPrefix { - return matches[2] - } - } - - return "" -} - -func readMountinfo(path string) string { - f, err := os.Open(path) - if err != nil { - return "" - } - defer f.Close() - return parseMountinfo(f) -} - -func isHostCgroupNamespace() bool { - fi, err := os.Stat("/proc/self/ns/cgroup") - if err != nil { - return false - } - - inode := fi.Sys().(*syscall.Stat_t).Ino - - return inode == hostCgroupNamespaceInode -} - -// parseCgroupNodePath parses /proc/self/cgroup and returns a map of controller to its associated cgroup node path. -func parseCgroupNodePath(r io.Reader) map[string]string { - res := make(map[string]string) - scn := bufio.NewScanner(r) - for scn.Scan() { - line := scn.Text() - tokens := strings.Split(line, ":") - if len(tokens) != 3 { - continue - } - if tokens[1] == cgroupV1BaseController || tokens[1] == "" { - res[tokens[1]] = tokens[2] - } - } - return res -} - -// getCgroupInode returns the cgroup controller inode if it exists otherwise an empty string. -// The inode is prefixed by "in-" and is used by the agent to retrieve the container ID. -// For cgroup v1, we use the memory controller. -func getCgroupInode(cgroupMountPath, procSelfCgroupPath string) string { - // Parse /proc/self/cgroup to retrieve the paths to the memory controller (cgroupv1) and the cgroup node (cgroupv2) - f, err := os.Open(procSelfCgroupPath) - if err != nil { - return "" - } - defer f.Close() - cgroupControllersPaths := parseCgroupNodePath(f) - // Retrieve the cgroup inode from /sys/fs/cgroup+controller+cgroupNodePath - for _, controller := range []string{cgroupV1BaseController, ""} { - cgroupNodePath, ok := cgroupControllersPaths[controller] - if !ok { - continue - } - inode := inodeForPath(path.Join(cgroupMountPath, controller, cgroupNodePath)) - if inode != "" { - return inode - } - } - return "" -} - -// inodeForPath returns the inode for the provided path or empty on failure. -func inodeForPath(path string) string { - fi, err := os.Stat(path) - if err != nil { - return "" - } - stats, ok := fi.Sys().(*syscall.Stat_t) - if !ok { - return "" - } - return fmt.Sprintf("in-%d", stats.Ino) -} - -// internalInitContainerID initializes the container ID. -// It can either be provided by the user or read from cgroups. -func internalInitContainerID(userProvidedID string, cgroupFallback bool) { - initOnce.Do(func() { - if userProvidedID != "" { - containerID = userProvidedID - return - } - - if cgroupFallback { - isHostCgroupNs := isHostCgroupNamespace() - if isHostCgroupNs { - containerID = readContainerID(cgroupPath) - return - } - containerID = readMountinfo(selfMountInfoPath) - if containerID != "" { - containerID = getCgroupInode(defaultCgroupMountPath, cgroupPath) - } - } - }) -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/container_stub.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/container_stub.go deleted file mode 100644 index 5a143d19..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/container_stub.go +++ /dev/null @@ -1,13 +0,0 @@ -//go:build !linux -// +build !linux - -package statsd - -var initContainerID = func(userProvidedID string, cgroupFallback bool) { - initOnce.Do(func() { - if userProvidedID != "" { - containerID = userProvidedID - return - } - }) -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/error_handler.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/error_handler.go deleted file mode 100644 index 00762627..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/error_handler.go +++ /dev/null @@ -1,22 +0,0 @@ -package statsd - -import ( - "log" -) - -func LoggingErrorHandler(err error) { - if e, ok := err.(*ErrorInputChannelFull); ok { - log.Printf( - "Input Queue is full (%d elements): %s %s dropped - %s - increase channel buffer size with `WithChannelModeBufferSize()`", - e.ChannelSize, e.Metric.name, e.Metric.tags, e.Msg, - ) - return - } else if e, ok := err.(*ErrorSenderChannelFull); ok { - log.Printf( - "Sender Queue is full (%d elements): %d metrics dropped - %s - increase sender queue size with `WithSenderQueueSize()`", - e.ChannelSize, e.LostElements, e.Msg, - ) - } else { - log.Printf("Error: %v", err) - } -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/event.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/event.go deleted file mode 100644 index a2ca4faf..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/event.go +++ /dev/null @@ -1,75 +0,0 @@ -package statsd - -import ( - "fmt" - "time" -) - -// Events support -// EventAlertType and EventAlertPriority became exported types after this issue was submitted: https://github.com/DataDog/datadog-go/issues/41 -// The reason why they got exported is so that client code can directly use the types. - -// EventAlertType is the alert type for events -type EventAlertType string - -const ( - // Info is the "info" AlertType for events - Info EventAlertType = "info" - // Error is the "error" AlertType for events - Error EventAlertType = "error" - // Warning is the "warning" AlertType for events - Warning EventAlertType = "warning" - // Success is the "success" AlertType for events - Success EventAlertType = "success" -) - -// EventPriority is the event priority for events -type EventPriority string - -const ( - // Normal is the "normal" Priority for events - Normal EventPriority = "normal" - // Low is the "low" Priority for events - Low EventPriority = "low" -) - -// An Event is an object that can be posted to your DataDog event stream. -type Event struct { - // Title of the event. Required. - Title string - // Text is the description of the event. - Text string - // Timestamp is a timestamp for the event. If not provided, the dogstatsd - // server will set this to the current time. - Timestamp time.Time - // Hostname for the event. - Hostname string - // AggregationKey groups this event with others of the same key. - AggregationKey string - // Priority of the event. Can be statsd.Low or statsd.Normal. - Priority EventPriority - // SourceTypeName is a source type for the event. - SourceTypeName string - // AlertType can be statsd.Info, statsd.Error, statsd.Warning, or statsd.Success. - // If absent, the default value applied by the dogstatsd server is Info. - AlertType EventAlertType - // Tags for the event. - Tags []string -} - -// NewEvent creates a new event with the given title and text. Error checking -// against these values is done at send-time, or upon running e.Check. -func NewEvent(title, text string) *Event { - return &Event{ - Title: title, - Text: text, - } -} - -// Check verifies that an event is valid. -func (e *Event) Check() error { - if len(e.Title) == 0 { - return fmt.Errorf("statsd.Event title is required") - } - return nil -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/fnv1a.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/fnv1a.go deleted file mode 100644 index 03dc8a07..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/fnv1a.go +++ /dev/null @@ -1,39 +0,0 @@ -package statsd - -const ( - // FNV-1a - offset32 = uint32(2166136261) - prime32 = uint32(16777619) - - // init32 is what 32 bits hash values should be initialized with. - init32 = offset32 -) - -// HashString32 returns the hash of s. -func hashString32(s string) uint32 { - return addString32(init32, s) -} - -// AddString32 adds the hash of s to the precomputed hash value h. -func addString32(h uint32, s string) uint32 { - i := 0 - n := (len(s) / 8) * 8 - - for i != n { - h = (h ^ uint32(s[i])) * prime32 - h = (h ^ uint32(s[i+1])) * prime32 - h = (h ^ uint32(s[i+2])) * prime32 - h = (h ^ uint32(s[i+3])) * prime32 - h = (h ^ uint32(s[i+4])) * prime32 - h = (h ^ uint32(s[i+5])) * prime32 - h = (h ^ uint32(s[i+6])) * prime32 - h = (h ^ uint32(s[i+7])) * prime32 - i += 8 - } - - for _, c := range s[i:] { - h = (h ^ uint32(c)) * prime32 - } - - return h -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/format.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/format.go deleted file mode 100644 index f3ab9231..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/format.go +++ /dev/null @@ -1,280 +0,0 @@ -package statsd - -import ( - "strconv" - "strings" -) - -var ( - gaugeSymbol = []byte("g") - countSymbol = []byte("c") - histogramSymbol = []byte("h") - distributionSymbol = []byte("d") - setSymbol = []byte("s") - timingSymbol = []byte("ms") - tagSeparatorSymbol = "," - nameSeparatorSymbol = ":" -) - -func appendHeader(buffer []byte, namespace string, name string) []byte { - if namespace != "" { - buffer = append(buffer, namespace...) - } - buffer = append(buffer, name...) - buffer = append(buffer, ':') - return buffer -} - -func appendRate(buffer []byte, rate float64) []byte { - if rate < 1 { - buffer = append(buffer, "|@"...) - buffer = strconv.AppendFloat(buffer, rate, 'f', -1, 64) - } - return buffer -} - -func appendWithoutNewlines(buffer []byte, s string) []byte { - // fastpath for strings without newlines - if strings.IndexByte(s, '\n') == -1 { - return append(buffer, s...) - } - - for _, b := range []byte(s) { - if b != '\n' { - buffer = append(buffer, b) - } - } - return buffer -} - -func appendTags(buffer []byte, globalTags []string, tags []string) []byte { - if len(globalTags) == 0 && len(tags) == 0 { - return buffer - } - buffer = append(buffer, "|#"...) - firstTag := true - - for _, tag := range globalTags { - if !firstTag { - buffer = append(buffer, tagSeparatorSymbol...) - } - buffer = appendWithoutNewlines(buffer, tag) - firstTag = false - } - for _, tag := range tags { - if !firstTag { - buffer = append(buffer, tagSeparatorSymbol...) - } - buffer = appendWithoutNewlines(buffer, tag) - firstTag = false - } - return buffer -} - -func appendTagsAggregated(buffer []byte, globalTags []string, tags string) []byte { - if len(globalTags) == 0 && tags == "" { - return buffer - } - - buffer = append(buffer, "|#"...) - firstTag := true - - for _, tag := range globalTags { - if !firstTag { - buffer = append(buffer, tagSeparatorSymbol...) - } - buffer = appendWithoutNewlines(buffer, tag) - firstTag = false - } - if tags != "" { - if !firstTag { - buffer = append(buffer, tagSeparatorSymbol...) - } - buffer = appendWithoutNewlines(buffer, tags) - } - return buffer -} - -func appendFloatMetric(buffer []byte, typeSymbol []byte, namespace string, globalTags []string, name string, value float64, tags []string, rate float64, precision int) []byte { - buffer = appendHeader(buffer, namespace, name) - buffer = strconv.AppendFloat(buffer, value, 'f', precision, 64) - buffer = append(buffer, '|') - buffer = append(buffer, typeSymbol...) - buffer = appendRate(buffer, rate) - buffer = appendTags(buffer, globalTags, tags) - buffer = appendContainerID(buffer) - return buffer -} - -func appendIntegerMetric(buffer []byte, typeSymbol []byte, namespace string, globalTags []string, name string, value int64, tags []string, rate float64) []byte { - buffer = appendHeader(buffer, namespace, name) - buffer = strconv.AppendInt(buffer, value, 10) - buffer = append(buffer, '|') - buffer = append(buffer, typeSymbol...) - buffer = appendRate(buffer, rate) - buffer = appendTags(buffer, globalTags, tags) - buffer = appendContainerID(buffer) - return buffer -} - -func appendStringMetric(buffer []byte, typeSymbol []byte, namespace string, globalTags []string, name string, value string, tags []string, rate float64) []byte { - buffer = appendHeader(buffer, namespace, name) - buffer = append(buffer, value...) - buffer = append(buffer, '|') - buffer = append(buffer, typeSymbol...) - buffer = appendRate(buffer, rate) - buffer = appendTags(buffer, globalTags, tags) - buffer = appendContainerID(buffer) - return buffer -} - -func appendGauge(buffer []byte, namespace string, globalTags []string, name string, value float64, tags []string, rate float64) []byte { - return appendFloatMetric(buffer, gaugeSymbol, namespace, globalTags, name, value, tags, rate, -1) -} - -func appendCount(buffer []byte, namespace string, globalTags []string, name string, value int64, tags []string, rate float64) []byte { - return appendIntegerMetric(buffer, countSymbol, namespace, globalTags, name, value, tags, rate) -} - -func appendHistogram(buffer []byte, namespace string, globalTags []string, name string, value float64, tags []string, rate float64) []byte { - return appendFloatMetric(buffer, histogramSymbol, namespace, globalTags, name, value, tags, rate, -1) -} - -func appendDistribution(buffer []byte, namespace string, globalTags []string, name string, value float64, tags []string, rate float64) []byte { - return appendFloatMetric(buffer, distributionSymbol, namespace, globalTags, name, value, tags, rate, -1) -} - -func appendSet(buffer []byte, namespace string, globalTags []string, name string, value string, tags []string, rate float64) []byte { - return appendStringMetric(buffer, setSymbol, namespace, globalTags, name, value, tags, rate) -} - -func appendTiming(buffer []byte, namespace string, globalTags []string, name string, value float64, tags []string, rate float64) []byte { - return appendFloatMetric(buffer, timingSymbol, namespace, globalTags, name, value, tags, rate, 6) -} - -func escapedEventTextLen(text string) int { - return len(text) + strings.Count(text, "\n") -} - -func appendEscapedEventText(buffer []byte, text string) []byte { - for _, b := range []byte(text) { - if b != '\n' { - buffer = append(buffer, b) - } else { - buffer = append(buffer, "\\n"...) - } - } - return buffer -} - -func appendEvent(buffer []byte, event *Event, globalTags []string) []byte { - escapedTextLen := escapedEventTextLen(event.Text) - - buffer = append(buffer, "_e{"...) - buffer = strconv.AppendInt(buffer, int64(len(event.Title)), 10) - buffer = append(buffer, tagSeparatorSymbol...) - buffer = strconv.AppendInt(buffer, int64(escapedTextLen), 10) - buffer = append(buffer, "}:"...) - buffer = append(buffer, event.Title...) - buffer = append(buffer, '|') - if escapedTextLen != len(event.Text) { - buffer = appendEscapedEventText(buffer, event.Text) - } else { - buffer = append(buffer, event.Text...) - } - - if !event.Timestamp.IsZero() { - buffer = append(buffer, "|d:"...) - buffer = strconv.AppendInt(buffer, int64(event.Timestamp.Unix()), 10) - } - - if len(event.Hostname) != 0 { - buffer = append(buffer, "|h:"...) - buffer = append(buffer, event.Hostname...) - } - - if len(event.AggregationKey) != 0 { - buffer = append(buffer, "|k:"...) - buffer = append(buffer, event.AggregationKey...) - } - - if len(event.Priority) != 0 { - buffer = append(buffer, "|p:"...) - buffer = append(buffer, event.Priority...) - } - - if len(event.SourceTypeName) != 0 { - buffer = append(buffer, "|s:"...) - buffer = append(buffer, event.SourceTypeName...) - } - - if len(event.AlertType) != 0 { - buffer = append(buffer, "|t:"...) - buffer = append(buffer, string(event.AlertType)...) - } - - buffer = appendTags(buffer, globalTags, event.Tags) - buffer = appendContainerID(buffer) - return buffer -} - -func appendEscapedServiceCheckText(buffer []byte, text string) []byte { - for i := 0; i < len(text); i++ { - if text[i] == '\n' { - buffer = append(buffer, "\\n"...) - } else if text[i] == 'm' && i+1 < len(text) && text[i+1] == ':' { - buffer = append(buffer, "m\\:"...) - i++ - } else { - buffer = append(buffer, text[i]) - } - } - return buffer -} - -func appendServiceCheck(buffer []byte, serviceCheck *ServiceCheck, globalTags []string) []byte { - buffer = append(buffer, "_sc|"...) - buffer = append(buffer, serviceCheck.Name...) - buffer = append(buffer, '|') - buffer = strconv.AppendInt(buffer, int64(serviceCheck.Status), 10) - - if !serviceCheck.Timestamp.IsZero() { - buffer = append(buffer, "|d:"...) - buffer = strconv.AppendInt(buffer, int64(serviceCheck.Timestamp.Unix()), 10) - } - - if len(serviceCheck.Hostname) != 0 { - buffer = append(buffer, "|h:"...) - buffer = append(buffer, serviceCheck.Hostname...) - } - - buffer = appendTags(buffer, globalTags, serviceCheck.Tags) - - if len(serviceCheck.Message) != 0 { - buffer = append(buffer, "|m:"...) - buffer = appendEscapedServiceCheckText(buffer, serviceCheck.Message) - } - - buffer = appendContainerID(buffer) - return buffer -} - -func appendSeparator(buffer []byte) []byte { - return append(buffer, '\n') -} - -func appendContainerID(buffer []byte) []byte { - if containerID := getContainerID(); len(containerID) > 0 { - buffer = append(buffer, "|c:"...) - buffer = append(buffer, containerID...) - } - return buffer -} - -func appendTimestamp(buffer []byte, timestamp int64) []byte { - if timestamp > noTimestamp { - buffer = append(buffer, "|T"...) - buffer = strconv.AppendInt(buffer, timestamp, 10) - } - return buffer -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/metrics.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/metrics.go deleted file mode 100644 index 3d243b7a..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/metrics.go +++ /dev/null @@ -1,268 +0,0 @@ -package statsd - -import ( - "math" - "math/rand" - "sync" - "sync/atomic" -) - -/* -Those are metrics type that can be aggregated on the client side: - - Gauge - - Count - - Set -*/ - -type countMetric struct { - value int64 - name string - tags []string -} - -func newCountMetric(name string, value int64, tags []string) *countMetric { - return &countMetric{ - value: value, - name: name, - tags: copySlice(tags), - } -} - -func (c *countMetric) sample(v int64) { - atomic.AddInt64(&c.value, v) -} - -func (c *countMetric) flushUnsafe() metric { - return metric{ - metricType: count, - name: c.name, - tags: c.tags, - rate: 1, - ivalue: c.value, - } -} - -// Gauge - -type gaugeMetric struct { - value uint64 - name string - tags []string -} - -func newGaugeMetric(name string, value float64, tags []string) *gaugeMetric { - return &gaugeMetric{ - value: math.Float64bits(value), - name: name, - tags: copySlice(tags), - } -} - -func (g *gaugeMetric) sample(v float64) { - atomic.StoreUint64(&g.value, math.Float64bits(v)) -} - -func (g *gaugeMetric) flushUnsafe() metric { - return metric{ - metricType: gauge, - name: g.name, - tags: g.tags, - rate: 1, - fvalue: math.Float64frombits(g.value), - } -} - -// Set - -type setMetric struct { - data map[string]struct{} - name string - tags []string - sync.Mutex -} - -func newSetMetric(name string, value string, tags []string) *setMetric { - set := &setMetric{ - data: map[string]struct{}{}, - name: name, - tags: copySlice(tags), - } - set.data[value] = struct{}{} - return set -} - -func (s *setMetric) sample(v string) { - s.Lock() - defer s.Unlock() - s.data[v] = struct{}{} -} - -// Sets are aggregated on the agent side too. We flush the keys so a set from -// multiple application can be correctly aggregated on the agent side. -func (s *setMetric) flushUnsafe() []metric { - if len(s.data) == 0 { - return nil - } - - metrics := make([]metric, len(s.data)) - i := 0 - for value := range s.data { - metrics[i] = metric{ - metricType: set, - name: s.name, - tags: s.tags, - rate: 1, - svalue: value, - } - i++ - } - return metrics -} - -// Histograms, Distributions and Timings - -type bufferedMetric struct { - sync.Mutex - - // Kept samples (after sampling) - data []float64 - // Total stored samples (after sampling) - storedSamples int64 - // Total number of observed samples (before sampling). This is used to keep - // the sampling rate correct. - totalSamples int64 - - name string - // Histograms and Distributions store tags as one string since we need - // to compute its size multiple time when serializing. - tags string - mtype metricType - - // maxSamples is the maximum number of samples we keep in memory - maxSamples int64 - - // The first observed user-specified sample rate. When specified - // it is used because we don't know better. - specifiedRate float64 -} - -func (s *bufferedMetric) sample(v float64) { - s.Lock() - defer s.Unlock() - s.sampleUnsafe(v) -} - -func (s *bufferedMetric) sampleUnsafe(v float64) { - s.data = append(s.data, v) - s.storedSamples++ - // Total samples needs to be incremented though an atomic because it can be accessed without the lock. - atomic.AddInt64(&s.totalSamples, 1) -} - -func (s *bufferedMetric) maybeKeepSample(v float64, rand *rand.Rand, randLock *sync.Mutex) { - s.Lock() - defer s.Unlock() - if s.maxSamples > 0 { - if s.storedSamples >= s.maxSamples { - // We reached the maximum number of samples we can keep in memory, so we randomly - // replace a sample. - randLock.Lock() - i := rand.Int63n(atomic.LoadInt64(&s.totalSamples)) - randLock.Unlock() - if i < s.maxSamples { - s.data[i] = v - } - } else { - s.data[s.storedSamples] = v - s.storedSamples++ - } - s.totalSamples++ - } else { - // This code path appends to the slice since we did not pre-allocate memory in this case. - s.sampleUnsafe(v) - } -} - -func (s *bufferedMetric) skipSample() { - atomic.AddInt64(&s.totalSamples, 1) -} - -func (s *bufferedMetric) flushUnsafe() metric { - totalSamples := atomic.LoadInt64(&s.totalSamples) - var rate float64 - - // If the user had a specified rate send it because we don't know better. - // This code should be removed once we can also remove the early return at the top of - // `bufferedMetricContexts.sample` - if s.specifiedRate != 1.0 { - rate = s.specifiedRate - } else { - rate = float64(s.storedSamples) / float64(totalSamples) - } - - return metric{ - metricType: s.mtype, - name: s.name, - stags: s.tags, - rate: rate, - fvalues: s.data[:s.storedSamples], - } -} - -type histogramMetric = bufferedMetric - -func newHistogramMetric(name string, value float64, stringTags string, maxSamples int64, rate float64) *histogramMetric { - return &histogramMetric{ - data: newData(value, maxSamples), - totalSamples: 1, - storedSamples: 1, - name: name, - tags: stringTags, - mtype: histogramAggregated, - maxSamples: maxSamples, - specifiedRate: rate, - } -} - -type distributionMetric = bufferedMetric - -func newDistributionMetric(name string, value float64, stringTags string, maxSamples int64, rate float64) *distributionMetric { - return &distributionMetric{ - data: newData(value, maxSamples), - totalSamples: 1, - storedSamples: 1, - name: name, - tags: stringTags, - mtype: distributionAggregated, - maxSamples: maxSamples, - specifiedRate: rate, - } -} - -type timingMetric = bufferedMetric - -func newTimingMetric(name string, value float64, stringTags string, maxSamples int64, rate float64) *timingMetric { - return &timingMetric{ - data: newData(value, maxSamples), - totalSamples: 1, - storedSamples: 1, - name: name, - tags: stringTags, - mtype: timingAggregated, - maxSamples: maxSamples, - specifiedRate: rate, - } -} - -// newData creates a new slice of float64 with the given capacity. If maxSample -// is less than or equal to 0, it returns a slice with the given value as the -// only element. -func newData(value float64, maxSample int64) []float64 { - if maxSample <= 0 { - return []float64{value} - } else { - data := make([]float64, maxSample) - data[0] = value - return data - } -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/noop.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/noop.go deleted file mode 100644 index 6500cde9..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/noop.go +++ /dev/null @@ -1,118 +0,0 @@ -package statsd - -import "time" - -// NoOpClient is a statsd client that does nothing. Can be useful in testing -// situations for library users. -type NoOpClient struct{} - -// Gauge does nothing and returns nil -func (n *NoOpClient) Gauge(name string, value float64, tags []string, rate float64) error { - return nil -} - -// GaugeWithTimestamp does nothing and returns nil -func (n *NoOpClient) GaugeWithTimestamp(name string, value float64, tags []string, rate float64, timestamp time.Time) error { - return nil -} - -// Count does nothing and returns nil -func (n *NoOpClient) Count(name string, value int64, tags []string, rate float64) error { - return nil -} - -// CountWithTimestamp does nothing and returns nil -func (n *NoOpClient) CountWithTimestamp(name string, value int64, tags []string, rate float64, timestamp time.Time) error { - return nil -} - -// Histogram does nothing and returns nil -func (n *NoOpClient) Histogram(name string, value float64, tags []string, rate float64) error { - return nil -} - -// Distribution does nothing and returns nil -func (n *NoOpClient) Distribution(name string, value float64, tags []string, rate float64) error { - return nil -} - -// Decr does nothing and returns nil -func (n *NoOpClient) Decr(name string, tags []string, rate float64) error { - return nil -} - -// Incr does nothing and returns nil -func (n *NoOpClient) Incr(name string, tags []string, rate float64) error { - return nil -} - -// Set does nothing and returns nil -func (n *NoOpClient) Set(name string, value string, tags []string, rate float64) error { - return nil -} - -// Timing does nothing and returns nil -func (n *NoOpClient) Timing(name string, value time.Duration, tags []string, rate float64) error { - return nil -} - -// TimeInMilliseconds does nothing and returns nil -func (n *NoOpClient) TimeInMilliseconds(name string, value float64, tags []string, rate float64) error { - return nil -} - -// Event does nothing and returns nil -func (n *NoOpClient) Event(e *Event) error { - return nil -} - -// SimpleEvent does nothing and returns nil -func (n *NoOpClient) SimpleEvent(title, text string) error { - return nil -} - -// ServiceCheck does nothing and returns nil -func (n *NoOpClient) ServiceCheck(sc *ServiceCheck) error { - return nil -} - -// SimpleServiceCheck does nothing and returns nil -func (n *NoOpClient) SimpleServiceCheck(name string, status ServiceCheckStatus) error { - return nil -} - -// Close does nothing and returns nil -func (n *NoOpClient) Close() error { - return nil -} - -// Flush does nothing and returns nil -func (n *NoOpClient) Flush() error { - return nil -} - -// IsClosed does nothing and return false -func (n *NoOpClient) IsClosed() bool { - return false -} - -// GetTelemetry does nothing and returns an empty Telemetry -func (n *NoOpClient) GetTelemetry() Telemetry { - return Telemetry{} -} - -// Verify that NoOpClient implements the ClientInterface. -// https://golang.org/doc/faq#guarantee_satisfies_interface -var _ ClientInterface = &NoOpClient{} - -// NoOpClientDirect implements ClientDirectInterface and does nothing. -type NoOpClientDirect struct { - NoOpClient -} - -// DistributionSamples does nothing and returns nil -func (n *NoOpClientDirect) DistributionSamples(name string, values []float64, tags []string, rate float64) error { - return nil -} - -var _ ClientDirectInterface = &NoOpClientDirect{} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/options.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/options.go deleted file mode 100644 index 29e09800..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/options.go +++ /dev/null @@ -1,413 +0,0 @@ -package statsd - -import ( - "fmt" - "math" - "strings" - "time" -) - -var ( - defaultNamespace = "" - defaultTags = []string{} - defaultMaxBytesPerPayload = 0 - defaultMaxMessagesPerPayload = math.MaxInt32 - defaultBufferPoolSize = 0 - defaultBufferFlushInterval = 100 * time.Millisecond - defaultWorkerCount = 32 - defaultSenderQueueSize = 0 - defaultWriteTimeout = 100 * time.Millisecond - defaultConnectTimeout = 1000 * time.Millisecond - defaultTelemetry = true - defaultReceivingMode = mutexMode - defaultChannelModeBufferSize = 4096 - defaultAggregationFlushInterval = 2 * time.Second - defaultAggregation = true - defaultExtendedAggregation = false - defaultMaxBufferedSamplesPerContext = -1 - defaultOriginDetection = true - defaultChannelModeErrorsWhenFull = false - defaultErrorHandler = func(error) {} -) - -// Options contains the configuration options for a client. -type Options struct { - namespace string - tags []string - maxBytesPerPayload int - maxMessagesPerPayload int - bufferPoolSize int - bufferFlushInterval time.Duration - workersCount int - senderQueueSize int - writeTimeout time.Duration - connectTimeout time.Duration - telemetry bool - receiveMode receivingMode - channelModeBufferSize int - aggregationFlushInterval time.Duration - aggregation bool - extendedAggregation bool - maxBufferedSamplesPerContext int - telemetryAddr string - originDetection bool - containerID string - channelModeErrorsWhenFull bool - errorHandler ErrorHandler -} - -func resolveOptions(options []Option) (*Options, error) { - o := &Options{ - namespace: defaultNamespace, - tags: defaultTags, - maxBytesPerPayload: defaultMaxBytesPerPayload, - maxMessagesPerPayload: defaultMaxMessagesPerPayload, - bufferPoolSize: defaultBufferPoolSize, - bufferFlushInterval: defaultBufferFlushInterval, - workersCount: defaultWorkerCount, - senderQueueSize: defaultSenderQueueSize, - writeTimeout: defaultWriteTimeout, - connectTimeout: defaultConnectTimeout, - telemetry: defaultTelemetry, - receiveMode: defaultReceivingMode, - channelModeBufferSize: defaultChannelModeBufferSize, - aggregationFlushInterval: defaultAggregationFlushInterval, - aggregation: defaultAggregation, - extendedAggregation: defaultExtendedAggregation, - maxBufferedSamplesPerContext: defaultMaxBufferedSamplesPerContext, - originDetection: defaultOriginDetection, - channelModeErrorsWhenFull: defaultChannelModeErrorsWhenFull, - errorHandler: defaultErrorHandler, - } - - for _, option := range options { - err := option(o) - if err != nil { - return nil, err - } - } - - return o, nil -} - -// Option is a client option. Can return an error if validation fails. -type Option func(*Options) error - -// WithNamespace sets a string to be prepend to all metrics, events and service checks name. -// -// A '.' will automatically be added after the namespace if needed. For example a metrics 'test' with a namespace 'prod' -// will produce a final metric named 'prod.test'. -func WithNamespace(namespace string) Option { - return func(o *Options) error { - if strings.HasSuffix(namespace, ".") { - o.namespace = namespace - } else { - o.namespace = namespace + "." - } - return nil - } -} - -// WithTags sets global tags to be applied to every metrics, events and service checks. -func WithTags(tags []string) Option { - return func(o *Options) error { - o.tags = tags - return nil - } -} - -// WithMaxMessagesPerPayload sets the maximum number of metrics, events and/or service checks that a single payload can -// contain. -// -// The default is 'math.MaxInt32' which will most likely let the WithMaxBytesPerPayload option take precedence. This -// option can be set to `1` to create an unbuffered client (each metrics/event/service check will be send in its own -// payload to the agent). -func WithMaxMessagesPerPayload(maxMessagesPerPayload int) Option { - return func(o *Options) error { - o.maxMessagesPerPayload = maxMessagesPerPayload - return nil - } -} - -// WithMaxBytesPerPayload sets the maximum number of bytes a single payload can contain. Each sample, even and service -// check must be lower than this value once serialized or an `MessageTooLongError` is returned. -// -// The default value 0 which will set the option to the optimal size for the transport protocol used: 1432 for UDP and -// named pipe and 8192 for UDS. Those values offer the best performances. -// Be careful when changing this option, see -// https://docs.datadoghq.com/developers/dogstatsd/high_throughput/#ensure-proper-packet-sizes. -func WithMaxBytesPerPayload(MaxBytesPerPayload int) Option { - return func(o *Options) error { - o.maxBytesPerPayload = MaxBytesPerPayload - return nil - } -} - -// WithBufferPoolSize sets the size of the pool of buffers used to serialized metrics, events and service_checks. -// -// The default, 0, will set the option to the optimal size for the transport protocol used: 2048 for UDP and named pipe -// and 512 for UDS. -func WithBufferPoolSize(bufferPoolSize int) Option { - return func(o *Options) error { - o.bufferPoolSize = bufferPoolSize - return nil - } -} - -// WithBufferFlushInterval sets the interval after which the current buffer is flushed. -// -// A buffers are used to serialized data, they're flushed either when full (see WithMaxBytesPerPayload) or when it's -// been open for longer than this interval. -// -// With apps sending a high number of metrics/events/service_checks the interval rarely timeout. But with slow sending -// apps increasing this value will reduce the number of payload sent on the wire as more data is serialized in the same -// payload. -// -// Default is 100ms -func WithBufferFlushInterval(bufferFlushInterval time.Duration) Option { - return func(o *Options) error { - o.bufferFlushInterval = bufferFlushInterval - return nil - } -} - -// WithWorkersCount sets the number of workers that will be used to serialized data. -// -// Those workers allow the use of multiple buffers at the same time (see WithBufferPoolSize) to reduce lock contention. -// -// Default is 32. -func WithWorkersCount(workersCount int) Option { - return func(o *Options) error { - if workersCount < 1 { - return fmt.Errorf("workersCount must be a positive integer") - } - o.workersCount = workersCount - return nil - } -} - -// WithSenderQueueSize sets the size of the sender queue in number of buffers. -// -// After data has been serialized in a buffer they're pushed to a queue that the sender will consume and then each one -// ot the agent. -// -// The default value 0 will set the option to the optimal size for the transport protocol used: 2048 for UDP and named -// pipe and 512 for UDS. -func WithSenderQueueSize(senderQueueSize int) Option { - return func(o *Options) error { - o.senderQueueSize = senderQueueSize - return nil - } -} - -// WithWriteTimeout sets the timeout for network communication with the Agent, after this interval a payload is -// dropped. This is only used for UDS and named pipes connection. -func WithWriteTimeout(writeTimeout time.Duration) Option { - return func(o *Options) error { - o.writeTimeout = writeTimeout - return nil - } -} - -// WithConnectTimeout sets the timeout for network connection with the Agent, after this interval the connection -// attempt is aborted. This is only used for UDS connection. This will also reset the connection if nothing can be -// written to it for this duration. -func WithConnectTimeout(connectTimeout time.Duration) Option { - return func(o *Options) error { - o.connectTimeout = connectTimeout - return nil - } -} - -// WithChannelMode make the client use channels to receive metrics -// -// This determines how the client receive metrics from the app (for example when calling the `Gauge()` method). -// The client will either drop the metrics if its buffers are full (WithChannelMode option) or block the caller until the -// metric can be handled (WithMutexMode option). By default, the client use mutexes. -// -// WithChannelMode uses a channel (see WithChannelModeBufferSize to configure its size) to receive metrics and drops metrics if -// the channel is full. Sending metrics in this mode is much slower that WithMutexMode (because of the channel), but will not -// block the application. This mode is made for application using statsd directly into the application code instead of -// a separated periodic reporter. The goal is to not slow down the application at the cost of dropping metrics and having a lower max -// throughput. -func WithChannelMode() Option { - return func(o *Options) error { - o.receiveMode = channelMode - return nil - } -} - -// WithMutexMode will use mutex to receive metrics from the app through the API. -// -// This determines how the client receive metrics from the app (for example when calling the `Gauge()` method). -// The client will either drop the metrics if its buffers are full (WithChannelMode option) or block the caller until the -// metric can be handled (WithMutexMode option). By default the client use mutexes. -// -// WithMutexMode uses mutexes to receive metrics which is much faster than channels but can cause some lock contention -// when used with a high number of goroutines sending the same metrics. Mutexes are sharded based on the metrics name -// which limit mutex contention when multiple goroutines send different metrics (see WithWorkersCount). This is the -// default behavior which will produce the best throughput. -func WithMutexMode() Option { - return func(o *Options) error { - o.receiveMode = mutexMode - return nil - } -} - -// WithChannelModeBufferSize sets the size of the channel holding incoming metrics when WithChannelMode is used. -func WithChannelModeBufferSize(bufferSize int) Option { - return func(o *Options) error { - o.channelModeBufferSize = bufferSize - return nil - } -} - -// WithChannelModeErrorsWhenFull makes the client return an error when the channel is full. -// This should be enabled if you want to be notified when the client is dropping metrics. You -// will also need to set `WithErrorHandler` to be notified of sender error. This might have -// a small performance impact. -func WithChannelModeErrorsWhenFull() Option { - return func(o *Options) error { - o.channelModeErrorsWhenFull = true - return nil - } -} - -// WithoutChannelModeErrorsWhenFull makes the client not return an error when the channel is full. -func WithoutChannelModeErrorsWhenFull() Option { - return func(o *Options) error { - o.channelModeErrorsWhenFull = false - return nil - } -} - -// WithErrorHandler sets a function that will be called when an error occurs. -func WithErrorHandler(errorHandler ErrorHandler) Option { - return func(o *Options) error { - o.errorHandler = errorHandler - return nil - } -} - -// WithAggregationInterval sets the interval at which aggregated metrics are flushed. See WithClientSideAggregation and -// WithExtendedClientSideAggregation for more. -// -// The default interval is 2s. The interval must divide the Agent reporting period (default=10s) evenly to reduce "aliasing" -// that can cause values to appear irregular/spiky. -// -// For example a 3s aggregation interval will create spikes in the final graph: a application sending a count metric -// that increments at a constant 1000 time per second will appear noisy with an interval of 3s. This is because -// client-side aggregation would report every 3 seconds, while the agent is reporting every 10 seconds. This means in -// each agent bucket, the values are: 9000, 9000, 12000. -func WithAggregationInterval(interval time.Duration) Option { - return func(o *Options) error { - o.aggregationFlushInterval = interval - return nil - } -} - -// WithClientSideAggregation enables client side aggregation for Gauges, Counts and Sets. -func WithClientSideAggregation() Option { - return func(o *Options) error { - o.aggregation = true - return nil - } -} - -// WithoutClientSideAggregation disables client side aggregation. -func WithoutClientSideAggregation() Option { - return func(o *Options) error { - o.aggregation = false - o.extendedAggregation = false - return nil - } -} - -// WithExtendedClientSideAggregation enables client side aggregation for all types. This feature is only compatible with -// Agent's version >=6.25.0 && <7.0.0 or Agent's versions >=7.25.0. -// When enabled, the use of `rate` with distribution is discouraged and `WithMaxSamplesPerContext()` should be used. -// If `rate` is used with different values of `rate` the resulting rate is not guaranteed to be correct. -func WithExtendedClientSideAggregation() Option { - return func(o *Options) error { - o.aggregation = true - o.extendedAggregation = true - return nil - } -} - -// WithMaxSamplesPerContext limits the number of sample for metric types that require multiple samples to be send -// over statsd to the agent, such as distributions or timings. This limits the number of sample per -// context for a distribution to a given number. Gauges and counts will not be affected as a single sample per context -// is sent with client side aggregation. -// - This will enable client side aggregation for all metrics. -// - This feature should be used with `WithExtendedClientSideAggregation` for optimal results. -func WithMaxSamplesPerContext(maxSamplesPerDistribution int) Option { - return func(o *Options) error { - o.aggregation = true - o.maxBufferedSamplesPerContext = maxSamplesPerDistribution - return nil - } -} - -// WithoutTelemetry disables the client telemetry. -// -// More on this here: https://docs.datadoghq.com/developers/dogstatsd/high_throughput/#client-side-telemetry -func WithoutTelemetry() Option { - return func(o *Options) error { - o.telemetry = false - return nil - } -} - -// WithTelemetryAddr sets a different address for telemetry metrics. By default the same address as the client is used -// for telemetry. -// -// More on this here: https://docs.datadoghq.com/developers/dogstatsd/high_throughput/#client-side-telemetry -func WithTelemetryAddr(addr string) Option { - return func(o *Options) error { - o.telemetryAddr = addr - return nil - } -} - -// WithoutOriginDetection disables the client origin detection. -// When enabled, the client tries to discover its container ID and sends it to the Agent -// to enrich the metrics with container tags. -// Origin detection can also be disabled by configuring the environment variabe DD_ORIGIN_DETECTION_ENABLED=false -// The client tries to read the container ID by parsing the file /proc/self/cgroup, this is not supported on Windows. -// The client prioritizes the value passed via DD_ENTITY_ID (if set) over the container ID. -// -// More on this here: https://docs.datadoghq.com/developers/dogstatsd/?tab=kubernetes#origin-detection-over-udp -func WithoutOriginDetection() Option { - return func(o *Options) error { - o.originDetection = false - return nil - } -} - -// WithOriginDetection enables the client origin detection. -// This feature requires Datadog Agent version >=6.35.0 && <7.0.0 or Agent versions >=7.35.0. -// When enabled, the client tries to discover its container ID and sends it to the Agent -// to enrich the metrics with container tags. -// Origin detection can be disabled by configuring the environment variabe DD_ORIGIN_DETECTION_ENABLED=false -// The client tries to read the container ID by parsing the file /proc/self/cgroup, this is not supported on Windows. -// The client prioritizes the value passed via DD_ENTITY_ID (if set) over the container ID. -// -// More on this here: https://docs.datadoghq.com/developers/dogstatsd/?tab=kubernetes#origin-detection-over-udp -func WithOriginDetection() Option { - return func(o *Options) error { - o.originDetection = true - return nil - } -} - -// WithContainerID allows passing the container ID, this will be used by the Agent to enrich metrics with container tags. -// This feature requires Datadog Agent version >=6.35.0 && <7.0.0 or Agent versions >=7.35.0. -// When configured, the provided container ID is prioritized over the container ID discovered via Origin Detection. -// The client prioritizes the value passed via DD_ENTITY_ID (if set) over the container ID. -func WithContainerID(id string) Option { - return func(o *Options) error { - o.containerID = id - return nil - } -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/pipe.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/pipe.go deleted file mode 100644 index 1188b00f..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/pipe.go +++ /dev/null @@ -1,13 +0,0 @@ -//go:build !windows -// +build !windows - -package statsd - -import ( - "errors" - "time" -) - -func newWindowsPipeWriter(pipepath string, writeTimeout time.Duration) (Transport, error) { - return nil, errors.New("Windows Named Pipes are only supported on Windows") -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/pipe_windows.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/pipe_windows.go deleted file mode 100644 index c27434cc..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/pipe_windows.go +++ /dev/null @@ -1,81 +0,0 @@ -//go:build windows -// +build windows - -package statsd - -import ( - "net" - "sync" - "time" - - "github.com/Microsoft/go-winio" -) - -type pipeWriter struct { - mu sync.RWMutex - conn net.Conn - timeout time.Duration - pipepath string -} - -func (p *pipeWriter) Write(data []byte) (n int, err error) { - conn, err := p.ensureConnection() - if err != nil { - return 0, err - } - - p.mu.RLock() - conn.SetWriteDeadline(time.Now().Add(p.timeout)) - p.mu.RUnlock() - - n, err = conn.Write(data) - if err != nil { - if e, ok := err.(net.Error); !ok || !e.Temporary() { - // disconnected; retry again on next attempt - p.mu.Lock() - p.conn = nil - p.mu.Unlock() - } - } - return n, err -} - -func (p *pipeWriter) ensureConnection() (net.Conn, error) { - p.mu.RLock() - conn := p.conn - p.mu.RUnlock() - if conn != nil { - return conn, nil - } - - // looks like we might need to connect - try again with write locking. - p.mu.Lock() - defer p.mu.Unlock() - if p.conn != nil { - return p.conn, nil - } - newconn, err := winio.DialPipe(p.pipepath, nil) - if err != nil { - return nil, err - } - p.conn = newconn - return newconn, nil -} - -func (p *pipeWriter) Close() error { - return p.conn.Close() -} - -// GetTransportName returns the name of the transport -func (p *pipeWriter) GetTransportName() string { - return writerWindowsPipe -} - -func newWindowsPipeWriter(pipepath string, writeTimeout time.Duration) (*pipeWriter, error) { - // Defer connection establishment to first write - return &pipeWriter{ - conn: nil, - timeout: writeTimeout, - pipepath: pipepath, - }, nil -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/sender.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/sender.go deleted file mode 100644 index fc80395c..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/sender.go +++ /dev/null @@ -1,145 +0,0 @@ -package statsd - -import ( - "io" - "sync/atomic" -) - -// senderTelemetry contains telemetry about the health of the sender -type senderTelemetry struct { - totalPayloadsSent uint64 - totalPayloadsDroppedQueueFull uint64 - totalPayloadsDroppedWriter uint64 - totalBytesSent uint64 - totalBytesDroppedQueueFull uint64 - totalBytesDroppedWriter uint64 -} - -type Transport interface { - io.WriteCloser - - // GetTransportName returns the name of the transport - GetTransportName() string -} - -type sender struct { - transport Transport - pool *bufferPool - queue chan *statsdBuffer - telemetry *senderTelemetry - stop chan struct{} - flushSignal chan struct{} - errorHandler ErrorHandler -} - -type ErrorSenderChannelFull struct { - LostElements int - ChannelSize int - Msg string -} - -func (e *ErrorSenderChannelFull) Error() string { - return e.Msg -} - -func newSender(transport Transport, queueSize int, pool *bufferPool, errorHandler ErrorHandler) *sender { - sender := &sender{ - transport: transport, - pool: pool, - queue: make(chan *statsdBuffer, queueSize), - telemetry: &senderTelemetry{}, - stop: make(chan struct{}), - flushSignal: make(chan struct{}), - errorHandler: errorHandler, - } - - go sender.sendLoop() - return sender -} - -func (s *sender) send(buffer *statsdBuffer) { - select { - case s.queue <- buffer: - default: - if s.errorHandler != nil { - err := &ErrorSenderChannelFull{ - LostElements: buffer.elementCount, - ChannelSize: len(s.queue), - Msg: "Sender queue is full", - } - s.errorHandler(err) - } - atomic.AddUint64(&s.telemetry.totalPayloadsDroppedQueueFull, 1) - atomic.AddUint64(&s.telemetry.totalBytesDroppedQueueFull, uint64(len(buffer.bytes()))) - s.pool.returnBuffer(buffer) - } -} - -func (s *sender) write(buffer *statsdBuffer) { - _, err := s.transport.Write(buffer.bytes()) - if err != nil { - atomic.AddUint64(&s.telemetry.totalPayloadsDroppedWriter, 1) - atomic.AddUint64(&s.telemetry.totalBytesDroppedWriter, uint64(len(buffer.bytes()))) - if s.errorHandler != nil { - s.errorHandler(err) - } - } else { - atomic.AddUint64(&s.telemetry.totalPayloadsSent, 1) - atomic.AddUint64(&s.telemetry.totalBytesSent, uint64(len(buffer.bytes()))) - } - s.pool.returnBuffer(buffer) -} - -func (s *sender) flushTelemetryMetrics(t *Telemetry) { - t.TotalPayloadsSent = atomic.LoadUint64(&s.telemetry.totalPayloadsSent) - t.TotalPayloadsDroppedQueueFull = atomic.LoadUint64(&s.telemetry.totalPayloadsDroppedQueueFull) - t.TotalPayloadsDroppedWriter = atomic.LoadUint64(&s.telemetry.totalPayloadsDroppedWriter) - - t.TotalBytesSent = atomic.LoadUint64(&s.telemetry.totalBytesSent) - t.TotalBytesDroppedQueueFull = atomic.LoadUint64(&s.telemetry.totalBytesDroppedQueueFull) - t.TotalBytesDroppedWriter = atomic.LoadUint64(&s.telemetry.totalBytesDroppedWriter) -} - -func (s *sender) sendLoop() { - defer close(s.stop) - for { - select { - case buffer := <-s.queue: - s.write(buffer) - case <-s.stop: - return - case <-s.flushSignal: - // At that point we know that the workers are paused (the statsd client - // will pause them before calling sender.flush()). - // So we can fully flush the input queue - s.flushInputQueue() - s.flushSignal <- struct{}{} - } - } -} - -func (s *sender) flushInputQueue() { - for { - select { - case buffer := <-s.queue: - s.write(buffer) - default: - return - } - } -} -func (s *sender) flush() { - s.flushSignal <- struct{}{} - <-s.flushSignal -} - -func (s *sender) close() error { - s.stop <- struct{}{} - <-s.stop - s.flushInputQueue() - return s.transport.Close() -} - -func (s *sender) getTransportName() string { - return s.transport.GetTransportName() -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/service_check.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/service_check.go deleted file mode 100644 index e2850465..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/service_check.go +++ /dev/null @@ -1,57 +0,0 @@ -package statsd - -import ( - "fmt" - "time" -) - -// ServiceCheckStatus support -type ServiceCheckStatus byte - -const ( - // Ok is the "ok" ServiceCheck status - Ok ServiceCheckStatus = 0 - // Warn is the "warning" ServiceCheck status - Warn ServiceCheckStatus = 1 - // Critical is the "critical" ServiceCheck status - Critical ServiceCheckStatus = 2 - // Unknown is the "unknown" ServiceCheck status - Unknown ServiceCheckStatus = 3 -) - -// A ServiceCheck is an object that contains status of DataDog service check. -type ServiceCheck struct { - // Name of the service check. Required. - Name string - // Status of service check. Required. - Status ServiceCheckStatus - // Timestamp is a timestamp for the serviceCheck. If not provided, the dogstatsd - // server will set this to the current time. - Timestamp time.Time - // Hostname for the serviceCheck. - Hostname string - // A message describing the current state of the serviceCheck. - Message string - // Tags for the serviceCheck. - Tags []string -} - -// NewServiceCheck creates a new serviceCheck with the given name and status. Error checking -// against these values is done at send-time, or upon running sc.Check. -func NewServiceCheck(name string, status ServiceCheckStatus) *ServiceCheck { - return &ServiceCheck{ - Name: name, - Status: status, - } -} - -// Check verifies that a service check is valid. -func (sc *ServiceCheck) Check() error { - if len(sc.Name) == 0 { - return fmt.Errorf("statsd.ServiceCheck name is required") - } - if byte(sc.Status) < 0 || byte(sc.Status) > 3 { - return fmt.Errorf("statsd.ServiceCheck status has invalid value") - } - return nil -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/statsd.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/statsd.go deleted file mode 100644 index 33792a53..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/statsd.go +++ /dev/null @@ -1,919 +0,0 @@ -// Copyright 2013 Ooyala, Inc. - -/* -Package statsd provides a Go dogstatsd client. Dogstatsd extends the popular statsd, -adding tags and histograms and pushing upstream to Datadog. - -Refer to http://docs.datadoghq.com/guides/dogstatsd/ for information about DogStatsD. - -statsd is based on go-statsd-client. -*/ -package statsd - -//go:generate mockgen -source=statsd.go -destination=mocks/statsd.go - -import ( - "errors" - "fmt" - "io" - "net/url" - "os" - "strconv" - "strings" - "sync" - "sync/atomic" - "time" -) - -/* -OptimalUDPPayloadSize defines the optimal payload size for a UDP datagram, 1432 bytes -is optimal for regular networks with an MTU of 1500 so datagrams don't get -fragmented. It's generally recommended not to fragment UDP datagrams as losing -a single fragment will cause the entire datagram to be lost. -*/ -const OptimalUDPPayloadSize = 1432 - -/* -MaxUDPPayloadSize defines the maximum payload size for a UDP datagram. -Its value comes from the calculation: 65535 bytes Max UDP datagram size - -8byte UDP header - 60byte max IP headers -any number greater than that will see frames being cut out. -*/ -const MaxUDPPayloadSize = 65467 - -// DefaultUDPBufferPoolSize is the default size of the buffer pool for UDP clients. -const DefaultUDPBufferPoolSize = 2048 - -// DefaultUDSBufferPoolSize is the default size of the buffer pool for UDS clients. -const DefaultUDSBufferPoolSize = 512 - -/* -DefaultMaxAgentPayloadSize is the default maximum payload size the agent -can receive. This can be adjusted by changing dogstatsd_buffer_size in the -agent configuration file datadog.yaml. This is also used as the optimal payload size -for UDS datagrams. -*/ -const DefaultMaxAgentPayloadSize = 8192 - -/* -UnixAddressPrefix holds the prefix to use to enable Unix Domain Socket -traffic instead of UDP. The type of the socket will be guessed. -*/ -const UnixAddressPrefix = "unix://" - -/* -UnixDatagramAddressPrefix holds the prefix to use to enable Unix Domain Socket -datagram traffic instead of UDP. -*/ -const UnixAddressDatagramPrefix = "unixgram://" - -/* -UnixAddressStreamPrefix holds the prefix to use to enable Unix Domain Socket -stream traffic instead of UDP. -*/ -const UnixAddressStreamPrefix = "unixstream://" - -/* -WindowsPipeAddressPrefix holds the prefix to use to enable Windows Named Pipes -traffic instead of UDP. -*/ -const WindowsPipeAddressPrefix = `\\.\pipe\` - -var ( - AddressPrefixes = []string{UnixAddressPrefix, UnixAddressDatagramPrefix, UnixAddressStreamPrefix, WindowsPipeAddressPrefix} -) - -const ( - agentHostEnvVarName = "DD_AGENT_HOST" - agentPortEnvVarName = "DD_DOGSTATSD_PORT" - agentURLEnvVarName = "DD_DOGSTATSD_URL" - defaultUDPPort = "8125" -) - -const ( - // ddEntityID specifies client-side user-specified entity ID injection. - // This env var can be set to the Pod UID on Kubernetes via the downward API. - // Docs: https://docs.datadoghq.com/developers/dogstatsd/?tab=kubernetes#origin-detection-over-udp - ddEntityID = "DD_ENTITY_ID" - - // ddEntityIDTag specifies the tag name for the client-side entity ID injection - // The Agent expects this tag to contain a non-prefixed Kubernetes Pod UID. - ddEntityIDTag = "dd.internal.entity_id" - - // originDetectionEnabled specifies the env var to enable/disable sending the container ID field. - originDetectionEnabled = "DD_ORIGIN_DETECTION_ENABLED" -) - -/* -ddEnvTagsMapping is a mapping of each "DD_" prefixed environment variable -to a specific tag name. We use a slice to keep the order and simplify tests. -*/ -var ddEnvTagsMapping = []struct{ envName, tagName string }{ - {ddEntityID, ddEntityIDTag}, // Client-side entity ID injection for container tagging. - {"DD_ENV", "env"}, // The name of the env in which the service runs. - {"DD_SERVICE", "service"}, // The name of the running service. - {"DD_VERSION", "version"}, // The current version of the running service. -} - -type metricType int - -const ( - gauge metricType = iota - count - histogram - histogramAggregated - distribution - distributionAggregated - set - timing - timingAggregated - event - serviceCheck -) - -type receivingMode int - -const ( - mutexMode receivingMode = iota - channelMode -) - -const ( - writerNameUDP string = "udp" - writerNameUDS string = "uds" - writerNameUDSStream string = "uds-stream" - writerWindowsPipe string = "pipe" - writerNameCustom string = "custom" -) - -// noTimestamp is used as a value for metric without a given timestamp. -const noTimestamp = int64(0) - -type metric struct { - metricType metricType - namespace string - globalTags []string - name string - fvalue float64 - fvalues []float64 - ivalue int64 - svalue string - evalue *Event - scvalue *ServiceCheck - tags []string - stags string - rate float64 - timestamp int64 -} - -type noClientErr string - -// ErrNoClient is returned if statsd reporting methods are invoked on -// a nil client. -const ErrNoClient = noClientErr("statsd client is nil") - -func (e noClientErr) Error() string { - return string(e) -} - -type invalidTimestampErr string - -// InvalidTimestamp is returned if a provided timestamp is invalid. -const InvalidTimestamp = invalidTimestampErr("invalid timestamp") - -func (e invalidTimestampErr) Error() string { - return string(e) -} - -// ClientInterface is an interface that exposes the common client functions for the -// purpose of being able to provide a no-op client or even mocking. This can aid -// downstream users' with their testing. -type ClientInterface interface { - // Gauge measures the value of a metric at a particular time. - Gauge(name string, value float64, tags []string, rate float64) error - - // GaugeWithTimestamp measures the value of a metric at a given time. - // BETA - Please contact our support team for more information to use this feature: https://www.datadoghq.com/support/ - // The value will bypass any aggregation on the client side and agent side, this is - // useful when sending points in the past. - // - // Minimum Datadog Agent version: 7.40.0 - GaugeWithTimestamp(name string, value float64, tags []string, rate float64, timestamp time.Time) error - - // Count tracks how many times something happened per second. - Count(name string, value int64, tags []string, rate float64) error - - // CountWithTimestamp tracks how many times something happened at the given second. - // BETA - Please contact our support team for more information to use this feature: https://www.datadoghq.com/support/ - // The value will bypass any aggregation on the client side and agent side, this is - // useful when sending points in the past. - // - // Minimum Datadog Agent version: 7.40.0 - CountWithTimestamp(name string, value int64, tags []string, rate float64, timestamp time.Time) error - - // Histogram tracks the statistical distribution of a set of values on each host. - Histogram(name string, value float64, tags []string, rate float64) error - - // Distribution tracks the statistical distribution of a set of values across your infrastructure. - // - // It is recommended to use `WithMaxBufferedMetricsPerContext` to avoid dropping metrics at high throughput, `rate` can - // also be used to limit the load. Both options can *not* be used together. - Distribution(name string, value float64, tags []string, rate float64) error - - // Decr is just Count of -1 - Decr(name string, tags []string, rate float64) error - - // Incr is just Count of 1 - Incr(name string, tags []string, rate float64) error - - // Set counts the number of unique elements in a group. - Set(name string, value string, tags []string, rate float64) error - - // Timing sends timing information, it is an alias for TimeInMilliseconds - Timing(name string, value time.Duration, tags []string, rate float64) error - - // TimeInMilliseconds sends timing information in milliseconds. - // It is flushed by statsd with percentiles, mean and other info (https://github.com/etsy/statsd/blob/master/docs/metric_types.md#timing) - TimeInMilliseconds(name string, value float64, tags []string, rate float64) error - - // Event sends the provided Event. - Event(e *Event) error - - // SimpleEvent sends an event with the provided title and text. - SimpleEvent(title, text string) error - - // ServiceCheck sends the provided ServiceCheck. - ServiceCheck(sc *ServiceCheck) error - - // SimpleServiceCheck sends an serviceCheck with the provided name and status. - SimpleServiceCheck(name string, status ServiceCheckStatus) error - - // Close the client connection. - Close() error - - // Flush forces a flush of all the queued dogstatsd payloads. - Flush() error - - // IsClosed returns if the client has been closed. - IsClosed() bool - - // GetTelemetry return the telemetry metrics for the client since it started. - GetTelemetry() Telemetry -} - -type ErrorHandler func(error) - -// A Client is a handle for sending messages to dogstatsd. It is safe to -// use one Client from multiple goroutines simultaneously. -type Client struct { - // Sender handles the underlying networking protocol - sender *sender - // namespace to prepend to all statsd calls - namespace string - // tags are global tags to be added to every statsd call - tags []string - flushTime time.Duration - telemetry *statsdTelemetry - telemetryClient *telemetryClient - stop chan struct{} - wg sync.WaitGroup - workers []*worker - closerLock sync.Mutex - workersMode receivingMode - aggregatorMode receivingMode - agg *aggregator - aggExtended *aggregator - options []Option - addrOption string - isClosed bool - errorOnBlockedChannel bool - errorHandler ErrorHandler -} - -// statsdTelemetry contains telemetry metrics about the client -type statsdTelemetry struct { - totalMetricsGauge uint64 - totalMetricsCount uint64 - totalMetricsHistogram uint64 - totalMetricsDistribution uint64 - totalMetricsSet uint64 - totalMetricsTiming uint64 - totalEvents uint64 - totalServiceChecks uint64 - totalDroppedOnReceive uint64 -} - -// Verify that Client implements the ClientInterface. -// https://golang.org/doc/faq#guarantee_satisfies_interface -var _ ClientInterface = &Client{} - -func resolveAddr(addr string) string { - envPort := "" - - if addr == "" { - addr = os.Getenv(agentHostEnvVarName) - envPort = os.Getenv(agentPortEnvVarName) - agentURL, _ := os.LookupEnv(agentURLEnvVarName) - agentURL = parseAgentURL(agentURL) - - // agentURLEnvVarName has priority over agentHostEnvVarName - if agentURL != "" { - return agentURL - } - } - - if addr == "" { - return "" - } - - for _, prefix := range AddressPrefixes { - if strings.HasPrefix(addr, prefix) { - return addr - } - } - // TODO: How does this work for IPv6? - if strings.Contains(addr, ":") { - return addr - } - if envPort != "" { - addr = fmt.Sprintf("%s:%s", addr, envPort) - } else { - addr = fmt.Sprintf("%s:%s", addr, defaultUDPPort) - } - return addr -} - -func parseAgentURL(agentURL string) string { - if agentURL != "" { - if strings.HasPrefix(agentURL, WindowsPipeAddressPrefix) { - return agentURL - } - - parsedURL, err := url.Parse(agentURL) - if err != nil { - return "" - } - - if parsedURL.Scheme == "udp" { - if strings.Contains(parsedURL.Host, ":") { - return parsedURL.Host - } - return fmt.Sprintf("%s:%s", parsedURL.Host, defaultUDPPort) - } - - if parsedURL.Scheme == "unix" { - return agentURL - } - } - return "" -} - -func createWriter(addr string, writeTimeout time.Duration, connectTimeout time.Duration) (Transport, string, error) { - addr = resolveAddr(addr) - if addr == "" { - return nil, "", errors.New("No address passed and autodetection from environment failed") - } - - switch { - case strings.HasPrefix(addr, WindowsPipeAddressPrefix): - w, err := newWindowsPipeWriter(addr, writeTimeout) - return w, writerWindowsPipe, err - case strings.HasPrefix(addr, UnixAddressPrefix): - w, err := newUDSWriter(addr[len(UnixAddressPrefix):], writeTimeout, connectTimeout, "") - return w, writerNameUDS, err - case strings.HasPrefix(addr, UnixAddressDatagramPrefix): - w, err := newUDSWriter(addr[len(UnixAddressDatagramPrefix):], writeTimeout, connectTimeout, "unixgram") - return w, writerNameUDS, err - case strings.HasPrefix(addr, UnixAddressStreamPrefix): - w, err := newUDSWriter(addr[len(UnixAddressStreamPrefix):], writeTimeout, connectTimeout, "unix") - return w, writerNameUDS, err - default: - w, err := newUDPWriter(addr, writeTimeout) - return w, writerNameUDP, err - } -} - -// New returns a pointer to a new Client given an addr in the format "hostname:port" for UDP, -// "unix:///path/to/socket" for UDS or "\\.\pipe\path\to\pipe" for Windows Named Pipes. -func New(addr string, options ...Option) (*Client, error) { - o, err := resolveOptions(options) - if err != nil { - return nil, err - } - - w, writerType, err := createWriter(addr, o.writeTimeout, o.connectTimeout) - if err != nil { - return nil, err - } - - client, err := newWithWriter(w, o, writerType) - if err == nil { - client.options = append(client.options, options...) - client.addrOption = addr - } - return client, err -} - -type customWriter struct { - io.WriteCloser -} - -func (w *customWriter) GetTransportName() string { - return writerNameCustom -} - -// NewWithWriter creates a new Client with given writer. Writer is a -// io.WriteCloser -func NewWithWriter(w io.WriteCloser, options ...Option) (*Client, error) { - o, err := resolveOptions(options) - if err != nil { - return nil, err - } - return newWithWriter(&customWriter{w}, o, writerNameCustom) -} - -// CloneWithExtraOptions create a new Client with extra options -func CloneWithExtraOptions(c *Client, options ...Option) (*Client, error) { - if c == nil { - return nil, ErrNoClient - } - - if c.addrOption == "" { - return nil, fmt.Errorf("can't clone client with no addrOption") - } - opt := append(c.options, options...) - return New(c.addrOption, opt...) -} - -func newWithWriter(w Transport, o *Options, writerName string) (*Client, error) { - c := Client{ - namespace: o.namespace, - tags: o.tags, - telemetry: &statsdTelemetry{}, - errorOnBlockedChannel: o.channelModeErrorsWhenFull, - errorHandler: o.errorHandler, - } - - hasEntityID := false - // Inject values of DD_* environment variables as global tags. - for _, mapping := range ddEnvTagsMapping { - if value := os.Getenv(mapping.envName); value != "" { - if mapping.envName == ddEntityID { - hasEntityID = true - } - c.tags = append(c.tags, fmt.Sprintf("%s:%s", mapping.tagName, value)) - } - } - - if !hasEntityID { - initContainerID(o.containerID, isOriginDetectionEnabled(o, hasEntityID)) - } - - isUDS := writerName == writerNameUDS - - if o.maxBytesPerPayload == 0 { - if isUDS { - o.maxBytesPerPayload = DefaultMaxAgentPayloadSize - } else { - o.maxBytesPerPayload = OptimalUDPPayloadSize - } - } - if o.bufferPoolSize == 0 { - if isUDS { - o.bufferPoolSize = DefaultUDSBufferPoolSize - } else { - o.bufferPoolSize = DefaultUDPBufferPoolSize - } - } - if o.senderQueueSize == 0 { - if isUDS { - o.senderQueueSize = DefaultUDSBufferPoolSize - } else { - o.senderQueueSize = DefaultUDPBufferPoolSize - } - } - - bufferPool := newBufferPool(o.bufferPoolSize, o.maxBytesPerPayload, o.maxMessagesPerPayload) - c.sender = newSender(w, o.senderQueueSize, bufferPool, o.errorHandler) - c.aggregatorMode = o.receiveMode - - c.workersMode = o.receiveMode - // channelMode mode at the worker level is not enabled when - // ExtendedAggregation is since the user app will not directly - // use the worker (the aggregator sit between the app and the - // workers). - if o.extendedAggregation { - c.workersMode = mutexMode - } - - if o.aggregation || o.extendedAggregation || o.maxBufferedSamplesPerContext > 0 { - c.agg = newAggregator(&c, int64(o.maxBufferedSamplesPerContext)) - c.agg.start(o.aggregationFlushInterval) - - if o.extendedAggregation { - c.aggExtended = c.agg - - if c.aggregatorMode == channelMode { - c.agg.startReceivingMetric(o.channelModeBufferSize, o.workersCount) - } - } - } - - for i := 0; i < o.workersCount; i++ { - w := newWorker(bufferPool, c.sender) - c.workers = append(c.workers, w) - - if c.workersMode == channelMode { - w.startReceivingMetric(o.channelModeBufferSize) - } - } - - c.flushTime = o.bufferFlushInterval - c.stop = make(chan struct{}, 1) - - c.wg.Add(1) - go func() { - defer c.wg.Done() - c.watch() - }() - - if o.telemetry { - if o.telemetryAddr == "" { - c.telemetryClient = newTelemetryClient(&c, c.agg != nil) - } else { - var err error - c.telemetryClient, err = newTelemetryClientWithCustomAddr(&c, o.telemetryAddr, c.agg != nil, bufferPool, o.writeTimeout, o.connectTimeout) - if err != nil { - return nil, err - } - } - c.telemetryClient.run(&c.wg, c.stop) - } - - return &c, nil -} - -func (c *Client) watch() { - ticker := time.NewTicker(c.flushTime) - - for { - select { - case <-ticker.C: - for _, w := range c.workers { - w.flush() - } - case <-c.stop: - ticker.Stop() - return - } - } -} - -// Flush forces a flush of all the queued dogstatsd payloads This method is -// blocking and will not return until everything is sent through the network. -// In mutexMode, this will also block sampling new data to the client while the -// workers and sender are flushed. -func (c *Client) Flush() error { - if c == nil { - return ErrNoClient - } - if c.agg != nil { - c.agg.flush() - } - for _, w := range c.workers { - w.pause() - defer w.unpause() - w.flushUnsafe() - } - // Now that the worker are pause the sender can flush the queue between - // worker and senders - c.sender.flush() - return nil -} - -// IsClosed returns if the client has been closed. -func (c *Client) IsClosed() bool { - c.closerLock.Lock() - defer c.closerLock.Unlock() - return c.isClosed -} - -func (c *Client) flushTelemetryMetrics(t *Telemetry) { - t.TotalMetricsGauge = atomic.LoadUint64(&c.telemetry.totalMetricsGauge) - t.TotalMetricsCount = atomic.LoadUint64(&c.telemetry.totalMetricsCount) - t.TotalMetricsSet = atomic.LoadUint64(&c.telemetry.totalMetricsSet) - t.TotalMetricsHistogram = atomic.LoadUint64(&c.telemetry.totalMetricsHistogram) - t.TotalMetricsDistribution = atomic.LoadUint64(&c.telemetry.totalMetricsDistribution) - t.TotalMetricsTiming = atomic.LoadUint64(&c.telemetry.totalMetricsTiming) - t.TotalEvents = atomic.LoadUint64(&c.telemetry.totalEvents) - t.TotalServiceChecks = atomic.LoadUint64(&c.telemetry.totalServiceChecks) - t.TotalDroppedOnReceive = atomic.LoadUint64(&c.telemetry.totalDroppedOnReceive) -} - -// GetTelemetry return the telemetry metrics for the client since it started. -func (c *Client) GetTelemetry() Telemetry { - return c.telemetryClient.getTelemetry() -} - -// GetTransport return the name of the transport used. -func (c *Client) GetTransport() string { - if c.sender == nil { - return "" - } - return c.sender.getTransportName() -} - -type ErrorInputChannelFull struct { - Metric metric - ChannelSize int - Msg string -} - -func (e ErrorInputChannelFull) Error() string { - return e.Msg -} - -func (c *Client) send(m metric) error { - h := hashString32(m.name) - worker := c.workers[h%uint32(len(c.workers))] - - if c.workersMode == channelMode { - select { - case worker.inputMetrics <- m: - default: - atomic.AddUint64(&c.telemetry.totalDroppedOnReceive, 1) - err := &ErrorInputChannelFull{m, len(worker.inputMetrics), "Worker input channel full"} - if c.errorHandler != nil { - c.errorHandler(err) - } - if c.errorOnBlockedChannel { - return err - } - } - return nil - } - return worker.processMetric(m) -} - -// sendBlocking is used by the aggregator to inject aggregated metrics. -func (c *Client) sendBlocking(m metric) error { - m.globalTags = c.tags - m.namespace = c.namespace - - h := hashString32(m.name) - worker := c.workers[h%uint32(len(c.workers))] - return worker.processMetric(m) -} - -func (c *Client) sendToAggregator(mType metricType, name string, value float64, tags []string, rate float64, f bufferedMetricSampleFunc) error { - if c.aggregatorMode == channelMode { - m := metric{metricType: mType, name: name, fvalue: value, tags: tags, rate: rate} - select { - case c.aggExtended.inputMetrics <- m: - default: - atomic.AddUint64(&c.telemetry.totalDroppedOnReceive, 1) - err := &ErrorInputChannelFull{m, len(c.aggExtended.inputMetrics), "Aggregator input channel full"} - if c.errorHandler != nil { - c.errorHandler(err) - } - if c.errorOnBlockedChannel { - return err - } - } - return nil - } - return f(name, value, tags, rate) -} - -// Gauge measures the value of a metric at a particular time. -func (c *Client) Gauge(name string, value float64, tags []string, rate float64) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalMetricsGauge, 1) - if c.agg != nil { - return c.agg.gauge(name, value, tags) - } - return c.send(metric{metricType: gauge, name: name, fvalue: value, tags: tags, rate: rate, globalTags: c.tags, namespace: c.namespace}) -} - -// GaugeWithTimestamp measures the value of a metric at a given time. -// BETA - Please contact our support team for more information to use this feature: https://www.datadoghq.com/support/ -// The value will bypass any aggregation on the client side and agent side, this is -// useful when sending points in the past. -// -// Minimum Datadog Agent version: 7.40.0 -func (c *Client) GaugeWithTimestamp(name string, value float64, tags []string, rate float64, timestamp time.Time) error { - if c == nil { - return ErrNoClient - } - - if timestamp.IsZero() || timestamp.Unix() <= noTimestamp { - return InvalidTimestamp - } - - atomic.AddUint64(&c.telemetry.totalMetricsGauge, 1) - return c.send(metric{metricType: gauge, name: name, fvalue: value, tags: tags, rate: rate, globalTags: c.tags, namespace: c.namespace, timestamp: timestamp.Unix()}) -} - -// Count tracks how many times something happened per second. -func (c *Client) Count(name string, value int64, tags []string, rate float64) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalMetricsCount, 1) - if c.agg != nil { - return c.agg.count(name, value, tags) - } - return c.send(metric{metricType: count, name: name, ivalue: value, tags: tags, rate: rate, globalTags: c.tags, namespace: c.namespace}) -} - -// CountWithTimestamp tracks how many times something happened at the given second. -// BETA - Please contact our support team for more information to use this feature: https://www.datadoghq.com/support/ -// The value will bypass any aggregation on the client side and agent side, this is -// useful when sending points in the past. -// -// Minimum Datadog Agent version: 7.40.0 -func (c *Client) CountWithTimestamp(name string, value int64, tags []string, rate float64, timestamp time.Time) error { - if c == nil { - return ErrNoClient - } - - if timestamp.IsZero() || timestamp.Unix() <= noTimestamp { - return InvalidTimestamp - } - - atomic.AddUint64(&c.telemetry.totalMetricsCount, 1) - return c.send(metric{metricType: count, name: name, ivalue: value, tags: tags, rate: rate, globalTags: c.tags, namespace: c.namespace, timestamp: timestamp.Unix()}) -} - -// Histogram tracks the statistical distribution of a set of values on each host. -func (c *Client) Histogram(name string, value float64, tags []string, rate float64) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalMetricsHistogram, 1) - if c.aggExtended != nil { - return c.sendToAggregator(histogram, name, value, tags, rate, c.aggExtended.histogram) - } - return c.send(metric{metricType: histogram, name: name, fvalue: value, tags: tags, rate: rate, globalTags: c.tags, namespace: c.namespace}) -} - -// Distribution tracks the statistical distribution of a set of values across your infrastructure. -func (c *Client) Distribution(name string, value float64, tags []string, rate float64) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalMetricsDistribution, 1) - if c.aggExtended != nil { - return c.sendToAggregator(distribution, name, value, tags, rate, c.aggExtended.distribution) - } - return c.send(metric{metricType: distribution, name: name, fvalue: value, tags: tags, rate: rate, globalTags: c.tags, namespace: c.namespace}) -} - -// Decr is just Count of -1 -func (c *Client) Decr(name string, tags []string, rate float64) error { - return c.Count(name, -1, tags, rate) -} - -// Incr is just Count of 1 -func (c *Client) Incr(name string, tags []string, rate float64) error { - return c.Count(name, 1, tags, rate) -} - -// Set counts the number of unique elements in a group. -func (c *Client) Set(name string, value string, tags []string, rate float64) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalMetricsSet, 1) - if c.agg != nil { - return c.agg.set(name, value, tags) - } - return c.send(metric{metricType: set, name: name, svalue: value, tags: tags, rate: rate, globalTags: c.tags, namespace: c.namespace}) -} - -// Timing sends timing information, it is an alias for TimeInMilliseconds -func (c *Client) Timing(name string, value time.Duration, tags []string, rate float64) error { - return c.TimeInMilliseconds(name, value.Seconds()*1000, tags, rate) -} - -// TimeInMilliseconds sends timing information in milliseconds. -// It is flushed by statsd with percentiles, mean and other info (https://github.com/etsy/statsd/blob/master/docs/metric_types.md#timing) -func (c *Client) TimeInMilliseconds(name string, value float64, tags []string, rate float64) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalMetricsTiming, 1) - if c.aggExtended != nil { - return c.sendToAggregator(timing, name, value, tags, rate, c.aggExtended.timing) - } - return c.send(metric{metricType: timing, name: name, fvalue: value, tags: tags, rate: rate, globalTags: c.tags, namespace: c.namespace}) -} - -// Event sends the provided Event. -func (c *Client) Event(e *Event) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalEvents, 1) - return c.send(metric{metricType: event, evalue: e, rate: 1, globalTags: c.tags, namespace: c.namespace}) -} - -// SimpleEvent sends an event with the provided title and text. -func (c *Client) SimpleEvent(title, text string) error { - e := NewEvent(title, text) - return c.Event(e) -} - -// ServiceCheck sends the provided ServiceCheck. -func (c *Client) ServiceCheck(sc *ServiceCheck) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalServiceChecks, 1) - return c.send(metric{metricType: serviceCheck, scvalue: sc, rate: 1, globalTags: c.tags, namespace: c.namespace}) -} - -// SimpleServiceCheck sends an serviceCheck with the provided name and status. -func (c *Client) SimpleServiceCheck(name string, status ServiceCheckStatus) error { - sc := NewServiceCheck(name, status) - return c.ServiceCheck(sc) -} - -// Close the client connection. -func (c *Client) Close() error { - if c == nil { - return ErrNoClient - } - - // Acquire closer lock to ensure only one thread can close the stop channel - c.closerLock.Lock() - defer c.closerLock.Unlock() - - if c.isClosed { - return nil - } - - // Notify all other threads that they should stop - select { - case <-c.stop: - return nil - default: - } - close(c.stop) - - if c.workersMode == channelMode { - for _, w := range c.workers { - w.stopReceivingMetric() - } - } - - // flush the aggregator first - if c.agg != nil { - if c.aggExtended != nil && c.aggregatorMode == channelMode { - c.agg.stopReceivingMetric() - } - c.agg.stop() - } - - // Wait for the threads to stop - c.wg.Wait() - - c.Flush() - - c.isClosed = true - return c.sender.close() -} - -// isOriginDetectionEnabled returns whether the clients should fill the container field. -// -// If DD_ENTITY_ID is set, we don't send the container ID -// If a user-defined container ID is provided, we don't ignore origin detection -// as dd.internal.entity_id is prioritized over the container field for backward compatibility. -// If DD_ENTITY_ID is not set, we try to fill the container field automatically unless -// DD_ORIGIN_DETECTION_ENABLED is explicitly set to false. -func isOriginDetectionEnabled(o *Options, hasEntityID bool) bool { - if !o.originDetection || hasEntityID || o.containerID != "" { - // originDetection is explicitly disabled - // or DD_ENTITY_ID was found - // or a user-defined container ID was provided - return false - } - - envVarValue := os.Getenv(originDetectionEnabled) - if envVarValue == "" { - // DD_ORIGIN_DETECTION_ENABLED is not set - // default to true - return true - } - - enabled, err := strconv.ParseBool(envVarValue) - if err != nil { - // Error due to an unsupported DD_ORIGIN_DETECTION_ENABLED value - // default to true - return true - } - - return enabled -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/statsd_direct.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/statsd_direct.go deleted file mode 100644 index af66517c..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/statsd_direct.go +++ /dev/null @@ -1,69 +0,0 @@ -package statsd - -import ( - "io" - "strings" - "sync/atomic" -) - -type ClientDirectInterface interface { - DistributionSamples(name string, values []float64, tags []string, rate float64) error -} - -// ClientDirect is an *experimental* statsd client that gives direct access to some dogstatsd features. -// -// It is not recommended to use this client in production. This client might allow you to take advantage of -// new features in the agent before they are released, but it might also break your application. -type ClientDirect struct { - *Client -} - -// NewDirect returns a pointer to a new ClientDirect given an addr in the format "hostname:port" for UDP, -// "unix:///path/to/socket" for UDS or "\\.\pipe\path\to\pipe" for Windows Named Pipes. -func NewDirect(addr string, options ...Option) (*ClientDirect, error) { - client, err := New(addr, options...) - if err != nil { - return nil, err - } - return &ClientDirect{ - client, - }, nil -} - -func NewDirectWithWriter(writer io.WriteCloser, options ...Option) (*ClientDirect, error) { - client, err := NewWithWriter(writer, options...) - if err != nil { - return nil, err - } - return &ClientDirect{ - client, - }, nil -} - -// DistributionSamples is similar to Distribution, but it lets the client deals with the sampling. -// -// The provided `rate` is the sampling rate applied by the client and will *not* be used to apply further -// sampling. This is recommended in high performance cases were the overhead of the statsd library might be -// significant and the sampling is already done by the client. -// -// `WithMaxBufferedMetricsPerContext` is ignored when using this method. -func (c *ClientDirect) DistributionSamples(name string, values []float64, tags []string, rate float64) error { - if c == nil { - return ErrNoClient - } - atomic.AddUint64(&c.telemetry.totalMetricsDistribution, uint64(len(values))) - return c.send(metric{ - metricType: distributionAggregated, - name: name, - fvalues: values, - tags: tags, - stags: strings.Join(tags, tagSeparatorSymbol), - rate: rate, - globalTags: c.tags, - namespace: c.namespace, - }) -} - -// Validate that ClientDirect implements ClientDirectInterface and ClientInterface. -var _ ClientDirectInterface = (*ClientDirect)(nil) -var _ ClientInterface = (*ClientDirect)(nil) diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/telemetry.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/telemetry.go deleted file mode 100644 index 61025c37..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/telemetry.go +++ /dev/null @@ -1,306 +0,0 @@ -package statsd - -import ( - "fmt" - "sync" - "time" -) - -/* -telemetryInterval is the interval at which telemetry will be sent by the client. -*/ -const telemetryInterval = 10 * time.Second - -/* -clientTelemetryTag is a tag identifying this specific client. -*/ -var clientTelemetryTag = "client:go" - -/* -clientVersionTelemetryTag is a tag identifying this specific client version. -*/ -var clientVersionTelemetryTag = "client_version:5.4.0" - -// Telemetry represents internal metrics about the client behavior since it started. -type Telemetry struct { - // - // Those are produced by the 'Client' - // - - // TotalMetrics is the total number of metrics sent by the client before aggregation and sampling. - TotalMetrics uint64 - // TotalMetricsGauge is the total number of gauges sent by the client before aggregation and sampling. - TotalMetricsGauge uint64 - // TotalMetricsCount is the total number of counts sent by the client before aggregation and sampling. - TotalMetricsCount uint64 - // TotalMetricsHistogram is the total number of histograms sent by the client before aggregation and sampling. - TotalMetricsHistogram uint64 - // TotalMetricsDistribution is the total number of distributions sent by the client before aggregation and - // sampling. - TotalMetricsDistribution uint64 - // TotalMetricsSet is the total number of sets sent by the client before aggregation and sampling. - TotalMetricsSet uint64 - // TotalMetricsTiming is the total number of timings sent by the client before aggregation and sampling. - TotalMetricsTiming uint64 - // TotalEvents is the total number of events sent by the client before aggregation and sampling. - TotalEvents uint64 - // TotalServiceChecks is the total number of service_checks sent by the client before aggregation and sampling. - TotalServiceChecks uint64 - - // TotalDroppedOnReceive is the total number metrics/event/service_checks dropped when using ChannelMode (see - // WithChannelMode option). - TotalDroppedOnReceive uint64 - - // - // Those are produced by the 'sender' - // - - // TotalPayloadsSent is the total number of payload (packet on the network) succesfully sent by the client. When - // using UDP we don't know if packet dropped or not, so all packet are considered as succesfully sent. - TotalPayloadsSent uint64 - // TotalPayloadsDropped is the total number of payload dropped by the client. This includes all cause of dropped - // (TotalPayloadsDroppedQueueFull and TotalPayloadsDroppedWriter). When using UDP This won't includes the - // network dropped. - TotalPayloadsDropped uint64 - // TotalPayloadsDroppedWriter is the total number of payload dropped by the writer (when using UDS or named - // pipe) due to network timeout or error. - TotalPayloadsDroppedWriter uint64 - // TotalPayloadsDroppedQueueFull is the total number of payload dropped internally because the queue of payloads - // waiting to be sent on the wire is full. This means the client is generating more metrics than can be sent on - // the wire. If your app sends metrics in batch look at WithSenderQueueSize option to increase the queue size. - TotalPayloadsDroppedQueueFull uint64 - - // TotalBytesSent is the total number of bytes succesfully sent by the client. When using UDP we don't know if - // packet dropped or not, so all packet are considered as succesfully sent. - TotalBytesSent uint64 - // TotalBytesDropped is the total number of bytes dropped by the client. This includes all cause of dropped - // (TotalBytesDroppedQueueFull and TotalBytesDroppedWriter). When using UDP This - // won't includes the network dropped. - TotalBytesDropped uint64 - // TotalBytesDroppedWriter is the total number of bytes dropped by the writer (when using UDS or named pipe) due - // to network timeout or error. - TotalBytesDroppedWriter uint64 - // TotalBytesDroppedQueueFull is the total number of bytes dropped internally because the queue of payloads - // waiting to be sent on the wire is full. This means the client is generating more metrics than can be sent on - // the wire. If your app sends metrics in batch look at WithSenderQueueSize option to increase the queue size. - TotalBytesDroppedQueueFull uint64 - - // - // Those are produced by the 'aggregator' - // - - // AggregationNbContext is the total number of contexts flushed by the aggregator when either - // WithClientSideAggregation or WithExtendedClientSideAggregation options are enabled. - AggregationNbContext uint64 - // AggregationNbContextGauge is the total number of contexts for gauges flushed by the aggregator when either - // WithClientSideAggregation or WithExtendedClientSideAggregation options are enabled. - AggregationNbContextGauge uint64 - // AggregationNbContextCount is the total number of contexts for counts flushed by the aggregator when either - // WithClientSideAggregation or WithExtendedClientSideAggregation options are enabled. - AggregationNbContextCount uint64 - // AggregationNbContextSet is the total number of contexts for sets flushed by the aggregator when either - // WithClientSideAggregation or WithExtendedClientSideAggregation options are enabled. - AggregationNbContextSet uint64 - // AggregationNbContextHistogram is the total number of contexts for histograms flushed by the aggregator when either - // WithClientSideAggregation or WithExtendedClientSideAggregation options are enabled. - AggregationNbContextHistogram uint64 - // AggregationNbContextDistribution is the total number of contexts for distributions flushed by the aggregator when either - // WithClientSideAggregation or WithExtendedClientSideAggregation options are enabled. - AggregationNbContextDistribution uint64 - // AggregationNbContextTiming is the total number of contexts for timings flushed by the aggregator when either - // WithClientSideAggregation or WithExtendedClientSideAggregation options are enabled. - AggregationNbContextTiming uint64 -} - -type telemetryClient struct { - sync.RWMutex // used mostly to change the transport tag. - - c *Client - aggEnabled bool // is aggregation enabled and should we sent aggregation telemetry. - transport string - tags []string - tagsByType map[metricType][]string - transportTagKnown bool - sender *sender - worker *worker - lastSample Telemetry // The previous sample of telemetry sent -} - -func newTelemetryClient(c *Client, aggregationEnabled bool) *telemetryClient { - t := &telemetryClient{ - c: c, - aggEnabled: aggregationEnabled, - tags: []string{}, - tagsByType: map[metricType][]string{}, - } - - t.setTags() - return t -} - -func newTelemetryClientWithCustomAddr(c *Client, telemetryAddr string, aggregationEnabled bool, pool *bufferPool, - writeTimeout time.Duration, connectTimeout time.Duration, -) (*telemetryClient, error) { - telemetryWriter, _, err := createWriter(telemetryAddr, writeTimeout, connectTimeout) - if err != nil { - return nil, fmt.Errorf("Could not resolve telemetry address: %v", err) - } - - t := newTelemetryClient(c, aggregationEnabled) - - // Creating a custom sender/worker with 1 worker in mutex mode for the - // telemetry that share the same bufferPool. - // FIXME due to performance pitfall, we're always using UDP defaults - // even for UDS. - t.sender = newSender(telemetryWriter, DefaultUDPBufferPoolSize, pool, c.errorHandler) - t.worker = newWorker(pool, t.sender) - return t, nil -} - -func (t *telemetryClient) run(wg *sync.WaitGroup, stop chan struct{}) { - wg.Add(1) - go func() { - defer wg.Done() - ticker := time.NewTicker(telemetryInterval) - for { - select { - case <-ticker.C: - t.sendTelemetry() - case <-stop: - ticker.Stop() - if t.sender != nil { - t.sender.close() - } - return - } - } - }() -} - -func (t *telemetryClient) sendTelemetry() { - for _, m := range t.flush() { - if t.worker != nil { - t.worker.processMetric(m) - } else { - t.c.send(m) - } - } - - if t.worker != nil { - t.worker.flush() - } -} - -func (t *telemetryClient) getTelemetry() Telemetry { - if t == nil { - // telemetry was disabled through the WithoutTelemetry option - return Telemetry{} - } - - tlm := Telemetry{} - t.c.flushTelemetryMetrics(&tlm) - t.c.sender.flushTelemetryMetrics(&tlm) - t.c.agg.flushTelemetryMetrics(&tlm) - - tlm.TotalMetrics = tlm.TotalMetricsGauge + - tlm.TotalMetricsCount + - tlm.TotalMetricsSet + - tlm.TotalMetricsHistogram + - tlm.TotalMetricsDistribution + - tlm.TotalMetricsTiming - - tlm.TotalPayloadsDropped = tlm.TotalPayloadsDroppedQueueFull + tlm.TotalPayloadsDroppedWriter - tlm.TotalBytesDropped = tlm.TotalBytesDroppedQueueFull + tlm.TotalBytesDroppedWriter - - if t.aggEnabled { - tlm.AggregationNbContext = tlm.AggregationNbContextGauge + - tlm.AggregationNbContextCount + - tlm.AggregationNbContextSet + - tlm.AggregationNbContextHistogram + - tlm.AggregationNbContextDistribution + - tlm.AggregationNbContextTiming - } - return tlm -} - -// setTransportTag if it was never set and is now known. -func (t *telemetryClient) setTags() { - transport := t.c.GetTransport() - t.RLock() - // We need to refresh if we never set the tags or if the transport changed. - // For example when `unix://` is used we might return `uds` until we actually connect and detect that - // this is a UDS Stream socket and then return `uds-stream`. - needsRefresh := len(t.tags) == len(t.c.tags) || t.transport != transport - t.RUnlock() - - if !needsRefresh { - return - } - - t.Lock() - defer t.Unlock() - - t.transport = transport - t.tags = append(t.c.tags, clientTelemetryTag, clientVersionTelemetryTag) - if transport != "" { - t.tags = append(t.tags, "client_transport:"+transport) - } - t.tagsByType[gauge] = append(append([]string{}, t.tags...), "metrics_type:gauge") - t.tagsByType[count] = append(append([]string{}, t.tags...), "metrics_type:count") - t.tagsByType[set] = append(append([]string{}, t.tags...), "metrics_type:set") - t.tagsByType[timing] = append(append([]string{}, t.tags...), "metrics_type:timing") - t.tagsByType[histogram] = append(append([]string{}, t.tags...), "metrics_type:histogram") - t.tagsByType[distribution] = append(append([]string{}, t.tags...), "metrics_type:distribution") -} - -// flushTelemetry returns Telemetry metrics to be flushed. It's its own function to ease testing. -func (t *telemetryClient) flush() []metric { - m := []metric{} - - // same as Count but without global namespace - telemetryCount := func(name string, value int64, tags []string) { - m = append(m, metric{metricType: count, name: name, ivalue: value, tags: tags, rate: 1}) - } - - tlm := t.getTelemetry() - t.setTags() - - // We send the diff between now and the previous telemetry flush. This keep the same telemetry behavior from V4 - // so users dashboard's aren't broken when upgrading to V5. It also allow to graph on the same dashboard a mix - // of V4 and V5 apps. - telemetryCount("datadog.dogstatsd.client.metrics", int64(tlm.TotalMetrics-t.lastSample.TotalMetrics), t.tags) - telemetryCount("datadog.dogstatsd.client.metrics_by_type", int64(tlm.TotalMetricsGauge-t.lastSample.TotalMetricsGauge), t.tagsByType[gauge]) - telemetryCount("datadog.dogstatsd.client.metrics_by_type", int64(tlm.TotalMetricsCount-t.lastSample.TotalMetricsCount), t.tagsByType[count]) - telemetryCount("datadog.dogstatsd.client.metrics_by_type", int64(tlm.TotalMetricsHistogram-t.lastSample.TotalMetricsHistogram), t.tagsByType[histogram]) - telemetryCount("datadog.dogstatsd.client.metrics_by_type", int64(tlm.TotalMetricsDistribution-t.lastSample.TotalMetricsDistribution), t.tagsByType[distribution]) - telemetryCount("datadog.dogstatsd.client.metrics_by_type", int64(tlm.TotalMetricsSet-t.lastSample.TotalMetricsSet), t.tagsByType[set]) - telemetryCount("datadog.dogstatsd.client.metrics_by_type", int64(tlm.TotalMetricsTiming-t.lastSample.TotalMetricsTiming), t.tagsByType[timing]) - telemetryCount("datadog.dogstatsd.client.events", int64(tlm.TotalEvents-t.lastSample.TotalEvents), t.tags) - telemetryCount("datadog.dogstatsd.client.service_checks", int64(tlm.TotalServiceChecks-t.lastSample.TotalServiceChecks), t.tags) - - telemetryCount("datadog.dogstatsd.client.metric_dropped_on_receive", int64(tlm.TotalDroppedOnReceive-t.lastSample.TotalDroppedOnReceive), t.tags) - - telemetryCount("datadog.dogstatsd.client.packets_sent", int64(tlm.TotalPayloadsSent-t.lastSample.TotalPayloadsSent), t.tags) - telemetryCount("datadog.dogstatsd.client.packets_dropped", int64(tlm.TotalPayloadsDropped-t.lastSample.TotalPayloadsDropped), t.tags) - telemetryCount("datadog.dogstatsd.client.packets_dropped_queue", int64(tlm.TotalPayloadsDroppedQueueFull-t.lastSample.TotalPayloadsDroppedQueueFull), t.tags) - telemetryCount("datadog.dogstatsd.client.packets_dropped_writer", int64(tlm.TotalPayloadsDroppedWriter-t.lastSample.TotalPayloadsDroppedWriter), t.tags) - - telemetryCount("datadog.dogstatsd.client.bytes_dropped", int64(tlm.TotalBytesDropped-t.lastSample.TotalBytesDropped), t.tags) - telemetryCount("datadog.dogstatsd.client.bytes_sent", int64(tlm.TotalBytesSent-t.lastSample.TotalBytesSent), t.tags) - telemetryCount("datadog.dogstatsd.client.bytes_dropped_queue", int64(tlm.TotalBytesDroppedQueueFull-t.lastSample.TotalBytesDroppedQueueFull), t.tags) - telemetryCount("datadog.dogstatsd.client.bytes_dropped_writer", int64(tlm.TotalBytesDroppedWriter-t.lastSample.TotalBytesDroppedWriter), t.tags) - - if t.aggEnabled { - telemetryCount("datadog.dogstatsd.client.aggregated_context", int64(tlm.AggregationNbContext-t.lastSample.AggregationNbContext), t.tags) - telemetryCount("datadog.dogstatsd.client.aggregated_context_by_type", int64(tlm.AggregationNbContextGauge-t.lastSample.AggregationNbContextGauge), t.tagsByType[gauge]) - telemetryCount("datadog.dogstatsd.client.aggregated_context_by_type", int64(tlm.AggregationNbContextSet-t.lastSample.AggregationNbContextSet), t.tagsByType[set]) - telemetryCount("datadog.dogstatsd.client.aggregated_context_by_type", int64(tlm.AggregationNbContextCount-t.lastSample.AggregationNbContextCount), t.tagsByType[count]) - telemetryCount("datadog.dogstatsd.client.aggregated_context_by_type", int64(tlm.AggregationNbContextHistogram-t.lastSample.AggregationNbContextHistogram), t.tagsByType[histogram]) - telemetryCount("datadog.dogstatsd.client.aggregated_context_by_type", int64(tlm.AggregationNbContextDistribution-t.lastSample.AggregationNbContextDistribution), t.tagsByType[distribution]) - telemetryCount("datadog.dogstatsd.client.aggregated_context_by_type", int64(tlm.AggregationNbContextTiming-t.lastSample.AggregationNbContextTiming), t.tagsByType[timing]) - } - - t.lastSample = tlm - - return m -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/udp.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/udp.go deleted file mode 100644 index b90f7527..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/udp.go +++ /dev/null @@ -1,39 +0,0 @@ -package statsd - -import ( - "net" - "time" -) - -// udpWriter is an internal class wrapping around management of UDP connection -type udpWriter struct { - conn net.Conn -} - -// New returns a pointer to a new udpWriter given an addr in the format "hostname:port". -func newUDPWriter(addr string, _ time.Duration) (*udpWriter, error) { - udpAddr, err := net.ResolveUDPAddr("udp", addr) - if err != nil { - return nil, err - } - conn, err := net.DialUDP("udp", nil, udpAddr) - if err != nil { - return nil, err - } - writer := &udpWriter{conn: conn} - return writer, nil -} - -// Write data to the UDP connection with no error handling -func (w *udpWriter) Write(data []byte) (int, error) { - return w.conn.Write(data) -} - -func (w *udpWriter) Close() error { - return w.conn.Close() -} - -// GetTransportName returns the transport used by the sender -func (w *udpWriter) GetTransportName() string { - return writerNameUDP -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/uds.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/uds.go deleted file mode 100644 index 09518992..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/uds.go +++ /dev/null @@ -1,167 +0,0 @@ -//go:build !windows -// +build !windows - -package statsd - -import ( - "encoding/binary" - "net" - "strings" - "sync" - "time" -) - -// udsWriter is an internal class wrapping around management of UDS connection -type udsWriter struct { - // Address to send metrics to, needed to allow reconnection on error - addr string - // Transport used - transport string - // Established connection object, or nil if not connected yet - conn net.Conn - // write timeout - writeTimeout time.Duration - // connect timeout - connectTimeout time.Duration - sync.RWMutex // used to lock conn / writer can replace it -} - -// newUDSWriter returns a pointer to a new udsWriter given a socket file path as addr. -func newUDSWriter(addr string, writeTimeout time.Duration, connectTimeout time.Duration, transport string) (*udsWriter, error) { - // Defer connection to first Write - writer := &udsWriter{addr: addr, transport: transport, conn: nil, writeTimeout: writeTimeout, connectTimeout: connectTimeout} - return writer, nil -} - -// GetTransportName returns the transport used by the writer -func (w *udsWriter) GetTransportName() string { - w.RLock() - defer w.RUnlock() - - if w.transport == "unix" { - return writerNameUDSStream - } else { - return writerNameUDS - } -} - -func (w *udsWriter) shouldCloseConnection(err error, partialWrite bool) bool { - if err != nil && partialWrite { - // We can't recover from a partial write - return true - } - if err, isNetworkErr := err.(net.Error); err != nil && (!isNetworkErr || !err.Timeout()) { - // Statsd server disconnected, retry connecting at next packet - return true - } - return false -} - -// Write data to the UDS connection with write timeout and minimal error handling: -// create the connection if nil, and destroy it if the statsd server has disconnected -func (w *udsWriter) Write(data []byte) (int, error) { - var n int - partialWrite := false - conn, err := w.ensureConnection() - if err != nil { - return 0, err - } - stream := conn.LocalAddr().Network() == "unix" - - // When using streams the deadline will only make us drop the packet if we can't write it at all, - // once we've started writing we need to finish. - conn.SetWriteDeadline(time.Now().Add(w.writeTimeout)) - - // When using streams, we append the length of the packet to the data - if stream { - bs := []byte{0, 0, 0, 0} - binary.LittleEndian.PutUint32(bs, uint32(len(data))) - _, err = w.conn.Write(bs) - - partialWrite = true - - // W need to be able to finish to write partially written packets once we have started. - // But we will reset the connection if we can't write anything at all for a long time. - w.conn.SetWriteDeadline(time.Now().Add(w.connectTimeout)) - - // Continue writing only if we've written the length of the packet - if err == nil { - n, err = w.conn.Write(data) - if err == nil { - partialWrite = false - } - } - } else { - n, err = w.conn.Write(data) - } - - if w.shouldCloseConnection(err, partialWrite) { - w.unsetConnection() - } - return n, err -} - -func (w *udsWriter) Close() error { - if w.conn != nil { - return w.conn.Close() - } - return nil -} - -func (w *udsWriter) tryToDial(network string) (net.Conn, error) { - udsAddr, err := net.ResolveUnixAddr(network, w.addr) - if err != nil { - return nil, err - } - newConn, err := net.DialTimeout(udsAddr.Network(), udsAddr.String(), w.connectTimeout) - if err != nil { - return nil, err - } - return newConn, nil -} - -func (w *udsWriter) ensureConnection() (net.Conn, error) { - // Check if we've already got a socket we can use - w.RLock() - currentConn := w.conn - w.RUnlock() - - if currentConn != nil { - return currentConn, nil - } - - // Looks like we might need to connect - try again with write locking. - w.Lock() - defer w.Unlock() - if w.conn != nil { - return w.conn, nil - } - - var newConn net.Conn - var err error - - // Try to guess the transport if not specified. - if w.transport == "" { - newConn, err = w.tryToDial("unixgram") - // try to connect with unixgram failed, try again with unix streams. - if err != nil && strings.Contains(err.Error(), "protocol wrong type for socket") { - newConn, err = w.tryToDial("unix") - } - } else { - newConn, err = w.tryToDial(w.transport) - } - - if err != nil { - return nil, err - } - w.conn = newConn - w.transport = newConn.RemoteAddr().Network() - return newConn, nil -} - -func (w *udsWriter) unsetConnection() { - w.Lock() - defer w.Unlock() - _ = w.conn.Close() - w.conn = nil -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/uds_windows.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/uds_windows.go deleted file mode 100644 index 909f5a0a..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/uds_windows.go +++ /dev/null @@ -1,15 +0,0 @@ -//go:build windows -// +build windows - -package statsd - -import ( - "fmt" - "time" -) - -// newUDSWriter is disabled on Windows, SOCK_DGRAM are still unavailable but -// SOCK_STREAM should work once implemented in the agent (https://devblogs.microsoft.com/commandline/af_unix-comes-to-windows/) -func newUDSWriter(_ string, _ time.Duration, _ time.Duration, _ string) (Transport, error) { - return nil, fmt.Errorf("Unix socket is not available on Windows") -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/utils.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/utils.go deleted file mode 100644 index 8c3ac842..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/utils.go +++ /dev/null @@ -1,32 +0,0 @@ -package statsd - -import ( - "math/rand" - "sync" -) - -func shouldSample(rate float64, r *rand.Rand, lock *sync.Mutex) bool { - if rate >= 1 { - return true - } - // sources created by rand.NewSource() (ie. w.random) are not thread safe. - // TODO: use defer once the lowest Go version we support is 1.14 (defer - // has an overhead before that). - lock.Lock() - if r.Float64() > rate { - lock.Unlock() - return false - } - lock.Unlock() - return true -} - -func copySlice(src []string) []string { - if src == nil { - return nil - } - - c := make([]string, len(src)) - copy(c, src) - return c -} diff --git a/vendor/github.com/DataDog/datadog-go/v5/statsd/worker.go b/vendor/github.com/DataDog/datadog-go/v5/statsd/worker.go deleted file mode 100644 index 19dccd33..00000000 --- a/vendor/github.com/DataDog/datadog-go/v5/statsd/worker.go +++ /dev/null @@ -1,158 +0,0 @@ -package statsd - -import ( - "math/rand" - "sync" - "time" -) - -type worker struct { - pool *bufferPool - buffer *statsdBuffer - sender *sender - random *rand.Rand - randomLock sync.Mutex - sync.Mutex - - inputMetrics chan metric - stop chan struct{} -} - -func newWorker(pool *bufferPool, sender *sender) *worker { - // Each worker uses its own random source and random lock to prevent - // workers in separate goroutines from contending for the lock on the - // "math/rand" package-global random source (e.g. calls like - // "rand.Float64()" must acquire a shared lock to get the next - // pseudorandom number). - // Note that calling "time.Now().UnixNano()" repeatedly quickly may return - // very similar values. That's fine for seeding the worker-specific random - // source because we just need an evenly distributed stream of float values. - // Do not use this random source for cryptographic randomness. - random := rand.New(rand.NewSource(time.Now().UnixNano())) - return &worker{ - pool: pool, - sender: sender, - buffer: pool.borrowBuffer(), - random: random, - stop: make(chan struct{}), - } -} - -func (w *worker) startReceivingMetric(bufferSize int) { - w.inputMetrics = make(chan metric, bufferSize) - go w.pullMetric() -} - -func (w *worker) stopReceivingMetric() { - w.stop <- struct{}{} -} - -func (w *worker) pullMetric() { - for { - select { - case m := <-w.inputMetrics: - w.processMetric(m) - case <-w.stop: - return - } - } -} - -func (w *worker) processMetric(m metric) error { - // Aggregated metrics are already sampled. - if m.metricType != distributionAggregated && m.metricType != histogramAggregated && m.metricType != timingAggregated { - if !shouldSample(m.rate, w.random, &w.randomLock) { - return nil - } - } - w.Lock() - var err error - if err = w.writeMetricUnsafe(m); err == errBufferFull { - w.flushUnsafe() - err = w.writeMetricUnsafe(m) - } - w.Unlock() - return err -} - -func (w *worker) writeAggregatedMetricUnsafe(m metric, metricSymbol []byte, precision int, rate float64) error { - globalPos := 0 - - // first check how much data we can write to the buffer: - // +3 + len(metricSymbol) because the message will include '||#' before the tags - // +1 for the potential line break at the start of the metric - extraSize := len(m.stags) + 4 + len(metricSymbol) - if m.rate < 1 { - // +2 for "|@" - // + the maximum size of a rate (https://en.wikipedia.org/wiki/IEEE_754-1985) - extraSize += 2 + 18 - } - for _, t := range m.globalTags { - extraSize += len(t) + 1 - } - - for { - pos, err := w.buffer.writeAggregated(metricSymbol, m.namespace, m.globalTags, m.name, m.fvalues[globalPos:], m.stags, extraSize, precision, rate) - if err == errPartialWrite { - // We successfully wrote part of the histogram metrics. - // We flush the current buffer and finish the histogram - // in a new one. - w.flushUnsafe() - globalPos += pos - } else { - return err - } - } -} - -func (w *worker) writeMetricUnsafe(m metric) error { - switch m.metricType { - case gauge: - return w.buffer.writeGauge(m.namespace, m.globalTags, m.name, m.fvalue, m.tags, m.rate, m.timestamp) - case count: - return w.buffer.writeCount(m.namespace, m.globalTags, m.name, m.ivalue, m.tags, m.rate, m.timestamp) - case histogram: - return w.buffer.writeHistogram(m.namespace, m.globalTags, m.name, m.fvalue, m.tags, m.rate) - case distribution: - return w.buffer.writeDistribution(m.namespace, m.globalTags, m.name, m.fvalue, m.tags, m.rate) - case set: - return w.buffer.writeSet(m.namespace, m.globalTags, m.name, m.svalue, m.tags, m.rate) - case timing: - return w.buffer.writeTiming(m.namespace, m.globalTags, m.name, m.fvalue, m.tags, m.rate) - case event: - return w.buffer.writeEvent(m.evalue, m.globalTags) - case serviceCheck: - return w.buffer.writeServiceCheck(m.scvalue, m.globalTags) - case histogramAggregated: - return w.writeAggregatedMetricUnsafe(m, histogramSymbol, -1, m.rate) - case distributionAggregated: - return w.writeAggregatedMetricUnsafe(m, distributionSymbol, -1, m.rate) - case timingAggregated: - return w.writeAggregatedMetricUnsafe(m, timingSymbol, 6, m.rate) - default: - return nil - } -} - -func (w *worker) flush() { - w.Lock() - w.flushUnsafe() - w.Unlock() -} - -func (w *worker) pause() { - w.Lock() -} - -func (w *worker) unpause() { - w.Unlock() -} - -// flush the current buffer. Lock must be held by caller. -// flushed buffer written to the network asynchronously. -func (w *worker) flushUnsafe() { - if len(w.buffer.bytes()) > 0 { - w.sender.send(w.buffer) - w.buffer = w.pool.borrowBuffer() - } -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/.gitattributes b/vendor/github.com/DataDog/go-libddwaf/v3/.gitattributes deleted file mode 100644 index 003a8007..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/.gitattributes +++ /dev/null @@ -1,3 +0,0 @@ -*.dylib -diff -*.so -diff -*.a -diff diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/.gitignore b/vendor/github.com/DataDog/go-libddwaf/v3/.gitignore deleted file mode 100644 index e9a06fb7..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/.gitignore +++ /dev/null @@ -1,23 +0,0 @@ -# Binaries for programs and plugins -*.exe -*.exe~ - -# Test binary, built with `go test -c` -*.test - -# Output of the go coverage tool, specifically when used with LiteIDE -*.out - -# Dependency directories (remove the comment below to include it) -# vendor/ - -.vscode/ -.idea/ - -# Swap files -*.swp - -## Ensure WAF static libraries are not excluded from vendor folders -!internal/lib/*.so.gz -!internal/lib/*.dylib.gz - diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/CODEOWNERS b/vendor/github.com/DataDog/go-libddwaf/v3/CODEOWNERS deleted file mode 100644 index 2e4d479a..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/CODEOWNERS +++ /dev/null @@ -1,2 +0,0 @@ -# default owner -* @DataDog/asm-go diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/LICENSE b/vendor/github.com/DataDog/go-libddwaf/v3/LICENSE deleted file mode 100644 index 9301dd7a..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/LICENSE +++ /dev/null @@ -1,200 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-present Datadog, Inc. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/README.md b/vendor/github.com/DataDog/go-libddwaf/v3/README.md deleted file mode 100644 index 013b663b..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/README.md +++ /dev/null @@ -1,151 +0,0 @@ -# go-libddwaf - -This project's goal is to produce a higher level API for the go bindings to [libddwaf](https://github.com/DataDog/libddwaf): DataDog in-app WAF. -It consists of 2 separate entities: the bindings for the calls to libddwaf, and the encoder which job is to convert _any_ go value to its libddwaf object representation. - -An example usage would be: - -```go -import waf "github.com/DataDog/go-libddwaf/v3" - -//go:embed -var ruleset []byte - -func main() { - var parsedRuleset any - - if err := json.Unmarshal(ruleset, &parsedRuleset); err != nil { - panic(err) - } - - wafHandle, err := waf.NewHandle(parsedRuleset, "", "") - if err != nil { - panic(err) - } - - defer wafHandle.Close() - - wafCtx := wafHandle.NewContext() - defer wafCtx.Close() - - matches, actions := wafCtx.Run(RunAddressData{ - Persistent: map[string]any{ - "server.request.path_params": "/rfiinc.txt", - }, - }) -} -``` - -The API documentation details can be found on [pkg.go.dev](https://pkg.go.dev/github.com/DataDog/go-libddwaf/v3). - -Originally this project was only here to provide CGO Wrappers to the calls to libddwaf. -But with the appearance of `ddwaf_object` tree like structure, -but also with the intention to build CGO-less bindings, this project size has grown to be a fully integrated brick in the DataDog tracer structure. -Which in turn made it necessary to document the project, to maintain it in an orderly fashion. - -## Supported platforms - -This library currently support the following platform doublets: - -| OS | Arch | -| ----- | ------- | -| Linux | amd64 | -| Linux | aarch64 | -| OSX | amd64 | -| OSX | arm64 | - -This means that when the platform is not supported, top-level functions will return a `WafDisabledError` error including the purpose of it. - -Note that: -* Linux support include for glibc and musl variants -* OSX under 10.9 is not supported -* A build tag named `datadog.no_waf` can be manually added to force the WAF to be disabled. - -## Design - -The WAF bindings have multiple moving parts that are necessary to understand: - -- Handle: a object wrapper over the pointer to the C WAF Handle -- Context: a object wrapper over a pointer to the C WAF Context -- Encoder: its goal is to construct a tree of Waf Objects to send to the WAF -- CGORefPool: Does all allocation operations for the construction of Waf Objects and keeps track of the equivalent go pointers -- Decoder: Transforms Waf Objects returned from the WAF to usual go objects (e.g. maps, arrays, ...) -- Library: The low-level go bindings to the C library, providing improved typing - -```mermaid -flowchart LR - - START:::hidden -->|NewHandle| Handle -->|NewContext| Context - - Context -->|Encode Inputs| Encoder - - Handle -->|Encode Ruleset| Encoder - Handle -->|Init WAF| Library - Context -->|Decode Result| Decoder - - Handle -->|Decode Init Errors| Decoder - - Context -->|Run| Library - Context -->|Store Go References| CGORefPool - - Encoder -->|Allocate Waf Objects| TempCGORefPool - - TempCGORefPool -->|Copy after each encoding| CGORefPool - - Library -->|Call C code| libddwaf - - classDef hidden display: none; -``` - -### CGO Reference Pool - -The cgoRefPool type is a pure Go pointer pool of `ddwaf_object` C values on the Go memory heap. -the `cgoRefPool` go type is a way to make sure we can safely send Go allocated data to the C side of the WAF -The main issue is the following: the `WafObject` uses a C union to store the tree structure of the full object, -union equivalent in go are interfaces and they are not compatible with C unions. The only way to be 100% sure -that the Go `WafObject` struct has the same layout as the C one is to only use primitive types. So the only way to -store a raw pointer is to use the `uintptr` type. But since `uintptr` do not have pointer semantics (and are just -basically integers), we need another method to store the value as Go pointer because the GC will delete our data if it -is not referenced by Go pointers. - -That's where the `cgoRefPool` object comes into play: all new `WafObject` elements are created via this API which is especially -built to make sure there is no gap for the Garbage Collector to exploit. From there, since underlying values of the -`wafObject` are either arrays of WafObjects (for maps, structs and arrays) or string (for all ints, booleans and strings), -we can store 2 slices of arrays and use `unsafe.KeepAlive` in each code path to protect them from the GC. - -All these objects stored in the reference pool need to live throughout the use of the associated Waf Context. - -### Typical call to Run() - -Here is an example of the flow of operations on a simple call to Run(): - -- Encode input data into WAF Objects and store references in the temporary pool -- Lock the context mutex until the end of the call -- Store references from the temporary pool into the context level pool -- Call `ddwaf_run` -- Decode the matches and actions - -### CGO-less C Bindings - -This library uses [purego](https://github.com/ebitengine/purego) to implement C bindings without requiring use of CGO at compilation time. The high-level workflow -is to embed the C shared library using `go:embed`, dump it into a file, open the library using `dlopen`, load the -symbols using `dlsym`, and finally call them. On Linux systems, using `memfd_create(2)` enables the library to be loaded without -writing to the filesystem. - -Another requirement of `libddwaf` is to have a FHS filesystem on your machine and, for Linux, to provide `libc.so.6`, -`libpthread.so.0`, and `libdl.so.2` as dynamic libraries. - -> :warning: Keep in mind that **purego only works on linux/darwin for amd64/arm64 and so does go-libddwaf.** - -## Contributing pitfalls - -- Cannot dlopen twice in the app lifetime on OSX. It messes with Thread Local Storage and usually finishes with a `std::bad_alloc()` -- `keepAlive()` calls are here to prevent the GC from destroying objects too early -- Since there is a stack switch between the Go code and the C code, usually the only C stacktrace you will ever get is from GDB -- If a segfault happens during a call to the C code, the goroutine stacktrace which has done the call is the one annotated with `[syscall]` -- [GoLand](https://www.jetbrains.com/go/) does not support `CGO_ENABLED=0` (as of June 2023) -- Keep in mind that we fully escape the type system. If you send the wrong data it will segfault in the best cases but not always! -- The structs in `ctypes.go` are here to reproduce the memory layout of the structs in `include/ddwaf.h` because pointers to these structs will be passed directly -- Do not use `uintptr` as function arguments or results types, coming from `unsafe.Pointer` casts of Go values, because they escape the pointer analysis which can create wrongly optimized code and crash. Pointer arithmetic is of course necessary in such a library but must be kept in the same function scope. -- GDB is available on arm64 but is not officially supported so it usually crashes pretty fast (as of June 2023) -- No pointer to variables on the stack shall be sent to the C code because Go stacks can be moved during the C call. More on this [here](https://medium.com/@trinad536/escape-analysis-in-golang-fc81b78f3550) diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/cgo_ref_pool.go b/vendor/github.com/DataDog/go-libddwaf/v3/cgo_ref_pool.go deleted file mode 100644 index 9de4c2fb..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/cgo_ref_pool.go +++ /dev/null @@ -1,106 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package waf - -import ( - "strconv" - - "github.com/DataDog/go-libddwaf/v3/internal/bindings" - "github.com/DataDog/go-libddwaf/v3/internal/unsafe" -) - -// cgoRefPool is a way to make sure we can safely send go allocated data on the C side of the WAF -// The main issue is the following: the wafObject uses a C union to store the tree structure of the full object, -// union equivalent in go are interfaces and they are not compatible with C unions. The only way to be 100% sure -// that the Go wafObject struct have the same layout as the C one is to only use primitive types. So the only way to -// store a raw pointer is to use the uintptr type. But since uintptr do not have pointer semantics (and are just -// basically integers), we need another structure to store the value as Go pointer because the GC is lurking. That's -// where the cgoRefPool object comes into play: All new wafObject elements are created via this API whose especially -// built to make sure there is no gap for the Garbage Collector to exploit. From there, since underlying values of the -// wafObject are either arrays (for maps, structs and arrays) or string (for all ints, booleans and strings), -// we can store 2 slices of arrays and use runtime.KeepAlive in each code path to protect them from the GC. -type cgoRefPool struct { - stringRefs []string - arrayRefs [][]bindings.WafObject -} - -// This is used when passing empty Go strings to the WAF in order to avoid passing null string pointers, -// which are not handled by the WAF in all cases. -// FIXME: to be removed when the WAF handles null ptr strings in all expected places -var emptyWAFStringValue = unsafe.NativeStringUnwrap("\x00").Data - -func (refPool *cgoRefPool) append(newRefs cgoRefPool) { - refPool.stringRefs = append(refPool.stringRefs, newRefs.stringRefs...) - refPool.arrayRefs = append(refPool.arrayRefs, newRefs.arrayRefs...) -} - -// AllocCString is used in the rare cases where we need the WAF to receive standard null-terminated strings. -// All cases where strings a wrapped in wafObject are handled by AllocWafString -func (refPool *cgoRefPool) AllocCString(str string) uintptr { - if len(str) > 0 && str[len(str)-1] != '\x00' { - str = str + "\x00" - } - - refPool.stringRefs = append(refPool.stringRefs, str) - return unsafe.NativeStringUnwrap(str).Data -} - -// AllocWafString fills the obj parameter wafObject with all parameters needed for the WAF interpret it as a string. -// We take full advantage of the fact that the WAF can receive non-null-terminated strings by directly retrieving the -// underlying array in the string value using the nativeStringUnwrap function. Hence, removing any copy in the process -func (refPool *cgoRefPool) AllocWafString(obj *bindings.WafObject, str string) { - obj.Type = bindings.WafStringType - - if len(str) == 0 { - obj.NbEntries = 0 - // FIXME: use obj.Value = 0 when the WAF handles null string ptr in all expected places - obj.Value = emptyWAFStringValue - return - } - - refPool.stringRefs = append(refPool.stringRefs, str) - stringHeader := unsafe.NativeStringUnwrap(str) - obj.Value = stringHeader.Data - obj.NbEntries = uint64(stringHeader.Len) -} - -// AllocWafArray is used to create a tree-like structure since we allocate a wafObject array inside another wafOject. -// wafObject can also represent a map, in that case we use the AllocWafMapKey function to make the wafObject key-value-pair -// like objects. -func (refPool *cgoRefPool) AllocWafArray(obj *bindings.WafObject, typ bindings.WafObjectType, size uint64) []bindings.WafObject { - if typ != bindings.WafMapType && typ != bindings.WafArrayType { - panic("Cannot allocate this waf object data type as an array: " + strconv.Itoa(int(typ))) - } - - obj.Type = typ - obj.NbEntries = size - - // If the array size is zero no need to allocate anything - if size == 0 { - obj.Value = 0 - return nil - } - - goArray := make([]bindings.WafObject, size) - refPool.arrayRefs = append(refPool.arrayRefs, goArray) - - obj.Value = unsafe.SliceToUintptr(goArray) - return goArray -} - -// AllocWafMapKey is used to store a string map key in a wafObject. -// We take full advantage of the fact that the WAF can receive non-null-terminated strings by directly retrieving the -// underlying array in the string value using the nativeStringUnwrap function. Hence, removing any copy in the process -func (refPool *cgoRefPool) AllocWafMapKey(obj *bindings.WafObject, str string) { - if len(str) == 0 { - return - } - - refPool.stringRefs = append(refPool.stringRefs, str) - stringHeader := unsafe.NativeStringUnwrap(str) - obj.ParameterName = stringHeader.Data - obj.ParameterNameLength = uint64(stringHeader.Len) -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/context.go b/vendor/github.com/DataDog/go-libddwaf/v3/context.go deleted file mode 100644 index 509f7f0c..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/context.go +++ /dev/null @@ -1,327 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package waf - -import ( - "sync" - "sync/atomic" - "time" - - "github.com/DataDog/go-libddwaf/v3/errors" - "github.com/DataDog/go-libddwaf/v3/internal/bindings" - "github.com/DataDog/go-libddwaf/v3/internal/unsafe" - "github.com/DataDog/go-libddwaf/v3/timer" -) - -// Context is a WAF execution context. It allows running the WAF incrementally -// when calling it multiple times to run its rules every time new addresses -// become available. Each request must have its own Context. -type Context struct { - handle *Handle // Instance of the WAF - - cgoRefs cgoRefPool // Used to retain go data referenced by WAF Objects the context holds - cContext bindings.WafContext // The C ddwaf_context pointer - - // timeoutCount count all calls which have timeout'ed by scope. Keys are fixed at creation time. - timeoutCount map[Scope]*atomic.Uint64 - - // mutex protecting the use of cContext which is not thread-safe and cgoRefs. - mutex sync.Mutex - - // timer registers the time spent in the WAF and go-libddwaf - timer timer.NodeTimer - - // metrics stores the cumulative time spent in various parts of the WAF - metrics metricsStore - - // truncations provides details about truncations that occurred while - // encoding address data for WAF execution. - truncations map[Scope]map[TruncationReason][]int -} - -// RunAddressData provides address data to the Context.Run method. If a given key is present in both -// RunAddressData.Persistent and RunAddressData.Ephemeral, the value from RunAddressData.Persistent will take precedence. -type RunAddressData struct { - // Persistent address data is scoped to the lifetime of a given Context, and subsquent calls to Context.Run with the - // same address name will be silently ignored. - Persistent map[string]any - // Ephemeral address data is scoped to a given Context.Run call and is not persisted across calls. This is used for - // protocols such as gRPC client/server streaming or GraphQL, where a single request can incur multiple subrequests. - Ephemeral map[string]any - // Scope is the way to classify the different runs in the same context in order to have different metrics - Scope Scope -} - -func (d RunAddressData) isEmpty() bool { - return len(d.Persistent) == 0 && len(d.Ephemeral) == 0 -} - -// Run encodes the given addressData values and runs them against the WAF rules within the given timeout value. If a -// given address is present both as persistent and ephemeral, the persistent value takes precedence. It returns the -// matches as a JSON string (usually opaquely used) along with the corresponding actions in any. In case of an error, -// matches and actions can still be returned, for instance in the case of a timeout error. Errors can be tested against -// the RunError type. -// Struct fields having the tag `ddwaf:"ignore"` will not be encoded and sent to the WAF -// if the output of TotalTime() exceeds the value of Timeout, the function will immediately return with errors.ErrTimeout -// The second parameter is deprecated and should be passed to NewContextWithBudget instead. -func (context *Context) Run(addressData RunAddressData) (res Result, err error) { - if addressData.isEmpty() { - return - } - - if addressData.Scope == "" { - addressData.Scope = DefaultScope - } - - defer func() { - if err == errors.ErrTimeout { - context.timeoutCount[addressData.Scope].Add(1) - } - }() - - // If the context has already timed out, we don't need to run the WAF again - if context.timer.SumExhausted() { - return Result{}, errors.ErrTimeout - } - - runTimer, err := context.timer.NewNode(wafRunTag, - timer.WithComponents( - wafEncodeTag, - wafDecodeTag, - wafDurationTag, - ), - ) - if err != nil { - return Result{}, err - } - - runTimer.Start() - defer func() { - context.metrics.add(addressData.Scope, wafRunTag, runTimer.Stop()) - context.metrics.merge(addressData.Scope, runTimer.Stats()) - }() - - wafEncodeTimer := runTimer.MustLeaf(wafEncodeTag) - wafEncodeTimer.Start() - persistentData, persistentEncoder, err := context.encodeOneAddressType(addressData.Scope, addressData.Persistent, wafEncodeTimer) - if err != nil { - wafEncodeTimer.Stop() - return res, err - } - - // The WAF releases ephemeral address data at the max of each run call, so we need not keep the Go values live beyond - // that in the same way we need for persistent data. We hence use a separate encoder. - ephemeralData, ephemeralEncoder, err := context.encodeOneAddressType(addressData.Scope, addressData.Ephemeral, wafEncodeTimer) - if err != nil { - wafEncodeTimer.Stop() - return res, err - } - - wafEncodeTimer.Stop() - - // ddwaf_run cannot run concurrently and we are going to mutate the context.cgoRefs, so we need to lock the context - context.mutex.Lock() - defer context.mutex.Unlock() - - if runTimer.SumExhausted() { - return res, errors.ErrTimeout - } - - // Save the Go pointer references to addressesToData that were referenced by the encoder - // into C ddwaf_objects. libddwaf's API requires to keep this data for the lifetime of the ddwaf_context. - defer context.cgoRefs.append(persistentEncoder.cgoRefs) - - wafDecodeTimer := runTimer.MustLeaf(wafDecodeTag) - res, err = context.run(persistentData, ephemeralData, wafDecodeTimer, runTimer.SumRemaining()) - - runTimer.AddTime(wafDurationTag, res.TimeSpent) - - // Ensure the ephemerals don't get optimized away by the compiler before the WAF had a chance to use them. - unsafe.KeepAlive(ephemeralEncoder.cgoRefs) - unsafe.KeepAlive(persistentEncoder.cgoRefs) - - return -} - -// merge merges two maps of slices into a single map of slices. The resulting map will contain all -// keys from both a and b, with the corresponding value from a and b concatenated (in this order) in -// a single slice. The implementation tries to minimize reallocations. -func merge[K comparable, V any](a, b map[K][]V) (merged map[K][]V) { - count := len(a) + len(b) - if count == 0 { - return - } - - keys := make(map[K]struct{}, count) - nothing := struct{}{} - totalCount := 0 - for _, m := range [2]map[K][]V{a, b} { - for k, v := range m { - keys[k] = nothing - totalCount += len(v) - } - } - - merged = make(map[K][]V, count) - values := make([]V, 0, totalCount) - - for k := range keys { - idxS := len(values) // Start index - values = append(values, a[k]...) - values = append(values, b[k]...) - idxE := len(values) // End index - - merged[k] = values[idxS:idxE] - } - - return -} - -// encodeOneAddressType encodes the given addressData values and returns the corresponding WAF object and its refs. -// If the addressData is empty, it returns nil for the WAF object and an empty ref pool. -// At this point, if the encoder does not timeout, the only error we can get is an error in case the top level object -// is a nil map, but this behaviour is expected since either persistent or ephemeral addresses are allowed to be null -// one at a time. In this case, Encode will return nil contrary to Encode which will return a nil wafObject, -// which is what we need to send to ddwaf_run to signal that the address data is empty. -func (context *Context) encodeOneAddressType(scope Scope, addressData map[string]any, timer timer.Timer) (*bindings.WafObject, encoder, error) { - encoder := newLimitedEncoder(timer) - if addressData == nil { - return nil, encoder, nil - } - - data, _ := encoder.Encode(addressData) - if len(encoder.truncations) > 0 { - context.mutex.Lock() - defer context.mutex.Unlock() - - context.truncations[scope] = merge(context.truncations[scope], encoder.truncations) - } - - if timer.Exhausted() { - return nil, encoder, errors.ErrTimeout - } - - return data, encoder, nil -} - -// run executes the ddwaf_run call with the provided data on this context. The caller is responsible for locking the -// context appropriately around this call. -func (context *Context) run(persistentData, ephemeralData *bindings.WafObject, wafDecodeTimer timer.Timer, timeBudget time.Duration) (Result, error) { - result := new(bindings.WafResult) - defer wafLib.WafResultFree(result) - - // The value of the timeout cannot exceed 2^55 - // cf. https://en.cppreference.com/w/cpp/chrono/duration - timeout := uint64(timeBudget.Microseconds()) & 0x008FFFFFFFFFFFFF - ret := wafLib.WafRun(context.cContext, persistentData, ephemeralData, result, timeout) - - wafDecodeTimer.Start() - defer wafDecodeTimer.Stop() - - return unwrapWafResult(ret, result) -} - -func unwrapWafResult(ret bindings.WafReturnCode, result *bindings.WafResult) (res Result, err error) { - if result.Timeout > 0 { - err = errors.ErrTimeout - } else { - // Derivatives can be generated even if no security event gets detected, so we decode them as long as the WAF - // didn't timeout - res.Derivatives, err = decodeMap(&result.Derivatives) - } - - res.TimeSpent = time.Duration(result.TotalRuntime) * time.Nanosecond - - if ret == bindings.WafOK { - return res, err - } - - if ret != bindings.WafMatch { - return res, goRunError(ret) - } - - res.Events, err = decodeArray(&result.Events) - if err != nil { - return res, err - } - if size := result.Actions.NbEntries; size > 0 { - res.Actions, err = decodeMap(&result.Actions) - if err != nil { - return res, err - } - } - - return res, err -} - -// Close the underlying `ddwaf_context` and releases the associated internal -// data. Also decreases the reference count of the `ddwaf_hadnle` which created -// this context, possibly releasing it completely (if this was the last context -// created from this handle & it was released by its creator). -func (context *Context) Close() { - context.mutex.Lock() - defer context.mutex.Unlock() - - wafLib.WafContextDestroy(context.cContext) - unsafe.KeepAlive(context.cgoRefs) // Keep the Go pointer references until the max of the context - defer context.handle.release() // Reduce the reference counter of the Handle. - - context.cgoRefs = cgoRefPool{} // The data in context.cgoRefs is no longer needed, explicitly release - context.cContext = 0 // Makes it easy to spot use-after-free/double-free issues -} - -// TotalRuntime returns the cumulated WAF runtime across various run calls within the same WAF context. -// Returned time is in nanoseconds. -// Deprecated: use Stats instead -func (context *Context) TotalRuntime() (uint64, uint64) { - return uint64(context.metrics.get(DefaultScope, wafRunTag)), uint64(context.metrics.get(DefaultScope, wafDurationTag)) -} - -// TotalTimeouts returns the cumulated amount of WAF timeouts across various run calls within the same WAF context. -// Deprecated: use Stats instead -func (context *Context) TotalTimeouts() uint64 { - return context.timeoutCount[DefaultScope].Load() -} - -// Stats returns the cumulative time spent in various parts of the WAF, all in nanoseconds -// and the timeout value used -func (context *Context) Stats() Stats { - context.mutex.Lock() - defer context.mutex.Unlock() - - truncations := make(map[TruncationReason][]int, len(context.truncations[DefaultScope])) - for reason, counts := range context.truncations[DefaultScope] { - truncations[reason] = make([]int, len(counts)) - copy(truncations[reason], counts) - } - - raspTruncations := make(map[TruncationReason][]int, len(context.truncations[RASPScope])) - for reason, counts := range context.truncations[RASPScope] { - raspTruncations[reason] = make([]int, len(counts)) - copy(raspTruncations[reason], counts) - } - - var ( - timeoutDefault uint64 - timeoutRASP uint64 - ) - - if atomic, ok := context.timeoutCount[DefaultScope]; ok { - timeoutDefault = atomic.Load() - } - - if atomic, ok := context.timeoutCount[RASPScope]; ok { - timeoutRASP = atomic.Load() - } - - return Stats{ - Timers: context.metrics.timers(), - TimeoutCount: timeoutDefault, - TimeoutRASPCount: timeoutRASP, - Truncations: truncations, - TruncationsRASP: raspTruncations, - } -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/decoder.go b/vendor/github.com/DataDog/go-libddwaf/v3/decoder.go deleted file mode 100644 index 330412c1..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/decoder.go +++ /dev/null @@ -1,253 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package waf - -import ( - "github.com/DataDog/go-libddwaf/v3/errors" - "github.com/DataDog/go-libddwaf/v3/internal/bindings" - "github.com/DataDog/go-libddwaf/v3/internal/unsafe" -) - -// decodeErrors transforms the wafObject received by the wafRulesetInfo after the call to wafDl.wafInit to a map where -// keys are the error message and the value is a array of all the rule ids which triggered this specific error -func decodeErrors(obj *bindings.WafObject) (map[string][]string, error) { - if !obj.IsMap() { - return nil, errors.ErrInvalidObjectType - } - - if obj.Value == 0 && obj.NbEntries > 0 { - return nil, errors.ErrNilObjectPtr - } - - wafErrors := map[string][]string{} - for i := uint64(0); i < obj.NbEntries; i++ { - objElem := unsafe.CastWithOffset[bindings.WafObject](obj.Value, i) - - errorMessage := unsafe.GostringSized(unsafe.Cast[byte](objElem.ParameterName), objElem.ParameterNameLength) - ruleIds, err := decodeStringArray(objElem) - if err != nil { - return nil, err - } - - wafErrors[errorMessage] = ruleIds - } - - return wafErrors, nil -} - -func decodeDiagnostics(obj *bindings.WafObject) (Diagnostics, error) { - if !obj.IsMap() { - return Diagnostics{}, errors.ErrInvalidObjectType - } - if obj.Value == 0 && obj.NbEntries > 0 { - return Diagnostics{}, errors.ErrNilObjectPtr - } - - var ( - diags Diagnostics - err error - ) - for i := uint64(0); i < obj.NbEntries; i++ { - objElem := unsafe.CastWithOffset[bindings.WafObject](obj.Value, i) - key := unsafe.GostringSized(unsafe.Cast[byte](objElem.ParameterName), objElem.ParameterNameLength) - switch key { - case "actions": - diags.Actions, err = decodeDiagnosticsEntry(objElem) - case "custom_rules": - diags.CustomRules, err = decodeDiagnosticsEntry(objElem) - case "exclusions": - diags.Exclusions, err = decodeDiagnosticsEntry(objElem) - case "rules": - diags.Rules, err = decodeDiagnosticsEntry(objElem) - case "rules_data": - diags.RulesData, err = decodeDiagnosticsEntry(objElem) - case "exclusion_data": - diags.RulesData, err = decodeDiagnosticsEntry(objElem) - case "rules_override": - diags.RulesOverrides, err = decodeDiagnosticsEntry(objElem) - case "processors": - diags.Processors, err = decodeDiagnosticsEntry(objElem) - case "scanners": - diags.Scanners, err = decodeDiagnosticsEntry(objElem) - case "ruleset_version": - diags.Version = unsafe.GostringSized(unsafe.Cast[byte](objElem.Value), objElem.NbEntries) - default: - // ignore? - } - if err != nil { - return Diagnostics{}, err - } - } - - return diags, nil -} - -func decodeDiagnosticsEntry(obj *bindings.WafObject) (*DiagnosticEntry, error) { - if !obj.IsMap() { - return nil, errors.ErrInvalidObjectType - } - if obj.Value == 0 && obj.NbEntries > 0 { - return nil, errors.ErrNilObjectPtr - } - var entry DiagnosticEntry - var err error - - for i := uint64(0); i < obj.NbEntries; i++ { - objElem := unsafe.CastWithOffset[bindings.WafObject](obj.Value, i) - key := unsafe.GostringSized(unsafe.Cast[byte](objElem.ParameterName), objElem.ParameterNameLength) - switch key { - case "addresses": - entry.Addresses, err = decodeDiagnosticAddresses(objElem) - case "error": - entry.Error = unsafe.GostringSized(unsafe.Cast[byte](objElem.Value), objElem.NbEntries) - case "errors": - entry.Errors, err = decodeErrors(objElem) - case "failed": - entry.Failed, err = decodeStringArray(objElem) - case "loaded": - entry.Loaded, err = decodeStringArray(objElem) - case "skipped": - entry.Skipped, err = decodeStringArray(objElem) - default: - return nil, errors.ErrUnsupportedValue - } - - if err != nil { - return nil, err - } - } - - return &entry, nil -} - -func decodeDiagnosticAddresses(obj *bindings.WafObject) (*DiagnosticAddresses, error) { - if !obj.IsMap() { - return nil, errors.ErrInvalidObjectType - } - if obj.Value == 0 && obj.NbEntries > 0 { - return nil, errors.ErrNilObjectPtr - } - - addrs := &DiagnosticAddresses{} - - var err error - for i := uint64(0); i < obj.NbEntries; i++ { - objElem := unsafe.CastWithOffset[bindings.WafObject](obj.Value, i) - key := unsafe.GostringSized(unsafe.Cast[byte](objElem.ParameterName), objElem.ParameterNameLength) - switch key { - case "required": - addrs.Required, err = decodeStringArray(objElem) - if err != nil { - return nil, err - } - case "optional": - addrs.Optional, err = decodeStringArray(objElem) - if err != nil { - return nil, err - } - default: - return nil, errors.ErrUnsupportedValue - } - } - - return addrs, nil -} - -func decodeStringArray(obj *bindings.WafObject) ([]string, error) { - // We consider that nil is an empty array - if obj.IsNil() { - return nil, nil - } - - if !obj.IsArray() { - return nil, errors.ErrInvalidObjectType - } - - if obj.Value == 0 && obj.NbEntries > 0 { - return nil, errors.ErrNilObjectPtr - } - - var strArr []string - for i := uint64(0); i < obj.NbEntries; i++ { - objElem := unsafe.CastWithOffset[bindings.WafObject](obj.Value, i) - if objElem.Type != bindings.WafStringType { - return nil, errors.ErrInvalidObjectType - } - - strArr = append(strArr, unsafe.GostringSized(unsafe.Cast[byte](objElem.Value), objElem.NbEntries)) - } - - return strArr, nil -} - -func decodeObject(obj *bindings.WafObject) (any, error) { - switch obj.Type { - case bindings.WafMapType: - return decodeMap(obj) - case bindings.WafArrayType: - return decodeArray(obj) - case bindings.WafStringType: - return unsafe.GostringSized(unsafe.Cast[byte](obj.Value), obj.NbEntries), nil - case bindings.WafIntType: - return int64(obj.Value), nil - case bindings.WafUintType: - return uint64(obj.Value), nil - case bindings.WafFloatType: - return unsafe.UintptrToNative[float64](obj.Value), nil - case bindings.WafBoolType: - return unsafe.UintptrToNative[bool](obj.Value), nil - case bindings.WafNilType: - return nil, nil - default: - return nil, errors.ErrUnsupportedValue - } -} - -func decodeArray(obj *bindings.WafObject) ([]any, error) { - if obj.IsNil() { - return nil, nil - } - - if !obj.IsArray() { - return nil, errors.ErrInvalidObjectType - } - - events := make([]any, obj.NbEntries) - - for i := uint64(0); i < obj.NbEntries; i++ { - objElem := unsafe.CastWithOffset[bindings.WafObject](obj.Value, i) - val, err := decodeObject(objElem) - if err != nil { - return nil, err - } - events[i] = val - } - - return events, nil -} - -func decodeMap(obj *bindings.WafObject) (map[string]any, error) { - if obj.IsNil() { - return nil, nil - } - - if !obj.IsMap() { - return nil, errors.ErrInvalidObjectType - } - - result := make(map[string]any, obj.NbEntries) - for i := uint64(0); i < obj.NbEntries; i++ { - objElem := unsafe.CastWithOffset[bindings.WafObject](obj.Value, i) - key := unsafe.GostringSized(unsafe.Cast[byte](objElem.ParameterName), objElem.ParameterNameLength) - val, err := decodeObject(objElem) - if err != nil { - return nil, err - } - result[key] = val - } - - return result, nil -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/encoder.go b/vendor/github.com/DataDog/go-libddwaf/v3/encoder.go deleted file mode 100644 index dcf6b488..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/encoder.go +++ /dev/null @@ -1,507 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package waf - -import ( - "context" - "fmt" - "math" - "reflect" - "strings" - "time" - "unicode" - - "github.com/DataDog/go-libddwaf/v3/errors" - "github.com/DataDog/go-libddwaf/v3/internal/bindings" - "github.com/DataDog/go-libddwaf/v3/internal/unsafe" - "github.com/DataDog/go-libddwaf/v3/timer" -) - -// Encode Go values into wafObjects. Only the subset of Go types representable into wafObjects -// will be encoded while ignoring the rest of it. -// The encoder allocates the memory required for new wafObjects into the Go memory, which must be kept -// referenced for their lifetime in the C world. This lifetime depends on the ddwaf function being used with. -// the encoded result. The Go references of the allocated wafObjects, along with every Go pointer they may -// reference now or in the future, are stored and referenced in the `cgoRefs` field. The user MUST leverage -// `keepAlive()` with it according to its ddwaf use-case. -type encoder struct { - // timer makes sure the encoder doesn't spend too much time doing its job. - timer timer.Timer - - // For each TruncationReason, holds the size that is required to avoid truncation for each truncation that happened. - truncations map[TruncationReason][]int - - cgoRefs cgoRefPool - containerMaxSize int - stringMaxSize int - objectMaxDepth int -} - -// TruncationReason is a flag representing reasons why some input was not encoded in full. -type TruncationReason uint8 - -const ( - // StringTooLong indicates a string exceeded the maximum string length configured. The truncation - // values indicate the actual length of truncated strings. - StringTooLong TruncationReason = 1 << iota - // ContainerTooLarge indicates a container (list, map, struct) exceeded the maximum number of - // elements configured. The truncation values indicate the actual number of elements in the - // truncated container. - ContainerTooLarge - // ObjectTooDeep indicates an overall object exceeded the maximum encoding depths configured. The - // truncation values indicate an estimated actual depth of the truncated object. The value is - // guaranteed to be less than or equal to the actual depth (it may not be more). - ObjectTooDeep -) - -func (reason TruncationReason) String() string { - switch reason { - case ObjectTooDeep: - return "depth" - case ContainerTooLarge: - return "container-size" - case StringTooLong: - return "string-size" - default: - return fmt.Sprintf("TruncationReason(%v)", int(reason)) - } -} - -const ( - AppsecFieldTag = "ddwaf" - AppsecFieldTagValueIgnore = "ignore" -) - -type native interface { - int64 | uint64 | uintptr -} - -func newLimitedEncoder(timer timer.Timer) encoder { - return encoder{ - timer: timer, - containerMaxSize: bindings.WafMaxContainerSize, - stringMaxSize: bindings.WafMaxStringLength, - objectMaxDepth: bindings.WafMaxContainerDepth, - } -} - -func newMaxEncoder() encoder { - timer, _ := timer.NewTimer(timer.WithUnlimitedBudget()) - return encoder{ - timer: timer, - containerMaxSize: math.MaxInt, - stringMaxSize: math.MaxInt, - objectMaxDepth: math.MaxInt, - } -} - -// Encode takes a Go value and returns a wafObject pointer and an error. -// The returned wafObject is the root of the tree of nested wafObjects representing the Go value. -// The only error case is if the top-level object is "Unusable" which means that the data is nil or a non-data type -// like a function or a channel. -func (encoder *encoder) Encode(data any) (wo *bindings.WafObject, err error) { - value := reflect.ValueOf(data) - wo = &bindings.WafObject{} - - err = encoder.encode(value, wo, encoder.objectMaxDepth) - - if len(encoder.truncations[ObjectTooDeep]) != 0 && !encoder.timer.Exhausted() { - encoder.measureObjectDepth(value, encoder.timer.Remaining()) - } - - return -} - -// Truncations returns all truncations that happened since the last call to `Truncations()`, and clears the internal -// list. This is a map from truncation reason to the list of un-truncated value sizes. -func (encoder *encoder) Truncations() map[TruncationReason][]int { - result := encoder.truncations - encoder.truncations = nil - return result -} - -func encodeNative[T native](val T, t bindings.WafObjectType, obj *bindings.WafObject) { - obj.Type = t - obj.Value = (uintptr)(val) -} - -var nullableTypeKinds = map[reflect.Kind]struct{}{ - reflect.Interface: {}, - reflect.Pointer: {}, - reflect.UnsafePointer: {}, - reflect.Map: {}, - reflect.Slice: {}, - reflect.Func: {}, - reflect.Chan: {}, -} - -// isValueNil check if the value is nullable and if it is actually nil -// we cannot directly use value.IsNil() because it panics on non-pointer values -func isValueNil(value reflect.Value) bool { - _, nullable := nullableTypeKinds[value.Kind()] - return nullable && value.IsNil() -} - -func (encoder *encoder) encode(value reflect.Value, obj *bindings.WafObject, depth int) error { - if encoder.timer.Exhausted() { - return errors.ErrTimeout - } - - value, kind := resolvePointer(value) - if (kind == reflect.Interface || kind == reflect.Pointer) && !value.IsNil() { - // resolvePointer failed to resolve to something that's not a pointer, it - // has indirected too many times... - return errors.ErrTooManyIndirections - } - - // Measure-only runs for leaves - if obj == nil && kind != reflect.Array && kind != reflect.Slice && kind != reflect.Map && kind != reflect.Struct { - // Nothing to do, we were only here to measure object depth! - return nil - } - - switch { - // Terminal cases (leaves of the tree) - // Is invalid type: nil interfaces for example, cannot be used to run any reflect method or it's susceptible to panic - case !value.IsValid() || kind == reflect.Invalid: - return errors.ErrUnsupportedValue - // Is nullable type: nil pointers, channels, maps or functions - case isValueNil(value): - encodeNative[uintptr](0, bindings.WafNilType, obj) - - // Booleans - case kind == reflect.Bool: - encodeNative(unsafe.NativeToUintptr(value.Bool()), bindings.WafBoolType, obj) - - // Numbers - case value.CanInt(): // any int type or alias - encodeNative(value.Int(), bindings.WafIntType, obj) - case value.CanUint(): // any Uint type or alias - encodeNative(value.Uint(), bindings.WafUintType, obj) - case value.CanFloat(): // any float type or alias - encodeNative(unsafe.NativeToUintptr(value.Float()), bindings.WafFloatType, obj) - - // Strings - case kind == reflect.String: // string type - encoder.encodeString(value.String(), obj) - - case (kind == reflect.Array || kind == reflect.Slice) && value.Type().Elem().Kind() == reflect.Uint8: - // Byte Arrays are skipped voluntarily because they are often used - // to do partial parsing which leads to false positives - return nil - - // Containers (internal nodes of the tree) - - // All recursive cases can only execute if the depth is superior to 0. - case depth <= 0: - // Record that there was a truncation; we will try to measure the actual depth of the object afterwards. - encoder.addTruncation(ObjectTooDeep, -1) - return errors.ErrMaxDepthExceeded - - // Either an array or a slice of an array - case kind == reflect.Array || kind == reflect.Slice: - encoder.encodeArray(value, obj, depth-1) - case kind == reflect.Map: - encoder.encodeMap(value, obj, depth-1) - case kind == reflect.Struct: - encoder.encodeStruct(value, obj, depth-1) - - default: - return errors.ErrUnsupportedValue - } - - return nil -} - -func (encoder *encoder) encodeString(str string, obj *bindings.WafObject) { - size := len(str) - if size > encoder.stringMaxSize { - str = str[:encoder.stringMaxSize] - encoder.addTruncation(StringTooLong, size) - } - encoder.cgoRefs.AllocWafString(obj, str) -} - -func getFieldNameFromType(field reflect.StructField) (string, bool) { - fieldName := field.Name - - // Private and synthetics fields - if len(fieldName) < 1 || unicode.IsLower(rune(fieldName[0])) { - return "", false - } - - // Use the json tag name as field name if present - if tag, ok := field.Tag.Lookup("json"); ok { - if i := strings.IndexByte(tag, byte(',')); i > 0 { - tag = tag[:i] - } - if len(tag) > 0 { - fieldName = tag - } - } - - return fieldName, true -} - -// encodeStruct takes a reflect.Value and a wafObject pointer and iterates on the struct field to build -// a wafObject map of type wafMapType. The specificities are the following: -// - It will only take the first encoder.containerMaxSize elements of the struct -// - If the field has a json tag it will become the field name -// - Private fields and also values producing an error at encoding will be skipped -// - Even if the element values are invalid or null we still keep them to report the field name -func (encoder *encoder) encodeStruct(value reflect.Value, obj *bindings.WafObject, depth int) { - if encoder.timer.Exhausted() { - return - } - - typ := value.Type() - nbFields := typ.NumField() - - capacity := nbFields - length := 0 - if capacity > encoder.containerMaxSize { - capacity = encoder.containerMaxSize - } - - objArray := encoder.cgoRefs.AllocWafArray(obj, bindings.WafMapType, uint64(capacity)) - for i := 0; i < nbFields; i++ { - if encoder.timer.Exhausted() { - return - } - - if length == capacity { - encoder.addTruncation(ContainerTooLarge, nbFields) - break - } - - fieldType := typ.Field(i) - fieldName, usable := getFieldNameFromType(fieldType) - if tag, ok := fieldType.Tag.Lookup(AppsecFieldTag); !usable || ok && tag == AppsecFieldTagValueIgnore { - // Either the struct field is ignored by json marshaling so can we, - // or the field was explicitly set with `ddwaf:ignore` - continue - } - - objElem := &objArray[length] - // If the Map key is of unsupported type, skip it - encoder.encodeMapKeyFromString(fieldName, objElem) - - if err := encoder.encode(value.Field(i), objElem, depth); err != nil { - // We still need to keep the map key, so we can't discard the full object, instead, we make the value a noop - encodeNative[uintptr](0, bindings.WafInvalidType, objElem) - } - - length++ - } - - // Set the length to the final number of successfully encoded elements - obj.NbEntries = uint64(length) -} - -// encodeMap takes a reflect.Value and a wafObject pointer and iterates on the map elements and returns -// a wafObject map of type wafMapType. The specificities are the following: -// - It will only take the first encoder.containerMaxSize elements of the map -// - Even if the element values are invalid or null we still keep them to report the map key -func (encoder *encoder) encodeMap(value reflect.Value, obj *bindings.WafObject, depth int) { - capacity := value.Len() - if capacity > encoder.containerMaxSize { - capacity = encoder.containerMaxSize - } - - objArray := encoder.cgoRefs.AllocWafArray(obj, bindings.WafMapType, uint64(capacity)) - - length := 0 - for iter := value.MapRange(); iter.Next(); { - if encoder.timer.Exhausted() { - return - } - - if length == capacity { - encoder.addTruncation(ContainerTooLarge, value.Len()) - break - } - - objElem := &objArray[length] - if err := encoder.encodeMapKey(iter.Key(), objElem); err != nil { - continue - } - - if err := encoder.encode(iter.Value(), objElem, depth); err != nil { - // We still need to keep the map key, so we can't discard the full object, instead, we make the value a noop - encodeNative[uintptr](0, bindings.WafInvalidType, objElem) - } - - length++ - } - - // Fix the size because we skipped map entries - obj.NbEntries = uint64(length) -} - -// encodeMapKey takes a reflect.Value and a wafObject and returns a wafObject ready to be considered a map entry. We use -// the function cgoRefPool.AllocWafMapKey to store the key in the wafObject. But first we need to grab the real -// underlying value by recursing through the pointer and interface values. -func (encoder *encoder) encodeMapKey(value reflect.Value, obj *bindings.WafObject) error { - value, kind := resolvePointer(value) - - var keyStr string - switch { - case kind == reflect.Invalid: - return errors.ErrInvalidMapKey - case kind == reflect.String: - keyStr = value.String() - case value.Type() == reflect.TypeOf([]byte(nil)): - keyStr = string(value.Bytes()) - default: - return errors.ErrInvalidMapKey - } - - encoder.encodeMapKeyFromString(keyStr, obj) - return nil -} - -// encodeMapKeyFromString takes a string and a wafObject and sets the map key attribute on the wafObject to the supplied -// string. The key may be truncated if it exceeds the maximum string size allowed by the encoder. -func (encoder *encoder) encodeMapKeyFromString(keyStr string, obj *bindings.WafObject) { - size := len(keyStr) - if size > encoder.stringMaxSize { - keyStr = keyStr[:encoder.stringMaxSize] - encoder.addTruncation(StringTooLong, size) - } - - encoder.cgoRefs.AllocWafMapKey(obj, keyStr) -} - -// encodeArray takes a reflect.Value and a wafObject pointer and iterates on the elements and returns -// a wafObject array of type wafArrayType. The specificities are the following: -// - It will only take the first encoder.containerMaxSize elements of the array -// - Elements producing an error at encoding or null values will be skipped -func (encoder *encoder) encodeArray(value reflect.Value, obj *bindings.WafObject, depth int) { - length := value.Len() - - capacity := length - if capacity > encoder.containerMaxSize { - capacity = encoder.containerMaxSize - } - - currIndex := 0 - - objArray := encoder.cgoRefs.AllocWafArray(obj, bindings.WafArrayType, uint64(capacity)) - - for i := 0; i < length; i++ { - if encoder.timer.Exhausted() { - return - } - if currIndex == capacity { - encoder.addTruncation(ContainerTooLarge, length) - break - } - - objElem := &objArray[currIndex] - if err := encoder.encode(value.Index(i), objElem, depth); err != nil { - continue - } - - // If the element is null or invalid it has no impact on the waf execution, therefore we can skip its - // encoding. In this specific case we just overwrite it at the next loop iteration. - if objElem == nil || objElem.IsUnusable() { - continue - } - - currIndex++ - } - - // Fix the size because we skipped map entries - obj.NbEntries = uint64(currIndex) -} - -func (encoder *encoder) addTruncation(reason TruncationReason, size int) { - if encoder.truncations == nil { - encoder.truncations = make(map[TruncationReason][]int, 3) - } - encoder.truncations[reason] = append(encoder.truncations[reason], size) -} - -// mesureObjectDepth traverses the provided object recursively to try and obtain -// the real object depth, but limits itself to about 1ms of time budget, past -// which it'll stop and return whatever it has go to so far. -func (encoder *encoder) measureObjectDepth(obj reflect.Value, timeout time.Duration) { - ctx, cancelCtx := context.WithTimeout(context.Background(), timeout) - defer cancelCtx() - - depth, _ := depthOf(ctx, obj) - encoder.truncations[ObjectTooDeep] = []int{depth} -} - -// depthOf returns the depth of the provided object. This is 0 for scalar values, -// such as strings. -func depthOf(ctx context.Context, obj reflect.Value) (depth int, err error) { - if err = ctx.Err(); err != nil { - // Timed out, won't go any deeper - return 0, err - } - - obj, kind := resolvePointer(obj) - - var itemDepth int - switch kind { - case reflect.Array, reflect.Slice: - if obj.Type() == reflect.TypeOf([]byte(nil)) { - // We treat byte slices as strings - return 0, nil - } - for i := 0; i < obj.Len(); i++ { - itemDepth, err = depthOf(ctx, obj.Index(i)) - depth = max(depth, itemDepth) - if err != nil { - break - } - } - return depth + 1, err - case reflect.Map: - for iter := obj.MapRange(); iter.Next(); { - itemDepth, err = depthOf(ctx, iter.Value()) - depth = max(depth, itemDepth) - if err != nil { - break - } - } - return depth + 1, err - case reflect.Struct: - typ := obj.Type() - for i := 0; i < obj.NumField(); i++ { - fieldType := typ.Field(i) - _, usable := getFieldNameFromType(fieldType) - if !usable { - continue - } - - itemDepth, err = depthOf(ctx, obj.Field(i)) - depth = max(depth, itemDepth) - if err != nil { - break - } - } - return depth + 1, err - default: - return 0, nil - } -} - -// resovlePointer attempts to resolve a pointer while limiting the pointer depth -// to be traversed, so that this is not susceptible to an infinite loop when -// provided a self-referencing pointer. -func resolvePointer(obj reflect.Value) (reflect.Value, reflect.Kind) { - kind := obj.Kind() - for limit := 8; limit > 0 && kind == reflect.Pointer || kind == reflect.Interface; limit-- { - if obj.IsNil() { - return obj, kind - } - obj = obj.Elem() - kind = obj.Kind() - } - return obj, kind -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/errors/support.go b/vendor/github.com/DataDog/go-libddwaf/v3/errors/support.go deleted file mode 100644 index 79fbe1da..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/errors/support.go +++ /dev/null @@ -1,45 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package errors - -import ( - "fmt" - "runtime" -) - -// UnsupportedOSArchError is a wrapper error type helping to handle the error -// case of trying to execute this package when the OS or architecture is not supported. -type UnsupportedOSArchError struct { - Os string - Arch string -} - -func (e UnsupportedOSArchError) Error() string { - return fmt.Sprintf("unsupported OS/Arch: %s/%s", e.Os, e.Arch) -} - -// UnsupportedGoVersionError is a wrapper error type helping to handle the error -// case of trying to execute this package when the Go version is not supported. -type UnsupportedGoVersionError struct{} - -func (e UnsupportedGoVersionError) Error() string { - return fmt.Sprintf("unsupported Go version: %s", runtime.Version()) -} - -type CgoDisabledError struct{} - -func (e CgoDisabledError) Error() string { - return "go-libddwaf is disabled when cgo is disabled unless you compile with the go build tag `appsec`. It will require libdl.so.2. libpthread.so.0 and libc.so.6 shared libraries at run time on linux" -} - -// ManuallyDisabledError is a wrapper error type helping to handle the error -// case of trying to execute this package when the WAF has been manually disabled with -// the `datadog.no_waf` go build tag. -type ManuallyDisabledError struct{} - -func (e ManuallyDisabledError) Error() string { - return "the WAF has been manually disabled using the `datadog.no_waf` go build tag" -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/errors/waf.go b/vendor/github.com/DataDog/go-libddwaf/v3/errors/waf.go deleted file mode 100644 index edc77455..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/errors/waf.go +++ /dev/null @@ -1,76 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package errors - -import ( - "errors" - "fmt" -) - -// Encoder/Decoder errors -var ( - ErrMaxDepthExceeded = errors.New("max depth exceeded") - ErrUnsupportedValue = errors.New("unsupported Go value") - ErrInvalidMapKey = errors.New("invalid WAF object map key") - ErrNilObjectPtr = errors.New("nil WAF object pointer") - ErrInvalidObjectType = errors.New("invalid type encountered when decoding") - ErrTooManyIndirections = errors.New("too many indirections") -) - -// RunError the WAF can return when running it. -type RunError int - -// Errors the WAF can return when running it. -const ( - ErrInternal RunError = iota + 1 - ErrInvalidObject - ErrInvalidArgument - ErrTimeout - ErrOutOfMemory - ErrEmptyRuleAddresses -) - -var errorStrMap = map[RunError]string{ - ErrInternal: "internal waf error", - ErrInvalidObject: "invalid waf object", - ErrInvalidArgument: "invalid waf argument", - ErrTimeout: "waf timeout", - ErrOutOfMemory: "out of memory", - ErrEmptyRuleAddresses: "empty rule addresses", -} - -// Error returns the string representation of the RunError. -func (e RunError) Error() string { - description, ok := errorStrMap[e] - if !ok { - return fmt.Sprintf("unknown waf error %d", e) - } - - return description -} - -// PanicError is an error type wrapping a recovered panic value that happened -// during a function call. Such error must be considered unrecoverable and be -// used to try to gracefully abort. Keeping using this package after such an -// error is unreliable and the caller must rather stop using the library. -// Examples include safety checks errors. -type PanicError struct { - // The recovered panic error while executing the function `in`. - Err error - // The function symbol name that was given to `tryCall()`. - In string -} - -// Unwrap the error and return it. -// Required by errors.Is and errors.As functions. -func (e *PanicError) Unwrap() error { - return e.Err -} - -// Error returns the error string representation. -func (e *PanicError) Error() string { - return fmt.Sprintf("panic while executing %s: %#+v", e.In, e.Err) -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/handle.go b/vendor/github.com/DataDog/go-libddwaf/v3/handle.go deleted file mode 100644 index 799c847f..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/handle.go +++ /dev/null @@ -1,258 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package waf - -import ( - "errors" - "fmt" - "sync/atomic" - "time" - - wafErrors "github.com/DataDog/go-libddwaf/v3/errors" - "github.com/DataDog/go-libddwaf/v3/internal/bindings" - "github.com/DataDog/go-libddwaf/v3/internal/unsafe" - "github.com/DataDog/go-libddwaf/v3/timer" -) - -// Handle represents an instance of the WAF for a given ruleset. -type Handle struct { - // diagnostics holds information about rules initialization - diagnostics Diagnostics - - // Lock-less reference counter avoiding blocking calls to the Close() method - // while WAF contexts are still using the WAF handle. Instead, we let the - // release actually happen only when the reference counter reaches 0. - // This can happen either from a request handler calling its WAF context's - // Close() method, or either from the appsec instance calling the WAF - // handle's Close() method when creating a new WAF handle with new rules. - // Note that this means several instances of the WAF can exist at the same - // time with their own set of rules. This choice was done to be able to - // efficiently update the security rules concurrently, without having to - // block the request handlers for the time of the security rules update. - refCounter atomic.Int32 - - // Instance of the WAF - cHandle bindings.WafHandle -} - -// NewHandle creates and returns a new instance of the WAF with the given security rules and configuration -// of the sensitive data obfuscator. The returned handle is nil in case of an error. -// Rules-related metrics, including errors, are accessible with the `RulesetInfo()` method. -func NewHandle(rules any, keyObfuscatorRegex string, valueObfuscatorRegex string) (*Handle, error) { - // The order of action is the following: - // - Open the ddwaf C library - // - Encode the security rules as a ddwaf_object - // - Create a ddwaf_config object and fill the values - // - Run ddwaf_init to create a new handle based on the given rules and config - // - Check for errors and streamline the ddwaf_ruleset_info returned - - if ok, err := Load(); !ok { - return nil, err - // The case where ok == true && err != nil is ignored on purpose, as - // this is out of the scope of NewHandle which only requires a properly - // loaded libddwaf in order to use it - } - - encoder := newMaxEncoder() - obj, err := encoder.Encode(rules) - if err != nil { - return nil, fmt.Errorf("could not encode the WAF ruleset into a WAF object: %w", err) - } - - config := newConfig(&encoder.cgoRefs, keyObfuscatorRegex, valueObfuscatorRegex) - diagnosticsWafObj := new(bindings.WafObject) - defer wafLib.WafObjectFree(diagnosticsWafObj) - - cHandle := wafLib.WafInit(obj, config, diagnosticsWafObj) - unsafe.KeepAlive(encoder.cgoRefs) // Keep this AFTER the call to wafLib.WafInit - - return newHandle(cHandle, diagnosticsWafObj) -} - -// newHandle creates a new Handle from a C handle (nullable) and a diagnostics object. -// and it handles the multiple ways a WAF initialization can fail. -func newHandle(cHandle bindings.WafHandle, diagnosticsWafObj *bindings.WafObject) (*Handle, error) { - diags, diagsErr := decodeDiagnostics(diagnosticsWafObj) - if cHandle == 0 && diagsErr != nil { // WAF Failed initialization and we manage to decode the diagnostics, return the diagnostics error - if err := diags.TopLevelError(); err != nil { - return nil, fmt.Errorf("could not instantiate the WAF: %w", err) - } - } - - if cHandle == 0 { - // WAF Failed initialization, report the best possible error... - return nil, errors.New("could not instantiate the WAF") - } - - // The WAF successfully initialized at this stage but if the diagnostics decoding failed, we still need to cleanup - if diagsErr != nil { - wafLib.WafDestroy(cHandle) - return nil, fmt.Errorf("could not decode the WAF diagnostics: %w", diagsErr) - } - - handle := &Handle{ - cHandle: cHandle, - diagnostics: diags, - } - - handle.refCounter.Store(1) // We count the handle itself in the counter - return handle, nil -} - -// NewContext returns a new WAF context for the given WAF handle. -// A nil value is returned when the WAF handle was released or when the -// WAF context couldn't be created. -func (handle *Handle) NewContext() (*Context, error) { - return handle.NewContextWithBudget(timer.UnlimitedBudget) -} - -// NewContextWithBudget returns a new WAF context for the given WAF handle. -// A nil value is returned when the WAF handle was released or when the -// WAF context couldn't be created. -func (handle *Handle) NewContextWithBudget(budget time.Duration) (*Context, error) { - // Handle has been released - if !handle.retain() { - return nil, fmt.Errorf("handle was released") - } - - cContext := wafLib.WafContextInit(handle.cHandle) - if cContext == 0 { - handle.release() // We couldn't get a context, so we no longer have an implicit reference to the Handle in it... - return nil, fmt.Errorf("could not get C context") - } - - timer, err := timer.NewTreeTimer(timer.WithBudget(budget), timer.WithComponents(wafRunTag)) - if err != nil { - return nil, err - } - - return &Context{ - handle: handle, - cContext: cContext, - timer: timer, - metrics: metricsStore{data: make(map[metricKey]time.Duration, 5)}, - truncations: make(map[Scope]map[TruncationReason][]int, 2), - timeoutCount: map[Scope]*atomic.Uint64{ - DefaultScope: new(atomic.Uint64), - RASPScope: new(atomic.Uint64), - }, - }, nil -} - -// Diagnostics returns the rules initialization metrics for the current WAF handle -func (handle *Handle) Diagnostics() Diagnostics { - return handle.diagnostics -} - -// Addresses returns the list of addresses the WAF has been configured to monitor based on the input ruleset -func (handle *Handle) Addresses() []string { - return wafLib.WafKnownAddresses(handle.cHandle) -} - -// Actions returns the list of actions the WAF has been configured to monitor based on the input ruleset -func (handle *Handle) Actions() []string { - return wafLib.WafKnownActions(handle.cHandle) -} - -// Update the ruleset of a WAF instance into a new handle on its own -// the previous handle still needs to be closed manually -func (handle *Handle) Update(newRules any) (*Handle, error) { - encoder := newMaxEncoder() - obj, err := encoder.Encode(newRules) - if err != nil { - return nil, fmt.Errorf("could not encode the WAF ruleset into a WAF object: %w", err) - } - - diagnosticsWafObj := new(bindings.WafObject) - defer wafLib.WafObjectFree(diagnosticsWafObj) - - return newHandle(wafLib.WafUpdate(handle.cHandle, obj, diagnosticsWafObj), diagnosticsWafObj) -} - -// Close puts the handle in termination state, when all the contexts are closed the handle will be destroyed -func (handle *Handle) Close() { - if handle.addRefCounter(-1) != 0 { - // Either the counter is still positive (this Handle is still referenced), or it had previously - // reached 0 and some other call has done the cleanup already. - return - } - - wafLib.WafDestroy(handle.cHandle) - handle.diagnostics = Diagnostics{} // Data in diagnostics may no longer be valid (e.g: strings from libddwaf) - handle.cHandle = 0 // Makes it easy to spot use-after-free/double-free issues -} - -// retain increments the reference counter of this Handle. Returns true if the -// Handle is still valid, false if it is no longer usable. Calls to retain() -// must be balanced with calls to release() in order to avoid leaking Handles. -func (handle *Handle) retain() bool { - return handle.addRefCounter(1) > 0 -} - -// release decrements the reference counter of this Handle, possibly causing it -// to be completely closed if no other reference to it exist. -func (handle *Handle) release() { - handle.Close() -} - -// addRefCounter adds x to Handle.refCounter. The return valid indicates whether the refCounter reached 0 as part of -// this call or not, which can be used to perform "only-once" activities: -// - result > 0 => the Handle is still usable -// - result == 0 => the handle is no longer usable, ref counter reached 0 as part of this call -// - result == -1 => the handle is no longer usable, ref counter was already 0 previously -func (handle *Handle) addRefCounter(x int32) int32 { - // We use a CAS loop to avoid setting the refCounter to a negative value. - for { - current := handle.refCounter.Load() - if current <= 0 { - // The object had already been released - return -1 - } - - next := current + x - if swapped := handle.refCounter.CompareAndSwap(current, next); swapped { - if next < 0 { - // TODO(romain.marcadier): somehow signal unexpected behavior to the - // caller (panic? error?). We currently clamp to 0 in order to avoid - // causing a customer program crash, but this is the symptom of a bug - // and should be investigated (however this clamping hides the issue). - return 0 - } - return next - } - } -} - -func newConfig(cgoRefs *cgoRefPool, keyObfuscatorRegex string, valueObfuscatorRegex string) *bindings.WafConfig { - config := new(bindings.WafConfig) - *config = bindings.WafConfig{ - Limits: bindings.WafConfigLimits{ - MaxContainerDepth: bindings.WafMaxContainerDepth, - MaxContainerSize: bindings.WafMaxContainerSize, - MaxStringLength: bindings.WafMaxStringLength, - }, - Obfuscator: bindings.WafConfigObfuscator{ - KeyRegex: cgoRefs.AllocCString(keyObfuscatorRegex), - ValueRegex: cgoRefs.AllocCString(valueObfuscatorRegex), - }, - // Prevent libddwaf from freeing our Go-memory-allocated ddwaf_objects - FreeFn: 0, - } - return config -} - -func goRunError(rc bindings.WafReturnCode) error { - switch rc { - case bindings.WafErrInternal: - return wafErrors.ErrInternal - case bindings.WafErrInvalidObject: - return wafErrors.ErrInvalidObject - case bindings.WafErrInvalidArgument: - return wafErrors.ErrInvalidArgument - default: - return fmt.Errorf("unknown waf return code %d", int(rc)) - } -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/ctypes.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/ctypes.go deleted file mode 100644 index ba21f902..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/ctypes.go +++ /dev/null @@ -1,113 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package bindings - -const ( - WafMaxStringLength = 4096 - WafMaxContainerDepth = 20 - WafMaxContainerSize = 256 - WafRunTimeout = 5000 -) - -type WafReturnCode int32 - -const ( - WafErrInternal WafReturnCode = iota - 3 - WafErrInvalidObject - WafErrInvalidArgument - WafOK - WafMatch -) - -// wafObjectType is an enum in C which has the size of DWORD. -// But DWORD is 4 bytes in amd64 and arm64 so uint32 it is. -type WafObjectType uint32 - -const WafInvalidType WafObjectType = 0 -const ( - WafIntType WafObjectType = 1 << iota - WafUintType - WafStringType - WafArrayType - WafMapType - WafBoolType - WafFloatType - WafNilType -) - -type WafObject struct { - ParameterName uintptr - ParameterNameLength uint64 - Value uintptr - NbEntries uint64 - Type WafObjectType - _ [4]byte - // Forced padding - // We only support 2 archs and cgo generated the same padding to both. - // We don't want the C struct to be packed because actually go will do the same padding itself, - // we just add it explicitly to not take any chance. - // And we cannot pack a struct in go so it will get tricky if the struct is - // packed (apart from breaking all tracers of course) -} - -// isInvalid determines whether this WAF Object has the invalid type (which is the 0-value). -func (w *WafObject) IsInvalid() bool { - return w.Type == WafInvalidType -} - -// isNil determines whether this WAF Object is nil or not. -func (w *WafObject) IsNil() bool { - return w.Type == WafNilType -} - -// isArray determines whether this WAF Object is an array or not. -func (w *WafObject) IsArray() bool { - return w.Type == WafArrayType -} - -// isMap determines whether this WAF Object is a map or not. -func (w *WafObject) IsMap() bool { - return w.Type == WafMapType -} - -// IsUnusable returns true if the wafObject has no impact on the WAF execution -// But we still need this kind of objects to forward map keys in case the value of the map is invalid -func (wo *WafObject) IsUnusable() bool { - return wo.Type == WafInvalidType || wo.Type == WafNilType -} - -type WafConfig struct { - Limits WafConfigLimits - Obfuscator WafConfigObfuscator - FreeFn uintptr -} - -type WafConfigLimits struct { - MaxContainerSize uint32 - MaxContainerDepth uint32 - MaxStringLength uint32 -} - -type WafConfigObfuscator struct { - KeyRegex uintptr // char * - ValueRegex uintptr // char * -} - -type WafResult struct { - Timeout byte - Events WafObject - Actions WafObject - Derivatives WafObject - TotalRuntime uint64 -} - -// wafHandle is a forward declaration in ddwaf.h header -// We basically don't need to modify it, only to give it to the waf -type WafHandle uintptr - -// wafContext is a forward declaration in ddwaf.h header -// We basically don't need to modify it, only to give it to the waf -type WafContext uintptr diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/safe.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/safe.go deleted file mode 100644 index 5b2559c6..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/safe.go +++ /dev/null @@ -1,48 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package bindings - -import ( - wafErrors "github.com/DataDog/go-libddwaf/v3/errors" - - "fmt" - "reflect" - "runtime" - - "github.com/pkg/errors" -) - -func newPanicError(in any, err error) *wafErrors.PanicError { - return &wafErrors.PanicError{ - In: runtime.FuncForPC(reflect.ValueOf(in).Pointer()).Name(), - Err: err, - } -} - -// tryCall calls function `f` and recovers from any panic occurring while it -// executes, returning it in a `PanicError` object type. -func tryCall[T any](f func() T) (res T, err error) { - defer func() { - r := recover() - if r == nil { - // Note that panic(nil) matches this case and cannot be really tested for. - return - } - - switch actual := r.(type) { - case error: - err = errors.WithStack(actual) - case string: - err = errors.New(actual) - default: - err = fmt.Errorf("%v", r) - } - - err = newPanicError(f, err) - }() - res = f() - return -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/waf_dl.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/waf_dl.go deleted file mode 100644 index a8b96925..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/waf_dl.go +++ /dev/null @@ -1,238 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build (linux || darwin) && (amd64 || arm64) && !go1.24 && !datadog.no_waf && (cgo || appsec) - -package bindings - -import ( - "errors" - "fmt" - "os" - - "github.com/DataDog/go-libddwaf/v3/internal/lib" - "github.com/DataDog/go-libddwaf/v3/internal/log" - "github.com/DataDog/go-libddwaf/v3/internal/unsafe" - "github.com/ebitengine/purego" -) - -// WafDl is the type wrapper for all C calls to the waf -// It uses `libwaf` to make C calls -// All calls must go through this one-liner to be type safe -// since purego calls are not type safe -type WafDl struct { - wafSymbols - handle uintptr -} - -type wafSymbols struct { - init uintptr - update uintptr - destroy uintptr - knownAddresses uintptr - knownActions uintptr - getVersion uintptr - contextInit uintptr - contextDestroy uintptr - objectFree uintptr - resultFree uintptr - run uintptr -} - -// NewWafDl loads the libddwaf shared library and resolves all tge relevant symbols. -// The caller is responsible for calling wafDl.Close on the returned object once they -// are done with it so that associated resources can be released. -func NewWafDl() (dl *WafDl, err error) { - path, closer, err := lib.DumpEmbeddedWAF() - if err != nil { - return nil, fmt.Errorf("dump embedded WAF: %w", err) - } - defer func() { - if rmErr := closer(); rmErr != nil { - err = errors.Join(err, fmt.Errorf("error removing %s: %w", path, rmErr)) - } - }() - - var handle uintptr - if handle, err = purego.Dlopen(path, purego.RTLD_GLOBAL|purego.RTLD_NOW); err != nil { - return nil, fmt.Errorf("load a dynamic library file: %w", err) - } - - var symbols wafSymbols - if symbols, err = resolveWafSymbols(handle); err != nil { - if closeErr := purego.Dlclose(handle); closeErr != nil { - err = errors.Join(err, fmt.Errorf("error released the shared libddwaf library: %w", closeErr)) - } - return - } - - dl = &WafDl{symbols, handle} - - // Try calling the waf to make sure everything is fine - if _, err = tryCall(dl.WafGetVersion); err != nil { - if closeErr := purego.Dlclose(handle); closeErr != nil { - err = errors.Join(err, fmt.Errorf("error released the shared libddwaf library: %w", closeErr)) - } - return - } - - if val := os.Getenv(log.EnvVarLogLevel); val != "" { - setLogSym, symErr := purego.Dlsym(handle, "ddwaf_set_log_cb") - if symErr != nil { - return nil, fmt.Errorf("get symbol: %w", symErr) - } - logLevel := log.LevelNamed(val) - dl.syscall(setLogSym, log.CallbackFunctionPointer(), uintptr(logLevel)) - } - - return -} - -func (waf *WafDl) Close() error { - return purego.Dlclose(waf.handle) -} - -// WafGetVersion returned string is a static string so we do not need to free it -func (waf *WafDl) WafGetVersion() string { - return unsafe.Gostring(unsafe.Cast[byte](waf.syscall(waf.getVersion))) -} - -// WafInit initializes a new WAF with the provided ruleset, configuration and info objects. A -// cgoRefPool ensures that the provided input values are not moved or garbage collected by the Go -// runtime during the WAF call. -func (waf *WafDl) WafInit(ruleset *WafObject, config *WafConfig, info *WafObject) WafHandle { - handle := WafHandle(waf.syscall(waf.init, unsafe.PtrToUintptr(ruleset), unsafe.PtrToUintptr(config), unsafe.PtrToUintptr(info))) - unsafe.KeepAlive(ruleset) - unsafe.KeepAlive(config) - unsafe.KeepAlive(info) - return handle -} - -func (waf *WafDl) WafUpdate(handle WafHandle, ruleset *WafObject, info *WafObject) WafHandle { - newHandle := WafHandle(waf.syscall(waf.update, uintptr(handle), unsafe.PtrToUintptr(ruleset), unsafe.PtrToUintptr(info))) - unsafe.KeepAlive(ruleset) - unsafe.KeepAlive(info) - return newHandle -} - -func (waf *WafDl) WafDestroy(handle WafHandle) { - waf.syscall(waf.destroy, uintptr(handle)) - unsafe.KeepAlive(handle) -} - -func (waf *WafDl) wafKnownX(handle WafHandle, symbol uintptr) []string { - var nbAddresses uint32 - - arrayVoidC := waf.syscall(symbol, uintptr(handle), unsafe.PtrToUintptr(&nbAddresses)) - if arrayVoidC == 0 { - return nil - } - - // These C strings are static strings so we do not need to free them - addresses := make([]string, int(nbAddresses)) - for i := 0; i < int(nbAddresses); i++ { - addresses[i] = unsafe.Gostring(*unsafe.CastWithOffset[*byte](arrayVoidC, uint64(i))) - } - - unsafe.KeepAlive(&nbAddresses) - unsafe.KeepAlive(handle) - - return addresses -} - -func (waf *WafDl) WafKnownAddresses(handle WafHandle) []string { - return waf.wafKnownX(handle, waf.knownAddresses) -} - -func (waf *WafDl) WafKnownActions(handle WafHandle) []string { - return waf.wafKnownX(handle, waf.knownActions) -} - -func (waf *WafDl) WafContextInit(handle WafHandle) WafContext { - ctx := WafContext(waf.syscall(waf.contextInit, uintptr(handle))) - unsafe.KeepAlive(handle) - return ctx -} - -func (waf *WafDl) WafContextDestroy(context WafContext) { - waf.syscall(waf.contextDestroy, uintptr(context)) - unsafe.KeepAlive(context) -} - -func (waf *WafDl) WafResultFree(result *WafResult) { - waf.syscall(waf.resultFree, unsafe.PtrToUintptr(result)) - unsafe.KeepAlive(result) -} - -func (waf *WafDl) WafObjectFree(obj *WafObject) { - waf.syscall(waf.objectFree, unsafe.PtrToUintptr(obj)) - unsafe.KeepAlive(obj) -} - -func (waf *WafDl) WafRun(context WafContext, persistentData, ephemeralData *WafObject, result *WafResult, timeout uint64) WafReturnCode { - rc := WafReturnCode(waf.syscall(waf.run, uintptr(context), unsafe.PtrToUintptr(persistentData), unsafe.PtrToUintptr(ephemeralData), unsafe.PtrToUintptr(result), uintptr(timeout))) - unsafe.KeepAlive(context) - unsafe.KeepAlive(persistentData) - unsafe.KeepAlive(ephemeralData) - unsafe.KeepAlive(result) - unsafe.KeepAlive(timeout) - return rc -} - -func (waf *WafDl) Handle() uintptr { - return waf.handle -} - -// syscall is the only way to make C calls with this interface. -// purego implementation limits the number of arguments to 9, it will panic if more are provided -// Note: `purego.SyscallN` has 3 return values: these are the following: -// -// 1st - The return value is a pointer or a int of any type -// 2nd - The return value is a float -// 3rd - The value of `errno` at the end of the call -func (waf *WafDl) syscall(fn uintptr, args ...uintptr) uintptr { - ret, _, _ := purego.SyscallN(fn, args...) - return ret -} - -// resolveWafSymbols resolves relevant symbols from the libddwaf shared library using the provided -// purego.Dlopen handle. -func resolveWafSymbols(handle uintptr) (symbols wafSymbols, err error) { - if symbols.init, err = purego.Dlsym(handle, "ddwaf_init"); err != nil { - return - } - if symbols.update, err = purego.Dlsym(handle, "ddwaf_update"); err != nil { - return - } - if symbols.destroy, err = purego.Dlsym(handle, "ddwaf_destroy"); err != nil { - return - } - if symbols.knownAddresses, err = purego.Dlsym(handle, "ddwaf_known_addresses"); err != nil { - return - } - if symbols.knownActions, err = purego.Dlsym(handle, "ddwaf_known_actions"); err != nil { - return - } - if symbols.getVersion, err = purego.Dlsym(handle, "ddwaf_get_version"); err != nil { - return - } - if symbols.contextInit, err = purego.Dlsym(handle, "ddwaf_context_init"); err != nil { - return - } - if symbols.contextDestroy, err = purego.Dlsym(handle, "ddwaf_context_destroy"); err != nil { - return - } - if symbols.resultFree, err = purego.Dlsym(handle, "ddwaf_result_free"); err != nil { - return - } - if symbols.objectFree, err = purego.Dlsym(handle, "ddwaf_object_free"); err != nil { - return - } - if symbols.run, err = purego.Dlsym(handle, "ddwaf_run"); err != nil { - return - } - - return -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/waf_dl_unsupported.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/waf_dl_unsupported.go deleted file mode 100644 index 9745bef1..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/bindings/waf_dl_unsupported.go +++ /dev/null @@ -1,55 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Build when the target OS or architecture are not supported -//go:build (!linux && !darwin) || (!amd64 && !arm64) || go1.24 || datadog.no_waf || (!cgo && !appsec) - -package bindings - -type WafDl struct{} - -func NewWafDl() (dl *WafDl, err error) { - return nil, nil -} - -func (waf *WafDl) WafGetVersion() string { - return "" -} - -func (waf *WafDl) WafInit(obj *WafObject, config *WafConfig, info *WafObject) WafHandle { - return 0 -} - -func (waf *WafDl) WafUpdate(handle WafHandle, ruleset *WafObject, info *WafObject) WafHandle { - return 0 -} - -func (waf *WafDl) WafDestroy(handle WafHandle) { -} - -func (waf *WafDl) WafKnownAddresses(handle WafHandle) []string { - return nil -} - -func (waf *WafDl) WafKnownActions(handle WafHandle) []string { - return nil -} - -func (waf *WafDl) WafContextInit(handle WafHandle) WafContext { - return 0 -} - -func (waf *WafDl) WafContextDestroy(context WafContext) { -} - -func (waf *WafDl) WafResultFree(result *WafResult) { -} - -func (waf *WafDl) WafObjectFree(obj *WafObject) { -} - -func (waf *WafDl) WafRun(context WafContext, persistentData, ephemeralData *WafObject, result *WafResult, timeout uint64) WafReturnCode { - return WafErrInternal -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/.version b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/.version deleted file mode 100644 index 1acb46a4..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/.version +++ /dev/null @@ -1 +0,0 @@ -1.20.1 \ No newline at end of file diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/README.md b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/README.md deleted file mode 100644 index 010d41bf..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/README.md +++ /dev/null @@ -1,21 +0,0 @@ -## Embedded WAF libraries - -This directory contains Datadog's WAF static libraries taken from the releases -of https://github.com/DataDog/libddwaf - -### Updating - -From the root of the repository, run: - -```console -./_tools/libddwaf-updater/update.sh -Will upgrade from v1.14.0 to v1.15.0 -... downloaded /Datadog/go-libddwaf/include/ddwaf.h -... downloaded /Datadog/go-libddwaf/lib/darwin-arm64/libddwaf.dylib -... downloaded /Datadog/go-libddwaf/lib/darwin-amd64/libddwaf.dylib -... downloaded /Datadog/go-libddwaf/lib/linux-arm64/libddwaf.so -... downloaded /Datadog/go-libddwaf/lib/linux-amd64/libddwaf.so -... downloaded /Datadog/go-libddwaf/lib/linux-armv7/libddwaf.so -... downloaded /Datadog/go-libddwaf/lib/linux-i386/libddwaf.so -All done! Don't forget to check in changes to include/ and lib/, check the libddwaf upgrade guide to update bindings! -``` diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/doc.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/doc.go deleted file mode 100644 index 5f44fb80..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Package lib provides a built-in WAF library version for the relevant runtime platform. -package lib diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/dump_waf_darwin.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/dump_waf_darwin.go deleted file mode 100644 index b0ec8e10..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/dump_waf_darwin.go +++ /dev/null @@ -1,57 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build darwin && (amd64 || arm64) && !go1.24 && !datadog.no_waf && (cgo || appsec) - -package lib - -import ( - "bytes" - "compress/gzip" - _ "embed" - "errors" - "fmt" - "io" - "os" -) - -// DumpEmbeddedWAF for darwin platform. -// DumpEmbeddedWAF creates a temporary file with the embedded WAF library content and returns the path to the file, -// a closer function and an error. This is the only way to make all implementations of DumpEmbeddedWAF consistent -// across all platforms. -func DumpEmbeddedWAF() (path string, closer func() error, err error) { - file, err := os.CreateTemp("", "libddwaf-*.dylib") - if err != nil { - return "", nil, fmt.Errorf("error creating temp file: %w", err) - } - - defer func() { - if err != nil { - if closeErr := file.Close(); closeErr != nil { - err = errors.Join(err, fmt.Errorf("error closing file: %w", closeErr)) - } - if rmErr := os.Remove(file.Name()); rmErr != nil { - err = errors.Join(err, fmt.Errorf("error removing file: %w", rmErr)) - } - } - }() - - gr, err := gzip.NewReader(bytes.NewReader(libddwaf)) - if err != nil { - return "", nil, fmt.Errorf("error creating gzip reader: %w", err) - } - - if _, err := io.Copy(file, gr); err != nil { - return "", nil, fmt.Errorf("error copying gzip content to file: %w", err) - } - - if err := gr.Close(); err != nil { - return "", nil, fmt.Errorf("error closing gzip reader: %w", err) - } - - return file.Name(), func() error { - return errors.Join(file.Close(), os.Remove(file.Name())) - }, nil -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/dump_waf_linux.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/dump_waf_linux.go deleted file mode 100644 index c2767fba..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/dump_waf_linux.go +++ /dev/null @@ -1,58 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build linux && (amd64 || arm64) && !go1.24 && !datadog.no_waf && (cgo || appsec) - -package lib - -import ( - "bytes" - "compress/gzip" - "errors" - "fmt" - "io" - "os" - - "golang.org/x/sys/unix" -) - -// DumpEmbeddedWAF for linux systems. -// It creates a memfd and writes the embedded WAF library to it. Then it returns the path the /proc/self/fd/ path -// to the file. This trick makes us able to load the library without having to write it to disk. -// Hence, making go-libddwaf work on full read-only filesystems. -func DumpEmbeddedWAF() (path string, closer func() error, err error) { - fd, err := unix.MemfdCreate("libddwaf", 0) - if err != nil { - return "", nil, fmt.Errorf("error creating memfd: %w", err) - } - - file := os.NewFile(uintptr(fd), fmt.Sprintf("/proc/self/fd/%d", fd)) - if file == nil { - return "", nil, errors.New("error creating file from fd") - } - - defer func() { - if file != nil && err != nil { - if closeErr := file.Close(); closeErr != nil { - err = errors.Join(err, fmt.Errorf("error closing file: %w", closeErr)) - } - } - }() - - gr, err := gzip.NewReader(bytes.NewReader(libddwaf)) - if err != nil { - return "", nil, fmt.Errorf("error creating gzip reader: %w", err) - } - - if _, err := io.Copy(file, gr); err != nil { - return "", nil, fmt.Errorf("error copying gzip content to memfd: %w", err) - } - - if err := gr.Close(); err != nil { - return "", nil, fmt.Errorf("error closing gzip reader: %w", err) - } - - return file.Name(), file.Close, nil -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_darwin_amd64.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_darwin_amd64.go deleted file mode 100644 index 16868569..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_darwin_amd64.go +++ /dev/null @@ -1,15 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build darwin && amd64 && !go1.24 && !datadog.no_waf && (cgo || appsec) - -package lib - -// THIS FILE IS AUTOGENERATED. DO NOT EDIT. - -import _ "embed" // Needed for go:embed - -//go:embed libddwaf-darwin-amd64.dylib.gz -var libddwaf []byte diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_darwin_arm64.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_darwin_arm64.go deleted file mode 100644 index eca7b655..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_darwin_arm64.go +++ /dev/null @@ -1,15 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build darwin && arm64 && !go1.24 && !datadog.no_waf && (cgo || appsec) - -package lib - -// THIS FILE IS AUTOGENERATED. DO NOT EDIT. - -import _ "embed" // Needed for go:embed - -//go:embed libddwaf-darwin-arm64.dylib.gz -var libddwaf []byte diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_linux_amd64.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_linux_amd64.go deleted file mode 100644 index 97d24c62..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_linux_amd64.go +++ /dev/null @@ -1,15 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build linux && amd64 && !go1.24 && !datadog.no_waf && (cgo || appsec) - -package lib - -// THIS FILE IS AUTOGENERATED. DO NOT EDIT. - -import _ "embed" // Needed for go:embed - -//go:embed libddwaf-linux-amd64.so.gz -var libddwaf []byte diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_linux_arm64.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_linux_arm64.go deleted file mode 100644 index 1f2e50af..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/lib_linux_arm64.go +++ /dev/null @@ -1,15 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build linux && arm64 && !go1.24 && !datadog.no_waf && (cgo || appsec) - -package lib - -// THIS FILE IS AUTOGENERATED. DO NOT EDIT. - -import _ "embed" // Needed for go:embed - -//go:embed libddwaf-linux-arm64.so.gz -var libddwaf []byte diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-darwin-amd64.dylib.gz b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-darwin-amd64.dylib.gz deleted file mode 100644 index 8c8a5bd8..00000000 Binary files a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-darwin-amd64.dylib.gz and /dev/null differ diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-darwin-arm64.dylib.gz b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-darwin-arm64.dylib.gz deleted file mode 100644 index eb3ce103..00000000 Binary files a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-darwin-arm64.dylib.gz and /dev/null differ diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-linux-amd64.so.gz b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-linux-amd64.so.gz deleted file mode 100644 index 4dd8d5f6..00000000 Binary files a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-linux-amd64.so.gz and /dev/null differ diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-linux-arm64.so.gz b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-linux-arm64.so.gz deleted file mode 100644 index 15c9948f..00000000 Binary files a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/libddwaf-linux-arm64.so.gz and /dev/null differ diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/version.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/version.go deleted file mode 100644 index 8c0828e9..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/lib/version.go +++ /dev/null @@ -1,13 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2024 Datadog, Inc. - -package lib - -import ( - _ "embed" // For go:embed -) - -//go:embed .version -var EmbeddedWAFVersion string diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/ddwaf.h b/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/ddwaf.h deleted file mode 100644 index b23be0e9..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/ddwaf.h +++ /dev/null @@ -1,736 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are -// dual-licensed under the Apache-2.0 License or BSD-3-Clause License. -// -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -#ifndef DDWAF_H -#define DDWAF_H - -#ifdef __cplusplus -namespace ddwaf{ -class waf; -class context_wrapper; -} // namespace ddwaf -using ddwaf_handle = ddwaf::waf *; -using ddwaf_context = ddwaf::context_wrapper *; - -extern "C" -{ -#endif - -#include -#include -#include - -#define DDWAF_MAX_STRING_LENGTH 4096 -#define DDWAF_MAX_CONTAINER_DEPTH 20 -#define DDWAF_MAX_CONTAINER_SIZE 256 -#define DDWAF_RUN_TIMEOUT 5000 - -/** - * @enum DDWAF_OBJ_TYPE - * - * Specifies the type of a ddwaf::object. - **/ -typedef enum -{ - DDWAF_OBJ_INVALID = 0, - // 64-bit signed integer type - DDWAF_OBJ_SIGNED = 1 << 0, - // 64-bit unsigned integer type - DDWAF_OBJ_UNSIGNED = 1 << 1, - // UTF-8 string of length nbEntries - DDWAF_OBJ_STRING = 1 << 2, - // Array of ddwaf_object of length nbEntries, each item having no parameterName - DDWAF_OBJ_ARRAY = 1 << 3, - // Array of ddwaf_object of length nbEntries, each item having a parameterName - DDWAF_OBJ_MAP = 1 << 4, - // Boolean type - DDWAF_OBJ_BOOL = 1 << 5, - // 64-bit float (or double) type - DDWAF_OBJ_FLOAT = 1 << 6, - // Null type, only used for its semantical value - DDWAF_OBJ_NULL = 1 << 7, -} DDWAF_OBJ_TYPE; - -/** - * @enum DDWAF_RET_CODE - * - * Codes returned by ddwaf_run. - **/ -typedef enum -{ - DDWAF_ERR_INTERNAL = -3, - DDWAF_ERR_INVALID_OBJECT = -2, - DDWAF_ERR_INVALID_ARGUMENT = -1, - DDWAF_OK = 0, - DDWAF_MATCH = 1, -} DDWAF_RET_CODE; - -/** - * @enum DDWAF_LOG_LEVEL - * - * Internal WAF log levels, to be used when setting the minimum log level and cb. - **/ -typedef enum -{ - DDWAF_LOG_TRACE, - DDWAF_LOG_DEBUG, - DDWAF_LOG_INFO, - DDWAF_LOG_WARN, - DDWAF_LOG_ERROR, - DDWAF_LOG_OFF, -} DDWAF_LOG_LEVEL; - -#ifndef __cplusplus -typedef struct _ddwaf_handle* ddwaf_handle; -typedef struct _ddwaf_context* ddwaf_context; -#endif - -typedef struct _ddwaf_object ddwaf_object; -typedef struct _ddwaf_config ddwaf_config; -typedef struct _ddwaf_result ddwaf_result; -/** - * @struct ddwaf_object - * - * Generic object used to pass data and rules to the WAF. - **/ -struct _ddwaf_object -{ - const char* parameterName; - uint64_t parameterNameLength; - // uintValue should be at least as wide as the widest type on the platform. - union - { - const char* stringValue; - uint64_t uintValue; - int64_t intValue; - ddwaf_object* array; - bool boolean; - double f64; - }; - uint64_t nbEntries; - DDWAF_OBJ_TYPE type; -}; - -/** - * @typedef ddwaf_object_free_fn - * - * Type of the function to free ddwaf::objects. - **/ -typedef void (*ddwaf_object_free_fn)(ddwaf_object *object); - -/** - * @struct ddwaf_config - * - * Configuration to be provided to the WAF - **/ -struct _ddwaf_config -{ - struct _ddwaf_config_limits { - /** Maximum size of ddwaf::object containers. */ - uint32_t max_container_size; - /** Maximum depth of ddwaf::object containers. */ - uint32_t max_container_depth; - /** Maximum length of ddwaf::object strings. */ - uint32_t max_string_length; - } limits; - - /** Obfuscator regexes - the strings are owned by the caller */ - struct _ddwaf_config_obfuscator { - /** Regular expression for key-based obfuscation */ - const char *key_regex; - /** Regular expression for value-based obfuscation */ - const char *value_regex; - } obfuscator; - - /** Function to free the ddwaf::object provided to the context during calls - * to ddwaf_run. If the value of this function is NULL, the objects will - * not be freed. The default value should be ddwaf_object_free. */ - ddwaf_object_free_fn free_fn; -}; - -/** - * @struct ddwaf_result - * - * Structure containing the result of a WAF run. - **/ -struct _ddwaf_result -{ - /** Whether there has been a timeout during the operation **/ - bool timeout; - /** Array of events generated, this is guaranteed to be an array **/ - ddwaf_object events; - /** Map of actions generated, this is guaranteed to be a map in the format: - * {action type: { }, ...} - **/ - ddwaf_object actions; - /** Map containing all derived objects in the format (address, value) **/ - ddwaf_object derivatives; - /** Total WAF runtime in nanoseconds **/ - uint64_t total_runtime; -}; - -/** - * @typedef ddwaf_log_cb - * - * Callback that powerwaf will call to relay messages to the binding. - * - * @param level The logging level. - * @param function The native function that emitted the message. (nonnull) - * @param file The file of the native function that emmitted the message. (nonnull) - * @param line The line where the message was emmitted. - * @param message The size of the logging message. NUL-terminated - * @param message_len The length of the logging message (excluding NUL terminator). - */ -typedef void (*ddwaf_log_cb)( - DDWAF_LOG_LEVEL level, const char* function, const char* file, unsigned line, - const char* message, uint64_t message_len); - -/** - * ddwaf_init - * - * Initialize a ddwaf instance - * - * @param ruleset ddwaf::object map containing rules, exclusions, rules_override and rules_data. (nonnull) - * @param config Optional configuration of the WAF. (nullable) - * @param diagnostics Optional ruleset parsing diagnostics. (nullable) - * - * @return Handle to the WAF instance or NULL on error. - * - * @note If config is NULL, default values will be used, including the default - * free function (ddwaf_object_free). - * - * @note If ruleset is NULL, the diagnostics object will not be initialised. - **/ -ddwaf_handle ddwaf_init(const ddwaf_object *ruleset, - const ddwaf_config* config, ddwaf_object *diagnostics); - -/** - * ddwaf_update - * - * Update a ddwaf instance - * - * @param ruleset ddwaf::object map containing rules, exclusions, rules_override and rules_data. (nonnull) - * @param diagnostics Optional ruleset parsing diagnostics. (nullable) - * - * @return Handle to the new WAF instance or NULL if there was an error processing the ruleset. - * - * @note If handle or ruleset are NULL, the diagnostics object will not be initialised. - * @note This function is not thread-safe - **/ -ddwaf_handle ddwaf_update(ddwaf_handle handle, const ddwaf_object *ruleset, - ddwaf_object *diagnostics); - -/** - * ddwaf_destroy - * - * Destroy a WAF instance. - * - * @param handle Handle to the WAF instance. - */ -void ddwaf_destroy(ddwaf_handle handle); - -/** - * ddwaf_known_addresses - * - * Get an array of known (root) addresses used by rules, exclusion filters and - * processors. This array contains both required and optional addresses. A more - * accurate distinction between required and optional addresses is provided - * within the diagnostics. - * - * The memory is owned by the WAF and should not be freed. - * - * @param handle Handle to the WAF instance. - * @param size Output parameter in which the size will be returned. The value of - * size will be 0 if the return value is NULL. - * @return NULL if empty, otherwise a pointer to an array with size elements. - * - * @note This function is not thread-safe - * @note The returned array should be considered invalid after calling ddwaf_destroy - * on the handle used to obtain it. - **/ -const char* const* ddwaf_known_addresses(const ddwaf_handle handle, uint32_t *size); -/** - * ddwaf_known_actions - * - * Get an array of all the action types which could be triggered as a result of - * the current set of rules and exclusion filters. - * - * The memory is owned by the WAF and should not be freed. - * - * @param handle Handle to the WAF instance. - * @param size Output parameter in which the size will be returned. The value of - * size will be 0 if the return value is NULL. - * @return NULL if empty, otherwise a pointer to an array with size elements. - * - * @note This function is not thread-safe - * @note The returned array should be considered invalid after calling ddwaf_destroy - * on the handle used to obtain it. - **/ -const char *const *ddwaf_known_actions(const ddwaf_handle handle, uint32_t *size); -/** - * ddwaf_context_init - * - * Context object to perform matching using the provided WAF instance. - * - * @param handle Handle of the WAF instance containing the ruleset definition. (nonnull) - - * @return Handle to the context instance. - * - * @note The WAF instance needs to be valid for the lifetime of the context. - **/ -ddwaf_context ddwaf_context_init(const ddwaf_handle handle); - -/** - * ddwaf_run - * - * Perform a matching operation on the provided data - * - * @param context WAF context to be used in this run, this will determine the - * ruleset which will be used and it will also ensure that - * parameters are taken into account across runs (nonnull) - * - * @param persistent_data Data on which to perform the pattern matching. This - * data will be stored by the context and used across multiple calls to this - * function. Once the context is destroyed, the used-defined free function - * will be used to free the data provided. Note that the data passed must be - * valid until the destruction of the context. The object must be a map of - * {string, } in which each key represents the relevant address - * associated to the value, which can be of an arbitrary type. This parameter - * can be null if ephemeral data is provided. - * - * @param ephemeral_data Data on which to perform the pattern matching. This - * data will not be cached by the WAF. Matches arising from this data will - * also not be cached at any level. The data will be freed at the end of the - * call to ddwaf_run. The object must be a map of {string, } in which - * each key represents the relevant address associated to the value, which - * can be of an arbitrary type. This parameter can be null if persistent data - * is provided. - * - * @param result Structure containing the result of the operation. (nullable) - * @param timeout Maximum time budget in microseconds. - * - * @return Return code of the operation, also contained in the result structure. - * @error DDWAF_ERR_INVALID_ARGUMENT The context is invalid, the data will not - * be freed. - * @error DDWAF_ERR_INVALID_OBJECT The data provided didn't match the desired - * structure or contained invalid objects, the - * data will be freed by this function. - * @error DDWAF_ERR_INTERNAL There was an unexpected error and the operation did - * not succeed. The state of the WAF is undefined if - * this error is produced and the ownership of the - * data is unknown. The result structure will not be - * filled if this error occurs. - * - * Notes on addresses: - * - Within a single run, addresses provided should be unique. - * If duplicate persistent addresses are provided: - * - Within the same batch, the latest one in the structure will be the one - * used for evaluation. - * - Within two different batches, the second batch will only use the new data. - * - * Ephemeral addresses are designed to be duplicated across batches, but if - * duplicate addresses are provided within the same batch, the latest one seen - * will be the one used. - * - * Duplicate addresses of different types (ephemeral, persistent), are not - * permitted. An existing address will never be replaced by a duplicate one - * of a different type, but it doesn't result in a critical failure. Due to the - * nature of ephemerals, an ephemeral address can be replaced in a subsequent - * batch by a persistent address, however taking advantage of this is not - * recommended and might be explicitly rejected in the future. - **/ -DDWAF_RET_CODE ddwaf_run(ddwaf_context context, ddwaf_object *persistent_data, - ddwaf_object *ephemeral_data, ddwaf_result *result, uint64_t timeout); - -/** - * ddwaf_context_destroy - * - * Performs the destruction of the context, freeing the data passed to it through - * ddwaf_run using the used-defined free function. - * - * @param context Context to destroy. (nonnull) - **/ -void ddwaf_context_destroy(ddwaf_context context); - -/** - * ddwaf_result_free - * - * Free a ddwaf_result structure. - * - * @param result Structure to free. (nonnull) - **/ -void ddwaf_result_free(ddwaf_result *result); - -/** - * ddwaf_object_invalid - * - * Creates an invalid object. - * - * @param object Object to perform the operation on. (nonnull) - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_invalid(ddwaf_object *object); - -/** - * ddwaf_object_null - * - * Creates an null object. Provides a different semantical value to invalid as - * it can be used to signify that a value is null rather than of an unknown type. - * - * @param object Object to perform the operation on. (nonnull) - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_null(ddwaf_object *object); - -/** - * ddwaf_object_string - * - * Creates an object from a string. - * - * @param object Object to perform the operation on. (nonnull) - * @param string String to initialise the object with, this string will be copied - * and its length will be calculated using strlen(string). (nonnull) - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_string(ddwaf_object *object, const char *string); - -/** - * ddwaf_object_stringl - * - * Creates an object from a string and its length. - * - * @param object Object to perform the operation on. (nonnull) - * @param string String to initialise the object with, this string will be - * copied. (nonnull) - * @param length Length of the string. - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_stringl(ddwaf_object *object, const char *string, size_t length); - -/** - * ddwaf_object_stringl_nc - * - * Creates an object with the string pointer and length provided. - * - * @param object Object to perform the operation on. (nonnull) - * @param string String pointer to initialise the object with. - * @param length Length of the string. - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_stringl_nc(ddwaf_object *object, const char *string, size_t length); - -/** - * ddwaf_object_string_from_unsigned - * - * Creates an object using an unsigned integer (64-bit). The resulting object - * will contain a string created using the integer provided. - * - * @param object Object to perform the operation on. (nonnull) - * @param value Integer to initialise the object with. - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_string_from_unsigned(ddwaf_object *object, uint64_t value); - -/** - * ddwaf_object_string_from_signed - * - * Creates an object using a signed integer (64-bit). The resulting object - * will contain a string created using the integer provided. - * - * @param object Object to perform the operation on. (nonnull) - * @param value Integer to initialise the object with. - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_string_from_signed(ddwaf_object *object, int64_t value); - -/** - * ddwaf_object_unsigned_force - * - * Creates an object using an unsigned integer (64-bit). The resulting object - * will contain an unsigned integer as opposed to a string. - * - * @param object Object to perform the operation on. (nonnull) - * @param value Integer to initialise the object with. - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_unsigned(ddwaf_object *object, uint64_t value); - -/** - * ddwaf_object_signed_force - * - * Creates an object using a signed integer (64-bit). The resulting object - * will contain a signed integer as opposed to a string. - * - * @param object Object to perform the operation on. (nonnull) - * @param value Integer to initialise the object with. - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_signed(ddwaf_object *object, int64_t value); - -/** - * ddwaf_object_bool - * - * Creates an object using a boolean, the resulting object will contain a - * boolean as opposed to a string. - * - * @param object Object to perform the operation on. (nonnull) - * @param value Boolean to initialise the object with. - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_bool(ddwaf_object *object, bool value); - -/** - * ddwaf_object_float - * - * Creates an object using a double, the resulting object will contain a - * double as opposed to a string. - * - * @param object Object to perform the operation on. (nonnull) - * @param value Double to initialise the object with. - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_float(ddwaf_object *object, double value); - -/** - * ddwaf_object_array - * - * Creates an array object, for sequential storage. - * - * @param object Object to perform the operation on. (nonnull) - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_array(ddwaf_object *object); - -/** - * ddwaf_object_map - * - * Creates a map object, for key-value storage. - * - * @param object Object to perform the operation on. (nonnull) - * - * @return A pointer to the passed object or NULL if the operation failed. - **/ -ddwaf_object* ddwaf_object_map(ddwaf_object *object); - -/** - * ddwaf_object_array_add - * - * Inserts an object into an array object. - * - * @param array Array in which to insert the object. (nonnull) - * @param object Object to insert into the array. (nonnull) - * - * @return The success or failure of the operation. - **/ -bool ddwaf_object_array_add(ddwaf_object *array, ddwaf_object *object); - -/** - * ddwaf_object_map_add - * - * Inserts an object into an map object, using a key. - * - * @param map Map in which to insert the object. (nonnull) - * @param key The key for indexing purposes, this string will be copied and its - * length will be calcualted using strlen(key). (nonnull) - * @param object Object to insert into the array. (nonnull) - * - * @return The success or failure of the operation. - **/ -bool ddwaf_object_map_add(ddwaf_object *map, const char *key, ddwaf_object *object); - -/** - * ddwaf_object_map_addl - * - * Inserts an object into an map object, using a key and its length. - * - * @param map Map in which to insert the object. (nonnull) - * @param key The key for indexing purposes, this string will be copied (nonnull) - * @param length Length of the key. - * @param object Object to insert into the array. (nonnull) - * - * @return The success or failure of the operation. - **/ -bool ddwaf_object_map_addl(ddwaf_object *map, const char *key, size_t length, ddwaf_object *object); - -/** - * ddwaf_object_map_addl_nc - * - * Inserts an object into an map object, using a key and its length, but without - * creating a copy of the key. - * - * @param map Map in which to insert the object. (nonnull) - * @param key The key for indexing purposes, this string will be copied (nonnull) - * @param length Length of the key. - * @param object Object to insert into the array. (nonnull) - * - * @return The success or failure of the operation. - **/ -bool ddwaf_object_map_addl_nc(ddwaf_object *map, const char *key, size_t length, ddwaf_object *object); - -/** - * ddwaf_object_type - * - * Returns the type of the object. - * - * @param object The object from which to get the type. - * - * @return The object type of DDWAF_OBJ_INVALID if NULL. - **/ -DDWAF_OBJ_TYPE ddwaf_object_type(const ddwaf_object *object); - -/** - * ddwaf_object_size - * - * Returns the size of the container object. - * - * @param object The object from which to get the size. - * - * @return The object size or 0 if the object is not a container (array, map). - **/ -size_t ddwaf_object_size(const ddwaf_object *object); - -/** - * ddwaf_object_length - * - * Returns the length of the string object. - * - * @param object The object from which to get the length. - * - * @return The string length or 0 if the object is not a string. - **/ -size_t ddwaf_object_length(const ddwaf_object *object); - -/** - * ddwaf_object_get_key - * - * Returns the key contained within the object. - * - * @param object The object from which to get the key. - * @param length Output parameter on which to return the length of the key, - * this parameter is optional / nullable. - * - * @return The key of the object or NULL if the object doesn't contain a key. - **/ -const char* ddwaf_object_get_key(const ddwaf_object *object, size_t *length); - -/** - * ddwaf_object_get_string - * - * Returns the string contained within the object. - * - * @param object The object from which to get the string. - * @param length Output parameter on which to return the length of the string, - * this parameter is optional / nullable. - * - * @return The string of the object or NULL if the object is not a string. - **/ -const char* ddwaf_object_get_string(const ddwaf_object *object, size_t *length); - -/** - * ddwaf_object_get_unsigned - * - * Returns the uint64 contained within the object. - * - * @param object The object from which to get the integer. - * - * @return The integer or 0 if the object is not an unsigned. - **/ -uint64_t ddwaf_object_get_unsigned(const ddwaf_object *object); - -/** - * ddwaf_object_get_signed - * - * Returns the int64 contained within the object. - * - * @param object The object from which to get the integer. - * - * @return The integer or 0 if the object is not a signed. - **/ -int64_t ddwaf_object_get_signed(const ddwaf_object *object); - -/** - * ddwaf_object_get_float - * - * Returns the float64 (double) contained within the object. - * - * @param object The object from which to get the float. - * - * @return The float or 0.0 if the object is not a float. - **/ -double ddwaf_object_get_float(const ddwaf_object *object); - -/** - * ddwaf_object_get_bool - * - * Returns the boolean contained within the object. - * - * @param object The object from which to get the boolean. - * - * @return The boolean or false if the object is not a boolean. - **/ -bool ddwaf_object_get_bool(const ddwaf_object *object); - -/** - * ddwaf_object_get_index - * - * Returns the object contained in the container at the given index. - * - * @param object The container from which to extract the object. - * @param index The position of the required object within the container. - * - * @return The requested object or NULL if the index is out of bounds or the - * object is not a container. - **/ -const ddwaf_object* ddwaf_object_get_index(const ddwaf_object *object, size_t index); - - -/** - * ddwaf_object_free - * - * @param object Object to free. (nonnull) - **/ -void ddwaf_object_free(ddwaf_object *object); - -/** - * ddwaf_get_version - * - * Return the version of the library - * - * @return version Version string, note that this should not be freed - **/ -const char *ddwaf_get_version(); - -/** - * ddwaf_set_log_cb - * - * Sets the callback to relay logging messages to the binding - * - * @param cb The callback to call, or NULL to stop relaying messages - * @param min_level The minimum logging level for which to relay messages - * - * @return whether the operation succeeded or not - * - * @note This function is not thread-safe - **/ -bool ddwaf_set_log_cb(ddwaf_log_cb cb, DDWAF_LOG_LEVEL min_level); - -#ifdef __cplusplus -} -#endif /* __cplusplus */ - -#endif /*DDWAF_H */ diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log.go deleted file mode 100644 index 447ac711..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log.go +++ /dev/null @@ -1,97 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package log - -import ( - "fmt" - "log" - "os" - "regexp" - "strings" -) - -// Level replicates the definition of `DDWAF_LOG_LEVEL` from `ddwaf.h`. -type Level int - -const ( - LevelTrace Level = iota - LevelDebug - LevelInfo - LevelWarning - LevelError - LevelOff -) - -// LevelNamed returns the log level corresponding to the given name, or LevelOff -// if the name corresponds to no known log level. -func LevelNamed(name string) Level { - switch strings.ToLower(name) { - case "trace": - return LevelTrace - case "debug": - return LevelDebug - case "info": - return LevelInfo - case "warn", "warning": - return LevelWarning - case "error": - return LevelError - case "off": - return LevelOff - default: - return LevelOff - } -} - -func (l Level) String() string { - switch l { - case LevelTrace: - return "TRACE" - case LevelDebug: - return "DEBUG" - case LevelInfo: - return "INFO" - case LevelWarning: - return "WARN" - case LevelError: - return "ERROR" - case LevelOff: - return "OFF" - default: - return fmt.Sprintf("0x%X", uintptr(l)) - } -} - -var filter *regexp.Regexp - -func logMessage(level Level, function, file string, line uint, message string) { - entry := fmt.Sprintf("[%s] libddwaf @ %s:%d (%s): %s", level, file, line, function, message) - - if filter != nil && !filter.MatchString(entry) { - return - } - - log.Println(entry) -} - -const EnvVarLogLevel = "DD_APPSEC_WAF_LOG_LEVEL" - -func init() { - const envVarFilter = "DD_APPSEC_WAF_LOG_FILTER" - - if val := os.Getenv(EnvVarLogLevel); val == "" { - // No log level configured, don't even attempt parsing the regexp. - return - } - - if val := os.Getenv(envVarFilter); val != "" { - var err error - filter, err = regexp.Compile(val) - if err != nil { - log.Fatalf("invalid %s value: %v", envVarFilter, err) - } - } -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_cgo.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_cgo.go deleted file mode 100644 index 1d82844a..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_cgo.go +++ /dev/null @@ -1,35 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build cgo && !datadog.no_waf - -package log - -// #include "./ddwaf.h" -// extern void ddwafLogCallbackFnv3( -// DDWAF_LOG_LEVEL level, -// char* function, -// char* file, -// unsigned line, -// char* message, -// uint64_t message_len -// ); -import "C" -import "github.com/DataDog/go-libddwaf/v3/internal/unsafe" - -// CallbackFunctionPointer returns a pointer to the log callback function which -// can be used with libddwaf. -func CallbackFunctionPointer() uintptr { - return uintptr(C.ddwafLogCallbackFnv3) -} - -//export ddwafLogCallbackFnv3 -func ddwafLogCallbackFnv3(level C.DDWAF_LOG_LEVEL, fnPtr, filePtr *C.char, line C.unsigned, msgPtr *C.char, _ C.uint64_t) { - function := unsafe.Gostring(unsafe.CastNative[C.char, byte](fnPtr)) - file := unsafe.Gostring(unsafe.CastNative[C.char, byte](filePtr)) - message := unsafe.Gostring(unsafe.CastNative[C.char, byte](msgPtr)) - - logMessage(Level(level), function, file, uint(line), message) -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_purego.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_purego.go deleted file mode 100644 index e48036b5..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_purego.go +++ /dev/null @@ -1,37 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build !cgo && (darwin || freebsd) && !datadog.no_waf && !go1.24 - -package log - -import ( - "github.com/DataDog/go-libddwaf/v3/internal/unsafe" - "sync" - - "github.com/ebitengine/purego" -) - -var ( - once sync.Once - functionPointer uintptr -) - -// CallbackFunctionPointer returns a pointer to the log callback function which -// can be used with libddwaf. -func CallbackFunctionPointer() uintptr { - once.Do(func() { - functionPointer = purego.NewCallback(ddwafLogCallbackFn) - }) - return functionPointer -} - -func ddwafLogCallbackFn(level Level, fnPtr, filePtr *byte, line uint, msgPtr *byte, _ uint64) { - function := unsafe.Gostring(fnPtr) - file := unsafe.Gostring(filePtr) - message := unsafe.Gostring(msgPtr) - - logMessage(level, function, file, line, message) -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_unsupported.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_unsupported.go deleted file mode 100644 index 3b7b51fe..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/log/log_unsupported.go +++ /dev/null @@ -1,14 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -//go:build (!cgo && ((!darwin && !freebsd) || go1.24)) || datadog.no_waf - -package log - -// CallbackFunctionPointer returns a NULL pointer since this particular platform -// configuration is not supported by purego, and cgo is disabled. -func CallbackFunctionPointer() uintptr { - return 0 -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_cgo_disabled.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_cgo_disabled.go deleted file mode 100644 index 9c4ed83c..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_cgo_disabled.go +++ /dev/null @@ -1,16 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// The Go build tag "appsec" was introduced to avoid having CGO_ENABLED=0 breaking changes -// due to purego's dynamic link against libdl.so, which is not expected when CGO is disabled. -//go:build !cgo && !appsec - -package support - -import "github.com/DataDog/go-libddwaf/v3/errors" - -func init() { - wafSupportErrors = append(wafSupportErrors, errors.CgoDisabledError{}) -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_manually_disabled.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_manually_disabled.go deleted file mode 100644 index 8c65ddbc..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_manually_disabled.go +++ /dev/null @@ -1,15 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Manually set datadog.no_waf build tag -//go:build datadog.no_waf - -package support - -import "github.com/DataDog/go-libddwaf/v3/errors" - -func init() { - wafManuallyDisabledErr = errors.ManuallyDisabledError{} -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_support.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_support.go deleted file mode 100644 index cfd81a6a..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_support.go +++ /dev/null @@ -1,21 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package support - -// Errors used to report data using the Health function -// Store all the errors related to why go-liddwaf is unavailable for the current target at runtime. -var wafSupportErrors []error - -// Not nil if the build tag `datadog.no_waf` is set -var wafManuallyDisabledErr error - -func WafSupportErrors() []error { - return wafSupportErrors -} - -func WafManuallyDisabledError() error { - return wafManuallyDisabledErr -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_unsupported_go.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_unsupported_go.go deleted file mode 100644 index a6b60c23..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_unsupported_go.go +++ /dev/null @@ -1,15 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Unsupported Go versions (>=) -//go:build go1.24 - -package support - -import "github.com/DataDog/go-libddwaf/v3/errors" - -func init() { - wafSupportErrors = append(wafSupportErrors, errors.UnsupportedGoVersionError{}) -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_unsupported_target.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_unsupported_target.go deleted file mode 100644 index 04546c1f..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/support/waf_unsupported_target.go +++ /dev/null @@ -1,20 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -// Unsupported target OS or architecture -// Unsupported OS Unsupported Arch -//go:build (!linux && !darwin) || (!amd64 && !arm64) - -package support - -import ( - "runtime" - - "github.com/DataDog/go-libddwaf/v3/errors" -) - -func init() { - wafSupportErrors = append(wafSupportErrors, errors.UnsupportedOSArchError{runtime.GOOS, runtime.GOARCH}) -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/internal/unsafe/utils.go b/vendor/github.com/DataDog/go-libddwaf/v3/internal/unsafe/utils.go deleted file mode 100644 index 44d97282..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/internal/unsafe/utils.go +++ /dev/null @@ -1,107 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package unsafe - -import ( - "reflect" - stdUnsafe "unsafe" -) - -// Gostring copies a char* to a Go string. -func Gostring(ptr *byte) string { - if ptr == nil { - return "" - } - var length int - for { - if *(*byte)(stdUnsafe.Add(stdUnsafe.Pointer(ptr), uintptr(length))) == '\x00' { - break - } - length++ - } - //string builtin copies the slice - return string(stdUnsafe.Slice(ptr, length)) -} - -// NativeStringUnwrap cast a native string type into it's runtime value. Exported as the struct reflect.StringHeader -func NativeStringUnwrap(str string) reflect.StringHeader { - return *(*reflect.StringHeader)(stdUnsafe.Pointer(&str)) -} - -func GostringSized(ptr *byte, size uint64) string { - if ptr == nil { - return "" - } - return string(stdUnsafe.Slice(ptr, size)) -} - -// Cstring converts a go string to *byte that can be passed to C code. -func Cstring(name string) *byte { - var b = make([]byte, len(name)+1) - copy(b, name) - return &b[0] -} - -// Cast is used to centralize unsafe use C of allocated pointer. -// We take the address and then dereference it to trick go vet from creating a possible misuse of unsafe.Pointer -func Cast[T any](ptr uintptr) *T { - return (*T)(*(*stdUnsafe.Pointer)(stdUnsafe.Pointer(&ptr))) -} - -type Native interface { - ~byte | ~float64 | ~float32 | ~int | ~int8 | ~int16 | ~int32 | ~int64 | ~bool | ~uintptr -} - -func CastNative[N Native, T Native](ptr *N) *T { - return (*T)(*(*stdUnsafe.Pointer)(stdUnsafe.Pointer(&ptr))) -} - -// NativeToUintptr is a helper used by populate WafObject values -// with Go values -func NativeToUintptr[T any](x T) uintptr { - return *(*uintptr)(stdUnsafe.Pointer(&x)) -} - -// UintToNative is a helper used retrieve Go values from an uintptr encoded -// value from a WafObject -func UintptrToNative[T any](x uintptr) T { - return *(*T)(stdUnsafe.Pointer(&x)) -} - -// CastWithOffset is the same as cast but adding an offset to the pointer by a multiple of the size -// of the type pointed. -func CastWithOffset[T any](ptr uintptr, offset uint64) *T { - return (*T)(stdUnsafe.Add(*(*stdUnsafe.Pointer)(stdUnsafe.Pointer(&ptr)), offset*uint64(stdUnsafe.Sizeof(*new(T))))) -} - -// PtrToUintptr is a helper to centralize of usage of unsafe.Pointer -// do not use this function to cast interfaces -func PtrToUintptr[T any](arg *T) uintptr { - return uintptr(stdUnsafe.Pointer(arg)) -} - -func SliceToUintptr[T any](arg []T) uintptr { - return (*reflect.SliceHeader)(stdUnsafe.Pointer(&arg)).Data -} - -// KeepAlive() globals -var ( - alwaysFalse bool - escapeSink any -) - -// KeepAlive is a copy of runtime.KeepAlive -// keepAlive has 2 usages: -// - It forces the deallocation of the memory to take place later than expected (just like runtime.KeepAlive) -// - It forces the given argument x to be escaped on the heap by saving it into a global value (Go doesn't provide a standard way to do it as of today) -// It is implemented so that the compiler cannot optimize it. -// -//go:noinline -func KeepAlive[T any](x T) { - if alwaysFalse { - escapeSink = x - } -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/metrics.go b/vendor/github.com/DataDog/go-libddwaf/v3/metrics.go deleted file mode 100644 index 50973653..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/metrics.go +++ /dev/null @@ -1,140 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package waf - -import ( - "strings" - "sync" - "time" -) - -// Stats stores the metrics collected by the WAF. -type ( - Stats struct { - // Timers returns a map of metrics and their durations. - Timers map[string]time.Duration - - // TimeoutCount for the Default Scope i.e. "waf" - TimeoutCount uint64 - - // TimeoutRASPCount for the RASP Scope i.e. "rasp" - TimeoutRASPCount uint64 - - // Truncations provides details about truncations that occurred while - // encoding address data for WAF execution. - Truncations map[TruncationReason][]int - - // TruncationsRASP provides details about truncations that occurred while - // encoding address data for RASP execution. - TruncationsRASP map[TruncationReason][]int - } - - // Scope is the way to classify the different runs in the same context in order to have different metrics - Scope string - - metricKey struct { - scope Scope - component string - } - - metricsStore struct { - data map[metricKey]time.Duration - mutex sync.RWMutex - } -) - -const ( - DefaultScope Scope = "waf" - RASPScope Scope = "rasp" -) - -const ( - wafEncodeTag = "encode" - wafRunTag = "duration_ext" - wafDurationTag = "duration" - wafDecodeTag = "decode" - wafTimeoutTag = "timeouts" - wafTruncationTag = "truncations" -) - -func dot(parts ...string) string { - return strings.Join(parts, ".") -} - -// Metrics transform the stats returned by the WAF into a map of key value metrics with values in microseconds. -// ex. {"waf.encode": 100, "waf.duration_ext": 300, "waf.duration": 200, "rasp.encode": 100, "rasp.duration_ext": 300, "rasp.duration": 200} -func (stats Stats) Metrics() map[string]any { - tags := make(map[string]any, len(stats.Timers)+len(stats.Truncations)+1) - for k, v := range stats.Timers { - tags[k] = float64(v.Nanoseconds()) / float64(time.Microsecond) // The metrics should be in microseconds - } - - if stats.TimeoutCount > 0 { - tags[dot(string(DefaultScope), wafTimeoutTag)] = stats.TimeoutCount - } - - if stats.TimeoutRASPCount > 0 { - tags[dot(string(RASPScope), wafTimeoutTag)] = stats.TimeoutRASPCount - } - - for reason, list := range stats.Truncations { - tags[dot(string(DefaultScope), wafTruncationTag, reason.String())] = list - } - - for reason, list := range stats.TruncationsRASP { - tags[dot(string(RASPScope), wafTruncationTag, reason.String())] = list - } - - return tags -} - -func (metrics *metricsStore) add(scope Scope, component string, duration time.Duration) { - metrics.mutex.Lock() - defer metrics.mutex.Unlock() - if metrics.data == nil { - metrics.data = make(map[metricKey]time.Duration, 5) - } - - metrics.data[metricKey{scope, component}] += duration -} - -func (metrics *metricsStore) get(scope Scope, component string) time.Duration { - metrics.mutex.RLock() - defer metrics.mutex.RUnlock() - return metrics.data[metricKey{scope, component}] -} - -func (metrics *metricsStore) timers() map[string]time.Duration { - metrics.mutex.Lock() - defer metrics.mutex.Unlock() - if metrics.data == nil { - return nil - } - - timers := make(map[string]time.Duration, len(metrics.data)) - for k, v := range metrics.data { - timers[dot(string(k.scope), k.component)] = v - } - return timers -} - -// merge merges the current metrics with new ones -func (metrics *metricsStore) merge(scope Scope, other map[string]time.Duration) { - metrics.mutex.Lock() - defer metrics.mutex.Unlock() - if metrics.data == nil { - metrics.data = make(map[metricKey]time.Duration, 5) - } - - for component, val := range other { - key := metricKey{scope, component} - prev, ok := metrics.data[key] - if !ok { - prev = 0 - } - metrics.data[key] = prev + val - } -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/timer/base_timer.go b/vendor/github.com/DataDog/go-libddwaf/v3/timer/base_timer.go deleted file mode 100644 index adb68bb1..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/timer/base_timer.go +++ /dev/null @@ -1,125 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022 Datadog, Inc. - -package timer - -import ( - "errors" - "time" -) - -// baseTimer is the type used for all the timers that won't have children -// It's implementation is more lightweight than nodeTimer and can be used as a standalone timer using NewTimer -type baseTimer struct { - - // config is the configuration of the timer - config config - - clock - - // start is the time when the timer was started - start time.Time - - // parent is the parent timer. It is used to progate the stop of the timer to the parent timer and get the remaining time in case the budget has to be inherited. - parent NodeTimer - - // componentName is the name of the component of the timer. It is used to store the time spent in the component and to propagate the stop of the timer to the parent timer. - componentName string - - // spent is the time spent on the timer, set after calling stop - spent time.Duration -} - -var _ Timer = (*baseTimer)(nil) - -// NewTimer creates a new Timer with the given options. You have to specify either the option WithBudget or WithUnlimitedBudget. -func NewTimer(options ...Option) (Timer, error) { - config := newConfig(options...) - if config.budget == DynamicBudget { - return nil, errors.New("root timer cannot inherit parent budget, please provide a budget using timer.WithBudget() or timer.WithUnlimitedBudget()") - } - - if len(config.components) > 0 { - return nil, errors.New("NewTimer: timer that have components must use NewTreeTimer()") - } - - return &baseTimer{ - config: config, - clock: newTimeCache(), - }, nil -} - -func (timer *baseTimer) Start() time.Time { - // already started before - if timer.start != (time.Time{}) { - return timer.start - } - - if timer.config.budget == DynamicBudget && timer.parent != nil { - timer.config.budget = timer.config.dynamicBudget(timer.parent) - } - - timer.start = timer.now() - return timer.start -} - -func (timer *baseTimer) Spent() time.Duration { - // timer was never started - if timer.start == (time.Time{}) { - return 0 - } - - // timer was already stopped - if timer.spent != 0 { - return timer.spent - } - - return time.Since(timer.start) -} - -func (timer *baseTimer) Remaining() time.Duration { - if timer.config.budget == UnlimitedBudget { - return UnlimitedBudget - } - - remaining := timer.config.budget - timer.Spent() - if remaining < 0 { - return 0 - } - - return remaining -} - -func (timer *baseTimer) Exhausted() bool { - if timer.config.budget == UnlimitedBudget { - return false - } - - return timer.Spent() > timer.config.budget -} - -func (timer *baseTimer) Stop() time.Duration { - // If the current timer has already stopped, return the current spent time - if timer.spent != 0 { - return timer.spent - } - - timer.spent = timer.Spent() - if timer.parent != nil { - timer.parent.childStopped(timer.componentName, timer.spent) - } - - return timer.spent -} - -func (timer *baseTimer) Timed(timedFunc func(timer Timer)) (spent time.Duration) { - timer.Start() - defer func() { - spent = timer.Stop() - }() - - timedFunc(timer) - return -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/timer/clock.go b/vendor/github.com/DataDog/go-libddwaf/v3/timer/clock.go deleted file mode 100644 index d20e1781..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/timer/clock.go +++ /dev/null @@ -1,28 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022 Datadog, Inc. - -package timer - -import ( - "time" -) - -// clock is a simple cache for time.Now() to hopefully avoid some expensive calls to REALTIME part of time.Now() -type clock struct { - lastRequest time.Time -} - -func newTimeCache() clock { - return clock{ - lastRequest: time.Now(), - } -} - -func (ct *clock) now() time.Time { - // If the diff is greater than ~2^32 then the monotonic clock has wrapped around - // and time.Since will do a call to time.Now() for us. - ct.lastRequest = ct.lastRequest.Add(time.Since(ct.lastRequest)) - return ct.lastRequest -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/timer/component.go b/vendor/github.com/DataDog/go-libddwaf/v3/timer/component.go deleted file mode 100644 index 3b754587..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/timer/component.go +++ /dev/null @@ -1,28 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022 Datadog, Inc. - -package timer - -import ( - "sync/atomic" -) - -// components store the data shared between child timers of the same component name -type components struct { - lookup map[string]*atomic.Int64 - storage []atomic.Int64 -} - -func newComponents(names []string) components { - lookup := make(map[string]*atomic.Int64, len(names)) - storage := make([]atomic.Int64, len(names)) - for i, name := range names { - lookup[name] = &storage[i] - } - return components{ - lookup: lookup, - storage: storage, - } -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/timer/config.go b/vendor/github.com/DataDog/go-libddwaf/v3/timer/config.go deleted file mode 100644 index ecf70795..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/timer/config.go +++ /dev/null @@ -1,86 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022 Datadog, Inc. - -package timer - -import ( - "math" - "time" -) - -const ( - // UnlimitedBudget is a special value for the budget that means the timer has no budget - UnlimitedBudget = time.Duration(math.MaxInt64) - - // DynamicBudget is a special value for the budget that means the timer should inherit the budget from its parent - // It is the default value if no options such as WithBudget, WithUnlimitedBudget or WithInheritedBudget are provided - DynamicBudget = ^time.Duration(0) -) - -// DynamicBudgetFunc is a function that is called on all children when a change to the parent happens -type DynamicBudgetFunc func(timer NodeTimer) time.Duration - -// config is the configuration of a timer. It can be created through the use of options -type config struct { - dynamicBudget DynamicBudgetFunc - // components store all the components of the timer - components []string - // budget is the time budget for the timer - budget time.Duration -} - -func newConfig(options ...Option) config { - config := config{} - // Make sure the budget is inherited by default - WithInheritedSumBudget()(&config) - for _, option := range options { - option(&config) - } - return config -} - -// Option are the configuration options for any type of timer. Please read the documentation of said timer to see which options are available -type Option func(*config) - -// WithBudget is an Option that sets the budget value -func WithBudget(budget time.Duration) Option { - return func(c *config) { - c.budget = budget - } -} - -// WithUnlimitedBudget is an Option that sets the UnlimitedBudget flag on config.budget -func WithUnlimitedBudget() Option { - return func(c *config) { - c.budget = UnlimitedBudget - } -} - -// WithInheritedBudget is an Option that sets the DynamicBudget flag on config.budget -func WithInheritedBudget() Option { - return func(c *config) { - c.budget = DynamicBudget - c.dynamicBudget = func(timer NodeTimer) time.Duration { - return timer.Remaining() - } - } -} - -// WithInheritedSumBudget is an Option that sets the DynamicBudget flag on config.budget and sets the DynamicBudgetFunc to sum the remaining time of all children -func WithInheritedSumBudget() Option { - return func(c *config) { - c.budget = DynamicBudget - c.dynamicBudget = func(timer NodeTimer) time.Duration { - return timer.SumRemaining() - } - } -} - -// WithComponents is an Option that adds multiple components to the components list -func WithComponents(components ...string) Option { - return func(c *config) { - c.components = append(c.components, components...) - } -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/timer/node_timer.go b/vendor/github.com/DataDog/go-libddwaf/v3/timer/node_timer.go deleted file mode 100644 index 1115f59e..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/timer/node_timer.go +++ /dev/null @@ -1,147 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022 Datadog, Inc. - -package timer - -import ( - "errors" - "fmt" - "time" -) - -// nodeTimer is the type used for all the timers that can (and will) have children -type nodeTimer struct { - baseTimer - components -} - -var _ NodeTimer = (*nodeTimer)(nil) - -// NewTreeTimer creates a new Timer with the given options. You have to specify either the option WithBudget or WithUnlimitedBudget and at least one component using the WithComponents option. -func NewTreeTimer(options ...Option) (NodeTimer, error) { - config := newConfig(options...) - if config.budget == DynamicBudget { - return nil, errors.New("root timer cannot inherit parent budget, please provide a budget using timer.WithBudget() or timer.WithUnlimitedBudget()") - } - - if len(config.components) == 0 { - return nil, errors.New("NewTreeTimer: tree timer must have at least one component, otherwise use NewTimer()") - } - - return &nodeTimer{ - baseTimer: baseTimer{ - config: config, - clock: newTimeCache(), - }, - components: newComponents(config.components), - }, nil -} - -func (timer *nodeTimer) NewNode(name string, options ...Option) (NodeTimer, error) { - config := newConfig(options...) - if len(config.components) == 0 { - return nil, errors.New("NewNode: node timer must have at least one component, otherwise use NewLeaf()") - } - - _, ok := timer.components.lookup[name] - if !ok { - return nil, fmt.Errorf("NewNode: component %s not found", name) - } - - return &nodeTimer{ - baseTimer: baseTimer{ - config: config, - clock: timer.clock, - parent: timer, - componentName: name, - }, - components: newComponents(config.components), - }, nil -} - -func (timer *nodeTimer) NewLeaf(name string, options ...Option) (Timer, error) { - config := newConfig(options...) - if len(config.components) != 0 { - return nil, errors.New("NewLeaf: leaf timer cannot have components, otherwise use NewNode()") - } - - _, ok := timer.components.lookup[name] - if !ok { - return nil, fmt.Errorf("NewLeaf: component %s not found", name) - } - - return &baseTimer{ - clock: timer.clock, - config: config, - componentName: name, - parent: timer, - }, nil -} - -func (timer *nodeTimer) MustLeaf(name string, options ...Option) Timer { - leaf, err := timer.NewLeaf(name, options...) - if err != nil { - panic(err) - } - return leaf -} - -func (timer *nodeTimer) childStarted() {} - -func (timer *nodeTimer) childStopped(componentName string, duration time.Duration) { - timer.components.lookup[componentName].Add(int64(duration)) - if timer.parent == nil { - return - } - - timer.parent.childStopped(timer.componentName, duration) -} - -func (timer *nodeTimer) AddTime(name string, duration time.Duration) { - value, ok := timer.components.lookup[name] - if !ok { - return - } - - value.Add(int64(duration)) -} - -func (timer *nodeTimer) Stats() map[string]time.Duration { - stats := make(map[string]time.Duration, len(timer.components.lookup)) - for name, component := range timer.components.lookup { - stats[name] = time.Duration(component.Load()) - } - - return stats -} - -func (timer *nodeTimer) SumSpent() time.Duration { - var sum time.Duration - for _, component := range timer.components.lookup { - sum += time.Duration(component.Load()) - } - return sum -} - -func (timer *nodeTimer) SumRemaining() time.Duration { - if timer.config.budget == UnlimitedBudget { - return UnlimitedBudget - } - - remaining := timer.config.budget - timer.SumSpent() - if remaining < 0 { - return 0 - } - - return remaining -} - -func (timer *nodeTimer) SumExhausted() bool { - if timer.config.budget == UnlimitedBudget { - return false - } - - return timer.SumSpent() > timer.config.budget -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/timer/timer.go b/vendor/github.com/DataDog/go-libddwaf/v3/timer/timer.go deleted file mode 100644 index 05cfd62f..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/timer/timer.go +++ /dev/null @@ -1,115 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2022 Datadog, Inc. - -package timer - -import ( - "time" -) - -// Timer is the default interface for all timers. NewTimer will provide you with a Timer. -// Keep in mind that they are NOT thread-safe and once Stop() is called, the Timer cannot be restarted. -type Timer interface { - // Start starts the timer and returns the start time. - // If the timer was already started, it returns the previous start time. - // If the timer was started without specifying a budget, it will inherit the budget from its parent when calling Start(). - // if the timer has no parent and no budget was specified, the call creating the timer (either NewTreeTimer or NewTimer) will return an error asking to specify a budget (which can be unlimited). - // Start is NOT thread-safe - Start() time.Time - - // Stop ends the timer and returns the time spent on the timer as Spent() would. - // Stop will trigger the computation of sum timers if the timer is part of a tree. See NodeTimer for more information. - // Stop is NOT thread-safe - Stop() time.Duration - - // Spent returns the current time spent between Start() and Stop() or between Start() and now if the timer is still running. - // Spent is thread-safe - Spent() time.Duration - - // Remaining returns the time remaining before the timer reaches its budget. (budget - Spent()) - // It returns 0 if the timer is exhausted. Remaining may never return a value below zero. - // Remaining only makes sense if the timer has a budget. If the timer has no budget, it returns the special value UnlimitedBudget. - // Remaining is thread-safe - Remaining() time.Duration - - // Exhausted returns true if the timer spent in the timer is greater than the budget. (Spent() > budget) - // Exhausted may return true only in case the time has a budget. If the timer has n, it returns false. - // Exhausted is thread-safe - Exhausted() bool - - // Timed is a convenience function that starts the timer, calls the provided function and stops the timer. - // Timed is panic-safe and will stop the timer even if the function panics. - // Timed is NOT thread-safe - Timed(timedFunc func(timer Timer)) time.Duration -} - -// SumTimer is a sub-interface for timers capable of having children and making the sum of their time spent. -// NewTreeTimer will provide you with a timer supporting this interface -type SumTimer interface { - // SumSpent returns the sum of the time spent in each component of the timer. - // SumSpent is thread-safe - SumSpent() time.Duration - - // SumRemaining returns the sum of the time remaining in each component of the timer. - // SumRemaining returns UnlimitedBudget if the timer has no budget. (UnlimitedBudget) - // SumRemaining is thread-safe - SumRemaining() time.Duration - - // SumExhausted returns true if the sum of the time spent in each component of the timer is greater than the budget. - // SumExhausted returns false if the timer has no budget. (UnlimitedBudget) - // SumExhausted is thread-safe - SumExhausted() bool -} - -// NodeTimer is the interface for tree timers. NewTreeTimer will provide you with a NodeTimer. -// NodeTimer can have children (NodeTimer or Timer) and will compute the sum of their spent time each time a children timer calls its Stop() method. -// To add children to a NodeTimer, you have to specify component names when creating the timer with the WithComponent and WithComponents options. -// The component names must be unique and cannot be empty. The component names are used to identify the children timers. -// The returned timer can now create children timers using the NewNode and NewLeaf functions using the names provided when creating the parent timer. -// Multiple timers from the same component can be used in parallel and will be summed together. -// In parallel to that, NodeTimer can have their own wall time timer and budget that will apply to the sum of their children and their own timer. -// The following functions are the same as the Timer interface but works using the sum of the children timers: -// - SumSpent() -> Spent() -// - SumRemaining() -> Remaining() -// - SumExhausted() -> Exhausted() -// Keep in mind that the timer itself (only Start and Stop) is NOT thread-safe and once Stop() is called, the NodeTimer cannot be restarted. -type NodeTimer interface { - Timer - SumTimer - - // NewNode creates a new NodeTimer with the given name and options. The given name must match one of the component name of the parent timer. - // A node timer is required to have at least one component. If no component is provided, it will return an error asking you to use NewLeaf instead. - // If no budget is provided, it will inherit the budget from its parent when calling Start(). - // NewNode is thread-safe - NewNode(name string, options ...Option) (NodeTimer, error) - - // NewLeaf creates a new Timer with the given name and options. The given name must match one of the component name of the parent timer. - // A leaf timer is forbidden to have components. If a component is provided, it will return an error asking you to use NewNode instead. - // If no budget is provided, it will inherit the budget from its parent when calling Start(). - // NewLeaf is thread-safe - NewLeaf(name string, options ...Option) (Timer, error) - - // MustLeaf creates a new Timer with the given name and options. The given name must match one of the component name of the parent timer. - // MustLeaf wraps a call to NewLeaf but will panic if the error is not nil. - // MustLeaf is thread-safe - MustLeaf(name string, options ...Option) Timer - - // AddTime adds the given duration to the component of the timer with the given name. - // AddTime is thread-safe - AddTime(name string, duration time.Duration) - - // Stats returns a map of the time spent in each component of the timer. - // Stats is thread-safe - Stats() map[string]time.Duration - - // childStarted is used to propagate the start of a child timer to the parent timer through the whole tree. - childStarted() - - // childStopped is used to propagate the time spent in a child timer to the parent timer through the whole tree. - childStopped(componentName string, duration time.Duration) - - // now is a convenience wrapper to swap the time.Now() function for testing and performance purposes. - now() time.Time -} diff --git a/vendor/github.com/DataDog/go-libddwaf/v3/waf.go b/vendor/github.com/DataDog/go-libddwaf/v3/waf.go deleted file mode 100644 index e6337126..00000000 --- a/vendor/github.com/DataDog/go-libddwaf/v3/waf.go +++ /dev/null @@ -1,186 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License Version 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2016-present Datadog, Inc. - -package waf - -import ( - "errors" - "fmt" - "sync" - "time" - - wafErrors "github.com/DataDog/go-libddwaf/v3/errors" - "github.com/DataDog/go-libddwaf/v3/internal/bindings" - "github.com/DataDog/go-libddwaf/v3/internal/support" -) - -// ErrTimeout is the error returned when the WAF times out while processing a request. -// Deprecated: use github.com/DataDog/go-libddwaf/errors.ErrTimeout instead. -const ErrTimeout = wafErrors.ErrTimeout - -// Diagnostics stores the information - provided by the WAF - about WAF rules initialization. -type Diagnostics struct { - Rules *DiagnosticEntry - CustomRules *DiagnosticEntry - Actions *DiagnosticEntry - Exclusions *DiagnosticEntry - RulesOverrides *DiagnosticEntry - RulesData *DiagnosticEntry - ExclusionData *DiagnosticEntry - Processors *DiagnosticEntry - Scanners *DiagnosticEntry - Version string -} - -// TopLevelError returns the list of top-level errors reported by the WAF on any of the Diagnostics -// entries, rolled up into a single error value. Returns nil if no top-level errors were reported. -// Individual, item-level errors might still exist. -func (d *Diagnostics) TopLevelError() error { - fields := map[string]*DiagnosticEntry{ - "rules": d.Rules, - "actions": d.Actions, - "custom_rules": d.CustomRules, - "exclusions": d.Exclusions, - "rules_override": d.RulesOverrides, - "rules_data": d.RulesData, - "exclusion_data": d.ExclusionData, - "processors": d.Processors, - "scanners": d.Scanners, - } - - var errs []error - for field, entry := range fields { - if entry == nil || entry.Error == "" { - // No entry or no error => we're all good. - continue - } - errs = append(errs, fmt.Errorf("in %#v: %s", field, entry.Error)) - } - - return errors.Join(errs...) -} - -// DiagnosticEntry stores the information - provided by the WAF - about loaded and failed rules -// for a specific entry in the WAF ruleset -type DiagnosticEntry struct { - Addresses *DiagnosticAddresses - Errors map[string][]string // Item-level errors (map of error message to entity identifiers or index:#) - Error string // If the entire entry was in error (e.g: invalid format) - Loaded []string // Successfully loaded entity identifiers (or index:#) - Failed []string // Failed entity identifiers (or index:#) - Skipped []string // Skipped entity identifiers (or index:#) -} - -// DiagnosticAddresses stores the information - provided by the WAF - about the known addresses and -// whether they are required or optional. Addresses used by WAF rules are always required. Addresses -// used by WAF exclusion filters may be required or (rarely) optional. Addresses used by WAF -// processors may be required or optional. -type DiagnosticAddresses struct { - Required []string - Optional []string -} - -// Result stores the multiple values returned by a call to ddwaf_run -type Result struct { - // Events is the list of events the WAF detected, together with any relevant - // details. - Events []any - - // Derivatives is the set of key-value pairs generated by the WAF, and which - // need to be reported on the trace to provide additional data to the backend. - Derivatives map[string]any - - // Actions is the set of actions the WAF decided on when evaluating rules - // against the provided address data. It maps action types to their dynamic parameter values - Actions map[string]any - - // TimeSpent is the time the WAF self-reported as spent processing the call to ddwaf_run - TimeSpent time.Duration -} - -// Globally dlopen() libddwaf only once because several dlopens (eg. in tests) -// aren't supported by macOS. -var ( - // libddwaf's dynamic library handle and entrypoints - wafLib *bindings.WafDl - // libddwaf's dlopen error if any - wafLoadErr error - openWafOnce sync.Once -) - -// Load loads libddwaf's dynamic library. The dynamic library is opened only -// once by the first call to this function and internally stored globally, and -// no function is currently provided in this API to close the opened handle. -// Calling this function is not mandatory and is automatically performed by -// calls to NewHandle, the entrypoint of libddwaf, but Load is useful in order -// to explicitly check libddwaf's general health where calling NewHandle doesn't -// necessarily apply nor is doable. -// The function returns ok when libddwaf was successfully loaded, along with a -// non-nil error if any. Note that both ok and err can be set, meaning that -// libddwaf is usable but some non-critical errors happened, such as failures -// to remove temporary files. It is safe to continue using libddwaf in such -// case. -func Load() (ok bool, err error) { - if ok, err = Health(); !ok { - return false, err - } - - openWafOnce.Do(func() { - wafLib, wafLoadErr = bindings.NewWafDl() - if wafLoadErr != nil { - return - } - wafVersion = wafLib.WafGetVersion() - }) - - return wafLib != nil, wafLoadErr -} - -var wafVersion string - -// Version returns the version returned by libddwaf. -// It relies on the dynamic loading of the library, which can fail and return -// an empty string or the previously loaded version, if any. -func Version() string { - Load() - return wafVersion -} - -// HasEvents return true if the result holds at least 1 event -func (r *Result) HasEvents() bool { - return len(r.Events) > 0 -} - -// HasDerivatives return true if the result holds at least 1 derivative -func (r *Result) HasDerivatives() bool { - return len(r.Derivatives) > 0 -} - -// HasActions return true if the result holds at least 1 action -func (r *Result) HasActions() bool { - return len(r.Actions) > 0 -} - -// SupportsTarget returns true and a nil error when the target host environment -// is supported by this package and can be further used. -// Otherwise, it returns false along with an error detailing why. -func SupportsTarget() (bool, error) { - wafSupportErrors := support.WafSupportErrors() - return wafSupportErrors == nil, errors.Join(wafSupportErrors...) -} - -// Health returns true if the waf is usable, false otherwise. At the same time it can return an error -// if the waf is not usable, but the error is not blocking if true is returned, otherwise it is. -// The following conditions are checked: -// - The Waf library has been loaded successfully (you need to call `Load()` first for this case to be taken into account) -// - The Waf library has not been manually disabled with the `datadog.no_waf` go build tag -// - The Waf library is not in an unsupported OS/Arch -// - The Waf library is not in an unsupported Go version -func Health() (bool, error) { - wafSupportErrors := errors.Join(support.WafSupportErrors()...) - wafManuallyDisabledErr := support.WafManuallyDisabledError() - - return (wafLib != nil || wafLoadErr == nil) && wafSupportErrors == nil && wafManuallyDisabledErr == nil, errors.Join(wafLoadErr, wafSupportErrors, wafManuallyDisabledErr) -} diff --git a/vendor/github.com/DataDog/go-runtime-metrics-internal/LICENSE b/vendor/github.com/DataDog/go-runtime-metrics-internal/LICENSE deleted file mode 100644 index 261eeb9e..00000000 --- a/vendor/github.com/DataDog/go-runtime-metrics-internal/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/go-runtime-metrics-internal/LICENSE-3rdparty.csv b/vendor/github.com/DataDog/go-runtime-metrics-internal/LICENSE-3rdparty.csv deleted file mode 100644 index 9e444fcd..00000000 --- a/vendor/github.com/DataDog/go-runtime-metrics-internal/LICENSE-3rdparty.csv +++ /dev/null @@ -1,7 +0,0 @@ -Component,Origin,License,Copyright -N/A,github.com/davecgh/go-spew,ISC,Copyright (c) 2012-2016 Dave Collins -N/A,github.com/pmezard/go-difflib,BSD 3-Clause,"Copyright (c) 2013, Patrick Mezard" -N/A,github.com/stretchr/testify,MIT,"Copyright (c) 2012-2020 Mat Ryer, Tyler Bunnell and contributors." -N/A,gopkg.in/check.v1,BSD-2-Clause,Copyright (c) 2010-2013 Gustavo Niemeyer -N/A,gopkg.in/yaml.v3,MIT,Copyright (c) 2006-2010 Kirill Simonov + Copyright (c) 2006-2011 Kirill Simonov -N/A,gopkg.in/yaml.v3,Apache-2.0,Copyright (c) 2011-2019 Canonical Ltd \ No newline at end of file diff --git a/vendor/github.com/DataDog/go-runtime-metrics-internal/NOTICE b/vendor/github.com/DataDog/go-runtime-metrics-internal/NOTICE deleted file mode 100644 index 702d2b3e..00000000 --- a/vendor/github.com/DataDog/go-runtime-metrics-internal/NOTICE +++ /dev/null @@ -1,4 +0,0 @@ -Datadog go-runtime-metrics-internal -Copyright 2024-2024 Datadog, Inc. - -This product includes software developed at Datadog (). \ No newline at end of file diff --git a/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/histogram.go b/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/histogram.go deleted file mode 100644 index 9ae911ee..00000000 --- a/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/histogram.go +++ /dev/null @@ -1,195 +0,0 @@ -package runtimemetrics - -import ( - "math" - "runtime/metrics" - "slices" - "sort" -) - -// As of 2023/04, the statsd client does not support sending fully formed -// histograms to the datadog-agent. -// -// These helpers extract the histograms exported by the runtime/metrics -// package into multiple values representing: avg, min, max, median, p95 -// and p99 values of these histograms, so we can submit them as gauges to -// the agent. - -type histogramStats struct { - Avg float64 - Min float64 // aka P0 - Median float64 // aka P50 - P95 float64 - P99 float64 - Max float64 // aka P100 -} - -type distributionSample struct { - Value float64 - Rate float64 -} - -func distributionSamplesFromHist(h *metrics.Float64Histogram, samples []distributionSample) []distributionSample { - for i, count := range h.Counts { - start, end := h.Buckets[i], h.Buckets[i+1] - // Handle edge cases where start or end of buckets could be infinity - if i == 0 && math.IsInf(h.Buckets[0], -1) { - start = end - } - if i == len(h.Counts)-1 && math.IsInf(h.Buckets[len(h.Buckets)-1], 1) { - end = start - } - if start == end && math.IsInf(start, 0) { - // All buckets are empty, return early - return samples - } - - if count == 0 { - // Don't submit empty buckets - continue - } - - sample := distributionSample{ - Value: (start + end) / 2, - Rate: 1 / float64(count), - } - samples = append(samples, sample) - } - return samples -} - -func statsFromHist(h *metrics.Float64Histogram) *histogramStats { - p := percentiles(h, []float64{0, 0.5, 0.95, 0.99, 1}) - return &histogramStats{ - Avg: avg(h), - Min: p[0], - Median: p[1], - P95: p[2], - P99: p[3], - Max: p[4], - } -} - -// Return the difference between both histograms, and whether -// the two histograms are equal -// We assume a and b always have the same lengths for `Counts` and -// `Buckets` slices which is guaranteed by the runtime/metrics -// package: https://go.dev/src/runtime/metrics/histogram.go -func sub(a, b *metrics.Float64Histogram) (*metrics.Float64Histogram, bool) { - equal := true - res := &metrics.Float64Histogram{ - Counts: make([]uint64, len(a.Counts)), - Buckets: make([]float64, len(a.Buckets)), - } - copy(res.Buckets, a.Buckets) - for i := range res.Counts { - count := a.Counts[i] - b.Counts[i] - res.Counts[i] = count - if equal && count != 0 { - equal = false - } - } - return res, equal -} - -func avg(h *metrics.Float64Histogram) float64 { - var total float64 - var cumulative float64 - for i, count := range h.Counts { - start, end := h.Buckets[i], h.Buckets[i+1] - // Handle edge cases where start or end of buckets could be infinity - if i == 0 && math.IsInf(h.Buckets[0], -1) { - start = end - } - if i == len(h.Counts)-1 && math.IsInf(h.Buckets[len(h.Buckets)-1], 1) { - end = start - } - if start == end && math.IsInf(start, 0) { - return 0 - } - cumulative += float64(count) * (float64(start+end) / 2) - total += float64(count) - } - if total == 0 { - return 0 - } - return cumulative / total -} - -// This function takes a runtime/metrics histogram, and a slice of all -// percentiles to compute for that histogram. It computes all percentiles -// in a single pass and returns the results which is more efficient than -// computing each percentile separately. -func percentiles(h *metrics.Float64Histogram, pInput []float64) []float64 { - p := make([]float64, len(pInput)) - copy(p, pInput) - sort.Float64s(p) - - if p[0] < 0.0 || p[len(p)-1] > 1.0 { - panic("percentiles is invoked with a <0 or >1 percentile") - } - - results := make([]float64, len(p)) - - var total float64 // total count across all buckets - for i := range h.Counts { - total += float64(h.Counts[i]) - } - - var cumulative float64 // cumulative count of all buckets we've iterated through - var start, end float64 // start and end of current bucket - i := 0 // index of current bucket - j := 0 // index of the percentile we're currently calculating - - for j < len(p) && i < len(h.Counts) { - start, end = h.Buckets[i], h.Buckets[i+1] - // Avoid interpolating with Inf if our percentile lies in an edge bucket - if i == 0 && math.IsInf(h.Buckets[0], -1) { - start = end - } - if i == len(h.Counts)-1 && math.IsInf(h.Buckets[len(h.Buckets)-1], 1) { - end = start - } - - if start == end && math.IsInf(start, 0) { - return results - } - - // adds the counts of this bucket, to check whether the percentile is in this bucket - bucketCount := float64(h.Counts[i]) - cumulative += bucketCount - - // Skip empty buckets at the beginning of the histogram and as long as we still have - // percentiles to compute, check whether the target percentile falls in this bucket - for (cumulative > 0) && j < len(p) && (cumulative >= total*p[j]) { - // The target percentile is somewhere in the current bucket: [start, end] - // and corresponds to a count in: [cumulative-bucketCount, cumulative] - // We use linear interpolation to estimate the value of the percentile - // within the bucket. - // - // bucketCount - // <---------------------------------> - // percentileCount - // <-------------------> - // |....................@.............| - // ^ ^ ^ - // counts: cumulative-bucketCount | total*p[j] | cumulative - // | | - // buckets: start | percentile | end - // - percentileCount := total*p[j] - (cumulative - bucketCount) - results[j] = start + (end-start)*(percentileCount/bucketCount) // percentile - // we can have multiple percentiles fall in the same bucket, so we check if the - // next percentile falls in this bucket - j++ - } - i++ - } - - orderedResults := make([]float64, len(p)) - for i := range orderedResults { - orderedResults[i] = results[slices.Index(p, pInput[i])] - } - - return orderedResults -} diff --git a/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/runtime_metrics.go b/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/runtime_metrics.go deleted file mode 100644 index 5d9f9b9c..00000000 --- a/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/runtime_metrics.go +++ /dev/null @@ -1,306 +0,0 @@ -// Package runtimemetrics exports all runtime/metrics via statsd on a regular interval. -package runtimemetrics - -import ( - "errors" - "fmt" - "log/slog" - "math" - "regexp" - "runtime/metrics" - "strings" - "sync" - "time" -) - -// pollFrequency is the frequency at which we poll runtime/metrics and report -// them to statsd. The statsd client aggregates this data, usually over a 2s -// window [1], and so does the agent, usually over a 10s window [2]. -// -// Our goal is to submit one data point per aggregation window, using the -// CountWithTimestamp / GaugeWithTimestamp APIs for submitting precisely aligned -// metrics, to enable comparing them with one another. -// -// [1] https://github.com/DataDog/datadog-go/blob/e612112c8bb396b33ad5d9edd645d289b07d0e40/statsd/options.go/#L23 -// [2] https://docs.datadoghq.com/developers/dogstatsd/data_aggregation/#how-is-aggregation-performed-with-the-dogstatsd-server -var pollFrequency = 10 * time.Second - -var unknownMetricLogOnce, unsupportedKindLogOnce sync.Once - -// mu protects the variables below -var mu sync.Mutex -var enabled bool - -// NOTE: The Start method below is intentionally minimal for now. We probably want to think about -// this API a bit more before we publish it in dd-trace-go. I.e. do we want to make the -// pollFrequency configurable (higher resolution at the cost of higher overhead on the agent and -// statsd library)? Do we want to support multiple instances? We probably also want a (flushing?) -// stop method. - -// Start starts reporting runtime/metrics to the given statsd client. -func Start(statsd partialStatsdClientInterface, logger *slog.Logger) error { - mu.Lock() - defer mu.Unlock() - - if enabled { - // We could support multiple instances, but the use cases for it are not - // clear, so for now let's consider this to be a misconfiguration. - return errors.New("runtimemetrics has already been started") - } - - descs := metrics.All() - rms := newRuntimeMetricStore(descs, statsd, logger) - // TODO: Go services experiencing high scheduling latency might see a - // large variance for the period in between rms.report calls. This might - // cause spikes in cumulative metric reporting. Should we try to correct - // for this by measuring the actual reporting time delta and - // extrapolating our numbers? - // - // Another challenge is that some metrics only update after GC mark - // termination, see [1][2]. This means that it's likely that the rate of - // submission for those metrics will be dependant on the service's workload - // and GC configuration. - // - // [1] https://github.com/golang/go/blob/go1.21.3/src/runtime/mstats.go#L939 - // [2] https://github.com/golang/go/issues/59749 - go func() { - for range time.Tick(pollFrequency) { - rms.report() - } - }() - enabled = true - return nil -} - -type runtimeMetric struct { - ddMetricName string - cumulative bool - - currentValue metrics.Value - previousValue metrics.Value - timestamp time.Time -} - -// the map key is the name of the metric in runtime/metrics -type runtimeMetricStore struct { - metrics map[string]*runtimeMetric - statsd partialStatsdClientInterface - logger *slog.Logger - baseTags []string -} - -// partialStatsdClientInterface is the subset of statsd.ClientInterface that is -// used by this package. -type partialStatsdClientInterface interface { - // Rate is used in the datadog-go statsd library to sample to values sent, - // we should always submit a rate >=1 to ensure our submissions are not sampled. - // The rate is forwarded to the agent but then discarded for gauge metrics. - GaugeWithTimestamp(name string, value float64, tags []string, rate float64, timestamp time.Time) error - CountWithTimestamp(name string, value int64, tags []string, rate float64, timestamp time.Time) error - DistributionSamples(name string, values []float64, tags []string, rate float64) error -} - -func newRuntimeMetricStore(descs []metrics.Description, statsdClient partialStatsdClientInterface, logger *slog.Logger) runtimeMetricStore { - rms := runtimeMetricStore{ - metrics: map[string]*runtimeMetric{}, - statsd: statsdClient, - logger: logger, - baseTags: getBaseTags(), - } - - for _, d := range descs { - cumulative := d.Cumulative - - // /sched/latencies:seconds is incorrectly set as non-cumulative, - // fixed by https://go-review.googlesource.com/c/go/+/486755 - // TODO: Use a build tag to apply this logic to Go versions < 1.20. - if d.Name == "/sched/latencies:seconds" { - cumulative = true - } - - ddMetricName, err := datadogMetricName(d.Name) - if err != nil { - rms.logger.Warn("runtimemetrics: not reporting one of the runtime metrics", slog.Attr{Key: "error", Value: slog.StringValue(err.Error())}) - continue - } - - rms.metrics[d.Name] = &runtimeMetric{ - ddMetricName: ddMetricName, - cumulative: cumulative, - } - } - - rms.update() - - return rms -} - -func (rms runtimeMetricStore) update() { - // TODO: Reuse this slice to avoid allocations? Note: I don't see these - // allocs show up in profiling. - samples := make([]metrics.Sample, len(rms.metrics)) - i := 0 - // NOTE: Map iteration in Go is randomized, so we end up randomizing the - // samples slice. In theory this should not impact correctness, but it's - // worth keeping in mind in case problems are observed in the future. - for name := range rms.metrics { - samples[i].Name = name - i++ - } - metrics.Read(samples) - timestamp := time.Now() - for _, s := range samples { - runtimeMetric := rms.metrics[s.Name] - - runtimeMetric.previousValue = runtimeMetric.currentValue - runtimeMetric.currentValue = s.Value - runtimeMetric.timestamp = timestamp - } -} - -func (rms runtimeMetricStore) report() { - rms.update() - samples := []distributionSample{} - - for name, rm := range rms.metrics { - switch rm.currentValue.Kind() { - case metrics.KindUint64: - v := rm.currentValue.Uint64() - // if the value didn't change between two reporting - // cycles, don't submit anything. this avoids having - // inaccurate drops to zero - // we submit 0 values to be able to distinguish between - // cases where the metric was never reported as opposed - // to the metric always being equal to zero - if rm.cumulative && v != 0 && v == rm.previousValue.Uint64() { - continue - } - - // Some of the Uint64 metrics are actually calculated as a difference by the Go runtime: v = uint64(x - y) - // - // Notably, this means that if x < y, then v will be roughly MaxUint64 (minus epsilon). - // This then shows up as '16 EiB' in Datadog graphs, because MaxUint64 bytes = 2^64 = 2^(4 + 10x6) = 2^4 x (2^10)^6 = 16 x 1024^6 = 16 EiB. - // - // This is known to happen with the '/memory/classes/heap/unused:bytes' metric: https://github.com/golang/go/blob/go1.22.1/src/runtime/metrics.go#L364 - // Until this bug is fixed, we log the problematic value and skip submitting that point to avoid spurious spikes in graphs. - if v > math.MaxUint64/2 { - tags := make([]string, 0, len(rms.baseTags)+1) - tags = append(tags, rms.baseTags...) - tags = append(tags, "metric_name:"+rm.ddMetricName) - rms.statsd.CountWithTimestamp("runtime.go.metrics.skipped_values", 1, tags, 1, rm.timestamp) - - // Some metrics are ~sort of expected to report this high value (e.g. - // "runtime.go.metrics.gc_gogc.percent" will consistently report "MaxUint64 - 1" if - // GOGC is OFF). We only want to log the full heap stats for the not-so-expected - // case of "heap unused bytes". - if name == "/memory/classes/heap/unused:bytes" { - logAttrs := []any{ - slog.Attr{Key: "metric_name", Value: slog.StringValue(rm.ddMetricName)}, - slog.Attr{Key: "timestamp", Value: slog.TimeValue(rm.timestamp)}, - slog.Attr{Key: "uint64(x-y)", Value: slog.Uint64Value(v)}, - slog.Attr{ - // If v is very close to MaxUint64, it will be hard to read "how negative was x-y", so we compute it here for convenience: - Key: "int64(x-y)", - Value: slog.Int64Value(-int64(math.MaxUint64 - v + 1)), // the '+1' is necessary because if int64(x-y)=-1, then uint64(x-y)=MaxUint64 - }, - } - - // Append all Uint64 values for maximum observability - for name, rm := range rms.metrics { - if rm.currentValue.Kind() == metrics.KindUint64 { - logAttrs = append(logAttrs, slog.Attr{Key: name, Value: slog.Uint64Value(rm.currentValue.Uint64())}) - } - } - - rms.logger.Warn("runtimemetrics: skipped submission of absurd value", logAttrs...) - } - continue - } - - rms.statsd.GaugeWithTimestamp(rm.ddMetricName, float64(v), rms.baseTags, 1, rm.timestamp) - case metrics.KindFloat64: - v := rm.currentValue.Float64() - // if the value didn't change between two reporting - // cycles, don't submit anything. this avoids having - // inaccurate drops to zero - // we submit 0 values to be able to distinguish between - // cases where the metric was never reported as opposed - // to the metric always being equal to zero - if rm.cumulative && v != 0 && v == rm.previousValue.Float64() { - continue - } - rms.statsd.GaugeWithTimestamp(rm.ddMetricName, v, rms.baseTags, 1, rm.timestamp) - case metrics.KindFloat64Histogram: - v := rm.currentValue.Float64Histogram() - var equal bool - if rm.cumulative { - // Note: This branch should ALWAYS be taken as of go1.21. - v, equal = sub(v, rm.previousValue.Float64Histogram()) - // if the histogram didn't change between two reporting - // cycles, don't submit anything. this avoids having - // inaccurate drops to zero for percentile metrics - if equal { - continue - } - } - - samples = samples[:0] - distSamples := distributionSamplesFromHist(v, samples) - values := make([]float64, len(distSamples)) - for i, ds := range distSamples { - values[i] = ds.Value - rms.statsd.DistributionSamples(rm.ddMetricName, values[i:i+1], rms.baseTags, ds.Rate) - } - - stats := statsFromHist(v) - // TODO: Could/should we use datadog distribution metrics for this? - rms.statsd.GaugeWithTimestamp(rm.ddMetricName+".avg", stats.Avg, rms.baseTags, 1, rm.timestamp) - rms.statsd.GaugeWithTimestamp(rm.ddMetricName+".min", stats.Min, rms.baseTags, 1, rm.timestamp) - rms.statsd.GaugeWithTimestamp(rm.ddMetricName+".max", stats.Max, rms.baseTags, 1, rm.timestamp) - rms.statsd.GaugeWithTimestamp(rm.ddMetricName+".median", stats.Median, rms.baseTags, 1, rm.timestamp) - rms.statsd.GaugeWithTimestamp(rm.ddMetricName+".p95", stats.P95, rms.baseTags, 1, rm.timestamp) - rms.statsd.GaugeWithTimestamp(rm.ddMetricName+".p99", stats.P99, rms.baseTags, 1, rm.timestamp) - case metrics.KindBad: - // This should never happen because all metrics are supported - // by construction. - unknownMetricLogOnce.Do(func() { - rms.logger.Error("runtimemetrics: encountered an unknown metric, this should never happen and might indicate a bug", slog.Attr{Key: "metric_name", Value: slog.StringValue(name)}) - }) - default: - // This may happen as new metric kinds get added. - // - // The safest thing to do here is to simply log it somewhere once - // as something to look into, but ignore it for now. - unsupportedKindLogOnce.Do(func() { - rms.logger.Error("runtimemetrics: unsupported metric kind, support for that kind should be added in pkg/runtimemetrics", - slog.Attr{Key: "metric_name", Value: slog.StringValue(name)}, - slog.Attr{Key: "kind", Value: slog.AnyValue(rm.currentValue.Kind())}, - ) - }) - } - } -} - -// regex extracted from https://cs.opensource.google/go/go/+/refs/tags/go1.20.3:src/runtime/metrics/description.go;l=13 -var runtimeMetricRegex = regexp.MustCompile("^(?P/[^:]+):(?P[^:*/]+(?:[*/][^:*/]+)*)$") - -// see https://docs.datadoghq.com/metrics/custom_metrics/#naming-custom-metrics -var datadogMetricRegex = regexp.MustCompile(`[^a-zA-Z0-9\._]`) - -func datadogMetricName(runtimeName string) (string, error) { - m := runtimeMetricRegex.FindStringSubmatch(runtimeName) - - if len(m) != 3 { - return "", fmt.Errorf("failed to parse metric name for metric %s", runtimeName) - } - - // strip leading "/" - metricPath := strings.TrimPrefix(m[1], "/") - metricUnit := m[2] - - name := datadogMetricRegex.ReplaceAllString(metricPath+"."+metricUnit, "_") - - // Note: This prefix is special. Don't change it without consulting the - // runtime/metrics squad. - return "runtime.go.metrics." + name, nil -} diff --git a/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/tags.go b/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/tags.go deleted file mode 100644 index 1d7c3ed8..00000000 --- a/vendor/github.com/DataDog/go-runtime-metrics-internal/pkg/runtimemetrics/tags.go +++ /dev/null @@ -1,69 +0,0 @@ -package runtimemetrics - -import ( - "fmt" - "math" - "runtime/metrics" -) - -const gogcMetricName = "/gc/gogc:percent" -const gomemlimitMetricName = "/gc/gomemlimit:bytes" -const gomaxProcsMetricName = "/sched/gomaxprocs:threads" - -func getBaseTags() []string { - samples := []metrics.Sample{ - {Name: gogcMetricName}, - {Name: gomemlimitMetricName}, - {Name: gomaxProcsMetricName}, - } - - baseTags := make([]string, 0, len(samples)) - - metrics.Read(samples) - - for _, s := range samples { - switch s.Name { - case gogcMetricName: - gogc := s.Value.Uint64() - var goGCTagValue string - if gogc == math.MaxUint64 { - goGCTagValue = "off" - } else { - goGCTagValue = fmt.Sprintf("%d", gogc) - } - baseTags = append(baseTags, fmt.Sprintf("gogc:%s", goGCTagValue)) - case gomemlimitMetricName: - gomemlimit := s.Value.Uint64() - var goMemLimitTagValue string - if gomemlimit == math.MaxInt64 { - goMemLimitTagValue = "unlimited" - } else { - // Convert GOMEMLIMIT to a human-readable string with the right byte unit - goMemLimitTagValue = formatByteSize(gomemlimit) - } - baseTags = append(baseTags, fmt.Sprintf("gomemlimit:%s", goMemLimitTagValue)) - case gomaxProcsMetricName: - gomaxprocs := s.Value.Uint64() - baseTags = append(baseTags, fmt.Sprintf("gomaxprocs:%d", gomaxprocs)) - } - } - - return baseTags -} - -// Function to format byte size with the right unit -func formatByteSize(bytes uint64) string { - const ( - unit = 1024 - format = "%.0f %sB" - ) - if bytes < unit { - return fmt.Sprintf(format, float64(bytes), "") - } - div, exp := int64(unit), 0 - for n := bytes / unit; n >= unit; n /= unit { - div *= unit - exp++ - } - return fmt.Sprintf(format, float64(bytes)/float64(div), string("KMGTPE"[exp])+"i") -} diff --git a/vendor/github.com/DataDog/go-sqllexer/.gitignore b/vendor/github.com/DataDog/go-sqllexer/.gitignore deleted file mode 100644 index 3b735ec4..00000000 --- a/vendor/github.com/DataDog/go-sqllexer/.gitignore +++ /dev/null @@ -1,21 +0,0 @@ -# If you prefer the allow list template instead of the deny list, see community template: -# https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore -# -# Binaries for programs and plugins -*.exe -*.exe~ -*.dll -*.so -*.dylib - -# Test binary, built with `go test -c` -*.test - -# Output of the go coverage tool, specifically when used with LiteIDE -*.out - -# Dependency directories (remove the comment below to include it) -# vendor/ - -# Go workspace file -go.work diff --git a/vendor/github.com/DataDog/go-sqllexer/LICENSE b/vendor/github.com/DataDog/go-sqllexer/LICENSE deleted file mode 100644 index fec91553..00000000 --- a/vendor/github.com/DataDog/go-sqllexer/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2023 Datadog, Inc. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file diff --git a/vendor/github.com/DataDog/go-sqllexer/README.md b/vendor/github.com/DataDog/go-sqllexer/README.md deleted file mode 100644 index 95a8d6bf..00000000 --- a/vendor/github.com/DataDog/go-sqllexer/README.md +++ /dev/null @@ -1,90 +0,0 @@ -# go-sqllexer - -This repository contains a hand written SQL Lexer that tokenizes SQL queries with a focus on obfuscating and normalization. The lexer is written in Go with no external dependencies. -**Note** This is NOT a SQL parser, it only tokenizes SQL queries. - -## Features - -- :rocket: Fast and lightweight tokenization (not regex based) -- :lock: Obfuscates sensitive data (e.g. numbers, strings, specific literals like dollar quoted strings in Postgres, etc.) -- :book: Even works with truncated queries -- :globe_with_meridians: UTF-8 support -- :wrench: Normalizes obfuscated queries - -## Installation - -```bash -go get github.com/DataDog/go-sqllexer -``` - -## Usage - -### Tokenize - -```go -import "github.com/DataDog/go-sqllexer" - -func main() { - query := "SELECT * FROM users WHERE id = 1" - lexer := sqllexer.New(query) - tokens := lexer.ScanAll() - for _, token := range tokens { - fmt.Println(token) - } -} -``` - -### Obfuscate - -```go -import ( - "fmt" - "github.com/DataDog/go-sqllexer" -) - -func main() { - query := "SELECT * FROM users WHERE id = 1" - obfuscator := sqllexer.NewObfuscator() - obfuscated := obfuscator.Obfuscate(query) - // "SELECT * FROM users WHERE id = ?" - fmt.Println(obfuscated) -} -``` - -### Normalize - -```go -import ( - "fmt" - "github.com/DataDog/go-sqllexer" -) - -func main() { - query := "SELECT * FROM users WHERE id in (?, ?)" - normalizer := sqllexer.NewNormalizer( - WithCollectComments(true), - WithCollectCommands(true), - WithCollectTables(true), - WithKeepSQLAlias(false), - ) - normalized, statementMetadata, err := normalizer.Normalize(query) - // "SELECT * FROM users WHERE id in (?)" - fmt.Println(normalized) -} -``` - -## Testing - -```bash -go test -v ./... -``` - -## Benchmarks - -```bash -go test -bench=. -benchmem ./... -``` - -## License - -[MIT License](LICENSE) diff --git a/vendor/github.com/DataDog/go-sqllexer/normalizer.go b/vendor/github.com/DataDog/go-sqllexer/normalizer.go deleted file mode 100644 index aa557026..00000000 --- a/vendor/github.com/DataDog/go-sqllexer/normalizer.go +++ /dev/null @@ -1,350 +0,0 @@ -package sqllexer - -import ( - "strings" -) - -type normalizerConfig struct { - // CollectTables specifies whether the normalizer should also extract the table names that a query addresses - CollectTables bool `json:"collect_tables"` - - // CollectCommands specifies whether the normalizer should extract and return commands as SQL metadata - CollectCommands bool `json:"collect_commands"` - - // CollectComments specifies whether the normalizer should extract and return comments as SQL metadata - CollectComments bool `json:"collect_comments"` - - // CollectProcedure specifies whether the normalizer should extract and return procedure name as SQL metadata - CollectProcedure bool `json:"collect_procedure"` - - // KeepSQLAlias specifies whether SQL aliases ("AS") should be truncated. - KeepSQLAlias bool `json:"keep_sql_alias"` - - // UppercaseKeywords specifies whether SQL keywords should be uppercased. - UppercaseKeywords bool `json:"uppercase_keywords"` - - // RemoveSpaceBetweenParentheses specifies whether spaces should be kept between parentheses. - // Spaces are inserted between parentheses by default. but this can be disabled by setting this to true. - RemoveSpaceBetweenParentheses bool `json:"remove_space_between_parentheses"` - - // KeepTrailingSemicolon specifies whether the normalizer should keep the trailing semicolon. - // The trailing semicolon is removed by default, but this can be disabled by setting this to true. - // PL/SQL requires a trailing semicolon, so this should be set to true when normalizing PL/SQL. - KeepTrailingSemicolon bool `json:"keep_trailing_semicolon"` - - // KeepIdentifierQuotation specifies whether the normalizer should keep the quotation of identifiers. - KeepIdentifierQuotation bool `json:"keep_identifier_quotation"` -} - -type normalizerOption func(*normalizerConfig) - -func WithCollectTables(collectTables bool) normalizerOption { - return func(c *normalizerConfig) { - c.CollectTables = collectTables - } -} - -func WithCollectCommands(collectCommands bool) normalizerOption { - return func(c *normalizerConfig) { - c.CollectCommands = collectCommands - } -} - -func WithCollectComments(collectComments bool) normalizerOption { - return func(c *normalizerConfig) { - c.CollectComments = collectComments - } -} - -func WithKeepSQLAlias(keepSQLAlias bool) normalizerOption { - return func(c *normalizerConfig) { - c.KeepSQLAlias = keepSQLAlias - } -} - -func WithUppercaseKeywords(uppercaseKeywords bool) normalizerOption { - return func(c *normalizerConfig) { - c.UppercaseKeywords = uppercaseKeywords - } -} - -func WithCollectProcedures(collectProcedure bool) normalizerOption { - return func(c *normalizerConfig) { - c.CollectProcedure = collectProcedure - } -} - -func WithRemoveSpaceBetweenParentheses(removeSpaceBetweenParentheses bool) normalizerOption { - return func(c *normalizerConfig) { - c.RemoveSpaceBetweenParentheses = removeSpaceBetweenParentheses - } -} - -func WithKeepTrailingSemicolon(keepTrailingSemicolon bool) normalizerOption { - return func(c *normalizerConfig) { - c.KeepTrailingSemicolon = keepTrailingSemicolon - } -} - -func WithKeepIdentifierQuotation(keepIdentifierQuotation bool) normalizerOption { - return func(c *normalizerConfig) { - c.KeepIdentifierQuotation = keepIdentifierQuotation - } -} - -type StatementMetadata struct { - Size int `json:"size"` - Tables []string `json:"tables"` - Comments []string `json:"comments"` - Commands []string `json:"commands"` - Procedures []string `json:"procedures"` -} - -type groupablePlaceholder struct { - groupable bool -} - -type Normalizer struct { - config *normalizerConfig -} - -func NewNormalizer(opts ...normalizerOption) *Normalizer { - normalizer := Normalizer{ - config: &normalizerConfig{}, - } - - for _, opt := range opts { - opt(normalizer.config) - } - - return &normalizer -} - -// Normalize takes an input SQL string and returns a normalized SQL string, a StatementMetadata struct, and an error. -// The normalizer collapses input SQL into compact format, groups obfuscated values into single placeholder, -// and collects metadata such as table names, comments, and commands. -func (n *Normalizer) Normalize(input string, lexerOpts ...lexerOption) (normalizedSQL string, statementMetadata *StatementMetadata, err error) { - lexer := New( - input, - lexerOpts..., - ) - - var normalizedSQLBuilder strings.Builder - - statementMetadata = &StatementMetadata{ - Tables: []string{}, - Comments: []string{}, - Commands: []string{}, - Procedures: []string{}, - } - - var lastToken Token // The last token that is not whitespace or comment - var groupablePlaceholder groupablePlaceholder - - ctes := make(map[string]bool) // Holds the CTEs that are currently being processed - - for { - token := lexer.Scan() - if token.Type == EOF { - break - } - n.collectMetadata(&token, &lastToken, statementMetadata, ctes) - n.normalizeSQL(&token, &lastToken, &normalizedSQLBuilder, &groupablePlaceholder, lexerOpts...) - } - - normalizedSQL = normalizedSQLBuilder.String() - - // Dedupe collected metadata - dedupeStatementMetadata(statementMetadata) - - return n.trimNormalizedSQL(normalizedSQL), statementMetadata, nil -} - -func (n *Normalizer) collectMetadata(token *Token, lastToken *Token, statementMetadata *StatementMetadata, ctes map[string]bool) { - if n.config.CollectComments && (token.Type == COMMENT || token.Type == MULTILINE_COMMENT) { - // Collect comments - statementMetadata.Comments = append(statementMetadata.Comments, token.Value) - } else if token.Type == IDENT || token.Type == QUOTED_IDENT || token.Type == FUNCTION { - tokenVal := token.Value - if token.Type == QUOTED_IDENT { - // We always want to trim the quotes for collected metadata such as table names - // This is because the metadata is used as tags, and we don't want them to be normalized as underscores later on - tokenVal = trimQuotes(tokenVal, tokenVal[0:1], tokenVal[len(tokenVal)-1:]) - if !n.config.KeepIdentifierQuotation { - token.Value = tokenVal - } - } - if n.config.CollectCommands && isCommand(strings.ToUpper(tokenVal)) { - // Collect commands - statementMetadata.Commands = append(statementMetadata.Commands, strings.ToUpper(tokenVal)) - } else if strings.ToUpper(lastToken.Value) == "WITH" && token.Type == IDENT { - // Collect CTEs so we can skip them later in table collection - ctes[tokenVal] = true - } else if n.config.CollectTables && isTableIndicator(strings.ToUpper(lastToken.Value)) && !isSQLKeyword(token) { - // Collect table names the token is not a CTE - if _, ok := ctes[tokenVal]; !ok { - statementMetadata.Tables = append(statementMetadata.Tables, tokenVal) - } - } else if n.config.CollectProcedure && isProcedure(lastToken) { - // Collect procedure names - statementMetadata.Procedures = append(statementMetadata.Procedures, tokenVal) - } - } -} - -func (n *Normalizer) normalizeSQL(token *Token, lastToken *Token, normalizedSQLBuilder *strings.Builder, groupablePlaceholder *groupablePlaceholder, lexerOpts ...lexerOption) { - if token.Type != WS && token.Type != COMMENT && token.Type != MULTILINE_COMMENT { - if token.Type == DOLLAR_QUOTED_FUNCTION && token.Value != StringPlaceholder { - // if the token is a dollar quoted function and it is not obfuscated, - // we need to recusively normalize the content of the dollar quoted function - quotedFunc := token.Value[6 : len(token.Value)-6] // remove the $func$ prefix and suffix - normalizedQuotedFunc, _, err := n.Normalize(quotedFunc, lexerOpts...) - if err == nil { - // replace the content of the dollar quoted function with the normalized content - // if there is an error, we just keep the original content - var normalizedDollarQuotedFunc strings.Builder - normalizedDollarQuotedFunc.WriteString("$func$") - normalizedDollarQuotedFunc.WriteString(normalizedQuotedFunc) - normalizedDollarQuotedFunc.WriteString("$func$") - token.Value = normalizedDollarQuotedFunc.String() - } - } - - if !n.config.KeepSQLAlias { - // discard SQL alias - if strings.ToUpper(token.Value) == "AS" { - // if current token is AS, then continue to next token - // because without seeing the next token, we cannot - // determine if the current token is an alias or not - *lastToken = *token - return - } - - if strings.ToUpper(lastToken.Value) == "AS" { - if token.Type == IDENT && !isSQLKeyword(token) { - // if the last token is AS and the current token is IDENT, - // then the current token is an alias, so we discard it - *lastToken = *token - return - } else { - // if the last token is AS and the current token is not IDENT, - // this could be a CTE like WITH ... AS (...), - // so we do not discard the current token - n.appendWhitespace(lastToken, token, normalizedSQLBuilder) - n.writeToken(lastToken, normalizedSQLBuilder) - } - } - } - - // group consecutive obfuscated values into single placeholder - if n.isObfuscatedValueGroupable(token, lastToken, groupablePlaceholder, normalizedSQLBuilder) { - // return the token but not write it to the normalizedSQLBuilder - *lastToken = *token - return - } - - // determine if we should add a whitespace - n.appendWhitespace(lastToken, token, normalizedSQLBuilder) - n.writeToken(token, normalizedSQLBuilder) - - *lastToken = *token - } -} - -func (n *Normalizer) writeToken(token *Token, normalizedSQLBuilder *strings.Builder) { - if n.config.UppercaseKeywords && isSQLKeyword(token) { - normalizedSQLBuilder.WriteString(strings.ToUpper(token.Value)) - } else { - normalizedSQLBuilder.WriteString(token.Value) - } -} - -func (n *Normalizer) isObfuscatedValueGroupable(token *Token, lastToken *Token, groupablePlaceholder *groupablePlaceholder, normalizedSQLBuilder *strings.Builder) bool { - if token.Value == NumberPlaceholder || token.Value == StringPlaceholder { - if lastToken.Value == "(" || lastToken.Value == "[" { - // if the last token is "(" or "[", and the current token is a placeholder, - // we know it's the start of groupable placeholders - // we don't return here because we still need to write the first placeholder - groupablePlaceholder.groupable = true - } else if lastToken.Value == "," && groupablePlaceholder.groupable { - return true - } - } - - if (lastToken.Value == NumberPlaceholder || lastToken.Value == StringPlaceholder) && token.Value == "," && groupablePlaceholder.groupable { - return true - } - - if groupablePlaceholder.groupable && (token.Value == ")" || token.Value == "]") { - // end of groupable placeholders - groupablePlaceholder.groupable = false - return false - } - - if groupablePlaceholder.groupable && token.Value != NumberPlaceholder && token.Value != StringPlaceholder && lastToken.Value == "," { - // This is a tricky edge case. If we are inside a groupbale block, and the current token is not a placeholder, - // we not only want to write the current token to the normalizedSQLBuilder, but also write the last comma that we skipped. - // For example, (?, ARRAY[?, ?, ?]) should be normalized as (?, ARRAY[?]) - normalizedSQLBuilder.WriteString(lastToken.Value) - return false - } - - return false -} - -func (n *Normalizer) appendWhitespace(lastToken *Token, token *Token, normalizedSQLBuilder *strings.Builder) { - // do not add a space between parentheses if RemoveSpaceBetweenParentheses is true - if n.config.RemoveSpaceBetweenParentheses && (lastToken.Type == FUNCTION || lastToken.Value == "(" || lastToken.Value == "[") { - return - } - - if n.config.RemoveSpaceBetweenParentheses && (token.Value == ")" || token.Value == "]") { - return - } - - switch token.Value { - case ",": - case ";": - case "=": - if lastToken.Value == ":" { - // do not add a space before an equals if a colon was - // present before it. - break - } - fallthrough - default: - normalizedSQLBuilder.WriteString(" ") - } -} - -func (n *Normalizer) trimNormalizedSQL(normalizedSQL string) string { - if !n.config.KeepTrailingSemicolon { - // Remove trailing semicolon - normalizedSQL = strings.TrimSuffix(normalizedSQL, ";") - } - return strings.TrimSpace(normalizedSQL) -} - -func dedupeCollectedMetadata(metadata []string) (dedupedMetadata []string, size int) { - // Dedupe collected metadata - // e.g. [SELECT, JOIN, SELECT, JOIN] -> [SELECT, JOIN] - dedupedMetadata = []string{} - var metadataSeen = make(map[string]struct{}) - for _, m := range metadata { - if _, seen := metadataSeen[m]; !seen { - metadataSeen[m] = struct{}{} - dedupedMetadata = append(dedupedMetadata, m) - size += len(m) - } - } - return dedupedMetadata, size -} - -func dedupeStatementMetadata(info *StatementMetadata) { - var tablesSize, commentsSize, commandsSize, procedureSize int - info.Tables, tablesSize = dedupeCollectedMetadata(info.Tables) - info.Comments, commentsSize = dedupeCollectedMetadata(info.Comments) - info.Commands, commandsSize = dedupeCollectedMetadata(info.Commands) - info.Procedures, procedureSize = dedupeCollectedMetadata(info.Procedures) - info.Size += tablesSize + commentsSize + commandsSize + procedureSize -} diff --git a/vendor/github.com/DataDog/go-sqllexer/obfuscate_and_normalize.go b/vendor/github.com/DataDog/go-sqllexer/obfuscate_and_normalize.go deleted file mode 100644 index bf60c020..00000000 --- a/vendor/github.com/DataDog/go-sqllexer/obfuscate_and_normalize.go +++ /dev/null @@ -1,43 +0,0 @@ -package sqllexer - -import "strings" - -// ObfuscateAndNormalize takes an input SQL string and returns an normalized SQL string with metadata -// This function is a convenience function that combines the Obfuscator and Normalizer in one pass -func ObfuscateAndNormalize(input string, obfuscator *Obfuscator, normalizer *Normalizer, lexerOpts ...lexerOption) (normalizedSQL string, statementMetadata *StatementMetadata, err error) { - lexer := New( - input, - lexerOpts..., - ) - - var normalizedSQLBuilder strings.Builder - - statementMetadata = &StatementMetadata{ - Tables: []string{}, - Comments: []string{}, - Commands: []string{}, - Procedures: []string{}, - } - - var lastToken Token // The last token that is not whitespace or comment - var groupablePlaceholder groupablePlaceholder - - ctes := make(map[string]bool) // Holds the CTEs that are currently being processed - - for { - token := lexer.Scan() - if token.Type == EOF { - break - } - token.Value = obfuscator.ObfuscateTokenValue(token, lexerOpts...) - normalizer.collectMetadata(&token, &lastToken, statementMetadata, ctes) - normalizer.normalizeSQL(&token, &lastToken, &normalizedSQLBuilder, &groupablePlaceholder, lexerOpts...) - } - - normalizedSQL = normalizedSQLBuilder.String() - - // Dedupe collected metadata - dedupeStatementMetadata(statementMetadata) - - return normalizer.trimNormalizedSQL(normalizedSQL), statementMetadata, nil -} diff --git a/vendor/github.com/DataDog/go-sqllexer/obfuscator.go b/vendor/github.com/DataDog/go-sqllexer/obfuscator.go deleted file mode 100644 index ae2d464d..00000000 --- a/vendor/github.com/DataDog/go-sqllexer/obfuscator.go +++ /dev/null @@ -1,128 +0,0 @@ -package sqllexer - -import ( - "strings" -) - -type obfuscatorConfig struct { - DollarQuotedFunc bool `json:"dollar_quoted_func"` - ReplaceDigits bool `json:"replace_digits"` - ReplacePositionalParameter bool `json:"replace_positional_parameter"` - ReplaceBoolean bool `json:"replace_boolean"` - ReplaceNull bool `json:"replace_null"` -} - -type obfuscatorOption func(*obfuscatorConfig) - -func WithReplaceDigits(replaceDigits bool) obfuscatorOption { - return func(c *obfuscatorConfig) { - c.ReplaceDigits = replaceDigits - } -} - -func WithReplacePositionalParameter(replacePositionalParameter bool) obfuscatorOption { - return func(c *obfuscatorConfig) { - c.ReplacePositionalParameter = replacePositionalParameter - } -} - -func WithReplaceBoolean(replaceBoolean bool) obfuscatorOption { - return func(c *obfuscatorConfig) { - c.ReplaceBoolean = replaceBoolean - } -} - -func WithReplaceNull(replaceNull bool) obfuscatorOption { - return func(c *obfuscatorConfig) { - c.ReplaceNull = replaceNull - } -} - -func WithDollarQuotedFunc(dollarQuotedFunc bool) obfuscatorOption { - return func(c *obfuscatorConfig) { - c.DollarQuotedFunc = dollarQuotedFunc - } -} - -type Obfuscator struct { - config *obfuscatorConfig -} - -func NewObfuscator(opts ...obfuscatorOption) *Obfuscator { - obfuscator := &Obfuscator{ - config: &obfuscatorConfig{}, - } - - for _, opt := range opts { - opt(obfuscator.config) - } - - return obfuscator -} - -const ( - StringPlaceholder = "?" - NumberPlaceholder = "?" -) - -// Obfuscate takes an input SQL string and returns an obfuscated SQL string. -// The obfuscator replaces all literal values with a single placeholder -func (o *Obfuscator) Obfuscate(input string, lexerOpts ...lexerOption) string { - var obfuscatedSQL strings.Builder - - lexer := New( - input, - lexerOpts..., - ) - for { - token := lexer.Scan() - if token.Type == EOF { - break - } - obfuscatedSQL.WriteString(o.ObfuscateTokenValue(token, lexerOpts...)) - } - - return strings.TrimSpace(obfuscatedSQL.String()) -} - -func (o *Obfuscator) ObfuscateTokenValue(token Token, lexerOpts ...lexerOption) string { - switch token.Type { - case NUMBER: - return NumberPlaceholder - case DOLLAR_QUOTED_FUNCTION: - if o.config.DollarQuotedFunc { - // obfuscate the content of dollar quoted function - quotedFunc := token.Value[6 : len(token.Value)-6] // remove the $func$ prefix and suffix - var obfuscatedDollarQuotedFunc strings.Builder - obfuscatedDollarQuotedFunc.WriteString("$func$") - obfuscatedDollarQuotedFunc.WriteString(o.Obfuscate(quotedFunc, lexerOpts...)) - obfuscatedDollarQuotedFunc.WriteString("$func$") - return obfuscatedDollarQuotedFunc.String() - } else { - return StringPlaceholder - } - case STRING, INCOMPLETE_STRING, DOLLAR_QUOTED_STRING: - return StringPlaceholder - case POSITIONAL_PARAMETER: - if o.config.ReplacePositionalParameter { - return StringPlaceholder - } else { - return token.Value - } - case IDENT, QUOTED_IDENT: - if o.config.ReplaceBoolean && isBoolean(token.Value) { - return StringPlaceholder - } - if o.config.ReplaceNull && isNull(token.Value) { - return StringPlaceholder - } - - if o.config.ReplaceDigits { - return replaceDigits(token.Value, NumberPlaceholder) - } else { - return token.Value - } - default: - return token.Value - } -} diff --git a/vendor/github.com/DataDog/go-sqllexer/sqllexer.go b/vendor/github.com/DataDog/go-sqllexer/sqllexer.go deleted file mode 100644 index f092622b..00000000 --- a/vendor/github.com/DataDog/go-sqllexer/sqllexer.go +++ /dev/null @@ -1,485 +0,0 @@ -package sqllexer - -import "unicode/utf8" - -type TokenType int - -const ( - ERROR TokenType = iota - EOF - WS // whitespace - STRING // string literal - INCOMPLETE_STRING // incomplete string literal so that we can obfuscate it, e.g. 'abc - NUMBER // number literal - IDENT // identifier - QUOTED_IDENT // quoted identifier - OPERATOR // operator - WILDCARD // wildcard * - COMMENT // comment - MULTILINE_COMMENT // multiline comment - PUNCTUATION // punctuation - DOLLAR_QUOTED_FUNCTION // dollar quoted function - DOLLAR_QUOTED_STRING // dollar quoted string - POSITIONAL_PARAMETER // numbered parameter - BIND_PARAMETER // bind parameter - FUNCTION // function - SYSTEM_VARIABLE // system variable - UNKNOWN // unknown token -) - -// Token represents a SQL token with its type and value. -type Token struct { - Type TokenType - Value string -} - -type LexerConfig struct { - DBMS DBMSType `json:"dbms,omitempty"` -} - -type lexerOption func(*LexerConfig) - -func WithDBMS(dbms DBMSType) lexerOption { - return func(c *LexerConfig) { - c.DBMS = dbms - } -} - -// SQL Lexer inspired from Rob Pike's talk on Lexical Scanning in Go -type Lexer struct { - src string // the input src string - cursor int // the current position of the cursor - start int // the start position of the current token - config *LexerConfig -} - -func New(input string, opts ...lexerOption) *Lexer { - lexer := &Lexer{src: input, config: &LexerConfig{}} - for _, opt := range opts { - opt(lexer.config) - } - return lexer -} - -// ScanAll scans the entire input string and returns a slice of tokens. -func (s *Lexer) ScanAll() []Token { - var tokens []Token - for { - token := s.Scan() - if token.Type == EOF { - // don't include EOF token in the result - break - } - tokens = append(tokens, token) - } - return tokens -} - -// ScanAllTokens scans the entire input string and returns a channel of tokens. -// Use this if you want to process the tokens as they are scanned. -func (s *Lexer) ScanAllTokens() <-chan Token { - tokenCh := make(chan Token) - - go func() { - defer close(tokenCh) - - for { - token := s.Scan() - if token.Type == EOF { - // don't include EOF token in the result - break - } - tokenCh <- token - } - }() - - return tokenCh -} - -// Scan scans the next token and returns it. -func (s *Lexer) Scan() Token { - ch := s.peek() - switch { - case isWhitespace(ch): - return s.scanWhitespace() - case isLetter(ch): - return s.scanIdentifier(ch) - case isDoubleQuote(ch): - return s.scanDoubleQuotedIdentifier('"') - case isSingleQuote(ch): - return s.scanString() - case isSingleLineComment(ch, s.lookAhead(1)): - return s.scanSingleLineComment() - case isMultiLineComment(ch, s.lookAhead(1)): - return s.scanMultiLineComment() - case isLeadingSign(ch): - // if the leading sign is followed by a digit, then it's a number - // although this is not strictly true, it's good enough for our purposes - nextCh := s.lookAhead(1) - if isDigit(nextCh) || nextCh == '.' { - return s.scanNumberWithLeadingSign() - } - return s.scanOperator(ch) - case isDigit(ch): - return s.scanNumber(ch) - case isWildcard(ch): - return s.scanWildcard() - case ch == '$': - if isDigit(s.lookAhead(1)) { - // if the dollar sign is followed by a digit, then it's a numbered parameter - return s.scanPositionalParameter() - } - if s.config.DBMS == DBMSSQLServer && isLetter(s.lookAhead(1)) { - return s.scanIdentifier(ch) - } - return s.scanDollarQuotedString() - case ch == ':': - if s.config.DBMS == DBMSOracle && isAlphaNumeric(s.lookAhead(1)) { - return s.scanBindParameter() - } - return s.scanOperator(ch) - case ch == '`': - if s.config.DBMS == DBMSMySQL { - return s.scanDoubleQuotedIdentifier('`') - } - fallthrough - case ch == '#': - if s.config.DBMS == DBMSSQLServer { - return s.scanIdentifier(ch) - } else if s.config.DBMS == DBMSMySQL { - // MySQL treats # as a comment - return s.scanSingleLineComment() - } - fallthrough - case ch == '@': - if isAlphaNumeric(s.lookAhead(1)) { - if s.config.DBMS == DBMSSnowflake { - return s.scanIdentifier(ch) - } - return s.scanBindParameter() - } else if s.lookAhead(1) == '@' { - return s.scanSystemVariable() - } - fallthrough - case isOperator(ch): - return s.scanOperator(ch) - case isPunctuation(ch): - if ch == '[' && s.config.DBMS == DBMSSQLServer { - return s.scanDoubleQuotedIdentifier('[') - } - return s.scanPunctuation() - case isEOF(ch): - return Token{EOF, ""} - default: - return s.scanUnknown() - } -} - -// lookAhead returns the rune n positions ahead of the cursor. -func (s *Lexer) lookAhead(n int) rune { - if s.cursor+n >= len(s.src) || s.cursor+n < 0 { - return 0 - } - r, _ := utf8.DecodeRuneInString(s.src[s.cursor+n:]) - return r -} - -// peek returns the rune at the cursor position. -func (s *Lexer) peek() rune { - return s.lookAhead(0) -} - -// nextBy advances the cursor by n positions and returns the rune at the cursor position. -func (s *Lexer) nextBy(n int) rune { - // advance the cursor by n and return the rune at the cursor position - if s.cursor+n > len(s.src) { - return 0 - } - s.cursor += n - if s.cursor >= len(s.src) { - return 0 - } - r, _ := utf8.DecodeRuneInString(s.src[s.cursor:]) - return r -} - -// next advances the cursor by 1 position and returns the rune at the cursor position. -func (s *Lexer) next() rune { - return s.nextBy(1) -} - -func (s *Lexer) matchAt(match []rune) bool { - if s.cursor+len(match) > len(s.src) { - return false - } - for i, ch := range match { - if s.src[s.cursor+i] != byte(ch) { - return false - } - } - return true -} - -func (s *Lexer) scanNumberWithLeadingSign() Token { - s.start = s.cursor - ch := s.next() // consume the leading sign - return s.scanNumberic(ch) -} - -func (s *Lexer) scanNumber(ch rune) Token { - s.start = s.cursor - return s.scanNumberic(ch) -} - -func (s *Lexer) scanNumberic(ch rune) Token { - if ch == '0' { - nextCh := s.lookAhead(1) - if nextCh == 'x' || nextCh == 'X' { - return s.scanHexNumber() - } else if nextCh >= '0' && nextCh <= '7' { - return s.scanOctalNumber() - } - } - - return s.scanDecimalNumber() -} - -func (s *Lexer) scanDecimalNumber() Token { - ch := s.next() - - // scan digits - for isDigit(ch) || ch == '.' || isExpontent(ch) { - if isExpontent(ch) { - ch = s.next() - if isLeadingSign(ch) { - ch = s.next() - } - } else { - ch = s.next() - } - } - return Token{NUMBER, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanHexNumber() Token { - ch := s.nextBy(2) // consume the leading 0x - - for isDigit(ch) || ('a' <= ch && ch <= 'f') || ('A' <= ch && ch <= 'F') { - ch = s.next() - } - return Token{NUMBER, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanOctalNumber() Token { - ch := s.nextBy(2) // consume the leading 0 and number - - for '0' <= ch && ch <= '7' { - ch = s.next() - } - return Token{NUMBER, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanString() Token { - s.start = s.cursor - ch := s.next() // consume the opening quote - escaped := false - - for { - if escaped { - // encountered an escape character - // reset the escaped flag and continue - escaped = false - ch = s.next() - continue - } - - if ch == '\\' { - escaped = true - ch = s.next() - continue - } - - if ch == '\'' { - s.next() // consume the closing quote - return Token{STRING, s.src[s.start:s.cursor]} - } - - if isEOF(ch) { - // encountered EOF before closing quote - // this usually happens when the string is truncated - return Token{INCOMPLETE_STRING, s.src[s.start:s.cursor]} - } - ch = s.next() - } -} - -func (s *Lexer) scanIdentifier(ch rune) Token { - // NOTE: this func does not distinguish between SQL keywords and identifiers - s.start = s.cursor - ch = s.nextBy(utf8.RuneLen(ch)) - for isLetter(ch) || isDigit(ch) || ch == '.' || ch == '?' || ch == '$' || ch == '#' || ch == '/' { - ch = s.nextBy(utf8.RuneLen(ch)) - } - if ch == '(' { - // if the identifier is followed by a (, then it's a function - return Token{FUNCTION, s.src[s.start:s.cursor]} - } - return Token{IDENT, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanDoubleQuotedIdentifier(delimiter rune) Token { - closingDelimiter := delimiter - if delimiter == '[' { - closingDelimiter = ']' - } - - s.start = s.cursor - ch := s.next() // consume the opening quote - for { - // encountered the closing quote - // BUT if it's followed by .", then we should keep going - // e.g. postgre "foo"."bar" - // e.g. sqlserver [foo].[bar] - if ch == closingDelimiter { - specialCase := []rune{closingDelimiter, '.', delimiter} - if s.matchAt([]rune(specialCase)) { - ch = s.nextBy(3) // consume the "." - continue - } - break - } - if isEOF(ch) { - return Token{ERROR, s.src[s.start:s.cursor]} - } - ch = s.next() - } - s.next() // consume the closing quote - return Token{QUOTED_IDENT, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanWhitespace() Token { - // scan whitespace, tab, newline, carriage return - s.start = s.cursor - ch := s.next() - for isWhitespace(ch) { - ch = s.next() - } - return Token{WS, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanOperator(lastCh rune) Token { - s.start = s.cursor - ch := s.next() - for isOperator(ch) && !(lastCh == '=' && ch == '?') { - // hack: we don't want to treat "=?" as an single operator - lastCh = ch - ch = s.next() - } - return Token{OPERATOR, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanWildcard() Token { - s.start = s.cursor - s.next() - return Token{WILDCARD, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanSingleLineComment() Token { - s.start = s.cursor - ch := s.nextBy(2) // consume the opening dashes - for ch != '\n' && !isEOF(ch) { - ch = s.next() - } - return Token{COMMENT, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanMultiLineComment() Token { - s.start = s.cursor - ch := s.nextBy(2) // consume the opening slash and asterisk - for { - if ch == '*' && s.lookAhead(1) == '/' { - s.nextBy(2) // consume the closing asterisk and slash - break - } - if isEOF(ch) { - // encountered EOF before closing comment - // this usually happens when the comment is truncated - return Token{ERROR, s.src[s.start:s.cursor]} - } - ch = s.next() - } - return Token{MULTILINE_COMMENT, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanPunctuation() Token { - s.start = s.cursor - s.next() - return Token{PUNCTUATION, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanDollarQuotedString() Token { - s.start = s.cursor - ch := s.next() // consume the dollar sign - tagStart := s.cursor - - for s.cursor < len(s.src) && ch != '$' { - ch = s.next() - } - s.next() // consume the closing dollar sign of the tag - tag := s.src[tagStart-1 : s.cursor] // include the opening and closing dollar sign e.g. $tag$ - - for s.cursor < len(s.src) { - if s.matchAt([]rune(tag)) { - s.nextBy(len(tag)) // consume the closing tag - if tag == "$func$" { - return Token{DOLLAR_QUOTED_FUNCTION, s.src[s.start:s.cursor]} - } - return Token{DOLLAR_QUOTED_STRING, s.src[s.start:s.cursor]} - } - s.next() - } - return Token{ERROR, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanPositionalParameter() Token { - s.start = s.cursor - ch := s.nextBy(2) // consume the dollar sign and the number - for { - if !isDigit(ch) { - break - } - ch = s.next() - } - return Token{POSITIONAL_PARAMETER, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanBindParameter() Token { - s.start = s.cursor - ch := s.nextBy(2) // consume the (colon|at sign) and the char - for { - if !isAlphaNumeric(ch) { - break - } - ch = s.next() - } - return Token{BIND_PARAMETER, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanSystemVariable() Token { - s.start = s.cursor - ch := s.nextBy(2) // consume @@ - for { - if !isAlphaNumeric(ch) { - break - } - ch = s.next() - } - return Token{SYSTEM_VARIABLE, s.src[s.start:s.cursor]} -} - -func (s *Lexer) scanUnknown() Token { - // When we see an unknown token, we advance the cursor until we see something that looks like a token boundary. - s.start = s.cursor - s.next() - return Token{UNKNOWN, s.src[s.start:s.cursor]} -} diff --git a/vendor/github.com/DataDog/go-sqllexer/sqllexer_utils.go b/vendor/github.com/DataDog/go-sqllexer/sqllexer_utils.go deleted file mode 100644 index 50465256..00000000 --- a/vendor/github.com/DataDog/go-sqllexer/sqllexer_utils.go +++ /dev/null @@ -1,265 +0,0 @@ -package sqllexer - -import ( - "strings" - "unicode" -) - -type DBMSType string - -const ( - // DBMSSQLServer is a MS SQL - DBMSSQLServer DBMSType = "mssql" - // DBMSPostgres is a PostgreSQL Server - DBMSPostgres DBMSType = "postgresql" - // DBMSMySQL is a MySQL Server - DBMSMySQL DBMSType = "mysql" - // DBMSOracle is a Oracle Server - DBMSOracle DBMSType = "oracle" - // DBMSSnowflake is a Snowflake Server - DBMSSnowflake DBMSType = "snowflake" -) - -var commands = map[string]bool{ - "SELECT": true, - "INSERT": true, - "UPDATE": true, - "DELETE": true, - "CREATE": true, - "ALTER": true, - "DROP": true, - "JOIN": true, - "GRANT": true, - "REVOKE": true, - "COMMIT": true, - "BEGIN": true, - "TRUNCATE": true, - "MERGE": true, - "EXECUTE": true, - "EXEC": true, - "EXPLAIN": true, - "STRAIGHT_JOIN": true, - "USE": true, - "CLONE": true, -} - -var tableIndicators = map[string]bool{ - "FROM": true, - "JOIN": true, - "INTO": true, - "UPDATE": true, - "TABLE": true, - "EXISTS": true, // Drop Table If Exists - "STRAIGHT_JOIN": true, // MySQL - "CLONE": true, // Snowflake - "ONLY": true, // PostgreSQL -} - -var keywords = map[string]bool{ - "SELECT": true, - "INSERT": true, - "UPDATE": true, - "DELETE": true, - "CREATE": true, - "ALTER": true, - "DROP": true, - "GRANT": true, - "REVOKE": true, - "ADD": true, - "ALL": true, - "AND": true, - "ANY": true, - "AS": true, - "ASC": true, - "BEGIN": true, - "BETWEEN": true, - "BY": true, - "CASE": true, - "CHECK": true, - "COLUMN": true, - "COMMIT": true, - "CONSTRAINT": true, - "DATABASE": true, - "DECLARE": true, - "DEFAULT": true, - "DESC": true, - "DISTINCT": true, - "ELSE": true, - "END": true, - "EXEC": true, - "EXISTS": true, - "FOREIGN": true, - "FROM": true, - "GROUP": true, - "HAVING": true, - "IN": true, - "INDEX": true, - "INNER": true, - "INTO": true, - "IS": true, - "JOIN": true, - "KEY": true, - "LEFT": true, - "LIKE": true, - "LIMIT": true, - "NOT": true, - "ON": true, - "OR": true, - "ORDER": true, - "OUTER": true, - "PRIMARY": true, - "PROCEDURE": true, - "REPLACE": true, - "RETURNS": true, - "RIGHT": true, - "ROLLBACK": true, - "ROWNUM": true, - "SET": true, - "SOME": true, - "TABLE": true, - "TOP": true, - "TRUNCATE": true, - "UNION": true, - "UNIQUE": true, - "USE": true, - "VALUES": true, - "VIEW": true, - "WHERE": true, - "CUBE": true, - "ROLLUP": true, - "LITERAL": true, - "WINDOW": true, - "VACCUM": true, - "ANALYZE": true, - "ILIKE": true, - "USING": true, - "ASSERTION": true, - "DOMAIN": true, - "CLUSTER": true, - "COPY": true, - "EXPLAIN": true, - "PLPGSQL": true, - "TRIGGER": true, - "TEMPORARY": true, - "UNLOGGED": true, - "RECURSIVE": true, - "RETURNING": true, - "OFFSET": true, - "OF": true, - "SKIP": true, - "IF": true, - "ONLY": true, -} - -func isWhitespace(ch rune) bool { - return ch == ' ' || ch == '\t' || ch == '\n' || ch == '\r' -} - -func isDigit(ch rune) bool { - return '0' <= ch && ch <= '9' -} - -func isExpontent(ch rune) bool { - return ch == 'e' || ch == 'E' -} - -func isLeadingSign(ch rune) bool { - return ch == '+' || ch == '-' -} - -func isLetter(ch rune) bool { - return unicode.IsLetter(ch) || ch == '_' -} - -func isAlphaNumeric(ch rune) bool { - return isLetter(ch) || isDigit(ch) -} - -func isDoubleQuote(ch rune) bool { - return ch == '"' -} - -func isSingleQuote(ch rune) bool { - return ch == '\'' -} - -func isOperator(ch rune) bool { - return ch == '+' || ch == '-' || ch == '*' || ch == '/' || ch == '=' || ch == '<' || ch == '>' || ch == '!' || ch == '&' || ch == '|' || ch == '^' || ch == '%' || ch == '~' || ch == '?' || ch == '@' || ch == ':' || ch == '#' -} - -func isWildcard(ch rune) bool { - return ch == '*' -} - -func isSingleLineComment(ch rune, nextCh rune) bool { - return ch == '-' && nextCh == '-' -} - -func isMultiLineComment(ch rune, nextCh rune) bool { - return ch == '/' && nextCh == '*' -} - -func isPunctuation(ch rune) bool { - return ch == '(' || ch == ')' || ch == ',' || ch == ';' || ch == '.' || ch == ':' || ch == '[' || ch == ']' || ch == '{' || ch == '}' -} - -func isEOF(ch rune) bool { - return ch == 0 -} - -func isCommand(ident string) bool { - _, ok := commands[ident] - return ok -} - -func isTableIndicator(ident string) bool { - _, ok := tableIndicators[ident] - return ok -} - -func isSQLKeyword(token *Token) bool { - if token.Type != IDENT { - return false - } - _, ok := keywords[strings.ToUpper(token.Value)] - return ok -} - -func isProcedure(token *Token) bool { - if token.Type != IDENT { - return false - } - return strings.ToUpper(token.Value) == "PROCEDURE" || strings.ToUpper(token.Value) == "PROC" -} - -func isBoolean(ident string) bool { - return strings.ToUpper(ident) == "TRUE" || strings.ToUpper(ident) == "FALSE" -} - -func isNull(ident string) bool { - return strings.ToUpper(ident) == "NULL" -} - -func replaceDigits(input string, placeholder string) string { - var builder strings.Builder - - i := 0 - for i < len(input) { - if isDigit(rune(input[i])) { - builder.WriteString(placeholder) - for i < len(input) && isDigit(rune(input[i])) { - i++ - } - } else { - builder.WriteByte(input[i]) - i++ - } - } - - return builder.String() -} - -func trimQuotes(input string, delim string, closingDelim string) string { - replacer := strings.NewReplacer(delim, "", closingDelim, "") - return replacer.Replace(input) -} diff --git a/vendor/github.com/DataDog/go-tuf/LICENSE b/vendor/github.com/DataDog/go-tuf/LICENSE deleted file mode 100644 index 38163dd4..00000000 --- a/vendor/github.com/DataDog/go-tuf/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2014-2020 Prime Directive, Inc. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Prime Directive, Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/DataDog/go-tuf/client/client.go b/vendor/github.com/DataDog/go-tuf/client/client.go deleted file mode 100644 index 6a3e137f..00000000 --- a/vendor/github.com/DataDog/go-tuf/client/client.go +++ /dev/null @@ -1,955 +0,0 @@ -package client - -import ( - "bytes" - "encoding/hex" - "encoding/json" - "io" - - "github.com/DataDog/go-tuf/data" - "github.com/DataDog/go-tuf/internal/roles" - "github.com/DataDog/go-tuf/util" - "github.com/DataDog/go-tuf/verify" -) - -const ( - // This is the upper limit in bytes we will use to limit the download - // size of the root/timestamp roles, since we might not don't know how - // big it is. - defaultRootDownloadLimit = 512000 - defaultTimestampDownloadLimit = 16384 - defaultMaxDelegations = 32 - defaultMaxRootRotations = 1e3 -) - -// LocalStore is local storage for downloaded top-level metadata. -type LocalStore interface { - io.Closer - - // GetMeta returns top-level metadata from local storage. The keys are - // in the form `ROLE.json`, with ROLE being a valid top-level role. - GetMeta() (map[string]json.RawMessage, error) - - // SetMeta persists the given top-level metadata in local storage, the - // name taking the same format as the keys returned by GetMeta. - SetMeta(name string, meta json.RawMessage) error - - // DeleteMeta deletes a given metadata. - DeleteMeta(name string) error -} - -// RemoteStore downloads top-level metadata and target files from a remote -// repository. -type RemoteStore interface { - // GetMeta downloads the given metadata from remote storage. - // - // `name` is the filename of the metadata (e.g. "root.json") - // - // `err` is ErrNotFound if the given file does not exist. - // - // `size` is the size of the stream, -1 indicating an unknown length. - GetMeta(name string) (stream io.ReadCloser, size int64, err error) - - // GetTarget downloads the given target file from remote storage. - // - // `path` is the path of the file relative to the root of the remote - // targets directory (e.g. "/path/to/file.txt"). - // - // `err` is ErrNotFound if the given file does not exist. - // - // `size` is the size of the stream, -1 indicating an unknown length. - GetTarget(path string) (stream io.ReadCloser, size int64, err error) -} - -// Client provides methods for fetching updates from a remote repository and -// downloading remote target files. -type Client struct { - local LocalStore - remote RemoteStore - - // The following four fields represent the versions of metatdata either - // from local storage or from recently downloaded metadata - rootVer int64 - targetsVer int64 - snapshotVer int64 - timestampVer int64 - - // targets is the list of available targets, either from local storage - // or from recently downloaded targets metadata - targets data.TargetFiles - - // localMeta is the raw metadata from local storage and is used to - // check whether remote metadata is present locally - localMeta map[string]json.RawMessage - - // db is a key DB used for verifying metadata - db *verify.DB - - // consistentSnapshot indicates whether the remote storage is using - // consistent snapshots (as specified in root.json) - consistentSnapshot bool - - // MaxDelegations limits by default the number of delegations visited for any - // target - MaxDelegations int - - // MaxRootRotations limits the number of downloaded roots in 1.0.19 root updater - MaxRootRotations int -} - -func NewClient(local LocalStore, remote RemoteStore) *Client { - return &Client{ - local: local, - remote: remote, - MaxDelegations: defaultMaxDelegations, - MaxRootRotations: defaultMaxRootRotations, - } -} - -// Init initializes a local repository from root metadata. -// -// The root's keys are extracted from the root and saved in local storage. -// Root expiration is not checked. -// It is expected that rootJSON was securely distributed with the software -// being updated. -func (c *Client) Init(rootJSON []byte) error { - err := c.loadAndVerifyRootMeta(rootJSON, true /*ignoreExpiredCheck*/) - if err != nil { - return err - } - return c.local.SetMeta("root.json", rootJSON) -} - -// Update downloads and verifies remote metadata and returns updated targets. -// It always performs root update (5.2 and 5.3) section of the v1.0.19 spec. -// -// https://theupdateframework.github.io/specification/v1.0.19/index.html#load-trusted-root -func (c *Client) Update() (data.TargetFiles, error) { - if err := c.UpdateRoots(); err != nil { - if _, ok := err.(verify.ErrExpired); ok { - // For backward compatibility, we wrap the ErrExpired inside - // ErrDecodeFailed. - return nil, ErrDecodeFailed{"root.json", err} - } - return nil, err - } - - // Load trusted metadata files, if any, and verify them against the latest root - c.getLocalMeta() - - // 5.4.1 - Download the timestamp metadata - timestampJSON, err := c.downloadMetaUnsafe("timestamp.json", defaultTimestampDownloadLimit) - if err != nil { - return nil, err - } - // 5.4.(2,3 and 4) - Verify timestamp against various attacks - // Returns the extracted snapshot metadata - snapshotMeta, sameTimestampVersion, err := c.decodeTimestamp(timestampJSON) - if sameTimestampVersion { - // The new timestamp.json file had the same version; we don't need to - // update, so bail early. - return c.targets, nil - } - - if err != nil { - return nil, err - } - // 5.4.5 - Persist the timestamp metadata - if err := c.local.SetMeta("timestamp.json", timestampJSON); err != nil { - return nil, err - } - - // 5.5.1 - Download snapshot metadata - // 5.5.2 and 5.5.4 - Check against timestamp role's snapshot hash and version - snapshotJSON, err := c.downloadMetaFromTimestamp("snapshot.json", snapshotMeta) - if err != nil { - return nil, err - } - // 5.5.(3,5 and 6) - Verify snapshot against various attacks - // Returns the extracted metadata files - snapshotMetas, err := c.decodeSnapshot(snapshotJSON) - if err != nil { - return nil, err - } - // 5.5.7 - Persist snapshot metadata - if err := c.local.SetMeta("snapshot.json", snapshotJSON); err != nil { - return nil, err - } - - // If we don't have the targets.json, download it, determine updated - // targets and save targets.json in local storage - var updatedTargets data.TargetFiles - targetsMeta := snapshotMetas["targets.json"] - if !c.hasMetaFromSnapshot("targets.json", targetsMeta) { - // 5.6.1 - Download the top-level targets metadata file - // 5.6.2 and 5.6.4 - Check against snapshot role's targets hash and version - targetsJSON, err := c.downloadMetaFromSnapshot("targets.json", targetsMeta) - if err != nil { - return nil, err - } - // 5.6.(3 and 5) - Verify signatures and check against freeze attack - updatedTargets, err = c.decodeTargets(targetsJSON) - if err != nil { - return nil, err - } - // 5.6.6 - Persist targets metadata - if err := c.local.SetMeta("targets.json", targetsJSON); err != nil { - return nil, err - } - } - - return updatedTargets, nil -} - -func (c *Client) UpdateRoots() error { - // https://theupdateframework.github.io/specification/v1.0.19/index.html#load-trusted-root - // 5.2 Load the trusted root metadata file. We assume that a good, - // trusted copy of this file was shipped with the package manager - // or software updater using an out-of-band process. - if err := c.loadAndVerifyLocalRootMeta( /*ignoreExpiredCheck=*/ true); err != nil { - return err - } - m, err := c.local.GetMeta() - if err != nil { - return err - } - - type KeyInfo struct { - KeyIDs map[string]bool - Threshold int - } - - // Prepare for 5.3.11: If the timestamp and / or snapshot keys have been rotated, - // then delete the trusted timestamp and snapshot metadata files. - getKeyInfo := func(role string) KeyInfo { - keyIDs := make(map[string]bool) - for k := range c.db.GetRole(role).KeyIDs { - keyIDs[k] = true - } - return KeyInfo{keyIDs, c.db.GetRole(role).Threshold} - } - - // The nonRootKeyInfo looks like this: - // { - // "timestamp": {KeyIDs={"KEYID1": true, "KEYID2": true}, Threshold=2}, - // "snapshot": {KeyIDs={"KEYID3": true}, Threshold=1}, - // "targets": {KeyIDs={"KEYID4": true, "KEYID5": true, "KEYID6": true}, Threshold=1} - // } - - nonRootKeyInfo := map[string]KeyInfo{"timestamp": {}, "snapshot": {}, "targets": {}} - for k := range nonRootKeyInfo { - nonRootKeyInfo[k] = getKeyInfo(k) - } - - // 5.3.1 Temorarily turn on the consistent snapshots in order to download - // versioned root metadata files as described next. - consistentSnapshot := c.consistentSnapshot - c.consistentSnapshot = true - - nRootMetadata := m["root.json"] - - // https://theupdateframework.github.io/specification/v1.0.19/index.html#update-root - - // 5.3.1 Since it may now be signed using entirely different keys, - // the client MUST somehow be able to establish a trusted line of - // continuity to the latest set of keys (see § 6.1 Key - // management and migration). To do so, the client MUST - // download intermediate root metadata files, until the - // latest available one is reached. Therefore, it MUST - // temporarily turn on consistent snapshots in order to - // download versioned root metadata files as described next. - - // This loop returns on error or breaks after downloading the lastest root metadata. - // 5.3.2 Let N denote the version number of the trusted root metadata file. - for i := 0; i < c.MaxRootRotations; i++ { - // 5.3.3 Try downloading version nPlusOne of the root metadata file. - // NOTE: as a side effect, we do update c.rootVer to nPlusOne between iterations. - nPlusOne := c.rootVer + 1 - nPlusOneRootPath := util.VersionedPath("root.json", nPlusOne) - nPlusOneRootMetadata, err := c.downloadMetaUnsafe(nPlusOneRootPath, defaultRootDownloadLimit) - - if err != nil { - if _, ok := err.(ErrMissingRemoteMetadata); ok { - // stop when the next root can't be downloaded - break - } - return err - } - - // 5.3.4 Check for an arbitrary software attack. - // 5.3.4.1 Check that N signed N+1 - nPlusOneRootMetadataSigned, err := c.verifyRoot(nRootMetadata, nPlusOneRootMetadata) - if err != nil { - return err - } - - // 5.3.4.2 check that N+1 signed itself. - if _, err := c.verifyRoot(nPlusOneRootMetadata, nPlusOneRootMetadata); err != nil { - // 5.3.6 Note that the expiration of the new (intermediate) root - // metadata file does not matter yet, because we will check for - // it in step 5.3.10. - return err - } - - // 5.3.5 Check for a rollback attack. Here, we check that nPlusOneRootMetadataSigned.version == nPlusOne. - if nPlusOneRootMetadataSigned.Version != nPlusOne { - return verify.ErrWrongVersion{ - Given: nPlusOneRootMetadataSigned.Version, - Expected: nPlusOne, - } - } - - // 5.3.7 Set the trusted root metadata file to the new root metadata file. - c.rootVer = nPlusOneRootMetadataSigned.Version - // NOTE: following up on 5.3.1, we want to always have consistent snapshots on for the duration - // of root rotation. AFTER the rotation is over, we will set it to the value of the last root. - consistentSnapshot = nPlusOneRootMetadataSigned.ConsistentSnapshot - // 5.3.8 Persist root metadata. The client MUST write the file to non-volatile storage as FILENAME.EXT (e.g. root.json). - // NOTE: Internally, setMeta stores metadata in LevelDB in a persistent manner. - if err := c.local.SetMeta("root.json", nPlusOneRootMetadata); err != nil { - return err - } - nRootMetadata = nPlusOneRootMetadata - // 5.3.9 Repeat steps 5.3.2 to 5.3.9 - - } // End of the for loop. - - // 5.3.10 Check for a freeze attack. - // NOTE: This will check for any, including freeze, attack. - if err := c.loadAndVerifyLocalRootMeta( /*ignoreExpiredCheck=*/ false); err != nil { - return err - } - - countDeleted := func(s1 map[string]bool, s2 map[string]bool) int { - c := 0 - for k := range s1 { - if _, ok := s2[k]; !ok { - c++ - } - } - return c - } - - // 5.3.11 To recover from fast-forward attack, certain metadata files need - // to be deleted if a threshold of keys are revoked. - // List of metadata that should be deleted per role if a threshold of keys - // are revoked: - // (based on the ongoing PR: https://github.com/mnm678/specification/tree/e50151d9df632299ddea364c4f44fe8ca9c10184) - // timestamp -> delete timestamp.json - // snapshot -> delete timestamp.json and snapshot.json - // targets -> delete snapshot.json and targets.json - // - // nonRootKeyInfo contains the keys and thresholds from root.json - // that were on disk before the root update process begins. - for topLevelRolename := range nonRootKeyInfo { - // ki contains the keys and thresholds from the latest downloaded root.json. - ki := getKeyInfo(topLevelRolename) - if countDeleted(nonRootKeyInfo[topLevelRolename].KeyIDs, ki.KeyIDs) >= nonRootKeyInfo[topLevelRolename].Threshold { - deleteMeta := map[string][]string{ - "timestamp": {"timestamp.json"}, - "snapshot": {"timestamp.json", "snapshot.json"}, - "targets": {"snapshot.json", "targets.json"}, - } - - for _, r := range deleteMeta[topLevelRolename] { - c.local.DeleteMeta(r) - } - } - } - - // 5.3.12 Set whether consistent snapshots are used as per the trusted root metadata file. - c.consistentSnapshot = consistentSnapshot - return nil -} - -// getLocalMeta decodes and verifies metadata from local storage. -// The verification of local files is purely for consistency, if an attacker -// has compromised the local storage, there is no guarantee it can be trusted. -// Before trying to load the metadata files, it clears the in-memory copy of the local metadata. -// This is to insure that all of the loaded metadata files at the end are indeed verified by the latest root. -// If some of the metadata files fail to load it will proceed with trying to load the rest, -// but still return an error at the end, if such occurred. Otherwise returns nil. -func (c *Client) getLocalMeta() error { - var retErr error - loadFailed := false - // Clear the in-memory copy of the local metadata. The goal is to reload and take into account - // only the metadata files that are verified by the latest root. Otherwise, their content should - // be ignored. - c.localMeta = make(map[string]json.RawMessage) - - // Load the latest root meta - if err := c.loadAndVerifyLocalRootMeta( /*ignoreExpiredCheck=*/ false); err != nil { - return err - } - - // Load into memory the existing meta, if any, from the local storage - meta, err := c.local.GetMeta() - if err != nil { - return nil - } - - // Verify the top-level metadata (timestamp, snapshot and targets) against the latest root and load it, if okay - if timestampJSON, ok := meta["timestamp.json"]; ok { - timestamp := &data.Timestamp{} - if err := c.db.UnmarshalTrusted(timestampJSON, timestamp, "timestamp"); err != nil { - loadFailed = true - retErr = err - } else { - c.localMeta["timestamp.json"] = meta["timestamp.json"] - c.timestampVer = timestamp.Version - } - } - - snapshot := &data.Snapshot{} - if snapshotJSON, ok := meta["snapshot.json"]; ok { - if err := c.db.UnmarshalTrusted(snapshotJSON, snapshot, "snapshot"); err != nil { - loadFailed = true - retErr = err - } else { - c.localMeta["snapshot.json"] = meta["snapshot.json"] - c.snapshotVer = snapshot.Version - } - } - - if targetsJSON, ok := meta["targets.json"]; ok { - targets := &data.Targets{} - if err := c.db.UnmarshalTrusted(targetsJSON, targets, "targets"); err != nil { - loadFailed = true - retErr = err - } else { - c.localMeta["targets.json"] = meta["targets.json"] - c.targetsVer = targets.Version - // FIXME(TUF-0.9) temporarily support files with leading path separators. - // c.targets = targets.Targets - c.loadTargets(targets.Targets) - } - } - - if loadFailed { - // If any of the metadata failed to be verified, return the reason for that failure - // and fail fast before delegated targets - return retErr - } - - // verifiedDelegatedTargets is a set of verified delegated targets - for fileName, fileContent := range meta { - if roles.IsDelegatedTargetsManifest(fileName) { - c.localMeta[fileName] = fileContent - } - } - - if loadFailed { - // If any of the metadata failed to be verified, return the reason for that failure - return retErr - } - return nil -} - -// loadAndVerifyLocalRootMeta decodes and verifies root metadata from -// local storage and loads the top-level keys. This method first clears -// the DB for top-level keys and then loads the new keys. -func (c *Client) loadAndVerifyLocalRootMeta(ignoreExpiredCheck bool) error { - meta, err := c.local.GetMeta() - if err != nil { - return err - } - rootJSON, ok := meta["root.json"] - if !ok { - return ErrNoRootKeys - } - return c.loadAndVerifyRootMeta(rootJSON, ignoreExpiredCheck) -} - -// loadAndVerifyRootMeta decodes and verifies root metadata and loads the top-level keys. -// This method first clears the DB for top-level keys and then loads the new keys. -func (c *Client) loadAndVerifyRootMeta(rootJSON []byte, ignoreExpiredCheck bool) error { - // unmarshal root.json without verifying as we need the root - // keys first - s := &data.Signed{} - if err := json.Unmarshal(rootJSON, s); err != nil { - return err - } - root := &data.Root{} - if err := json.Unmarshal(s.Signed, root); err != nil { - return err - } - ndb := verify.NewDB() - for id, k := range root.Keys { - if err := ndb.AddKey(id, k); err != nil { - return err - } - } - for name, role := range root.Roles { - if err := ndb.AddRole(name, role); err != nil { - return err - } - } - // Any trusted local root metadata version must be greater than 0. - if ignoreExpiredCheck { - if err := ndb.VerifyIgnoreExpiredCheck(s, "root", 0); err != nil { - return err - } - } else { - if err := ndb.Verify(s, "root", 0); err != nil { - return err - } - } - c.consistentSnapshot = root.ConsistentSnapshot - c.rootVer = root.Version - c.db = ndb - return nil -} - -// verifyRoot verifies Signed section of the bJSON -// using verification keys in aJSON. -func (c *Client) verifyRoot(aJSON []byte, bJSON []byte) (*data.Root, error) { - aSigned := &data.Signed{} - if err := json.Unmarshal(aJSON, aSigned); err != nil { - return nil, err - } - aRoot := &data.Root{} - if err := json.Unmarshal(aSigned.Signed, aRoot); err != nil { - return nil, err - } - - bSigned := &data.Signed{} - if err := json.Unmarshal(bJSON, bSigned); err != nil { - return nil, err - } - bRoot := &data.Root{} - if err := json.Unmarshal(bSigned.Signed, bRoot); err != nil { - return nil, err - } - - ndb := verify.NewDB() - for id, k := range aRoot.Keys { - if err := ndb.AddKey(id, k); err != nil { - return nil, err - } - } - for name, role := range aRoot.Roles { - if err := ndb.AddRole(name, role); err != nil { - return nil, err - } - } - - if err := ndb.VerifySignatures(bSigned, "root"); err != nil { - return nil, err - } - return bRoot, nil -} - -// FIXME(TUF-0.9) TUF is considering removing support for target files starting -// with a leading path separator. In order to be backwards compatible, we'll -// just remove leading separators for now. -func (c *Client) loadTargets(targets data.TargetFiles) { - c.targets = make(data.TargetFiles) - for name, meta := range targets { - c.targets[name] = meta - c.targets[util.NormalizeTarget(name)] = meta - } -} - -// downloadMetaUnsafe downloads top-level metadata from remote storage without -// verifying it's length and hashes (used for example to download timestamp.json -// which has unknown size). It will download at most maxMetaSize bytes. -func (c *Client) downloadMetaUnsafe(name string, maxMetaSize int64) ([]byte, error) { - r, size, err := c.remote.GetMeta(name) - if err != nil { - if IsNotFound(err) { - return nil, ErrMissingRemoteMetadata{name} - } - return nil, ErrDownloadFailed{name, err} - } - defer r.Close() - - // return ErrMetaTooLarge if the reported size is greater than maxMetaSize - if size > maxMetaSize { - return nil, ErrMetaTooLarge{name, size, maxMetaSize} - } - - // although the size has been checked above, use a LimitReader in case - // the reported size is inaccurate, or size is -1 which indicates an - // unknown length - return io.ReadAll(io.LimitReader(r, maxMetaSize)) -} - -// remoteGetFunc is the type of function the download method uses to download -// remote files -type remoteGetFunc func(string) (io.ReadCloser, int64, error) - -// downloadHashed tries to download the hashed prefixed version of the file. -func (c *Client) downloadHashed(file string, get remoteGetFunc, hashes data.Hashes) (io.ReadCloser, int64, error) { - // try each hashed path in turn, and either return the contents, - // try the next one if a 404 is returned, or return an error - for _, path := range util.HashedPaths(file, hashes) { - r, size, err := get(path) - if err != nil { - if IsNotFound(err) { - continue - } - return nil, 0, err - } - return r, size, nil - } - return nil, 0, ErrNotFound{file} -} - -// download downloads the given target file from remote storage using the get -// function, adding hashes to the path if consistent snapshots are in use -func (c *Client) downloadTarget(file string, get remoteGetFunc, hashes data.Hashes) (io.ReadCloser, int64, error) { - if c.consistentSnapshot { - return c.downloadHashed(file, get, hashes) - } else { - return get(file) - } -} - -// downloadVersionedMeta downloads top-level metadata from remote storage and -// verifies it using the given file metadata. -func (c *Client) downloadMeta(name string, version int64, m data.FileMeta) ([]byte, error) { - r, size, err := func() (io.ReadCloser, int64, error) { - if c.consistentSnapshot { - path := util.VersionedPath(name, version) - r, size, err := c.remote.GetMeta(path) - if err == nil { - return r, size, nil - } - - return nil, 0, err - } else { - return c.remote.GetMeta(name) - } - }() - if err != nil { - if IsNotFound(err) { - return nil, ErrMissingRemoteMetadata{name} - } - return nil, err - } - defer r.Close() - - // return ErrWrongSize if the reported size is known and incorrect - var stream io.Reader - if m.Length != 0 { - if size >= 0 && size != m.Length { - return nil, ErrWrongSize{name, size, m.Length} - } - - // wrap the data in a LimitReader so we download at most m.Length bytes - stream = io.LimitReader(r, m.Length) - } else { - stream = r - } - - return io.ReadAll(stream) -} - -func (c *Client) downloadMetaFromSnapshot(name string, m data.SnapshotFileMeta) ([]byte, error) { - b, err := c.downloadMeta(name, m.Version, data.FileMeta{Length: m.Length, Hashes: m.Hashes}) - if err != nil { - return nil, err - } - - // 5.6.2 – Check length and hashes of fetched bytes *before* parsing metadata - if err := util.BytesMatchLenAndHashes(b, m.Length, m.Hashes); err != nil { - return nil, ErrDownloadFailed{name, err} - } - - meta, err := util.GenerateSnapshotFileMeta(bytes.NewReader(b), m.Hashes.HashAlgorithms()...) - if err != nil { - return nil, err - } - - // 5.6.4 - Check against snapshot role's version - if err := util.VersionEqual(meta.Version, m.Version); err != nil { - return nil, ErrDownloadFailed{name, err} - } - - return b, nil -} - -func (c *Client) downloadMetaFromTimestamp(name string, m data.TimestampFileMeta) ([]byte, error) { - b, err := c.downloadMeta(name, m.Version, data.FileMeta{Length: m.Length, Hashes: m.Hashes}) - if err != nil { - return nil, err - } - - // 5.2.2. – Check length and hashes of fetched bytes *before* parsing metadata - if err := util.BytesMatchLenAndHashes(b, m.Length, m.Hashes); err != nil { - return nil, ErrDownloadFailed{name, err} - } - - meta, err := util.GenerateTimestampFileMeta(bytes.NewReader(b), m.Hashes.HashAlgorithms()...) - if err != nil { - return nil, err - } - - // 5.5.4 - Check against timestamp role's version - if err := util.VersionEqual(meta.Version, m.Version); err != nil { - return nil, ErrDownloadFailed{name, err} - } - - return b, nil -} - -// decodeSnapshot decodes and verifies snapshot metadata, and returns the new -// root and targets file meta. -func (c *Client) decodeSnapshot(b json.RawMessage) (data.SnapshotFiles, error) { - snapshot := &data.Snapshot{} - // 5.5.(3 and 6) - Verify it's signed correctly and it's not expired - if err := c.db.Unmarshal(b, snapshot, "snapshot", c.snapshotVer); err != nil { - return data.SnapshotFiles{}, ErrDecodeFailed{"snapshot.json", err} - } - // 5.5.5 - Check for top-level targets rollback attack - // Verify explicitly that current targets meta version is less than or equal to the new one - if snapshot.Meta["targets.json"].Version < c.targetsVer { - return data.SnapshotFiles{}, verify.ErrLowVersion{Actual: snapshot.Meta["targets.json"].Version, Current: c.targetsVer} - } - - // 5.5.5 - Get the local/trusted snapshot metadata, if any, and check all target metafiles against rollback attack - // In case the local snapshot metadata was not verified by the keys in the latest root during getLocalMeta(), - // snapshot.json won't be present in c.localMeta and thus this check will not be processed. - if snapshotJSON, ok := c.localMeta["snapshot.json"]; ok { - currentSnapshot := &data.Snapshot{} - if err := c.db.UnmarshalTrusted(snapshotJSON, currentSnapshot, "snapshot"); err != nil { - return data.SnapshotFiles{}, err - } - // 5.5.5 - Check for rollback attacks in both top-level and delegated targets roles (note that the Meta object includes both) - for path, local := range currentSnapshot.Meta { - if newMeta, ok := snapshot.Meta[path]; ok { - // 5.5.5 - Check for rollback attack - if newMeta.Version < local.Version { - return data.SnapshotFiles{}, verify.ErrLowVersion{Actual: newMeta.Version, Current: local.Version} - } - } else { - // 5.5.5 - Abort the update if a target file has been removed from the new snapshot file - return data.SnapshotFiles{}, verify.ErrMissingTargetFile - } - } - } - // At this point we can trust the new snapshot, the top-level targets, and any delegated targets versions it refers to - // so we can update the client's trusted versions and proceed with persisting the new snapshot metadata - // c.snapshotVer was already set when we verified the timestamp metadata - c.targetsVer = snapshot.Meta["targets.json"].Version - return snapshot.Meta, nil -} - -// decodeTargets decodes and verifies targets metadata, sets c.targets and -// returns updated targets. -func (c *Client) decodeTargets(b json.RawMessage) (data.TargetFiles, error) { - targets := &data.Targets{} - // 5.6.(3 and 5) - Verify signatures and check against freeze attack - if err := c.db.Unmarshal(b, targets, "targets", c.targetsVer); err != nil { - return nil, ErrDecodeFailed{"targets.json", err} - } - // Generate a list with the updated targets - updatedTargets := make(data.TargetFiles) - for path, meta := range targets.Targets { - if local, ok := c.targets[path]; ok { - if err := util.TargetFileMetaEqual(local, meta); err == nil { - continue - } - } - updatedTargets[path] = meta - } - // c.targetsVer was already updated when we verified the snapshot metadata - // FIXME(TUF-0.9) temporarily support files with leading path separators. - // c.targets = targets.Targets - c.loadTargets(targets.Targets) - return updatedTargets, nil -} - -// decodeTimestamp decodes and verifies timestamp metadata, and returns the -// new snapshot file meta and signals whether the update should be aborted early -// (the new timestamp has the same version as the old one, so there's no need to -// complete the update). -func (c *Client) decodeTimestamp(b json.RawMessage) (data.TimestampFileMeta, bool, error) { - timestamp := &data.Timestamp{} - - if err := c.db.Unmarshal(b, timestamp, "timestamp", c.timestampVer); err != nil { - return data.TimestampFileMeta{}, false, ErrDecodeFailed{"timestamp.json", err} - } - // 5.4.3.1 - Check for timestamp rollback attack - // We already checked for timestamp.Version < c.timestampVer in the Unmarshal call above. - // Here, we're checking for version equality, which indicates that we can abandon this update. - if timestamp.Version == c.timestampVer { - return data.TimestampFileMeta{}, true, nil - } - // 5.4.3.2 - Check for snapshot rollback attack - // Verify that the current snapshot meta version is less than or equal to the new one - if timestamp.Meta["snapshot.json"].Version < c.snapshotVer { - return data.TimestampFileMeta{}, false, verify.ErrLowVersion{Actual: timestamp.Meta["snapshot.json"].Version, Current: c.snapshotVer} - } - // At this point we can trust the new timestamp and the snapshot version it refers to - // so we can update the client's trusted versions and proceed with persisting the new timestamp - c.timestampVer = timestamp.Version - c.snapshotVer = timestamp.Meta["snapshot.json"].Version - return timestamp.Meta["snapshot.json"], false, nil -} - -// hasMetaFromSnapshot checks whether local metadata has the given meta -func (c *Client) hasMetaFromSnapshot(name string, m data.SnapshotFileMeta) bool { - _, ok := c.localMetaFromSnapshot(name, m) - return ok -} - -// localMetaFromSnapshot returns localmetadata if it matches the snapshot -func (c *Client) localMetaFromSnapshot(name string, m data.SnapshotFileMeta) (json.RawMessage, bool) { - b, ok := c.localMeta[name] - if !ok { - return nil, false - } - meta, err := util.GenerateSnapshotFileMeta(bytes.NewReader(b), m.Hashes.HashAlgorithms()...) - if err != nil { - return nil, false - } - err = util.SnapshotFileMetaEqual(meta, m) - return b, err == nil -} - -type Destination interface { - io.Writer - Delete() error -} - -// Download downloads the given target file from remote storage into dest. -// -// dest will be deleted and an error returned in the following situations: -// -// - The target does not exist in the local targets.json -// - Failed to fetch the chain of delegations accessible from local snapshot.json -// - The target does not exist in any targets -// - Metadata cannot be generated for the downloaded data -// - Generated metadata does not match local metadata for the given file -// - Size of the download does not match if the reported size is known and -// incorrect -func (c *Client) Download(name string, dest Destination) (err error) { - return c.DownloadBatch(map[string]Destination{name: dest}) -} - -// DownloadBatch is a batched version of Download. -func (c *Client) DownloadBatch(targetFiles map[string]Destination) (err error) { - // delete dest if there is an error - defer func() { - if err != nil { - for _, dest := range targetFiles { - dest.Delete() - } - } - }() - - // populate c.targets from local storage if not set - if c.targets == nil { - if err := c.getLocalMeta(); err != nil { - return err - } - } - - var names []string - for name := range targetFiles { - names = append(names, name) - } - targets, err := c.getTargetFileMetas(names) - if err != nil { - return err - } - - for name, dest := range targetFiles { - err := c.download(name, targets[name], dest) - if err != nil { - return err - } - } - return nil -} - -func (c *Client) download(name string, localMeta data.TargetFileMeta, dest Destination) error { - // get the data from remote storage - normalizedName := util.NormalizeTarget(name) - r, size, err := c.downloadTarget(normalizedName, c.remote.GetTarget, localMeta.Hashes) - if err != nil { - return err - } - defer r.Close() - - // return ErrWrongSize if the reported size is known and incorrect - if size >= 0 && size != localMeta.Length { - return ErrWrongSize{name, size, localMeta.Length} - } - - // wrap the data in a LimitReader so we download at most localMeta.Length bytes - stream := io.LimitReader(r, localMeta.Length) - - // read the data, simultaneously writing it to dest and generating metadata - actual, err := util.GenerateTargetFileMeta(io.TeeReader(stream, dest), localMeta.HashAlgorithms()...) - if err != nil { - return ErrDownloadFailed{name, err} - } - - // check the data has the correct length and hashes - if err := util.TargetFileMetaEqual(actual, localMeta); err != nil { - if e, ok := err.(util.ErrWrongLength); ok { - return ErrWrongSize{name, e.Actual, e.Expected} - } - return ErrDownloadFailed{name, err} - } - return nil -} - -func (c *Client) VerifyDigest(digest string, digestAlg string, length int64, path string) error { - localMeta, ok := c.targets[path] - if !ok { - return ErrUnknownTarget{Name: path, SnapshotVersion: c.snapshotVer} - } - - actual := data.FileMeta{Length: length, Hashes: make(data.Hashes, 1)} - var err error - actual.Hashes[digestAlg], err = hex.DecodeString(digest) - if err != nil { - return err - } - - if err := util.TargetFileMetaEqual(data.TargetFileMeta{FileMeta: actual}, localMeta); err != nil { - if e, ok := err.(util.ErrWrongLength); ok { - return ErrWrongSize{path, e.Actual, e.Expected} - } - return ErrDownloadFailed{path, err} - } - - return nil -} - -// Target returns the target metadata for a specific target if it -// exists, searching from top-level level targets then through -// all delegations. If it does not, ErrNotFound will be returned. -func (c *Client) Target(name string) (data.TargetFileMeta, error) { - targets, err := c.TargetBatch([]string{name}) - if err != nil { - return data.TargetFileMeta{}, err - } - return targets[name], nil -} - -// TargetBatch is a batched version of Target. -func (c *Client) TargetBatch(names []string) (data.TargetFiles, error) { - targets, err := c.getTargetFileMetas(names) - if err == nil { - return targets, nil - } - if _, ok := err.(ErrUnknownTarget); ok { - return nil, ErrNotFound{err.(ErrUnknownTarget).Name} - } - return nil, err -} - -// Targets returns the complete list of available top-level targets. -func (c *Client) Targets() (data.TargetFiles, error) { - // populate c.targets from local storage if not set - if c.targets == nil { - if err := c.getLocalMeta(); err != nil { - return nil, err - } - } - return c.targets, nil -} diff --git a/vendor/github.com/DataDog/go-tuf/client/delegations.go b/vendor/github.com/DataDog/go-tuf/client/delegations.go deleted file mode 100644 index 96f10bbd..00000000 --- a/vendor/github.com/DataDog/go-tuf/client/delegations.go +++ /dev/null @@ -1,193 +0,0 @@ -package client - -import ( - "github.com/DataDog/go-tuf/data" - "github.com/DataDog/go-tuf/pkg/targets" - "github.com/DataDog/go-tuf/util" - "github.com/DataDog/go-tuf/verify" -) - -type delegatedTargetsCache struct { - meta map[string]*data.Targets -} - -func newDelegatedTargetsCache() *delegatedTargetsCache { - return &delegatedTargetsCache{ - meta: make(map[string]*data.Targets), - } -} - -func (c *delegatedTargetsCache) loadDelegatedTargets(client *Client, snapshot *data.Snapshot, role string, db *verify.DB) (*data.Targets, error) { - if t, ok := c.meta[role]; ok { - return t, nil - } - - targets, err := client.loadDelegatedTargets(snapshot, role, db) - if err != nil { - return nil, err - } - - c.meta[role] = targets - return targets, nil -} - -// getTargetFileMeta searches for a verified TargetFileMeta matching a target -// Requires a local snapshot to be loaded and is locked to the snapshot versions. -func (c *Client) getTargetFileMeta(target string) (data.TargetFileMeta, error) { - metas, err := c.getTargetFileMetas([]string{target}) - if err != nil { - return data.TargetFileMeta{}, err - } - return metas[target], nil -} - -func (c *Client) getTargetFileMetas(targets []string) (data.TargetFiles, error) { - snapshot, err := c.loadLocalSnapshot() - if err != nil { - return nil, err - } - cache := newDelegatedTargetsCache() - targetFileMetas := make(data.TargetFiles, len(targets)) - for _, target := range targets { - normalizedTarget := util.NormalizeTarget(target) - targetFileMeta, _, err := c.getTargetFileMetaDelegationPath(normalizedTarget, snapshot, cache) - if _, ok := err.(ErrUnknownTarget); ok { - return nil, ErrUnknownTarget{target, snapshot.Version} - } - if err != nil { - return nil, err - } - targetFileMetas[target] = targetFileMeta - } - return targetFileMetas, nil -} - -// getTargetFileMetaDelegationPath searches for a verified TargetFileMeta matching a target -// Requires snapshot to be passed and is locked to that specific snapshot versions. -// Searches through delegated targets following TUF spec 1.0.19 section 5.6. -func (c *Client) getTargetFileMetaDelegationPath(target string, snapshot *data.Snapshot, cache *delegatedTargetsCache) (data.TargetFileMeta, []string, error) { - // delegationsIterator covers 5.6.7 - // - pre-order depth-first search starting with the top targets - // - filter delegations with paths or path_hash_prefixes matching searched target - // - 5.6.7.1 cycles protection - // - 5.6.7.2 terminations - delegations, err := targets.NewDelegationsIterator(target, c.db) - if err != nil { - return data.TargetFileMeta{}, nil, err - } - - targetFileMeta := data.TargetFileMeta{} - delegationRole := "" - - for i := 0; i < c.MaxDelegations; i++ { - d, ok := delegations.Next() - if !ok { - return data.TargetFileMeta{}, nil, ErrUnknownTarget{target, snapshot.Version} - } - - // covers 5.6.{1,2,3,4,5,6} - targets, err := cache.loadDelegatedTargets(c, snapshot, d.Delegatee.Name, d.DB) - if err != nil { - return data.TargetFileMeta{}, nil, err - } - - // stop when the searched TargetFileMeta is found - if m, ok := targets.Targets[target]; ok { - delegationRole = d.Delegatee.Name - targetFileMeta = m - break - } - - if targets.Delegations != nil { - delegationsDB, err := verify.NewDBFromDelegations(targets.Delegations) - if err != nil { - return data.TargetFileMeta{}, nil, err - } - err = delegations.Add(targets.Delegations.Roles, d.Delegatee.Name, delegationsDB) - if err != nil { - return data.TargetFileMeta{}, nil, err - } - } - } - - if len(delegationRole) > 0 { - return targetFileMeta, buildPath(delegations.Parent, delegationRole, ""), nil - } - - return data.TargetFileMeta{}, nil, ErrMaxDelegations{ - Target: target, - MaxDelegations: c.MaxDelegations, - SnapshotVersion: snapshot.Version, - } -} - -func buildPath(parent func(string) string, start string, end string) []string { - if start == end { - return nil - } - - path := []string{start} - current := start - for { - current = parent(current) - if current == end { - break - } - path = append(path, current) - } - return path -} - -func (c *Client) loadLocalSnapshot() (*data.Snapshot, error) { - if err := c.getLocalMeta(); err != nil { - return nil, err - } - rawS, ok := c.localMeta["snapshot.json"] - if !ok { - return nil, ErrNoLocalSnapshot - } - - snapshot := &data.Snapshot{} - if err := c.db.Unmarshal(rawS, snapshot, "snapshot", c.snapshotVer); err != nil { - return nil, ErrDecodeFailed{"snapshot.json", err} - } - return snapshot, nil -} - -// loadDelegatedTargets downloads, decodes, verifies and stores targets -func (c *Client) loadDelegatedTargets(snapshot *data.Snapshot, role string, db *verify.DB) (*data.Targets, error) { - var err error - fileName := role + ".json" - fileMeta, ok := snapshot.Meta[fileName] - if !ok { - return nil, ErrRoleNotInSnapshot{role, snapshot.Version} - } - - // 5.6.1 download target if not in the local store - // 5.6.2 check against snapshot hash - // 5.6.4 check against snapshot version - raw, alreadyStored := c.localMetaFromSnapshot(fileName, fileMeta) - if !alreadyStored { - raw, err = c.downloadMetaFromSnapshot(fileName, fileMeta) - if err != nil { - return nil, err - } - } - - targets := &data.Targets{} - // 5.6.3 verify signature with parent public keys - // 5.6.5 verify that the targets is not expired - // role "targets" is a top role verified by root keys loaded in the client db - err = db.Unmarshal(raw, targets, role, fileMeta.Version) - if err != nil { - return nil, ErrDecodeFailed{fileName, err} - } - - // 5.6.6 persist - if !alreadyStored { - if err := c.local.SetMeta(fileName, raw); err != nil { - return nil, err - } - } - return targets, nil -} diff --git a/vendor/github.com/DataDog/go-tuf/client/errors.go b/vendor/github.com/DataDog/go-tuf/client/errors.go deleted file mode 100644 index 3e7a5dcc..00000000 --- a/vendor/github.com/DataDog/go-tuf/client/errors.go +++ /dev/null @@ -1,107 +0,0 @@ -package client - -import ( - "errors" - "fmt" -) - -var ( - ErrNoRootKeys = errors.New("tuf: no root keys found in local meta store") - ErrInsufficientKeys = errors.New("tuf: insufficient keys to meet threshold") - ErrNoLocalSnapshot = errors.New("tuf: no snapshot stored locally") -) - -type ErrMissingRemoteMetadata struct { - Name string -} - -func (e ErrMissingRemoteMetadata) Error() string { - return fmt.Sprintf("tuf: missing remote metadata %s", e.Name) -} - -type ErrDownloadFailed struct { - File string - Err error -} - -func (e ErrDownloadFailed) Error() string { - return fmt.Sprintf("tuf: failed to download %s: %s", e.File, e.Err) -} - -type ErrDecodeFailed struct { - File string - Err error -} - -func (e ErrDecodeFailed) Error() string { - return fmt.Sprintf("tuf: failed to decode %s: %s", e.File, e.Err) -} - -type ErrMaxDelegations struct { - Target string - MaxDelegations int - SnapshotVersion int64 -} - -func (e ErrMaxDelegations) Error() string { - return fmt.Sprintf("tuf: max delegation of %d reached searching for %s with snapshot version %d", e.MaxDelegations, e.Target, e.SnapshotVersion) -} - -type ErrNotFound struct { - File string -} - -func (e ErrNotFound) Error() string { - return fmt.Sprintf("tuf: file not found: %s", e.File) -} - -func IsNotFound(err error) bool { - _, ok := err.(ErrNotFound) - return ok -} - -type ErrWrongSize struct { - File string - Actual int64 - Expected int64 -} - -func (e ErrWrongSize) Error() string { - return fmt.Sprintf("tuf: unexpected file size: %s (expected %d bytes, got %d bytes)", e.File, e.Expected, e.Actual) -} - -type ErrUnknownTarget struct { - Name string - SnapshotVersion int64 -} - -func (e ErrUnknownTarget) Error() string { - return fmt.Sprintf("tuf: unknown target file: %s with snapshot version %d", e.Name, e.SnapshotVersion) -} - -type ErrMetaTooLarge struct { - Name string - Size int64 - MaxSize int64 -} - -func (e ErrMetaTooLarge) Error() string { - return fmt.Sprintf("tuf: %s size %d bytes greater than maximum %d bytes", e.Name, e.Size, e.MaxSize) -} - -type ErrInvalidURL struct { - URL string -} - -func (e ErrInvalidURL) Error() string { - return fmt.Sprintf("tuf: invalid repository URL %s", e.URL) -} - -type ErrRoleNotInSnapshot struct { - Role string - SnapshotVersion int64 -} - -func (e ErrRoleNotInSnapshot) Error() string { - return fmt.Sprintf("tuf: role %s not in snapshot version %d", e.Role, e.SnapshotVersion) -} diff --git a/vendor/github.com/DataDog/go-tuf/client/file_store.go b/vendor/github.com/DataDog/go-tuf/client/file_store.go deleted file mode 100644 index 520bbe73..00000000 --- a/vendor/github.com/DataDog/go-tuf/client/file_store.go +++ /dev/null @@ -1,90 +0,0 @@ -package client - -import ( - "bytes" - "errors" - "fmt" - "io" - "io/fs" -) - -// FileRemoteStore provides a RemoteStore interface compatible -// implementation that can be used where the RemoteStore is backed by a -// fs.FS. This is useful for example in air-gapped environments where there's no -// possibility to make outbound network connections. -// By having this be a fs.FS instead of directories allows the repository to -// be backed by something that's not persisted to disk. -func NewFileRemoteStore(fsys fs.FS, targetDir string) (*FileRemoteStore, error) { - if fsys == nil { - return nil, errors.New("nil fs.FS") - } - t := targetDir - if t == "" { - t = "targets" - } - // Make sure directory exists - d, err := fsys.Open(t) - if err != nil { - return nil, fmt.Errorf("failed to open targets directory %s: %w", t, err) - } - fi, err := d.Stat() - if err != nil { - return nil, fmt.Errorf("failed to stat targets directory %s: %w", t, err) - } - if !fi.IsDir() { - return nil, fmt.Errorf("targets directory not a directory %s", t) - } - - fsysT, err := fs.Sub(fsys, t) - if err != nil { - return nil, fmt.Errorf("failed to open targets directory %s: %w", t, err) - } - return &FileRemoteStore{fsys: fsys, targetDir: fsysT}, nil -} - -type FileRemoteStore struct { - // Meta directory fs - fsys fs.FS - // Target directory fs. - targetDir fs.FS - // In order to be able to make write operations (create, delete) we can't - // use fs.FS for it (it's read only), so we have to know the underlying - // directory that add/delete test methods can use. This is only necessary - // for testing purposes. - testDir string -} - -func (f *FileRemoteStore) GetMeta(name string) (io.ReadCloser, int64, error) { - rc, b, err := f.get(f.fsys, name) - return handleErrors(name, rc, b, err) -} - -func (f *FileRemoteStore) GetTarget(name string) (io.ReadCloser, int64, error) { - rc, b, err := f.get(f.targetDir, name) - return handleErrors(name, rc, b, err) -} - -func (f *FileRemoteStore) get(fsys fs.FS, s string) (io.ReadCloser, int64, error) { - if !fs.ValidPath(s) { - return nil, 0, fmt.Errorf("invalid path %s", s) - } - - b, err := fs.ReadFile(fsys, s) - if err != nil { - return nil, -1, err - } - return io.NopCloser(bytes.NewReader(b)), int64(len(b)), nil -} - -// handleErrors converts NotFound errors to something that TUF knows how to -// handle properly. For example, when looking for n+1 root files, this is a -// signal that it will stop looking. -func handleErrors(name string, rc io.ReadCloser, b int64, err error) (io.ReadCloser, int64, error) { - if err == nil { - return rc, b, err - } - if errors.Is(err, fs.ErrNotExist) { - return rc, b, ErrNotFound{name} - } - return rc, b, err -} diff --git a/vendor/github.com/DataDog/go-tuf/client/local_store.go b/vendor/github.com/DataDog/go-tuf/client/local_store.go deleted file mode 100644 index bb9421f5..00000000 --- a/vendor/github.com/DataDog/go-tuf/client/local_store.go +++ /dev/null @@ -1,29 +0,0 @@ -package client - -import ( - "encoding/json" -) - -func MemoryLocalStore() LocalStore { - return make(memoryLocalStore) -} - -type memoryLocalStore map[string]json.RawMessage - -func (m memoryLocalStore) GetMeta() (map[string]json.RawMessage, error) { - return m, nil -} - -func (m memoryLocalStore) SetMeta(name string, meta json.RawMessage) error { - m[name] = meta - return nil -} - -func (m memoryLocalStore) DeleteMeta(name string) error { - delete(m, name) - return nil -} - -func (m memoryLocalStore) Close() error { - return nil -} diff --git a/vendor/github.com/DataDog/go-tuf/client/remote_store.go b/vendor/github.com/DataDog/go-tuf/client/remote_store.go deleted file mode 100644 index 17a63fc5..00000000 --- a/vendor/github.com/DataDog/go-tuf/client/remote_store.go +++ /dev/null @@ -1,109 +0,0 @@ -package client - -import ( - "fmt" - "io" - "net/http" - "net/url" - "path" - "strconv" - "strings" - "time" -) - -type HTTPRemoteOptions struct { - MetadataPath string - TargetsPath string - UserAgent string - Retries *HTTPRemoteRetries -} - -type HTTPRemoteRetries struct { - Delay time.Duration - Total time.Duration -} - -var DefaultHTTPRetries = &HTTPRemoteRetries{ - Delay: time.Second, - Total: 10 * time.Second, -} - -func HTTPRemoteStore(baseURL string, opts *HTTPRemoteOptions, client *http.Client) (RemoteStore, error) { - if !strings.HasPrefix(baseURL, "http") { - return nil, ErrInvalidURL{baseURL} - } - if opts == nil { - opts = &HTTPRemoteOptions{} - } - if opts.TargetsPath == "" { - opts.TargetsPath = "targets" - } - if client == nil { - client = http.DefaultClient - } - return &httpRemoteStore{baseURL, opts, client}, nil -} - -type httpRemoteStore struct { - baseURL string - opts *HTTPRemoteOptions - cli *http.Client -} - -func (h *httpRemoteStore) GetMeta(name string) (io.ReadCloser, int64, error) { - return h.get(path.Join(h.opts.MetadataPath, name)) -} - -func (h *httpRemoteStore) GetTarget(name string) (io.ReadCloser, int64, error) { - return h.get(path.Join(h.opts.TargetsPath, name)) -} - -func (h *httpRemoteStore) get(s string) (io.ReadCloser, int64, error) { - u := h.url(s) - req, err := http.NewRequest("GET", u, nil) - if err != nil { - return nil, 0, err - } - if h.opts.UserAgent != "" { - req.Header.Set("User-Agent", h.opts.UserAgent) - } - var res *http.Response - if r := h.opts.Retries; r != nil { - for start := time.Now(); time.Since(start) < r.Total; time.Sleep(r.Delay) { - res, err = h.cli.Do(req) - if err == nil && (res.StatusCode < 500 || res.StatusCode > 599) { - break - } - } - } else { - res, err = h.cli.Do(req) - } - if err != nil { - return nil, 0, err - } - - if res.StatusCode == http.StatusNotFound { - res.Body.Close() - return nil, 0, ErrNotFound{s} - } else if res.StatusCode != http.StatusOK { - res.Body.Close() - return nil, 0, &url.Error{ - Op: "GET", - URL: u, - Err: fmt.Errorf("unexpected HTTP status %d", res.StatusCode), - } - } - - size, err := strconv.ParseInt(res.Header.Get("Content-Length"), 10, 0) - if err != nil { - return res.Body, -1, nil - } - return res.Body, size, nil -} - -func (h *httpRemoteStore) url(path string) string { - if !strings.HasPrefix(path, "/") { - path = "/" + path - } - return h.baseURL + path -} diff --git a/vendor/github.com/DataDog/go-tuf/data/hex_bytes.go b/vendor/github.com/DataDog/go-tuf/data/hex_bytes.go deleted file mode 100644 index ec200412..00000000 --- a/vendor/github.com/DataDog/go-tuf/data/hex_bytes.go +++ /dev/null @@ -1,42 +0,0 @@ -package data - -import ( - "crypto/sha256" - "encoding/hex" - "errors" -) - -type HexBytes []byte - -func (b *HexBytes) UnmarshalJSON(data []byte) error { - if len(data) < 2 || len(data)%2 != 0 || data[0] != '"' || data[len(data)-1] != '"' { - return errors.New("tuf: invalid JSON hex bytes") - } - res := make([]byte, hex.DecodedLen(len(data)-2)) - _, err := hex.Decode(res, data[1:len(data)-1]) - if err != nil { - return err - } - *b = res - return nil -} - -func (b HexBytes) MarshalJSON() ([]byte, error) { - res := make([]byte, hex.EncodedLen(len(b))+2) - res[0] = '"' - res[len(res)-1] = '"' - hex.Encode(res[1:], b) - return res, nil -} - -func (b HexBytes) String() string { - return hex.EncodeToString(b) -} - -// 4.5. File formats: targets.json and delegated target roles: -// ...each target path, when hashed with the SHA-256 hash function to produce -// a 64-byte hexadecimal digest (HEX_DIGEST)... -func PathHexDigest(s string) string { - b := sha256.Sum256([]byte(s)) - return hex.EncodeToString(b[:]) -} diff --git a/vendor/github.com/DataDog/go-tuf/data/types.go b/vendor/github.com/DataDog/go-tuf/data/types.go deleted file mode 100644 index eb00489b..00000000 --- a/vendor/github.com/DataDog/go-tuf/data/types.go +++ /dev/null @@ -1,348 +0,0 @@ -package data - -import ( - "bytes" - "crypto/sha256" - "encoding/hex" - "encoding/json" - "errors" - "fmt" - "path" - "strings" - "sync" - "time" - - "github.com/secure-systems-lab/go-securesystemslib/cjson" -) - -type KeyType string - -type KeyScheme string - -type HashAlgorithm string - -const ( - KeyIDLength = sha256.Size * 2 - - KeyTypeEd25519 KeyType = "ed25519" - // From version 1.0.32, the reference implementation defines 'ecdsa', - // not 'ecdsa-sha2-nistp256' for NIST P-256 curves. - KeyTypeECDSA_SHA2_P256 KeyType = "ecdsa" - KeyTypeECDSA_SHA2_P256_OLD_FMT KeyType = "ecdsa-sha2-nistp256" - KeyTypeRSASSA_PSS_SHA256 KeyType = "rsa" - - KeySchemeEd25519 KeyScheme = "ed25519" - KeySchemeECDSA_SHA2_P256 KeyScheme = "ecdsa-sha2-nistp256" - KeySchemeRSASSA_PSS_SHA256 KeyScheme = "rsassa-pss-sha256" - - HashAlgorithmSHA256 HashAlgorithm = "sha256" - HashAlgorithmSHA512 HashAlgorithm = "sha512" -) - -var ( - HashAlgorithms = []HashAlgorithm{HashAlgorithmSHA256, HashAlgorithmSHA512} - ErrPathsAndPathHashesSet = errors.New("tuf: failed validation of delegated target: paths and path_hash_prefixes are both set") -) - -type Signed struct { - Signed json.RawMessage `json:"signed"` - Signatures []Signature `json:"signatures"` -} - -type Signature struct { - KeyID string `json:"keyid"` - Signature HexBytes `json:"sig"` -} - -type PublicKey struct { - Type KeyType `json:"keytype"` - Scheme KeyScheme `json:"scheme"` - Algorithms []HashAlgorithm `json:"keyid_hash_algorithms,omitempty"` - Value json.RawMessage `json:"keyval"` - - ids []string - idOnce sync.Once -} - -type PrivateKey struct { - Type KeyType `json:"keytype"` - Scheme KeyScheme `json:"scheme,omitempty"` - Algorithms []HashAlgorithm `json:"keyid_hash_algorithms,omitempty"` - Value json.RawMessage `json:"keyval"` -} - -func (k *PublicKey) IDs() []string { - k.idOnce.Do(func() { - data, err := cjson.EncodeCanonical(k) - if err != nil { - panic(fmt.Errorf("tuf: error creating key ID: %w", err)) - } - digest := sha256.Sum256(data) - k.ids = []string{hex.EncodeToString(digest[:])} - }) - return k.ids -} - -func (k *PublicKey) ContainsID(id string) bool { - for _, keyid := range k.IDs() { - if id == keyid { - return true - } - } - return false -} - -func DefaultExpires(role string) time.Time { - var t time.Time - switch role { - case "root": - t = time.Now().AddDate(1, 0, 0) - case "snapshot": - t = time.Now().AddDate(0, 0, 7) - case "timestamp": - t = time.Now().AddDate(0, 0, 1) - default: - // targets and delegated targets - t = time.Now().AddDate(0, 3, 0) - } - return t.UTC().Round(time.Second) -} - -type Root struct { - Type string `json:"_type"` - SpecVersion string `json:"spec_version"` - Version int64 `json:"version"` - Expires time.Time `json:"expires"` - Keys map[string]*PublicKey `json:"keys"` - Roles map[string]*Role `json:"roles"` - Custom *json.RawMessage `json:"custom,omitempty"` - - ConsistentSnapshot bool `json:"consistent_snapshot"` -} - -func NewRoot() *Root { - return &Root{ - Type: "root", - SpecVersion: "1.0", - Expires: DefaultExpires("root"), - Keys: make(map[string]*PublicKey), - Roles: make(map[string]*Role), - ConsistentSnapshot: true, - } -} - -func (r *Root) AddKey(key *PublicKey) bool { - changed := false - for _, id := range key.IDs() { - if _, ok := r.Keys[id]; !ok { - changed = true - r.Keys[id] = key - } - } - return changed -} - -type Role struct { - KeyIDs []string `json:"keyids"` - Threshold int `json:"threshold"` -} - -func (r *Role) AddKeyIDs(ids []string) bool { - roleIDs := make(map[string]struct{}) - for _, id := range r.KeyIDs { - roleIDs[id] = struct{}{} - } - changed := false - for _, id := range ids { - if _, ok := roleIDs[id]; !ok { - changed = true - r.KeyIDs = append(r.KeyIDs, id) - } - } - return changed -} - -type Files map[string]TargetFileMeta - -type Hashes map[string]HexBytes - -func (f Hashes) HashAlgorithms() []string { - funcs := make([]string, 0, len(f)) - for name := range f { - funcs = append(funcs, name) - } - return funcs -} - -type metapathFileMeta struct { - Length int64 `json:"length,omitempty"` - Hashes Hashes `json:"hashes,omitempty"` - Version int64 `json:"version"` - Custom *json.RawMessage `json:"custom,omitempty"` -} - -// SnapshotFileMeta is the meta field of a snapshot -// Note: Contains a `custom` field -type SnapshotFileMeta metapathFileMeta - -type SnapshotFiles map[string]SnapshotFileMeta - -type Snapshot struct { - Type string `json:"_type"` - SpecVersion string `json:"spec_version"` - Version int64 `json:"version"` - Expires time.Time `json:"expires"` - Meta SnapshotFiles `json:"meta"` - Custom *json.RawMessage `json:"custom,omitempty"` -} - -func NewSnapshot() *Snapshot { - return &Snapshot{ - Type: "snapshot", - SpecVersion: "1.0", - Expires: DefaultExpires("snapshot"), - Meta: make(SnapshotFiles), - } -} - -type FileMeta struct { - Length int64 `json:"length"` - Hashes Hashes `json:"hashes"` -} - -type TargetFiles map[string]TargetFileMeta - -type TargetFileMeta struct { - FileMeta - Custom *json.RawMessage `json:"custom,omitempty"` -} - -func (f TargetFileMeta) HashAlgorithms() []string { - return f.FileMeta.Hashes.HashAlgorithms() -} - -type Targets struct { - Type string `json:"_type"` - SpecVersion string `json:"spec_version"` - Version int64 `json:"version"` - Expires time.Time `json:"expires"` - Targets TargetFiles `json:"targets"` - Delegations *Delegations `json:"delegations,omitempty"` - Custom *json.RawMessage `json:"custom,omitempty"` -} - -// Delegations represents the edges from a parent Targets role to one or more -// delegated target roles. See spec v1.0.19 section 4.5. -type Delegations struct { - Keys map[string]*PublicKey `json:"keys"` - Roles []DelegatedRole `json:"roles"` -} - -// DelegatedRole describes a delegated role, including what paths it is -// reponsible for. See spec v1.0.19 section 4.5. -type DelegatedRole struct { - Name string `json:"name"` - KeyIDs []string `json:"keyids"` - Threshold int `json:"threshold"` - Terminating bool `json:"terminating"` - PathHashPrefixes []string `json:"path_hash_prefixes,omitempty"` - Paths []string `json:"paths"` -} - -// MatchesPath evaluates whether the path patterns or path hash prefixes match -// a given file. This determines whether a delegated role is responsible for -// signing and verifying the file. -func (d *DelegatedRole) MatchesPath(file string) (bool, error) { - if err := d.validatePaths(); err != nil { - return false, err - } - - for _, pattern := range d.Paths { - if matched, _ := path.Match(pattern, file); matched { - return true, nil - } - } - - pathHash := PathHexDigest(file) - for _, hashPrefix := range d.PathHashPrefixes { - if strings.HasPrefix(pathHash, hashPrefix) { - return true, nil - } - } - - return false, nil -} - -// validatePaths enforces the spec -// https://theupdateframework.github.io/specification/v1.0.19/index.html#file-formats-targets -// 'role MUST specify only one of the "path_hash_prefixes" or "paths"' -// Marshalling and unmarshalling JSON will fail and return -// ErrPathsAndPathHashesSet if both fields are set and not empty. -func (d *DelegatedRole) validatePaths() error { - if len(d.PathHashPrefixes) > 0 && len(d.Paths) > 0 { - return ErrPathsAndPathHashesSet - } - - return nil -} - -// MarshalJSON is called when writing the struct to JSON. We validate prior to -// marshalling to ensure that an invalid delegated role can not be serialized -// to JSON. -func (d *DelegatedRole) MarshalJSON() ([]byte, error) { - type delegatedRoleAlias DelegatedRole - - if err := d.validatePaths(); err != nil { - return nil, err - } - - return json.Marshal((*delegatedRoleAlias)(d)) -} - -// UnmarshalJSON is called when reading the struct from JSON. We validate once -// unmarshalled to ensure that an error is thrown if an invalid delegated role -// is read. -func (d *DelegatedRole) UnmarshalJSON(b []byte) error { - type delegatedRoleAlias DelegatedRole - - // Prepare decoder - dec := json.NewDecoder(bytes.NewReader(b)) - - // Unmarshal delegated role - if err := dec.Decode((*delegatedRoleAlias)(d)); err != nil { - return err - } - - return d.validatePaths() -} - -func NewTargets() *Targets { - return &Targets{ - Type: "targets", - SpecVersion: "1.0", - Expires: DefaultExpires("targets"), - Targets: make(TargetFiles), - } -} - -type TimestampFileMeta metapathFileMeta - -type TimestampFiles map[string]TimestampFileMeta - -type Timestamp struct { - Type string `json:"_type"` - SpecVersion string `json:"spec_version"` - Version int64 `json:"version"` - Expires time.Time `json:"expires"` - Meta TimestampFiles `json:"meta"` - Custom *json.RawMessage `json:"custom,omitempty"` -} - -func NewTimestamp() *Timestamp { - return &Timestamp{ - Type: "timestamp", - SpecVersion: "1.0", - Expires: DefaultExpires("timestamp"), - Meta: make(TimestampFiles), - } -} diff --git a/vendor/github.com/DataDog/go-tuf/internal/roles/roles.go b/vendor/github.com/DataDog/go-tuf/internal/roles/roles.go deleted file mode 100644 index 0b134b2a..00000000 --- a/vendor/github.com/DataDog/go-tuf/internal/roles/roles.go +++ /dev/null @@ -1,48 +0,0 @@ -package roles - -import ( - "strconv" - "strings" -) - -var TopLevelRoles = map[string]struct{}{ - "root": {}, - "targets": {}, - "snapshot": {}, - "timestamp": {}, -} - -func IsTopLevelRole(name string) bool { - _, ok := TopLevelRoles[name] - return ok -} - -func IsDelegatedTargetsRole(name string) bool { - return !IsTopLevelRole(name) -} - -func IsTopLevelManifest(name string) bool { - if IsVersionedManifest(name) { - var found bool - _, name, found = strings.Cut(name, ".") - if !found { - panic("expected a versioned manifest of the form x.role.json") - } - } - return IsTopLevelRole(strings.TrimSuffix(name, ".json")) -} - -func IsDelegatedTargetsManifest(name string) bool { - return !IsTopLevelManifest(name) -} - -func IsVersionedManifest(name string) bool { - parts := strings.Split(name, ".") - // Versioned manifests have the form "x.role.json" - if len(parts) < 3 { - return false - } - - _, err := strconv.Atoi(parts[0]) - return err == nil -} diff --git a/vendor/github.com/DataDog/go-tuf/internal/sets/strings.go b/vendor/github.com/DataDog/go-tuf/internal/sets/strings.go deleted file mode 100644 index 7eee57d0..00000000 --- a/vendor/github.com/DataDog/go-tuf/internal/sets/strings.go +++ /dev/null @@ -1,24 +0,0 @@ -package sets - -func StringSliceToSet(items []string) map[string]struct{} { - s := map[string]struct{}{} - for _, item := range items { - s[item] = struct{}{} - } - return s -} - -func StringSetToSlice(items map[string]struct{}) []string { - ret := []string{} - - for k := range items { - ret = append(ret, k) - } - - return ret -} - -func DeduplicateStrings(items []string) []string { - s := StringSliceToSet(items) - return StringSetToSlice(s) -} diff --git a/vendor/github.com/DataDog/go-tuf/pkg/keys/deprecated_ecdsa.go b/vendor/github.com/DataDog/go-tuf/pkg/keys/deprecated_ecdsa.go deleted file mode 100644 index 6c4c2068..00000000 --- a/vendor/github.com/DataDog/go-tuf/pkg/keys/deprecated_ecdsa.go +++ /dev/null @@ -1,101 +0,0 @@ -package keys - -import ( - "bytes" - "crypto/ecdsa" - "crypto/elliptic" - "crypto/sha256" - "encoding/json" - "errors" - "fmt" - "io" - - "github.com/DataDog/go-tuf/data" -) - -func NewDeprecatedEcdsaVerifier() Verifier { - return &ecdsaVerifierWithDeprecatedSupport{} -} - -type ecdsaVerifierWithDeprecatedSupport struct { - key *data.PublicKey - // This will switch based on whether this is a PEM-encoded key - // or a deprecated hex-encoded key. - Verifier -} - -func (p *ecdsaVerifierWithDeprecatedSupport) UnmarshalPublicKey(key *data.PublicKey) error { - p.key = key - pemVerifier := &EcdsaVerifier{} - if err := pemVerifier.UnmarshalPublicKey(key); err != nil { - // Try the deprecated hex-encoded verifier - hexVerifier := &deprecatedP256Verifier{} - if err := hexVerifier.UnmarshalPublicKey(key); err != nil { - return err - } - p.Verifier = hexVerifier - return nil - } - p.Verifier = pemVerifier - return nil -} - -/* - Deprecated ecdsaVerifier that used hex-encoded public keys. - This MAY be used to verify existing metadata that used this - old format. This will be deprecated soon, ensure that repositories - are re-signed and clients receieve a fully compliant root. -*/ - -type deprecatedP256Verifier struct { - PublicKey data.HexBytes `json:"public"` - key *data.PublicKey -} - -func (p *deprecatedP256Verifier) Public() string { - return p.PublicKey.String() -} - -func (p *deprecatedP256Verifier) Verify(msg, sigBytes []byte) error { - x, y := elliptic.Unmarshal(elliptic.P256(), p.PublicKey) - k := &ecdsa.PublicKey{ - Curve: elliptic.P256(), - X: x, - Y: y, - } - - hash := sha256.Sum256(msg) - - if !ecdsa.VerifyASN1(k, hash[:], sigBytes) { - return errors.New("tuf: deprecated ecdsa signature verification failed") - } - return nil -} - -func (p *deprecatedP256Verifier) MarshalPublicKey() *data.PublicKey { - return p.key -} - -func (p *deprecatedP256Verifier) UnmarshalPublicKey(key *data.PublicKey) error { - // Prepare decoder limited to 512Kb - dec := json.NewDecoder(io.LimitReader(bytes.NewReader(key.Value), MaxJSONKeySize)) - - // Unmarshal key value - if err := dec.Decode(p); err != nil { - if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) { - return fmt.Errorf("tuf: the public key is truncated or too large: %w", err) - } - return err - } - - curve := elliptic.P256() - - // Parse as uncompressed marshalled point. - x, _ := elliptic.Unmarshal(curve, p.PublicKey) - if x == nil { - return errors.New("tuf: invalid ecdsa public key point") - } - - p.key = key - return nil -} diff --git a/vendor/github.com/DataDog/go-tuf/pkg/keys/ecdsa.go b/vendor/github.com/DataDog/go-tuf/pkg/keys/ecdsa.go deleted file mode 100644 index ea75b97e..00000000 --- a/vendor/github.com/DataDog/go-tuf/pkg/keys/ecdsa.go +++ /dev/null @@ -1,173 +0,0 @@ -package keys - -import ( - "bytes" - "crypto/ecdsa" - "crypto/elliptic" - "crypto/rand" - "crypto/sha256" - "crypto/x509" - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io" - - "github.com/DataDog/go-tuf/data" -) - -func init() { - // Note: we use LoadOrStore here to prevent accidentally overriding the - // an explicit deprecated ECDSA verifier. - // TODO: When deprecated ECDSA is removed, this can switch back to Store. - VerifierMap.LoadOrStore(data.KeyTypeECDSA_SHA2_P256_OLD_FMT, NewEcdsaVerifier) - VerifierMap.LoadOrStore(data.KeyTypeECDSA_SHA2_P256, NewEcdsaVerifier) - SignerMap.Store(data.KeyTypeECDSA_SHA2_P256_OLD_FMT, newEcdsaSigner) - SignerMap.Store(data.KeyTypeECDSA_SHA2_P256, newEcdsaSigner) -} - -func NewEcdsaVerifier() Verifier { - return &EcdsaVerifier{} -} - -func newEcdsaSigner() Signer { - return &ecdsaSigner{} -} - -type EcdsaVerifier struct { - PublicKey *PKIXPublicKey `json:"public"` - ecdsaKey *ecdsa.PublicKey - key *data.PublicKey -} - -func (p *EcdsaVerifier) Public() string { - // This is already verified to succeed when unmarshalling a public key. - r, err := x509.MarshalPKIXPublicKey(p.ecdsaKey) - if err != nil { - // TODO: Gracefully handle these errors. - // See https://github.com/DataDog/go-tuf/issues/363 - panic(err) - } - return string(r) -} - -func (p *EcdsaVerifier) Verify(msg, sigBytes []byte) error { - hash := sha256.Sum256(msg) - - if !ecdsa.VerifyASN1(p.ecdsaKey, hash[:], sigBytes) { - return errors.New("tuf: ecdsa signature verification failed") - } - return nil -} - -func (p *EcdsaVerifier) MarshalPublicKey() *data.PublicKey { - return p.key -} - -func (p *EcdsaVerifier) UnmarshalPublicKey(key *data.PublicKey) error { - // Prepare decoder limited to 512Kb - dec := json.NewDecoder(io.LimitReader(bytes.NewReader(key.Value), MaxJSONKeySize)) - - // Unmarshal key value - if err := dec.Decode(p); err != nil { - if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) { - return fmt.Errorf("tuf: the public key is truncated or too large: %w", err) - } - return err - } - - ecdsaKey, ok := p.PublicKey.PublicKey.(*ecdsa.PublicKey) - if !ok { - return fmt.Errorf("invalid public key") - } - - if _, err := x509.MarshalPKIXPublicKey(ecdsaKey); err != nil { - return fmt.Errorf("marshalling to PKIX key: invalid public key") - } - - p.ecdsaKey = ecdsaKey - p.key = key - return nil -} - -type ecdsaSigner struct { - *ecdsa.PrivateKey -} - -type ecdsaPrivateKeyValue struct { - Private string `json:"private"` - Public *PKIXPublicKey `json:"public"` -} - -func (s *ecdsaSigner) PublicData() *data.PublicKey { - // This uses a trusted public key JSON format with a trusted Public value. - keyValBytes, _ := json.Marshal(EcdsaVerifier{PublicKey: &PKIXPublicKey{PublicKey: s.Public()}}) - return &data.PublicKey{ - Type: data.KeyTypeECDSA_SHA2_P256, - Scheme: data.KeySchemeECDSA_SHA2_P256, - Algorithms: data.HashAlgorithms, - Value: keyValBytes, - } -} - -func (s *ecdsaSigner) SignMessage(message []byte) ([]byte, error) { - hash := sha256.Sum256(message) - return ecdsa.SignASN1(rand.Reader, s.PrivateKey, hash[:]) -} - -func (s *ecdsaSigner) MarshalPrivateKey() (*data.PrivateKey, error) { - priv, err := x509.MarshalECPrivateKey(s.PrivateKey) - if err != nil { - return nil, err - } - pemKey := pem.EncodeToMemory(&pem.Block{Type: "EC PRIVATE KEY", Bytes: priv}) - val, err := json.Marshal(ecdsaPrivateKeyValue{ - Private: string(pemKey), - Public: &PKIXPublicKey{PublicKey: s.Public()}, - }) - if err != nil { - return nil, err - } - return &data.PrivateKey{ - Type: data.KeyTypeECDSA_SHA2_P256, - Scheme: data.KeySchemeECDSA_SHA2_P256, - Algorithms: data.HashAlgorithms, - Value: val, - }, nil -} - -func (s *ecdsaSigner) UnmarshalPrivateKey(key *data.PrivateKey) error { - val := ecdsaPrivateKeyValue{} - if err := json.Unmarshal(key.Value, &val); err != nil { - return err - } - block, _ := pem.Decode([]byte(val.Private)) - if block == nil { - return errors.New("invalid PEM value") - } - if block.Type != "EC PRIVATE KEY" { - return fmt.Errorf("invalid block type: %s", block.Type) - } - k, err := x509.ParseECPrivateKey(block.Bytes) - if err != nil { - return err - } - if k.Curve != elliptic.P256() { - return errors.New("unsupported ecdsa curve") - } - if _, err := json.Marshal(EcdsaVerifier{ - PublicKey: &PKIXPublicKey{PublicKey: k.Public()}}); err != nil { - return fmt.Errorf("invalid public key: %s", err) - } - - s.PrivateKey = k - return nil -} - -func GenerateEcdsaKey() (*ecdsaSigner, error) { - privkey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) - if err != nil { - return nil, err - } - return &ecdsaSigner{privkey}, nil -} diff --git a/vendor/github.com/DataDog/go-tuf/pkg/keys/ed25519.go b/vendor/github.com/DataDog/go-tuf/pkg/keys/ed25519.go deleted file mode 100644 index 4667147f..00000000 --- a/vendor/github.com/DataDog/go-tuf/pkg/keys/ed25519.go +++ /dev/null @@ -1,161 +0,0 @@ -package keys - -import ( - "bytes" - "crypto" - "crypto/ed25519" - "crypto/rand" - "crypto/subtle" - "encoding/json" - "errors" - "fmt" - "io" - - "github.com/DataDog/go-tuf/data" -) - -func init() { - SignerMap.Store(data.KeyTypeEd25519, NewEd25519Signer) - VerifierMap.Store(data.KeyTypeEd25519, NewEd25519Verifier) -} - -func NewEd25519Signer() Signer { - return &ed25519Signer{} -} - -func NewEd25519Verifier() Verifier { - return &ed25519Verifier{} -} - -type ed25519Verifier struct { - PublicKey data.HexBytes `json:"public"` - key *data.PublicKey -} - -func (e *ed25519Verifier) Public() string { - return string(e.PublicKey) -} - -func (e *ed25519Verifier) Verify(msg, sig []byte) error { - if !ed25519.Verify([]byte(e.PublicKey), msg, sig) { - return errors.New("tuf: ed25519 signature verification failed") - } - return nil -} - -func (e *ed25519Verifier) MarshalPublicKey() *data.PublicKey { - return e.key -} - -func (e *ed25519Verifier) UnmarshalPublicKey(key *data.PublicKey) error { - e.key = key - - // Prepare decoder limited to 512Kb - dec := json.NewDecoder(io.LimitReader(bytes.NewReader(key.Value), MaxJSONKeySize)) - - // Unmarshal key value - if err := dec.Decode(e); err != nil { - if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) { - return fmt.Errorf("tuf: the public key is truncated or too large: %w", err) - } - return err - } - if n := len(e.PublicKey); n != ed25519.PublicKeySize { - return fmt.Errorf("tuf: unexpected public key length for ed25519 key, expected %d, got %d", ed25519.PublicKeySize, n) - } - return nil -} - -type Ed25519PrivateKeyValue struct { - Public data.HexBytes `json:"public"` - Private data.HexBytes `json:"private"` -} - -type ed25519Signer struct { - ed25519.PrivateKey -} - -func GenerateEd25519Key() (*ed25519Signer, error) { - _, private, err := ed25519.GenerateKey(rand.Reader) - if err != nil { - return nil, err - } - if err != nil { - return nil, err - } - return &ed25519Signer{ - PrivateKey: ed25519.PrivateKey(data.HexBytes(private)), - }, nil -} - -func NewEd25519SignerFromKey(keyValue Ed25519PrivateKeyValue) *ed25519Signer { - return &ed25519Signer{ - PrivateKey: ed25519.PrivateKey(data.HexBytes(keyValue.Private)), - } -} - -func (e *ed25519Signer) SignMessage(message []byte) ([]byte, error) { - return e.Sign(rand.Reader, message, crypto.Hash(0)) -} - -func (e *ed25519Signer) MarshalPrivateKey() (*data.PrivateKey, error) { - valueBytes, err := json.Marshal(Ed25519PrivateKeyValue{ - Public: data.HexBytes([]byte(e.PrivateKey.Public().(ed25519.PublicKey))), - Private: data.HexBytes(e.PrivateKey), - }) - if err != nil { - return nil, err - } - return &data.PrivateKey{ - Type: data.KeyTypeEd25519, - Scheme: data.KeySchemeEd25519, - Algorithms: data.HashAlgorithms, - Value: valueBytes, - }, nil -} - -func (e *ed25519Signer) UnmarshalPrivateKey(key *data.PrivateKey) error { - keyValue := &Ed25519PrivateKeyValue{} - - // Prepare decoder limited to 512Kb - dec := json.NewDecoder(io.LimitReader(bytes.NewReader(key.Value), MaxJSONKeySize)) - - // Unmarshal key value - if err := dec.Decode(keyValue); err != nil { - if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) { - return fmt.Errorf("tuf: the private key is truncated or too large: %w", err) - } - } - - // Check private key length - if n := len(keyValue.Private); n != ed25519.PrivateKeySize { - return fmt.Errorf("tuf: invalid ed25519 private key length, expected %d, got %d", ed25519.PrivateKeySize, n) - } - - // Generate public key from private key - pub, _, err := ed25519.GenerateKey(bytes.NewReader(keyValue.Private)) - if err != nil { - return fmt.Errorf("tuf: unable to derive public key from private key: %w", err) - } - - // Compare keys - if subtle.ConstantTimeCompare(keyValue.Public, pub) != 1 { - return errors.New("tuf: public and private keys don't match") - } - - // Prepare signer - *e = ed25519Signer{ - PrivateKey: ed25519.PrivateKey(data.HexBytes(keyValue.Private)), - } - return nil -} - -func (e *ed25519Signer) PublicData() *data.PublicKey { - keyValBytes, _ := json.Marshal(ed25519Verifier{PublicKey: []byte(e.PrivateKey.Public().(ed25519.PublicKey))}) - return &data.PublicKey{ - Type: data.KeyTypeEd25519, - Scheme: data.KeySchemeEd25519, - Algorithms: data.HashAlgorithms, - Value: keyValBytes, - } -} diff --git a/vendor/github.com/DataDog/go-tuf/pkg/keys/keys.go b/vendor/github.com/DataDog/go-tuf/pkg/keys/keys.go deleted file mode 100644 index 7fc25316..00000000 --- a/vendor/github.com/DataDog/go-tuf/pkg/keys/keys.go +++ /dev/null @@ -1,82 +0,0 @@ -package keys - -import ( - "errors" - "fmt" - "sync" - - "github.com/DataDog/go-tuf/data" -) - -// MaxJSONKeySize defines the maximum length of a JSON payload. -const MaxJSONKeySize = 512 * 1024 // 512Kb - -// SignerMap stores mapping between key type strings and signer constructors. -var SignerMap sync.Map - -// Verifier stores mapping between key type strings and verifier constructors. -var VerifierMap sync.Map - -var ( - ErrInvalid = errors.New("tuf: signature verification failed") - ErrInvalidKey = errors.New("invalid key") -) - -// A Verifier verifies public key signatures. -type Verifier interface { - // UnmarshalPublicKey takes key data to a working verifier implementation for the key type. - // This performs any validation over the data.PublicKey to ensure that the verifier is usable - // to verify signatures. - UnmarshalPublicKey(key *data.PublicKey) error - - // MarshalPublicKey returns the data.PublicKey object associated with the verifier. - MarshalPublicKey() *data.PublicKey - - // This is the public string used as a unique identifier for the verifier instance. - Public() string - - // Verify takes a message and signature, all as byte slices, - // and determines whether the signature is valid for the given - // key and message. - Verify(msg, sig []byte) error -} - -type Signer interface { - // MarshalPrivateKey returns the private key data. - MarshalPrivateKey() (*data.PrivateKey, error) - - // UnmarshalPrivateKey takes private key data to a working Signer implementation for the key type. - UnmarshalPrivateKey(key *data.PrivateKey) error - - // Returns the public data.PublicKey from the private key - PublicData() *data.PublicKey - - // Sign returns the signature of the message. - // The signer is expected to do its own hashing, so the full message will be - // provided as the message to Sign with a zero opts.HashFunc(). - SignMessage(message []byte) ([]byte, error) -} - -func GetVerifier(key *data.PublicKey) (Verifier, error) { - st, ok := VerifierMap.Load(key.Type) - if !ok { - return nil, ErrInvalidKey - } - s := st.(func() Verifier)() - if err := s.UnmarshalPublicKey(key); err != nil { - return nil, fmt.Errorf("tuf: error unmarshalling key: %w", err) - } - return s, nil -} - -func GetSigner(key *data.PrivateKey) (Signer, error) { - st, ok := SignerMap.Load(key.Type) - if !ok { - return nil, ErrInvalidKey - } - s := st.(func() Signer)() - if err := s.UnmarshalPrivateKey(key); err != nil { - return nil, fmt.Errorf("tuf: error unmarshalling key: %w", err) - } - return s, nil -} diff --git a/vendor/github.com/DataDog/go-tuf/pkg/keys/pkix.go b/vendor/github.com/DataDog/go-tuf/pkg/keys/pkix.go deleted file mode 100644 index e58d4c9f..00000000 --- a/vendor/github.com/DataDog/go-tuf/pkg/keys/pkix.go +++ /dev/null @@ -1,56 +0,0 @@ -package keys - -import ( - "bytes" - "crypto" - "crypto/x509" - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io" -) - -type PKIXPublicKey struct { - crypto.PublicKey -} - -func (p *PKIXPublicKey) MarshalJSON() ([]byte, error) { - bytes, err := x509.MarshalPKIXPublicKey(p.PublicKey) - if err != nil { - return nil, err - } - pemBytes := pem.EncodeToMemory(&pem.Block{ - Type: "PUBLIC KEY", - Bytes: bytes, - }) - return json.Marshal(string(pemBytes)) -} - -func (p *PKIXPublicKey) UnmarshalJSON(b []byte) error { - var pemValue string - // Prepare decoder limited to 512Kb - dec := json.NewDecoder(io.LimitReader(bytes.NewReader(b), MaxJSONKeySize)) - - // Unmarshal key value - if err := dec.Decode(&pemValue); err != nil { - if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) { - return fmt.Errorf("tuf: the public key is truncated or too large: %w", err) - } - return err - } - - block, _ := pem.Decode([]byte(pemValue)) - if block == nil { - return errors.New("invalid PEM value") - } - if block.Type != "PUBLIC KEY" { - return fmt.Errorf("invalid block type: %s", block.Type) - } - pub, err := x509.ParsePKIXPublicKey(block.Bytes) - if err != nil { - return err - } - p.PublicKey = pub - return nil -} diff --git a/vendor/github.com/DataDog/go-tuf/pkg/keys/rsa.go b/vendor/github.com/DataDog/go-tuf/pkg/keys/rsa.go deleted file mode 100644 index 17d7690a..00000000 --- a/vendor/github.com/DataDog/go-tuf/pkg/keys/rsa.go +++ /dev/null @@ -1,162 +0,0 @@ -package keys - -import ( - "bytes" - "crypto" - "crypto/rand" - "crypto/rsa" - "crypto/sha256" - "crypto/x509" - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io" - - "github.com/DataDog/go-tuf/data" -) - -func init() { - VerifierMap.Store(data.KeyTypeRSASSA_PSS_SHA256, newRsaVerifier) - SignerMap.Store(data.KeyTypeRSASSA_PSS_SHA256, newRsaSigner) -} - -func newRsaVerifier() Verifier { - return &rsaVerifier{} -} - -func newRsaSigner() Signer { - return &rsaSigner{} -} - -type rsaVerifier struct { - PublicKey *PKIXPublicKey `json:"public"` - rsaKey *rsa.PublicKey - key *data.PublicKey -} - -func (p *rsaVerifier) Public() string { - // This is already verified to succeed when unmarshalling a public key. - r, err := x509.MarshalPKIXPublicKey(p.rsaKey) - if err != nil { - // TODO: Gracefully handle these errors. - // See https://github.com/DataDog/go-tuf/issues/363 - panic(err) - } - return string(r) -} - -func (p *rsaVerifier) Verify(msg, sigBytes []byte) error { - hash := sha256.Sum256(msg) - - return rsa.VerifyPSS(p.rsaKey, crypto.SHA256, hash[:], sigBytes, &rsa.PSSOptions{}) -} - -func (p *rsaVerifier) MarshalPublicKey() *data.PublicKey { - return p.key -} - -func (p *rsaVerifier) UnmarshalPublicKey(key *data.PublicKey) error { - // Prepare decoder limited to 512Kb - dec := json.NewDecoder(io.LimitReader(bytes.NewReader(key.Value), MaxJSONKeySize)) - - // Unmarshal key value - if err := dec.Decode(p); err != nil { - if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) { - return fmt.Errorf("tuf: the public key is truncated or too large: %w", err) - } - return err - } - - rsaKey, ok := p.PublicKey.PublicKey.(*rsa.PublicKey) - if !ok { - return fmt.Errorf("invalid public key") - } - - if _, err := x509.MarshalPKIXPublicKey(rsaKey); err != nil { - return fmt.Errorf("marshalling to PKIX key: invalid public key") - } - - p.rsaKey = rsaKey - p.key = key - return nil -} - -type rsaSigner struct { - *rsa.PrivateKey -} - -type rsaPrivateKeyValue struct { - Private string `json:"private"` - Public *PKIXPublicKey `json:"public"` -} - -func (s *rsaSigner) PublicData() *data.PublicKey { - keyValBytes, _ := json.Marshal(rsaVerifier{PublicKey: &PKIXPublicKey{PublicKey: s.Public()}}) - return &data.PublicKey{ - Type: data.KeyTypeRSASSA_PSS_SHA256, - Scheme: data.KeySchemeRSASSA_PSS_SHA256, - Algorithms: data.HashAlgorithms, - Value: keyValBytes, - } -} - -func (s *rsaSigner) SignMessage(message []byte) ([]byte, error) { - hash := sha256.Sum256(message) - return rsa.SignPSS(rand.Reader, s.PrivateKey, crypto.SHA256, hash[:], &rsa.PSSOptions{}) -} - -func (s *rsaSigner) ContainsID(id string) bool { - return s.PublicData().ContainsID(id) -} - -func (s *rsaSigner) MarshalPrivateKey() (*data.PrivateKey, error) { - priv := x509.MarshalPKCS1PrivateKey(s.PrivateKey) - pemKey := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: priv}) - val, err := json.Marshal(rsaPrivateKeyValue{ - Private: string(pemKey), - Public: &PKIXPublicKey{PublicKey: s.Public()}, - }) - if err != nil { - return nil, err - } - return &data.PrivateKey{ - Type: data.KeyTypeRSASSA_PSS_SHA256, - Scheme: data.KeySchemeRSASSA_PSS_SHA256, - Algorithms: data.HashAlgorithms, - Value: val, - }, nil -} - -func (s *rsaSigner) UnmarshalPrivateKey(key *data.PrivateKey) error { - val := rsaPrivateKeyValue{} - if err := json.Unmarshal(key.Value, &val); err != nil { - return err - } - block, _ := pem.Decode([]byte(val.Private)) - if block == nil { - return errors.New("invalid PEM value") - } - if block.Type != "RSA PRIVATE KEY" { - return fmt.Errorf("invalid block type: %s", block.Type) - } - k, err := x509.ParsePKCS1PrivateKey(block.Bytes) - if err != nil { - return err - } - if _, err := json.Marshal(rsaVerifier{ - PublicKey: &PKIXPublicKey{PublicKey: k.Public()}}); err != nil { - return fmt.Errorf("invalid public key: %s", err) - } - - s.PrivateKey = k - return nil -} - -func GenerateRsaKey() (*rsaSigner, error) { - privkey, err := rsa.GenerateKey(rand.Reader, 2048) - if err != nil { - return nil, err - } - return &rsaSigner{privkey}, nil -} diff --git a/vendor/github.com/DataDog/go-tuf/pkg/targets/delegation.go b/vendor/github.com/DataDog/go-tuf/pkg/targets/delegation.go deleted file mode 100644 index d155d070..00000000 --- a/vendor/github.com/DataDog/go-tuf/pkg/targets/delegation.go +++ /dev/null @@ -1,102 +0,0 @@ -package targets - -import ( - "errors" - - "github.com/DataDog/go-tuf/data" - "github.com/DataDog/go-tuf/internal/sets" - "github.com/DataDog/go-tuf/verify" -) - -type Delegation struct { - Delegator string - Delegatee data.DelegatedRole - DB *verify.DB -} - -type delegationsIterator struct { - stack []Delegation - target string - visitedRoles map[string]struct{} - parents map[string]string -} - -var ErrTopLevelTargetsRoleMissing = errors.New("tuf: top level targets role missing from top level keys DB") - -// NewDelegationsIterator initialises an iterator with a first step -// on top level targets. -func NewDelegationsIterator(target string, topLevelKeysDB *verify.DB) (*delegationsIterator, error) { - targetsRole := topLevelKeysDB.GetRole("targets") - if targetsRole == nil { - return nil, ErrTopLevelTargetsRoleMissing - } - - i := &delegationsIterator{ - target: target, - stack: []Delegation{ - { - Delegatee: data.DelegatedRole{ - Name: "targets", - KeyIDs: sets.StringSetToSlice(targetsRole.KeyIDs), - Threshold: targetsRole.Threshold, - }, - DB: topLevelKeysDB, - }, - }, - visitedRoles: make(map[string]struct{}), - parents: make(map[string]string), - } - return i, nil -} - -func (d *delegationsIterator) Next() (value Delegation, ok bool) { - if len(d.stack) == 0 { - return Delegation{}, false - } - delegation := d.stack[len(d.stack)-1] - d.stack = d.stack[:len(d.stack)-1] - - // 5.6.7.1: If this role has been visited before, then skip this role (so - // that cycles in the delegation graph are avoided). - roleName := delegation.Delegatee.Name - if _, ok := d.visitedRoles[roleName]; ok { - return d.Next() - } - d.visitedRoles[roleName] = struct{}{} - - // 5.6.7.2 trim delegations to visit, only the current role and its delegations - // will be considered - // https://github.com/theupdateframework/specification/issues/168 - if delegation.Delegatee.Terminating { - // Empty the stack. - d.stack = d.stack[0:0] - } - return delegation, true -} - -func (d *delegationsIterator) Add(roles []data.DelegatedRole, delegator string, db *verify.DB) error { - for i := len(roles) - 1; i >= 0; i-- { - // Push the roles onto the stack in reverse so we get an preorder traversal - // of the delegations graph. - r := roles[i] - matchesPath, err := r.MatchesPath(d.target) - if err != nil { - return err - } - if matchesPath { - delegation := Delegation{ - Delegator: delegator, - Delegatee: r, - DB: db, - } - d.stack = append(d.stack, delegation) - d.parents[r.Name] = delegator - } - } - - return nil -} - -func (d *delegationsIterator) Parent(role string) string { - return d.parents[role] -} diff --git a/vendor/github.com/DataDog/go-tuf/pkg/targets/hash_bins.go b/vendor/github.com/DataDog/go-tuf/pkg/targets/hash_bins.go deleted file mode 100644 index 95f4405d..00000000 --- a/vendor/github.com/DataDog/go-tuf/pkg/targets/hash_bins.go +++ /dev/null @@ -1,113 +0,0 @@ -package targets - -import ( - "fmt" - "strconv" - "strings" -) - -const MinDelegationHashPrefixBitLen = 1 -const MaxDelegationHashPrefixBitLen = 32 - -// hexEncode formats x as a hex string. The hex string is left padded with -// zeros to padWidth, if necessary. -func hexEncode(x uint64, padWidth int) string { - // Benchmarked to be more than 10x faster than padding with Sprintf. - s := strconv.FormatUint(x, 16) - if len(s) >= padWidth { - return s - } - return strings.Repeat("0", padWidth-len(s)) + s -} - -const bitsPerHexDigit = 4 - -// numHexDigits returns the number of hex digits required to encode the given -// number of bits. -func numHexDigits(numBits int) int { - // ceil(numBits / bitsPerHexDigit) - return ((numBits - 1) / bitsPerHexDigit) + 1 -} - -// HashBins represents an ordered list of hash bin target roles, which together -// partition the space of target path hashes equal-sized buckets based on path -// has prefix. -type HashBins struct { - rolePrefix string - bitLen int - hexDigitLen int - - numBins uint64 - numPrefixesPerBin uint64 -} - -// NewHashBins creates a HashBins partitioning with 2^bitLen buckets. -func NewHashBins(rolePrefix string, bitLen int) (*HashBins, error) { - if bitLen < MinDelegationHashPrefixBitLen || bitLen > MaxDelegationHashPrefixBitLen { - return nil, fmt.Errorf("bitLen is out of bounds, should be between %v and %v inclusive", MinDelegationHashPrefixBitLen, MaxDelegationHashPrefixBitLen) - } - - hexDigitLen := numHexDigits(bitLen) - numBins := uint64(1) << bitLen - - numPrefixesTotal := uint64(1) << (bitsPerHexDigit * hexDigitLen) - numPrefixesPerBin := numPrefixesTotal / numBins - - return &HashBins{ - rolePrefix: rolePrefix, - bitLen: bitLen, - hexDigitLen: hexDigitLen, - numBins: numBins, - numPrefixesPerBin: numPrefixesPerBin, - }, nil -} - -// NumBins returns the number of hash bin partitions. -func (hb *HashBins) NumBins() uint64 { - return hb.numBins -} - -// GetBin returns the HashBin at index i, or nil if i is out of bounds. -func (hb *HashBins) GetBin(i uint64) *HashBin { - if i >= hb.numBins { - return nil - } - - return &HashBin{ - rolePrefix: hb.rolePrefix, - hexDigitLen: hb.hexDigitLen, - first: i * hb.numPrefixesPerBin, - last: ((i + 1) * hb.numPrefixesPerBin) - 1, - } -} - -// HashBin represents a hex prefix range. First should be less than Last. -type HashBin struct { - rolePrefix string - hexDigitLen int - first uint64 - last uint64 -} - -// RoleName returns the name of the role that signs for the HashBin. -func (b *HashBin) RoleName() string { - if b.first == b.last { - return b.rolePrefix + hexEncode(b.first, b.hexDigitLen) - } - - return b.rolePrefix + hexEncode(b.first, b.hexDigitLen) + "-" + hexEncode(b.last, b.hexDigitLen) -} - -// HashPrefixes returns a slice of all hash prefixes in the bin. -func (b *HashBin) HashPrefixes() []string { - n := int(b.last - b.first + 1) - ret := make([]string, int(n)) - - x := b.first - for i := 0; i < n; i++ { - ret[i] = hexEncode(x, b.hexDigitLen) - x++ - } - - return ret -} diff --git a/vendor/github.com/DataDog/go-tuf/util/util.go b/vendor/github.com/DataDog/go-tuf/util/util.go deleted file mode 100644 index a9b23b00..00000000 --- a/vendor/github.com/DataDog/go-tuf/util/util.go +++ /dev/null @@ -1,332 +0,0 @@ -package util - -import ( - "bytes" - "crypto/hmac" - "crypto/sha256" - "crypto/sha512" - "encoding/hex" - "encoding/json" - "fmt" - "hash" - "io" - "os" - "path" - "path/filepath" - "strconv" - "strings" - - "github.com/DataDog/go-tuf/data" -) - -type ErrWrongLength struct { - Expected int64 - Actual int64 -} - -func (e ErrWrongLength) Error() string { - return fmt.Sprintf("wrong length, expected %d got %d", e.Expected, e.Actual) -} - -type ErrWrongVersion struct { - Expected int64 - Actual int64 -} - -func (e ErrWrongVersion) Error() string { - return fmt.Sprintf("wrong version, expected %d got %d", e.Expected, e.Actual) -} - -type ErrWrongHash struct { - Type string - Expected data.HexBytes - Actual data.HexBytes -} - -func (e ErrWrongHash) Error() string { - return fmt.Sprintf("wrong %s hash, expected %s got %s", e.Type, hex.EncodeToString(e.Expected), hex.EncodeToString(e.Actual)) -} - -type ErrNoCommonHash struct { - Expected data.Hashes - Actual data.Hashes -} - -func (e ErrNoCommonHash) Error() string { - types := func(a data.Hashes) []string { - t := make([]string, 0, len(a)) - for typ := range a { - t = append(t, typ) - } - return t - } - return fmt.Sprintf("no common hash function, expected one of %s, got %s", types(e.Expected), types(e.Actual)) -} - -type ErrUnknownHashAlgorithm struct { - Name string -} - -func (e ErrUnknownHashAlgorithm) Error() string { - return fmt.Sprintf("unknown hash algorithm: %s", e.Name) -} - -type PassphraseFunc func(role string, confirm bool, change bool) ([]byte, error) - -func FileMetaEqual(actual data.FileMeta, expected data.FileMeta) error { - if actual.Length != expected.Length { - return ErrWrongLength{expected.Length, actual.Length} - } - - if err := hashEqual(actual.Hashes, expected.Hashes); err != nil { - return err - } - - return nil -} - -func BytesMatchLenAndHashes(fetched []byte, length int64, hashes data.Hashes) error { - flen := int64(len(fetched)) - if length != 0 && flen != length { - return ErrWrongLength{length, flen} - } - - for alg, expected := range hashes { - var h hash.Hash - switch alg { - case "sha256": - h = sha256.New() - case "sha512": - h = sha512.New() - default: - return ErrUnknownHashAlgorithm{alg} - } - h.Write(fetched) - hash := h.Sum(nil) - if !hmac.Equal(hash, expected) { - return ErrWrongHash{alg, expected, hash} - } - } - - return nil -} - -func hashEqual(actual data.Hashes, expected data.Hashes) error { - hashChecked := false - for typ, hash := range expected { - if h, ok := actual[typ]; ok { - hashChecked = true - if !hmac.Equal(h, hash) { - return ErrWrongHash{typ, hash, h} - } - } - } - if !hashChecked { - return ErrNoCommonHash{expected, actual} - } - return nil -} - -func VersionEqual(actual int64, expected int64) error { - if actual != expected { - return ErrWrongVersion{expected, actual} - } - return nil -} - -func SnapshotFileMetaEqual(actual data.SnapshotFileMeta, expected data.SnapshotFileMeta) error { - // TUF-1.0 no longer considers the length and hashes to be a required - // member of snapshots. However they are considering requiring hashes - // for delegated roles to avoid an attack described in Section 5.6 of - // the Mercury paper: - // https://github.com/theupdateframework/specification/pull/40 - if expected.Length != 0 && actual.Length != expected.Length { - return ErrWrongLength{expected.Length, actual.Length} - } - // 5.6.2 - Check against snapshot role's targets hash - if len(expected.Hashes) != 0 { - if err := hashEqual(actual.Hashes, expected.Hashes); err != nil { - return err - } - } - // 5.6.4 - Check against snapshot role's snapshot version - if err := VersionEqual(actual.Version, expected.Version); err != nil { - return err - } - - return nil -} - -func TargetFileMetaEqual(actual data.TargetFileMeta, expected data.TargetFileMeta) error { - return FileMetaEqual(actual.FileMeta, expected.FileMeta) -} - -func TimestampFileMetaEqual(actual data.TimestampFileMeta, expected data.TimestampFileMeta) error { - // TUF no longer considers the length and hashes to be a required - // member of Timestamp. - if expected.Length != 0 && actual.Length != expected.Length { - return ErrWrongLength{expected.Length, actual.Length} - } - // 5.5.2 - Check against timestamp role's snapshot hash - if len(expected.Hashes) != 0 { - if err := hashEqual(actual.Hashes, expected.Hashes); err != nil { - return err - } - } - // 5.5.4 - Check against timestamp role's snapshot version - if err := VersionEqual(actual.Version, expected.Version); err != nil { - return err - } - - return nil -} - -const defaultHashAlgorithm = "sha512" - -func GenerateFileMeta(r io.Reader, hashAlgorithms ...string) (data.FileMeta, error) { - if len(hashAlgorithms) == 0 { - hashAlgorithms = []string{defaultHashAlgorithm} - } - hashes := make(map[string]hash.Hash, len(hashAlgorithms)) - for _, hashAlgorithm := range hashAlgorithms { - var h hash.Hash - switch hashAlgorithm { - case "sha256": - h = sha256.New() - case "sha512": - h = sha512.New() - default: - return data.FileMeta{}, ErrUnknownHashAlgorithm{hashAlgorithm} - } - hashes[hashAlgorithm] = h - r = io.TeeReader(r, h) - } - n, err := io.Copy(io.Discard, r) - if err != nil { - return data.FileMeta{}, err - } - m := data.FileMeta{Length: n, Hashes: make(data.Hashes, len(hashes))} - for hashAlgorithm, h := range hashes { - m.Hashes[hashAlgorithm] = h.Sum(nil) - } - return m, nil -} - -type versionedMeta struct { - Version int64 `json:"version"` -} - -func generateVersionedFileMeta(r io.Reader, hashAlgorithms ...string) (data.FileMeta, int64, error) { - b, err := io.ReadAll(r) - if err != nil { - return data.FileMeta{}, 0, err - } - - m, err := GenerateFileMeta(bytes.NewReader(b), hashAlgorithms...) - if err != nil { - return data.FileMeta{}, 0, err - } - - s := data.Signed{} - if err := json.Unmarshal(b, &s); err != nil { - return data.FileMeta{}, 0, err - } - - vm := versionedMeta{} - if err := json.Unmarshal(s.Signed, &vm); err != nil { - return data.FileMeta{}, 0, err - } - - return m, vm.Version, nil -} - -func GenerateSnapshotFileMeta(r io.Reader, hashAlgorithms ...string) (data.SnapshotFileMeta, error) { - m, v, err := generateVersionedFileMeta(r, hashAlgorithms...) - if err != nil { - return data.SnapshotFileMeta{}, err - } - return data.SnapshotFileMeta{ - Length: m.Length, - Hashes: m.Hashes, - Version: v, - }, nil -} - -func GenerateTargetFileMeta(r io.Reader, hashAlgorithms ...string) (data.TargetFileMeta, error) { - m, err := GenerateFileMeta(r, hashAlgorithms...) - if err != nil { - return data.TargetFileMeta{}, err - } - return data.TargetFileMeta{ - FileMeta: m, - }, nil -} - -func GenerateTimestampFileMeta(r io.Reader, hashAlgorithms ...string) (data.TimestampFileMeta, error) { - m, v, err := generateVersionedFileMeta(r, hashAlgorithms...) - if err != nil { - return data.TimestampFileMeta{}, err - } - return data.TimestampFileMeta{ - Length: m.Length, - Hashes: m.Hashes, - Version: v, - }, nil -} - -func NormalizeTarget(p string) string { - // FIXME(TUF-0.9) TUF-1.0 is considering banning paths that begin with - // a leading path separator, to avoid surprising behavior when joining - // target and delgated paths. python-tuf raises an exception if any - // path starts with '/', but since we need to be cross compatible with - // TUF-0.9 we still need to support leading slashes. For now, we will - // just strip them out, but eventually we should also consider turning - // them into an error. - return strings.TrimPrefix(path.Join("/", p), "/") -} - -func VersionedPath(p string, version int64) string { - return path.Join(path.Dir(p), strconv.FormatInt(version, 10)+"."+path.Base(p)) -} - -func HashedPaths(p string, hashes data.Hashes) []string { - paths := make([]string, 0, len(hashes)) - for _, hash := range hashes { - hashedPath := path.Join(path.Dir(p), hash.String()+"."+path.Base(p)) - paths = append(paths, hashedPath) - } - return paths -} - -func AtomicallyWriteFile(filename string, data []byte, perm os.FileMode) error { - dir, name := filepath.Split(filename) - f, err := os.CreateTemp(dir, name) - if err != nil { - return err - } - - _, err = f.Write(data) - if err != nil { - f.Close() - os.Remove(f.Name()) - return err - } - - if err = f.Chmod(perm); err != nil { - f.Close() - os.Remove(f.Name()) - return err - } - - if err := f.Close(); err != nil { - os.Remove(f.Name()) - return err - } - - if err := os.Rename(f.Name(), filename); err != nil { - os.Remove(f.Name()) - return err - } - - return nil -} diff --git a/vendor/github.com/DataDog/go-tuf/verify/db.go b/vendor/github.com/DataDog/go-tuf/verify/db.go deleted file mode 100644 index 1961c98f..00000000 --- a/vendor/github.com/DataDog/go-tuf/verify/db.go +++ /dev/null @@ -1,104 +0,0 @@ -package verify - -import ( - "github.com/DataDog/go-tuf/data" - "github.com/DataDog/go-tuf/internal/roles" - "github.com/DataDog/go-tuf/pkg/keys" -) - -type Role struct { - KeyIDs map[string]struct{} - Threshold int -} - -func (r *Role) ValidKey(id string) bool { - _, ok := r.KeyIDs[id] - return ok -} - -type DB struct { - roles map[string]*Role - verifiers map[string]keys.Verifier -} - -func NewDB() *DB { - return &DB{ - roles: make(map[string]*Role), - verifiers: make(map[string]keys.Verifier), - } -} - -// NewDBFromDelegations returns a DB that verifies delegations -// of a given Targets. -func NewDBFromDelegations(d *data.Delegations) (*DB, error) { - db := &DB{ - roles: make(map[string]*Role, len(d.Roles)), - verifiers: make(map[string]keys.Verifier, len(d.Keys)), - } - for _, r := range d.Roles { - if _, ok := roles.TopLevelRoles[r.Name]; ok { - return nil, ErrInvalidDelegatedRole - } - role := &data.Role{Threshold: r.Threshold, KeyIDs: r.KeyIDs} - if err := db.AddRole(r.Name, role); err != nil { - return nil, err - } - } - for id, k := range d.Keys { - if err := db.AddKey(id, k); err != nil { - return nil, err - } - } - return db, nil -} - -func (db *DB) AddKey(id string, k *data.PublicKey) error { - verifier, err := keys.GetVerifier(k) - if err != nil { - return err // ErrInvalidKey - } - - // TUF is considering in TAP-12 removing the - // requirement that the keyid hash algorithm be derived - // from the public key. So to be forwards compatible, - // we allow any key ID, rather than checking k.ContainsID(id) - // - // AddKey should be idempotent, so we allow re-adding the same PublicKey. - // - // TAP-12: https://github.com/theupdateframework/taps/blob/master/tap12.md - if oldVerifier, exists := db.verifiers[id]; exists && oldVerifier.Public() != verifier.Public() { - return ErrRepeatID{id} - } - - db.verifiers[id] = verifier - return nil -} - -func (db *DB) AddRole(name string, r *data.Role) error { - if r.Threshold < 1 { - return ErrInvalidThreshold - } - - role := &Role{ - KeyIDs: make(map[string]struct{}), - Threshold: r.Threshold, - } - for _, id := range r.KeyIDs { - role.KeyIDs[id] = struct{}{} - } - - db.roles[name] = role - return nil -} - -func (db *DB) GetVerifier(id string) (keys.Verifier, error) { - k, ok := db.verifiers[id] - if !ok { - return nil, ErrMissingKey - } - return k, nil -} - -func (db *DB) GetRole(name string) *Role { - return db.roles[name] -} diff --git a/vendor/github.com/DataDog/go-tuf/verify/errors.go b/vendor/github.com/DataDog/go-tuf/verify/errors.go deleted file mode 100644 index f71d4bda..00000000 --- a/vendor/github.com/DataDog/go-tuf/verify/errors.go +++ /dev/null @@ -1,73 +0,0 @@ -package verify - -import ( - "errors" - "fmt" - "time" -) - -var ( - ErrMissingKey = errors.New("tuf: missing key") - ErrNoSignatures = errors.New("tuf: data has no signatures") - ErrInvalid = errors.New("tuf: signature verification failed") - ErrWrongMethod = errors.New("tuf: invalid signature type") - ErrWrongMetaType = errors.New("tuf: meta file has wrong type") - ErrExists = errors.New("tuf: key already in db") - ErrInvalidKey = errors.New("tuf: invalid key") - ErrInvalidRole = errors.New("tuf: invalid role") - ErrInvalidDelegatedRole = errors.New("tuf: invalid delegated role") - ErrInvalidKeyID = errors.New("tuf: invalid key id") - ErrInvalidThreshold = errors.New("tuf: invalid role threshold") - ErrMissingTargetFile = errors.New("tuf: missing previously listed targets metadata file") -) - -type ErrRepeatID struct { - KeyID string -} - -func (e ErrRepeatID) Error() string { - return fmt.Sprintf("tuf: duplicate key id (%s)", e.KeyID) -} - -type ErrUnknownRole struct { - Role string -} - -func (e ErrUnknownRole) Error() string { - return fmt.Sprintf("tuf: unknown role %q", e.Role) -} - -type ErrExpired struct { - Expired time.Time -} - -func (e ErrExpired) Error() string { - return fmt.Sprintf("expired at %s", e.Expired) -} - -type ErrLowVersion struct { - Actual int64 - Current int64 -} - -func (e ErrLowVersion) Error() string { - return fmt.Sprintf("version %d is lower than current version %d", e.Actual, e.Current) -} - -type ErrWrongVersion struct { - Given int64 - Expected int64 -} - -func (e ErrWrongVersion) Error() string { - return fmt.Sprintf("version %d does not match the expected version %d", e.Given, e.Expected) -} - -type ErrRoleThreshold struct { - Expected int - Actual int -} - -func (e ErrRoleThreshold) Error() string { - return "tuf: valid signatures did not meet threshold" -} diff --git a/vendor/github.com/DataDog/go-tuf/verify/verify.go b/vendor/github.com/DataDog/go-tuf/verify/verify.go deleted file mode 100644 index b0cf333c..00000000 --- a/vendor/github.com/DataDog/go-tuf/verify/verify.go +++ /dev/null @@ -1,187 +0,0 @@ -package verify - -import ( - "encoding/json" - "strings" - "time" - - "github.com/DataDog/go-tuf/data" - "github.com/DataDog/go-tuf/internal/roles" - "github.com/DataDog/go-tuf/pkg/keys" - "github.com/secure-systems-lab/go-securesystemslib/cjson" -) - -type signedMeta struct { - Type string `json:"_type"` - Expires time.Time `json:"expires"` - Version int64 `json:"version"` -} - -// VerifySignature takes a signed JSON message, a signature, and a -// verifier and verifies the given signature on the JSON message -// using the verifier. It returns an error if verification fails. -func VerifySignature(signed json.RawMessage, sig data.HexBytes, - verifier keys.Verifier) error { - var decoded map[string]interface{} - if err := json.Unmarshal(signed, &decoded); err != nil { - return err - } - msg, err := cjson.EncodeCanonical(decoded) - if err != nil { - return err - } - return verifier.Verify(msg, sig) -} - -func (db *DB) VerifyIgnoreExpiredCheck(s *data.Signed, role string, minVersion int64) error { - if err := db.VerifySignatures(s, role); err != nil { - return err - } - - sm := &signedMeta{} - if err := json.Unmarshal(s.Signed, sm); err != nil { - return err - } - - if roles.IsTopLevelRole(role) { - // Top-level roles can only sign metadata of the same type (e.g. snapshot - // metadata must be signed by the snapshot role). - if !strings.EqualFold(sm.Type, role) { - return ErrWrongMetaType - } - } else { - // Delegated (non-top-level) roles may only sign targets metadata. - if strings.ToLower(sm.Type) != "targets" { - return ErrWrongMetaType - } - } - - if sm.Version < minVersion { - return ErrLowVersion{sm.Version, minVersion} - } - - return nil -} - -func (db *DB) Verify(s *data.Signed, role string, minVersion int64) error { - // Verify signatures and versions - err := db.VerifyIgnoreExpiredCheck(s, role, minVersion) - - if err != nil { - return err - } - - sm := &signedMeta{} - if err := json.Unmarshal(s.Signed, sm); err != nil { - return err - } - // Verify expiration - if IsExpired(sm.Expires) { - return ErrExpired{sm.Expires} - } - - return nil -} - -var IsExpired = func(t time.Time) bool { - return time.Until(t) <= 0 -} - -func (db *DB) VerifySignatures(s *data.Signed, role string) error { - if len(s.Signatures) == 0 { - return ErrNoSignatures - } - - roleData := db.GetRole(role) - if roleData == nil { - return ErrUnknownRole{role} - } - - // Verify that a threshold of keys signed the data. Since keys can have - // multiple key ids, we need to protect against multiple attached - // signatures that just differ on the key id. - verifiedKeyIDs := make(map[string]struct{}) - numVerifiedKeys := 0 - for _, sig := range s.Signatures { - if !roleData.ValidKey(sig.KeyID) { - continue - } - verifier, err := db.GetVerifier(sig.KeyID) - if err != nil { - continue - } - - if err := VerifySignature(s.Signed, sig.Signature, verifier); err != nil { - // If a signature fails verification, don't count it towards the - // threshold but also return early and error out immediately. - // Note: Because of this, it is impossible to distinguish between - // an error of an invalid signature and a threshold not achieved. - // Invalid signatures lead to not achieving the threshold. - continue - } - - // Only consider this key valid if we haven't seen any of it's - // key ids before. - // Careful: we must not rely on the key IDs _declared in the file_, - // instead we get to decide what key IDs this key correspond to. - // XXX dangerous; better stop supporting multiple key IDs altogether. - keyIDs := verifier.MarshalPublicKey().IDs() - wasKeySeen := false - for _, keyID := range keyIDs { - if _, present := verifiedKeyIDs[keyID]; present { - wasKeySeen = true - } - } - if !wasKeySeen { - for _, id := range keyIDs { - verifiedKeyIDs[id] = struct{}{} - } - - numVerifiedKeys++ - } - } - if numVerifiedKeys < roleData.Threshold { - return ErrRoleThreshold{roleData.Threshold, numVerifiedKeys} - } - - return nil -} - -func (db *DB) Unmarshal(b []byte, v interface{}, role string, minVersion int64) error { - s := &data.Signed{} - if err := json.Unmarshal(b, s); err != nil { - return err - } - if err := db.Verify(s, role, minVersion); err != nil { - return err - } - return json.Unmarshal(s.Signed, v) -} - -// UnmarshalExpired is exactly like Unmarshal except ignores expired timestamp error. -func (db *DB) UnmarshalIgnoreExpired(b []byte, v interface{}, role string, minVersion int64) error { - s := &data.Signed{} - if err := json.Unmarshal(b, s); err != nil { - return err - } - // Note: If verification fails, then we wont attempt to unmarshal - // unless when verification error is errExpired. - verifyErr := db.Verify(s, role, minVersion) - if verifyErr != nil { - if _, ok := verifyErr.(ErrExpired); !ok { - return verifyErr - } - } - return json.Unmarshal(s.Signed, v) -} - -func (db *DB) UnmarshalTrusted(b []byte, v interface{}, role string) error { - s := &data.Signed{} - if err := json.Unmarshal(b, s); err != nil { - return err - } - if err := db.VerifySignatures(s, role); err != nil { - return err - } - return json.Unmarshal(s.Signed, v) -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/LICENSE b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/LICENSE deleted file mode 100644 index 261eeb9e..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/attributes.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/attributes.go deleted file mode 100644 index da213cc0..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/attributes.go +++ /dev/null @@ -1,289 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package attributes - -import ( - "fmt" - "strings" - - "go.opentelemetry.io/collector/pdata/pcommon" - conventions "go.opentelemetry.io/collector/semconv/v1.6.1" -) - -// customContainerTagPrefix defines the prefix for custom container tags. -const customContainerTagPrefix = "datadog.container.tag." - -var ( - // coreMapping defines the mapping between OpenTelemetry semantic conventions - // and Datadog Agent conventions for env, service and version. - coreMapping = map[string]string{ - // Datadog conventions - // https://docs.datadoghq.com/getting_started/tagging/unified_service_tagging/ - conventions.AttributeDeploymentEnvironment: "env", - conventions.AttributeServiceName: "service", - conventions.AttributeServiceVersion: "version", - - // TODO(OTEL-1766): import of semconv 1.27.0 is blocked on Go1.22 support - "deployment.environment.name": "env", - } - - // ContainerMappings defines the mapping between OpenTelemetry semantic conventions - // and Datadog Agent conventions for containers. - ContainerMappings = map[string]string{ - // Containers - conventions.AttributeContainerID: "container_id", - conventions.AttributeContainerName: "container_name", - conventions.AttributeContainerImageName: "image_name", - conventions.AttributeContainerImageTag: "image_tag", - conventions.AttributeContainerRuntime: "runtime", - - // Cloud conventions - // https://www.datadoghq.com/blog/tagging-best-practices/ - conventions.AttributeCloudProvider: "cloud_provider", - conventions.AttributeCloudRegion: "region", - conventions.AttributeCloudAvailabilityZone: "zone", - - // ECS conventions - // https://github.com/DataDog/datadog-agent/blob/e081bed/pkg/tagger/collectors/ecs_extract.go - conventions.AttributeAWSECSTaskFamily: "task_family", - conventions.AttributeAWSECSTaskARN: "task_arn", - conventions.AttributeAWSECSClusterARN: "ecs_cluster_name", - conventions.AttributeAWSECSTaskRevision: "task_version", - conventions.AttributeAWSECSContainerARN: "ecs_container_name", - - // Kubernetes resource name (via semantic conventions) - // https://github.com/DataDog/datadog-agent/blob/e081bed/pkg/util/kubernetes/const.go - conventions.AttributeK8SContainerName: "kube_container_name", - conventions.AttributeK8SClusterName: "kube_cluster_name", - conventions.AttributeK8SDeploymentName: "kube_deployment", - conventions.AttributeK8SReplicaSetName: "kube_replica_set", - conventions.AttributeK8SStatefulSetName: "kube_stateful_set", - conventions.AttributeK8SDaemonSetName: "kube_daemon_set", - conventions.AttributeK8SJobName: "kube_job", - conventions.AttributeK8SCronJobName: "kube_cronjob", - conventions.AttributeK8SNamespaceName: "kube_namespace", - conventions.AttributeK8SPodName: "pod_name", - } - - // Kubernetes mappings defines the mapping between Kubernetes conventions (both general and Datadog specific) - // and Datadog Agent conventions. The Datadog Agent conventions can be found at - // https://github.com/DataDog/datadog-agent/blob/e081bed/pkg/tagger/collectors/const.go and - // https://github.com/DataDog/datadog-agent/blob/e081bed/pkg/util/kubernetes/const.go - kubernetesMapping = map[string]string{ - // Standard Datadog labels - "tags.datadoghq.com/env": "env", - "tags.datadoghq.com/service": "service", - "tags.datadoghq.com/version": "version", - - // Standard Kubernetes labels - "app.kubernetes.io/name": "kube_app_name", - "app.kubernetes.io/instance": "kube_app_instance", - "app.kubernetes.io/version": "kube_app_version", - "app.kuberenetes.io/component": "kube_app_component", - "app.kubernetes.io/part-of": "kube_app_part_of", - "app.kubernetes.io/managed-by": "kube_app_managed_by", - } - - // Kubernetes out of the box Datadog tags - // https://docs.datadoghq.com/containers/kubernetes/tag/?tab=containerizedagent#out-of-the-box-tags - // https://github.com/DataDog/datadog-agent/blob/d33d042d6786e8b85f72bb627fbf06ad8a658031/comp/core/tagger/taggerimpl/collectors/workloadmeta_extract.go - // Note: if any OTel semantics happen to overlap with these tag names, they will also be added as Datadog tags. - kubernetesDDTags = map[string]struct{}{ - "architecture": {}, - "availability-zone": {}, - "chronos_job": {}, - "chronos_job_owner": {}, - "cluster_name": {}, - "container_id": {}, - "container_name": {}, - "dd_remote_config_id": {}, - "dd_remote_config_rev": {}, - "display_container_name": {}, - "docker_image": {}, - "ecs_cluster_name": {}, - "ecs_container_name": {}, - "eks_fargate_node": {}, - "env": {}, - "git.commit.sha": {}, - "git.repository_url": {}, - "image_id": {}, - "image_name": {}, - "image_tag": {}, - "kube_app_component": {}, - "kube_app_instance": {}, - "kube_app_managed_by": {}, - "kube_app_name": {}, - "kube_app_part_of": {}, - "kube_app_version": {}, - "kube_container_name": {}, - "kube_cronjob": {}, - "kube_daemon_set": {}, - "kube_deployment": {}, - "kube_job": {}, - "kube_namespace": {}, - "kube_ownerref_kind": {}, - "kube_ownerref_name": {}, - "kube_priority_class": {}, - "kube_qos": {}, - "kube_replica_set": {}, - "kube_replication_controller": {}, - "kube_service": {}, - "kube_stateful_set": {}, - "language": {}, - "marathon_app": {}, - "mesos_task": {}, - "nomad_dc": {}, - "nomad_group": {}, - "nomad_job": {}, - "nomad_namespace": {}, - "nomad_task": {}, - "oshift_deployment": {}, - "oshift_deployment_config": {}, - "os_name": {}, - "os_version": {}, - "persistentvolumeclaim": {}, - "pod_name": {}, - "pod_phase": {}, - "rancher_container": {}, - "rancher_service": {}, - "rancher_stack": {}, - "region": {}, - "service": {}, - "short_image": {}, - "swarm_namespace": {}, - "swarm_service": {}, - "task_name": {}, - "task_family": {}, - "task_version": {}, - "task_arn": {}, - "version": {}, - } -) - -// TagsFromAttributes converts a selected list of attributes -// to a tag list that can be added to metrics. -func TagsFromAttributes(attrs pcommon.Map) []string { - tags := make([]string, 0, attrs.Len()) - - var processAttributes processAttributes - var systemAttributes systemAttributes - - attrs.Range(func(key string, value pcommon.Value) bool { - switch key { - // Process attributes - case conventions.AttributeProcessExecutableName: - processAttributes.ExecutableName = value.Str() - case conventions.AttributeProcessExecutablePath: - processAttributes.ExecutablePath = value.Str() - case conventions.AttributeProcessCommand: - processAttributes.Command = value.Str() - case conventions.AttributeProcessCommandLine: - processAttributes.CommandLine = value.Str() - case conventions.AttributeProcessPID: - processAttributes.PID = value.Int() - case conventions.AttributeProcessOwner: - processAttributes.Owner = value.Str() - - // System attributes - case conventions.AttributeOSType: - systemAttributes.OSType = value.Str() - } - - // core attributes mapping - if datadogKey, found := coreMapping[key]; found && value.Str() != "" { - tags = append(tags, fmt.Sprintf("%s:%s", datadogKey, value.Str())) - } - - // Kubernetes labels mapping - if datadogKey, found := kubernetesMapping[key]; found && value.Str() != "" { - tags = append(tags, fmt.Sprintf("%s:%s", datadogKey, value.Str())) - } - - // Kubernetes DD tags - if _, found := kubernetesDDTags[key]; found { - tags = append(tags, fmt.Sprintf("%s:%s", key, value.Str())) - } - return true - }) - - // Container Tag mappings - ctags := ContainerTagsFromResourceAttributes(attrs) - for key, val := range ctags { - tags = append(tags, fmt.Sprintf("%s:%s", key, val)) - } - - tags = append(tags, processAttributes.extractTags()...) - tags = append(tags, systemAttributes.extractTags()...) - - return tags -} - -// OriginIDFromAttributes gets the origin IDs from resource attributes. -// If not found, an empty string is returned for each of them. -func OriginIDFromAttributes(attrs pcommon.Map) (originID string) { - // originID is always empty. Container ID is preferred over Kubernetes pod UID. - // Prefixes come from pkg/util/kubernetes/kubelet and pkg/util/containers. - if containerID, ok := attrs.Get(conventions.AttributeContainerID); ok { - originID = "container_id://" + containerID.AsString() - } else if podUID, ok := attrs.Get(conventions.AttributeK8SPodUID); ok { - originID = "kubernetes_pod_uid://" + podUID.AsString() - } - return -} - -// ContainerTagFromResourceAttributes extracts container tags from the given -// set of resource attributes. Container tags are extracted via semantic -// conventions. Customer container tags are extracted via resource attributes -// prefixed by datadog.container.tag. Custom container tag values of a different type -// than ValueTypeStr will be ignored. -// In the case of duplicates between semantic conventions and custom resource attributes -// (e.g. container.id, datadog.container.tag.container_id) the semantic convention takes -// precedence. -func ContainerTagsFromResourceAttributes(attrs pcommon.Map) map[string]string { - ddtags := make(map[string]string) - attrs.Range(func(key string, value pcommon.Value) bool { - // Semantic Conventions - if datadogKey, found := ContainerMappings[key]; found && value.Str() != "" { - ddtags[datadogKey] = value.Str() - } - // Custom (datadog.container.tag namespace) - if strings.HasPrefix(key, customContainerTagPrefix) { - customKey := strings.TrimPrefix(key, customContainerTagPrefix) - if customKey != "" && value.Str() != "" { - // Do not replace if set via semantic conventions mappings. - if _, found := ddtags[customKey]; !found { - ddtags[customKey] = value.Str() - } - } - } - return true - }) - return ddtags -} - -// ContainerTagFromAttributes extracts the value of _dd.tags.container from the given -// set of attributes. -// Deprecated: Deprecated in favor of ContainerTagFromResourceAttributes. -func ContainerTagFromAttributes(attr map[string]string) map[string]string { - ddtags := make(map[string]string) - for key, val := range attr { - datadogKey, found := ContainerMappings[key] - if !found { - continue - } - ddtags[datadogKey] = val - } - return ddtags -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/azure/azure.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/azure/azure.go deleted file mode 100644 index 1b52838e..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/azure/azure.go +++ /dev/null @@ -1,59 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package azure - -import ( - "strings" - - "go.opentelemetry.io/collector/pdata/pcommon" - conventions "go.opentelemetry.io/collector/semconv/v1.6.1" -) - -const ( - // AttributeResourceGroupName is the Azure resource group name attribute - AttributeResourceGroupName = "azure.resourcegroup.name" -) - -// HostInfo has the Azure host information -type HostInfo struct { - HostAliases []string -} - -// HostnameFromAttrs gets the Azure hostname from attributes. -func HostnameFromAttrs(attrs pcommon.Map) (string, bool) { - if vmID, ok := attrs.Get(conventions.AttributeHostID); ok { - return vmID.Str(), true - } - - if hostname, ok := attrs.Get(conventions.AttributeHostName); ok { - return hostname.Str(), true - } - - return "", false -} - -// ClusterNameFromAttributes gets the Azure cluster name from attributes -func ClusterNameFromAttributes(attrs pcommon.Map) (string, bool) { - // Get cluster name from resource group from pkg/util/cloudprovider/azure:GetClusterName - if resourceGroup, ok := attrs.Get(AttributeResourceGroupName); ok { - splitAll := strings.Split(resourceGroup.Str(), "_") - if len(splitAll) < 4 || strings.ToLower(splitAll[0]) != "mc" { - return "", false // Failed to parse - } - return splitAll[len(splitAll)-2], true - } - - return "", false -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/ec2/ec2.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/ec2/ec2.go deleted file mode 100644 index 1aa80649..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/ec2/ec2.go +++ /dev/null @@ -1,95 +0,0 @@ -// Copyright OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package ec2 - -import ( - "fmt" - "strings" - - "go.opentelemetry.io/collector/pdata/pcommon" - conventions "go.opentelemetry.io/collector/semconv/v1.6.1" -) - -var ( - defaultPrefixes = [3]string{"ip-", "domu", "ec2amaz-"} - ec2TagPrefix = "ec2.tag." - clusterTagPrefix = ec2TagPrefix + "kubernetes.io/cluster/" -) - -// HostInfo holds the EC2 host information. -type HostInfo struct { - InstanceID string - EC2Hostname string - EC2Tags []string -} - -// isDefaultHostname checks if a hostname is an EC2 default -func isDefaultHostname(hostname string) bool { - for _, val := range defaultPrefixes { - if strings.HasPrefix(hostname, val) { - return true - } - } - - return false -} - -// HostnameFromAttrs gets a valid hostname from labels -// if available -func HostnameFromAttrs(attrs pcommon.Map) (string, bool) { - if hostID, ok := attrs.Get(conventions.AttributeHostID); ok { - return hostID.Str(), true - } - - return "", false -} - -// HostInfoFromAttributes gets EC2 host info from attributes following -// OpenTelemetry semantic conventions -func HostInfoFromAttributes(attrs pcommon.Map) (hostInfo *HostInfo) { - hostInfo = &HostInfo{} - - if hostID, ok := attrs.Get(conventions.AttributeHostID); ok { - hostInfo.InstanceID = hostID.Str() - } - - if hostName, ok := attrs.Get(conventions.AttributeHostName); ok { - hostInfo.EC2Hostname = hostName.Str() - } - - attrs.Range(func(k string, v pcommon.Value) bool { - if strings.HasPrefix(k, ec2TagPrefix) { - tag := fmt.Sprintf("%s:%s", strings.TrimPrefix(k, ec2TagPrefix), v.Str()) - hostInfo.EC2Tags = append(hostInfo.EC2Tags, tag) - } - return true - }) - - return -} - -// ClusterNameFromAttributes gets the AWS cluster name from attributes -func ClusterNameFromAttributes(attrs pcommon.Map) (clusterName string, ok bool) { - // Get cluster name from tag keys - // https://github.com/DataDog/datadog-agent/blob/1c94b11/pkg/util/ec2/ec2.go#L238 - attrs.Range(func(k string, _ pcommon.Value) bool { - if strings.HasPrefix(k, clusterTagPrefix) { - clusterName = strings.Split(k, "/")[2] - ok = true - } - return true - }) - return -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/gcp/gcp.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/gcp/gcp.go deleted file mode 100644 index 81b9cdfd..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/gcp/gcp.go +++ /dev/null @@ -1,79 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package gcp - -import ( - "fmt" - "strings" - - "go.opentelemetry.io/collector/pdata/pcommon" - conventions "go.opentelemetry.io/collector/semconv/v1.6.1" -) - -// HostInfo holds the GCP host information. -type HostInfo struct { - HostAliases []string - GCPTags []string -} - -// HostnameFromAttrs gets the GCP Integration hostname from attributes -// if available. -func HostnameFromAttrs(attrs pcommon.Map) (string, bool) { - hostName, ok := attrs.Get(conventions.AttributeHostName) - if !ok { - // We need the hostname. - return "", false - } - - name := hostName.Str() - if strings.Count(name, ".") >= 3 { - // Unless the host.name attribute has been tampered with, use the same logic as the Agent to - // extract the hostname: https://github.com/DataDog/datadog-agent/blob/7.36.0/pkg/util/cloudproviders/gce/gce.go#L106 - name = strings.SplitN(name, ".", 2)[0] - } - - cloudAccount, ok := attrs.Get(conventions.AttributeCloudAccountID) - if !ok { - // We need the project ID. - return "", false - } - - alias := fmt.Sprintf("%s.%s", name, cloudAccount.Str()) - return alias, true -} - -// HostInfoFromAttrs gets GCP host info from attributes following -// OpenTelemetry semantic conventions -func HostInfoFromAttrs(attrs pcommon.Map) (hostInfo *HostInfo) { - hostInfo = &HostInfo{} - - if hostID, ok := attrs.Get(conventions.AttributeHostID); ok { - hostInfo.GCPTags = append(hostInfo.GCPTags, fmt.Sprintf("instance-id:%s", hostID.Str())) - } - - if cloudZone, ok := attrs.Get(conventions.AttributeCloudAvailabilityZone); ok { - hostInfo.GCPTags = append(hostInfo.GCPTags, fmt.Sprintf("zone:%s", cloudZone.Str())) - } - - if hostType, ok := attrs.Get(conventions.AttributeHostType); ok { - hostInfo.GCPTags = append(hostInfo.GCPTags, fmt.Sprintf("instance-type:%s", hostType.Str())) - } - - if cloudAccount, ok := attrs.Get(conventions.AttributeCloudAccountID); ok { - hostInfo.GCPTags = append(hostInfo.GCPTags, fmt.Sprintf("project:%s", cloudAccount.Str())) - } - - return -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/process.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/process.go deleted file mode 100644 index 29378e78..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/process.go +++ /dev/null @@ -1,56 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package attributes - -import ( - "fmt" - - conventions "go.opentelemetry.io/collector/semconv/v1.6.1" -) - -type processAttributes struct { - ExecutableName string - ExecutablePath string - Command string - CommandLine string - PID int64 - Owner string -} - -func (pattrs *processAttributes) extractTags() []string { - tags := make([]string, 0, 1) - - // According to OTel conventions: https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/resource/semantic_conventions/process.md, - // a process can be defined by any of the 4 following attributes: process.executable.name, process.executable.path, process.command or process.command_line - // (process.command_args isn't in the current attribute conventions: https://github.com/open-telemetry/opentelemetry-collector/blob/ecb27f49d4e26ae42d82e6ea18d57b08e252452d/model/semconv/opentelemetry.go#L58-L63) - // We go through them, and add the first available one as a tag to identify the process. - // We don't want to add all of them to avoid unnecessarily increasing the number of tags attached to a metric. - - // TODO: check if this order should be changed. - switch { - case pattrs.ExecutableName != "": // otelcol - tags = append(tags, fmt.Sprintf("%s:%s", conventions.AttributeProcessExecutableName, pattrs.ExecutableName)) - case pattrs.ExecutablePath != "": // /usr/bin/cmd/otelcol - tags = append(tags, fmt.Sprintf("%s:%s", conventions.AttributeProcessExecutablePath, pattrs.ExecutablePath)) - case pattrs.Command != "": // cmd/otelcol - tags = append(tags, fmt.Sprintf("%s:%s", conventions.AttributeProcessCommand, pattrs.Command)) - case pattrs.CommandLine != "": // cmd/otelcol --config="/path/to/config.yaml" - tags = append(tags, fmt.Sprintf("%s:%s", conventions.AttributeProcessCommandLine, pattrs.CommandLine)) - } - - // For now, we don't care about the process ID nor the process owner. - - return tags -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source.go deleted file mode 100644 index abba0808..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source.go +++ /dev/null @@ -1,160 +0,0 @@ -// Copyright OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package attributes - -import ( - "go.opentelemetry.io/collector/pdata/pcommon" - conventions "go.opentelemetry.io/collector/semconv/v1.6.1" - - "github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/azure" - "github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/ec2" - "github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/gcp" - "github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source" -) - -const ( - // AttributeDatadogHostname the datadog host name attribute - AttributeDatadogHostname = "datadog.host.name" - // AttributeK8sNodeName the datadog k8s node name attribute - AttributeK8sNodeName = "k8s.node.name" - // Attribute host is a literal host tag. - // We check for this to avoid double tagging. - AttributeHost = "host" -) - -func getClusterName(attrs pcommon.Map) (string, bool) { - if k8sClusterName, ok := attrs.Get(conventions.AttributeK8SClusterName); ok { - return k8sClusterName.Str(), true - } - - cloudProvider, ok := attrs.Get(conventions.AttributeCloudProvider) - if ok && cloudProvider.Str() == conventions.AttributeCloudProviderAzure { - return azure.ClusterNameFromAttributes(attrs) - } else if ok && cloudProvider.Str() == conventions.AttributeCloudProviderAWS { - return ec2.ClusterNameFromAttributes(attrs) - } - - return "", false -} - -// hostnameFromAttributes tries to get a valid hostname from attributes by checking, in order: -// -// 1. the "host" attribute to avoid double tagging if present. -// -// 2. a custom Datadog hostname provided by the "datadog.host.name" attribute -// -// 3. cloud provider specific hostname for AWS, Azure or GCP, -// -// 4. the Kubernetes node name (and cluster name if available), -// -// 5. the cloud provider host ID and -// -// 6. the host.name attribute. -// -// It returns a boolean value indicated if any name was found -func hostnameFromAttributes(attrs pcommon.Map) (string, bool) { - // Check if the host is localhost or 0.0.0.0, if so discard it. - // We don't do the more strict validation done for metadata, - // to avoid breaking users existing invalid-but-accepted hostnames. - var invalidHosts = map[string]struct{}{ - "0.0.0.0": {}, - "127.0.0.1": {}, - "localhost": {}, - "localhost.localdomain": {}, - "localhost6.localdomain6": {}, - "ip6-localhost": {}, - } - - candidateHost, ok := unsanitizedHostnameFromAttributes(attrs) - if _, invalid := invalidHosts[candidateHost]; invalid { - return "", false - } - return candidateHost, ok -} - -func k8sHostnameFromAttributes(attrs pcommon.Map) (string, bool) { - node, ok := attrs.Get(AttributeK8sNodeName) - if !ok { - return "", false - } - - if cluster, ok := getClusterName(attrs); ok { - return node.Str() + "-" + cluster, true - } - return node.Str(), true -} - -func unsanitizedHostnameFromAttributes(attrs pcommon.Map) (string, bool) { - // Literal 'host' tag. Check and use to avoid double tagging. - if literalHost, ok := attrs.Get(AttributeHost); ok { - // Use even if not a string, so that we avoid double tagging if - // `resource_attributes_as_tags` is true and 'host' has a non-string value. - return literalHost.AsString(), true - } - - // Custom hostname: useful for overriding in k8s/cloud envs - if customHostname, ok := attrs.Get(AttributeDatadogHostname); ok { - return customHostname.Str(), true - } - - if launchType, ok := attrs.Get(conventions.AttributeAWSECSLaunchtype); ok && launchType.Str() == conventions.AttributeAWSECSLaunchtypeFargate { - // If on AWS ECS Fargate, we don't have a hostname - return "", false - } - - cloudProvider, ok := attrs.Get(conventions.AttributeCloudProvider) - switch { - case ok && cloudProvider.Str() == conventions.AttributeCloudProviderAWS: - return ec2.HostnameFromAttrs(attrs) - case ok && cloudProvider.Str() == conventions.AttributeCloudProviderGCP: - return gcp.HostnameFromAttrs(attrs) - case ok && cloudProvider.Str() == conventions.AttributeCloudProviderAzure: - return azure.HostnameFromAttrs(attrs) - } - - // Kubernetes: node-cluster if cluster name is available, else node - k8sName, k8sOk := k8sHostnameFromAttributes(attrs) - if k8sOk { - return k8sName, true - } - - // host id from cloud provider - if hostID, ok := attrs.Get(conventions.AttributeHostID); ok { - return hostID.Str(), true - } - - // hostname from cloud provider or OS - if hostName, ok := attrs.Get(conventions.AttributeHostName); ok { - return hostName.Str(), true - } - - return "", false -} - -// SourceFromAttrs gets a telemetry signal source from its attributes. -// Deprecated: Use Translator.ResourceToSource or Translator.AttributesToSource instead. -func SourceFromAttrs(attrs pcommon.Map) (source.Source, bool) { - if launchType, ok := attrs.Get(conventions.AttributeAWSECSLaunchtype); ok && launchType.Str() == conventions.AttributeAWSECSLaunchtypeFargate { - if taskARN, ok := attrs.Get(conventions.AttributeAWSECSTaskARN); ok { - return source.Source{Kind: source.AWSECSFargateKind, Identifier: taskARN.Str()}, true - } - } - - if host, ok := hostnameFromAttributes(attrs); ok { - return source.Source{Kind: source.HostnameKind, Identifier: host}, true - } - - return source.Source{}, false -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source/source_provider.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source/source_provider.go deleted file mode 100644 index 4f686f9b..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source/source_provider.go +++ /dev/null @@ -1,51 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package source - -import ( - "context" - "fmt" -) - -// Kind of source -type Kind string - -const ( - // InvalidKind is an invalid kind. It is the zero value of Kind. - InvalidKind Kind = "" - // HostnameKind is a host source. - HostnameKind Kind = "host" - // AWSECSFargateKind is a serverless source on AWS ECS Fargate. - AWSECSFargateKind Kind = "task_arn" -) - -// Source represents a telemetry source. -type Source struct { - // Kind of source (serverless v. host). - Kind Kind - // Identifier that uniquely determines the source. - Identifier string -} - -// Tag associated to a source. -func (s *Source) Tag() string { - return fmt.Sprintf("%s:%s", s.Kind, s.Identifier) -} - -// Provider identifies a source. -type Provider interface { - // Source gets the source from the current context. - Source(ctx context.Context) (Source, error) -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/system.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/system.go deleted file mode 100644 index 01b45b9d..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/system.go +++ /dev/null @@ -1,36 +0,0 @@ -// Copyright The OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package attributes - -import ( - "fmt" - - conventions "go.opentelemetry.io/collector/semconv/v1.6.1" -) - -type systemAttributes struct { - OSType string -} - -func (sattrs *systemAttributes) extractTags() []string { - tags := make([]string, 0, 1) - - // Add OS type, eg. WINDOWS, LINUX, etc. - if sattrs.OSType != "" { - tags = append(tags, fmt.Sprintf("%s:%s", conventions.AttributeOSType, sattrs.OSType)) - } - - return tags -} diff --git a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/translator.go b/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/translator.go deleted file mode 100644 index cea1fc4c..00000000 --- a/vendor/github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/translator.go +++ /dev/null @@ -1,71 +0,0 @@ -// Copyright OpenTelemetry Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package attributes - -import ( - "context" - "fmt" - - "go.opentelemetry.io/collector/component" - "go.opentelemetry.io/collector/pdata/pcommon" - "go.opentelemetry.io/otel/attribute" - "go.opentelemetry.io/otel/metric" - - "github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes/source" -) - -const missingSourceMetricName string = "datadog.otlp_translator.resources.missing_source" - -// Translator of attributes. -type Translator struct { - missingSources metric.Int64Counter -} - -// NewTranslator returns a new attributes translator. -func NewTranslator(set component.TelemetrySettings) (*Translator, error) { - meter := set.MeterProvider.Meter("github.com/DataDog/opentelemetry-mapping-go/pkg/otlp/attributes") - missingSources, err := meter.Int64Counter( - missingSourceMetricName, - metric.WithDescription("OTLP resources that are missing a source (e.g. hostname)"), - metric.WithUnit("{resource}"), - ) - if err != nil { - return nil, fmt.Errorf("failed to build missing source counter: %w", err) - } - - return &Translator{ - missingSources: missingSources, - }, nil -} - -// ResourceToSource gets a telemetry signal source from its resource attributes. -func (p *Translator) ResourceToSource(ctx context.Context, res pcommon.Resource, set attribute.Set) (source.Source, bool) { - src, ok := SourceFromAttrs(res.Attributes()) - if !ok { - p.missingSources.Add(ctx, 1, metric.WithAttributeSet(set)) - } - - return src, ok -} - -// AttributesToSource gets a telemetry signal source from a set of attributes. -// As opposed to ResourceToSource, this does not keep track of failed requests. -// -// NOTE: This method SHOULD NOT generally be used: it is only used in the logs implementation -// because of a fallback logic that will be removed. The attributes detected are resource attributes, -// not attributes from a telemetry signal. -func (p *Translator) AttributesToSource(_ context.Context, attrs pcommon.Map) (source.Source, bool) { - return SourceFromAttrs(attrs) -} diff --git a/vendor/github.com/DataDog/sketches-go/LICENSE b/vendor/github.com/DataDog/sketches-go/LICENSE deleted file mode 100644 index 7d3693be..00000000 --- a/vendor/github.com/DataDog/sketches-go/LICENSE +++ /dev/null @@ -1,13 +0,0 @@ -Copyright 2021 DataDog, Inc. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. diff --git a/vendor/github.com/DataDog/sketches-go/LICENSE-3rdparty.csv b/vendor/github.com/DataDog/sketches-go/LICENSE-3rdparty.csv deleted file mode 100644 index db2f8cca..00000000 --- a/vendor/github.com/DataDog/sketches-go/LICENSE-3rdparty.csv +++ /dev/null @@ -1,3 +0,0 @@ -Component,Origin,License -import (test),github.com/google/gofuzz,Apache-2.0 -import (test),github.com/stretchr/testify,MIT diff --git a/vendor/github.com/DataDog/sketches-go/NOTICE b/vendor/github.com/DataDog/sketches-go/NOTICE deleted file mode 100644 index 7ae253a0..00000000 --- a/vendor/github.com/DataDog/sketches-go/NOTICE +++ /dev/null @@ -1,4 +0,0 @@ -Datadog sketches-go -Copyright 2021 Datadog, Inc. - -This product includes software developed at Datadog (https://www.datadoghq.com/). diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/ddsketch.go b/vendor/github.com/DataDog/sketches-go/ddsketch/ddsketch.go deleted file mode 100644 index 33a0ea5b..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/ddsketch.go +++ /dev/null @@ -1,767 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package ddsketch - -import ( - "errors" - "io" - "math" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" - "github.com/DataDog/sketches-go/ddsketch/mapping" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" - "github.com/DataDog/sketches-go/ddsketch/stat" - "github.com/DataDog/sketches-go/ddsketch/store" -) - -var ( - ErrUntrackableNaN = errors.New("input value is NaN and cannot be tracked by the sketch") - ErrUntrackableTooLow = errors.New("input value is too low and cannot be tracked by the sketch") - ErrUntrackableTooHigh = errors.New("input value is too high and cannot be tracked by the sketch") - ErrNegativeCount = errors.New("count cannot be negative") - errEmptySketch = errors.New("no such element exists") - errUnknownFlag = errors.New("unknown encoding flag") -) - -// Unexported to prevent usage and avoid the cost of dynamic dispatch -type quantileSketch interface { - RelativeAccuracy() float64 - IsEmpty() bool - GetCount() float64 - GetZeroCount() float64 - GetSum() float64 - GetPositiveValueStore() store.Store - GetNegativeValueStore() store.Store - GetMinValue() (float64, error) - GetMaxValue() (float64, error) - GetValueAtQuantile(quantile float64) (float64, error) - GetValuesAtQuantiles(quantiles []float64) ([]float64, error) - ForEach(f func(value, count float64) (stop bool)) - Add(value float64) error - AddWithCount(value, count float64) error - // MergeWith - // ChangeMapping - Reweight(factor float64) error - Clear() - // Copy - Encode(b *[]byte, omitIndexMapping bool) - DecodeAndMergeWith(b []byte) error -} - -var _ quantileSketch = (*DDSketch)(nil) -var _ quantileSketch = (*DDSketchWithExactSummaryStatistics)(nil) - -type DDSketch struct { - mapping.IndexMapping - positiveValueStore store.Store - negativeValueStore store.Store - zeroCount float64 -} - -func NewDDSketchFromStoreProvider(indexMapping mapping.IndexMapping, storeProvider store.Provider) *DDSketch { - return NewDDSketch(indexMapping, storeProvider(), storeProvider()) -} - -func NewDDSketch(indexMapping mapping.IndexMapping, positiveValueStore store.Store, negativeValueStore store.Store) *DDSketch { - return &DDSketch{ - IndexMapping: indexMapping, - positiveValueStore: positiveValueStore, - negativeValueStore: negativeValueStore, - } -} - -func NewDefaultDDSketch(relativeAccuracy float64) (*DDSketch, error) { - m, err := mapping.NewDefaultMapping(relativeAccuracy) - if err != nil { - return nil, err - } - return NewDDSketchFromStoreProvider(m, store.DefaultProvider), nil -} - -// Constructs an instance of DDSketch that offers constant-time insertion and whose size grows indefinitely -// to accommodate for the range of input values. -func LogUnboundedDenseDDSketch(relativeAccuracy float64) (*DDSketch, error) { - indexMapping, err := mapping.NewLogarithmicMapping(relativeAccuracy) - if err != nil { - return nil, err - } - return NewDDSketch(indexMapping, store.NewDenseStore(), store.NewDenseStore()), nil -} - -// Constructs an instance of DDSketch that offers constant-time insertion and whose size grows until the -// maximum number of bins is reached, at which point bins with lowest indices are collapsed, which causes the -// relative accuracy guarantee to be lost on lowest quantiles if values are all positive, or the mid-range -// quantiles for values closest to zero if values include negative numbers. -func LogCollapsingLowestDenseDDSketch(relativeAccuracy float64, maxNumBins int) (*DDSketch, error) { - indexMapping, err := mapping.NewLogarithmicMapping(relativeAccuracy) - if err != nil { - return nil, err - } - return NewDDSketch(indexMapping, store.NewCollapsingLowestDenseStore(maxNumBins), store.NewCollapsingLowestDenseStore(maxNumBins)), nil -} - -// Constructs an instance of DDSketch that offers constant-time insertion and whose size grows until the -// maximum number of bins is reached, at which point bins with highest indices are collapsed, which causes the -// relative accuracy guarantee to be lost on highest quantiles if values are all positive, or the lowest and -// highest quantiles if values include negative numbers. -func LogCollapsingHighestDenseDDSketch(relativeAccuracy float64, maxNumBins int) (*DDSketch, error) { - indexMapping, err := mapping.NewLogarithmicMapping(relativeAccuracy) - if err != nil { - return nil, err - } - return NewDDSketch(indexMapping, store.NewCollapsingHighestDenseStore(maxNumBins), store.NewCollapsingHighestDenseStore(maxNumBins)), nil -} - -// Adds a value to the sketch. -func (s *DDSketch) Add(value float64) error { - return s.AddWithCount(value, float64(1)) -} - -// Adds a value to the sketch with a float64 count. -func (s *DDSketch) AddWithCount(value, count float64) error { - if count < 0 { - return ErrNegativeCount - } - - if value > s.MinIndexableValue() { - if value > s.MaxIndexableValue() { - return ErrUntrackableTooHigh - } - s.positiveValueStore.AddWithCount(s.Index(value), count) - } else if value < -s.MinIndexableValue() { - if value < -s.MaxIndexableValue() { - return ErrUntrackableTooLow - } - s.negativeValueStore.AddWithCount(s.Index(-value), count) - } else if math.IsNaN(value) { - return ErrUntrackableNaN - } else { - s.zeroCount += count - } - return nil -} - -// Return a (deep) copy of this sketch. -func (s *DDSketch) Copy() *DDSketch { - return &DDSketch{ - IndexMapping: s.IndexMapping, - positiveValueStore: s.positiveValueStore.Copy(), - negativeValueStore: s.negativeValueStore.Copy(), - zeroCount: s.zeroCount, - } -} - -// Clear empties the sketch while allowing reusing already allocated memory. -func (s *DDSketch) Clear() { - s.positiveValueStore.Clear() - s.negativeValueStore.Clear() - s.zeroCount = 0 -} - -// Return the value at the specified quantile. Return a non-nil error if the quantile is invalid -// or if the sketch is empty. -func (s *DDSketch) GetValueAtQuantile(quantile float64) (float64, error) { - if quantile < 0 || quantile > 1 { - return math.NaN(), errors.New("The quantile must be between 0 and 1.") - } - - count := s.GetCount() - if count == 0 { - return math.NaN(), errEmptySketch - } - - rank := quantile * (count - 1) - negativeValueCount := s.negativeValueStore.TotalCount() - if rank < negativeValueCount { - return -s.Value(s.negativeValueStore.KeyAtRank(negativeValueCount - 1 - rank)), nil - } else if rank < s.zeroCount+negativeValueCount { - return 0, nil - } else { - return s.Value(s.positiveValueStore.KeyAtRank(rank - s.zeroCount - negativeValueCount)), nil - } -} - -// Return the values at the respective specified quantiles. Return a non-nil error if any of the quantiles -// is invalid or if the sketch is empty. -func (s *DDSketch) GetValuesAtQuantiles(quantiles []float64) ([]float64, error) { - values := make([]float64, len(quantiles)) - for i, q := range quantiles { - val, err := s.GetValueAtQuantile(q) - if err != nil { - return nil, err - } - values[i] = val - } - return values, nil -} - -// Return the total number of values that have been added to this sketch. -func (s *DDSketch) GetCount() float64 { - return s.zeroCount + s.positiveValueStore.TotalCount() + s.negativeValueStore.TotalCount() -} - -// GetZeroCount returns the number of zero values that have been added to this sketch. -// Note: values that are very small (lower than MinIndexableValue if positive, or higher than -MinIndexableValue if negative) -// are also mapped to the zero bucket. -func (s *DDSketch) GetZeroCount() float64 { - return s.zeroCount -} - -// Return true iff no value has been added to this sketch. -func (s *DDSketch) IsEmpty() bool { - return s.zeroCount == 0 && s.positiveValueStore.IsEmpty() && s.negativeValueStore.IsEmpty() -} - -// Return the maximum value that has been added to this sketch. Return a non-nil error if the sketch -// is empty. -func (s *DDSketch) GetMaxValue() (float64, error) { - if !s.positiveValueStore.IsEmpty() { - maxIndex, _ := s.positiveValueStore.MaxIndex() - return s.Value(maxIndex), nil - } else if s.zeroCount > 0 { - return 0, nil - } else { - minIndex, err := s.negativeValueStore.MinIndex() - if err != nil { - return math.NaN(), err - } - return -s.Value(minIndex), nil - } -} - -// Return the minimum value that has been added to this sketch. Returns a non-nil error if the sketch -// is empty. -func (s *DDSketch) GetMinValue() (float64, error) { - if !s.negativeValueStore.IsEmpty() { - maxIndex, _ := s.negativeValueStore.MaxIndex() - return -s.Value(maxIndex), nil - } else if s.zeroCount > 0 { - return 0, nil - } else { - minIndex, err := s.positiveValueStore.MinIndex() - if err != nil { - return math.NaN(), err - } - return s.Value(minIndex), nil - } -} - -// GetSum returns an approximation of the sum of the values that have been added to the sketch. If the -// values that have been added to the sketch all have the same sign, the approximation error has -// the relative accuracy guarantees of the mapping used for this sketch. -func (s *DDSketch) GetSum() (sum float64) { - s.ForEach(func(value float64, count float64) (stop bool) { - sum += value * count - return false - }) - return sum -} - -// GetPositiveValueStore returns the store.Store object that contains the positive -// values of the sketch. -func (s *DDSketch) GetPositiveValueStore() store.Store { - return s.positiveValueStore -} - -// GetNegativeValueStore returns the store.Store object that contains the negative -// values of the sketch. -func (s *DDSketch) GetNegativeValueStore() store.Store { - return s.negativeValueStore -} - -// ForEach applies f on the bins of the sketches until f returns true. -// There is no guarantee on the bin iteration order. -func (s *DDSketch) ForEach(f func(value, count float64) (stop bool)) { - if s.zeroCount != 0 && f(0, s.zeroCount) { - return - } - stopped := false - s.positiveValueStore.ForEach(func(index int, count float64) bool { - stopped = f(s.IndexMapping.Value(index), count) - return stopped - }) - if stopped { - return - } - s.negativeValueStore.ForEach(func(index int, count float64) bool { - return f(-s.IndexMapping.Value(index), count) - }) -} - -// Merges the other sketch into this one. After this operation, this sketch encodes the values that -// were added to both this and the other sketches. -func (s *DDSketch) MergeWith(other *DDSketch) error { - if !s.IndexMapping.Equals(other.IndexMapping) { - return errors.New("Cannot merge sketches with different index mappings.") - } - s.positiveValueStore.MergeWith(other.positiveValueStore) - s.negativeValueStore.MergeWith(other.negativeValueStore) - s.zeroCount += other.zeroCount - return nil -} - -// Generates a protobuf representation of this DDSketch. -func (s *DDSketch) ToProto() *sketchpb.DDSketch { - return &sketchpb.DDSketch{ - Mapping: s.IndexMapping.ToProto(), - PositiveValues: s.positiveValueStore.ToProto(), - NegativeValues: s.negativeValueStore.ToProto(), - ZeroCount: s.zeroCount, - } -} - -// FromProto builds a new instance of DDSketch based on the provided protobuf representation, using a Dense store. -func FromProto(pb *sketchpb.DDSketch) (*DDSketch, error) { - return FromProtoWithStoreProvider(pb, store.DenseStoreConstructor) -} - -func FromProtoWithStoreProvider(pb *sketchpb.DDSketch, storeProvider store.Provider) (*DDSketch, error) { - positiveValueStore := storeProvider() - if pb.PositiveValues != nil { - store.MergeWithProto(positiveValueStore, pb.PositiveValues) - } - negativeValueStore := storeProvider() - if pb.NegativeValues != nil { - store.MergeWithProto(negativeValueStore, pb.NegativeValues) - } - m, err := mapping.FromProto(pb.Mapping) - if err != nil { - return nil, err - } - return &DDSketch{ - IndexMapping: m, - positiveValueStore: positiveValueStore, - negativeValueStore: negativeValueStore, - zeroCount: pb.ZeroCount, - }, nil -} - -// Encode serializes the sketch and appends the serialized content to the provided []byte. -// If the capacity of the provided []byte is large enough, Encode does not allocate memory space. -// When the index mapping is known at the time of deserialization, omitIndexMapping can be set to true to avoid encoding it and to make the serialized content smaller. -// The encoding format is described in the encoding/flag module. -func (s *DDSketch) Encode(b *[]byte, omitIndexMapping bool) { - if s.zeroCount != 0 { - enc.EncodeFlag(b, enc.FlagZeroCountVarFloat) - enc.EncodeVarfloat64(b, s.zeroCount) - } - - if !omitIndexMapping { - s.IndexMapping.Encode(b) - } - - s.positiveValueStore.Encode(b, enc.FlagTypePositiveStore) - s.negativeValueStore.Encode(b, enc.FlagTypeNegativeStore) -} - -// DecodeDDSketch deserializes a sketch. -// Stores are built using storeProvider. The store type needs not match the -// store that the serialized sketch initially used. However, using the same -// store type may make decoding faster. In the absence of high performance -// requirements, store.BufferedPaginatedStoreConstructor is a sound enough -// choice of store provider. -// To avoid memory allocations, it is possible to use a store provider that -// reuses stores, by calling Clear() on previously used stores before providing -// the store. -// If the serialized data does not contain the index mapping, you need to -// specify the index mapping that was used in the sketch that was encoded. -// Otherwise, you can use nil and the index mapping will be decoded from the -// serialized data. -// It is possible to decode with this function an encoded -// DDSketchWithExactSummaryStatistics, but the exact summary statistics will be -// lost. -func DecodeDDSketch(b []byte, storeProvider store.Provider, indexMapping mapping.IndexMapping) (*DDSketch, error) { - s := &DDSketch{ - IndexMapping: indexMapping, - positiveValueStore: storeProvider(), - negativeValueStore: storeProvider(), - zeroCount: float64(0), - } - err := s.DecodeAndMergeWith(b) - return s, err -} - -// DecodeAndMergeWith deserializes a sketch and merges its content in the -// receiver sketch. -// If the serialized content contains an index mapping that differs from the one -// of the receiver, DecodeAndMergeWith returns an error. -func (s *DDSketch) DecodeAndMergeWith(bb []byte) error { - return s.decodeAndMergeWith(bb, func(b *[]byte, flag enc.Flag) error { - switch flag { - case enc.FlagCount, enc.FlagSum, enc.FlagMin, enc.FlagMax: - // Exact summary stats are ignored. - if len(*b) < 8 { - return io.EOF - } - *b = (*b)[8:] - return nil - default: - return errUnknownFlag - } - }) -} - -func (s *DDSketch) decodeAndMergeWith(bb []byte, fallbackDecode func(b *[]byte, flag enc.Flag) error) error { - b := &bb - for len(*b) > 0 { - flag, err := enc.DecodeFlag(b) - if err != nil { - return err - } - switch flag.Type() { - case enc.FlagTypePositiveStore: - s.positiveValueStore.DecodeAndMergeWith(b, flag.SubFlag()) - case enc.FlagTypeNegativeStore: - s.negativeValueStore.DecodeAndMergeWith(b, flag.SubFlag()) - case enc.FlagTypeIndexMapping: - decodedIndexMapping, err := mapping.Decode(b, flag) - if err != nil { - return err - } - if s.IndexMapping != nil && !s.IndexMapping.Equals(decodedIndexMapping) { - return errors.New("index mapping mismatch") - } - s.IndexMapping = decodedIndexMapping - default: - switch flag { - - case enc.FlagZeroCountVarFloat: - decodedZeroCount, err := enc.DecodeVarfloat64(b) - if err != nil { - return err - } - s.zeroCount += decodedZeroCount - - default: - err := fallbackDecode(b, flag) - if err != nil { - return err - } - } - } - } - - if s.IndexMapping == nil { - return errors.New("missing index mapping") - } - return nil -} - -// ChangeMapping changes the store to a new mapping. -// it doesn't change s but returns a newly created sketch. -// positiveStore and negativeStore must be different stores, and be empty when the function is called. -// It is not the conversion that minimizes the loss in relative -// accuracy, but it avoids artefacts like empty bins that make the histograms look bad. -// scaleFactor allows to scale out / in all values. (changing units for eg) -func (s *DDSketch) ChangeMapping(newMapping mapping.IndexMapping, positiveStore store.Store, negativeStore store.Store, scaleFactor float64) *DDSketch { - if scaleFactor == 1 && s.IndexMapping.Equals(newMapping) { - return s.Copy() - } - changeStoreMapping(s.IndexMapping, newMapping, s.positiveValueStore, positiveStore, scaleFactor) - changeStoreMapping(s.IndexMapping, newMapping, s.negativeValueStore, negativeStore, scaleFactor) - newSketch := NewDDSketch(newMapping, positiveStore, negativeStore) - newSketch.zeroCount = s.zeroCount - return newSketch -} - -func changeStoreMapping(oldMapping, newMapping mapping.IndexMapping, oldStore, newStore store.Store, scaleFactor float64) { - oldStore.ForEach(func(index int, count float64) (stop bool) { - inLowerBound := oldMapping.LowerBound(index) * scaleFactor - inHigherBound := oldMapping.LowerBound(index+1) * scaleFactor - inSize := inHigherBound - inLowerBound - for outIndex := newMapping.Index(inLowerBound); newMapping.LowerBound(outIndex) < inHigherBound; outIndex++ { - outLowerBound := newMapping.LowerBound(outIndex) - outHigherBound := newMapping.LowerBound(outIndex + 1) - lowerIntersectionBound := math.Max(outLowerBound, inLowerBound) - higherIntersectionBound := math.Min(outHigherBound, inHigherBound) - intersectionSize := higherIntersectionBound - lowerIntersectionBound - proportion := intersectionSize / inSize - newStore.AddWithCount(outIndex, proportion*count) - } - return false - }) -} - -// Reweight multiplies all values from the sketch by w, but keeps the same global distribution. -// w has to be strictly greater than 0. -func (s *DDSketch) Reweight(w float64) error { - if w <= 0 { - return errors.New("can't reweight by a negative factor") - } - if w == 1 { - return nil - } - s.zeroCount *= w - if err := s.positiveValueStore.Reweight(w); err != nil { - return err - } - if err := s.negativeValueStore.Reweight(w); err != nil { - return err - } - return nil -} - -// DDSketchWithExactSummaryStatistics returns exact count, sum, min and max, as -// opposed to DDSketch, which may return approximate values for those -// statistics. Because of the need to track them exactly, adding and merging -// operations are slightly more exepensive than those of DDSketch. -type DDSketchWithExactSummaryStatistics struct { - *DDSketch - summaryStatistics *stat.SummaryStatistics -} - -func NewDefaultDDSketchWithExactSummaryStatistics(relativeAccuracy float64) (*DDSketchWithExactSummaryStatistics, error) { - sketch, err := NewDefaultDDSketch(relativeAccuracy) - if err != nil { - return nil, err - } - return &DDSketchWithExactSummaryStatistics{ - DDSketch: sketch, - summaryStatistics: stat.NewSummaryStatistics(), - }, nil -} - -func NewDDSketchWithExactSummaryStatistics(mapping mapping.IndexMapping, storeProvider store.Provider) *DDSketchWithExactSummaryStatistics { - return &DDSketchWithExactSummaryStatistics{ - DDSketch: NewDDSketchFromStoreProvider(mapping, storeProvider), - summaryStatistics: stat.NewSummaryStatistics(), - } -} - -// NewDDSketchWithExactSummaryStatisticsFromData constructs DDSketchWithExactSummaryStatistics from the provided sketch and exact summary statistics. -func NewDDSketchWithExactSummaryStatisticsFromData(sketch *DDSketch, summaryStatistics *stat.SummaryStatistics) (*DDSketchWithExactSummaryStatistics, error) { - if sketch.IsEmpty() != (summaryStatistics.Count() == 0) { - return nil, errors.New("sketch and summary statistics do not match") - } - return &DDSketchWithExactSummaryStatistics{ - DDSketch: sketch, - summaryStatistics: summaryStatistics, - }, nil -} - -func (s *DDSketchWithExactSummaryStatistics) IsEmpty() bool { - return s.summaryStatistics.Count() == 0 -} - -func (s *DDSketchWithExactSummaryStatistics) GetCount() float64 { - return s.summaryStatistics.Count() -} - -// GetZeroCount returns the number of zero values that have been added to this sketch. -// Note: values that are very small (lower than MinIndexableValue if positive, or higher than -MinIndexableValue if negative) -// are also mapped to the zero bucket. -func (s *DDSketchWithExactSummaryStatistics) GetZeroCount() float64 { - return s.DDSketch.zeroCount -} - -func (s *DDSketchWithExactSummaryStatistics) GetSum() float64 { - return s.summaryStatistics.Sum() -} - -// GetPositiveValueStore returns the store.Store object that contains the positive -// values of the sketch. -func (s *DDSketchWithExactSummaryStatistics) GetPositiveValueStore() store.Store { - return s.DDSketch.positiveValueStore -} - -// GetNegativeValueStore returns the store.Store object that contains the negative -// values of the sketch. -func (s *DDSketchWithExactSummaryStatistics) GetNegativeValueStore() store.Store { - return s.DDSketch.negativeValueStore -} - -func (s *DDSketchWithExactSummaryStatistics) GetMinValue() (float64, error) { - if s.DDSketch.IsEmpty() { - return math.NaN(), errEmptySketch - } - return s.summaryStatistics.Min(), nil -} - -func (s *DDSketchWithExactSummaryStatistics) GetMaxValue() (float64, error) { - if s.DDSketch.IsEmpty() { - return math.NaN(), errEmptySketch - } - return s.summaryStatistics.Max(), nil -} - -func (s *DDSketchWithExactSummaryStatistics) GetValueAtQuantile(quantile float64) (float64, error) { - value, err := s.DDSketch.GetValueAtQuantile(quantile) - min := s.summaryStatistics.Min() - if value < min { - return min, err - } - max := s.summaryStatistics.Max() - if value > max { - return max, err - } - return value, err -} - -func (s *DDSketchWithExactSummaryStatistics) GetValuesAtQuantiles(quantiles []float64) ([]float64, error) { - values, err := s.DDSketch.GetValuesAtQuantiles(quantiles) - min := s.summaryStatistics.Min() - max := s.summaryStatistics.Max() - for i := range values { - if values[i] < min { - values[i] = min - } else if values[i] > max { - values[i] = max - } - } - return values, err -} - -func (s *DDSketchWithExactSummaryStatistics) ForEach(f func(value, count float64) (stop bool)) { - s.DDSketch.ForEach(f) -} - -func (s *DDSketchWithExactSummaryStatistics) Clear() { - s.DDSketch.Clear() - s.summaryStatistics.Clear() -} - -func (s *DDSketchWithExactSummaryStatistics) Add(value float64) error { - err := s.DDSketch.Add(value) - if err != nil { - return err - } - s.summaryStatistics.Add(value, 1) - return nil -} - -func (s *DDSketchWithExactSummaryStatistics) AddWithCount(value, count float64) error { - if count == 0 { - return nil - } - err := s.DDSketch.AddWithCount(value, count) - if err != nil { - return err - } - s.summaryStatistics.Add(value, count) - return nil -} - -func (s *DDSketchWithExactSummaryStatistics) MergeWith(o *DDSketchWithExactSummaryStatistics) error { - err := s.DDSketch.MergeWith(o.DDSketch) - if err != nil { - return err - } - s.summaryStatistics.MergeWith(o.summaryStatistics) - return nil -} - -func (s *DDSketchWithExactSummaryStatistics) Copy() *DDSketchWithExactSummaryStatistics { - return &DDSketchWithExactSummaryStatistics{ - DDSketch: s.DDSketch.Copy(), - summaryStatistics: s.summaryStatistics.Copy(), - } -} - -func (s *DDSketchWithExactSummaryStatistics) Reweight(factor float64) error { - err := s.DDSketch.Reweight(factor) - if err != nil { - return err - } - s.summaryStatistics.Reweight(factor) - return nil -} - -func (s *DDSketchWithExactSummaryStatistics) ChangeMapping(newMapping mapping.IndexMapping, storeProvider store.Provider, scaleFactor float64) *DDSketchWithExactSummaryStatistics { - summaryStatisticsCopy := s.summaryStatistics.Copy() - summaryStatisticsCopy.Rescale(scaleFactor) - return &DDSketchWithExactSummaryStatistics{ - DDSketch: s.DDSketch.ChangeMapping(newMapping, storeProvider(), storeProvider(), scaleFactor), - summaryStatistics: summaryStatisticsCopy, - } -} - -func (s *DDSketchWithExactSummaryStatistics) Encode(b *[]byte, omitIndexMapping bool) { - if s.summaryStatistics.Count() != 0 { - enc.EncodeFlag(b, enc.FlagCount) - enc.EncodeVarfloat64(b, s.summaryStatistics.Count()) - } - if s.summaryStatistics.Sum() != 0 { - enc.EncodeFlag(b, enc.FlagSum) - enc.EncodeFloat64LE(b, s.summaryStatistics.Sum()) - } - if s.summaryStatistics.Min() != math.Inf(1) { - enc.EncodeFlag(b, enc.FlagMin) - enc.EncodeFloat64LE(b, s.summaryStatistics.Min()) - } - if s.summaryStatistics.Max() != math.Inf(-1) { - enc.EncodeFlag(b, enc.FlagMax) - enc.EncodeFloat64LE(b, s.summaryStatistics.Max()) - } - s.DDSketch.Encode(b, omitIndexMapping) -} - -// DecodeDDSketchWithExactSummaryStatistics deserializes a sketch. -// Stores are built using storeProvider. The store type needs not match the -// store that the serialized sketch initially used. However, using the same -// store type may make decoding faster. In the absence of high performance -// requirements, store.DefaultProvider is a sound enough choice of store -// provider. -// To avoid memory allocations, it is possible to use a store provider that -// reuses stores, by calling Clear() on previously used stores before providing -// the store. -// If the serialized data does not contain the index mapping, you need to -// specify the index mapping that was used in the sketch that was encoded. -// Otherwise, you can use nil and the index mapping will be decoded from the -// serialized data. -// It is not possible to decode with this function an encoded DDSketch (unless -// it is empty), because it does not track exact summary statistics -func DecodeDDSketchWithExactSummaryStatistics(b []byte, storeProvider store.Provider, indexMapping mapping.IndexMapping) (*DDSketchWithExactSummaryStatistics, error) { - s := &DDSketchWithExactSummaryStatistics{ - DDSketch: &DDSketch{ - IndexMapping: indexMapping, - positiveValueStore: storeProvider(), - negativeValueStore: storeProvider(), - zeroCount: float64(0), - }, - summaryStatistics: stat.NewSummaryStatistics(), - } - err := s.DecodeAndMergeWith(b) - return s, err -} - -func (s *DDSketchWithExactSummaryStatistics) DecodeAndMergeWith(bb []byte) error { - err := s.DDSketch.decodeAndMergeWith(bb, func(b *[]byte, flag enc.Flag) error { - switch flag { - case enc.FlagCount: - count, err := enc.DecodeVarfloat64(b) - if err != nil { - return err - } - s.summaryStatistics.AddToCount(count) - return nil - case enc.FlagSum: - sum, err := enc.DecodeFloat64LE(b) - if err != nil { - return err - } - s.summaryStatistics.AddToSum(sum) - return nil - case enc.FlagMin, enc.FlagMax: - stat, err := enc.DecodeFloat64LE(b) - if err != nil { - return err - } - s.summaryStatistics.Add(stat, 0) - return nil - default: - return errUnknownFlag - } - }) - if err != nil { - return err - } - // It is assumed that if the count is encoded, other exact summary - // statistics are encoded as well, which is the case if Encode is used. - if s.summaryStatistics.Count() == 0 && !s.DDSketch.IsEmpty() { - return errors.New("missing exact summary statistics") - } - return nil -} diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/encoding/encoding.go b/vendor/github.com/DataDog/sketches-go/ddsketch/encoding/encoding.go deleted file mode 100644 index c50dc1ad..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/encoding/encoding.go +++ /dev/null @@ -1,208 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package encoding - -import ( - "encoding/binary" - "errors" - "io" - "math" - "math/bits" -) - -// Encoding functions append bytes to the provided *[]byte, allowing avoiding -// allocations if the slice initially has a large enough capacity. -// Decoding functions also take *[]byte as input, and when they do not return an -// error, advance the slice so that it starts at the immediate byte after the -// decoded part (or so that it is empty if there is no such byte). - -const ( - MaxVarLen64 = 9 - varfloat64Rotate = 6 -) - -var uvarint64Sizes = initUvarint64Sizes() -var varfloat64Sizes = initVarfloat64Sizes() - -// EncodeUvarint64 serializes 64-bit unsigned integers 7 bits at a time, -// starting with the least significant bits. The most significant bit in each -// output byte is the continuation bit and indicates whether there are -// additional non-zero bits encoded in following bytes. There are at most 9 -// output bytes and the last one does not have a continuation bit, allowing for -// it to encode 8 bits (8*7+8 = 64). -func EncodeUvarint64(b *[]byte, v uint64) { - for i := 0; i < MaxVarLen64-1; i++ { - if v < 0x80 { - break - } - *b = append(*b, byte(v)|byte(0x80)) - v >>= 7 - } - *b = append(*b, byte(v)) -} - -// DecodeUvarint64 deserializes 64-bit unsigned integers that have been encoded -// using EncodeUvarint64. -func DecodeUvarint64(b *[]byte) (uint64, error) { - x := uint64(0) - s := uint(0) - for i := 0; ; i++ { - if len(*b) <= i { - return 0, io.EOF - } - n := (*b)[i] - if n < 0x80 || i == MaxVarLen64-1 { - *b = (*b)[i+1:] - return x | uint64(n)<>i) - sizes[i] = len(b) - } - return sizes -} - -// EncodeVarint64 serializes 64-bit signed integers using zig-zag encoding, -// which ensures small-scale integers are turned into unsigned integers that -// have leading zeros, whether they are positive or negative, hence allows for -// space-efficient varuint encoding of those values. -func EncodeVarint64(b *[]byte, v int64) { - EncodeUvarint64(b, uint64(v>>(64-1)^(v<<1))) -} - -// DecodeVarint64 deserializes 64-bit signed integers that have been encoded -// using EncodeVarint32. -func DecodeVarint64(b *[]byte) (int64, error) { - v, err := DecodeUvarint64(b) - return int64((v >> 1) ^ -(v & 1)), err -} - -// Varint64Size returns the number of bytes that EncodeVarint64 encodes a 64-bit -// signed integer into. -func Varint64Size(v int64) int { - return Uvarint64Size(uint64(v>>(64-1) ^ (v << 1))) -} - -var errVarint32Overflow = errors.New("varint overflows a 32-bit integer") - -// DecodeVarint32 deserializes 32-bit signed integers that have been encoded -// using EncodeVarint64. -func DecodeVarint32(b *[]byte) (int32, error) { - v, err := DecodeVarint64(b) - if err != nil { - return 0, err - } - if v > math.MaxInt32 || v < math.MinInt32 { - return 0, errVarint32Overflow - } - return int32(v), nil -} - -// EncodeFloat64LE serializes 64-bit floating-point values, starting with the -// least significant bytes. -func EncodeFloat64LE(b *[]byte, v float64) { - *b = append(*b, make([]byte, 8)...) - binary.LittleEndian.PutUint64((*b)[len(*b)-8:], math.Float64bits(v)) -} - -// DecodeFloat64LE deserializes 64-bit floating-point values that have been -// encoded with EncodeFloat64LE. -func DecodeFloat64LE(b *[]byte) (float64, error) { - if len(*b) < 8 { - return 0, io.EOF - } - v := math.Float64frombits(binary.LittleEndian.Uint64(*b)) - *b = (*b)[8:] - return v, nil -} - -// EncodeVarfloat64 serializes 64-bit floating-point values using a method that -// is similar to the varuint encoding and that is space-efficient for -// non-negative integer values. The output takes at most 9 bytes. -// Input values are first shifted as floating-point values (+1), then transmuted -// to integer values, then shifted again as integer values (-Float64bits(1)). -// That is in order to minimize the number of non-zero bits when dealing with -// non-negative integer values. -// After that transformation, any input integer value no greater than 2^53 (the -// largest integer value that can be encoded exactly as a 64-bit floating-point -// value) will have at least 6 leading zero bits. By rotating bits to the left, -// those bits end up at the right of the binary representation. -// The resulting bits are then encoded similarly to the varuint method, but -// starting with the most significant bits. -func EncodeVarfloat64(b *[]byte, v float64) { - x := bits.RotateLeft64(math.Float64bits(v+1)-math.Float64bits(1), varfloat64Rotate) - for i := 0; i < MaxVarLen64-1; i++ { - n := byte(x >> (8*8 - 7)) - x <<= 7 - if x == 0 { - *b = append(*b, n) - return - } - *b = append(*b, n|byte(0x80)) - } - n := byte(x >> (8 * 7)) - *b = append(*b, n) -} - -// DecodeVarfloat64 deserializes 64-bit floating-point values that have been -// encoded with EncodeVarfloat64. -func DecodeVarfloat64(b *[]byte) (float64, error) { - x := uint64(0) - i := int(0) - s := uint(8*8 - 7) - for { - if len(*b) <= i { - return 0, io.EOF - } - n := (*b)[i] - if i == MaxVarLen64-1 { - x |= uint64(n) - break - } - if n < 0x80 { - x |= uint64(n) << s - break - } - x |= uint64(n&0x7F) << s - i++ - s -= 7 - } - *b = (*b)[i+1:] - return math.Float64frombits(bits.RotateLeft64(x, -varfloat64Rotate)+math.Float64bits(1)) - 1, nil -} - -// Varfloat64Size returns the number of bytes that EncodeVarfloat64 encodes a -// 64-bit floating-point value into. -func Varfloat64Size(v float64) int { - x := bits.RotateLeft64(math.Float64bits(v+1)-math.Float64bits(1), varfloat64Rotate) - return varfloat64Sizes[bits.TrailingZeros64(x)] -} - -func initVarfloat64Sizes() [65]int { - var sizes [65]int - b := []byte{} - for i := 0; i <= 64; i++ { - b = b[:0] - EncodeVarfloat64(&b, math.Float64frombits(bits.RotateLeft64(^uint64(0)<>exponentShift) - exponentBias) -} - -func getSignificandPlusOne(float64Bits uint64) float64 { - return math.Float64frombits((float64Bits & significandMask) | oneMask) -} - -// exponent should be >= -1022 and <= 1023 -// significandPlusOne should be >= 1 and < 2 -func buildFloat64(exponent int, significandPlusOne float64) float64 { - return math.Float64frombits( - (uint64((exponent+exponentBias)<sketches-java -type CubicallyInterpolatedMapping struct { - gamma float64 // base - indexOffset float64 - multiplier float64 // precomputed for performance - minIndexableValue float64 - maxIndexableValue float64 -} - -func NewCubicallyInterpolatedMapping(relativeAccuracy float64) (*CubicallyInterpolatedMapping, error) { - if relativeAccuracy <= 0 || relativeAccuracy >= 1 { - return nil, errors.New("The relative accuracy must be between 0 and 1.") - } - gamma := math.Pow((1+relativeAccuracy)/(1-relativeAccuracy), 10*math.Ln2/7) // > 1 - m, _ := NewCubicallyInterpolatedMappingWithGamma(gamma, 0) - return m, nil -} - -func NewCubicallyInterpolatedMappingWithGamma(gamma, indexOffset float64) (*CubicallyInterpolatedMapping, error) { - if gamma <= 1 { - return nil, errors.New("Gamma must be greater than 1.") - } - multiplier := 1 / math.Log2(gamma) - adjustedGamma := math.Pow(gamma, 7/(10*math.Ln2)) - m := CubicallyInterpolatedMapping{ - gamma: gamma, - indexOffset: indexOffset, - multiplier: multiplier, - minIndexableValue: math.Max( - math.Exp2((math.MinInt32-indexOffset)/multiplier+1), // so that index >= MinInt32 - minNormalFloat64*adjustedGamma, - ), - maxIndexableValue: math.Min( - math.Exp2((math.MaxInt32-indexOffset)/multiplier-1), // so that index <= MaxInt32 - math.Exp(expOverflow)/(2*adjustedGamma)*(adjustedGamma+1), // so that math.Exp does not overflow - ), - } - return &m, nil -} - -func (m *CubicallyInterpolatedMapping) Equals(other IndexMapping) bool { - o, ok := other.(*CubicallyInterpolatedMapping) - if !ok { - return false - } - tol := 1e-12 - return withinTolerance(m.gamma, o.gamma, tol) && withinTolerance(m.indexOffset, o.indexOffset, tol) -} - -func (m *CubicallyInterpolatedMapping) Index(value float64) int { - index := m.approximateLog(value)*m.multiplier + m.indexOffset - if index >= 0 { - return int(index) - } else { - return int(index) - 1 - } -} - -func (m *CubicallyInterpolatedMapping) Value(index int) float64 { - return m.LowerBound(index) * (1 + m.RelativeAccuracy()) -} - -func (m *CubicallyInterpolatedMapping) LowerBound(index int) float64 { - return m.approximateInverseLog((float64(index) - m.indexOffset) / m.multiplier) -} - -// Return an approximation of Math.log(x) / Math.log(base(2)). -func (m *CubicallyInterpolatedMapping) approximateLog(x float64) float64 { - bits := math.Float64bits(x) - e := getExponent(bits) - s := getSignificandPlusOne(bits) - 1 - return ((A*s+B)*s+C)*s + e -} - -// The exact inverse of approximateLog. -func (m *CubicallyInterpolatedMapping) approximateInverseLog(x float64) float64 { - exponent := math.Floor(x) - // Derived from Cardano's formula - d0 := B*B - 3*A*C - d1 := 2*B*B*B - 9*A*B*C - 27*A*A*(x-exponent) - p := math.Cbrt((d1 - math.Sqrt(d1*d1-4*d0*d0*d0)) / 2) - significandPlusOne := -(B+p+d0/p)/(3*A) + 1 - return buildFloat64(int(exponent), significandPlusOne) -} - -func (m *CubicallyInterpolatedMapping) MinIndexableValue() float64 { - return m.minIndexableValue -} - -func (m *CubicallyInterpolatedMapping) MaxIndexableValue() float64 { - return m.maxIndexableValue -} - -func (m *CubicallyInterpolatedMapping) RelativeAccuracy() float64 { - return 1 - 2/(1+math.Exp(7.0/10*math.Log2(m.gamma))) -} - -func (m *CubicallyInterpolatedMapping) ToProto() *sketchpb.IndexMapping { - return &sketchpb.IndexMapping{ - Gamma: m.gamma, - IndexOffset: m.indexOffset, - Interpolation: sketchpb.IndexMapping_CUBIC, - } -} - -func (m *CubicallyInterpolatedMapping) Encode(b *[]byte) { - enc.EncodeFlag(b, enc.FlagIndexMappingBaseCubic) - enc.EncodeFloat64LE(b, m.gamma) - enc.EncodeFloat64LE(b, m.indexOffset) -} - -func (m *CubicallyInterpolatedMapping) string() string { - var buffer bytes.Buffer - buffer.WriteString(fmt.Sprintf("gamma: %v, indexOffset: %v\n", m.gamma, m.indexOffset)) - return buffer.String() -} - -var _ IndexMapping = (*CubicallyInterpolatedMapping)(nil) diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/index_mapping.go b/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/index_mapping.go deleted file mode 100644 index 88b92659..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/index_mapping.go +++ /dev/null @@ -1,95 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package mapping - -import ( - "errors" - "fmt" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" -) - -const ( - expOverflow = 7.094361393031e+02 // The value at which math.Exp overflows - minNormalFloat64 = 2.2250738585072014e-308 //2^(-1022) -) - -type IndexMapping interface { - Equals(other IndexMapping) bool - Index(value float64) int - Value(index int) float64 - LowerBound(index int) float64 - RelativeAccuracy() float64 - // MinIndexableValue returns the minimum positive value that can be mapped to an index. - MinIndexableValue() float64 - // MaxIndexableValue returns the maximum positive value that can be mapped to an index. - MaxIndexableValue() float64 - ToProto() *sketchpb.IndexMapping - // Encode encodes a mapping and appends its content to the provided []byte. - Encode(b *[]byte) -} - -func NewDefaultMapping(relativeAccuracy float64) (IndexMapping, error) { - return NewLogarithmicMapping(relativeAccuracy) -} - -// FromProto returns an Index mapping from the protobuf definition of it -func FromProto(m *sketchpb.IndexMapping) (IndexMapping, error) { - if m == nil { - return nil, errors.New("cannot create IndexMapping from nil protobuf index mapping") - } - switch m.Interpolation { - case sketchpb.IndexMapping_NONE: - return NewLogarithmicMappingWithGamma(m.Gamma, m.IndexOffset) - case sketchpb.IndexMapping_LINEAR: - return NewLinearlyInterpolatedMappingWithGamma(m.Gamma, m.IndexOffset) - case sketchpb.IndexMapping_CUBIC: - return NewCubicallyInterpolatedMappingWithGamma(m.Gamma, m.IndexOffset) - default: - return nil, fmt.Errorf("interpolation not supported: %d", m.Interpolation) - } -} - -// Decode decodes a mapping and updates the provided []byte so that it starts -// immediately after the encoded mapping. -func Decode(b *[]byte, flag enc.Flag) (IndexMapping, error) { - switch flag { - - case enc.FlagIndexMappingBaseLogarithmic: - gamma, indexOffset, err := decodeLogLikeIndexMapping(b) - if err != nil { - return nil, err - } - return NewLogarithmicMappingWithGamma(gamma, indexOffset) - - case enc.FlagIndexMappingBaseLinear: - gamma, indexOffset, err := decodeLogLikeIndexMapping(b) - if err != nil { - return nil, err - } - return NewLinearlyInterpolatedMappingWithGamma(gamma, indexOffset) - - case enc.FlagIndexMappingBaseCubic: - gamma, indexOffset, err := decodeLogLikeIndexMapping(b) - if err != nil { - return nil, err - } - return NewCubicallyInterpolatedMappingWithGamma(gamma, indexOffset) - - default: - return nil, errors.New("unknown mapping") - } -} - -func decodeLogLikeIndexMapping(b *[]byte) (gamma, indexOffset float64, err error) { - gamma, err = enc.DecodeFloat64LE(b) - if err != nil { - return - } - indexOffset, err = enc.DecodeFloat64LE(b) - return -} diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/linearly_interpolated_mapping.go b/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/linearly_interpolated_mapping.go deleted file mode 100644 index d9b0b740..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/linearly_interpolated_mapping.go +++ /dev/null @@ -1,142 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package mapping - -import ( - "bytes" - "errors" - "fmt" - "math" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" -) - -// LinearlyInterpolatedMapping is a fast IndexMapping that approximates the -// memory-optimal LogarithmicMapping by extracting the floor value of the -// logarithm to the base 2 from the binary representations of floating-point -// values and linearly interpolating the logarithm in-between. -type LinearlyInterpolatedMapping struct { - gamma float64 // base - indexOffset float64 - multiplier float64 // precomputed for performance - minIndexableValue float64 - maxIndexableValue float64 -} - -func NewLinearlyInterpolatedMapping(relativeAccuracy float64) (*LinearlyInterpolatedMapping, error) { - if relativeAccuracy <= 0 || relativeAccuracy >= 1 { - return nil, errors.New("The relative accuracy must be between 0 and 1.") - } - gamma := math.Pow((1+relativeAccuracy)/(1-relativeAccuracy), math.Ln2) // > 1 - indexOffset := 1 / math.Log2(gamma) // for backward compatibility - m, _ := NewLinearlyInterpolatedMappingWithGamma(gamma, indexOffset) - return m, nil -} - -func NewLinearlyInterpolatedMappingWithGamma(gamma, indexOffset float64) (*LinearlyInterpolatedMapping, error) { - if gamma <= 1 { - return nil, errors.New("Gamma must be greater than 1.") - } - multiplier := 1 / math.Log2(gamma) - adjustedGamma := math.Pow(gamma, 1/math.Ln2) - m := LinearlyInterpolatedMapping{ - gamma: gamma, - indexOffset: indexOffset, - multiplier: multiplier, - minIndexableValue: math.Max( - math.Exp2((math.MinInt32-indexOffset)/multiplier+1), // so that index >= MinInt32 - minNormalFloat64*adjustedGamma, - ), - maxIndexableValue: math.Min( - math.Exp2((math.MaxInt32-indexOffset)/multiplier-1), // so that index <= MaxInt32 - math.Exp(expOverflow)/(2*adjustedGamma)*(adjustedGamma+1), // so that math.Exp does not overflow - ), - } - return &m, nil -} - -func (m *LinearlyInterpolatedMapping) Equals(other IndexMapping) bool { - o, ok := other.(*LinearlyInterpolatedMapping) - if !ok { - return false - } - tol := 1e-12 - return withinTolerance(m.gamma, o.gamma, tol) && withinTolerance(m.indexOffset, o.indexOffset, tol) -} - -func (m *LinearlyInterpolatedMapping) Index(value float64) int { - index := m.approximateLog(value)*m.multiplier + m.indexOffset - if index >= 0 { - return int(index) - } else { - return int(index) - 1 - } -} - -func (m *LinearlyInterpolatedMapping) Value(index int) float64 { - return m.LowerBound(index) * (1 + m.RelativeAccuracy()) -} - -func (m *LinearlyInterpolatedMapping) LowerBound(index int) float64 { - return m.approximateInverseLog((float64(index) - m.indexOffset) / m.multiplier) -} - -// Return an approximation of Math.log(x) / Math.log(2) -func (m *LinearlyInterpolatedMapping) approximateLog(x float64) float64 { - bits := math.Float64bits(x) - return getExponent(bits) + getSignificandPlusOne(bits) - 1 -} - -// The exact inverse of approximateLog. -func (m *LinearlyInterpolatedMapping) approximateInverseLog(x float64) float64 { - exponent := math.Floor(x) - significandPlusOne := x - exponent + 1 - return buildFloat64(int(exponent), significandPlusOne) -} - -func (m *LinearlyInterpolatedMapping) MinIndexableValue() float64 { - return m.minIndexableValue -} - -func (m *LinearlyInterpolatedMapping) MaxIndexableValue() float64 { - return m.maxIndexableValue -} - -func (m *LinearlyInterpolatedMapping) RelativeAccuracy() float64 { - return 1 - 2/(1+math.Exp(math.Log2(m.gamma))) -} - -// Generates a protobuf representation of this LinearlyInterpolatedMapping. -func (m *LinearlyInterpolatedMapping) ToProto() *sketchpb.IndexMapping { - return &sketchpb.IndexMapping{ - Gamma: m.gamma, - IndexOffset: m.indexOffset, - Interpolation: sketchpb.IndexMapping_LINEAR, - } -} - -func (m *LinearlyInterpolatedMapping) Encode(b *[]byte) { - enc.EncodeFlag(b, enc.FlagIndexMappingBaseLinear) - enc.EncodeFloat64LE(b, m.gamma) - enc.EncodeFloat64LE(b, m.indexOffset) -} - -func (m *LinearlyInterpolatedMapping) string() string { - var buffer bytes.Buffer - buffer.WriteString(fmt.Sprintf("gamma: %v, indexOffset: %v\n", m.gamma, m.indexOffset)) - return buffer.String() -} - -func withinTolerance(x, y, tolerance float64) bool { - if x == 0 || y == 0 { - return math.Abs(x) <= tolerance && math.Abs(y) <= tolerance - } else { - return math.Abs(x-y) <= tolerance*math.Max(math.Abs(x), math.Abs(y)) - } -} - -var _ IndexMapping = (*LinearlyInterpolatedMapping)(nil) diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/logarithmic_mapping.go b/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/logarithmic_mapping.go deleted file mode 100644 index 474e74d9..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/mapping/logarithmic_mapping.go +++ /dev/null @@ -1,119 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package mapping - -import ( - "bytes" - "errors" - "fmt" - "math" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" -) - -// LogarithmicMapping is an IndexMapping that is memory-optimal, that is to say -// that given a targeted relative accuracy, it requires the least number of -// indices to cover a given range of values. This is done by logarithmically -// mapping floating-point values to integers. -type LogarithmicMapping struct { - gamma float64 // base - indexOffset float64 - multiplier float64 // precomputed for performance - minIndexableValue float64 - maxIndexableValue float64 -} - -func NewLogarithmicMapping(relativeAccuracy float64) (*LogarithmicMapping, error) { - if relativeAccuracy <= 0 || relativeAccuracy >= 1 { - return nil, errors.New("The relative accuracy must be between 0 and 1.") - } - gamma := (1 + relativeAccuracy) / (1 - relativeAccuracy) // > 1 - m, _ := NewLogarithmicMappingWithGamma(gamma, 0) - return m, nil -} - -func NewLogarithmicMappingWithGamma(gamma, indexOffset float64) (*LogarithmicMapping, error) { - if gamma <= 1 { - return nil, errors.New("Gamma must be greater than 1.") - } - multiplier := 1 / math.Log(gamma) - m := &LogarithmicMapping{ - gamma: gamma, - indexOffset: indexOffset, - multiplier: multiplier, - minIndexableValue: math.Max( - math.Exp((math.MinInt32-indexOffset)/multiplier+1), // so that index >= MinInt32 - minNormalFloat64*gamma, - ), - maxIndexableValue: math.Min( - math.Exp((math.MaxInt32-indexOffset)/multiplier-1), // so that index <= MaxInt32 - math.Exp(expOverflow)/(2*gamma)*(gamma+1), // so that math.Exp does not overflow - ), - } - return m, nil -} - -func (m *LogarithmicMapping) Equals(other IndexMapping) bool { - o, ok := other.(*LogarithmicMapping) - if !ok { - return false - } - tol := 1e-12 - return withinTolerance(m.gamma, o.gamma, tol) && withinTolerance(m.indexOffset, o.indexOffset, tol) -} - -func (m *LogarithmicMapping) Index(value float64) int { - index := math.Log(value)*m.multiplier + m.indexOffset - if index >= 0 { - return int(index) - } else { - return int(index) - 1 // faster than Math.Floor - } -} - -func (m *LogarithmicMapping) Value(index int) float64 { - return m.LowerBound(index) * (1 + m.RelativeAccuracy()) -} - -func (m *LogarithmicMapping) LowerBound(index int) float64 { - return math.Exp((float64(index) - m.indexOffset) / m.multiplier) -} - -func (m *LogarithmicMapping) MinIndexableValue() float64 { - return m.minIndexableValue -} - -func (m *LogarithmicMapping) MaxIndexableValue() float64 { - return m.maxIndexableValue -} - -func (m *LogarithmicMapping) RelativeAccuracy() float64 { - return 1 - 2/(1+m.gamma) -} - -// Generates a protobuf representation of this LogarithicMapping. -func (m *LogarithmicMapping) ToProto() *sketchpb.IndexMapping { - return &sketchpb.IndexMapping{ - Gamma: m.gamma, - IndexOffset: m.indexOffset, - Interpolation: sketchpb.IndexMapping_NONE, - } -} - -func (m *LogarithmicMapping) Encode(b *[]byte) { - enc.EncodeFlag(b, enc.FlagIndexMappingBaseLogarithmic) - enc.EncodeFloat64LE(b, m.gamma) - enc.EncodeFloat64LE(b, m.indexOffset) -} - -func (m *LogarithmicMapping) string() string { - var buffer bytes.Buffer - buffer.WriteString(fmt.Sprintf("gamma: %v, indexOffset: %v\n", m.gamma, m.indexOffset)) - return buffer.String() -} - -var _ IndexMapping = (*LogarithmicMapping)(nil) diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/pb/sketchpb/ddsketch.pb.go b/vendor/github.com/DataDog/sketches-go/ddsketch/pb/sketchpb/ddsketch.pb.go deleted file mode 100644 index 9dbd6f29..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/pb/sketchpb/ddsketch.pb.go +++ /dev/null @@ -1,448 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.28.0 -// protoc v3.19.4 -// source: ddsketch.proto - -package sketchpb - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type IndexMapping_Interpolation int32 - -const ( - IndexMapping_NONE IndexMapping_Interpolation = 0 - IndexMapping_LINEAR IndexMapping_Interpolation = 1 - IndexMapping_QUADRATIC IndexMapping_Interpolation = 2 - IndexMapping_CUBIC IndexMapping_Interpolation = 3 -) - -// Enum value maps for IndexMapping_Interpolation. -var ( - IndexMapping_Interpolation_name = map[int32]string{ - 0: "NONE", - 1: "LINEAR", - 2: "QUADRATIC", - 3: "CUBIC", - } - IndexMapping_Interpolation_value = map[string]int32{ - "NONE": 0, - "LINEAR": 1, - "QUADRATIC": 2, - "CUBIC": 3, - } -) - -func (x IndexMapping_Interpolation) Enum() *IndexMapping_Interpolation { - p := new(IndexMapping_Interpolation) - *p = x - return p -} - -func (x IndexMapping_Interpolation) String() string { - return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) -} - -func (IndexMapping_Interpolation) Descriptor() protoreflect.EnumDescriptor { - return file_ddsketch_proto_enumTypes[0].Descriptor() -} - -func (IndexMapping_Interpolation) Type() protoreflect.EnumType { - return &file_ddsketch_proto_enumTypes[0] -} - -func (x IndexMapping_Interpolation) Number() protoreflect.EnumNumber { - return protoreflect.EnumNumber(x) -} - -// Deprecated: Use IndexMapping_Interpolation.Descriptor instead. -func (IndexMapping_Interpolation) EnumDescriptor() ([]byte, []int) { - return file_ddsketch_proto_rawDescGZIP(), []int{1, 0} -} - -// A DDSketch is essentially a histogram that partitions the range of positive values into an infinite number of -// indexed bins whose size grows exponentially. It keeps track of the number of values (or possibly floating-point -// weights) added to each bin. Negative values are partitioned like positive values, symmetrically to zero. -// The value zero as well as its close neighborhood that would be mapped to extreme bin indexes is mapped to a specific -// counter. -type DDSketch struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // The mapping between positive values and the bin indexes they belong to. - Mapping *IndexMapping `protobuf:"bytes,1,opt,name=mapping,proto3" json:"mapping,omitempty"` - // The store for keeping track of positive values. - PositiveValues *Store `protobuf:"bytes,2,opt,name=positiveValues,proto3" json:"positiveValues,omitempty"` - // The store for keeping track of negative values. A negative value v is mapped using its positive opposite -v. - NegativeValues *Store `protobuf:"bytes,3,opt,name=negativeValues,proto3" json:"negativeValues,omitempty"` - // The count for the value zero and its close neighborhood (whose width depends on the mapping). - ZeroCount float64 `protobuf:"fixed64,4,opt,name=zeroCount,proto3" json:"zeroCount,omitempty"` -} - -func (x *DDSketch) Reset() { - *x = DDSketch{} - if protoimpl.UnsafeEnabled { - mi := &file_ddsketch_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *DDSketch) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*DDSketch) ProtoMessage() {} - -func (x *DDSketch) ProtoReflect() protoreflect.Message { - mi := &file_ddsketch_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use DDSketch.ProtoReflect.Descriptor instead. -func (*DDSketch) Descriptor() ([]byte, []int) { - return file_ddsketch_proto_rawDescGZIP(), []int{0} -} - -func (x *DDSketch) GetMapping() *IndexMapping { - if x != nil { - return x.Mapping - } - return nil -} - -func (x *DDSketch) GetPositiveValues() *Store { - if x != nil { - return x.PositiveValues - } - return nil -} - -func (x *DDSketch) GetNegativeValues() *Store { - if x != nil { - return x.NegativeValues - } - return nil -} - -func (x *DDSketch) GetZeroCount() float64 { - if x != nil { - return x.ZeroCount - } - return 0 -} - -// How to map positive values to the bins they belong to. -type IndexMapping struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // The gamma parameter of the mapping, such that bin index that a value v belongs to is roughly equal to - // log(v)/log(gamma). - Gamma float64 `protobuf:"fixed64,1,opt,name=gamma,proto3" json:"gamma,omitempty"` - // An offset that can be used to shift all bin indexes. - IndexOffset float64 `protobuf:"fixed64,2,opt,name=indexOffset,proto3" json:"indexOffset,omitempty"` - // To speed up the computation of the index a value belongs to, the computation of the log may be approximated using - // the fact that the log to the base 2 of powers of 2 can be computed at a low cost from the binary representation of - // the input value. Other values can be approximated by interpolating between successive powers of 2 (linearly, - // quadratically or cubically). - // NONE means that the log is to be computed exactly (no interpolation). - Interpolation IndexMapping_Interpolation `protobuf:"varint,3,opt,name=interpolation,proto3,enum=IndexMapping_Interpolation" json:"interpolation,omitempty"` -} - -func (x *IndexMapping) Reset() { - *x = IndexMapping{} - if protoimpl.UnsafeEnabled { - mi := &file_ddsketch_proto_msgTypes[1] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *IndexMapping) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*IndexMapping) ProtoMessage() {} - -func (x *IndexMapping) ProtoReflect() protoreflect.Message { - mi := &file_ddsketch_proto_msgTypes[1] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use IndexMapping.ProtoReflect.Descriptor instead. -func (*IndexMapping) Descriptor() ([]byte, []int) { - return file_ddsketch_proto_rawDescGZIP(), []int{1} -} - -func (x *IndexMapping) GetGamma() float64 { - if x != nil { - return x.Gamma - } - return 0 -} - -func (x *IndexMapping) GetIndexOffset() float64 { - if x != nil { - return x.IndexOffset - } - return 0 -} - -func (x *IndexMapping) GetInterpolation() IndexMapping_Interpolation { - if x != nil { - return x.Interpolation - } - return IndexMapping_NONE -} - -// A Store maps bin indexes to their respective counts. -// Counts can be encoded sparsely using binCounts, but also in a contiguous way using contiguousBinCounts and -// contiguousBinIndexOffset. Given that non-empty bins are in practice usually contiguous or close to one another, the -// latter contiguous encoding method is usually more efficient than the sparse one. -// Both encoding methods can be used conjointly. If a bin appears in both the sparse and the contiguous encodings, its -// count value is the sum of the counts in each encodings. -type Store struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - // The bin counts, encoded sparsely. - BinCounts map[int32]float64 `protobuf:"bytes,1,rep,name=binCounts,proto3" json:"binCounts,omitempty" protobuf_key:"zigzag32,1,opt,name=key,proto3" protobuf_val:"fixed64,2,opt,name=value,proto3"` - // The bin counts, encoded contiguously. The values of contiguousBinCounts are the counts for the bins of indexes - // o, o+1, o+2, etc., where o is contiguousBinIndexOffset. - ContiguousBinCounts []float64 `protobuf:"fixed64,2,rep,packed,name=contiguousBinCounts,proto3" json:"contiguousBinCounts,omitempty"` - ContiguousBinIndexOffset int32 `protobuf:"zigzag32,3,opt,name=contiguousBinIndexOffset,proto3" json:"contiguousBinIndexOffset,omitempty"` -} - -func (x *Store) Reset() { - *x = Store{} - if protoimpl.UnsafeEnabled { - mi := &file_ddsketch_proto_msgTypes[2] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *Store) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*Store) ProtoMessage() {} - -func (x *Store) ProtoReflect() protoreflect.Message { - mi := &file_ddsketch_proto_msgTypes[2] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use Store.ProtoReflect.Descriptor instead. -func (*Store) Descriptor() ([]byte, []int) { - return file_ddsketch_proto_rawDescGZIP(), []int{2} -} - -func (x *Store) GetBinCounts() map[int32]float64 { - if x != nil { - return x.BinCounts - } - return nil -} - -func (x *Store) GetContiguousBinCounts() []float64 { - if x != nil { - return x.ContiguousBinCounts - } - return nil -} - -func (x *Store) GetContiguousBinIndexOffset() int32 { - if x != nil { - return x.ContiguousBinIndexOffset - } - return 0 -} - -var File_ddsketch_proto protoreflect.FileDescriptor - -var file_ddsketch_proto_rawDesc = []byte{ - 0x0a, 0x0e, 0x64, 0x64, 0x73, 0x6b, 0x65, 0x74, 0x63, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x22, 0xb1, 0x01, 0x0a, 0x08, 0x44, 0x44, 0x53, 0x6b, 0x65, 0x74, 0x63, 0x68, 0x12, 0x27, 0x0a, - 0x07, 0x6d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0d, - 0x2e, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x4d, 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x52, 0x07, 0x6d, - 0x61, 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x2e, 0x0a, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, - 0x76, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x06, - 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x65, 0x52, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, - 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x12, 0x2e, 0x0a, 0x0e, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, - 0x76, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x06, - 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x65, 0x52, 0x0e, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, - 0x56, 0x61, 0x6c, 0x75, 0x65, 0x73, 0x12, 0x1c, 0x0a, 0x09, 0x7a, 0x65, 0x72, 0x6f, 0x43, 0x6f, - 0x75, 0x6e, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, 0x52, 0x09, 0x7a, 0x65, 0x72, 0x6f, 0x43, - 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xca, 0x01, 0x0a, 0x0c, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x4d, 0x61, - 0x70, 0x70, 0x69, 0x6e, 0x67, 0x12, 0x14, 0x0a, 0x05, 0x67, 0x61, 0x6d, 0x6d, 0x61, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x67, 0x61, 0x6d, 0x6d, 0x61, 0x12, 0x20, 0x0a, 0x0b, 0x69, - 0x6e, 0x64, 0x65, 0x78, 0x4f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, - 0x52, 0x0b, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x4f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x41, 0x0a, - 0x0d, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x6f, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x0e, 0x32, 0x1b, 0x2e, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x4d, 0x61, 0x70, 0x70, - 0x69, 0x6e, 0x67, 0x2e, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x6f, 0x6c, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x52, 0x0d, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x6f, 0x6c, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x22, 0x3f, 0x0a, 0x0d, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x6f, 0x6c, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x4f, 0x4e, 0x45, 0x10, 0x00, 0x12, 0x0a, 0x0a, 0x06, 0x4c, - 0x49, 0x4e, 0x45, 0x41, 0x52, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x51, 0x55, 0x41, 0x44, 0x52, - 0x41, 0x54, 0x49, 0x43, 0x10, 0x02, 0x12, 0x09, 0x0a, 0x05, 0x43, 0x55, 0x42, 0x49, 0x43, 0x10, - 0x03, 0x22, 0xec, 0x01, 0x0a, 0x05, 0x53, 0x74, 0x6f, 0x72, 0x65, 0x12, 0x33, 0x0a, 0x09, 0x62, - 0x69, 0x6e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x15, - 0x2e, 0x53, 0x74, 0x6f, 0x72, 0x65, 0x2e, 0x42, 0x69, 0x6e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x73, - 0x45, 0x6e, 0x74, 0x72, 0x79, 0x52, 0x09, 0x62, 0x69, 0x6e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x73, - 0x12, 0x34, 0x0a, 0x13, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x67, 0x75, 0x6f, 0x75, 0x73, 0x42, 0x69, - 0x6e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x01, 0x42, 0x02, 0x10, - 0x01, 0x52, 0x13, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x67, 0x75, 0x6f, 0x75, 0x73, 0x42, 0x69, 0x6e, - 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x73, 0x12, 0x3a, 0x0a, 0x18, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x67, - 0x75, 0x6f, 0x75, 0x73, 0x42, 0x69, 0x6e, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x4f, 0x66, 0x66, 0x73, - 0x65, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x11, 0x52, 0x18, 0x63, 0x6f, 0x6e, 0x74, 0x69, 0x67, - 0x75, 0x6f, 0x75, 0x73, 0x42, 0x69, 0x6e, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x4f, 0x66, 0x66, 0x73, - 0x65, 0x74, 0x1a, 0x3c, 0x0a, 0x0e, 0x42, 0x69, 0x6e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x73, 0x45, - 0x6e, 0x74, 0x72, 0x79, 0x12, 0x10, 0x0a, 0x03, 0x6b, 0x65, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x11, 0x52, 0x03, 0x6b, 0x65, 0x79, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x3a, 0x02, 0x38, 0x01, - 0x42, 0x35, 0x5a, 0x33, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x44, - 0x61, 0x74, 0x61, 0x44, 0x6f, 0x67, 0x2f, 0x73, 0x6b, 0x65, 0x74, 0x63, 0x68, 0x65, 0x73, 0x2d, - 0x67, 0x6f, 0x2f, 0x64, 0x64, 0x73, 0x6b, 0x65, 0x74, 0x63, 0x68, 0x2f, 0x70, 0x62, 0x2f, 0x73, - 0x6b, 0x65, 0x74, 0x63, 0x68, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_ddsketch_proto_rawDescOnce sync.Once - file_ddsketch_proto_rawDescData = file_ddsketch_proto_rawDesc -) - -func file_ddsketch_proto_rawDescGZIP() []byte { - file_ddsketch_proto_rawDescOnce.Do(func() { - file_ddsketch_proto_rawDescData = protoimpl.X.CompressGZIP(file_ddsketch_proto_rawDescData) - }) - return file_ddsketch_proto_rawDescData -} - -var file_ddsketch_proto_enumTypes = make([]protoimpl.EnumInfo, 1) -var file_ddsketch_proto_msgTypes = make([]protoimpl.MessageInfo, 4) -var file_ddsketch_proto_goTypes = []interface{}{ - (IndexMapping_Interpolation)(0), // 0: IndexMapping.Interpolation - (*DDSketch)(nil), // 1: DDSketch - (*IndexMapping)(nil), // 2: IndexMapping - (*Store)(nil), // 3: Store - nil, // 4: Store.BinCountsEntry -} -var file_ddsketch_proto_depIdxs = []int32{ - 2, // 0: DDSketch.mapping:type_name -> IndexMapping - 3, // 1: DDSketch.positiveValues:type_name -> Store - 3, // 2: DDSketch.negativeValues:type_name -> Store - 0, // 3: IndexMapping.interpolation:type_name -> IndexMapping.Interpolation - 4, // 4: Store.binCounts:type_name -> Store.BinCountsEntry - 5, // [5:5] is the sub-list for method output_type - 5, // [5:5] is the sub-list for method input_type - 5, // [5:5] is the sub-list for extension type_name - 5, // [5:5] is the sub-list for extension extendee - 0, // [0:5] is the sub-list for field type_name -} - -func init() { file_ddsketch_proto_init() } -func file_ddsketch_proto_init() { - if File_ddsketch_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_ddsketch_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*DDSketch); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_ddsketch_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*IndexMapping); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - file_ddsketch_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Store); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_ddsketch_proto_rawDesc, - NumEnums: 1, - NumMessages: 4, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_ddsketch_proto_goTypes, - DependencyIndexes: file_ddsketch_proto_depIdxs, - EnumInfos: file_ddsketch_proto_enumTypes, - MessageInfos: file_ddsketch_proto_msgTypes, - }.Build() - File_ddsketch_proto = out.File - file_ddsketch_proto_rawDesc = nil - file_ddsketch_proto_goTypes = nil - file_ddsketch_proto_depIdxs = nil -} diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/stat/summary.go b/vendor/github.com/DataDog/sketches-go/ddsketch/stat/summary.go deleted file mode 100644 index 5d56f394..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/stat/summary.go +++ /dev/null @@ -1,171 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package stat - -import ( - "fmt" - "math" -) - -// SummaryStatistics keeps track of the count, the sum, the min and the max of -// recorded values. We use a compensated sum to avoid accumulating rounding -// errors (see https://en.wikipedia.org/wiki/Kahan_summation_algorithm). -type SummaryStatistics struct { - count float64 - sum float64 - sumCompensation float64 - simpleSum float64 - min float64 - max float64 -} - -func NewSummaryStatistics() *SummaryStatistics { - return &SummaryStatistics{ - count: 0, - sum: 0, - sumCompensation: 0, - simpleSum: 0, - min: math.Inf(1), - max: math.Inf(-1), - } -} - -// NewSummaryStatisticsFromData constructs SummaryStatistics from the provided data. -func NewSummaryStatisticsFromData(count, sum, min, max float64) (*SummaryStatistics, error) { - if !(count >= 0) { - return nil, fmt.Errorf("count (%g) must be positive or zero", count) - } - if count > 0 && min > max { - return nil, fmt.Errorf("min (%g) cannot be greater than max (%g) if count (%g) is positive", min, max, count) - } - if count == 0 && (min != math.Inf(1) || max != math.Inf(-1)) { - return nil, fmt.Errorf("empty summary statistics must have min (%g) and max (%g) equal to positive and negative infinities respectively", min, max) - } - return &SummaryStatistics{ - count: count, - sum: sum, - sumCompensation: 0, - simpleSum: sum, - min: min, - max: max, - }, nil -} - -func (s *SummaryStatistics) Count() float64 { - return s.count -} - -func (s *SummaryStatistics) Sum() float64 { - // Better error bounds to add both terms as the final sum - tmp := s.sum + s.sumCompensation - if math.IsNaN(tmp) && math.IsInf(s.simpleSum, 0) { - // If the compensated sum is spuriously NaN from accumulating one or more same-signed infinite - // values, return the correctly-signed infinity stored in simpleSum. - return s.simpleSum - } else { - return tmp - } -} - -func (s *SummaryStatistics) Min() float64 { - return s.min -} - -func (s *SummaryStatistics) Max() float64 { - return s.max -} - -func (s *SummaryStatistics) Add(value, count float64) { - s.AddToCount(count) - s.AddToSum(value * count) - if value < s.min { - s.min = value - } - if value > s.max { - s.max = value - } -} - -func (s *SummaryStatistics) AddToCount(addend float64) { - s.count += addend -} - -func (s *SummaryStatistics) AddToSum(addend float64) { - s.sumWithCompensation(addend) - s.simpleSum += addend -} - -func (s *SummaryStatistics) MergeWith(o *SummaryStatistics) { - s.count += o.count - s.sumWithCompensation(o.sum) - s.sumWithCompensation(o.sumCompensation) - s.simpleSum += o.simpleSum - if o.min < s.min { - s.min = o.min - } - if o.max > s.max { - s.max = o.max - } -} - -func (s *SummaryStatistics) sumWithCompensation(value float64) { - tmp := value - s.sumCompensation - velvel := s.sum + tmp // little wolf of rounding error - s.sumCompensation = velvel - s.sum - tmp - s.sum = velvel -} - -// Reweight adjusts the statistics so that they are equal to what they would -// have been if AddWithCount had been called with counts multiplied by factor. -func (s *SummaryStatistics) Reweight(factor float64) { - s.count *= factor - s.sum *= factor - s.sumCompensation *= factor - s.simpleSum *= factor - if factor == 0 { - s.min = math.Inf(1) - s.max = math.Inf(-1) - } -} - -// Rescale adjusts the statistics so that they are equal to what they would have -// been if AddWithCount had been called with values multiplied by factor. -func (s *SummaryStatistics) Rescale(factor float64) { - s.sum *= factor - s.sumCompensation *= factor - s.simpleSum *= factor - if factor > 0 { - s.min *= factor - s.max *= factor - } else if factor < 0 { - tmp := s.max * factor - s.max = s.min * factor - s.min = tmp - } else if s.count != 0 { - s.min = 0 - s.max = 0 - } -} - -func (s *SummaryStatistics) Clear() { - s.count = 0 - s.sum = 0 - s.sumCompensation = 0 - s.simpleSum = 0 - s.min = math.Inf(1) - s.max = math.Inf(-1) -} - -func (s *SummaryStatistics) Copy() *SummaryStatistics { - return &SummaryStatistics{ - count: s.count, - sum: s.sum, - sumCompensation: s.sumCompensation, - simpleSum: s.simpleSum, - min: s.min, - max: s.max, - } -} diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/store/bin.go b/vendor/github.com/DataDog/sketches-go/ddsketch/store/bin.go deleted file mode 100644 index 19843ba9..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/store/bin.go +++ /dev/null @@ -1,28 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package store - -import "errors" - -type Bin struct { - index int - count float64 -} - -func NewBin(index int, count float64) (*Bin, error) { - if count < 0 { - return nil, errors.New("The count cannot be negative") - } - return &Bin{index: index, count: count}, nil -} - -func (b Bin) Index() int { - return b.index -} - -func (b Bin) Count() float64 { - return b.count -} diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/store/buffered_paginated.go b/vendor/github.com/DataDog/sketches-go/ddsketch/store/buffered_paginated.go deleted file mode 100644 index 11a56f91..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/store/buffered_paginated.go +++ /dev/null @@ -1,667 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package store - -import ( - "errors" - "sort" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" -) - -const ( - ptrSize = 32 << (^uintptr(0) >> 63) - intSize = 32 << (^uint(0) >> 63) - float64size = 64 - bufferEntrySize = intSize - countSize = float64size - - defaultPageLenLog2 = 5 // pageLen = 32 -) - -// BufferedPaginatedStore allocates storage for counts in aligned fixed-size -// pages, themselves stored in a dynamically-sized slice. A page encodes the -// counts for a contiguous range of indexes, and two pages that are contiguous -// in the slice encode ranges that are contiguous. In addition, input indexes -// that are added to the store with a count equal to 1 can be stored in a -// buffer. -// The store favors using the buffer and only creates pages when the memory size -// of the page is no greater than the memory space that is needed to keep in the -// buffer the indexes that could otherwise be encoded in that page. That means -// that some indexes may stay indefinitely in the buffer if, to be removed from -// the buffer, they would create a page that is almost empty. The process that -// transfers indexes from the buffer to pages is called compaction. -// This store never collapses or merges bins, therefore, it does not introduce -// any error in itself. In particular, MinIndex(), MaxIndex(), Bins() and -// KeyAtRank() return exact results. -// There is no upper bound on the memory size that this store needs to encode -// input indexes, and some input data distributions may make it reach large -// sizes. However, thanks to the buffer and the fact that only required pages -// are allocated, it can be much more space efficient than alternative stores, -// especially dense stores, in various situations, including when only few -// indexes are added (with their counts equal to 1), when the input data has a -// few outliers or when the input data distribution is multimodal. -type BufferedPaginatedStore struct { - buffer []int // FIXME: in practice, int32 (even int16, depending on the accuracy parameter) is enough - bufferCompactionTriggerLen int // compaction happens only after this buffer length is reached - - pages [][]float64 // len == cap, the slice is always used to its maximum capacity - minPageIndex int // minPageIndex == maxInt iff pages are unused (they may still be allocated) - pageLenLog2 int - pageLenMask int -} - -func NewBufferedPaginatedStore() *BufferedPaginatedStore { - initialBufferCapacity := 4 - pageLenLog2 := defaultPageLenLog2 - pageLen := 1 << pageLenLog2 - - return &BufferedPaginatedStore{ - buffer: make([]int, 0, initialBufferCapacity), - bufferCompactionTriggerLen: 2 * pageLen, - pages: nil, - minPageIndex: maxInt, - pageLenLog2: pageLenLog2, - pageLenMask: pageLen - 1, - } -} - -// pageIndex returns the page number the given index falls on. -func (s *BufferedPaginatedStore) pageIndex(index int) int { - return index >> s.pageLenLog2 -} - -// lineIndex returns the line number within a page that the given index falls on. -func (s *BufferedPaginatedStore) lineIndex(index int) int { - return index & s.pageLenMask -} - -// index returns the store-level index for a given page number and a line within that page. -func (s *BufferedPaginatedStore) index(pageIndex, lineIndex int) int { - return pageIndex<= s.minPageIndex && pageIndex < s.minPageIndex+len(s.pages) { - // No need to extend s.pages. - page := &s.pages[pageIndex-s.minPageIndex] - if ensureExists && len(*page) == 0 { - *page = append(*page, make([]float64, pageLen)...) - } - return *page - } - - if !ensureExists { - return nil - } - - if pageIndex < s.minPageIndex { - if s.minPageIndex == maxInt { - if len(s.pages) == 0 { - s.pages = append(s.pages, make([][]float64, s.newPagesLen(1))...) - } - s.minPageIndex = pageIndex - len(s.pages)/2 - } else { - // Extends s.pages left. - newLen := s.newPagesLen(s.minPageIndex - pageIndex + 1 + len(s.pages)) - addedLen := newLen - len(s.pages) - s.pages = append(s.pages, make([][]float64, addedLen)...) - copy(s.pages[addedLen:], s.pages) - for i := 0; i < addedLen; i++ { - s.pages[i] = nil - } - s.minPageIndex -= addedLen - } - } else { - // Extends s.pages right. - s.pages = append(s.pages, make([][]float64, s.newPagesLen(pageIndex-s.minPageIndex+1)-len(s.pages))...) - } - - page := &s.pages[pageIndex-s.minPageIndex] - if len(*page) == 0 { - *page = append(*page, make([]float64, pageLen)...) - } - return *page -} - -func (s *BufferedPaginatedStore) newPagesLen(required int) int { - // Grow in size by multiples of 64 bytes - pageGrowthIncrement := 64 * 8 / ptrSize - return (required + pageGrowthIncrement - 1) & -pageGrowthIncrement -} - -// compact transfers indexes from the buffer to the pages. It only creates new -// pages if they can encode enough buffered indexes so that it frees more space -// in the buffer than the new page takes. -func (s *BufferedPaginatedStore) compact() { - pageLen := 1 << s.pageLenLog2 - - s.sortBuffer() - - for bufferPos := 0; bufferPos < len(s.buffer); { - bufferPageStart := bufferPos - pageIndex := s.pageIndex(s.buffer[bufferPageStart]) - bufferPos++ - for bufferPos < len(s.buffer) && s.pageIndex(s.buffer[bufferPos]) == pageIndex { - bufferPos++ - } - bufferPageEnd := bufferPos - - // We avoid creating a new page if it would take more memory space than - // what we would free in the buffer. Note that even when the page itself - // takes less memory space than the buffered indexes that can be encoded - // in the page, because we may have to extend s.pages, the store may end - // up larger. However, for the sake of simplicity, we ignore the length - // of s.pages. - ensureExists := (bufferPageEnd-bufferPageStart)*bufferEntrySize >= pageLen*float64size - newPage := s.page(pageIndex, ensureExists) - if len(newPage) > 0 { - for _, index := range s.buffer[bufferPageStart:bufferPageEnd] { - newPage[s.lineIndex(index)]++ - } - copy(s.buffer[bufferPageStart:], s.buffer[bufferPageEnd:]) - s.buffer = s.buffer[:len(s.buffer)+bufferPageStart-bufferPageEnd] - bufferPos = bufferPageStart - } - } - - s.bufferCompactionTriggerLen = len(s.buffer) + pageLen -} - -func (s *BufferedPaginatedStore) sortBuffer() { - sort.Ints(s.buffer) -} - -func (s *BufferedPaginatedStore) Add(index int) { - pageIndex := s.pageIndex(index) - if pageIndex >= s.minPageIndex && pageIndex < s.minPageIndex+len(s.pages) { - page := s.pages[pageIndex-s.minPageIndex] - if len(page) > 0 { - page[s.lineIndex(index)]++ - return - } - } - - // The page does not exist, use the buffer. - if len(s.buffer) == cap(s.buffer) && len(s.buffer) >= s.bufferCompactionTriggerLen { - s.compact() - } - - s.buffer = append(s.buffer, index) -} - -func (s *BufferedPaginatedStore) AddBin(bin Bin) { - s.AddWithCount(bin.Index(), bin.Count()) -} - -func (s *BufferedPaginatedStore) AddWithCount(index int, count float64) { - if count == 0 { - return - } else if count == 1 { - s.Add(index) - } else { - s.page(s.pageIndex(index), true)[s.lineIndex(index)] += count - } -} - -func (s *BufferedPaginatedStore) IsEmpty() bool { - if len(s.buffer) > 0 { - return false - } - for _, page := range s.pages { - for _, count := range page { - if count > 0 { - return false - } - } - } - return true -} - -func (s *BufferedPaginatedStore) TotalCount() float64 { - totalCount := float64(len(s.buffer)) - for _, page := range s.pages { - for _, count := range page { - totalCount += count - } - } - return totalCount -} - -func (s *BufferedPaginatedStore) MinIndex() (int, error) { - isEmpty := true - - // Iterate over the buffer. - var minIndex int - for _, index := range s.buffer { - if isEmpty || index < minIndex { - isEmpty = false - minIndex = index - } - } - - // Iterate over the pages. - for pageIndex := s.minPageIndex; pageIndex < s.minPageIndex+len(s.pages) && (isEmpty || pageIndex <= s.pageIndex(minIndex)); pageIndex++ { - page := s.pages[pageIndex-s.minPageIndex] - if len(page) == 0 { - continue - } - - var lineIndexRangeEnd int - if !isEmpty && pageIndex == s.pageIndex(minIndex) { - lineIndexRangeEnd = s.lineIndex(minIndex) - } else { - lineIndexRangeEnd = 1 << s.pageLenLog2 - } - - for lineIndex := 0; lineIndex < lineIndexRangeEnd; lineIndex++ { - if page[lineIndex] > 0 { - return s.index(pageIndex, lineIndex), nil - } - } - } - - if isEmpty { - return 0, errUndefinedMinIndex - } else { - return minIndex, nil - } -} - -func (s *BufferedPaginatedStore) MaxIndex() (int, error) { - isEmpty := true - - // Iterate over the buffer. - var maxIndex int - for _, index := range s.buffer { - if isEmpty || index > maxIndex { - isEmpty = false - maxIndex = index - } - } - - // Iterate over the pages. - for pageIndex := s.minPageIndex + len(s.pages) - 1; pageIndex >= s.minPageIndex && (isEmpty || pageIndex >= s.pageIndex(maxIndex)); pageIndex-- { - page := s.pages[pageIndex-s.minPageIndex] - if len(page) == 0 { - continue - } - - var lineIndexRangeStart int - if !isEmpty && pageIndex == s.pageIndex(maxIndex) { - lineIndexRangeStart = s.lineIndex(maxIndex) - } else { - lineIndexRangeStart = 0 - } - - for lineIndex := len(page) - 1; lineIndex >= lineIndexRangeStart; lineIndex-- { - if page[lineIndex] > 0 { - return s.index(pageIndex, lineIndex), nil - } - } - } - - if isEmpty { - return 0, errUndefinedMaxIndex - } else { - return maxIndex, nil - } -} - -func (s *BufferedPaginatedStore) KeyAtRank(rank float64) int { - if rank < 0 { - rank = 0 - } - key, err := s.minIndexWithCumulCount(func(cumulCount float64) bool { - return cumulCount > rank - }) - - if err != nil { - maxIndex, err := s.MaxIndex() - if err == nil { - return maxIndex - } else { - // FIXME: make Store's KeyAtRank consistent with MinIndex and MaxIndex - return 0 - } - } - return key -} - -// minIndexWithCumulCount returns the minimum index whose cumulative count (that -// is, the sum of the counts associated with the indexes less than or equal to -// the index) verifies the predicate. -func (s *BufferedPaginatedStore) minIndexWithCumulCount(predicate func(float64) bool) (int, error) { - s.sortBuffer() - cumulCount := float64(0) - - // Iterate over the pages and the buffer simultaneously. - bufferPos := 0 - for pageOffset, page := range s.pages { - for lineIndex, count := range page { - index := s.index(s.minPageIndex+pageOffset, lineIndex) - - // Iterate over the buffer until index is reached. - for ; bufferPos < len(s.buffer) && s.buffer[bufferPos] < index; bufferPos++ { - cumulCount++ - if predicate(cumulCount) { - return s.buffer[bufferPos], nil - } - } - cumulCount += count - if predicate(cumulCount) { - return index, nil - } - } - } - - // Iterate over the rest of the buffer - for ; bufferPos < len(s.buffer); bufferPos++ { - cumulCount++ - if predicate(cumulCount) { - return s.buffer[bufferPos], nil - } - } - - return 0, errors.New("the predicate on the cumulative count is never verified") -} - -func (s *BufferedPaginatedStore) MergeWith(other Store) { - o, ok := other.(*BufferedPaginatedStore) - if ok && s.pageLenLog2 == o.pageLenLog2 { - // Merge pages. - for oPageOffset, oPage := range o.pages { - if len(oPage) == 0 { - continue - } - oPageIndex := o.minPageIndex + oPageOffset - page := s.page(oPageIndex, true) - for i, oCount := range oPage { - page[i] += oCount - } - } - - // Merge buffers. - for _, index := range o.buffer { - s.Add(index) - } - } else { - // Fallback merging. - other.ForEach(func(index int, count float64) (stop bool) { - s.AddWithCount(index, count) - return false - }) - } -} - -func (s *BufferedPaginatedStore) MergeWithProto(pb *sketchpb.Store) { - for index, count := range pb.BinCounts { - s.AddWithCount(int(index), count) - } - for indexOffset, count := range pb.ContiguousBinCounts { - s.AddWithCount(int(pb.ContiguousBinIndexOffset)+indexOffset, count) - } -} - -func (s *BufferedPaginatedStore) Bins() <-chan Bin { - s.sortBuffer() - ch := make(chan Bin) - go func() { - defer close(ch) - bufferPos := 0 - - // Iterate over the pages and the buffer simultaneously. - for pageOffset, page := range s.pages { - for lineIndex, count := range page { - if count == 0 { - continue - } - - index := s.index(s.minPageIndex+pageOffset, lineIndex) - - // Iterate over the buffer until index is reached. - var indexBufferStartPos int - for { - indexBufferStartPos = bufferPos - if indexBufferStartPos >= len(s.buffer) || s.buffer[indexBufferStartPos] > index { - break - } - bufferPos++ - for bufferPos < len(s.buffer) && s.buffer[bufferPos] == s.buffer[indexBufferStartPos] { - bufferPos++ - } - if s.buffer[indexBufferStartPos] == index { - break - } - ch <- Bin{index: s.buffer[indexBufferStartPos], count: float64(bufferPos - indexBufferStartPos)} - } - ch <- Bin{index: index, count: count + float64(bufferPos-indexBufferStartPos)} - } - } - - // Iterate over the rest of the buffer. - for bufferPos < len(s.buffer) { - indexBufferStartPos := bufferPos - bufferPos++ - for bufferPos < len(s.buffer) && s.buffer[bufferPos] == s.buffer[indexBufferStartPos] { - bufferPos++ - } - bin := Bin{index: s.buffer[indexBufferStartPos], count: float64(bufferPos - indexBufferStartPos)} - ch <- bin - } - }() - return ch -} - -func (s *BufferedPaginatedStore) ForEach(f func(index int, count float64) (stop bool)) { - s.sortBuffer() - bufferPos := 0 - - // Iterate over the pages and the buffer simultaneously. - for pageOffset, page := range s.pages { - for lineIndex, count := range page { - if count == 0 { - continue - } - - index := s.index(s.minPageIndex+pageOffset, lineIndex) - - // Iterate over the buffer until index is reached. - var indexBufferStartPos int - for { - indexBufferStartPos = bufferPos - if indexBufferStartPos >= len(s.buffer) || s.buffer[indexBufferStartPos] > index { - break - } - bufferPos++ - for bufferPos < len(s.buffer) && s.buffer[bufferPos] == s.buffer[indexBufferStartPos] { - bufferPos++ - } - if s.buffer[indexBufferStartPos] == index { - break - } - if f(s.buffer[indexBufferStartPos], float64(bufferPos-indexBufferStartPos)) { - return - } - } - if f(index, count+float64(bufferPos-indexBufferStartPos)) { - return - } - } - } - - // Iterate over the rest of the buffer. - for bufferPos < len(s.buffer) { - indexBufferStartPos := bufferPos - bufferPos++ - for bufferPos < len(s.buffer) && s.buffer[bufferPos] == s.buffer[indexBufferStartPos] { - bufferPos++ - } - if f(s.buffer[indexBufferStartPos], float64(bufferPos-indexBufferStartPos)) { - return - } - } -} - -func (s *BufferedPaginatedStore) Copy() Store { - bufferCopy := make([]int, len(s.buffer)) - copy(bufferCopy, s.buffer) - pagesCopy := make([][]float64, len(s.pages)) - for i, page := range s.pages { - if len(page) > 0 { - pageCopy := make([]float64, len(page)) - copy(pageCopy, page) - pagesCopy[i] = pageCopy - } - } - return &BufferedPaginatedStore{ - buffer: bufferCopy, - bufferCompactionTriggerLen: s.bufferCompactionTriggerLen, - pages: pagesCopy, - minPageIndex: s.minPageIndex, - pageLenLog2: s.pageLenLog2, - pageLenMask: s.pageLenMask, - } -} - -func (s *BufferedPaginatedStore) Clear() { - s.buffer = s.buffer[:0] - for i := range s.pages { - s.pages[i] = s.pages[i][:0] - } - s.minPageIndex = maxInt -} - -func (s *BufferedPaginatedStore) ToProto() *sketchpb.Store { - if s.IsEmpty() { - return &sketchpb.Store{} - } - // FIXME: add heuristic to use contiguousBinCounts when cheaper. - binCounts := make(map[int32]float64) - s.ForEach(func(index int, count float64) (stop bool) { - binCounts[int32(index)] = count - return false - }) - return &sketchpb.Store{ - BinCounts: binCounts, - } -} - -func (s *BufferedPaginatedStore) Reweight(w float64) error { - if w <= 0 { - return errors.New("can't reweight by a negative factor") - } - if w == 1 { - return nil - } - buffer := s.buffer - s.buffer = s.buffer[:0] - for _, p := range s.pages { - for i := range p { - p[i] *= w - } - } - for _, index := range buffer { - s.AddWithCount(index, w) - } - return nil -} - -func (s *BufferedPaginatedStore) Encode(b *[]byte, t enc.FlagType) { - s.compact() - if len(s.buffer) > 0 { - enc.EncodeFlag(b, enc.NewFlag(t, enc.BinEncodingIndexDeltas)) - enc.EncodeUvarint64(b, uint64(len(s.buffer))) - previousIndex := 0 - for _, index := range s.buffer { - enc.EncodeVarint64(b, int64(index-previousIndex)) - previousIndex = index - } - } - - for pageOffset, page := range s.pages { - if len(page) > 0 { - enc.EncodeFlag(b, enc.NewFlag(t, enc.BinEncodingContiguousCounts)) - enc.EncodeUvarint64(b, uint64(len(page))) - enc.EncodeVarint64(b, int64(s.index(s.minPageIndex+pageOffset, 0))) - enc.EncodeVarint64(b, 1) - for _, count := range page { - enc.EncodeVarfloat64(b, count) - } - } - } -} - -func (s *BufferedPaginatedStore) DecodeAndMergeWith(b *[]byte, encodingMode enc.SubFlag) error { - switch encodingMode { - - case enc.BinEncodingIndexDeltas: - numBins, err := enc.DecodeUvarint64(b) - if err != nil { - return err - } - remaining := int(numBins) - index := int64(0) - // Process indexes in batches to avoid checking after each insertion - // whether compaction should happen. - for { - batchSize := min(remaining, max(cap(s.buffer), s.bufferCompactionTriggerLen)-len(s.buffer)) - for i := 0; i < batchSize; i++ { - indexDelta, err := enc.DecodeVarint64(b) - if err != nil { - return err - } - index += indexDelta - s.buffer = append(s.buffer, int(index)) - } - remaining -= batchSize - if remaining == 0 { - return nil - } - s.compact() - } - - case enc.BinEncodingContiguousCounts: - numBins, err := enc.DecodeUvarint64(b) - if err != nil { - return err - } - indexOffset, err := enc.DecodeVarint64(b) - if err != nil { - return err - } - indexDelta, err := enc.DecodeVarint64(b) - if err != nil { - return err - } - pageLen := 1 << s.pageLenLog2 - for i := uint64(0); i < numBins; { - page := s.page(s.pageIndex(int(indexOffset)), true) - lineIndex := s.lineIndex(int(indexOffset)) - for lineIndex >= 0 && lineIndex < pageLen && i < numBins { - count, err := enc.DecodeVarfloat64(b) - if err != nil { - return err - } - page[lineIndex] += count - lineIndex += int(indexDelta) - indexOffset += indexDelta - i++ - } - } - return nil - - default: - return DecodeAndMergeWith(s, b, encodingMode) - } -} - -var _ Store = (*BufferedPaginatedStore)(nil) diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/store/collapsing_highest_dense_store.go b/vendor/github.com/DataDog/sketches-go/ddsketch/store/collapsing_highest_dense_store.go deleted file mode 100644 index 2a431a17..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/store/collapsing_highest_dense_store.go +++ /dev/null @@ -1,188 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package store - -import ( - "math" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" -) - -type CollapsingHighestDenseStore struct { - DenseStore - maxNumBins int - isCollapsed bool -} - -func NewCollapsingHighestDenseStore(maxNumBins int) *CollapsingHighestDenseStore { - return &CollapsingHighestDenseStore{ - DenseStore: DenseStore{minIndex: math.MaxInt32, maxIndex: math.MinInt32}, - maxNumBins: maxNumBins, - isCollapsed: false, - } -} - -func (s *CollapsingHighestDenseStore) Add(index int) { - s.AddWithCount(index, float64(1)) -} - -func (s *CollapsingHighestDenseStore) AddBin(bin Bin) { - index := bin.Index() - count := bin.Count() - if count == 0 { - return - } - s.AddWithCount(index, count) -} - -func (s *CollapsingHighestDenseStore) AddWithCount(index int, count float64) { - if count == 0 { - return - } - arrayIndex := s.normalize(index) - s.bins[arrayIndex] += count - s.count += count -} - -// Normalize the store, if necessary, so that the counter of the specified index can be updated. -func (s *CollapsingHighestDenseStore) normalize(index int) int { - if index > s.maxIndex { - if s.isCollapsed { - return len(s.bins) - 1 - } else { - s.extendRange(index, index) - if s.isCollapsed { - return len(s.bins) - 1 - } - } - } else if index < s.minIndex { - s.extendRange(index, index) - } - return index - s.offset -} - -func (s *CollapsingHighestDenseStore) getNewLength(newMinIndex, newMaxIndex int) int { - return min(s.DenseStore.getNewLength(newMinIndex, newMaxIndex), s.maxNumBins) -} - -func (s *CollapsingHighestDenseStore) extendRange(newMinIndex, newMaxIndex int) { - newMinIndex = min(newMinIndex, s.minIndex) - newMaxIndex = max(newMaxIndex, s.maxIndex) - if s.IsEmpty() { - initialLength := s.getNewLength(newMinIndex, newMaxIndex) - s.bins = append(s.bins, make([]float64, initialLength)...) - s.offset = newMinIndex - s.minIndex = newMinIndex - s.maxIndex = newMaxIndex - s.adjust(newMinIndex, newMaxIndex) - } else if newMinIndex >= s.offset && newMaxIndex < s.offset+len(s.bins) { - s.minIndex = newMinIndex - s.maxIndex = newMaxIndex - } else { - // To avoid shifting too often when nearing the capacity of the array, - // we may grow it before we actually reach the capacity. - newLength := s.getNewLength(newMinIndex, newMaxIndex) - if newLength > len(s.bins) { - s.bins = append(s.bins, make([]float64, newLength-len(s.bins))...) - } - s.adjust(newMinIndex, newMaxIndex) - } -} - -// Adjust bins, offset, minIndex and maxIndex, without resizing the bins slice in order to make it fit the -// specified range. -func (s *CollapsingHighestDenseStore) adjust(newMinIndex, newMaxIndex int) { - if newMaxIndex-newMinIndex+1 > len(s.bins) { - // The range of indices is too wide, buckets of lowest indices need to be collapsed. - newMaxIndex = newMinIndex + len(s.bins) - 1 - if newMaxIndex <= s.minIndex { - // There will be only one non-empty bucket. - s.bins = make([]float64, len(s.bins)) - s.offset = newMinIndex - s.maxIndex = newMaxIndex - s.bins[len(s.bins)-1] = s.count - } else { - shift := s.offset - newMinIndex - if shift > 0 { - // Collapse the buckets. - n := float64(0) - for i := newMaxIndex + 1; i <= s.maxIndex; i++ { - n += s.bins[i-s.offset] - } - s.resetBins(newMaxIndex+1, s.maxIndex) - s.bins[newMaxIndex-s.offset] += n - s.maxIndex = newMaxIndex - // Shift the buckets to make room for newMinIndex. - s.shiftCounts(shift) - } else { - // Shift the buckets to make room for newMaxIndex. - s.shiftCounts(shift) - s.maxIndex = newMaxIndex - } - } - s.minIndex = newMinIndex - s.isCollapsed = true - } else { - s.centerCounts(newMinIndex, newMaxIndex) - } -} - -func (s *CollapsingHighestDenseStore) MergeWith(other Store) { - if other.IsEmpty() { - return - } - o, ok := other.(*CollapsingHighestDenseStore) - if !ok { - other.ForEach(func(index int, count float64) (stop bool) { - s.AddWithCount(index, count) - return false - }) - return - } - if o.minIndex < s.minIndex || o.maxIndex > s.maxIndex { - s.extendRange(o.minIndex, o.maxIndex) - } - idx := o.maxIndex - for ; idx > s.maxIndex && idx >= o.minIndex; idx-- { - s.bins[len(s.bins)-1] += o.bins[idx-o.offset] - } - for ; idx > o.minIndex; idx-- { - s.bins[idx-s.offset] += o.bins[idx-o.offset] - } - // This is a separate test so that the comparison in the previous loop is strict (>) and handles - // o.minIndex = Integer.MIN_VALUE. - if idx == o.minIndex { - s.bins[idx-s.offset] += o.bins[idx-o.offset] - } - s.count += o.count -} - -func (s *CollapsingHighestDenseStore) Copy() Store { - bins := make([]float64, len(s.bins)) - copy(bins, s.bins) - return &CollapsingHighestDenseStore{ - DenseStore: DenseStore{ - bins: bins, - count: s.count, - offset: s.offset, - minIndex: s.minIndex, - maxIndex: s.maxIndex, - }, - maxNumBins: s.maxNumBins, - isCollapsed: s.isCollapsed, - } -} - -func (s *CollapsingHighestDenseStore) Clear() { - s.DenseStore.Clear() - s.isCollapsed = false -} - -func (s *CollapsingHighestDenseStore) DecodeAndMergeWith(r *[]byte, encodingMode enc.SubFlag) error { - return DecodeAndMergeWith(s, r, encodingMode) -} - -var _ Store = (*CollapsingHighestDenseStore)(nil) diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/store/collapsing_lowest_dense_store.go b/vendor/github.com/DataDog/sketches-go/ddsketch/store/collapsing_lowest_dense_store.go deleted file mode 100644 index 80ae2a50..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/store/collapsing_lowest_dense_store.go +++ /dev/null @@ -1,207 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package store - -import ( - "math" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" -) - -// CollapsingLowestDenseStore is a dynamically growing contiguous (non-sparse) store. -// The lower bins get combined so that the total number of bins do not exceed maxNumBins. -type CollapsingLowestDenseStore struct { - DenseStore - maxNumBins int - isCollapsed bool -} - -func NewCollapsingLowestDenseStore(maxNumBins int) *CollapsingLowestDenseStore { - // Bins are not allocated until values are added. - // When the first value is added, a small number of bins are allocated. The number of bins will - // grow as needed up to maxNumBins. - return &CollapsingLowestDenseStore{ - DenseStore: DenseStore{minIndex: math.MaxInt32, maxIndex: math.MinInt32}, - maxNumBins: maxNumBins, - isCollapsed: false, - } -} - -func (s *CollapsingLowestDenseStore) Add(index int) { - s.AddWithCount(index, float64(1)) -} - -func (s *CollapsingLowestDenseStore) AddBin(bin Bin) { - index := bin.Index() - count := bin.Count() - if count == 0 { - return - } - s.AddWithCount(index, count) -} - -func (s *CollapsingLowestDenseStore) AddWithCount(index int, count float64) { - if count == 0 { - return - } - arrayIndex := s.normalize(index) - s.bins[arrayIndex] += count - s.count += count -} - -// Normalize the store, if necessary, so that the counter of the specified index can be updated. -func (s *CollapsingLowestDenseStore) normalize(index int) int { - if index < s.minIndex { - if s.isCollapsed { - return 0 - } else { - s.extendRange(index, index) - if s.isCollapsed { - return 0 - } - } - } else if index > s.maxIndex { - s.extendRange(index, index) - } - return index - s.offset -} - -func (s *CollapsingLowestDenseStore) getNewLength(newMinIndex, newMaxIndex int) int { - return min(s.DenseStore.getNewLength(newMinIndex, newMaxIndex), s.maxNumBins) -} - -func (s *CollapsingLowestDenseStore) extendRange(newMinIndex, newMaxIndex int) { - newMinIndex = min(newMinIndex, s.minIndex) - newMaxIndex = max(newMaxIndex, s.maxIndex) - if s.IsEmpty() { - initialLength := s.getNewLength(newMinIndex, newMaxIndex) - s.bins = append(s.bins, make([]float64, initialLength)...) - s.offset = newMinIndex - s.minIndex = newMinIndex - s.maxIndex = newMaxIndex - s.adjust(newMinIndex, newMaxIndex) - } else if newMinIndex >= s.offset && newMaxIndex < s.offset+len(s.bins) { - s.minIndex = newMinIndex - s.maxIndex = newMaxIndex - } else { - // To avoid shifting too often when nearing the capacity of the array, - // we may grow it before we actually reach the capacity. - newLength := s.getNewLength(newMinIndex, newMaxIndex) - if newLength > len(s.bins) { - s.bins = append(s.bins, make([]float64, newLength-len(s.bins))...) - } - s.adjust(newMinIndex, newMaxIndex) - } -} - -// Adjust bins, offset, minIndex and maxIndex, without resizing the bins slice in order to make it fit the -// specified range. -func (s *CollapsingLowestDenseStore) adjust(newMinIndex, newMaxIndex int) { - if newMaxIndex-newMinIndex+1 > len(s.bins) { - // The range of indices is too wide, buckets of lowest indices need to be collapsed. - newMinIndex = newMaxIndex - len(s.bins) + 1 - if newMinIndex >= s.maxIndex { - // There will be only one non-empty bucket. - s.bins = make([]float64, len(s.bins)) - s.offset = newMinIndex - s.minIndex = newMinIndex - s.bins[0] = s.count - } else { - shift := s.offset - newMinIndex - if shift < 0 { - // Collapse the buckets. - n := float64(0) - for i := s.minIndex; i < newMinIndex; i++ { - n += s.bins[i-s.offset] - } - s.resetBins(s.minIndex, newMinIndex-1) - s.bins[newMinIndex-s.offset] += n - s.minIndex = newMinIndex - // Shift the buckets to make room for newMaxIndex. - s.shiftCounts(shift) - } else { - // Shift the buckets to make room for newMinIndex. - s.shiftCounts(shift) - s.minIndex = newMinIndex - } - } - s.maxIndex = newMaxIndex - s.isCollapsed = true - } else { - s.centerCounts(newMinIndex, newMaxIndex) - } -} - -func (s *CollapsingLowestDenseStore) MergeWith(other Store) { - if other.IsEmpty() { - return - } - o, ok := other.(*CollapsingLowestDenseStore) - if !ok { - other.ForEach(func(index int, count float64) (stop bool) { - s.AddWithCount(index, count) - return false - }) - return - } - if o.minIndex < s.minIndex || o.maxIndex > s.maxIndex { - s.extendRange(o.minIndex, o.maxIndex) - } - idx := o.minIndex - for ; idx < s.minIndex && idx <= o.maxIndex; idx++ { - s.bins[0] += o.bins[idx-o.offset] - } - for ; idx < o.maxIndex; idx++ { - s.bins[idx-s.offset] += o.bins[idx-o.offset] - } - // This is a separate test so that the comparison in the previous loop is strict (<) and handles - // store.maxIndex = Integer.MAX_VALUE. - if idx == o.maxIndex { - s.bins[idx-s.offset] += o.bins[idx-o.offset] - } - s.count += o.count -} - -func (s *CollapsingLowestDenseStore) Copy() Store { - bins := make([]float64, len(s.bins)) - copy(bins, s.bins) - return &CollapsingLowestDenseStore{ - DenseStore: DenseStore{ - bins: bins, - count: s.count, - offset: s.offset, - minIndex: s.minIndex, - maxIndex: s.maxIndex, - }, - maxNumBins: s.maxNumBins, - isCollapsed: s.isCollapsed, - } -} - -func (s *CollapsingLowestDenseStore) Clear() { - s.DenseStore.Clear() - s.isCollapsed = false -} - -func (s *CollapsingLowestDenseStore) DecodeAndMergeWith(r *[]byte, encodingMode enc.SubFlag) error { - return DecodeAndMergeWith(s, r, encodingMode) -} - -var _ Store = (*CollapsingLowestDenseStore)(nil) - -func max(x, y int) int { - if x > y { - return x - } - return y -} - -func min(x, y int) int { - if x < y { - return x - } - return y -} diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/store/dense_store.go b/vendor/github.com/DataDog/sketches-go/ddsketch/store/dense_store.go deleted file mode 100644 index 2c4a3d4a..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/store/dense_store.go +++ /dev/null @@ -1,330 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package store - -import ( - "bytes" - "errors" - "fmt" - "math" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" -) - -const ( - arrayLengthOverhead = 64 - arrayLengthGrowthIncrement = 0.1 - - // Grow the bins with an extra growthBuffer bins to prevent growing too often - growthBuffer = 128 -) - -// DenseStore is a dynamically growing contiguous (non-sparse) store. The number of bins are -// bound only by the size of the slice that can be allocated. -type DenseStore struct { - bins []float64 - count float64 - offset int - minIndex int - maxIndex int -} - -func NewDenseStore() *DenseStore { - return &DenseStore{minIndex: math.MaxInt32, maxIndex: math.MinInt32} -} - -func (s *DenseStore) Add(index int) { - s.AddWithCount(index, float64(1)) -} - -func (s *DenseStore) AddBin(bin Bin) { - if bin.count == 0 { - return - } - s.AddWithCount(bin.index, bin.count) -} - -func (s *DenseStore) AddWithCount(index int, count float64) { - if count == 0 { - return - } - arrayIndex := s.normalize(index) - s.bins[arrayIndex] += count - s.count += count -} - -// Normalize the store, if necessary, so that the counter of the specified index can be updated. -func (s *DenseStore) normalize(index int) int { - if index < s.minIndex || index > s.maxIndex { - s.extendRange(index, index) - } - return index - s.offset -} - -func (s *DenseStore) getNewLength(newMinIndex, newMaxIndex int) int { - desiredLength := newMaxIndex - newMinIndex + 1 - return int((float64(desiredLength+arrayLengthOverhead-1)/arrayLengthGrowthIncrement + 1) * arrayLengthGrowthIncrement) -} - -func (s *DenseStore) extendRange(newMinIndex, newMaxIndex int) { - - newMinIndex = min(newMinIndex, s.minIndex) - newMaxIndex = max(newMaxIndex, s.maxIndex) - - if s.IsEmpty() { - initialLength := s.getNewLength(newMinIndex, newMaxIndex) - s.bins = append(s.bins, make([]float64, initialLength)...) - s.offset = newMinIndex - s.minIndex = newMinIndex - s.maxIndex = newMaxIndex - s.adjust(newMinIndex, newMaxIndex) - } else if newMinIndex >= s.offset && newMaxIndex < s.offset+len(s.bins) { - s.minIndex = newMinIndex - s.maxIndex = newMaxIndex - } else { - // To avoid shifting too often when nearing the capacity of the array, - // we may grow it before we actually reach the capacity. - newLength := s.getNewLength(newMinIndex, newMaxIndex) - if newLength > len(s.bins) { - s.bins = append(s.bins, make([]float64, newLength-len(s.bins))...) - } - s.adjust(newMinIndex, newMaxIndex) - } -} - -// Adjust bins, offset, minIndex and maxIndex, without resizing the bins slice in order to make it fit the -// specified range. -func (s *DenseStore) adjust(newMinIndex, newMaxIndex int) { - s.centerCounts(newMinIndex, newMaxIndex) -} - -func (s *DenseStore) centerCounts(newMinIndex, newMaxIndex int) { - midIndex := newMinIndex + (newMaxIndex-newMinIndex+1)/2 - s.shiftCounts(s.offset + len(s.bins)/2 - midIndex) - s.minIndex = newMinIndex - s.maxIndex = newMaxIndex -} - -func (s *DenseStore) shiftCounts(shift int) { - minArrIndex := s.minIndex - s.offset - maxArrIndex := s.maxIndex - s.offset - copy(s.bins[minArrIndex+shift:], s.bins[minArrIndex:maxArrIndex+1]) - if shift > 0 { - s.resetBins(s.minIndex, s.minIndex+shift-1) - } else { - s.resetBins(s.maxIndex+shift+1, s.maxIndex) - } - s.offset -= shift -} - -func (s *DenseStore) resetBins(fromIndex, toIndex int) { - for i := fromIndex - s.offset; i <= toIndex-s.offset; i++ { - s.bins[i] = 0 - } -} - -func (s *DenseStore) IsEmpty() bool { - return s.count == 0 -} - -func (s *DenseStore) TotalCount() float64 { - return s.count -} - -func (s *DenseStore) MinIndex() (int, error) { - if s.IsEmpty() { - return 0, errUndefinedMinIndex - } - return s.minIndex, nil -} - -func (s *DenseStore) MaxIndex() (int, error) { - if s.IsEmpty() { - return 0, errUndefinedMaxIndex - } - return s.maxIndex, nil -} - -// Return the key for the value at rank -func (s *DenseStore) KeyAtRank(rank float64) int { - if rank < 0 { - rank = 0 - } - var n float64 - for i, b := range s.bins { - n += b - if n > rank { - return i + s.offset - } - } - return s.maxIndex -} - -func (s *DenseStore) MergeWith(other Store) { - if other.IsEmpty() { - return - } - o, ok := other.(*DenseStore) - if !ok { - other.ForEach(func(index int, count float64) (stop bool) { - s.AddWithCount(index, count) - return false - }) - return - } - if o.minIndex < s.minIndex || o.maxIndex > s.maxIndex { - s.extendRange(o.minIndex, o.maxIndex) - } - for idx := o.minIndex; idx <= o.maxIndex; idx++ { - s.bins[idx-s.offset] += o.bins[idx-o.offset] - } - s.count += o.count -} - -func (s *DenseStore) Bins() <-chan Bin { - ch := make(chan Bin) - go func() { - defer close(ch) - for idx := s.minIndex; idx <= s.maxIndex; idx++ { - if s.bins[idx-s.offset] > 0 { - ch <- Bin{index: idx, count: s.bins[idx-s.offset]} - } - } - }() - return ch -} - -func (s *DenseStore) ForEach(f func(index int, count float64) (stop bool)) { - for idx := s.minIndex; idx <= s.maxIndex; idx++ { - if s.bins[idx-s.offset] > 0 { - if f(idx, s.bins[idx-s.offset]) { - return - } - } - } -} - -func (s *DenseStore) Copy() Store { - bins := make([]float64, len(s.bins)) - copy(bins, s.bins) - return &DenseStore{ - bins: bins, - count: s.count, - offset: s.offset, - minIndex: s.minIndex, - maxIndex: s.maxIndex, - } -} - -func (s *DenseStore) Clear() { - s.bins = s.bins[:0] - s.count = 0 - s.minIndex = math.MaxInt32 - s.maxIndex = math.MinInt32 -} - -func (s *DenseStore) string() string { - var buffer bytes.Buffer - buffer.WriteString("{") - for i := 0; i < len(s.bins); i++ { - index := i + s.offset - buffer.WriteString(fmt.Sprintf("%d: %f, ", index, s.bins[i])) - } - buffer.WriteString(fmt.Sprintf("count: %v, offset: %d, minIndex: %d, maxIndex: %d}", s.count, s.offset, s.minIndex, s.maxIndex)) - return buffer.String() -} - -func (s *DenseStore) ToProto() *sketchpb.Store { - if s.IsEmpty() { - return &sketchpb.Store{ContiguousBinCounts: nil} - } - bins := make([]float64, s.maxIndex-s.minIndex+1) - copy(bins, s.bins[s.minIndex-s.offset:s.maxIndex-s.offset+1]) - return &sketchpb.Store{ - ContiguousBinCounts: bins, - ContiguousBinIndexOffset: int32(s.minIndex), - } -} - -func (s *DenseStore) Reweight(w float64) error { - if w <= 0 { - return errors.New("can't reweight by a negative factor") - } - if w == 1 { - return nil - } - s.count *= w - for idx := s.minIndex; idx <= s.maxIndex; idx++ { - s.bins[idx-s.offset] *= w - } - return nil -} - -func (s *DenseStore) Encode(b *[]byte, t enc.FlagType) { - if s.IsEmpty() { - return - } - - denseEncodingSize := 0 - numBins := uint64(s.maxIndex-s.minIndex) + 1 - denseEncodingSize += enc.Uvarint64Size(numBins) - denseEncodingSize += enc.Varint64Size(int64(s.minIndex)) - denseEncodingSize += enc.Varint64Size(1) - - sparseEncodingSize := 0 - numNonEmptyBins := uint64(0) - - previousIndex := s.minIndex - for index := s.minIndex; index <= s.maxIndex; index++ { - count := s.bins[index-s.offset] - countVarFloat64Size := enc.Varfloat64Size(count) - denseEncodingSize += countVarFloat64Size - if count != 0 { - numNonEmptyBins++ - sparseEncodingSize += enc.Varint64Size(int64(index - previousIndex)) - sparseEncodingSize += countVarFloat64Size - previousIndex = index - } - } - sparseEncodingSize += enc.Uvarint64Size(numNonEmptyBins) - - if denseEncodingSize <= sparseEncodingSize { - s.encodeDensely(b, t, numBins) - } else { - s.encodeSparsely(b, t, numNonEmptyBins) - } -} - -func (s *DenseStore) encodeDensely(b *[]byte, t enc.FlagType, numBins uint64) { - enc.EncodeFlag(b, enc.NewFlag(t, enc.BinEncodingContiguousCounts)) - enc.EncodeUvarint64(b, numBins) - enc.EncodeVarint64(b, int64(s.minIndex)) - enc.EncodeVarint64(b, 1) - for index := s.minIndex; index <= s.maxIndex; index++ { - enc.EncodeVarfloat64(b, s.bins[index-s.offset]) - } -} - -func (s *DenseStore) encodeSparsely(b *[]byte, t enc.FlagType, numNonEmptyBins uint64) { - enc.EncodeFlag(b, enc.NewFlag(t, enc.BinEncodingIndexDeltasAndCounts)) - enc.EncodeUvarint64(b, numNonEmptyBins) - previousIndex := 0 - for index := s.minIndex; index <= s.maxIndex; index++ { - count := s.bins[index-s.offset] - if count != 0 { - enc.EncodeVarint64(b, int64(index-previousIndex)) - enc.EncodeVarfloat64(b, count) - previousIndex = index - } - } -} - -func (s *DenseStore) DecodeAndMergeWith(b *[]byte, encodingMode enc.SubFlag) error { - return DecodeAndMergeWith(s, b, encodingMode) -} - -var _ Store = (*DenseStore)(nil) diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/store/sparse.go b/vendor/github.com/DataDog/sketches-go/ddsketch/store/sparse.go deleted file mode 100644 index 9a07836e..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/store/sparse.go +++ /dev/null @@ -1,184 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package store - -import ( - "errors" - "sort" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" -) - -type SparseStore struct { - counts map[int]float64 -} - -func NewSparseStore() *SparseStore { - return &SparseStore{counts: make(map[int]float64)} -} - -func (s *SparseStore) Add(index int) { - s.counts[index]++ -} - -func (s *SparseStore) AddBin(bin Bin) { - s.AddWithCount(bin.index, bin.count) -} - -func (s *SparseStore) AddWithCount(index int, count float64) { - if count == 0 { - return - } - s.counts[index] += count -} - -func (s *SparseStore) Bins() <-chan Bin { - orderedBins := s.orderedBins() - ch := make(chan Bin) - go func() { - defer close(ch) - for _, bin := range orderedBins { - ch <- bin - } - }() - return ch -} - -func (s *SparseStore) orderedBins() []Bin { - bins := make([]Bin, 0, len(s.counts)) - for index, count := range s.counts { - bins = append(bins, Bin{index: index, count: count}) - } - sort.Slice(bins, func(i, j int) bool { return bins[i].index < bins[j].index }) - return bins -} - -func (s *SparseStore) ForEach(f func(index int, count float64) (stop bool)) { - for index, count := range s.counts { - if f(index, count) { - return - } - } -} - -func (s *SparseStore) Copy() Store { - countsCopy := make(map[int]float64) - for index, count := range s.counts { - countsCopy[index] = count - } - return &SparseStore{counts: countsCopy} -} - -func (s *SparseStore) Clear() { - for index := range s.counts { - delete(s.counts, index) - } -} - -func (s *SparseStore) IsEmpty() bool { - return len(s.counts) == 0 -} - -func (s *SparseStore) MaxIndex() (int, error) { - if s.IsEmpty() { - return 0, errUndefinedMaxIndex - } - maxIndex := minInt - for index := range s.counts { - if index > maxIndex { - maxIndex = index - } - } - return maxIndex, nil -} - -func (s *SparseStore) MinIndex() (int, error) { - if s.IsEmpty() { - return 0, errUndefinedMinIndex - } - minIndex := maxInt - for index := range s.counts { - if index < minIndex { - minIndex = index - } - } - return minIndex, nil -} - -func (s *SparseStore) TotalCount() float64 { - totalCount := float64(0) - for _, count := range s.counts { - totalCount += count - } - return totalCount -} - -func (s *SparseStore) KeyAtRank(rank float64) int { - orderedBins := s.orderedBins() - cumulCount := float64(0) - for _, bin := range orderedBins { - cumulCount += bin.count - if cumulCount > rank { - return bin.index - } - } - maxIndex, err := s.MaxIndex() - if err == nil { - return maxIndex - } else { - // FIXME: make Store's KeyAtRank consistent with MinIndex and MaxIndex - return 0 - } -} - -func (s *SparseStore) MergeWith(store Store) { - store.ForEach(func(index int, count float64) (stop bool) { - s.AddWithCount(index, count) - return false - }) -} - -func (s *SparseStore) ToProto() *sketchpb.Store { - binCounts := make(map[int32]float64) - for index, count := range s.counts { - binCounts[int32(index)] = count - } - return &sketchpb.Store{BinCounts: binCounts} -} - -func (s *SparseStore) Reweight(w float64) error { - if w <= 0 { - return errors.New("can't reweight by a negative factor") - } - if w == 1 { - return nil - } - for index := range s.counts { - s.counts[index] *= w - } - return nil -} - -func (s *SparseStore) Encode(b *[]byte, t enc.FlagType) { - if s.IsEmpty() { - return - } - enc.EncodeFlag(b, enc.NewFlag(t, enc.BinEncodingIndexDeltasAndCounts)) - enc.EncodeUvarint64(b, uint64(len(s.counts))) - previousIndex := 0 - for index, count := range s.counts { - enc.EncodeVarint64(b, int64(index-previousIndex)) - enc.EncodeVarfloat64(b, count) - previousIndex = index - } -} - -func (s *SparseStore) DecodeAndMergeWith(b *[]byte, encodingMode enc.SubFlag) error { - return DecodeAndMergeWith(s, b, encodingMode) -} - -var _ Store = (*SparseStore)(nil) diff --git a/vendor/github.com/DataDog/sketches-go/ddsketch/store/store.go b/vendor/github.com/DataDog/sketches-go/ddsketch/store/store.go deleted file mode 100644 index 64a5e3d5..00000000 --- a/vendor/github.com/DataDog/sketches-go/ddsketch/store/store.go +++ /dev/null @@ -1,153 +0,0 @@ -// Unless explicitly stated otherwise all files in this repository are licensed -// under the Apache License 2.0. -// This product includes software developed at Datadog (https://www.datadoghq.com/). -// Copyright 2021 Datadog, Inc. - -package store - -import ( - "errors" - - enc "github.com/DataDog/sketches-go/ddsketch/encoding" - "github.com/DataDog/sketches-go/ddsketch/pb/sketchpb" -) - -type Provider func() Store - -var ( - DefaultProvider = Provider(BufferedPaginatedStoreConstructor) - DenseStoreConstructor = Provider(func() Store { return NewDenseStore() }) - BufferedPaginatedStoreConstructor = Provider(func() Store { return NewBufferedPaginatedStore() }) - SparseStoreConstructor = Provider(func() Store { return NewSparseStore() }) -) - -const ( - maxInt = int(^uint(0) >> 1) - minInt = ^maxInt -) - -var ( - errUndefinedMinIndex = errors.New("MinIndex of empty store is undefined") - errUndefinedMaxIndex = errors.New("MaxIndex of empty store is undefined") -) - -type Store interface { - Add(index int) - AddBin(bin Bin) - AddWithCount(index int, count float64) - // Bins returns a channel that emits the bins that are encoded in the store. - // Note that this leaks a channel and a goroutine if it is not iterated to completion. - Bins() <-chan Bin - // ForEach applies f to all elements of the store or until f returns true. - ForEach(f func(index int, count float64) (stop bool)) - Copy() Store - // Clear empties the store while allowing reusing already allocated memory. - // In some situations, it may be advantageous to clear and reuse a store - // rather than instantiating a new one. Keeping reusing the same store again - // and again on varying input data distributions may however ultimately make - // the store overly large and may waste memory space. - Clear() - IsEmpty() bool - MaxIndex() (int, error) - MinIndex() (int, error) - TotalCount() float64 - KeyAtRank(rank float64) int - MergeWith(store Store) - ToProto() *sketchpb.Store - // Reweight multiplies all values from the store by w, but keeps the same global distribution. - Reweight(w float64) error - // Encode encodes the bins of the store and appends its content to the - // provided []byte. - // The provided FlagType indicates whether the store encodes positive or - // negative values. - Encode(b *[]byte, t enc.FlagType) - // DecodeAndMergeWith decodes bins that have been encoded in the format of - // the provided binEncodingMode and merges them within the receiver store. - // It updates the provided []byte so that it starts immediately after the - // encoded bins. - DecodeAndMergeWith(b *[]byte, binEncodingMode enc.SubFlag) error -} - -// FromProto returns an instance of DenseStore that contains the data in the provided protobuf representation. -func FromProto(pb *sketchpb.Store) *DenseStore { - store := NewDenseStore() - MergeWithProto(store, pb) - return store -} - -// MergeWithProto merges the distribution in a protobuf Store to an existing store. -// - if called with an empty store, this simply populates the store with the distribution in the protobuf Store. -// - if called with a non-empty store, this has the same outcome as deserializing the protobuf Store, then merging. -func MergeWithProto(store Store, pb *sketchpb.Store) { - for idx, count := range pb.BinCounts { - store.AddWithCount(int(idx), count) - } - for idx, count := range pb.ContiguousBinCounts { - store.AddWithCount(idx+int(pb.ContiguousBinIndexOffset), count) - } -} - -func DecodeAndMergeWith(s Store, b *[]byte, binEncodingMode enc.SubFlag) error { - switch binEncodingMode { - - case enc.BinEncodingIndexDeltasAndCounts: - numBins, err := enc.DecodeUvarint64(b) - if err != nil { - return err - } - index := int64(0) - for i := uint64(0); i < numBins; i++ { - indexDelta, err := enc.DecodeVarint64(b) - if err != nil { - return err - } - count, err := enc.DecodeVarfloat64(b) - if err != nil { - return err - } - index += indexDelta - s.AddWithCount(int(index), count) - } - - case enc.BinEncodingIndexDeltas: - numBins, err := enc.DecodeUvarint64(b) - if err != nil { - return err - } - index := int64(0) - for i := uint64(0); i < numBins; i++ { - indexDelta, err := enc.DecodeVarint64(b) - if err != nil { - return err - } - index += indexDelta - s.Add(int(index)) - } - - case enc.BinEncodingContiguousCounts: - numBins, err := enc.DecodeUvarint64(b) - if err != nil { - return err - } - index, err := enc.DecodeVarint64(b) - if err != nil { - return err - } - indexDelta, err := enc.DecodeVarint64(b) - if err != nil { - return err - } - for i := uint64(0); i < numBins; i++ { - count, err := enc.DecodeVarfloat64(b) - if err != nil { - return err - } - s.AddWithCount(int(index), count) - index += indexDelta - } - - default: - return errors.New("unknown bin encoding") - } - return nil -} diff --git a/vendor/github.com/apparentlymart/go-cidr/LICENSE b/vendor/github.com/apparentlymart/go-cidr/LICENSE deleted file mode 100644 index 21253788..00000000 --- a/vendor/github.com/apparentlymart/go-cidr/LICENSE +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2015 Martin Atkins - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. diff --git a/vendor/github.com/apparentlymart/go-cidr/cidr/cidr.go b/vendor/github.com/apparentlymart/go-cidr/cidr/cidr.go deleted file mode 100644 index 20823af0..00000000 --- a/vendor/github.com/apparentlymart/go-cidr/cidr/cidr.go +++ /dev/null @@ -1,236 +0,0 @@ -// Package cidr is a collection of assorted utilities for computing -// network and host addresses within network ranges. -// -// It expects a CIDR-type address structure where addresses are divided into -// some number of prefix bits representing the network and then the remaining -// suffix bits represent the host. -// -// For example, it can help to calculate addresses for sub-networks of a -// parent network, or to calculate host addresses within a particular prefix. -// -// At present this package is prioritizing simplicity of implementation and -// de-prioritizing speed and memory usage. Thus caution is advised before -// using this package in performance-critical applications or hot codepaths. -// Patches to improve the speed and memory usage may be accepted as long as -// they do not result in a significant increase in code complexity. -package cidr - -import ( - "fmt" - "math/big" - "net" -) - -// Subnet takes a parent CIDR range and creates a subnet within it -// with the given number of additional prefix bits and the given -// network number. -// -// For example, 10.3.0.0/16, extended by 8 bits, with a network number -// of 5, becomes 10.3.5.0/24 . -func Subnet(base *net.IPNet, newBits int, num int) (*net.IPNet, error) { - return SubnetBig(base, newBits, big.NewInt(int64(num))) -} - -// SubnetBig takes a parent CIDR range and creates a subnet within it with the -// given number of additional prefix bits and the given network number. It -// differs from Subnet in that it takes a *big.Int for the num, instead of an int. -// -// For example, 10.3.0.0/16, extended by 8 bits, with a network number of 5, -// becomes 10.3.5.0/24 . -func SubnetBig(base *net.IPNet, newBits int, num *big.Int) (*net.IPNet, error) { - ip := base.IP - mask := base.Mask - - parentLen, addrLen := mask.Size() - newPrefixLen := parentLen + newBits - - if newPrefixLen > addrLen { - return nil, fmt.Errorf("insufficient address space to extend prefix of %d by %d", parentLen, newBits) - } - - maxNetNum := uint64(1< maxNetNum { - return nil, fmt.Errorf("prefix extension of %d does not accommodate a subnet numbered %d", newBits, num) - } - - return &net.IPNet{ - IP: insertNumIntoIP(ip, num, newPrefixLen), - Mask: net.CIDRMask(newPrefixLen, addrLen), - }, nil -} - -// Host takes a parent CIDR range and turns it into a host IP address with the -// given host number. -// -// For example, 10.3.0.0/16 with a host number of 2 gives 10.3.0.2. -func Host(base *net.IPNet, num int) (net.IP, error) { - return HostBig(base, big.NewInt(int64(num))) -} - -// HostBig takes a parent CIDR range and turns it into a host IP address with -// the given host number. It differs from Host in that it takes a *big.Int for -// the num, instead of an int. -// -// For example, 10.3.0.0/16 with a host number of 2 gives 10.3.0.2. -func HostBig(base *net.IPNet, num *big.Int) (net.IP, error) { - ip := base.IP - mask := base.Mask - - parentLen, addrLen := mask.Size() - hostLen := addrLen - parentLen - - maxHostNum := big.NewInt(int64(1)) - maxHostNum.Lsh(maxHostNum, uint(hostLen)) - maxHostNum.Sub(maxHostNum, big.NewInt(1)) - - numUint64 := big.NewInt(int64(num.Uint64())) - if num.Cmp(big.NewInt(0)) == -1 { - numUint64.Neg(num) - numUint64.Sub(numUint64, big.NewInt(int64(1))) - num.Sub(maxHostNum, numUint64) - } - - if numUint64.Cmp(maxHostNum) == 1 { - return nil, fmt.Errorf("prefix of %d does not accommodate a host numbered %d", parentLen, num) - } - var bitlength int - if ip.To4() != nil { - bitlength = 32 - } else { - bitlength = 128 - } - return insertNumIntoIP(ip, num, bitlength), nil -} - -// AddressRange returns the first and last addresses in the given CIDR range. -func AddressRange(network *net.IPNet) (net.IP, net.IP) { - // the first IP is easy - firstIP := network.IP - - // the last IP is the network address OR NOT the mask address - prefixLen, bits := network.Mask.Size() - if prefixLen == bits { - // Easy! - // But make sure that our two slices are distinct, since they - // would be in all other cases. - lastIP := make([]byte, len(firstIP)) - copy(lastIP, firstIP) - return firstIP, lastIP - } - - firstIPInt, bits := ipToInt(firstIP) - hostLen := uint(bits) - uint(prefixLen) - lastIPInt := big.NewInt(1) - lastIPInt.Lsh(lastIPInt, hostLen) - lastIPInt.Sub(lastIPInt, big.NewInt(1)) - lastIPInt.Or(lastIPInt, firstIPInt) - - return firstIP, intToIP(lastIPInt, bits) -} - -// AddressCount returns the number of distinct host addresses within the given -// CIDR range. -// -// Since the result is a uint64, this function returns meaningful information -// only for IPv4 ranges and IPv6 ranges with a prefix size of at least 65. -func AddressCount(network *net.IPNet) uint64 { - prefixLen, bits := network.Mask.Size() - return 1 << (uint64(bits) - uint64(prefixLen)) -} - -//VerifyNoOverlap takes a list subnets and supernet (CIDRBlock) and verifies -//none of the subnets overlap and all subnets are in the supernet -//it returns an error if any of those conditions are not satisfied -func VerifyNoOverlap(subnets []*net.IPNet, CIDRBlock *net.IPNet) error { - firstLastIP := make([][]net.IP, len(subnets)) - for i, s := range subnets { - first, last := AddressRange(s) - firstLastIP[i] = []net.IP{first, last} - } - for i, s := range subnets { - if !CIDRBlock.Contains(firstLastIP[i][0]) || !CIDRBlock.Contains(firstLastIP[i][1]) { - return fmt.Errorf("%s does not fully contain %s", CIDRBlock.String(), s.String()) - } - for j := 0; j < len(subnets); j++ { - if i == j { - continue - } - - first := firstLastIP[j][0] - last := firstLastIP[j][1] - if s.Contains(first) || s.Contains(last) { - return fmt.Errorf("%s overlaps with %s", subnets[j].String(), s.String()) - } - } - } - return nil -} - -// PreviousSubnet returns the subnet of the desired mask in the IP space -// just lower than the start of IPNet provided. If the IP space rolls over -// then the second return value is true -func PreviousSubnet(network *net.IPNet, prefixLen int) (*net.IPNet, bool) { - startIP := checkIPv4(network.IP) - previousIP := make(net.IP, len(startIP)) - copy(previousIP, startIP) - cMask := net.CIDRMask(prefixLen, 8*len(previousIP)) - previousIP = Dec(previousIP) - previous := &net.IPNet{IP: previousIP.Mask(cMask), Mask: cMask} - if startIP.Equal(net.IPv4zero) || startIP.Equal(net.IPv6zero) { - return previous, true - } - return previous, false -} - -// NextSubnet returns the next available subnet of the desired mask size -// starting for the maximum IP of the offset subnet -// If the IP exceeds the maxium IP then the second return value is true -func NextSubnet(network *net.IPNet, prefixLen int) (*net.IPNet, bool) { - _, currentLast := AddressRange(network) - mask := net.CIDRMask(prefixLen, 8*len(currentLast)) - currentSubnet := &net.IPNet{IP: currentLast.Mask(mask), Mask: mask} - _, last := AddressRange(currentSubnet) - last = Inc(last) - next := &net.IPNet{IP: last.Mask(mask), Mask: mask} - if last.Equal(net.IPv4zero) || last.Equal(net.IPv6zero) { - return next, true - } - return next, false -} - -//Inc increases the IP by one this returns a new []byte for the IP -func Inc(IP net.IP) net.IP { - IP = checkIPv4(IP) - incIP := make([]byte, len(IP)) - copy(incIP, IP) - for j := len(incIP) - 1; j >= 0; j-- { - incIP[j]++ - if incIP[j] > 0 { - break - } - } - return incIP -} - -//Dec decreases the IP by one this returns a new []byte for the IP -func Dec(IP net.IP) net.IP { - IP = checkIPv4(IP) - decIP := make([]byte, len(IP)) - copy(decIP, IP) - decIP = checkIPv4(decIP) - for j := len(decIP) - 1; j >= 0; j-- { - decIP[j]-- - if decIP[j] < 255 { - break - } - } - return decIP -} - -func checkIPv4(ip net.IP) net.IP { - // Go for some reason allocs IPv6len for IPv4 so we have to correct it - if v4 := ip.To4(); v4 != nil { - return v4 - } - return ip -} diff --git a/vendor/github.com/apparentlymart/go-cidr/cidr/wrangling.go b/vendor/github.com/apparentlymart/go-cidr/cidr/wrangling.go deleted file mode 100644 index e5e6a2cf..00000000 --- a/vendor/github.com/apparentlymart/go-cidr/cidr/wrangling.go +++ /dev/null @@ -1,37 +0,0 @@ -package cidr - -import ( - "fmt" - "math/big" - "net" -) - -func ipToInt(ip net.IP) (*big.Int, int) { - val := &big.Int{} - val.SetBytes([]byte(ip)) - if len(ip) == net.IPv4len { - return val, 32 - } else if len(ip) == net.IPv6len { - return val, 128 - } else { - panic(fmt.Errorf("Unsupported address length %d", len(ip))) - } -} - -func intToIP(ipInt *big.Int, bits int) net.IP { - ipBytes := ipInt.Bytes() - ret := make([]byte, bits/8) - // Pack our IP bytes into the end of the return array, - // since big.Int.Bytes() removes front zero padding. - for i := 1; i <= len(ipBytes); i++ { - ret[len(ret)-i] = ipBytes[len(ipBytes)-i] - } - return net.IP(ret) -} - -func insertNumIntoIP(ip net.IP, bigNum *big.Int, prefixLen int) net.IP { - ipInt, totalBits := ipToInt(ip) - bigNum.Lsh(bigNum, uint(totalBits-prefixLen)) - ipInt.Or(ipInt, bigNum) - return intToIP(ipInt, totalBits) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/NOTICE.txt b/vendor/github.com/aws/aws-sdk-go-v2/NOTICE.txt deleted file mode 100644 index 899129ec..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/NOTICE.txt +++ /dev/null @@ -1,3 +0,0 @@ -AWS SDK for Go -Copyright 2015 Amazon.com, Inc. or its affiliates. All Rights Reserved. -Copyright 2014-2015 Stripe, Inc. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/accountid_endpoint_mode.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/accountid_endpoint_mode.go deleted file mode 100644 index 6504a218..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/accountid_endpoint_mode.go +++ /dev/null @@ -1,18 +0,0 @@ -package aws - -// AccountIDEndpointMode controls how a resolved AWS account ID is handled for endpoint routing. -type AccountIDEndpointMode string - -const ( - // AccountIDEndpointModeUnset indicates the AWS account ID will not be used for endpoint routing - AccountIDEndpointModeUnset AccountIDEndpointMode = "" - - // AccountIDEndpointModePreferred indicates the AWS account ID will be used for endpoint routing if present - AccountIDEndpointModePreferred = "preferred" - - // AccountIDEndpointModeRequired indicates an error will be returned if the AWS account ID is not resolved from identity - AccountIDEndpointModeRequired = "required" - - // AccountIDEndpointModeDisabled indicates the AWS account ID will be ignored during endpoint routing - AccountIDEndpointModeDisabled = "disabled" -) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/checksum.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/checksum.go deleted file mode 100644 index 4152caad..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/checksum.go +++ /dev/null @@ -1,33 +0,0 @@ -package aws - -// RequestChecksumCalculation controls request checksum calculation workflow -type RequestChecksumCalculation int - -const ( - // RequestChecksumCalculationUnset is the unset value for RequestChecksumCalculation - RequestChecksumCalculationUnset RequestChecksumCalculation = iota - - // RequestChecksumCalculationWhenSupported indicates request checksum will be calculated - // if the operation supports input checksums - RequestChecksumCalculationWhenSupported - - // RequestChecksumCalculationWhenRequired indicates request checksum will be calculated - // if required by the operation or if user elects to set a checksum algorithm in request - RequestChecksumCalculationWhenRequired -) - -// ResponseChecksumValidation controls response checksum validation workflow -type ResponseChecksumValidation int - -const ( - // ResponseChecksumValidationUnset is the unset value for ResponseChecksumValidation - ResponseChecksumValidationUnset ResponseChecksumValidation = iota - - // ResponseChecksumValidationWhenSupported indicates response checksum will be validated - // if the operation supports output checksums - ResponseChecksumValidationWhenSupported - - // ResponseChecksumValidationWhenRequired indicates response checksum will only - // be validated if the operation requires output checksum validation - ResponseChecksumValidationWhenRequired -) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/config.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/config.go deleted file mode 100644 index a015cc5b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/config.go +++ /dev/null @@ -1,238 +0,0 @@ -package aws - -import ( - "net/http" - - smithybearer "github.com/aws/smithy-go/auth/bearer" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/middleware" -) - -// HTTPClient provides the interface to provide custom HTTPClients. Generally -// *http.Client is sufficient for most use cases. The HTTPClient should not -// follow 301 or 302 redirects. -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// A Config provides service configuration for service clients. -type Config struct { - // The region to send requests to. This parameter is required and must - // be configured globally or on a per-client basis unless otherwise - // noted. A full list of regions is found in the "Regions and Endpoints" - // document. - // - // See http://docs.aws.amazon.com/general/latest/gr/rande.html for - // information on AWS regions. - Region string - - // The credentials object to use when signing requests. - // Use the LoadDefaultConfig to load configuration from all the SDK's supported - // sources, and resolve credentials using the SDK's default credential chain. - Credentials CredentialsProvider - - // The Bearer Authentication token provider to use for authenticating API - // operation calls with a Bearer Authentication token. The API clients and - // operation must support Bearer Authentication scheme in order for the - // token provider to be used. API clients created with NewFromConfig will - // automatically be configured with this option, if the API client support - // Bearer Authentication. - // - // The SDK's config.LoadDefaultConfig can automatically populate this - // option for external configuration options such as SSO session. - // https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html - BearerAuthTokenProvider smithybearer.TokenProvider - - // The HTTP Client the SDK's API clients will use to invoke HTTP requests. - // The SDK defaults to a BuildableClient allowing API clients to create - // copies of the HTTP Client for service specific customizations. - // - // Use a (*http.Client) for custom behavior. Using a custom http.Client - // will prevent the SDK from modifying the HTTP client. - HTTPClient HTTPClient - - // An endpoint resolver that can be used to provide or override an endpoint - // for the given service and region. - // - // See the `aws.EndpointResolver` documentation for additional usage - // information. - // - // Deprecated: See Config.EndpointResolverWithOptions - EndpointResolver EndpointResolver - - // An endpoint resolver that can be used to provide or override an endpoint - // for the given service and region. - // - // When EndpointResolverWithOptions is specified, it will be used by a - // service client rather than using EndpointResolver if also specified. - // - // See the `aws.EndpointResolverWithOptions` documentation for additional - // usage information. - // - // Deprecated: with the release of endpoint resolution v2 in API clients, - // EndpointResolver and EndpointResolverWithOptions are deprecated. - // Providing a value for this field will likely prevent you from using - // newer endpoint-related service features. See API client options - // EndpointResolverV2 and BaseEndpoint. - EndpointResolverWithOptions EndpointResolverWithOptions - - // RetryMaxAttempts specifies the maximum number attempts an API client - // will call an operation that fails with a retryable error. - // - // API Clients will only use this value to construct a retryer if the - // Config.Retryer member is not nil. This value will be ignored if - // Retryer is not nil. - RetryMaxAttempts int - - // RetryMode specifies the retry model the API client will be created with. - // - // API Clients will only use this value to construct a retryer if the - // Config.Retryer member is not nil. This value will be ignored if - // Retryer is not nil. - RetryMode RetryMode - - // Retryer is a function that provides a Retryer implementation. A Retryer - // guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. - // - // In general, the provider function should return a new instance of a - // Retryer if you are attempting to provide a consistent Retryer - // configuration across all clients. This will ensure that each client will - // be provided a new instance of the Retryer implementation, and will avoid - // issues such as sharing the same retry token bucket across services. - // - // If not nil, RetryMaxAttempts, and RetryMode will be ignored by API - // clients. - Retryer func() Retryer - - // ConfigSources are the sources that were used to construct the Config. - // Allows for additional configuration to be loaded by clients. - ConfigSources []interface{} - - // APIOptions provides the set of middleware mutations modify how the API - // client requests will be handled. This is useful for adding additional - // tracing data to a request, or changing behavior of the SDK's client. - APIOptions []func(*middleware.Stack) error - - // The logger writer interface to write logging messages to. Defaults to - // standard error. - Logger logging.Logger - - // Configures the events that will be sent to the configured logger. This - // can be used to configure the logging of signing, retries, request, and - // responses of the SDK clients. - // - // See the ClientLogMode type documentation for the complete set of logging - // modes and available configuration. - ClientLogMode ClientLogMode - - // The configured DefaultsMode. If not specified, service clients will - // default to legacy. - // - // Supported modes are: auto, cross-region, in-region, legacy, mobile, - // standard - DefaultsMode DefaultsMode - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode - // is set to DefaultsModeAuto and is initialized by - // `config.LoadDefaultConfig`. You should not populate this structure - // programmatically, or rely on the values here within your applications. - RuntimeEnvironment RuntimeEnvironment - - // AppId is an optional application specific identifier that can be set. - // When set it will be appended to the User-Agent header of every request - // in the form of App/{AppId}. This variable is sourced from environment - // variable AWS_SDK_UA_APP_ID or the shared config profile attribute sdk_ua_app_id. - // See https://docs.aws.amazon.com/sdkref/latest/guide/settings-reference.html for - // more information on environment variables and shared config settings. - AppID string - - // BaseEndpoint is an intermediary transfer location to a service specific - // BaseEndpoint on a service's Options. - BaseEndpoint *string - - // DisableRequestCompression toggles if an operation request could be - // compressed or not. Will be set to false by default. This variable is sourced from - // environment variable AWS_DISABLE_REQUEST_COMPRESSION or the shared config profile attribute - // disable_request_compression - DisableRequestCompression bool - - // RequestMinCompressSizeBytes sets the inclusive min bytes of a request body that could be - // compressed. Will be set to 10240 by default and must be within 0 and 10485760 bytes inclusively. - // This variable is sourced from environment variable AWS_REQUEST_MIN_COMPRESSION_SIZE_BYTES or - // the shared config profile attribute request_min_compression_size_bytes - RequestMinCompressSizeBytes int64 - - // Controls how a resolved AWS account ID is handled for endpoint routing. - AccountIDEndpointMode AccountIDEndpointMode - - // RequestChecksumCalculation determines when request checksum calculation is performed. - // - // There are two possible values for this setting: - // - // 1. RequestChecksumCalculationWhenSupported (default): The checksum is always calculated - // if the operation supports it, regardless of whether the user sets an algorithm in the request. - // - // 2. RequestChecksumCalculationWhenRequired: The checksum is only calculated if the user - // explicitly sets a checksum algorithm in the request. - // - // This setting is sourced from the environment variable AWS_REQUEST_CHECKSUM_CALCULATION - // or the shared config profile attribute "request_checksum_calculation". - RequestChecksumCalculation RequestChecksumCalculation - - // ResponseChecksumValidation determines when response checksum validation is performed - // - // There are two possible values for this setting: - // - // 1. ResponseChecksumValidationWhenSupported (default): The checksum is always validated - // if the operation supports it, regardless of whether the user sets the validation mode to ENABLED in request. - // - // 2. ResponseChecksumValidationWhenRequired: The checksum is only validated if the user - // explicitly sets the validation mode to ENABLED in the request - // This variable is sourced from environment variable AWS_RESPONSE_CHECKSUM_VALIDATION or - // the shared config profile attribute "response_checksum_validation". - ResponseChecksumValidation ResponseChecksumValidation -} - -// NewConfig returns a new Config pointer that can be chained with builder -// methods to set multiple configuration values inline without using pointers. -func NewConfig() *Config { - return &Config{} -} - -// Copy will return a shallow copy of the Config object. -func (c Config) Copy() Config { - cp := c - return cp -} - -// EndpointDiscoveryEnableState indicates if endpoint discovery is -// enabled, disabled, auto or unset state. -// -// Default behavior (Auto or Unset) indicates operations that require endpoint -// discovery will use Endpoint Discovery by default. Operations that -// optionally use Endpoint Discovery will not use Endpoint Discovery -// unless EndpointDiscovery is explicitly enabled. -type EndpointDiscoveryEnableState uint - -// Enumeration values for EndpointDiscoveryEnableState -const ( - // EndpointDiscoveryUnset represents EndpointDiscoveryEnableState is unset. - // Users do not need to use this value explicitly. The behavior for unset - // is the same as for EndpointDiscoveryAuto. - EndpointDiscoveryUnset EndpointDiscoveryEnableState = iota - - // EndpointDiscoveryAuto represents an AUTO state that allows endpoint - // discovery only when required by the api. This is the default - // configuration resolved by the client if endpoint discovery is neither - // enabled or disabled. - EndpointDiscoveryAuto // default state - - // EndpointDiscoveryDisabled indicates client MUST not perform endpoint - // discovery even when required. - EndpointDiscoveryDisabled - - // EndpointDiscoveryEnabled indicates client MUST always perform endpoint - // discovery if supported for the operation. - EndpointDiscoveryEnabled -) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/context.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/context.go deleted file mode 100644 index 4d8e26ef..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/context.go +++ /dev/null @@ -1,22 +0,0 @@ -package aws - -import ( - "context" - "time" -) - -type suppressedContext struct { - context.Context -} - -func (s *suppressedContext) Deadline() (deadline time.Time, ok bool) { - return time.Time{}, false -} - -func (s *suppressedContext) Done() <-chan struct{} { - return nil -} - -func (s *suppressedContext) Err() error { - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/credential_cache.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/credential_cache.go deleted file mode 100644 index 623890e8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/credential_cache.go +++ /dev/null @@ -1,235 +0,0 @@ -package aws - -import ( - "context" - "fmt" - "sync/atomic" - "time" - - sdkrand "github.com/aws/aws-sdk-go-v2/internal/rand" - "github.com/aws/aws-sdk-go-v2/internal/sync/singleflight" -) - -// CredentialsCacheOptions are the options -type CredentialsCacheOptions struct { - - // ExpiryWindow will allow the credentials to trigger refreshing prior to - // the credentials actually expiring. This is beneficial so race conditions - // with expiring credentials do not cause request to fail unexpectedly - // due to ExpiredTokenException exceptions. - // - // An ExpiryWindow of 10s would cause calls to IsExpired() to return true - // 10 seconds before the credentials are actually expired. This can cause an - // increased number of requests to refresh the credentials to occur. - // - // If ExpiryWindow is 0 or less it will be ignored. - ExpiryWindow time.Duration - - // ExpiryWindowJitterFrac provides a mechanism for randomizing the - // expiration of credentials within the configured ExpiryWindow by a random - // percentage. Valid values are between 0.0 and 1.0. - // - // As an example if ExpiryWindow is 60 seconds and ExpiryWindowJitterFrac - // is 0.5 then credentials will be set to expire between 30 to 60 seconds - // prior to their actual expiration time. - // - // If ExpiryWindow is 0 or less then ExpiryWindowJitterFrac is ignored. - // If ExpiryWindowJitterFrac is 0 then no randomization will be applied to the window. - // If ExpiryWindowJitterFrac < 0 the value will be treated as 0. - // If ExpiryWindowJitterFrac > 1 the value will be treated as 1. - ExpiryWindowJitterFrac float64 -} - -// CredentialsCache provides caching and concurrency safe credentials retrieval -// via the provider's retrieve method. -// -// CredentialsCache will look for optional interfaces on the Provider to adjust -// how the credential cache handles credentials caching. -// -// - HandleFailRefreshCredentialsCacheStrategy - Allows provider to handle -// credential refresh failures. This could return an updated Credentials -// value, or attempt another means of retrieving credentials. -// -// - AdjustExpiresByCredentialsCacheStrategy - Allows provider to adjust how -// credentials Expires is modified. This could modify how the Credentials -// Expires is adjusted based on the CredentialsCache ExpiryWindow option. -// Such as providing a floor not to reduce the Expires below. -type CredentialsCache struct { - provider CredentialsProvider - - options CredentialsCacheOptions - creds atomic.Value - sf singleflight.Group -} - -// NewCredentialsCache returns a CredentialsCache that wraps provider. Provider -// is expected to not be nil. A variadic list of one or more functions can be -// provided to modify the CredentialsCache configuration. This allows for -// configuration of credential expiry window and jitter. -func NewCredentialsCache(provider CredentialsProvider, optFns ...func(options *CredentialsCacheOptions)) *CredentialsCache { - options := CredentialsCacheOptions{} - - for _, fn := range optFns { - fn(&options) - } - - if options.ExpiryWindow < 0 { - options.ExpiryWindow = 0 - } - - if options.ExpiryWindowJitterFrac < 0 { - options.ExpiryWindowJitterFrac = 0 - } else if options.ExpiryWindowJitterFrac > 1 { - options.ExpiryWindowJitterFrac = 1 - } - - return &CredentialsCache{ - provider: provider, - options: options, - } -} - -// Retrieve returns the credentials. If the credentials have already been -// retrieved, and not expired the cached credentials will be returned. If the -// credentials have not been retrieved yet, or expired the provider's Retrieve -// method will be called. -// -// Returns and error if the provider's retrieve method returns an error. -func (p *CredentialsCache) Retrieve(ctx context.Context) (Credentials, error) { - if creds, ok := p.getCreds(); ok && !creds.Expired() { - return creds, nil - } - - resCh := p.sf.DoChan("", func() (interface{}, error) { - return p.singleRetrieve(&suppressedContext{ctx}) - }) - select { - case res := <-resCh: - return res.Val.(Credentials), res.Err - case <-ctx.Done(): - return Credentials{}, &RequestCanceledError{Err: ctx.Err()} - } -} - -func (p *CredentialsCache) singleRetrieve(ctx context.Context) (interface{}, error) { - currCreds, ok := p.getCreds() - if ok && !currCreds.Expired() { - return currCreds, nil - } - - newCreds, err := p.provider.Retrieve(ctx) - if err != nil { - handleFailToRefresh := defaultHandleFailToRefresh - if cs, ok := p.provider.(HandleFailRefreshCredentialsCacheStrategy); ok { - handleFailToRefresh = cs.HandleFailToRefresh - } - newCreds, err = handleFailToRefresh(ctx, currCreds, err) - if err != nil { - return Credentials{}, fmt.Errorf("failed to refresh cached credentials, %w", err) - } - } - - if newCreds.CanExpire && p.options.ExpiryWindow > 0 { - adjustExpiresBy := defaultAdjustExpiresBy - if cs, ok := p.provider.(AdjustExpiresByCredentialsCacheStrategy); ok { - adjustExpiresBy = cs.AdjustExpiresBy - } - - randFloat64, err := sdkrand.CryptoRandFloat64() - if err != nil { - return Credentials{}, fmt.Errorf("failed to get random provider, %w", err) - } - - var jitter time.Duration - if p.options.ExpiryWindowJitterFrac > 0 { - jitter = time.Duration(randFloat64 * - p.options.ExpiryWindowJitterFrac * float64(p.options.ExpiryWindow)) - } - - newCreds, err = adjustExpiresBy(newCreds, -(p.options.ExpiryWindow - jitter)) - if err != nil { - return Credentials{}, fmt.Errorf("failed to adjust credentials expires, %w", err) - } - } - - p.creds.Store(&newCreds) - return newCreds, nil -} - -// getCreds returns the currently stored credentials and true. Returning false -// if no credentials were stored. -func (p *CredentialsCache) getCreds() (Credentials, bool) { - v := p.creds.Load() - if v == nil { - return Credentials{}, false - } - - c := v.(*Credentials) - if c == nil || !c.HasKeys() { - return Credentials{}, false - } - - return *c, true -} - -// ProviderSources returns a list of where the underlying credential provider -// has been sourced, if available. Returns empty if the provider doesn't implement -// the interface -func (p *CredentialsCache) ProviderSources() []CredentialSource { - asSource, ok := p.provider.(CredentialProviderSource) - if !ok { - return []CredentialSource{} - } - return asSource.ProviderSources() -} - -// Invalidate will invalidate the cached credentials. The next call to Retrieve -// will cause the provider's Retrieve method to be called. -func (p *CredentialsCache) Invalidate() { - p.creds.Store((*Credentials)(nil)) -} - -// IsCredentialsProvider returns whether credential provider wrapped by CredentialsCache -// matches the target provider type. -func (p *CredentialsCache) IsCredentialsProvider(target CredentialsProvider) bool { - return IsCredentialsProvider(p.provider, target) -} - -// HandleFailRefreshCredentialsCacheStrategy is an interface for -// CredentialsCache to allow CredentialsProvider how failed to refresh -// credentials is handled. -type HandleFailRefreshCredentialsCacheStrategy interface { - // Given the previously cached Credentials, if any, and refresh error, may - // returns new or modified set of Credentials, or error. - // - // Credential caches may use default implementation if nil. - HandleFailToRefresh(context.Context, Credentials, error) (Credentials, error) -} - -// defaultHandleFailToRefresh returns the passed in error. -func defaultHandleFailToRefresh(ctx context.Context, _ Credentials, err error) (Credentials, error) { - return Credentials{}, err -} - -// AdjustExpiresByCredentialsCacheStrategy is an interface for CredentialCache -// to allow CredentialsProvider to intercept adjustments to Credentials expiry -// based on expectations and use cases of CredentialsProvider. -// -// Credential caches may use default implementation if nil. -type AdjustExpiresByCredentialsCacheStrategy interface { - // Given a Credentials as input, applying any mutations and - // returning the potentially updated Credentials, or error. - AdjustExpiresBy(Credentials, time.Duration) (Credentials, error) -} - -// defaultAdjustExpiresBy adds the duration to the passed in credentials Expires, -// and returns the updated credentials value. If Credentials value's CanExpire -// is false, the passed in credentials are returned unchanged. -func defaultAdjustExpiresBy(creds Credentials, dur time.Duration) (Credentials, error) { - if !creds.CanExpire { - return creds, nil - } - - creds.Expires = creds.Expires.Add(dur) - return creds, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/credentials.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/credentials.go deleted file mode 100644 index 4ad2ee44..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/credentials.go +++ /dev/null @@ -1,230 +0,0 @@ -package aws - -import ( - "context" - "fmt" - "reflect" - "time" - - "github.com/aws/aws-sdk-go-v2/internal/sdk" -) - -// AnonymousCredentials provides a sentinel CredentialsProvider that should be -// used to instruct the SDK's signing middleware to not sign the request. -// -// Using `nil` credentials when configuring an API client will achieve the same -// result. The AnonymousCredentials type allows you to configure the SDK's -// external config loading to not attempt to source credentials from the shared -// config or environment. -// -// For example you can use this CredentialsProvider with an API client's -// Options to instruct the client not to sign a request for accessing public -// S3 bucket objects. -// -// The following example demonstrates using the AnonymousCredentials to prevent -// SDK's external config loading attempt to resolve credentials. -// -// cfg, err := config.LoadDefaultConfig(context.TODO(), -// config.WithCredentialsProvider(aws.AnonymousCredentials{}), -// ) -// if err != nil { -// log.Fatalf("failed to load config, %v", err) -// } -// -// client := s3.NewFromConfig(cfg) -// -// Alternatively you can leave the API client Option's `Credential` member to -// nil. If using the `NewFromConfig` constructor you'll need to explicitly set -// the `Credentials` member to nil, if the external config resolved a -// credential provider. -// -// client := s3.New(s3.Options{ -// // Credentials defaults to a nil value. -// }) -// -// This can also be configured for specific operations calls too. -// -// cfg, err := config.LoadDefaultConfig(context.TODO()) -// if err != nil { -// log.Fatalf("failed to load config, %v", err) -// } -// -// client := s3.NewFromConfig(config) -// -// result, err := client.GetObject(context.TODO(), s3.GetObject{ -// Bucket: aws.String("example-bucket"), -// Key: aws.String("example-key"), -// }, func(o *s3.Options) { -// o.Credentials = nil -// // Or -// o.Credentials = aws.AnonymousCredentials{} -// }) -type AnonymousCredentials struct{} - -// Retrieve implements the CredentialsProvider interface, but will always -// return error, and cannot be used to sign a request. The AnonymousCredentials -// type is used as a sentinel type instructing the AWS request signing -// middleware to not sign a request. -func (AnonymousCredentials) Retrieve(context.Context) (Credentials, error) { - return Credentials{Source: "AnonymousCredentials"}, - fmt.Errorf("the AnonymousCredentials is not a valid credential provider, and cannot be used to sign AWS requests with") -} - -// CredentialSource is the source of the credential provider. -// A provider can have multiple credential sources: For example, a provider that reads a profile, calls ECS to -// get credentials and then assumes a role using STS will have all these as part of its provider chain. -type CredentialSource int - -const ( - // CredentialSourceUndefined is the sentinel zero value - CredentialSourceUndefined CredentialSource = iota - // CredentialSourceCode credentials resolved from code, cli parameters, session object, or client instance - CredentialSourceCode - // CredentialSourceEnvVars credentials resolved from environment variables - CredentialSourceEnvVars - // CredentialSourceEnvVarsSTSWebIDToken credentials resolved from environment variables for assuming a role with STS using a web identity token - CredentialSourceEnvVarsSTSWebIDToken - // CredentialSourceSTSAssumeRole credentials resolved from STS using AssumeRole - CredentialSourceSTSAssumeRole - // CredentialSourceSTSAssumeRoleSaml credentials resolved from STS using assume role with SAML - CredentialSourceSTSAssumeRoleSaml - // CredentialSourceSTSAssumeRoleWebID credentials resolved from STS using assume role with web identity - CredentialSourceSTSAssumeRoleWebID - // CredentialSourceSTSFederationToken credentials resolved from STS using a federation token - CredentialSourceSTSFederationToken - // CredentialSourceSTSSessionToken credentials resolved from STS using a session token S - CredentialSourceSTSSessionToken - // CredentialSourceProfile credentials resolved from a config file(s) profile with static credentials - CredentialSourceProfile - // CredentialSourceProfileSourceProfile credentials resolved from a source profile in a config file(s) profile - CredentialSourceProfileSourceProfile - // CredentialSourceProfileNamedProvider credentials resolved from a named provider in a config file(s) profile (like EcsContainer) - CredentialSourceProfileNamedProvider - // CredentialSourceProfileSTSWebIDToken credentials resolved from configuration for assuming a role with STS using web identity token in a config file(s) profile - CredentialSourceProfileSTSWebIDToken - // CredentialSourceProfileSSO credentials resolved from an SSO session in a config file(s) profile - CredentialSourceProfileSSO - // CredentialSourceSSO credentials resolved from an SSO session - CredentialSourceSSO - // CredentialSourceProfileSSOLegacy credentials resolved from an SSO session in a config file(s) profile using legacy format - CredentialSourceProfileSSOLegacy - // CredentialSourceSSOLegacy credentials resolved from an SSO session using legacy format - CredentialSourceSSOLegacy - // CredentialSourceProfileProcess credentials resolved from a process in a config file(s) profile - CredentialSourceProfileProcess - // CredentialSourceProcess credentials resolved from a process - CredentialSourceProcess - // CredentialSourceHTTP credentials resolved from an HTTP endpoint - CredentialSourceHTTP - // CredentialSourceIMDS credentials resolved from the instance metadata service (IMDS) - CredentialSourceIMDS -) - -// A Credentials is the AWS credentials value for individual credential fields. -type Credentials struct { - // AWS Access key ID - AccessKeyID string - - // AWS Secret Access Key - SecretAccessKey string - - // AWS Session Token - SessionToken string - - // Source of the credentials - Source string - - // States if the credentials can expire or not. - CanExpire bool - - // The time the credentials will expire at. Should be ignored if CanExpire - // is false. - Expires time.Time - - // The ID of the account for the credentials. - AccountID string -} - -// Expired returns if the credentials have expired. -func (v Credentials) Expired() bool { - if v.CanExpire { - // Calling Round(0) on the current time will truncate the monotonic - // reading only. Ensures credential expiry time is always based on - // reported wall-clock time. - return !v.Expires.After(sdk.NowTime().Round(0)) - } - - return false -} - -// HasKeys returns if the credentials keys are set. -func (v Credentials) HasKeys() bool { - return len(v.AccessKeyID) > 0 && len(v.SecretAccessKey) > 0 -} - -// A CredentialsProvider is the interface for any component which will provide -// credentials Credentials. A CredentialsProvider is required to manage its own -// Expired state, and what to be expired means. -// -// A credentials provider implementation can be wrapped with a CredentialCache -// to cache the credential value retrieved. Without the cache the SDK will -// attempt to retrieve the credentials for every request. -type CredentialsProvider interface { - // Retrieve returns nil if it successfully retrieved the value. - // Error is returned if the value were not obtainable, or empty. - Retrieve(ctx context.Context) (Credentials, error) -} - -// CredentialProviderSource allows any credential provider to track -// all providers where a credential provider were sourced. For example, if the credentials came from a -// call to a role specified in the profile, this method will give the whole breadcrumb trail -type CredentialProviderSource interface { - ProviderSources() []CredentialSource -} - -// CredentialsProviderFunc provides a helper wrapping a function value to -// satisfy the CredentialsProvider interface. -type CredentialsProviderFunc func(context.Context) (Credentials, error) - -// Retrieve delegates to the function value the CredentialsProviderFunc wraps. -func (fn CredentialsProviderFunc) Retrieve(ctx context.Context) (Credentials, error) { - return fn(ctx) -} - -type isCredentialsProvider interface { - IsCredentialsProvider(CredentialsProvider) bool -} - -// IsCredentialsProvider returns whether the target CredentialProvider is the same type as provider when comparing the -// implementation type. -// -// If provider has a method IsCredentialsProvider(CredentialsProvider) bool it will be responsible for validating -// whether target matches the credential provider type. -// -// When comparing the CredentialProvider implementations provider and target for equality, the following rules are used: -// -// If provider is of type T and target is of type V, true if type *T is the same as type *V, otherwise false -// If provider is of type *T and target is of type V, true if type *T is the same as type *V, otherwise false -// If provider is of type T and target is of type *V, true if type *T is the same as type *V, otherwise false -// If provider is of type *T and target is of type *V,true if type *T is the same as type *V, otherwise false -func IsCredentialsProvider(provider, target CredentialsProvider) bool { - if target == nil || provider == nil { - return provider == target - } - - if x, ok := provider.(isCredentialsProvider); ok { - return x.IsCredentialsProvider(target) - } - - targetType := reflect.TypeOf(target) - if targetType.Kind() != reflect.Ptr { - targetType = reflect.PtrTo(targetType) - } - - providerType := reflect.TypeOf(provider) - if providerType.Kind() != reflect.Ptr { - providerType = reflect.PtrTo(providerType) - } - - return targetType.AssignableTo(providerType) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/auto.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/auto.go deleted file mode 100644 index fd408e51..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/auto.go +++ /dev/null @@ -1,38 +0,0 @@ -package defaults - -import ( - "github.com/aws/aws-sdk-go-v2/aws" - "runtime" - "strings" -) - -var getGOOS = func() string { - return runtime.GOOS -} - -// ResolveDefaultsModeAuto is used to determine the effective aws.DefaultsMode when the mode -// is set to aws.DefaultsModeAuto. -func ResolveDefaultsModeAuto(region string, environment aws.RuntimeEnvironment) aws.DefaultsMode { - goos := getGOOS() - if goos == "android" || goos == "ios" { - return aws.DefaultsModeMobile - } - - var currentRegion string - if len(environment.EnvironmentIdentifier) > 0 { - currentRegion = environment.Region - } - - if len(currentRegion) == 0 && len(environment.EC2InstanceMetadataRegion) > 0 { - currentRegion = environment.EC2InstanceMetadataRegion - } - - if len(region) > 0 && len(currentRegion) > 0 { - if strings.EqualFold(region, currentRegion) { - return aws.DefaultsModeInRegion - } - return aws.DefaultsModeCrossRegion - } - - return aws.DefaultsModeStandard -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/configuration.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/configuration.go deleted file mode 100644 index 8b7e01fa..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/configuration.go +++ /dev/null @@ -1,43 +0,0 @@ -package defaults - -import ( - "time" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -// Configuration is the set of SDK configuration options that are determined based -// on the configured DefaultsMode. -type Configuration struct { - // RetryMode is the configuration's default retry mode API clients should - // use for constructing a Retryer. - RetryMode aws.RetryMode - - // ConnectTimeout is the maximum amount of time a dial will wait for - // a connect to complete. - // - // See https://pkg.go.dev/net#Dialer.Timeout - ConnectTimeout *time.Duration - - // TLSNegotiationTimeout specifies the maximum amount of time waiting to - // wait for a TLS handshake. - // - // See https://pkg.go.dev/net/http#Transport.TLSHandshakeTimeout - TLSNegotiationTimeout *time.Duration -} - -// GetConnectTimeout returns the ConnectTimeout value, returns false if the value is not set. -func (c *Configuration) GetConnectTimeout() (time.Duration, bool) { - if c.ConnectTimeout == nil { - return 0, false - } - return *c.ConnectTimeout, true -} - -// GetTLSNegotiationTimeout returns the TLSNegotiationTimeout value, returns false if the value is not set. -func (c *Configuration) GetTLSNegotiationTimeout() (time.Duration, bool) { - if c.TLSNegotiationTimeout == nil { - return 0, false - } - return *c.TLSNegotiationTimeout, true -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/defaults.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/defaults.go deleted file mode 100644 index dbaa873d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/defaults.go +++ /dev/null @@ -1,50 +0,0 @@ -// Code generated by github.com/aws/aws-sdk-go-v2/internal/codegen/cmd/defaultsconfig. DO NOT EDIT. - -package defaults - -import ( - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - "time" -) - -// GetModeConfiguration returns the default Configuration descriptor for the given mode. -// -// Supports the following modes: cross-region, in-region, mobile, standard -func GetModeConfiguration(mode aws.DefaultsMode) (Configuration, error) { - var mv aws.DefaultsMode - mv.SetFromString(string(mode)) - - switch mv { - case aws.DefaultsModeCrossRegion: - settings := Configuration{ - ConnectTimeout: aws.Duration(3100 * time.Millisecond), - RetryMode: aws.RetryMode("standard"), - TLSNegotiationTimeout: aws.Duration(3100 * time.Millisecond), - } - return settings, nil - case aws.DefaultsModeInRegion: - settings := Configuration{ - ConnectTimeout: aws.Duration(1100 * time.Millisecond), - RetryMode: aws.RetryMode("standard"), - TLSNegotiationTimeout: aws.Duration(1100 * time.Millisecond), - } - return settings, nil - case aws.DefaultsModeMobile: - settings := Configuration{ - ConnectTimeout: aws.Duration(30000 * time.Millisecond), - RetryMode: aws.RetryMode("standard"), - TLSNegotiationTimeout: aws.Duration(30000 * time.Millisecond), - } - return settings, nil - case aws.DefaultsModeStandard: - settings := Configuration{ - ConnectTimeout: aws.Duration(3100 * time.Millisecond), - RetryMode: aws.RetryMode("standard"), - TLSNegotiationTimeout: aws.Duration(3100 * time.Millisecond), - } - return settings, nil - default: - return Configuration{}, fmt.Errorf("unsupported defaults mode: %v", mode) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/doc.go deleted file mode 100644 index 2d90011b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaults/doc.go +++ /dev/null @@ -1,2 +0,0 @@ -// Package defaults provides recommended configuration values for AWS SDKs and CLIs. -package defaults diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaultsmode.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/defaultsmode.go deleted file mode 100644 index fcf9387c..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/defaultsmode.go +++ /dev/null @@ -1,95 +0,0 @@ -// Code generated by github.com/aws/aws-sdk-go-v2/internal/codegen/cmd/defaultsmode. DO NOT EDIT. - -package aws - -import ( - "strings" -) - -// DefaultsMode is the SDK defaults mode setting. -type DefaultsMode string - -// The DefaultsMode constants. -const ( - // DefaultsModeAuto is an experimental mode that builds on the standard mode. - // The SDK will attempt to discover the execution environment to determine the - // appropriate settings automatically. - // - // Note that the auto detection is heuristics-based and does not guarantee 100% - // accuracy. STANDARD mode will be used if the execution environment cannot - // be determined. The auto detection might query EC2 Instance Metadata service - // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html), - // which might introduce latency. Therefore we recommend choosing an explicit - // defaults_mode instead if startup latency is critical to your application - DefaultsModeAuto DefaultsMode = "auto" - - // DefaultsModeCrossRegion builds on the standard mode and includes optimization - // tailored for applications which call AWS services in a different region - // - // Note that the default values vended from this mode might change as best practices - // may evolve. As a result, it is encouraged to perform tests when upgrading - // the SDK - DefaultsModeCrossRegion DefaultsMode = "cross-region" - - // DefaultsModeInRegion builds on the standard mode and includes optimization - // tailored for applications which call AWS services from within the same AWS - // region - // - // Note that the default values vended from this mode might change as best practices - // may evolve. As a result, it is encouraged to perform tests when upgrading - // the SDK - DefaultsModeInRegion DefaultsMode = "in-region" - - // DefaultsModeLegacy provides default settings that vary per SDK and were used - // prior to establishment of defaults_mode - DefaultsModeLegacy DefaultsMode = "legacy" - - // DefaultsModeMobile builds on the standard mode and includes optimization - // tailored for mobile applications - // - // Note that the default values vended from this mode might change as best practices - // may evolve. As a result, it is encouraged to perform tests when upgrading - // the SDK - DefaultsModeMobile DefaultsMode = "mobile" - - // DefaultsModeStandard provides the latest recommended default values that - // should be safe to run in most scenarios - // - // Note that the default values vended from this mode might change as best practices - // may evolve. As a result, it is encouraged to perform tests when upgrading - // the SDK - DefaultsModeStandard DefaultsMode = "standard" -) - -// SetFromString sets the DefaultsMode value to one of the pre-defined constants that matches -// the provided string when compared using EqualFold. If the value does not match a known -// constant it will be set to as-is and the function will return false. As a special case, if the -// provided value is a zero-length string, the mode will be set to LegacyDefaultsMode. -func (d *DefaultsMode) SetFromString(v string) (ok bool) { - switch { - case strings.EqualFold(v, string(DefaultsModeAuto)): - *d = DefaultsModeAuto - ok = true - case strings.EqualFold(v, string(DefaultsModeCrossRegion)): - *d = DefaultsModeCrossRegion - ok = true - case strings.EqualFold(v, string(DefaultsModeInRegion)): - *d = DefaultsModeInRegion - ok = true - case strings.EqualFold(v, string(DefaultsModeLegacy)): - *d = DefaultsModeLegacy - ok = true - case strings.EqualFold(v, string(DefaultsModeMobile)): - *d = DefaultsModeMobile - ok = true - case strings.EqualFold(v, string(DefaultsModeStandard)): - *d = DefaultsModeStandard - ok = true - case len(v) == 0: - *d = DefaultsModeLegacy - ok = true - default: - *d = DefaultsMode(v) - } - return ok -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/doc.go deleted file mode 100644 index d8b6e09e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/doc.go +++ /dev/null @@ -1,62 +0,0 @@ -// Package aws provides the core SDK's utilities and shared types. Use this package's -// utilities to simplify setting and reading API operations parameters. -// -// # Value and Pointer Conversion Utilities -// -// This package includes a helper conversion utility for each scalar type the SDK's -// API use. These utilities make getting a pointer of the scalar, and dereferencing -// a pointer easier. -// -// Each conversion utility comes in two forms. Value to Pointer and Pointer to Value. -// The Pointer to value will safely dereference the pointer and return its value. -// If the pointer was nil, the scalar's zero value will be returned. -// -// The value to pointer functions will be named after the scalar type. So get a -// *string from a string value use the "String" function. This makes it easy to -// to get pointer of a literal string value, because getting the address of a -// literal requires assigning the value to a variable first. -// -// var strPtr *string -// -// // Without the SDK's conversion functions -// str := "my string" -// strPtr = &str -// -// // With the SDK's conversion functions -// strPtr = aws.String("my string") -// -// // Convert *string to string value -// str = aws.ToString(strPtr) -// -// In addition to scalars the aws package also includes conversion utilities for -// map and slice for commonly types used in API parameters. The map and slice -// conversion functions use similar naming pattern as the scalar conversion -// functions. -// -// var strPtrs []*string -// var strs []string = []string{"Go", "Gophers", "Go"} -// -// // Convert []string to []*string -// strPtrs = aws.StringSlice(strs) -// -// // Convert []*string to []string -// strs = aws.ToStringSlice(strPtrs) -// -// # SDK Default HTTP Client -// -// The SDK will use the http.DefaultClient if a HTTP client is not provided to -// the SDK's Session, or service client constructor. This means that if the -// http.DefaultClient is modified by other components of your application the -// modifications will be picked up by the SDK as well. -// -// In some cases this might be intended, but it is a better practice to create -// a custom HTTP Client to share explicitly through your application. You can -// configure the SDK to use the custom HTTP Client by setting the HTTPClient -// value of the SDK's Config type when creating a Session or service client. -package aws - -// generate.go uses a build tag of "ignore", go run doesn't need to specify -// this because go run ignores all build flags when running a go file directly. -//go:generate go run -tags codegen generate.go -//go:generate go run -tags codegen logging_generate.go -//go:generate gofmt -w -s . diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/endpoints.go deleted file mode 100644 index 99edbf3e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/endpoints.go +++ /dev/null @@ -1,247 +0,0 @@ -package aws - -import ( - "fmt" -) - -// DualStackEndpointState is a constant to describe the dual-stack endpoint resolution behavior. -type DualStackEndpointState uint - -const ( - // DualStackEndpointStateUnset is the default value behavior for dual-stack endpoint resolution. - DualStackEndpointStateUnset DualStackEndpointState = iota - - // DualStackEndpointStateEnabled enables dual-stack endpoint resolution for service endpoints. - DualStackEndpointStateEnabled - - // DualStackEndpointStateDisabled disables dual-stack endpoint resolution for endpoints. - DualStackEndpointStateDisabled -) - -// GetUseDualStackEndpoint takes a service's EndpointResolverOptions and returns the UseDualStackEndpoint value. -// Returns boolean false if the provided options does not have a method to retrieve the DualStackEndpointState. -func GetUseDualStackEndpoint(options ...interface{}) (value DualStackEndpointState, found bool) { - type iface interface { - GetUseDualStackEndpoint() DualStackEndpointState - } - for _, option := range options { - if i, ok := option.(iface); ok { - value = i.GetUseDualStackEndpoint() - found = true - break - } - } - return value, found -} - -// FIPSEndpointState is a constant to describe the FIPS endpoint resolution behavior. -type FIPSEndpointState uint - -const ( - // FIPSEndpointStateUnset is the default value behavior for FIPS endpoint resolution. - FIPSEndpointStateUnset FIPSEndpointState = iota - - // FIPSEndpointStateEnabled enables FIPS endpoint resolution for service endpoints. - FIPSEndpointStateEnabled - - // FIPSEndpointStateDisabled disables FIPS endpoint resolution for endpoints. - FIPSEndpointStateDisabled -) - -// GetUseFIPSEndpoint takes a service's EndpointResolverOptions and returns the UseDualStackEndpoint value. -// Returns boolean false if the provided options does not have a method to retrieve the DualStackEndpointState. -func GetUseFIPSEndpoint(options ...interface{}) (value FIPSEndpointState, found bool) { - type iface interface { - GetUseFIPSEndpoint() FIPSEndpointState - } - for _, option := range options { - if i, ok := option.(iface); ok { - value = i.GetUseFIPSEndpoint() - found = true - break - } - } - return value, found -} - -// Endpoint represents the endpoint a service client should make API operation -// calls to. -// -// The SDK will automatically resolve these endpoints per API client using an -// internal endpoint resolvers. If you'd like to provide custom endpoint -// resolving behavior you can implement the EndpointResolver interface. -// -// Deprecated: This structure was used with the global [EndpointResolver] -// interface, which has been deprecated in favor of service-specific endpoint -// resolution. See the deprecation docs on that interface for more information. -type Endpoint struct { - // The base URL endpoint the SDK API clients will use to make API calls to. - // The SDK will suffix URI path and query elements to this endpoint. - URL string - - // Specifies if the endpoint's hostname can be modified by the SDK's API - // client. - // - // If the hostname is mutable the SDK API clients may modify any part of - // the hostname based on the requirements of the API, (e.g. adding, or - // removing content in the hostname). Such as, Amazon S3 API client - // prefixing "bucketname" to the hostname, or changing the - // hostname service name component from "s3." to "s3-accesspoint.dualstack." - // for the dualstack endpoint of an S3 Accesspoint resource. - // - // Care should be taken when providing a custom endpoint for an API. If the - // endpoint hostname is mutable, and the client cannot modify the endpoint - // correctly, the operation call will most likely fail, or have undefined - // behavior. - // - // If hostname is immutable, the SDK API clients will not modify the - // hostname of the URL. This may cause the API client not to function - // correctly if the API requires the operation specific hostname values - // to be used by the client. - // - // This flag does not modify the API client's behavior if this endpoint - // will be used instead of Endpoint Discovery, or if the endpoint will be - // used to perform Endpoint Discovery. That behavior is configured via the - // API Client's Options. - HostnameImmutable bool - - // The AWS partition the endpoint belongs to. - PartitionID string - - // The service name that should be used for signing the requests to the - // endpoint. - SigningName string - - // The region that should be used for signing the request to the endpoint. - SigningRegion string - - // The signing method that should be used for signing the requests to the - // endpoint. - SigningMethod string - - // The source of the Endpoint. By default, this will be EndpointSourceServiceMetadata. - // When providing a custom endpoint, you should set the source as EndpointSourceCustom. - // If source is not provided when providing a custom endpoint, the SDK may not - // perform required host mutations correctly. Source should be used along with - // HostnameImmutable property as per the usage requirement. - Source EndpointSource -} - -// EndpointSource is the endpoint source type. -// -// Deprecated: The global [Endpoint] structure is deprecated. -type EndpointSource int - -const ( - // EndpointSourceServiceMetadata denotes service modeled endpoint metadata is used as Endpoint Source. - EndpointSourceServiceMetadata EndpointSource = iota - - // EndpointSourceCustom denotes endpoint is a custom endpoint. This source should be used when - // user provides a custom endpoint to be used by the SDK. - EndpointSourceCustom -) - -// EndpointNotFoundError is a sentinel error to indicate that the -// EndpointResolver implementation was unable to resolve an endpoint for the -// given service and region. Resolvers should use this to indicate that an API -// client should fallback and attempt to use it's internal default resolver to -// resolve the endpoint. -type EndpointNotFoundError struct { - Err error -} - -// Error is the error message. -func (e *EndpointNotFoundError) Error() string { - return fmt.Sprintf("endpoint not found, %v", e.Err) -} - -// Unwrap returns the underlying error. -func (e *EndpointNotFoundError) Unwrap() error { - return e.Err -} - -// EndpointResolver is an endpoint resolver that can be used to provide or -// override an endpoint for the given service and region. API clients will -// attempt to use the EndpointResolver first to resolve an endpoint if -// available. If the EndpointResolver returns an EndpointNotFoundError error, -// API clients will fallback to attempting to resolve the endpoint using its -// internal default endpoint resolver. -// -// Deprecated: The global endpoint resolution interface is deprecated. The API -// for endpoint resolution is now unique to each service and is set via the -// EndpointResolverV2 field on service client options. Setting a value for -// EndpointResolver on aws.Config or service client options will prevent you -// from using any endpoint-related service features released after the -// introduction of EndpointResolverV2. You may also encounter broken or -// unexpected behavior when using the old global interface with services that -// use many endpoint-related customizations such as S3. -type EndpointResolver interface { - ResolveEndpoint(service, region string) (Endpoint, error) -} - -// EndpointResolverFunc wraps a function to satisfy the EndpointResolver interface. -// -// Deprecated: The global endpoint resolution interface is deprecated. See -// deprecation docs on [EndpointResolver]. -type EndpointResolverFunc func(service, region string) (Endpoint, error) - -// ResolveEndpoint calls the wrapped function and returns the results. -func (e EndpointResolverFunc) ResolveEndpoint(service, region string) (Endpoint, error) { - return e(service, region) -} - -// EndpointResolverWithOptions is an endpoint resolver that can be used to provide or -// override an endpoint for the given service, region, and the service client's EndpointOptions. API clients will -// attempt to use the EndpointResolverWithOptions first to resolve an endpoint if -// available. If the EndpointResolverWithOptions returns an EndpointNotFoundError error, -// API clients will fallback to attempting to resolve the endpoint using its -// internal default endpoint resolver. -// -// Deprecated: The global endpoint resolution interface is deprecated. See -// deprecation docs on [EndpointResolver]. -type EndpointResolverWithOptions interface { - ResolveEndpoint(service, region string, options ...interface{}) (Endpoint, error) -} - -// EndpointResolverWithOptionsFunc wraps a function to satisfy the EndpointResolverWithOptions interface. -// -// Deprecated: The global endpoint resolution interface is deprecated. See -// deprecation docs on [EndpointResolver]. -type EndpointResolverWithOptionsFunc func(service, region string, options ...interface{}) (Endpoint, error) - -// ResolveEndpoint calls the wrapped function and returns the results. -func (e EndpointResolverWithOptionsFunc) ResolveEndpoint(service, region string, options ...interface{}) (Endpoint, error) { - return e(service, region, options...) -} - -// GetDisableHTTPS takes a service's EndpointResolverOptions and returns the DisableHTTPS value. -// Returns boolean false if the provided options does not have a method to retrieve the DisableHTTPS. -func GetDisableHTTPS(options ...interface{}) (value bool, found bool) { - type iface interface { - GetDisableHTTPS() bool - } - for _, option := range options { - if i, ok := option.(iface); ok { - value = i.GetDisableHTTPS() - found = true - break - } - } - return value, found -} - -// GetResolvedRegion takes a service's EndpointResolverOptions and returns the ResolvedRegion value. -// Returns boolean false if the provided options does not have a method to retrieve the ResolvedRegion. -func GetResolvedRegion(options ...interface{}) (value string, found bool) { - type iface interface { - GetResolvedRegion() string - } - for _, option := range options { - if i, ok := option.(iface); ok { - value = i.GetResolvedRegion() - found = true - break - } - } - return value, found -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/errors.go deleted file mode 100644 index f390a08f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/errors.go +++ /dev/null @@ -1,9 +0,0 @@ -package aws - -// MissingRegionError is an error that is returned if region configuration -// value was not found. -type MissingRegionError struct{} - -func (*MissingRegionError) Error() string { - return "an AWS region is required, but was not found" -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/from_ptr.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/from_ptr.go deleted file mode 100644 index 2394418e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/from_ptr.go +++ /dev/null @@ -1,365 +0,0 @@ -// Code generated by aws/generate.go DO NOT EDIT. - -package aws - -import ( - "github.com/aws/smithy-go/ptr" - "time" -) - -// ToBool returns bool value dereferenced if the passed -// in pointer was not nil. Returns a bool zero value if the -// pointer was nil. -func ToBool(p *bool) (v bool) { - return ptr.ToBool(p) -} - -// ToBoolSlice returns a slice of bool values, that are -// dereferenced if the passed in pointer was not nil. Returns a bool -// zero value if the pointer was nil. -func ToBoolSlice(vs []*bool) []bool { - return ptr.ToBoolSlice(vs) -} - -// ToBoolMap returns a map of bool values, that are -// dereferenced if the passed in pointer was not nil. The bool -// zero value is used if the pointer was nil. -func ToBoolMap(vs map[string]*bool) map[string]bool { - return ptr.ToBoolMap(vs) -} - -// ToByte returns byte value dereferenced if the passed -// in pointer was not nil. Returns a byte zero value if the -// pointer was nil. -func ToByte(p *byte) (v byte) { - return ptr.ToByte(p) -} - -// ToByteSlice returns a slice of byte values, that are -// dereferenced if the passed in pointer was not nil. Returns a byte -// zero value if the pointer was nil. -func ToByteSlice(vs []*byte) []byte { - return ptr.ToByteSlice(vs) -} - -// ToByteMap returns a map of byte values, that are -// dereferenced if the passed in pointer was not nil. The byte -// zero value is used if the pointer was nil. -func ToByteMap(vs map[string]*byte) map[string]byte { - return ptr.ToByteMap(vs) -} - -// ToString returns string value dereferenced if the passed -// in pointer was not nil. Returns a string zero value if the -// pointer was nil. -func ToString(p *string) (v string) { - return ptr.ToString(p) -} - -// ToStringSlice returns a slice of string values, that are -// dereferenced if the passed in pointer was not nil. Returns a string -// zero value if the pointer was nil. -func ToStringSlice(vs []*string) []string { - return ptr.ToStringSlice(vs) -} - -// ToStringMap returns a map of string values, that are -// dereferenced if the passed in pointer was not nil. The string -// zero value is used if the pointer was nil. -func ToStringMap(vs map[string]*string) map[string]string { - return ptr.ToStringMap(vs) -} - -// ToInt returns int value dereferenced if the passed -// in pointer was not nil. Returns a int zero value if the -// pointer was nil. -func ToInt(p *int) (v int) { - return ptr.ToInt(p) -} - -// ToIntSlice returns a slice of int values, that are -// dereferenced if the passed in pointer was not nil. Returns a int -// zero value if the pointer was nil. -func ToIntSlice(vs []*int) []int { - return ptr.ToIntSlice(vs) -} - -// ToIntMap returns a map of int values, that are -// dereferenced if the passed in pointer was not nil. The int -// zero value is used if the pointer was nil. -func ToIntMap(vs map[string]*int) map[string]int { - return ptr.ToIntMap(vs) -} - -// ToInt8 returns int8 value dereferenced if the passed -// in pointer was not nil. Returns a int8 zero value if the -// pointer was nil. -func ToInt8(p *int8) (v int8) { - return ptr.ToInt8(p) -} - -// ToInt8Slice returns a slice of int8 values, that are -// dereferenced if the passed in pointer was not nil. Returns a int8 -// zero value if the pointer was nil. -func ToInt8Slice(vs []*int8) []int8 { - return ptr.ToInt8Slice(vs) -} - -// ToInt8Map returns a map of int8 values, that are -// dereferenced if the passed in pointer was not nil. The int8 -// zero value is used if the pointer was nil. -func ToInt8Map(vs map[string]*int8) map[string]int8 { - return ptr.ToInt8Map(vs) -} - -// ToInt16 returns int16 value dereferenced if the passed -// in pointer was not nil. Returns a int16 zero value if the -// pointer was nil. -func ToInt16(p *int16) (v int16) { - return ptr.ToInt16(p) -} - -// ToInt16Slice returns a slice of int16 values, that are -// dereferenced if the passed in pointer was not nil. Returns a int16 -// zero value if the pointer was nil. -func ToInt16Slice(vs []*int16) []int16 { - return ptr.ToInt16Slice(vs) -} - -// ToInt16Map returns a map of int16 values, that are -// dereferenced if the passed in pointer was not nil. The int16 -// zero value is used if the pointer was nil. -func ToInt16Map(vs map[string]*int16) map[string]int16 { - return ptr.ToInt16Map(vs) -} - -// ToInt32 returns int32 value dereferenced if the passed -// in pointer was not nil. Returns a int32 zero value if the -// pointer was nil. -func ToInt32(p *int32) (v int32) { - return ptr.ToInt32(p) -} - -// ToInt32Slice returns a slice of int32 values, that are -// dereferenced if the passed in pointer was not nil. Returns a int32 -// zero value if the pointer was nil. -func ToInt32Slice(vs []*int32) []int32 { - return ptr.ToInt32Slice(vs) -} - -// ToInt32Map returns a map of int32 values, that are -// dereferenced if the passed in pointer was not nil. The int32 -// zero value is used if the pointer was nil. -func ToInt32Map(vs map[string]*int32) map[string]int32 { - return ptr.ToInt32Map(vs) -} - -// ToInt64 returns int64 value dereferenced if the passed -// in pointer was not nil. Returns a int64 zero value if the -// pointer was nil. -func ToInt64(p *int64) (v int64) { - return ptr.ToInt64(p) -} - -// ToInt64Slice returns a slice of int64 values, that are -// dereferenced if the passed in pointer was not nil. Returns a int64 -// zero value if the pointer was nil. -func ToInt64Slice(vs []*int64) []int64 { - return ptr.ToInt64Slice(vs) -} - -// ToInt64Map returns a map of int64 values, that are -// dereferenced if the passed in pointer was not nil. The int64 -// zero value is used if the pointer was nil. -func ToInt64Map(vs map[string]*int64) map[string]int64 { - return ptr.ToInt64Map(vs) -} - -// ToUint returns uint value dereferenced if the passed -// in pointer was not nil. Returns a uint zero value if the -// pointer was nil. -func ToUint(p *uint) (v uint) { - return ptr.ToUint(p) -} - -// ToUintSlice returns a slice of uint values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint -// zero value if the pointer was nil. -func ToUintSlice(vs []*uint) []uint { - return ptr.ToUintSlice(vs) -} - -// ToUintMap returns a map of uint values, that are -// dereferenced if the passed in pointer was not nil. The uint -// zero value is used if the pointer was nil. -func ToUintMap(vs map[string]*uint) map[string]uint { - return ptr.ToUintMap(vs) -} - -// ToUint8 returns uint8 value dereferenced if the passed -// in pointer was not nil. Returns a uint8 zero value if the -// pointer was nil. -func ToUint8(p *uint8) (v uint8) { - return ptr.ToUint8(p) -} - -// ToUint8Slice returns a slice of uint8 values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint8 -// zero value if the pointer was nil. -func ToUint8Slice(vs []*uint8) []uint8 { - return ptr.ToUint8Slice(vs) -} - -// ToUint8Map returns a map of uint8 values, that are -// dereferenced if the passed in pointer was not nil. The uint8 -// zero value is used if the pointer was nil. -func ToUint8Map(vs map[string]*uint8) map[string]uint8 { - return ptr.ToUint8Map(vs) -} - -// ToUint16 returns uint16 value dereferenced if the passed -// in pointer was not nil. Returns a uint16 zero value if the -// pointer was nil. -func ToUint16(p *uint16) (v uint16) { - return ptr.ToUint16(p) -} - -// ToUint16Slice returns a slice of uint16 values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint16 -// zero value if the pointer was nil. -func ToUint16Slice(vs []*uint16) []uint16 { - return ptr.ToUint16Slice(vs) -} - -// ToUint16Map returns a map of uint16 values, that are -// dereferenced if the passed in pointer was not nil. The uint16 -// zero value is used if the pointer was nil. -func ToUint16Map(vs map[string]*uint16) map[string]uint16 { - return ptr.ToUint16Map(vs) -} - -// ToUint32 returns uint32 value dereferenced if the passed -// in pointer was not nil. Returns a uint32 zero value if the -// pointer was nil. -func ToUint32(p *uint32) (v uint32) { - return ptr.ToUint32(p) -} - -// ToUint32Slice returns a slice of uint32 values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint32 -// zero value if the pointer was nil. -func ToUint32Slice(vs []*uint32) []uint32 { - return ptr.ToUint32Slice(vs) -} - -// ToUint32Map returns a map of uint32 values, that are -// dereferenced if the passed in pointer was not nil. The uint32 -// zero value is used if the pointer was nil. -func ToUint32Map(vs map[string]*uint32) map[string]uint32 { - return ptr.ToUint32Map(vs) -} - -// ToUint64 returns uint64 value dereferenced if the passed -// in pointer was not nil. Returns a uint64 zero value if the -// pointer was nil. -func ToUint64(p *uint64) (v uint64) { - return ptr.ToUint64(p) -} - -// ToUint64Slice returns a slice of uint64 values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint64 -// zero value if the pointer was nil. -func ToUint64Slice(vs []*uint64) []uint64 { - return ptr.ToUint64Slice(vs) -} - -// ToUint64Map returns a map of uint64 values, that are -// dereferenced if the passed in pointer was not nil. The uint64 -// zero value is used if the pointer was nil. -func ToUint64Map(vs map[string]*uint64) map[string]uint64 { - return ptr.ToUint64Map(vs) -} - -// ToFloat32 returns float32 value dereferenced if the passed -// in pointer was not nil. Returns a float32 zero value if the -// pointer was nil. -func ToFloat32(p *float32) (v float32) { - return ptr.ToFloat32(p) -} - -// ToFloat32Slice returns a slice of float32 values, that are -// dereferenced if the passed in pointer was not nil. Returns a float32 -// zero value if the pointer was nil. -func ToFloat32Slice(vs []*float32) []float32 { - return ptr.ToFloat32Slice(vs) -} - -// ToFloat32Map returns a map of float32 values, that are -// dereferenced if the passed in pointer was not nil. The float32 -// zero value is used if the pointer was nil. -func ToFloat32Map(vs map[string]*float32) map[string]float32 { - return ptr.ToFloat32Map(vs) -} - -// ToFloat64 returns float64 value dereferenced if the passed -// in pointer was not nil. Returns a float64 zero value if the -// pointer was nil. -func ToFloat64(p *float64) (v float64) { - return ptr.ToFloat64(p) -} - -// ToFloat64Slice returns a slice of float64 values, that are -// dereferenced if the passed in pointer was not nil. Returns a float64 -// zero value if the pointer was nil. -func ToFloat64Slice(vs []*float64) []float64 { - return ptr.ToFloat64Slice(vs) -} - -// ToFloat64Map returns a map of float64 values, that are -// dereferenced if the passed in pointer was not nil. The float64 -// zero value is used if the pointer was nil. -func ToFloat64Map(vs map[string]*float64) map[string]float64 { - return ptr.ToFloat64Map(vs) -} - -// ToTime returns time.Time value dereferenced if the passed -// in pointer was not nil. Returns a time.Time zero value if the -// pointer was nil. -func ToTime(p *time.Time) (v time.Time) { - return ptr.ToTime(p) -} - -// ToTimeSlice returns a slice of time.Time values, that are -// dereferenced if the passed in pointer was not nil. Returns a time.Time -// zero value if the pointer was nil. -func ToTimeSlice(vs []*time.Time) []time.Time { - return ptr.ToTimeSlice(vs) -} - -// ToTimeMap returns a map of time.Time values, that are -// dereferenced if the passed in pointer was not nil. The time.Time -// zero value is used if the pointer was nil. -func ToTimeMap(vs map[string]*time.Time) map[string]time.Time { - return ptr.ToTimeMap(vs) -} - -// ToDuration returns time.Duration value dereferenced if the passed -// in pointer was not nil. Returns a time.Duration zero value if the -// pointer was nil. -func ToDuration(p *time.Duration) (v time.Duration) { - return ptr.ToDuration(p) -} - -// ToDurationSlice returns a slice of time.Duration values, that are -// dereferenced if the passed in pointer was not nil. Returns a time.Duration -// zero value if the pointer was nil. -func ToDurationSlice(vs []*time.Duration) []time.Duration { - return ptr.ToDurationSlice(vs) -} - -// ToDurationMap returns a map of time.Duration values, that are -// dereferenced if the passed in pointer was not nil. The time.Duration -// zero value is used if the pointer was nil. -func ToDurationMap(vs map[string]*time.Duration) map[string]time.Duration { - return ptr.ToDurationMap(vs) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go deleted file mode 100644 index 8e930fc6..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package aws - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.36.3" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/logging.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/logging.go deleted file mode 100644 index 91c94d98..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/logging.go +++ /dev/null @@ -1,119 +0,0 @@ -// Code generated by aws/logging_generate.go DO NOT EDIT. - -package aws - -// ClientLogMode represents the logging mode of SDK clients. The client logging mode is a bit-field where -// each bit is a flag that describes the logging behavior for one or more client components. -// The entire 64-bit group is reserved for later expansion by the SDK. -// -// Example: Setting ClientLogMode to enable logging of retries and requests -// -// clientLogMode := aws.LogRetries | aws.LogRequest -// -// Example: Adding an additional log mode to an existing ClientLogMode value -// -// clientLogMode |= aws.LogResponse -type ClientLogMode uint64 - -// Supported ClientLogMode bits that can be configured to toggle logging of specific SDK events. -const ( - LogSigning ClientLogMode = 1 << (64 - 1 - iota) - LogRetries - LogRequest - LogRequestWithBody - LogResponse - LogResponseWithBody - LogDeprecatedUsage - LogRequestEventMessage - LogResponseEventMessage -) - -// IsSigning returns whether the Signing logging mode bit is set -func (m ClientLogMode) IsSigning() bool { - return m&LogSigning != 0 -} - -// IsRetries returns whether the Retries logging mode bit is set -func (m ClientLogMode) IsRetries() bool { - return m&LogRetries != 0 -} - -// IsRequest returns whether the Request logging mode bit is set -func (m ClientLogMode) IsRequest() bool { - return m&LogRequest != 0 -} - -// IsRequestWithBody returns whether the RequestWithBody logging mode bit is set -func (m ClientLogMode) IsRequestWithBody() bool { - return m&LogRequestWithBody != 0 -} - -// IsResponse returns whether the Response logging mode bit is set -func (m ClientLogMode) IsResponse() bool { - return m&LogResponse != 0 -} - -// IsResponseWithBody returns whether the ResponseWithBody logging mode bit is set -func (m ClientLogMode) IsResponseWithBody() bool { - return m&LogResponseWithBody != 0 -} - -// IsDeprecatedUsage returns whether the DeprecatedUsage logging mode bit is set -func (m ClientLogMode) IsDeprecatedUsage() bool { - return m&LogDeprecatedUsage != 0 -} - -// IsRequestEventMessage returns whether the RequestEventMessage logging mode bit is set -func (m ClientLogMode) IsRequestEventMessage() bool { - return m&LogRequestEventMessage != 0 -} - -// IsResponseEventMessage returns whether the ResponseEventMessage logging mode bit is set -func (m ClientLogMode) IsResponseEventMessage() bool { - return m&LogResponseEventMessage != 0 -} - -// ClearSigning clears the Signing logging mode bit -func (m *ClientLogMode) ClearSigning() { - *m &^= LogSigning -} - -// ClearRetries clears the Retries logging mode bit -func (m *ClientLogMode) ClearRetries() { - *m &^= LogRetries -} - -// ClearRequest clears the Request logging mode bit -func (m *ClientLogMode) ClearRequest() { - *m &^= LogRequest -} - -// ClearRequestWithBody clears the RequestWithBody logging mode bit -func (m *ClientLogMode) ClearRequestWithBody() { - *m &^= LogRequestWithBody -} - -// ClearResponse clears the Response logging mode bit -func (m *ClientLogMode) ClearResponse() { - *m &^= LogResponse -} - -// ClearResponseWithBody clears the ResponseWithBody logging mode bit -func (m *ClientLogMode) ClearResponseWithBody() { - *m &^= LogResponseWithBody -} - -// ClearDeprecatedUsage clears the DeprecatedUsage logging mode bit -func (m *ClientLogMode) ClearDeprecatedUsage() { - *m &^= LogDeprecatedUsage -} - -// ClearRequestEventMessage clears the RequestEventMessage logging mode bit -func (m *ClientLogMode) ClearRequestEventMessage() { - *m &^= LogRequestEventMessage -} - -// ClearResponseEventMessage clears the ResponseEventMessage logging mode bit -func (m *ClientLogMode) ClearResponseEventMessage() { - *m &^= LogResponseEventMessage -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/logging_generate.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/logging_generate.go deleted file mode 100644 index 6ecc2231..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/logging_generate.go +++ /dev/null @@ -1,95 +0,0 @@ -//go:build clientlogmode -// +build clientlogmode - -package main - -import ( - "fmt" - "log" - "os" - "strings" - "text/template" -) - -var config = struct { - ModeBits []string -}{ - // Items should be appended only to keep bit-flag positions stable - ModeBits: []string{ - "Signing", - "Retries", - "Request", - "RequestWithBody", - "Response", - "ResponseWithBody", - "DeprecatedUsage", - "RequestEventMessage", - "ResponseEventMessage", - }, -} - -func bitName(name string) string { - return strings.ToUpper(name[:1]) + name[1:] -} - -var tmpl = template.Must(template.New("ClientLogMode").Funcs(map[string]interface{}{ - "symbolName": func(name string) string { - return "Log" + bitName(name) - }, - "bitName": bitName, -}).Parse(`// Code generated by aws/logging_generate.go DO NOT EDIT. - -package aws - -// ClientLogMode represents the logging mode of SDK clients. The client logging mode is a bit-field where -// each bit is a flag that describes the logging behavior for one or more client components. -// The entire 64-bit group is reserved for later expansion by the SDK. -// -// Example: Setting ClientLogMode to enable logging of retries and requests -// clientLogMode := aws.LogRetries | aws.LogRequest -// -// Example: Adding an additional log mode to an existing ClientLogMode value -// clientLogMode |= aws.LogResponse -type ClientLogMode uint64 - -// Supported ClientLogMode bits that can be configured to toggle logging of specific SDK events. -const ( -{{- range $index, $field := .ModeBits }} - {{ (symbolName $field) }}{{- if (eq 0 $index) }} ClientLogMode = 1 << (64 - 1 - iota){{- end }} -{{- end }} -) -{{ range $_, $field := .ModeBits }} -// Is{{- bitName $field }} returns whether the {{ bitName $field }} logging mode bit is set -func (m ClientLogMode) Is{{- bitName $field }}() bool { - return m&{{- (symbolName $field) }} != 0 -} -{{ end }} -{{- range $_, $field := .ModeBits }} -// Clear{{- bitName $field }} clears the {{ bitName $field }} logging mode bit -func (m *ClientLogMode) Clear{{- bitName $field }}() { - *m &^= {{ (symbolName $field) }} -} -{{ end -}} -`)) - -func main() { - uniqueBitFields := make(map[string]struct{}) - - for _, bitName := range config.ModeBits { - if _, ok := uniqueBitFields[strings.ToLower(bitName)]; ok { - panic(fmt.Sprintf("duplicate bit field: %s", bitName)) - } - uniqueBitFields[bitName] = struct{}{} - } - - file, err := os.Create("logging.go") - if err != nil { - log.Fatal(err) - } - defer file.Close() - - err = tmpl.Execute(file, config) - if err != nil { - log.Fatal(err) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/metadata.go deleted file mode 100644 index d66f0960..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/metadata.go +++ /dev/null @@ -1,213 +0,0 @@ -package middleware - -import ( - "context" - - "github.com/aws/aws-sdk-go-v2/aws" - - "github.com/aws/smithy-go/middleware" -) - -// RegisterServiceMetadata registers metadata about the service and operation into the middleware context -// so that it is available at runtime for other middleware to introspect. -type RegisterServiceMetadata struct { - ServiceID string - SigningName string - Region string - OperationName string -} - -// ID returns the middleware identifier. -func (s *RegisterServiceMetadata) ID() string { - return "RegisterServiceMetadata" -} - -// HandleInitialize registers service metadata information into the middleware context, allowing for introspection. -func (s RegisterServiceMetadata) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) (out middleware.InitializeOutput, metadata middleware.Metadata, err error) { - if len(s.ServiceID) > 0 { - ctx = SetServiceID(ctx, s.ServiceID) - } - if len(s.SigningName) > 0 { - ctx = SetSigningName(ctx, s.SigningName) - } - if len(s.Region) > 0 { - ctx = setRegion(ctx, s.Region) - } - if len(s.OperationName) > 0 { - ctx = setOperationName(ctx, s.OperationName) - } - return next.HandleInitialize(ctx, in) -} - -// service metadata keys for storing and lookup of runtime stack information. -type ( - serviceIDKey struct{} - signingNameKey struct{} - signingRegionKey struct{} - regionKey struct{} - operationNameKey struct{} - partitionIDKey struct{} - requiresLegacyEndpointsKey struct{} -) - -// GetServiceID retrieves the service id from the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func GetServiceID(ctx context.Context) (v string) { - v, _ = middleware.GetStackValue(ctx, serviceIDKey{}).(string) - return v -} - -// GetSigningName retrieves the service signing name from the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -// -// Deprecated: This value is unstable. The resolved signing name is available -// in the signer properties object passed to the signer. -func GetSigningName(ctx context.Context) (v string) { - v, _ = middleware.GetStackValue(ctx, signingNameKey{}).(string) - return v -} - -// GetSigningRegion retrieves the region from the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -// -// Deprecated: This value is unstable. The resolved signing region is available -// in the signer properties object passed to the signer. -func GetSigningRegion(ctx context.Context) (v string) { - v, _ = middleware.GetStackValue(ctx, signingRegionKey{}).(string) - return v -} - -// GetRegion retrieves the endpoint region from the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func GetRegion(ctx context.Context) (v string) { - v, _ = middleware.GetStackValue(ctx, regionKey{}).(string) - return v -} - -// GetOperationName retrieves the service operation metadata from the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func GetOperationName(ctx context.Context) (v string) { - v, _ = middleware.GetStackValue(ctx, operationNameKey{}).(string) - return v -} - -// GetPartitionID retrieves the endpoint partition id from the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func GetPartitionID(ctx context.Context) string { - v, _ := middleware.GetStackValue(ctx, partitionIDKey{}).(string) - return v -} - -// GetRequiresLegacyEndpoints the flag used to indicate if legacy endpoint -// customizations need to be executed. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func GetRequiresLegacyEndpoints(ctx context.Context) bool { - v, _ := middleware.GetStackValue(ctx, requiresLegacyEndpointsKey{}).(bool) - return v -} - -// SetRequiresLegacyEndpoints set or modifies the flag indicated that -// legacy endpoint customizations are needed. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func SetRequiresLegacyEndpoints(ctx context.Context, value bool) context.Context { - return middleware.WithStackValue(ctx, requiresLegacyEndpointsKey{}, value) -} - -// SetSigningName set or modifies the sigv4 or sigv4a signing name on the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -// -// Deprecated: This value is unstable. Use WithSigV4SigningName client option -// funcs instead. -func SetSigningName(ctx context.Context, value string) context.Context { - return middleware.WithStackValue(ctx, signingNameKey{}, value) -} - -// SetSigningRegion sets or modifies the region on the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -// -// Deprecated: This value is unstable. Use WithSigV4SigningRegion client option -// funcs instead. -func SetSigningRegion(ctx context.Context, value string) context.Context { - return middleware.WithStackValue(ctx, signingRegionKey{}, value) -} - -// SetServiceID sets the service id on the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func SetServiceID(ctx context.Context, value string) context.Context { - return middleware.WithStackValue(ctx, serviceIDKey{}, value) -} - -// setRegion sets the endpoint region on the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func setRegion(ctx context.Context, value string) context.Context { - return middleware.WithStackValue(ctx, regionKey{}, value) -} - -// setOperationName sets the service operation on the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func setOperationName(ctx context.Context, value string) context.Context { - return middleware.WithStackValue(ctx, operationNameKey{}, value) -} - -// SetPartitionID sets the partition id of a resolved region on the context -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func SetPartitionID(ctx context.Context, value string) context.Context { - return middleware.WithStackValue(ctx, partitionIDKey{}, value) -} - -// EndpointSource key -type endpointSourceKey struct{} - -// GetEndpointSource returns an endpoint source if set on context -func GetEndpointSource(ctx context.Context) (v aws.EndpointSource) { - v, _ = middleware.GetStackValue(ctx, endpointSourceKey{}).(aws.EndpointSource) - return v -} - -// SetEndpointSource sets endpoint source on context -func SetEndpointSource(ctx context.Context, value aws.EndpointSource) context.Context { - return middleware.WithStackValue(ctx, endpointSourceKey{}, value) -} - -type signingCredentialsKey struct{} - -// GetSigningCredentials returns the credentials that were used for signing if set on context. -func GetSigningCredentials(ctx context.Context) (v aws.Credentials) { - v, _ = middleware.GetStackValue(ctx, signingCredentialsKey{}).(aws.Credentials) - return v -} - -// SetSigningCredentials sets the credentails used for signing on the context. -func SetSigningCredentials(ctx context.Context, value aws.Credentials) context.Context { - return middleware.WithStackValue(ctx, signingCredentialsKey{}, value) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/middleware.go deleted file mode 100644 index 6d5f0079..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/middleware.go +++ /dev/null @@ -1,168 +0,0 @@ -package middleware - -import ( - "context" - "fmt" - "time" - - "github.com/aws/aws-sdk-go-v2/internal/rand" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/middleware" - smithyrand "github.com/aws/smithy-go/rand" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// ClientRequestID is a Smithy BuildMiddleware that will generate a unique ID for logical API operation -// invocation. -type ClientRequestID struct{} - -// ID the identifier for the ClientRequestID -func (r *ClientRequestID) ID() string { - return "ClientRequestID" -} - -// HandleBuild attaches a unique operation invocation id for the operation to the request -func (r ClientRequestID) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", req) - } - - invocationID, err := smithyrand.NewUUID(rand.Reader).GetUUID() - if err != nil { - return out, metadata, err - } - - const invocationIDHeader = "Amz-Sdk-Invocation-Id" - req.Header[invocationIDHeader] = append(req.Header[invocationIDHeader][:0], invocationID) - - return next.HandleBuild(ctx, in) -} - -// RecordResponseTiming records the response timing for the SDK client requests. -type RecordResponseTiming struct{} - -// ID is the middleware identifier -func (a *RecordResponseTiming) ID() string { - return "RecordResponseTiming" -} - -// HandleDeserialize calculates response metadata and clock skew -func (a RecordResponseTiming) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - responseAt := sdk.NowTime() - setResponseAt(&metadata, responseAt) - - var serverTime time.Time - - switch resp := out.RawResponse.(type) { - case *smithyhttp.Response: - respDateHeader := resp.Header.Get("Date") - if len(respDateHeader) == 0 { - break - } - var parseErr error - serverTime, parseErr = smithyhttp.ParseTime(respDateHeader) - if parseErr != nil { - logger := middleware.GetLogger(ctx) - logger.Logf(logging.Warn, "failed to parse response Date header value, got %v", - parseErr.Error()) - break - } - setServerTime(&metadata, serverTime) - } - - if !serverTime.IsZero() { - attemptSkew := serverTime.Sub(responseAt) - setAttemptSkew(&metadata, attemptSkew) - } - - return out, metadata, err -} - -type responseAtKey struct{} - -// GetResponseAt returns the time response was received at. -func GetResponseAt(metadata middleware.Metadata) (v time.Time, ok bool) { - v, ok = metadata.Get(responseAtKey{}).(time.Time) - return v, ok -} - -// setResponseAt sets the response time on the metadata. -func setResponseAt(metadata *middleware.Metadata, v time.Time) { - metadata.Set(responseAtKey{}, v) -} - -type serverTimeKey struct{} - -// GetServerTime returns the server time for response. -func GetServerTime(metadata middleware.Metadata) (v time.Time, ok bool) { - v, ok = metadata.Get(serverTimeKey{}).(time.Time) - return v, ok -} - -// setServerTime sets the server time on the metadata. -func setServerTime(metadata *middleware.Metadata, v time.Time) { - metadata.Set(serverTimeKey{}, v) -} - -type attemptSkewKey struct{} - -// GetAttemptSkew returns Attempt clock skew for response from metadata. -func GetAttemptSkew(metadata middleware.Metadata) (v time.Duration, ok bool) { - v, ok = metadata.Get(attemptSkewKey{}).(time.Duration) - return v, ok -} - -// setAttemptSkew sets the attempt clock skew on the metadata. -func setAttemptSkew(metadata *middleware.Metadata, v time.Duration) { - metadata.Set(attemptSkewKey{}, v) -} - -// AddClientRequestIDMiddleware adds ClientRequestID to the middleware stack -func AddClientRequestIDMiddleware(stack *middleware.Stack) error { - return stack.Build.Add(&ClientRequestID{}, middleware.After) -} - -// AddRecordResponseTiming adds RecordResponseTiming middleware to the -// middleware stack. -func AddRecordResponseTiming(stack *middleware.Stack) error { - return stack.Deserialize.Add(&RecordResponseTiming{}, middleware.After) -} - -// rawResponseKey is the accessor key used to store and access the -// raw response within the response metadata. -type rawResponseKey struct{} - -// AddRawResponse middleware adds raw response on to the metadata -type AddRawResponse struct{} - -// ID the identifier for the ClientRequestID -func (m *AddRawResponse) ID() string { - return "AddRawResponseToMetadata" -} - -// HandleDeserialize adds raw response on the middleware metadata -func (m AddRawResponse) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - metadata.Set(rawResponseKey{}, out.RawResponse) - return out, metadata, err -} - -// AddRawResponseToMetadata adds middleware to the middleware stack that -// store raw response on to the metadata. -func AddRawResponseToMetadata(stack *middleware.Stack) error { - return stack.Deserialize.Add(&AddRawResponse{}, middleware.Before) -} - -// GetRawResponse returns raw response set on metadata -func GetRawResponse(metadata middleware.Metadata) interface{} { - return metadata.Get(rawResponseKey{}) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/osname.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/osname.go deleted file mode 100644 index ba262dad..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/osname.go +++ /dev/null @@ -1,24 +0,0 @@ -//go:build go1.16 -// +build go1.16 - -package middleware - -import "runtime" - -func getNormalizedOSName() (os string) { - switch runtime.GOOS { - case "android": - os = "android" - case "linux": - os = "linux" - case "windows": - os = "windows" - case "darwin": - os = "macos" - case "ios": - os = "ios" - default: - os = "other" - } - return os -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/osname_go115.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/osname_go115.go deleted file mode 100644 index e14a1e4e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/osname_go115.go +++ /dev/null @@ -1,24 +0,0 @@ -//go:build !go1.16 -// +build !go1.16 - -package middleware - -import "runtime" - -func getNormalizedOSName() (os string) { - switch runtime.GOOS { - case "android": - os = "android" - case "linux": - os = "linux" - case "windows": - os = "windows" - case "darwin": - // Due to Apple M1 we can't distinguish between macOS and iOS when GOOS/GOARCH is darwin/amd64 - // For now declare this as "other" until we have a better detection mechanism. - fallthrough - default: - os = "other" - } - return os -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/recursion_detection.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/recursion_detection.go deleted file mode 100644 index 3f6aaf23..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/recursion_detection.go +++ /dev/null @@ -1,94 +0,0 @@ -package middleware - -import ( - "context" - "fmt" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" - "os" -) - -const envAwsLambdaFunctionName = "AWS_LAMBDA_FUNCTION_NAME" -const envAmznTraceID = "_X_AMZN_TRACE_ID" -const amznTraceIDHeader = "X-Amzn-Trace-Id" - -// AddRecursionDetection adds recursionDetection to the middleware stack -func AddRecursionDetection(stack *middleware.Stack) error { - return stack.Build.Add(&RecursionDetection{}, middleware.After) -} - -// RecursionDetection detects Lambda environment and sets its X-Ray trace ID to request header if absent -// to avoid recursion invocation in Lambda -type RecursionDetection struct{} - -// ID returns the middleware identifier -func (m *RecursionDetection) ID() string { - return "RecursionDetection" -} - -// HandleBuild detects Lambda environment and adds its trace ID to request header if absent -func (m *RecursionDetection) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, -) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown request type %T", req) - } - - _, hasLambdaEnv := os.LookupEnv(envAwsLambdaFunctionName) - xAmznTraceID, hasTraceID := os.LookupEnv(envAmznTraceID) - value := req.Header.Get(amznTraceIDHeader) - // only set the X-Amzn-Trace-Id header when it is not set initially, the - // current environment is Lambda and the _X_AMZN_TRACE_ID env variable exists - if value != "" || !hasLambdaEnv || !hasTraceID { - return next.HandleBuild(ctx, in) - } - - req.Header.Set(amznTraceIDHeader, percentEncode(xAmznTraceID)) - return next.HandleBuild(ctx, in) -} - -func percentEncode(s string) string { - upperhex := "0123456789ABCDEF" - hexCount := 0 - for i := 0; i < len(s); i++ { - c := s[i] - if shouldEncode(c) { - hexCount++ - } - } - - if hexCount == 0 { - return s - } - - required := len(s) + 2*hexCount - t := make([]byte, required) - j := 0 - for i := 0; i < len(s); i++ { - if c := s[i]; shouldEncode(c) { - t[j] = '%' - t[j+1] = upperhex[c>>4] - t[j+2] = upperhex[c&15] - j += 3 - } else { - t[j] = c - j++ - } - } - return string(t) -} - -func shouldEncode(c byte) bool { - if 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z' || '0' <= c && c <= '9' { - return false - } - switch c { - case '-', '=', ';', ':', '+', '&', '[', ']', '{', '}', '"', '\'', ',': - return false - default: - return true - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id.go deleted file mode 100644 index dd3391fe..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id.go +++ /dev/null @@ -1,27 +0,0 @@ -package middleware - -import ( - "github.com/aws/smithy-go/middleware" -) - -// requestIDKey is used to retrieve request id from response metadata -type requestIDKey struct{} - -// SetRequestIDMetadata sets the provided request id over middleware metadata -func SetRequestIDMetadata(metadata *middleware.Metadata, id string) { - metadata.Set(requestIDKey{}, id) -} - -// GetRequestIDMetadata retrieves the request id from middleware metadata -// returns string and bool indicating value of request id, whether request id was set. -func GetRequestIDMetadata(metadata middleware.Metadata) (string, bool) { - if !metadata.Has(requestIDKey{}) { - return "", false - } - - v, ok := metadata.Get(requestIDKey{}).(string) - if !ok { - return "", true - } - return v, true -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id_retriever.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id_retriever.go deleted file mode 100644 index 128b60a7..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/request_id_retriever.go +++ /dev/null @@ -1,57 +0,0 @@ -package middleware - -import ( - "context" - - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// AddRequestIDRetrieverMiddleware adds request id retriever middleware -func AddRequestIDRetrieverMiddleware(stack *middleware.Stack) error { - // add error wrapper middleware before operation deserializers so that it can wrap the error response - // returned by operation deserializers - return stack.Deserialize.Insert(&RequestIDRetriever{}, "OperationDeserializer", middleware.Before) -} - -// RequestIDRetriever middleware captures the AWS service request ID from the -// raw response. -type RequestIDRetriever struct { -} - -// ID returns the middleware identifier -func (m *RequestIDRetriever) ID() string { - return "RequestIDRetriever" -} - -// HandleDeserialize pulls the AWS request ID from the response, storing it in -// operation metadata. -func (m *RequestIDRetriever) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - - resp, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - // No raw response to wrap with. - return out, metadata, err - } - - // Different header which can map to request id - requestIDHeaderList := []string{"X-Amzn-Requestid", "X-Amz-RequestId"} - - for _, h := range requestIDHeaderList { - // check for headers known to contain Request id - if v := resp.Header.Get(h); len(v) != 0 { - // set reqID on metadata for successful responses. - SetRequestIDMetadata(&metadata, v) - - span, _ := tracing.GetSpan(ctx) - span.SetProperty("aws.request_id", v) - break - } - } - - return out, metadata, err -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go deleted file mode 100644 index 6ee3391b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/middleware/user_agent.go +++ /dev/null @@ -1,391 +0,0 @@ -package middleware - -import ( - "context" - "fmt" - "os" - "runtime" - "sort" - "strings" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -var languageVersion = strings.TrimPrefix(runtime.Version(), "go") - -// SDKAgentKeyType is the metadata type to add to the SDK agent string -type SDKAgentKeyType int - -// The set of valid SDKAgentKeyType constants. If an unknown value is assigned for SDKAgentKeyType it will -// be mapped to AdditionalMetadata. -const ( - _ SDKAgentKeyType = iota - APIMetadata - OperatingSystemMetadata - LanguageMetadata - EnvironmentMetadata - FeatureMetadata - ConfigMetadata - FrameworkMetadata - AdditionalMetadata - ApplicationIdentifier - FeatureMetadata2 -) - -// Hardcoded value to specify which version of the user agent we're using -const uaMetadata = "ua/2.1" - -func (k SDKAgentKeyType) string() string { - switch k { - case APIMetadata: - return "api" - case OperatingSystemMetadata: - return "os" - case LanguageMetadata: - return "lang" - case EnvironmentMetadata: - return "exec-env" - case FeatureMetadata: - return "ft" - case ConfigMetadata: - return "cfg" - case FrameworkMetadata: - return "lib" - case ApplicationIdentifier: - return "app" - case FeatureMetadata2: - return "m" - case AdditionalMetadata: - fallthrough - default: - return "md" - } -} - -const execEnvVar = `AWS_EXECUTION_ENV` - -var validChars = map[rune]bool{ - '!': true, '#': true, '$': true, '%': true, '&': true, '\'': true, '*': true, '+': true, - '-': true, '.': true, '^': true, '_': true, '`': true, '|': true, '~': true, -} - -// UserAgentFeature enumerates tracked SDK features. -type UserAgentFeature string - -// Enumerates UserAgentFeature. -const ( - UserAgentFeatureResourceModel UserAgentFeature = "A" // n/a (we don't generate separate resource types) - - UserAgentFeatureWaiter = "B" - UserAgentFeaturePaginator = "C" - - UserAgentFeatureRetryModeLegacy = "D" // n/a (equivalent to standard) - UserAgentFeatureRetryModeStandard = "E" - UserAgentFeatureRetryModeAdaptive = "F" - - UserAgentFeatureS3Transfer = "G" - UserAgentFeatureS3CryptoV1N = "H" // n/a (crypto client is external) - UserAgentFeatureS3CryptoV2 = "I" // n/a - UserAgentFeatureS3ExpressBucket = "J" - UserAgentFeatureS3AccessGrants = "K" // not yet implemented - - UserAgentFeatureGZIPRequestCompression = "L" - - UserAgentFeatureProtocolRPCV2CBOR = "M" - - UserAgentFeatureAccountIDEndpoint = "O" // DO NOT IMPLEMENT: rules output is not currently defined. SDKs should not parse endpoints for feature information. - UserAgentFeatureAccountIDModePreferred = "P" - UserAgentFeatureAccountIDModeDisabled = "Q" - UserAgentFeatureAccountIDModeRequired = "R" - - UserAgentFeatureRequestChecksumCRC32 = "U" - UserAgentFeatureRequestChecksumCRC32C = "V" - UserAgentFeatureRequestChecksumCRC64 = "W" - UserAgentFeatureRequestChecksumSHA1 = "X" - UserAgentFeatureRequestChecksumSHA256 = "Y" - UserAgentFeatureRequestChecksumWhenSupported = "Z" - UserAgentFeatureRequestChecksumWhenRequired = "a" - UserAgentFeatureResponseChecksumWhenSupported = "b" - UserAgentFeatureResponseChecksumWhenRequired = "c" - - UserAgentFeatureDynamoDBUserAgent = "d" // not yet implemented - - UserAgentFeatureCredentialsCode = "e" - UserAgentFeatureCredentialsJvmSystemProperties = "f" // n/a (this is not a JVM sdk) - UserAgentFeatureCredentialsEnvVars = "g" - UserAgentFeatureCredentialsEnvVarsStsWebIDToken = "h" - UserAgentFeatureCredentialsStsAssumeRole = "i" - UserAgentFeatureCredentialsStsAssumeRoleSaml = "j" // not yet implemented - UserAgentFeatureCredentialsStsAssumeRoleWebID = "k" - UserAgentFeatureCredentialsStsFederationToken = "l" // not yet implemented - UserAgentFeatureCredentialsStsSessionToken = "m" // not yet implemented - UserAgentFeatureCredentialsProfile = "n" - UserAgentFeatureCredentialsProfileSourceProfile = "o" - UserAgentFeatureCredentialsProfileNamedProvider = "p" - UserAgentFeatureCredentialsProfileStsWebIDToken = "q" - UserAgentFeatureCredentialsProfileSso = "r" - UserAgentFeatureCredentialsSso = "s" - UserAgentFeatureCredentialsProfileSsoLegacy = "t" - UserAgentFeatureCredentialsSsoLegacy = "u" - UserAgentFeatureCredentialsProfileProcess = "v" - UserAgentFeatureCredentialsProcess = "w" - UserAgentFeatureCredentialsBoto2ConfigFile = "x" // n/a (this is not boto/Python) - UserAgentFeatureCredentialsAwsSdkStore = "y" // n/a (this is used by .NET based sdk) - UserAgentFeatureCredentialsHTTP = "z" - UserAgentFeatureCredentialsIMDS = "0" -) - -var credentialSourceToFeature = map[aws.CredentialSource]UserAgentFeature{ - aws.CredentialSourceCode: UserAgentFeatureCredentialsCode, - aws.CredentialSourceEnvVars: UserAgentFeatureCredentialsEnvVars, - aws.CredentialSourceEnvVarsSTSWebIDToken: UserAgentFeatureCredentialsEnvVarsStsWebIDToken, - aws.CredentialSourceSTSAssumeRole: UserAgentFeatureCredentialsStsAssumeRole, - aws.CredentialSourceSTSAssumeRoleSaml: UserAgentFeatureCredentialsStsAssumeRoleSaml, - aws.CredentialSourceSTSAssumeRoleWebID: UserAgentFeatureCredentialsStsAssumeRoleWebID, - aws.CredentialSourceSTSFederationToken: UserAgentFeatureCredentialsStsFederationToken, - aws.CredentialSourceSTSSessionToken: UserAgentFeatureCredentialsStsSessionToken, - aws.CredentialSourceProfile: UserAgentFeatureCredentialsProfile, - aws.CredentialSourceProfileSourceProfile: UserAgentFeatureCredentialsProfileSourceProfile, - aws.CredentialSourceProfileNamedProvider: UserAgentFeatureCredentialsProfileNamedProvider, - aws.CredentialSourceProfileSTSWebIDToken: UserAgentFeatureCredentialsProfileStsWebIDToken, - aws.CredentialSourceProfileSSO: UserAgentFeatureCredentialsProfileSso, - aws.CredentialSourceSSO: UserAgentFeatureCredentialsSso, - aws.CredentialSourceProfileSSOLegacy: UserAgentFeatureCredentialsProfileSsoLegacy, - aws.CredentialSourceSSOLegacy: UserAgentFeatureCredentialsSsoLegacy, - aws.CredentialSourceProfileProcess: UserAgentFeatureCredentialsProfileProcess, - aws.CredentialSourceProcess: UserAgentFeatureCredentialsProcess, - aws.CredentialSourceHTTP: UserAgentFeatureCredentialsHTTP, - aws.CredentialSourceIMDS: UserAgentFeatureCredentialsIMDS, -} - -// RequestUserAgent is a build middleware that set the User-Agent for the request. -type RequestUserAgent struct { - sdkAgent, userAgent *smithyhttp.UserAgentBuilder - features map[UserAgentFeature]struct{} -} - -// NewRequestUserAgent returns a new requestUserAgent which will set the User-Agent and X-Amz-User-Agent for the -// request. -// -// User-Agent example: -// -// aws-sdk-go-v2/1.2.3 -// -// X-Amz-User-Agent example: -// -// aws-sdk-go-v2/1.2.3 md/GOOS/linux md/GOARCH/amd64 lang/go/1.15 -func NewRequestUserAgent() *RequestUserAgent { - userAgent, sdkAgent := smithyhttp.NewUserAgentBuilder(), smithyhttp.NewUserAgentBuilder() - addProductName(userAgent) - addUserAgentMetadata(userAgent) - addProductName(sdkAgent) - - r := &RequestUserAgent{ - sdkAgent: sdkAgent, - userAgent: userAgent, - features: map[UserAgentFeature]struct{}{}, - } - - addSDKMetadata(r) - - return r -} - -func addSDKMetadata(r *RequestUserAgent) { - r.AddSDKAgentKey(OperatingSystemMetadata, getNormalizedOSName()) - r.AddSDKAgentKeyValue(LanguageMetadata, "go", languageVersion) - r.AddSDKAgentKeyValue(AdditionalMetadata, "GOOS", runtime.GOOS) - r.AddSDKAgentKeyValue(AdditionalMetadata, "GOARCH", runtime.GOARCH) - if ev := os.Getenv(execEnvVar); len(ev) > 0 { - r.AddSDKAgentKey(EnvironmentMetadata, ev) - } -} - -func addProductName(builder *smithyhttp.UserAgentBuilder) { - builder.AddKeyValue(aws.SDKName, aws.SDKVersion) -} - -func addUserAgentMetadata(builder *smithyhttp.UserAgentBuilder) { - builder.AddKey(uaMetadata) -} - -// AddUserAgentKey retrieves a requestUserAgent from the provided stack, or initializes one. -func AddUserAgentKey(key string) func(*middleware.Stack) error { - return func(stack *middleware.Stack) error { - requestUserAgent, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - requestUserAgent.AddUserAgentKey(key) - return nil - } -} - -// AddUserAgentKeyValue retrieves a requestUserAgent from the provided stack, or initializes one. -func AddUserAgentKeyValue(key, value string) func(*middleware.Stack) error { - return func(stack *middleware.Stack) error { - requestUserAgent, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - requestUserAgent.AddUserAgentKeyValue(key, value) - return nil - } -} - -// AddSDKAgentKey retrieves a requestUserAgent from the provided stack, or initializes one. -func AddSDKAgentKey(keyType SDKAgentKeyType, key string) func(*middleware.Stack) error { - return func(stack *middleware.Stack) error { - requestUserAgent, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - requestUserAgent.AddSDKAgentKey(keyType, key) - return nil - } -} - -// AddSDKAgentKeyValue retrieves a requestUserAgent from the provided stack, or initializes one. -func AddSDKAgentKeyValue(keyType SDKAgentKeyType, key, value string) func(*middleware.Stack) error { - return func(stack *middleware.Stack) error { - requestUserAgent, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - requestUserAgent.AddSDKAgentKeyValue(keyType, key, value) - return nil - } -} - -// AddRequestUserAgentMiddleware registers a requestUserAgent middleware on the stack if not present. -func AddRequestUserAgentMiddleware(stack *middleware.Stack) error { - _, err := getOrAddRequestUserAgent(stack) - return err -} - -func getOrAddRequestUserAgent(stack *middleware.Stack) (*RequestUserAgent, error) { - id := (*RequestUserAgent)(nil).ID() - bm, ok := stack.Build.Get(id) - if !ok { - bm = NewRequestUserAgent() - err := stack.Build.Add(bm, middleware.After) - if err != nil { - return nil, err - } - } - - requestUserAgent, ok := bm.(*RequestUserAgent) - if !ok { - return nil, fmt.Errorf("%T for %s middleware did not match expected type", bm, id) - } - - return requestUserAgent, nil -} - -// AddUserAgentKey adds the component identified by name to the User-Agent string. -func (u *RequestUserAgent) AddUserAgentKey(key string) { - u.userAgent.AddKey(strings.Map(rules, key)) -} - -// AddUserAgentKeyValue adds the key identified by the given name and value to the User-Agent string. -func (u *RequestUserAgent) AddUserAgentKeyValue(key, value string) { - u.userAgent.AddKeyValue(strings.Map(rules, key), strings.Map(rules, value)) -} - -// AddUserAgentFeature adds the feature ID to the tracking list to be emitted -// in the final User-Agent string. -func (u *RequestUserAgent) AddUserAgentFeature(feature UserAgentFeature) { - u.features[feature] = struct{}{} -} - -// AddSDKAgentKey adds the component identified by name to the User-Agent string. -func (u *RequestUserAgent) AddSDKAgentKey(keyType SDKAgentKeyType, key string) { - // TODO: should target sdkAgent - u.userAgent.AddKey(keyType.string() + "/" + strings.Map(rules, key)) -} - -// AddSDKAgentKeyValue adds the key identified by the given name and value to the User-Agent string. -func (u *RequestUserAgent) AddSDKAgentKeyValue(keyType SDKAgentKeyType, key, value string) { - // TODO: should target sdkAgent - u.userAgent.AddKeyValue(keyType.string(), strings.Map(rules, key)+"#"+strings.Map(rules, value)) -} - -// AddCredentialsSource adds the credential source as a feature on the User-Agent string -func (u *RequestUserAgent) AddCredentialsSource(source aws.CredentialSource) { - x, ok := credentialSourceToFeature[source] - if ok { - u.AddUserAgentFeature(x) - } -} - -// ID the name of the middleware. -func (u *RequestUserAgent) ID() string { - return "UserAgent" -} - -// HandleBuild adds or appends the constructed user agent to the request. -func (u *RequestUserAgent) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - switch req := in.Request.(type) { - case *smithyhttp.Request: - u.addHTTPUserAgent(req) - // TODO: To be re-enabled - // u.addHTTPSDKAgent(req) - default: - return out, metadata, fmt.Errorf("unknown transport type %T", in) - } - - return next.HandleBuild(ctx, in) -} - -func (u *RequestUserAgent) addHTTPUserAgent(request *smithyhttp.Request) { - const userAgent = "User-Agent" - if len(u.features) > 0 { - updateHTTPHeader(request, userAgent, buildFeatureMetrics(u.features)) - } - updateHTTPHeader(request, userAgent, u.userAgent.Build()) -} - -func (u *RequestUserAgent) addHTTPSDKAgent(request *smithyhttp.Request) { - const sdkAgent = "X-Amz-User-Agent" - updateHTTPHeader(request, sdkAgent, u.sdkAgent.Build()) -} - -func updateHTTPHeader(request *smithyhttp.Request, header string, value string) { - var current string - if v := request.Header[header]; len(v) > 0 { - current = v[0] - } - if len(current) > 0 { - current = value + " " + current - } else { - current = value - } - request.Header[header] = append(request.Header[header][:0], current) -} - -func rules(r rune) rune { - switch { - case r >= '0' && r <= '9': - return r - case r >= 'A' && r <= 'Z' || r >= 'a' && r <= 'z': - return r - case validChars[r]: - return r - default: - return '-' - } -} - -func buildFeatureMetrics(features map[UserAgentFeature]struct{}) string { - fs := make([]string, 0, len(features)) - for f := range features { - fs = append(fs, string(f)) - } - - sort.Strings(fs) - return fmt.Sprintf("%s/%s", FeatureMetadata2.string(), strings.Join(fs, ",")) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/array.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/array.go deleted file mode 100644 index 6669a3dd..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/array.go +++ /dev/null @@ -1,61 +0,0 @@ -package query - -import ( - "net/url" - "strconv" -) - -// Array represents the encoding of Query lists and sets. A Query array is a -// representation of a list of values of a fixed type. A serialized array might -// look like the following: -// -// ListName.member.1=foo -// &ListName.member.2=bar -// &Listname.member.3=baz -type Array struct { - // The query values to add the array to. - values url.Values - // The array's prefix, which includes the names of all parent structures - // and ends with the name of the list. For example, the prefix might be - // "ParentStructure.ListName". This prefix will be used to form the full - // keys for each element in the list. For example, an entry might have the - // key "ParentStructure.ListName.member.MemberName.1". - // - // When the array is not flat the prefix will contain the memberName otherwise the memberName is ignored - prefix string - // Elements are stored in values, so we keep track of the list size here. - size int32 - // Empty lists are encoded as "=", if we add a value later we will - // remove this encoding - emptyValue Value -} - -func newArray(values url.Values, prefix string, flat bool, memberName string) *Array { - emptyValue := newValue(values, prefix, flat) - emptyValue.String("") - - if !flat { - // This uses string concatenation in place of fmt.Sprintf as fmt.Sprintf has a much higher resource overhead - prefix = prefix + keySeparator + memberName - } - - return &Array{ - values: values, - prefix: prefix, - emptyValue: emptyValue, - } -} - -// Value adds a new element to the Query Array. Returns a Value type used to -// encode the array element. -func (a *Array) Value() Value { - if a.size == 0 { - delete(a.values, a.emptyValue.key) - } - - // Query lists start a 1, so adjust the size first - a.size++ - // Lists can't have flat members - // This uses string concatenation in place of fmt.Sprintf as fmt.Sprintf has a much higher resource overhead - return newValue(a.values, a.prefix+keySeparator+strconv.FormatInt(int64(a.size), 10), false) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/encoder.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/encoder.go deleted file mode 100644 index 2ecf9241..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/encoder.go +++ /dev/null @@ -1,80 +0,0 @@ -package query - -import ( - "io" - "net/url" - "sort" -) - -// Encoder is a Query encoder that supports construction of Query body -// values using methods. -type Encoder struct { - // The query values that will be built up to manage encoding. - values url.Values - // The writer that the encoded body will be written to. - writer io.Writer - Value -} - -// NewEncoder returns a new Query body encoder -func NewEncoder(writer io.Writer) *Encoder { - values := url.Values{} - return &Encoder{ - values: values, - writer: writer, - Value: newBaseValue(values), - } -} - -// Encode returns the []byte slice representing the current -// state of the Query encoder. -func (e Encoder) Encode() error { - ws, ok := e.writer.(interface{ WriteString(string) (int, error) }) - if !ok { - // Fall back to less optimal byte slice casting if WriteString isn't available. - ws = &wrapWriteString{writer: e.writer} - } - - // Get the keys and sort them to have a stable output - keys := make([]string, 0, len(e.values)) - for k := range e.values { - keys = append(keys, k) - } - sort.Strings(keys) - isFirstEntry := true - for _, key := range keys { - queryValues := e.values[key] - escapedKey := url.QueryEscape(key) - for _, value := range queryValues { - if !isFirstEntry { - if _, err := ws.WriteString(`&`); err != nil { - return err - } - } else { - isFirstEntry = false - } - if _, err := ws.WriteString(escapedKey); err != nil { - return err - } - if _, err := ws.WriteString(`=`); err != nil { - return err - } - if _, err := ws.WriteString(url.QueryEscape(value)); err != nil { - return err - } - } - } - return nil -} - -// wrapWriteString wraps an io.Writer to provide a WriteString method -// where one is not available. -type wrapWriteString struct { - writer io.Writer -} - -// WriteString writes a string to the wrapped writer by casting it to -// a byte array first. -func (w wrapWriteString) WriteString(v string) (int, error) { - return w.writer.Write([]byte(v)) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/map.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/map.go deleted file mode 100644 index dea242b8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/map.go +++ /dev/null @@ -1,78 +0,0 @@ -package query - -import ( - "fmt" - "net/url" -) - -// Map represents the encoding of Query maps. A Query map is a representation -// of a mapping of arbitrary string keys to arbitrary values of a fixed type. -// A Map differs from an Object in that the set of keys is not fixed, in that -// the values must all be of the same type, and that map entries are ordered. -// A serialized map might look like the following: -// -// MapName.entry.1.key=Foo -// &MapName.entry.1.value=spam -// &MapName.entry.2.key=Bar -// &MapName.entry.2.value=eggs -type Map struct { - // The query values to add the map to. - values url.Values - // The map's prefix, which includes the names of all parent structures - // and ends with the name of the object. For example, the prefix might be - // "ParentStructure.MapName". This prefix will be used to form the full - // keys for each key-value pair of the map. For example, a value might have - // the key "ParentStructure.MapName.1.value". - // - // While this is currently represented as a string that gets added to, it - // could also be represented as a stack that only gets condensed into a - // string when a finalized key is created. This could potentially reduce - // allocations. - prefix string - // Whether the map is flat or not. A map that is not flat will produce the - // following entries to the url.Values for a given key-value pair: - // MapName.entry.1.KeyLocationName=mykey - // MapName.entry.1.ValueLocationName=myvalue - // A map that is flat will produce the following: - // MapName.1.KeyLocationName=mykey - // MapName.1.ValueLocationName=myvalue - flat bool - // The location name of the key. In most cases this should be "key". - keyLocationName string - // The location name of the value. In most cases this should be "value". - valueLocationName string - // Elements are stored in values, so we keep track of the list size here. - size int32 -} - -func newMap(values url.Values, prefix string, flat bool, keyLocationName string, valueLocationName string) *Map { - return &Map{ - values: values, - prefix: prefix, - flat: flat, - keyLocationName: keyLocationName, - valueLocationName: valueLocationName, - } -} - -// Key adds the given named key to the Query map. -// Returns a Value encoder that should be used to encode a Query value type. -func (m *Map) Key(name string) Value { - // Query lists start a 1, so adjust the size first - m.size++ - var key string - var value string - if m.flat { - key = fmt.Sprintf("%s.%d.%s", m.prefix, m.size, m.keyLocationName) - value = fmt.Sprintf("%s.%d.%s", m.prefix, m.size, m.valueLocationName) - } else { - key = fmt.Sprintf("%s.entry.%d.%s", m.prefix, m.size, m.keyLocationName) - value = fmt.Sprintf("%s.entry.%d.%s", m.prefix, m.size, m.valueLocationName) - } - - // The key can only be a string, so we just go ahead and set it here - newValue(m.values, key, false).String(name) - - // Maps can't have flat members - return newValue(m.values, value, false) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/middleware.go deleted file mode 100644 index 36034479..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/middleware.go +++ /dev/null @@ -1,62 +0,0 @@ -package query - -import ( - "context" - "fmt" - "io/ioutil" - - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// AddAsGetRequestMiddleware adds a middleware to the Serialize stack after the -// operation serializer that will convert the query request body to a GET -// operation with the query message in the HTTP request querystring. -func AddAsGetRequestMiddleware(stack *middleware.Stack) error { - return stack.Serialize.Insert(&asGetRequest{}, "OperationSerializer", middleware.After) -} - -type asGetRequest struct{} - -func (*asGetRequest) ID() string { return "Query:AsGetRequest" } - -func (m *asGetRequest) HandleSerialize( - ctx context.Context, input middleware.SerializeInput, next middleware.SerializeHandler, -) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - req, ok := input.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("expect smithy HTTP Request, got %T", input.Request) - } - - req.Method = "GET" - - // If the stream is not set, nothing else to do. - stream := req.GetStream() - if stream == nil { - return next.HandleSerialize(ctx, input) - } - - // Clear the stream since there will not be any body. - req.Header.Del("Content-Type") - req, err = req.SetStream(nil) - if err != nil { - return out, metadata, fmt.Errorf("unable update request body %w", err) - } - input.Request = req - - // Update request query with the body's query string value. - delim := "" - if len(req.URL.RawQuery) != 0 { - delim = "&" - } - - b, err := ioutil.ReadAll(stream) - if err != nil { - return out, metadata, fmt.Errorf("unable to get request body %w", err) - } - req.URL.RawQuery += delim + string(b) - - return next.HandleSerialize(ctx, input) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/object.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/object.go deleted file mode 100644 index 305a8ace..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/object.go +++ /dev/null @@ -1,68 +0,0 @@ -package query - -import "net/url" - -// Object represents the encoding of Query structures and unions. A Query -// object is a representation of a mapping of string keys to arbitrary -// values where there is a fixed set of keys whose values each have their -// own known type. A serialized object might look like the following: -// -// ObjectName.Foo=value -// &ObjectName.Bar=5 -type Object struct { - // The query values to add the object to. - values url.Values - // The object's prefix, which includes the names of all parent structures - // and ends with the name of the object. For example, the prefix might be - // "ParentStructure.ObjectName". This prefix will be used to form the full - // keys for each member of the object. For example, a member might have the - // key "ParentStructure.ObjectName.MemberName". - // - // While this is currently represented as a string that gets added to, it - // could also be represented as a stack that only gets condensed into a - // string when a finalized key is created. This could potentially reduce - // allocations. - prefix string -} - -func newObject(values url.Values, prefix string) *Object { - return &Object{ - values: values, - prefix: prefix, - } -} - -// Key adds the given named key to the Query object. -// Returns a Value encoder that should be used to encode a Query value type. -func (o *Object) Key(name string) Value { - return o.key(name, false) -} - -// KeyWithValues adds the given named key to the Query object. -// Returns a Value encoder that should be used to encode a Query list of values. -func (o *Object) KeyWithValues(name string) Value { - return o.keyWithValues(name, false) -} - -// FlatKey adds the given named key to the Query object. -// Returns a Value encoder that should be used to encode a Query value type. The -// value will be flattened if it is a map or array. -func (o *Object) FlatKey(name string) Value { - return o.key(name, true) -} - -func (o *Object) key(name string, flatValue bool) Value { - if o.prefix != "" { - // This uses string concatenation in place of fmt.Sprintf as fmt.Sprintf has a much higher resource overhead - return newValue(o.values, o.prefix+keySeparator+name, flatValue) - } - return newValue(o.values, name, flatValue) -} - -func (o *Object) keyWithValues(name string, flatValue bool) Value { - if o.prefix != "" { - // This uses string concatenation in place of fmt.Sprintf as fmt.Sprintf has a much higher resource overhead - return newAppendValue(o.values, o.prefix+keySeparator+name, flatValue) - } - return newAppendValue(o.values, name, flatValue) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/value.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/value.go deleted file mode 100644 index 8063c592..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/value.go +++ /dev/null @@ -1,117 +0,0 @@ -package query - -import ( - "math/big" - "net/url" - - "github.com/aws/smithy-go/encoding/httpbinding" -) - -const keySeparator = "." - -// Value represents a Query Value type. -type Value struct { - // The query values to add the value to. - values url.Values - // The value's key, which will form the prefix for complex types. - key string - // Whether the value should be flattened or not if it's a flattenable type. - flat bool - queryValue httpbinding.QueryValue -} - -func newValue(values url.Values, key string, flat bool) Value { - return Value{ - values: values, - key: key, - flat: flat, - queryValue: httpbinding.NewQueryValue(values, key, false), - } -} - -func newAppendValue(values url.Values, key string, flat bool) Value { - return Value{ - values: values, - key: key, - flat: flat, - queryValue: httpbinding.NewQueryValue(values, key, true), - } -} - -func newBaseValue(values url.Values) Value { - return Value{ - values: values, - queryValue: httpbinding.NewQueryValue(nil, "", false), - } -} - -// Array returns a new Array encoder. -func (qv Value) Array(locationName string) *Array { - return newArray(qv.values, qv.key, qv.flat, locationName) -} - -// Object returns a new Object encoder. -func (qv Value) Object() *Object { - return newObject(qv.values, qv.key) -} - -// Map returns a new Map encoder. -func (qv Value) Map(keyLocationName string, valueLocationName string) *Map { - return newMap(qv.values, qv.key, qv.flat, keyLocationName, valueLocationName) -} - -// Base64EncodeBytes encodes v as a base64 query string value. -// This is intended to enable compatibility with the JSON encoder. -func (qv Value) Base64EncodeBytes(v []byte) { - qv.queryValue.Blob(v) -} - -// Boolean encodes v as a query string value -func (qv Value) Boolean(v bool) { - qv.queryValue.Boolean(v) -} - -// String encodes v as a query string value -func (qv Value) String(v string) { - qv.queryValue.String(v) -} - -// Byte encodes v as a query string value -func (qv Value) Byte(v int8) { - qv.queryValue.Byte(v) -} - -// Short encodes v as a query string value -func (qv Value) Short(v int16) { - qv.queryValue.Short(v) -} - -// Integer encodes v as a query string value -func (qv Value) Integer(v int32) { - qv.queryValue.Integer(v) -} - -// Long encodes v as a query string value -func (qv Value) Long(v int64) { - qv.queryValue.Long(v) -} - -// Float encodes v as a query string value -func (qv Value) Float(v float32) { - qv.queryValue.Float(v) -} - -// Double encodes v as a query string value -func (qv Value) Double(v float64) { - qv.queryValue.Double(v) -} - -// BigInteger encodes v as a query string value -func (qv Value) BigInteger(v *big.Int) { - qv.queryValue.BigInteger(v) -} - -// BigDecimal encodes v as a query string value -func (qv Value) BigDecimal(v *big.Float) { - qv.queryValue.BigDecimal(v) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/restjson/decoder_util.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/restjson/decoder_util.go deleted file mode 100644 index 1bce78a4..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/restjson/decoder_util.go +++ /dev/null @@ -1,85 +0,0 @@ -package restjson - -import ( - "encoding/json" - "io" - "strings" - - "github.com/aws/smithy-go" -) - -// GetErrorInfo util looks for code, __type, and message members in the -// json body. These members are optionally available, and the function -// returns the value of member if it is available. This function is useful to -// identify the error code, msg in a REST JSON error response. -func GetErrorInfo(decoder *json.Decoder) (errorType string, message string, err error) { - var errInfo struct { - Code string - Type string `json:"__type"` - Message string - } - - err = decoder.Decode(&errInfo) - if err != nil { - if err == io.EOF { - return errorType, message, nil - } - return errorType, message, err - } - - // assign error type - if len(errInfo.Code) != 0 { - errorType = errInfo.Code - } else if len(errInfo.Type) != 0 { - errorType = errInfo.Type - } - - // assign error message - if len(errInfo.Message) != 0 { - message = errInfo.Message - } - - // sanitize error - if len(errorType) != 0 { - errorType = SanitizeErrorCode(errorType) - } - - return errorType, message, nil -} - -// SanitizeErrorCode sanitizes the errorCode string . -// The rule for sanitizing is if a `:` character is present, then take only the -// contents before the first : character in the value. -// If a # character is present, then take only the contents after the -// first # character in the value. -func SanitizeErrorCode(errorCode string) string { - if strings.ContainsAny(errorCode, ":") { - errorCode = strings.SplitN(errorCode, ":", 2)[0] - } - - if strings.ContainsAny(errorCode, "#") { - errorCode = strings.SplitN(errorCode, "#", 2)[1] - } - - return errorCode -} - -// GetSmithyGenericAPIError returns smithy generic api error and an error interface. -// Takes in json decoder, and error Code string as args. The function retrieves error message -// and error code from the decoder body. If errorCode of length greater than 0 is passed in as -// an argument, it is used instead. -func GetSmithyGenericAPIError(decoder *json.Decoder, errorCode string) (*smithy.GenericAPIError, error) { - errorType, message, err := GetErrorInfo(decoder) - if err != nil { - return nil, err - } - - if len(errorCode) == 0 { - errorCode = errorType - } - - return &smithy.GenericAPIError{ - Code: errorCode, - Message: message, - }, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/xml/error_utils.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/xml/error_utils.go deleted file mode 100644 index 6975ce65..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/xml/error_utils.go +++ /dev/null @@ -1,48 +0,0 @@ -package xml - -import ( - "encoding/xml" - "fmt" - "io" -) - -// ErrorComponents represents the error response fields -// that will be deserialized from an xml error response body -type ErrorComponents struct { - Code string - Message string - RequestID string -} - -// GetErrorResponseComponents returns the error fields from an xml error response body -func GetErrorResponseComponents(r io.Reader, noErrorWrapping bool) (ErrorComponents, error) { - if noErrorWrapping { - var errResponse noWrappedErrorResponse - if err := xml.NewDecoder(r).Decode(&errResponse); err != nil && err != io.EOF { - return ErrorComponents{}, fmt.Errorf("error while deserializing xml error response: %w", err) - } - return ErrorComponents(errResponse), nil - } - - var errResponse wrappedErrorResponse - if err := xml.NewDecoder(r).Decode(&errResponse); err != nil && err != io.EOF { - return ErrorComponents{}, fmt.Errorf("error while deserializing xml error response: %w", err) - } - return ErrorComponents(errResponse), nil -} - -// noWrappedErrorResponse represents the error response body with -// no internal Error wrapping -type noWrappedErrorResponse struct { - Code string `xml:"Code"` - Message string `xml:"Message"` - RequestID string `xml:"RequestId"` -} - -// wrappedErrorResponse represents the error response body -// wrapped within Error -type wrappedErrorResponse struct { - Code string `xml:"Error>Code"` - Message string `xml:"Error>Message"` - RequestID string `xml:"RequestId"` -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/none.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/none.go deleted file mode 100644 index 8c783641..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/none.go +++ /dev/null @@ -1,20 +0,0 @@ -package ratelimit - -import "context" - -// None implements a no-op rate limiter which effectively disables client-side -// rate limiting (also known as "retry quotas"). -// -// GetToken does nothing and always returns a nil error. The returned -// token-release function does nothing, and always returns a nil error. -// -// AddTokens does nothing and always returns a nil error. -var None = &none{} - -type none struct{} - -func (*none) GetToken(ctx context.Context, cost uint) (func() error, error) { - return func() error { return nil }, nil -} - -func (*none) AddTokens(v uint) error { return nil } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/token_bucket.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/token_bucket.go deleted file mode 100644 index 974ef594..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/token_bucket.go +++ /dev/null @@ -1,96 +0,0 @@ -package ratelimit - -import ( - "sync" -) - -// TokenBucket provides a concurrency safe utility for adding and removing -// tokens from the available token bucket. -type TokenBucket struct { - remainingTokens uint - maxCapacity uint - minCapacity uint - mu sync.Mutex -} - -// NewTokenBucket returns an initialized TokenBucket with the capacity -// specified. -func NewTokenBucket(i uint) *TokenBucket { - return &TokenBucket{ - remainingTokens: i, - maxCapacity: i, - minCapacity: 1, - } -} - -// Retrieve attempts to reduce the available tokens by the amount requested. If -// there are tokens available true will be returned along with the number of -// available tokens remaining. If amount requested is larger than the available -// capacity, false will be returned along with the available capacity. If the -// amount is less than the available capacity, the capacity will be reduced by -// that amount, and the remaining capacity and true will be returned. -func (t *TokenBucket) Retrieve(amount uint) (available uint, retrieved bool) { - t.mu.Lock() - defer t.mu.Unlock() - - if amount > t.remainingTokens { - return t.remainingTokens, false - } - - t.remainingTokens -= amount - return t.remainingTokens, true -} - -// Refund returns the amount of tokens back to the available token bucket, up -// to the initial capacity. -func (t *TokenBucket) Refund(amount uint) { - t.mu.Lock() - defer t.mu.Unlock() - - // Capacity cannot exceed max capacity. - t.remainingTokens = uintMin(t.remainingTokens+amount, t.maxCapacity) -} - -// Capacity returns the maximum capacity of tokens that the bucket could -// contain. -func (t *TokenBucket) Capacity() uint { - t.mu.Lock() - defer t.mu.Unlock() - - return t.maxCapacity -} - -// Remaining returns the number of tokens that remaining in the bucket. -func (t *TokenBucket) Remaining() uint { - t.mu.Lock() - defer t.mu.Unlock() - - return t.remainingTokens -} - -// Resize adjusts the size of the token bucket. Returns the capacity remaining. -func (t *TokenBucket) Resize(size uint) uint { - t.mu.Lock() - defer t.mu.Unlock() - - t.maxCapacity = uintMax(size, t.minCapacity) - - // Capacity needs to be capped at max capacity, if max size reduced. - t.remainingTokens = uintMin(t.remainingTokens, t.maxCapacity) - - return t.remainingTokens -} - -func uintMin(a, b uint) uint { - if a < b { - return a - } - return b -} - -func uintMax(a, b uint) uint { - if a > b { - return a - } - return b -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/token_rate_limit.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/token_rate_limit.go deleted file mode 100644 index d89090ad..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/ratelimit/token_rate_limit.go +++ /dev/null @@ -1,83 +0,0 @@ -package ratelimit - -import ( - "context" - "fmt" -) - -type rateToken struct { - tokenCost uint - bucket *TokenBucket -} - -func (t rateToken) release() error { - t.bucket.Refund(t.tokenCost) - return nil -} - -// TokenRateLimit provides a Token Bucket RateLimiter implementation -// that limits the overall number of retry attempts that can be made across -// operation invocations. -type TokenRateLimit struct { - bucket *TokenBucket -} - -// NewTokenRateLimit returns an TokenRateLimit with default values. -// Functional options can configure the retry rate limiter. -func NewTokenRateLimit(tokens uint) *TokenRateLimit { - return &TokenRateLimit{ - bucket: NewTokenBucket(tokens), - } -} - -type canceledError struct { - Err error -} - -func (c canceledError) CanceledError() bool { return true } -func (c canceledError) Unwrap() error { return c.Err } -func (c canceledError) Error() string { - return fmt.Sprintf("canceled, %v", c.Err) -} - -// GetToken may cause a available pool of retry quota to be -// decremented. Will return an error if the decremented value can not be -// reduced from the retry quota. -func (l *TokenRateLimit) GetToken(ctx context.Context, cost uint) (func() error, error) { - select { - case <-ctx.Done(): - return nil, canceledError{Err: ctx.Err()} - default: - } - if avail, ok := l.bucket.Retrieve(cost); !ok { - return nil, QuotaExceededError{Available: avail, Requested: cost} - } - - return rateToken{ - tokenCost: cost, - bucket: l.bucket, - }.release, nil -} - -// AddTokens increments the token bucket by a fixed amount. -func (l *TokenRateLimit) AddTokens(v uint) error { - l.bucket.Refund(v) - return nil -} - -// Remaining returns the number of remaining tokens in the bucket. -func (l *TokenRateLimit) Remaining() uint { - return l.bucket.Remaining() -} - -// QuotaExceededError provides the SDK error when the retries for a given -// token bucket have been exhausted. -type QuotaExceededError struct { - Available uint - Requested uint -} - -func (e QuotaExceededError) Error() string { - return fmt.Sprintf("retry quota exceeded, %d available, %d requested", - e.Available, e.Requested) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/request.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/request.go deleted file mode 100644 index d8d00e61..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/request.go +++ /dev/null @@ -1,25 +0,0 @@ -package aws - -import ( - "fmt" -) - -// TODO remove replace with smithy.CanceledError - -// RequestCanceledError is the error that will be returned by an API request -// that was canceled. Requests given a Context may return this error when -// canceled. -type RequestCanceledError struct { - Err error -} - -// CanceledError returns true to satisfy interfaces checking for canceled errors. -func (*RequestCanceledError) CanceledError() bool { return true } - -// Unwrap returns the underlying error, if there was one. -func (e *RequestCanceledError) Unwrap() error { - return e.Err -} -func (e *RequestCanceledError) Error() string { - return fmt.Sprintf("request canceled, %v", e.Err) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive.go deleted file mode 100644 index 4dfde857..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive.go +++ /dev/null @@ -1,156 +0,0 @@ -package retry - -import ( - "context" - "fmt" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/internal/sdk" -) - -const ( - // DefaultRequestCost is the cost of a single request from the adaptive - // rate limited token bucket. - DefaultRequestCost uint = 1 -) - -// DefaultThrottles provides the set of errors considered throttle errors that -// are checked by default. -var DefaultThrottles = []IsErrorThrottle{ - ThrottleErrorCode{ - Codes: DefaultThrottleErrorCodes, - }, -} - -// AdaptiveModeOptions provides the functional options for configuring the -// adaptive retry mode, and delay behavior. -type AdaptiveModeOptions struct { - // If the adaptive token bucket is empty, when an attempt will be made - // AdaptiveMode will sleep until a token is available. This can occur when - // attempts fail with throttle errors. Use this option to disable the sleep - // until token is available, and return error immediately. - FailOnNoAttemptTokens bool - - // The cost of an attempt from the AdaptiveMode's adaptive token bucket. - RequestCost uint - - // Set of strategies to determine if the attempt failed due to a throttle - // error. - // - // It is safe to append to this list in NewAdaptiveMode's functional options. - Throttles []IsErrorThrottle - - // Set of options for standard retry mode that AdaptiveMode is built on top - // of. AdaptiveMode may apply its own defaults to Standard retry mode that - // are different than the defaults of NewStandard. Use these options to - // override the default options. - StandardOptions []func(*StandardOptions) -} - -// AdaptiveMode provides an experimental retry strategy that expands on the -// Standard retry strategy, adding client attempt rate limits. The attempt rate -// limit is initially unrestricted, but becomes restricted when the attempt -// fails with for a throttle error. When restricted AdaptiveMode may need to -// sleep before an attempt is made, if too many throttles have been received. -// AdaptiveMode's sleep can be canceled with context cancel. Set -// AdaptiveModeOptions FailOnNoAttemptTokens to change the behavior from sleep, -// to fail fast. -// -// Eventually unrestricted attempt rate limit will be restored once attempts no -// longer are failing due to throttle errors. -type AdaptiveMode struct { - options AdaptiveModeOptions - throttles IsErrorThrottles - - retryer aws.RetryerV2 - rateLimit *adaptiveRateLimit -} - -// NewAdaptiveMode returns an initialized AdaptiveMode retry strategy. -func NewAdaptiveMode(optFns ...func(*AdaptiveModeOptions)) *AdaptiveMode { - o := AdaptiveModeOptions{ - RequestCost: DefaultRequestCost, - Throttles: append([]IsErrorThrottle{}, DefaultThrottles...), - } - for _, fn := range optFns { - fn(&o) - } - - return &AdaptiveMode{ - options: o, - throttles: IsErrorThrottles(o.Throttles), - retryer: NewStandard(o.StandardOptions...), - rateLimit: newAdaptiveRateLimit(), - } -} - -// IsErrorRetryable returns if the failed attempt is retryable. This check -// should determine if the error can be retried, or if the error is -// terminal. -func (a *AdaptiveMode) IsErrorRetryable(err error) bool { - return a.retryer.IsErrorRetryable(err) -} - -// MaxAttempts returns the maximum number of attempts that can be made for -// an attempt before failing. A value of 0 implies that the attempt should -// be retried until it succeeds if the errors are retryable. -func (a *AdaptiveMode) MaxAttempts() int { - return a.retryer.MaxAttempts() -} - -// RetryDelay returns the delay that should be used before retrying the -// attempt. Will return error if the if the delay could not be determined. -func (a *AdaptiveMode) RetryDelay(attempt int, opErr error) ( - time.Duration, error, -) { - return a.retryer.RetryDelay(attempt, opErr) -} - -// GetRetryToken attempts to deduct the retry cost from the retry token pool. -// Returning the token release function, or error. -func (a *AdaptiveMode) GetRetryToken(ctx context.Context, opErr error) ( - releaseToken func(error) error, err error, -) { - return a.retryer.GetRetryToken(ctx, opErr) -} - -// GetInitialToken returns the initial attempt token that can increment the -// retry token pool if the attempt is successful. -// -// Deprecated: This method does not provide a way to block using Context, -// nor can it return an error. Use RetryerV2, and GetAttemptToken instead. Only -// present to implement Retryer interface. -func (a *AdaptiveMode) GetInitialToken() (releaseToken func(error) error) { - return nopRelease -} - -// GetAttemptToken returns the attempt token that can be used to rate limit -// attempt calls. Will be used by the SDK's retry package's Attempt -// middleware to get an attempt token prior to calling the temp and releasing -// the attempt token after the attempt has been made. -func (a *AdaptiveMode) GetAttemptToken(ctx context.Context) (func(error) error, error) { - for { - acquiredToken, waitTryAgain := a.rateLimit.AcquireToken(a.options.RequestCost) - if acquiredToken { - break - } - if a.options.FailOnNoAttemptTokens { - return nil, fmt.Errorf( - "unable to get attempt token, and FailOnNoAttemptTokens enables") - } - - if err := sdk.SleepWithContext(ctx, waitTryAgain); err != nil { - return nil, fmt.Errorf("failed to wait for token to be available, %w", err) - } - } - - return a.handleResponse, nil -} - -func (a *AdaptiveMode) handleResponse(opErr error) error { - throttled := a.throttles.IsErrorThrottle(opErr).Bool() - - a.rateLimit.Update(throttled) - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive_ratelimit.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive_ratelimit.go deleted file mode 100644 index ad96d9b8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive_ratelimit.go +++ /dev/null @@ -1,158 +0,0 @@ -package retry - -import ( - "math" - "sync" - "time" - - "github.com/aws/aws-sdk-go-v2/internal/sdk" -) - -type adaptiveRateLimit struct { - tokenBucketEnabled bool - - smooth float64 - beta float64 - scaleConstant float64 - minFillRate float64 - - fillRate float64 - calculatedRate float64 - lastRefilled time.Time - measuredTxRate float64 - lastTxRateBucket float64 - requestCount int64 - lastMaxRate float64 - lastThrottleTime time.Time - timeWindow float64 - - tokenBucket *adaptiveTokenBucket - - mu sync.Mutex -} - -func newAdaptiveRateLimit() *adaptiveRateLimit { - now := sdk.NowTime() - return &adaptiveRateLimit{ - smooth: 0.8, - beta: 0.7, - scaleConstant: 0.4, - - minFillRate: 0.5, - - lastTxRateBucket: math.Floor(timeFloat64Seconds(now)), - lastThrottleTime: now, - - tokenBucket: newAdaptiveTokenBucket(0), - } -} - -func (a *adaptiveRateLimit) Enable(v bool) { - a.mu.Lock() - defer a.mu.Unlock() - - a.tokenBucketEnabled = v -} - -func (a *adaptiveRateLimit) AcquireToken(amount uint) ( - tokenAcquired bool, waitTryAgain time.Duration, -) { - a.mu.Lock() - defer a.mu.Unlock() - - if !a.tokenBucketEnabled { - return true, 0 - } - - a.tokenBucketRefill() - - available, ok := a.tokenBucket.Retrieve(float64(amount)) - if !ok { - waitDur := float64Seconds((float64(amount) - available) / a.fillRate) - return false, waitDur - } - - return true, 0 -} - -func (a *adaptiveRateLimit) Update(throttled bool) { - a.mu.Lock() - defer a.mu.Unlock() - - a.updateMeasuredRate() - - if throttled { - rateToUse := a.measuredTxRate - if a.tokenBucketEnabled { - rateToUse = math.Min(a.measuredTxRate, a.fillRate) - } - - a.lastMaxRate = rateToUse - a.calculateTimeWindow() - a.lastThrottleTime = sdk.NowTime() - a.calculatedRate = a.cubicThrottle(rateToUse) - a.tokenBucketEnabled = true - } else { - a.calculateTimeWindow() - a.calculatedRate = a.cubicSuccess(sdk.NowTime()) - } - - newRate := math.Min(a.calculatedRate, 2*a.measuredTxRate) - a.tokenBucketUpdateRate(newRate) -} - -func (a *adaptiveRateLimit) cubicSuccess(t time.Time) float64 { - dt := secondsFloat64(t.Sub(a.lastThrottleTime)) - return (a.scaleConstant * math.Pow(dt-a.timeWindow, 3)) + a.lastMaxRate -} - -func (a *adaptiveRateLimit) cubicThrottle(rateToUse float64) float64 { - return rateToUse * a.beta -} - -func (a *adaptiveRateLimit) calculateTimeWindow() { - a.timeWindow = math.Pow((a.lastMaxRate*(1.-a.beta))/a.scaleConstant, 1./3.) -} - -func (a *adaptiveRateLimit) tokenBucketUpdateRate(newRPS float64) { - a.tokenBucketRefill() - a.fillRate = math.Max(newRPS, a.minFillRate) - a.tokenBucket.Resize(newRPS) -} - -func (a *adaptiveRateLimit) updateMeasuredRate() { - now := sdk.NowTime() - timeBucket := math.Floor(timeFloat64Seconds(now)*2.) / 2. - a.requestCount++ - - if timeBucket > a.lastTxRateBucket { - currentRate := float64(a.requestCount) / (timeBucket - a.lastTxRateBucket) - a.measuredTxRate = (currentRate * a.smooth) + (a.measuredTxRate * (1. - a.smooth)) - a.requestCount = 0 - a.lastTxRateBucket = timeBucket - } -} - -func (a *adaptiveRateLimit) tokenBucketRefill() { - now := sdk.NowTime() - if a.lastRefilled.IsZero() { - a.lastRefilled = now - return - } - - fillAmount := secondsFloat64(now.Sub(a.lastRefilled)) * a.fillRate - a.tokenBucket.Refund(fillAmount) - a.lastRefilled = now -} - -func float64Seconds(v float64) time.Duration { - return time.Duration(v * float64(time.Second)) -} - -func secondsFloat64(v time.Duration) float64 { - return float64(v) / float64(time.Second) -} - -func timeFloat64Seconds(v time.Time) float64 { - return float64(v.UnixNano()) / float64(time.Second) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive_token_bucket.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive_token_bucket.go deleted file mode 100644 index 052723e8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/adaptive_token_bucket.go +++ /dev/null @@ -1,83 +0,0 @@ -package retry - -import ( - "math" - "sync" -) - -// adaptiveTokenBucket provides a concurrency safe utility for adding and -// removing tokens from the available token bucket. -type adaptiveTokenBucket struct { - remainingTokens float64 - maxCapacity float64 - minCapacity float64 - mu sync.Mutex -} - -// newAdaptiveTokenBucket returns an initialized adaptiveTokenBucket with the -// capacity specified. -func newAdaptiveTokenBucket(i float64) *adaptiveTokenBucket { - return &adaptiveTokenBucket{ - remainingTokens: i, - maxCapacity: i, - minCapacity: 1, - } -} - -// Retrieve attempts to reduce the available tokens by the amount requested. If -// there are tokens available true will be returned along with the number of -// available tokens remaining. If amount requested is larger than the available -// capacity, false will be returned along with the available capacity. If the -// amount is less than the available capacity, the capacity will be reduced by -// that amount, and the remaining capacity and true will be returned. -func (t *adaptiveTokenBucket) Retrieve(amount float64) (available float64, retrieved bool) { - t.mu.Lock() - defer t.mu.Unlock() - - if amount > t.remainingTokens { - return t.remainingTokens, false - } - - t.remainingTokens -= amount - return t.remainingTokens, true -} - -// Refund returns the amount of tokens back to the available token bucket, up -// to the initial capacity. -func (t *adaptiveTokenBucket) Refund(amount float64) { - t.mu.Lock() - defer t.mu.Unlock() - - // Capacity cannot exceed max capacity. - t.remainingTokens = math.Min(t.remainingTokens+amount, t.maxCapacity) -} - -// Capacity returns the maximum capacity of tokens that the bucket could -// contain. -func (t *adaptiveTokenBucket) Capacity() float64 { - t.mu.Lock() - defer t.mu.Unlock() - - return t.maxCapacity -} - -// Remaining returns the number of tokens that remaining in the bucket. -func (t *adaptiveTokenBucket) Remaining() float64 { - t.mu.Lock() - defer t.mu.Unlock() - - return t.remainingTokens -} - -// Resize adjusts the size of the token bucket. Returns the capacity remaining. -func (t *adaptiveTokenBucket) Resize(size float64) float64 { - t.mu.Lock() - defer t.mu.Unlock() - - t.maxCapacity = math.Max(size, t.minCapacity) - - // Capacity needs to be capped at max capacity, if max size reduced. - t.remainingTokens = math.Min(t.remainingTokens, t.maxCapacity) - - return t.remainingTokens -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/attempt_metrics.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/attempt_metrics.go deleted file mode 100644 index bfa5bf7d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/attempt_metrics.go +++ /dev/null @@ -1,51 +0,0 @@ -package retry - -import ( - "context" - - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" -) - -type attemptMetrics struct { - Attempts metrics.Int64Counter - Errors metrics.Int64Counter - - AttemptDuration metrics.Float64Histogram -} - -func newAttemptMetrics(meter metrics.Meter) (*attemptMetrics, error) { - m := &attemptMetrics{} - var err error - - m.Attempts, err = meter.Int64Counter("client.call.attempts", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "{attempt}" - o.Description = "The number of attempts for an individual operation" - }) - if err != nil { - return nil, err - } - m.Errors, err = meter.Int64Counter("client.call.errors", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "{error}" - o.Description = "The number of errors for an operation" - }) - if err != nil { - return nil, err - } - m.AttemptDuration, err = meter.Float64Histogram("client.call.attempt_duration", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = "The time it takes to connect to the service, send the request, and get back HTTP status code and headers (including time queued waiting to be sent)" - }) - if err != nil { - return nil, err - } - - return m, nil -} - -func withOperationMetadata(ctx context.Context) metrics.RecordMetricOption { - return func(o *metrics.RecordMetricOptions) { - o.Properties.Set("rpc.service", middleware.GetServiceID(ctx)) - o.Properties.Set("rpc.method", middleware.GetOperationName(ctx)) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/doc.go deleted file mode 100644 index 3a08ebe0..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/doc.go +++ /dev/null @@ -1,80 +0,0 @@ -// Package retry provides interfaces and implementations for SDK request retry behavior. -// -// # Retryer Interface and Implementations -// -// This package defines Retryer interface that is used to either implement custom retry behavior -// or to extend the existing retry implementations provided by the SDK. This package provides a single -// retry implementation: Standard. -// -// # Standard -// -// Standard is the default retryer implementation used by service clients. The standard retryer is a rate limited -// retryer that has a configurable max attempts to limit the number of retry attempts when a retryable error occurs. -// In addition, the retryer uses a configurable token bucket to rate limit the retry attempts across the client, -// and uses an additional delay policy to limit the time between a requests subsequent attempts. -// -// By default the standard retryer uses the DefaultRetryables slice of IsErrorRetryable types to determine whether -// a given error is retryable. By default this list of retryables includes the following: -// - Retrying errors that implement the RetryableError method, and return true. -// - Connection Errors -// - Errors that implement a ConnectionError, Temporary, or Timeout method that return true. -// - Connection Reset Errors. -// - net.OpErr types that are dialing errors or are temporary. -// - HTTP Status Codes: 500, 502, 503, and 504. -// - API Error Codes -// - RequestTimeout, RequestTimeoutException -// - Throttling, ThrottlingException, ThrottledException, RequestThrottledException, TooManyRequestsException, -// RequestThrottled, SlowDown, EC2ThrottledException -// - ProvisionedThroughputExceededException, RequestLimitExceeded, BandwidthLimitExceeded, LimitExceededException -// - TransactionInProgressException, PriorRequestNotComplete -// -// The standard retryer will not retry a request in the event if the context associated with the request -// has been cancelled. Applications must handle this case explicitly if they wish to retry with a different context -// value. -// -// You can configure the standard retryer implementation to fit your applications by constructing a standard retryer -// using the NewStandard function, and providing one more functional argument that mutate the StandardOptions -// structure. StandardOptions provides the ability to modify the token bucket rate limiter, retryable error conditions, -// and the retry delay policy. -// -// For example to modify the default retry attempts for the standard retryer: -// -// // configure the custom retryer -// customRetry := retry.NewStandard(func(o *retry.StandardOptions) { -// o.MaxAttempts = 5 -// }) -// -// // create a service client with the retryer -// s3.NewFromConfig(cfg, func(o *s3.Options) { -// o.Retryer = customRetry -// }) -// -// # Utilities -// -// A number of package functions have been provided to easily wrap retryer implementations in an implementation agnostic -// way. These are: -// -// AddWithErrorCodes - Provides the ability to add additional API error codes that should be considered retryable -// in addition to those considered retryable by the provided retryer. -// -// AddWithMaxAttempts - Provides the ability to set the max number of attempts for retrying a request by wrapping -// a retryer implementation. -// -// AddWithMaxBackoffDelay - Provides the ability to set the max back off delay that can occur before retrying a -// request by wrapping a retryer implementation. -// -// The following package functions have been provided to easily satisfy different retry interfaces to further customize -// a given retryer's behavior: -// -// BackoffDelayerFunc - Can be used to wrap a function to satisfy the BackoffDelayer interface. For example, -// you can use this method to easily create custom back off policies to be used with the -// standard retryer. -// -// IsErrorRetryableFunc - Can be used to wrap a function to satisfy the IsErrorRetryable interface. For example, -// this can be used to extend the standard retryer to add additional logic to determine if an -// error should be retried. -// -// IsErrorTimeoutFunc - Can be used to wrap a function to satisfy IsErrorTimeout interface. For example, -// this can be used to extend the standard retryer to add additional logic to determine if an -// error should be considered a timeout. -package retry diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/errors.go deleted file mode 100644 index 3e432eef..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/errors.go +++ /dev/null @@ -1,20 +0,0 @@ -package retry - -import "fmt" - -// MaxAttemptsError provides the error when the maximum number of attempts have -// been exceeded. -type MaxAttemptsError struct { - Attempt int - Err error -} - -func (e *MaxAttemptsError) Error() string { - return fmt.Sprintf("exceeded maximum number of attempts, %d, %v", e.Attempt, e.Err) -} - -// Unwrap returns the nested error causing the max attempts error. Provides the -// implementation for errors.Is and errors.As to unwrap nested errors. -func (e *MaxAttemptsError) Unwrap() error { - return e.Err -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/jitter_backoff.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/jitter_backoff.go deleted file mode 100644 index c266996d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/jitter_backoff.go +++ /dev/null @@ -1,49 +0,0 @@ -package retry - -import ( - "math" - "time" - - "github.com/aws/aws-sdk-go-v2/internal/rand" - "github.com/aws/aws-sdk-go-v2/internal/timeconv" -) - -// ExponentialJitterBackoff provides backoff delays with jitter based on the -// number of attempts. -type ExponentialJitterBackoff struct { - maxBackoff time.Duration - // precomputed number of attempts needed to reach max backoff. - maxBackoffAttempts float64 - - randFloat64 func() (float64, error) -} - -// NewExponentialJitterBackoff returns an ExponentialJitterBackoff configured -// for the max backoff. -func NewExponentialJitterBackoff(maxBackoff time.Duration) *ExponentialJitterBackoff { - return &ExponentialJitterBackoff{ - maxBackoff: maxBackoff, - maxBackoffAttempts: math.Log2( - float64(maxBackoff) / float64(time.Second)), - randFloat64: rand.CryptoRandFloat64, - } -} - -// BackoffDelay returns the duration to wait before the next attempt should be -// made. Returns an error if unable get a duration. -func (j *ExponentialJitterBackoff) BackoffDelay(attempt int, err error) (time.Duration, error) { - if attempt > int(j.maxBackoffAttempts) { - return j.maxBackoff, nil - } - - b, err := j.randFloat64() - if err != nil { - return 0, err - } - - // [0.0, 1.0) * 2 ^ attempts - ri := int64(1 << uint64(attempt)) - delaySeconds := b * float64(ri) - - return timeconv.FloatSecondsDur(delaySeconds), nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/metadata.go deleted file mode 100644 index 7a3f1830..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/metadata.go +++ /dev/null @@ -1,52 +0,0 @@ -package retry - -import ( - awsmiddle "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" -) - -// attemptResultsKey is a metadata accessor key to retrieve metadata -// for all request attempts. -type attemptResultsKey struct { -} - -// GetAttemptResults retrieves attempts results from middleware metadata. -func GetAttemptResults(metadata middleware.Metadata) (AttemptResults, bool) { - m, ok := metadata.Get(attemptResultsKey{}).(AttemptResults) - return m, ok -} - -// AttemptResults represents struct containing metadata returned by all request attempts. -type AttemptResults struct { - - // Results is a slice consisting attempt result from all request attempts. - // Results are stored in order request attempt is made. - Results []AttemptResult -} - -// AttemptResult represents attempt result returned by a single request attempt. -type AttemptResult struct { - - // Err is the error if received for the request attempt. - Err error - - // Retryable denotes if request may be retried. This states if an - // error is considered retryable. - Retryable bool - - // Retried indicates if this request was retried. - Retried bool - - // ResponseMetadata is any existing metadata passed via the response middlewares. - ResponseMetadata middleware.Metadata -} - -// addAttemptResults adds attempt results to middleware metadata -func addAttemptResults(metadata *middleware.Metadata, v AttemptResults) { - metadata.Set(attemptResultsKey{}, v) -} - -// GetRawResponse returns raw response recorded for the attempt result -func (a AttemptResult) GetRawResponse() interface{} { - return awsmiddle.GetRawResponse(a.ResponseMetadata) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/middleware.go deleted file mode 100644 index 52d59b04..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/middleware.go +++ /dev/null @@ -1,418 +0,0 @@ -package retry - -import ( - "context" - "errors" - "fmt" - "strconv" - "strings" - "time" - - internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" - "github.com/aws/smithy-go" - - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddle "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - smithymiddle "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - "github.com/aws/smithy-go/transport/http" -) - -// RequestCloner is a function that can take an input request type and clone -// the request for use in a subsequent retry attempt. -type RequestCloner func(interface{}) interface{} - -type retryMetadata struct { - AttemptNum int - AttemptTime time.Time - MaxAttempts int - AttemptClockSkew time.Duration -} - -// Attempt is a Smithy Finalize middleware that handles retry attempts using -// the provided Retryer implementation. -type Attempt struct { - // Enable the logging of retry attempts performed by the SDK. This will - // include logging retry attempts, unretryable errors, and when max - // attempts are reached. - LogAttempts bool - - // A Meter instance for recording retry-related metrics. - OperationMeter metrics.Meter - - retryer aws.RetryerV2 - requestCloner RequestCloner -} - -// define the threshold at which we will consider certain kind of errors to be probably -// caused by clock skew -const skewThreshold = 4 * time.Minute - -// NewAttemptMiddleware returns a new Attempt retry middleware. -func NewAttemptMiddleware(retryer aws.Retryer, requestCloner RequestCloner, optFns ...func(*Attempt)) *Attempt { - m := &Attempt{ - retryer: wrapAsRetryerV2(retryer), - requestCloner: requestCloner, - } - for _, fn := range optFns { - fn(m) - } - if m.OperationMeter == nil { - m.OperationMeter = metrics.NopMeterProvider{}.Meter("") - } - - return m -} - -// ID returns the middleware identifier -func (r *Attempt) ID() string { return "Retry" } - -func (r Attempt) logf(logger logging.Logger, classification logging.Classification, format string, v ...interface{}) { - if !r.LogAttempts { - return - } - logger.Logf(classification, format, v...) -} - -// HandleFinalize utilizes the provider Retryer implementation to attempt -// retries over the next handler -func (r *Attempt) HandleFinalize(ctx context.Context, in smithymiddle.FinalizeInput, next smithymiddle.FinalizeHandler) ( - out smithymiddle.FinalizeOutput, metadata smithymiddle.Metadata, err error, -) { - var attemptNum int - var attemptClockSkew time.Duration - var attemptResults AttemptResults - - maxAttempts := r.retryer.MaxAttempts() - releaseRetryToken := nopRelease - - retryMetrics, err := newAttemptMetrics(r.OperationMeter) - if err != nil { - return out, metadata, err - } - - for { - attemptNum++ - attemptInput := in - attemptInput.Request = r.requestCloner(attemptInput.Request) - - // Record the metadata for the for attempt being started. - attemptCtx := setRetryMetadata(ctx, retryMetadata{ - AttemptNum: attemptNum, - AttemptTime: sdk.NowTime().UTC(), - MaxAttempts: maxAttempts, - AttemptClockSkew: attemptClockSkew, - }) - - // Setting clock skew to be used on other context (like signing) - ctx = internalcontext.SetAttemptSkewContext(ctx, attemptClockSkew) - - var attemptResult AttemptResult - - attemptCtx, span := tracing.StartSpan(attemptCtx, "Attempt", func(o *tracing.SpanOptions) { - o.Properties.Set("operation.attempt", attemptNum) - }) - retryMetrics.Attempts.Add(ctx, 1, withOperationMetadata(ctx)) - - start := sdk.NowTime() - out, attemptResult, releaseRetryToken, err = r.handleAttempt(attemptCtx, attemptInput, releaseRetryToken, next) - elapsed := sdk.NowTime().Sub(start) - - retryMetrics.AttemptDuration.Record(ctx, float64(elapsed)/1e9, withOperationMetadata(ctx)) - if err != nil { - retryMetrics.Errors.Add(ctx, 1, withOperationMetadata(ctx), func(o *metrics.RecordMetricOptions) { - o.Properties.Set("exception.type", errorType(err)) - }) - } - - span.End() - - attemptClockSkew, _ = awsmiddle.GetAttemptSkew(attemptResult.ResponseMetadata) - - // AttemptResult Retried states that the attempt was not successful, and - // should be retried. - shouldRetry := attemptResult.Retried - - // Add attempt metadata to list of all attempt metadata - attemptResults.Results = append(attemptResults.Results, attemptResult) - - if !shouldRetry { - // Ensure the last response's metadata is used as the bases for result - // metadata returned by the stack. The Slice of attempt results - // will be added to this cloned metadata. - metadata = attemptResult.ResponseMetadata.Clone() - - break - } - } - - addAttemptResults(&metadata, attemptResults) - return out, metadata, err -} - -// handleAttempt handles an individual request attempt. -func (r *Attempt) handleAttempt( - ctx context.Context, in smithymiddle.FinalizeInput, releaseRetryToken func(error) error, next smithymiddle.FinalizeHandler, -) ( - out smithymiddle.FinalizeOutput, attemptResult AttemptResult, _ func(error) error, err error, -) { - defer func() { - attemptResult.Err = err - }() - - // Short circuit if this attempt never can succeed because the context is - // canceled. This reduces the chance of token pools being modified for - // attempts that will not be made - select { - case <-ctx.Done(): - return out, attemptResult, nopRelease, ctx.Err() - default: - } - - //------------------------------ - // Get Attempt Token - //------------------------------ - releaseAttemptToken, err := r.retryer.GetAttemptToken(ctx) - if err != nil { - return out, attemptResult, nopRelease, fmt.Errorf( - "failed to get retry Send token, %w", err) - } - - //------------------------------ - // Send Attempt - //------------------------------ - logger := smithymiddle.GetLogger(ctx) - service, operation := awsmiddle.GetServiceID(ctx), awsmiddle.GetOperationName(ctx) - retryMetadata, _ := getRetryMetadata(ctx) - attemptNum := retryMetadata.AttemptNum - maxAttempts := retryMetadata.MaxAttempts - - // Following attempts must ensure the request payload stream starts in a - // rewound state. - if attemptNum > 1 { - if rewindable, ok := in.Request.(interface{ RewindStream() error }); ok { - if rewindErr := rewindable.RewindStream(); rewindErr != nil { - return out, attemptResult, nopRelease, fmt.Errorf( - "failed to rewind transport stream for retry, %w", rewindErr) - } - } - - r.logf(logger, logging.Debug, "retrying request %s/%s, attempt %d", - service, operation, attemptNum) - } - - var metadata smithymiddle.Metadata - out, metadata, err = next.HandleFinalize(ctx, in) - attemptResult.ResponseMetadata = metadata - - //------------------------------ - // Bookkeeping - //------------------------------ - // Release the retry token based on the state of the attempt's error (if any). - if releaseError := releaseRetryToken(err); releaseError != nil && err != nil { - return out, attemptResult, nopRelease, fmt.Errorf( - "failed to release retry token after request error, %w", err) - } - // Release the attempt token based on the state of the attempt's error (if any). - if releaseError := releaseAttemptToken(err); releaseError != nil && err != nil { - return out, attemptResult, nopRelease, fmt.Errorf( - "failed to release initial token after request error, %w", err) - } - // If there was no error making the attempt, nothing further to do. There - // will be nothing to retry. - if err == nil { - return out, attemptResult, nopRelease, err - } - - err = wrapAsClockSkew(ctx, err) - - //------------------------------ - // Is Retryable and Should Retry - //------------------------------ - // If the attempt failed with an unretryable error, nothing further to do - // but return, and inform the caller about the terminal failure. - retryable := r.retryer.IsErrorRetryable(err) - if !retryable { - r.logf(logger, logging.Debug, "request failed with unretryable error %v", err) - return out, attemptResult, nopRelease, err - } - - // set retryable to true - attemptResult.Retryable = true - - // Once the maximum number of attempts have been exhausted there is nothing - // further to do other than inform the caller about the terminal failure. - if maxAttempts > 0 && attemptNum >= maxAttempts { - r.logf(logger, logging.Debug, "max retry attempts exhausted, max %d", maxAttempts) - err = &MaxAttemptsError{ - Attempt: attemptNum, - Err: err, - } - return out, attemptResult, nopRelease, err - } - - //------------------------------ - // Get Retry (aka Retry Quota) Token - //------------------------------ - // Get a retry token that will be released after the - releaseRetryToken, retryTokenErr := r.retryer.GetRetryToken(ctx, err) - if retryTokenErr != nil { - return out, attemptResult, nopRelease, retryTokenErr - } - - //------------------------------ - // Retry Delay and Sleep - //------------------------------ - // Get the retry delay before another attempt can be made, and sleep for - // that time. Potentially early exist if the sleep is canceled via the - // context. - retryDelay, reqErr := r.retryer.RetryDelay(attemptNum, err) - if reqErr != nil { - return out, attemptResult, releaseRetryToken, reqErr - } - if reqErr = sdk.SleepWithContext(ctx, retryDelay); reqErr != nil { - err = &aws.RequestCanceledError{Err: reqErr} - return out, attemptResult, releaseRetryToken, err - } - - // The request should be re-attempted. - attemptResult.Retried = true - - return out, attemptResult, releaseRetryToken, err -} - -// errors that, if detected when we know there's a clock skew, -// can be retried and have a high chance of success -var possibleSkewCodes = map[string]struct{}{ - "InvalidSignatureException": {}, - "SignatureDoesNotMatch": {}, - "AuthFailure": {}, -} - -var definiteSkewCodes = map[string]struct{}{ - "RequestExpired": {}, - "RequestInTheFuture": {}, - "RequestTimeTooSkewed": {}, -} - -// wrapAsClockSkew checks if this error could be related to a clock skew -// error and if so, wrap the error. -func wrapAsClockSkew(ctx context.Context, err error) error { - var v interface{ ErrorCode() string } - if !errors.As(err, &v) { - return err - } - if _, ok := definiteSkewCodes[v.ErrorCode()]; ok { - return &retryableClockSkewError{Err: err} - } - _, isPossibleSkewCode := possibleSkewCodes[v.ErrorCode()] - if skew := internalcontext.GetAttemptSkewContext(ctx); skew > skewThreshold && isPossibleSkewCode { - return &retryableClockSkewError{Err: err} - } - return err -} - -// MetricsHeader attaches SDK request metric header for retries to the transport -type MetricsHeader struct{} - -// ID returns the middleware identifier -func (r *MetricsHeader) ID() string { - return "RetryMetricsHeader" -} - -// HandleFinalize attaches the SDK request metric header to the transport layer -func (r MetricsHeader) HandleFinalize(ctx context.Context, in smithymiddle.FinalizeInput, next smithymiddle.FinalizeHandler) ( - out smithymiddle.FinalizeOutput, metadata smithymiddle.Metadata, err error, -) { - retryMetadata, _ := getRetryMetadata(ctx) - - const retryMetricHeader = "Amz-Sdk-Request" - var parts []string - - parts = append(parts, "attempt="+strconv.Itoa(retryMetadata.AttemptNum)) - if retryMetadata.MaxAttempts != 0 { - parts = append(parts, "max="+strconv.Itoa(retryMetadata.MaxAttempts)) - } - - var ttl time.Time - if deadline, ok := ctx.Deadline(); ok { - ttl = deadline - } - - // Only append the TTL if it can be determined. - if !ttl.IsZero() && retryMetadata.AttemptClockSkew > 0 { - const unixTimeFormat = "20060102T150405Z" - ttl = ttl.Add(retryMetadata.AttemptClockSkew) - parts = append(parts, "ttl="+ttl.Format(unixTimeFormat)) - } - - switch req := in.Request.(type) { - case *http.Request: - req.Header[retryMetricHeader] = append(req.Header[retryMetricHeader][:0], strings.Join(parts, "; ")) - default: - return out, metadata, fmt.Errorf("unknown transport type %T", req) - } - - return next.HandleFinalize(ctx, in) -} - -type retryMetadataKey struct{} - -// getRetryMetadata retrieves retryMetadata from the context and a bool -// indicating if it was set. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func getRetryMetadata(ctx context.Context) (metadata retryMetadata, ok bool) { - metadata, ok = smithymiddle.GetStackValue(ctx, retryMetadataKey{}).(retryMetadata) - return metadata, ok -} - -// setRetryMetadata sets the retryMetadata on the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func setRetryMetadata(ctx context.Context, metadata retryMetadata) context.Context { - return smithymiddle.WithStackValue(ctx, retryMetadataKey{}, metadata) -} - -// AddRetryMiddlewaresOptions is the set of options that can be passed to -// AddRetryMiddlewares for configuring retry associated middleware. -type AddRetryMiddlewaresOptions struct { - Retryer aws.Retryer - - // Enable the logging of retry attempts performed by the SDK. This will - // include logging retry attempts, unretryable errors, and when max - // attempts are reached. - LogRetryAttempts bool -} - -// AddRetryMiddlewares adds retry middleware to operation middleware stack -func AddRetryMiddlewares(stack *smithymiddle.Stack, options AddRetryMiddlewaresOptions) error { - attempt := NewAttemptMiddleware(options.Retryer, http.RequestCloner, func(middleware *Attempt) { - middleware.LogAttempts = options.LogRetryAttempts - }) - - // index retry to before signing, if signing exists - if err := stack.Finalize.Insert(attempt, "Signing", smithymiddle.Before); err != nil { - return err - } - - if err := stack.Finalize.Insert(&MetricsHeader{}, attempt.ID(), smithymiddle.After); err != nil { - return err - } - return nil -} - -// Determines the value of exception.type for metrics purposes. We prefer an -// API-specific error code, otherwise it's just the Go type for the value. -func errorType(err error) string { - var terr smithy.APIError - if errors.As(err, &terr) { - return terr.ErrorCode() - } - return fmt.Sprintf("%T", err) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/retry.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/retry.go deleted file mode 100644 index af81635b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/retry.go +++ /dev/null @@ -1,90 +0,0 @@ -package retry - -import ( - "context" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -// AddWithErrorCodes returns a Retryer with additional error codes considered -// for determining if the error should be retried. -func AddWithErrorCodes(r aws.Retryer, codes ...string) aws.Retryer { - retryable := &RetryableErrorCode{ - Codes: map[string]struct{}{}, - } - for _, c := range codes { - retryable.Codes[c] = struct{}{} - } - - return &withIsErrorRetryable{ - RetryerV2: wrapAsRetryerV2(r), - Retryable: retryable, - } -} - -type withIsErrorRetryable struct { - aws.RetryerV2 - Retryable IsErrorRetryable -} - -func (r *withIsErrorRetryable) IsErrorRetryable(err error) bool { - if v := r.Retryable.IsErrorRetryable(err); v != aws.UnknownTernary { - return v.Bool() - } - return r.RetryerV2.IsErrorRetryable(err) -} - -// AddWithMaxAttempts returns a Retryer with MaxAttempts set to the value -// specified. -func AddWithMaxAttempts(r aws.Retryer, max int) aws.Retryer { - return &withMaxAttempts{ - RetryerV2: wrapAsRetryerV2(r), - Max: max, - } -} - -type withMaxAttempts struct { - aws.RetryerV2 - Max int -} - -func (w *withMaxAttempts) MaxAttempts() int { - return w.Max -} - -// AddWithMaxBackoffDelay returns a retryer wrapping the passed in retryer -// overriding the RetryDelay behavior for a alternate minimum initial backoff -// delay. -func AddWithMaxBackoffDelay(r aws.Retryer, delay time.Duration) aws.Retryer { - return &withMaxBackoffDelay{ - RetryerV2: wrapAsRetryerV2(r), - backoff: NewExponentialJitterBackoff(delay), - } -} - -type withMaxBackoffDelay struct { - aws.RetryerV2 - backoff *ExponentialJitterBackoff -} - -func (r *withMaxBackoffDelay) RetryDelay(attempt int, err error) (time.Duration, error) { - return r.backoff.BackoffDelay(attempt, err) -} - -type wrappedAsRetryerV2 struct { - aws.Retryer -} - -func wrapAsRetryerV2(r aws.Retryer) aws.RetryerV2 { - v, ok := r.(aws.RetryerV2) - if !ok { - v = wrappedAsRetryerV2{Retryer: r} - } - - return v -} - -func (w wrappedAsRetryerV2) GetAttemptToken(context.Context) (func(error) error, error) { - return w.Retryer.GetInitialToken(), nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/retryable_error.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/retryable_error.go deleted file mode 100644 index 1b485f99..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/retryable_error.go +++ /dev/null @@ -1,228 +0,0 @@ -package retry - -import ( - "errors" - "fmt" - "net" - "net/url" - "strings" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -// IsErrorRetryable provides the interface of an implementation to determine if -// a error as the result of an operation is retryable. -type IsErrorRetryable interface { - IsErrorRetryable(error) aws.Ternary -} - -// IsErrorRetryables is a collection of checks to determine of the error is -// retryable. Iterates through the checks and returns the state of retryable -// if any check returns something other than unknown. -type IsErrorRetryables []IsErrorRetryable - -// IsErrorRetryable returns if the error is retryable if any of the checks in -// the list return a value other than unknown. -func (r IsErrorRetryables) IsErrorRetryable(err error) aws.Ternary { - for _, re := range r { - if v := re.IsErrorRetryable(err); v != aws.UnknownTernary { - return v - } - } - return aws.UnknownTernary -} - -// IsErrorRetryableFunc wraps a function with the IsErrorRetryable interface. -type IsErrorRetryableFunc func(error) aws.Ternary - -// IsErrorRetryable returns if the error is retryable. -func (fn IsErrorRetryableFunc) IsErrorRetryable(err error) aws.Ternary { - return fn(err) -} - -// RetryableError is an IsErrorRetryable implementation which uses the -// optional interface Retryable on the error value to determine if the error is -// retryable. -type RetryableError struct{} - -// IsErrorRetryable returns if the error is retryable if it satisfies the -// Retryable interface, and returns if the attempt should be retried. -func (RetryableError) IsErrorRetryable(err error) aws.Ternary { - var v interface{ RetryableError() bool } - - if !errors.As(err, &v) { - return aws.UnknownTernary - } - - return aws.BoolTernary(v.RetryableError()) -} - -// NoRetryCanceledError detects if the error was an request canceled error and -// returns if so. -type NoRetryCanceledError struct{} - -// IsErrorRetryable returns the error is not retryable if the request was -// canceled. -func (NoRetryCanceledError) IsErrorRetryable(err error) aws.Ternary { - var v interface{ CanceledError() bool } - - if !errors.As(err, &v) { - return aws.UnknownTernary - } - - if v.CanceledError() { - return aws.FalseTernary - } - return aws.UnknownTernary -} - -// RetryableConnectionError determines if the underlying error is an HTTP -// connection and returns if it should be retried. -// -// Includes errors such as connection reset, connection refused, net dial, -// temporary, and timeout errors. -type RetryableConnectionError struct{} - -// IsErrorRetryable returns if the error is caused by and HTTP connection -// error, and should be retried. -func (r RetryableConnectionError) IsErrorRetryable(err error) aws.Ternary { - if err == nil { - return aws.UnknownTernary - } - var retryable bool - - var conErr interface{ ConnectionError() bool } - var tempErr interface{ Temporary() bool } - var timeoutErr interface{ Timeout() bool } - var urlErr *url.Error - var netOpErr *net.OpError - var dnsError *net.DNSError - - if errors.As(err, &dnsError) { - // NXDOMAIN errors should not be retried - if dnsError.IsNotFound { - return aws.BoolTernary(false) - } - - // if !dnsError.Temporary(), error may or may not be temporary, - // (i.e. !Temporary() =/=> !retryable) so we should fall through to - // remaining checks - if dnsError.Temporary() { - return aws.BoolTernary(true) - } - } - - switch { - case errors.As(err, &conErr) && conErr.ConnectionError(): - retryable = true - - case strings.Contains(err.Error(), "use of closed network connection"): - fallthrough - case strings.Contains(err.Error(), "connection reset"): - // The errors "connection reset" and "use of closed network connection" - // are effectively the same. It appears to be the difference between - // sync and async read of TCP RST in the stdlib's net.Conn read loop. - // see #2737 - retryable = true - - case errors.As(err, &urlErr): - // Refused connections should be retried as the service may not yet be - // running on the port. Go TCP dial considers refused connections as - // not temporary. - if strings.Contains(urlErr.Error(), "connection refused") { - retryable = true - } else { - return r.IsErrorRetryable(errors.Unwrap(urlErr)) - } - - case errors.As(err, &netOpErr): - // Network dial, or temporary network errors are always retryable. - if strings.EqualFold(netOpErr.Op, "dial") || netOpErr.Temporary() { - retryable = true - } else { - return r.IsErrorRetryable(errors.Unwrap(netOpErr)) - } - - case errors.As(err, &tempErr) && tempErr.Temporary(): - // Fallback to the generic temporary check, with temporary errors - // retryable. - retryable = true - - case errors.As(err, &timeoutErr) && timeoutErr.Timeout(): - // Fallback to the generic timeout check, with timeout errors - // retryable. - retryable = true - - default: - return aws.UnknownTernary - } - - return aws.BoolTernary(retryable) - -} - -// RetryableHTTPStatusCode provides a IsErrorRetryable based on HTTP status -// codes. -type RetryableHTTPStatusCode struct { - Codes map[int]struct{} -} - -// IsErrorRetryable return if the passed in error is retryable based on the -// HTTP status code. -func (r RetryableHTTPStatusCode) IsErrorRetryable(err error) aws.Ternary { - var v interface{ HTTPStatusCode() int } - - if !errors.As(err, &v) { - return aws.UnknownTernary - } - - _, ok := r.Codes[v.HTTPStatusCode()] - if !ok { - return aws.UnknownTernary - } - - return aws.TrueTernary -} - -// RetryableErrorCode determines if an attempt should be retried based on the -// API error code. -type RetryableErrorCode struct { - Codes map[string]struct{} -} - -// IsErrorRetryable return if the error is retryable based on the error codes. -// Returns unknown if the error doesn't have a code or it is unknown. -func (r RetryableErrorCode) IsErrorRetryable(err error) aws.Ternary { - var v interface{ ErrorCode() string } - - if !errors.As(err, &v) { - return aws.UnknownTernary - } - - _, ok := r.Codes[v.ErrorCode()] - if !ok { - return aws.UnknownTernary - } - - return aws.TrueTernary -} - -// retryableClockSkewError marks errors that can be caused by clock skew -// (difference between server time and client time). -// This is returned when there's certain confidence that adjusting the client time -// could allow a retry to succeed -type retryableClockSkewError struct{ Err error } - -func (e *retryableClockSkewError) Error() string { - return fmt.Sprintf("Probable clock skew error: %v", e.Err) -} - -// Unwrap returns the wrapped error. -func (e *retryableClockSkewError) Unwrap() error { - return e.Err -} - -// RetryableError allows the retryer to retry this request -func (e *retryableClockSkewError) RetryableError() bool { - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/standard.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/standard.go deleted file mode 100644 index d5ea9322..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/standard.go +++ /dev/null @@ -1,269 +0,0 @@ -package retry - -import ( - "context" - "fmt" - "time" - - "github.com/aws/aws-sdk-go-v2/aws/ratelimit" -) - -// BackoffDelayer provides the interface for determining the delay to before -// another request attempt, that previously failed. -type BackoffDelayer interface { - BackoffDelay(attempt int, err error) (time.Duration, error) -} - -// BackoffDelayerFunc provides a wrapper around a function to determine the -// backoff delay of an attempt retry. -type BackoffDelayerFunc func(int, error) (time.Duration, error) - -// BackoffDelay returns the delay before attempt to retry a request. -func (fn BackoffDelayerFunc) BackoffDelay(attempt int, err error) (time.Duration, error) { - return fn(attempt, err) -} - -const ( - // DefaultMaxAttempts is the maximum of attempts for an API request - DefaultMaxAttempts int = 3 - - // DefaultMaxBackoff is the maximum back off delay between attempts - DefaultMaxBackoff time.Duration = 20 * time.Second -) - -// Default retry token quota values. -const ( - DefaultRetryRateTokens uint = 500 - DefaultRetryCost uint = 5 - DefaultRetryTimeoutCost uint = 10 - DefaultNoRetryIncrement uint = 1 -) - -// DefaultRetryableHTTPStatusCodes is the default set of HTTP status codes the SDK -// should consider as retryable errors. -var DefaultRetryableHTTPStatusCodes = map[int]struct{}{ - 500: {}, - 502: {}, - 503: {}, - 504: {}, -} - -// DefaultRetryableErrorCodes provides the set of API error codes that should -// be retried. -var DefaultRetryableErrorCodes = map[string]struct{}{ - "RequestTimeout": {}, - "RequestTimeoutException": {}, -} - -// DefaultThrottleErrorCodes provides the set of API error codes that are -// considered throttle errors. -var DefaultThrottleErrorCodes = map[string]struct{}{ - "Throttling": {}, - "ThrottlingException": {}, - "ThrottledException": {}, - "RequestThrottledException": {}, - "TooManyRequestsException": {}, - "ProvisionedThroughputExceededException": {}, - "TransactionInProgressException": {}, - "RequestLimitExceeded": {}, - "BandwidthLimitExceeded": {}, - "LimitExceededException": {}, - "RequestThrottled": {}, - "SlowDown": {}, - "PriorRequestNotComplete": {}, - "EC2ThrottledException": {}, -} - -// DefaultRetryables provides the set of retryable checks that are used by -// default. -var DefaultRetryables = []IsErrorRetryable{ - NoRetryCanceledError{}, - RetryableError{}, - RetryableConnectionError{}, - RetryableHTTPStatusCode{ - Codes: DefaultRetryableHTTPStatusCodes, - }, - RetryableErrorCode{ - Codes: DefaultRetryableErrorCodes, - }, - RetryableErrorCode{ - Codes: DefaultThrottleErrorCodes, - }, -} - -// DefaultTimeouts provides the set of timeout checks that are used by default. -var DefaultTimeouts = []IsErrorTimeout{ - TimeouterError{}, -} - -// StandardOptions provides the functional options for configuring the standard -// retryable, and delay behavior. -type StandardOptions struct { - // Maximum number of attempts that should be made. - MaxAttempts int - - // MaxBackoff duration between retried attempts. - MaxBackoff time.Duration - - // Provides the backoff strategy the retryer will use to determine the - // delay between retry attempts. - Backoff BackoffDelayer - - // Set of strategies to determine if the attempt should be retried based on - // the error response received. - // - // It is safe to append to this list in NewStandard's functional options. - Retryables []IsErrorRetryable - - // Set of strategies to determine if the attempt failed due to a timeout - // error. - // - // It is safe to append to this list in NewStandard's functional options. - Timeouts []IsErrorTimeout - - // Provides the rate limiting strategy for rate limiting attempt retries - // across all attempts the retryer is being used with. - // - // A RateLimiter operates as a token bucket with a set capacity, where - // attempt failures events consume tokens. A retry attempt that attempts to - // consume more tokens than what's available results in operation failure. - // The default implementation is parameterized as follows: - // - a capacity of 500 (DefaultRetryRateTokens) - // - a retry caused by a timeout costs 10 tokens (DefaultRetryCost) - // - a retry caused by other errors costs 5 tokens (DefaultRetryTimeoutCost) - // - an operation that succeeds on the 1st attempt adds 1 token (DefaultNoRetryIncrement) - // - // You can disable rate limiting by setting this field to ratelimit.None. - RateLimiter RateLimiter - - // The cost to deduct from the RateLimiter's token bucket per retry. - RetryCost uint - - // The cost to deduct from the RateLimiter's token bucket per retry caused - // by timeout error. - RetryTimeoutCost uint - - // The cost to payback to the RateLimiter's token bucket for successful - // attempts. - NoRetryIncrement uint -} - -// RateLimiter provides the interface for limiting the rate of attempt retries -// allowed by the retryer. -type RateLimiter interface { - GetToken(ctx context.Context, cost uint) (releaseToken func() error, err error) - AddTokens(uint) error -} - -// Standard is the standard retry pattern for the SDK. It uses a set of -// retryable checks to determine of the failed attempt should be retried, and -// what retry delay should be used. -type Standard struct { - options StandardOptions - - timeout IsErrorTimeout - retryable IsErrorRetryable - backoff BackoffDelayer -} - -// NewStandard initializes a standard retry behavior with defaults that can be -// overridden via functional options. -func NewStandard(fnOpts ...func(*StandardOptions)) *Standard { - o := StandardOptions{ - MaxAttempts: DefaultMaxAttempts, - MaxBackoff: DefaultMaxBackoff, - Retryables: append([]IsErrorRetryable{}, DefaultRetryables...), - Timeouts: append([]IsErrorTimeout{}, DefaultTimeouts...), - - RateLimiter: ratelimit.NewTokenRateLimit(DefaultRetryRateTokens), - RetryCost: DefaultRetryCost, - RetryTimeoutCost: DefaultRetryTimeoutCost, - NoRetryIncrement: DefaultNoRetryIncrement, - } - for _, fn := range fnOpts { - fn(&o) - } - if o.MaxAttempts <= 0 { - o.MaxAttempts = DefaultMaxAttempts - } - - backoff := o.Backoff - if backoff == nil { - backoff = NewExponentialJitterBackoff(o.MaxBackoff) - } - - return &Standard{ - options: o, - backoff: backoff, - retryable: IsErrorRetryables(o.Retryables), - timeout: IsErrorTimeouts(o.Timeouts), - } -} - -// MaxAttempts returns the maximum number of attempts that can be made for a -// request before failing. -func (s *Standard) MaxAttempts() int { - return s.options.MaxAttempts -} - -// IsErrorRetryable returns if the error is can be retried or not. Should not -// consider the number of attempts made. -func (s *Standard) IsErrorRetryable(err error) bool { - return s.retryable.IsErrorRetryable(err).Bool() -} - -// RetryDelay returns the delay to use before another request attempt is made. -func (s *Standard) RetryDelay(attempt int, err error) (time.Duration, error) { - return s.backoff.BackoffDelay(attempt, err) -} - -// GetAttemptToken returns the token to be released after then attempt completes. -// The release token will add NoRetryIncrement to the RateLimiter token pool if -// the attempt was successful. If the attempt failed, nothing will be done. -func (s *Standard) GetAttemptToken(context.Context) (func(error) error, error) { - return s.GetInitialToken(), nil -} - -// GetInitialToken returns a token for adding the NoRetryIncrement to the -// RateLimiter token if the attempt completed successfully without error. -// -// InitialToken applies to result of the each attempt, including the first. -// Whereas the RetryToken applies to the result of subsequent attempts. -// -// Deprecated: use GetAttemptToken instead. -func (s *Standard) GetInitialToken() func(error) error { - return releaseToken(s.noRetryIncrement).release -} - -func (s *Standard) noRetryIncrement() error { - return s.options.RateLimiter.AddTokens(s.options.NoRetryIncrement) -} - -// GetRetryToken attempts to deduct the retry cost from the retry token pool. -// Returning the token release function, or error. -func (s *Standard) GetRetryToken(ctx context.Context, opErr error) (func(error) error, error) { - cost := s.options.RetryCost - - if s.timeout.IsErrorTimeout(opErr).Bool() { - cost = s.options.RetryTimeoutCost - } - - fn, err := s.options.RateLimiter.GetToken(ctx, cost) - if err != nil { - return nil, fmt.Errorf("failed to get rate limit token, %w", err) - } - - return releaseToken(fn).release, nil -} - -func nopRelease(error) error { return nil } - -type releaseToken func() error - -func (f releaseToken) release(err error) error { - if err != nil { - return nil - } - - return f() -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/throttle_error.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/throttle_error.go deleted file mode 100644 index c4b844d1..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/throttle_error.go +++ /dev/null @@ -1,60 +0,0 @@ -package retry - -import ( - "errors" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -// IsErrorThrottle provides the interface of an implementation to determine if -// a error response from an operation is a throttling error. -type IsErrorThrottle interface { - IsErrorThrottle(error) aws.Ternary -} - -// IsErrorThrottles is a collection of checks to determine of the error a -// throttle error. Iterates through the checks and returns the state of -// throttle if any check returns something other than unknown. -type IsErrorThrottles []IsErrorThrottle - -// IsErrorThrottle returns if the error is a throttle error if any of the -// checks in the list return a value other than unknown. -func (r IsErrorThrottles) IsErrorThrottle(err error) aws.Ternary { - for _, re := range r { - if v := re.IsErrorThrottle(err); v != aws.UnknownTernary { - return v - } - } - return aws.UnknownTernary -} - -// IsErrorThrottleFunc wraps a function with the IsErrorThrottle interface. -type IsErrorThrottleFunc func(error) aws.Ternary - -// IsErrorThrottle returns if the error is a throttle error. -func (fn IsErrorThrottleFunc) IsErrorThrottle(err error) aws.Ternary { - return fn(err) -} - -// ThrottleErrorCode determines if an attempt should be retried based on the -// API error code. -type ThrottleErrorCode struct { - Codes map[string]struct{} -} - -// IsErrorThrottle return if the error is a throttle error based on the error -// codes. Returns unknown if the error doesn't have a code or it is unknown. -func (r ThrottleErrorCode) IsErrorThrottle(err error) aws.Ternary { - var v interface{ ErrorCode() string } - - if !errors.As(err, &v) { - return aws.UnknownTernary - } - - _, ok := r.Codes[v.ErrorCode()] - if !ok { - return aws.UnknownTernary - } - - return aws.TrueTernary -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/timeout_error.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/timeout_error.go deleted file mode 100644 index 3d47870d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retry/timeout_error.go +++ /dev/null @@ -1,52 +0,0 @@ -package retry - -import ( - "errors" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -// IsErrorTimeout provides the interface of an implementation to determine if -// a error matches. -type IsErrorTimeout interface { - IsErrorTimeout(err error) aws.Ternary -} - -// IsErrorTimeouts is a collection of checks to determine of the error is -// retryable. Iterates through the checks and returns the state of retryable -// if any check returns something other than unknown. -type IsErrorTimeouts []IsErrorTimeout - -// IsErrorTimeout returns if the error is retryable if any of the checks in -// the list return a value other than unknown. -func (ts IsErrorTimeouts) IsErrorTimeout(err error) aws.Ternary { - for _, t := range ts { - if v := t.IsErrorTimeout(err); v != aws.UnknownTernary { - return v - } - } - return aws.UnknownTernary -} - -// IsErrorTimeoutFunc wraps a function with the IsErrorTimeout interface. -type IsErrorTimeoutFunc func(error) aws.Ternary - -// IsErrorTimeout returns if the error is retryable. -func (fn IsErrorTimeoutFunc) IsErrorTimeout(err error) aws.Ternary { - return fn(err) -} - -// TimeouterError provides the IsErrorTimeout implementation for determining if -// an error is a timeout based on type with the Timeout method. -type TimeouterError struct{} - -// IsErrorTimeout returns if the error is a timeout error. -func (t TimeouterError) IsErrorTimeout(err error) aws.Ternary { - var v interface{ Timeout() bool } - - if !errors.As(err, &v) { - return aws.UnknownTernary - } - - return aws.BoolTernary(v.Timeout()) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/retryer.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/retryer.go deleted file mode 100644 index b0ba4cb2..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/retryer.go +++ /dev/null @@ -1,127 +0,0 @@ -package aws - -import ( - "context" - "fmt" - "time" -) - -// RetryMode provides the mode the API client will use to create a retryer -// based on. -type RetryMode string - -const ( - // RetryModeStandard model provides rate limited retry attempts with - // exponential backoff delay. - RetryModeStandard RetryMode = "standard" - - // RetryModeAdaptive model provides attempt send rate limiting on throttle - // responses in addition to standard mode's retry rate limiting. - // - // Adaptive retry mode is experimental and is subject to change in the - // future. - RetryModeAdaptive RetryMode = "adaptive" -) - -// ParseRetryMode attempts to parse a RetryMode from the given string. -// Returning error if the value is not a known RetryMode. -func ParseRetryMode(v string) (mode RetryMode, err error) { - switch v { - case "standard": - return RetryModeStandard, nil - case "adaptive": - return RetryModeAdaptive, nil - default: - return mode, fmt.Errorf("unknown RetryMode, %v", v) - } -} - -func (m RetryMode) String() string { return string(m) } - -// Retryer is an interface to determine if a given error from a -// attempt should be retried, and if so what backoff delay to apply. The -// default implementation used by most services is the retry package's Standard -// type. Which contains basic retry logic using exponential backoff. -type Retryer interface { - // IsErrorRetryable returns if the failed attempt is retryable. This check - // should determine if the error can be retried, or if the error is - // terminal. - IsErrorRetryable(error) bool - - // MaxAttempts returns the maximum number of attempts that can be made for - // an attempt before failing. A value of 0 implies that the attempt should - // be retried until it succeeds if the errors are retryable. - MaxAttempts() int - - // RetryDelay returns the delay that should be used before retrying the - // attempt. Will return error if the delay could not be determined. - RetryDelay(attempt int, opErr error) (time.Duration, error) - - // GetRetryToken attempts to deduct the retry cost from the retry token pool. - // Returning the token release function, or error. - GetRetryToken(ctx context.Context, opErr error) (releaseToken func(error) error, err error) - - // GetInitialToken returns the initial attempt token that can increment the - // retry token pool if the attempt is successful. - GetInitialToken() (releaseToken func(error) error) -} - -// RetryerV2 is an interface to determine if a given error from an attempt -// should be retried, and if so what backoff delay to apply. The default -// implementation used by most services is the retry package's Standard type. -// Which contains basic retry logic using exponential backoff. -// -// RetryerV2 replaces the Retryer interface, deprecating the GetInitialToken -// method in favor of GetAttemptToken which takes a context, and can return an error. -// -// The SDK's retry package's Attempt middleware, and utilities will always -// wrap a Retryer as a RetryerV2. Delegating to GetInitialToken, only if -// GetAttemptToken is not implemented. -type RetryerV2 interface { - Retryer - - // GetInitialToken returns the initial attempt token that can increment the - // retry token pool if the attempt is successful. - // - // Deprecated: This method does not provide a way to block using Context, - // nor can it return an error. Use RetryerV2, and GetAttemptToken instead. - GetInitialToken() (releaseToken func(error) error) - - // GetAttemptToken returns the send token that can be used to rate limit - // attempt calls. Will be used by the SDK's retry package's Attempt - // middleware to get a send token prior to calling the temp and releasing - // the send token after the attempt has been made. - GetAttemptToken(context.Context) (func(error) error, error) -} - -// NopRetryer provides a RequestRetryDecider implementation that will flag -// all attempt errors as not retryable, with a max attempts of 1. -type NopRetryer struct{} - -// IsErrorRetryable returns false for all error values. -func (NopRetryer) IsErrorRetryable(error) bool { return false } - -// MaxAttempts always returns 1 for the original attempt. -func (NopRetryer) MaxAttempts() int { return 1 } - -// RetryDelay is not valid for the NopRetryer. Will always return error. -func (NopRetryer) RetryDelay(int, error) (time.Duration, error) { - return 0, fmt.Errorf("not retrying any attempt errors") -} - -// GetRetryToken returns a stub function that does nothing. -func (NopRetryer) GetRetryToken(context.Context, error) (func(error) error, error) { - return nopReleaseToken, nil -} - -// GetInitialToken returns a stub function that does nothing. -func (NopRetryer) GetInitialToken() func(error) error { - return nopReleaseToken -} - -// GetAttemptToken returns a stub function that does nothing. -func (NopRetryer) GetAttemptToken(context.Context) (func(error) error, error) { - return nopReleaseToken, nil -} - -func nopReleaseToken(error) error { return nil } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/runtime.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/runtime.go deleted file mode 100644 index 3af9b2b3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/runtime.go +++ /dev/null @@ -1,14 +0,0 @@ -package aws - -// ExecutionEnvironmentID is the AWS execution environment runtime identifier. -type ExecutionEnvironmentID string - -// RuntimeEnvironment is a collection of values that are determined at runtime -// based on the environment that the SDK is executing in. Some of these values -// may or may not be present based on the executing environment and certain SDK -// configuration properties that drive whether these values are populated.. -type RuntimeEnvironment struct { - EnvironmentIdentifier ExecutionEnvironmentID - Region string - EC2InstanceMetadataRegion string -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/cache.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/cache.go deleted file mode 100644 index cbf22f1d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/cache.go +++ /dev/null @@ -1,115 +0,0 @@ -package v4 - -import ( - "strings" - "sync" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -func lookupKey(service, region string) string { - var s strings.Builder - s.Grow(len(region) + len(service) + 3) - s.WriteString(region) - s.WriteRune('/') - s.WriteString(service) - return s.String() -} - -type derivedKey struct { - AccessKey string - Date time.Time - Credential []byte -} - -type derivedKeyCache struct { - values map[string]derivedKey - mutex sync.RWMutex -} - -func newDerivedKeyCache() derivedKeyCache { - return derivedKeyCache{ - values: make(map[string]derivedKey), - } -} - -func (s *derivedKeyCache) Get(credentials aws.Credentials, service, region string, signingTime SigningTime) []byte { - key := lookupKey(service, region) - s.mutex.RLock() - if cred, ok := s.get(key, credentials, signingTime.Time); ok { - s.mutex.RUnlock() - return cred - } - s.mutex.RUnlock() - - s.mutex.Lock() - if cred, ok := s.get(key, credentials, signingTime.Time); ok { - s.mutex.Unlock() - return cred - } - cred := deriveKey(credentials.SecretAccessKey, service, region, signingTime) - entry := derivedKey{ - AccessKey: credentials.AccessKeyID, - Date: signingTime.Time, - Credential: cred, - } - s.values[key] = entry - s.mutex.Unlock() - - return cred -} - -func (s *derivedKeyCache) get(key string, credentials aws.Credentials, signingTime time.Time) ([]byte, bool) { - cacheEntry, ok := s.retrieveFromCache(key) - if ok && cacheEntry.AccessKey == credentials.AccessKeyID && isSameDay(signingTime, cacheEntry.Date) { - return cacheEntry.Credential, true - } - return nil, false -} - -func (s *derivedKeyCache) retrieveFromCache(key string) (derivedKey, bool) { - if v, ok := s.values[key]; ok { - return v, true - } - return derivedKey{}, false -} - -// SigningKeyDeriver derives a signing key from a set of credentials -type SigningKeyDeriver struct { - cache derivedKeyCache -} - -// NewSigningKeyDeriver returns a new SigningKeyDeriver -func NewSigningKeyDeriver() *SigningKeyDeriver { - return &SigningKeyDeriver{ - cache: newDerivedKeyCache(), - } -} - -// DeriveKey returns a derived signing key from the given credentials to be used with SigV4 signing. -func (k *SigningKeyDeriver) DeriveKey(credential aws.Credentials, service, region string, signingTime SigningTime) []byte { - return k.cache.Get(credential, service, region, signingTime) -} - -func deriveKey(secret, service, region string, t SigningTime) []byte { - hmacDate := HMACSHA256([]byte("AWS4"+secret), []byte(t.ShortTimeFormat())) - hmacRegion := HMACSHA256(hmacDate, []byte(region)) - hmacService := HMACSHA256(hmacRegion, []byte(service)) - return HMACSHA256(hmacService, []byte("aws4_request")) -} - -func isSameDay(x, y time.Time) bool { - xYear, xMonth, xDay := x.Date() - yYear, yMonth, yDay := y.Date() - - if xYear != yYear { - return false - } - - if xMonth != yMonth { - return false - } - - return xDay == yDay -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/const.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/const.go deleted file mode 100644 index a23cb003..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/const.go +++ /dev/null @@ -1,40 +0,0 @@ -package v4 - -// Signature Version 4 (SigV4) Constants -const ( - // EmptyStringSHA256 is the hex encoded sha256 value of an empty string - EmptyStringSHA256 = `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` - - // UnsignedPayload indicates that the request payload body is unsigned - UnsignedPayload = "UNSIGNED-PAYLOAD" - - // AmzAlgorithmKey indicates the signing algorithm - AmzAlgorithmKey = "X-Amz-Algorithm" - - // AmzSecurityTokenKey indicates the security token to be used with temporary credentials - AmzSecurityTokenKey = "X-Amz-Security-Token" - - // AmzDateKey is the UTC timestamp for the request in the format YYYYMMDD'T'HHMMSS'Z' - AmzDateKey = "X-Amz-Date" - - // AmzCredentialKey is the access key ID and credential scope - AmzCredentialKey = "X-Amz-Credential" - - // AmzSignedHeadersKey is the set of headers signed for the request - AmzSignedHeadersKey = "X-Amz-SignedHeaders" - - // AmzSignatureKey is the query parameter to store the SigV4 signature - AmzSignatureKey = "X-Amz-Signature" - - // TimeFormat is the time format to be used in the X-Amz-Date header or query parameter - TimeFormat = "20060102T150405Z" - - // ShortTimeFormat is the shorten time format used in the credential scope - ShortTimeFormat = "20060102" - - // ContentSHAKey is the SHA256 of request body - ContentSHAKey = "X-Amz-Content-Sha256" - - // StreamingEventsPayload indicates that the request payload body is a signed event stream. - StreamingEventsPayload = "STREAMING-AWS4-HMAC-SHA256-EVENTS" -) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/header_rules.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/header_rules.go deleted file mode 100644 index c61955ad..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/header_rules.go +++ /dev/null @@ -1,82 +0,0 @@ -package v4 - -import ( - sdkstrings "github.com/aws/aws-sdk-go-v2/internal/strings" -) - -// Rules houses a set of Rule needed for validation of a -// string value -type Rules []Rule - -// Rule interface allows for more flexible rules and just simply -// checks whether or not a value adheres to that Rule -type Rule interface { - IsValid(value string) bool -} - -// IsValid will iterate through all rules and see if any rules -// apply to the value and supports nested rules -func (r Rules) IsValid(value string) bool { - for _, rule := range r { - if rule.IsValid(value) { - return true - } - } - return false -} - -// MapRule generic Rule for maps -type MapRule map[string]struct{} - -// IsValid for the map Rule satisfies whether it exists in the map -func (m MapRule) IsValid(value string) bool { - _, ok := m[value] - return ok -} - -// AllowList is a generic Rule for include listing -type AllowList struct { - Rule -} - -// IsValid for AllowList checks if the value is within the AllowList -func (w AllowList) IsValid(value string) bool { - return w.Rule.IsValid(value) -} - -// ExcludeList is a generic Rule for exclude listing -type ExcludeList struct { - Rule -} - -// IsValid for AllowList checks if the value is within the AllowList -func (b ExcludeList) IsValid(value string) bool { - return !b.Rule.IsValid(value) -} - -// Patterns is a list of strings to match against -type Patterns []string - -// IsValid for Patterns checks each pattern and returns if a match has -// been found -func (p Patterns) IsValid(value string) bool { - for _, pattern := range p { - if sdkstrings.HasPrefixFold(value, pattern) { - return true - } - } - return false -} - -// InclusiveRules rules allow for rules to depend on one another -type InclusiveRules []Rule - -// IsValid will return true if all rules are true -func (r InclusiveRules) IsValid(value string) bool { - for _, rule := range r { - if !rule.IsValid(value) { - return false - } - } - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/headers.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/headers.go deleted file mode 100644 index d99b32ce..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/headers.go +++ /dev/null @@ -1,70 +0,0 @@ -package v4 - -// IgnoredHeaders is a list of headers that are ignored during signing -var IgnoredHeaders = Rules{ - ExcludeList{ - MapRule{ - "Authorization": struct{}{}, - "User-Agent": struct{}{}, - "X-Amzn-Trace-Id": struct{}{}, - "Expect": struct{}{}, - "Transfer-Encoding": struct{}{}, - }, - }, -} - -// RequiredSignedHeaders is a allow list for Build canonical headers. -var RequiredSignedHeaders = Rules{ - AllowList{ - MapRule{ - "Cache-Control": struct{}{}, - "Content-Disposition": struct{}{}, - "Content-Encoding": struct{}{}, - "Content-Language": struct{}{}, - "Content-Md5": struct{}{}, - "Content-Type": struct{}{}, - "Expires": struct{}{}, - "If-Match": struct{}{}, - "If-Modified-Since": struct{}{}, - "If-None-Match": struct{}{}, - "If-Unmodified-Since": struct{}{}, - "Range": struct{}{}, - "X-Amz-Acl": struct{}{}, - "X-Amz-Copy-Source": struct{}{}, - "X-Amz-Copy-Source-If-Match": struct{}{}, - "X-Amz-Copy-Source-If-Modified-Since": struct{}{}, - "X-Amz-Copy-Source-If-None-Match": struct{}{}, - "X-Amz-Copy-Source-If-Unmodified-Since": struct{}{}, - "X-Amz-Copy-Source-Range": struct{}{}, - "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm": struct{}{}, - "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key": struct{}{}, - "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, - "X-Amz-Grant-Full-control": struct{}{}, - "X-Amz-Grant-Read": struct{}{}, - "X-Amz-Grant-Read-Acp": struct{}{}, - "X-Amz-Grant-Write": struct{}{}, - "X-Amz-Grant-Write-Acp": struct{}{}, - "X-Amz-Metadata-Directive": struct{}{}, - "X-Amz-Mfa": struct{}{}, - "X-Amz-Server-Side-Encryption": struct{}{}, - "X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": struct{}{}, - "X-Amz-Server-Side-Encryption-Context": struct{}{}, - "X-Amz-Server-Side-Encryption-Customer-Algorithm": struct{}{}, - "X-Amz-Server-Side-Encryption-Customer-Key": struct{}{}, - "X-Amz-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, - "X-Amz-Storage-Class": struct{}{}, - "X-Amz-Website-Redirect-Location": struct{}{}, - "X-Amz-Content-Sha256": struct{}{}, - "X-Amz-Tagging": struct{}{}, - }, - }, - Patterns{"X-Amz-Object-Lock-"}, - Patterns{"X-Amz-Meta-"}, -} - -// AllowedQueryHoisting is a allowed list for Build query headers. The boolean value -// represents whether or not it is a pattern. -var AllowedQueryHoisting = InclusiveRules{ - ExcludeList{RequiredSignedHeaders}, - Patterns{"X-Amz-"}, -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/hmac.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/hmac.go deleted file mode 100644 index e7fa7a1b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/hmac.go +++ /dev/null @@ -1,13 +0,0 @@ -package v4 - -import ( - "crypto/hmac" - "crypto/sha256" -) - -// HMACSHA256 computes a HMAC-SHA256 of data given the provided key. -func HMACSHA256(key []byte, data []byte) []byte { - hash := hmac.New(sha256.New, key) - hash.Write(data) - return hash.Sum(nil) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/host.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/host.go deleted file mode 100644 index bf93659a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/host.go +++ /dev/null @@ -1,75 +0,0 @@ -package v4 - -import ( - "net/http" - "strings" -) - -// SanitizeHostForHeader removes default port from host and updates request.Host -func SanitizeHostForHeader(r *http.Request) { - host := getHost(r) - port := portOnly(host) - if port != "" && isDefaultPort(r.URL.Scheme, port) { - r.Host = stripPort(host) - } -} - -// Returns host from request -func getHost(r *http.Request) string { - if r.Host != "" { - return r.Host - } - - return r.URL.Host -} - -// Hostname returns u.Host, without any port number. -// -// If Host is an IPv6 literal with a port number, Hostname returns the -// IPv6 literal without the square brackets. IPv6 literals may include -// a zone identifier. -// -// Copied from the Go 1.8 standard library (net/url) -func stripPort(hostport string) string { - colon := strings.IndexByte(hostport, ':') - if colon == -1 { - return hostport - } - if i := strings.IndexByte(hostport, ']'); i != -1 { - return strings.TrimPrefix(hostport[:i], "[") - } - return hostport[:colon] -} - -// Port returns the port part of u.Host, without the leading colon. -// If u.Host doesn't contain a port, Port returns an empty string. -// -// Copied from the Go 1.8 standard library (net/url) -func portOnly(hostport string) string { - colon := strings.IndexByte(hostport, ':') - if colon == -1 { - return "" - } - if i := strings.Index(hostport, "]:"); i != -1 { - return hostport[i+len("]:"):] - } - if strings.Contains(hostport, "]") { - return "" - } - return hostport[colon+len(":"):] -} - -// Returns true if the specified URI is using the standard port -// (i.e. port 80 for HTTP URIs or 443 for HTTPS URIs) -func isDefaultPort(scheme, port string) bool { - if port == "" { - return true - } - - lowerCaseScheme := strings.ToLower(scheme) - if (lowerCaseScheme == "http" && port == "80") || (lowerCaseScheme == "https" && port == "443") { - return true - } - - return false -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/scope.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/scope.go deleted file mode 100644 index fc788790..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/scope.go +++ /dev/null @@ -1,13 +0,0 @@ -package v4 - -import "strings" - -// BuildCredentialScope builds the Signature Version 4 (SigV4) signing scope -func BuildCredentialScope(signingTime SigningTime, region, service string) string { - return strings.Join([]string{ - signingTime.ShortTimeFormat(), - region, - service, - "aws4_request", - }, "/") -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/time.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/time.go deleted file mode 100644 index 1de06a76..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/time.go +++ /dev/null @@ -1,36 +0,0 @@ -package v4 - -import "time" - -// SigningTime provides a wrapper around a time.Time which provides cached values for SigV4 signing. -type SigningTime struct { - time.Time - timeFormat string - shortTimeFormat string -} - -// NewSigningTime creates a new SigningTime given a time.Time -func NewSigningTime(t time.Time) SigningTime { - return SigningTime{ - Time: t, - } -} - -// TimeFormat provides a time formatted in the X-Amz-Date format. -func (m *SigningTime) TimeFormat() string { - return m.format(&m.timeFormat, TimeFormat) -} - -// ShortTimeFormat provides a time formatted of 20060102. -func (m *SigningTime) ShortTimeFormat() string { - return m.format(&m.shortTimeFormat, ShortTimeFormat) -} - -func (m *SigningTime) format(target *string, format string) string { - if len(*target) > 0 { - return *target - } - v := m.Time.Format(format) - *target = v - return v -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/util.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/util.go deleted file mode 100644 index d025dbaa..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4/util.go +++ /dev/null @@ -1,80 +0,0 @@ -package v4 - -import ( - "net/url" - "strings" -) - -const doubleSpace = " " - -// StripExcessSpaces will rewrite the passed in slice's string values to not -// contain multiple side-by-side spaces. -func StripExcessSpaces(str string) string { - var j, k, l, m, spaces int - // Trim trailing spaces - for j = len(str) - 1; j >= 0 && str[j] == ' '; j-- { - } - - // Trim leading spaces - for k = 0; k < j && str[k] == ' '; k++ { - } - str = str[k : j+1] - - // Strip multiple spaces. - j = strings.Index(str, doubleSpace) - if j < 0 { - return str - } - - buf := []byte(str) - for k, m, l = j, j, len(buf); k < l; k++ { - if buf[k] == ' ' { - if spaces == 0 { - // First space. - buf[m] = buf[k] - m++ - } - spaces++ - } else { - // End of multiple spaces. - spaces = 0 - buf[m] = buf[k] - m++ - } - } - - return string(buf[:m]) -} - -// GetURIPath returns the escaped URI component from the provided URL. -func GetURIPath(u *url.URL) string { - var uriPath string - - if len(u.Opaque) > 0 { - const schemeSep, pathSep, queryStart = "//", "/", "?" - - opaque := u.Opaque - // Cut off the query string if present. - if idx := strings.Index(opaque, queryStart); idx >= 0 { - opaque = opaque[:idx] - } - - // Cutout the scheme separator if present. - if strings.Index(opaque, schemeSep) == 0 { - opaque = opaque[len(schemeSep):] - } - - // capture URI path starting with first path separator. - if idx := strings.Index(opaque, pathSep); idx >= 0 { - uriPath = opaque[idx:] - } - } else { - uriPath = u.EscapedPath() - } - - if len(uriPath) == 0 { - uriPath = "/" - } - - return uriPath -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go deleted file mode 100644 index 8a46220a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/middleware.go +++ /dev/null @@ -1,420 +0,0 @@ -package v4 - -import ( - "context" - "crypto/sha256" - "encoding/hex" - "fmt" - "io" - "net/http" - "strings" - - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - v4Internal "github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const computePayloadHashMiddlewareID = "ComputePayloadHash" - -// HashComputationError indicates an error occurred while computing the signing hash -type HashComputationError struct { - Err error -} - -// Error is the error message -func (e *HashComputationError) Error() string { - return fmt.Sprintf("failed to compute payload hash: %v", e.Err) -} - -// Unwrap returns the underlying error if one is set -func (e *HashComputationError) Unwrap() error { - return e.Err -} - -// SigningError indicates an error condition occurred while performing SigV4 signing -type SigningError struct { - Err error -} - -func (e *SigningError) Error() string { - return fmt.Sprintf("failed to sign request: %v", e.Err) -} - -// Unwrap returns the underlying error cause -func (e *SigningError) Unwrap() error { - return e.Err -} - -// UseDynamicPayloadSigningMiddleware swaps the compute payload sha256 middleware with a resolver middleware that -// switches between unsigned and signed payload based on TLS state for request. -// This middleware should not be used for AWS APIs that do not support unsigned payload signing auth. -// By default, SDK uses this middleware for known AWS APIs that support such TLS based auth selection . -// -// Usage example - -// S3 PutObject API allows unsigned payload signing auth usage when TLS is enabled, and uses this middleware to -// dynamically switch between unsigned and signed payload based on TLS state for request. -func UseDynamicPayloadSigningMiddleware(stack *middleware.Stack) error { - _, err := stack.Finalize.Swap(computePayloadHashMiddlewareID, &dynamicPayloadSigningMiddleware{}) - return err -} - -// dynamicPayloadSigningMiddleware dynamically resolves the middleware that computes and set payload sha256 middleware. -type dynamicPayloadSigningMiddleware struct { -} - -// ID returns the resolver identifier -func (m *dynamicPayloadSigningMiddleware) ID() string { - return computePayloadHashMiddlewareID -} - -// HandleFinalize delegates SHA256 computation according to whether the request -// is TLS-enabled. -func (m *dynamicPayloadSigningMiddleware) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if req.IsHTTPS() { - return (&UnsignedPayload{}).HandleFinalize(ctx, in, next) - } - return (&ComputePayloadSHA256{}).HandleFinalize(ctx, in, next) -} - -// UnsignedPayload sets the SigV4 request payload hash to unsigned. -// -// Will not set the Unsigned Payload magic SHA value, if a SHA has already been -// stored in the context. (e.g. application pre-computed SHA256 before making -// API call). -// -// This middleware does not check the X-Amz-Content-Sha256 header, if that -// header is serialized a middleware must translate it into the context. -type UnsignedPayload struct{} - -// AddUnsignedPayloadMiddleware adds unsignedPayload to the operation -// middleware stack -func AddUnsignedPayloadMiddleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&UnsignedPayload{}, "ResolveEndpointV2", middleware.After) -} - -// ID returns the unsignedPayload identifier -func (m *UnsignedPayload) ID() string { - return computePayloadHashMiddlewareID -} - -// HandleFinalize sets the payload hash magic value to the unsigned sentinel. -func (m *UnsignedPayload) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - if GetPayloadHash(ctx) == "" { - ctx = SetPayloadHash(ctx, v4Internal.UnsignedPayload) - } - return next.HandleFinalize(ctx, in) -} - -// ComputePayloadSHA256 computes SHA256 payload hash to sign. -// -// Will not set the Unsigned Payload magic SHA value, if a SHA has already been -// stored in the context. (e.g. application pre-computed SHA256 before making -// API call). -// -// This middleware does not check the X-Amz-Content-Sha256 header, if that -// header is serialized a middleware must translate it into the context. -type ComputePayloadSHA256 struct{} - -// AddComputePayloadSHA256Middleware adds computePayloadSHA256 to the -// operation middleware stack -func AddComputePayloadSHA256Middleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After) -} - -// RemoveComputePayloadSHA256Middleware removes computePayloadSHA256 from the -// operation middleware stack -func RemoveComputePayloadSHA256Middleware(stack *middleware.Stack) error { - _, err := stack.Finalize.Remove(computePayloadHashMiddlewareID) - return err -} - -// ID is the middleware name -func (m *ComputePayloadSHA256) ID() string { - return computePayloadHashMiddlewareID -} - -// HandleFinalize computes the payload hash for the request, storing it to the -// context. This is a no-op if a caller has previously set that value. -func (m *ComputePayloadSHA256) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - if GetPayloadHash(ctx) != "" { - return next.HandleFinalize(ctx, in) - } - - _, span := tracing.StartSpan(ctx, "ComputePayloadSHA256") - defer span.End() - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &HashComputationError{ - Err: fmt.Errorf("unexpected request middleware type %T", in.Request), - } - } - - hash := sha256.New() - if stream := req.GetStream(); stream != nil { - _, err = io.Copy(hash, stream) - if err != nil { - return out, metadata, &HashComputationError{ - Err: fmt.Errorf("failed to compute payload hash, %w", err), - } - } - - if err := req.RewindStream(); err != nil { - return out, metadata, &HashComputationError{ - Err: fmt.Errorf("failed to seek body to start, %w", err), - } - } - } - - ctx = SetPayloadHash(ctx, hex.EncodeToString(hash.Sum(nil))) - - span.End() - return next.HandleFinalize(ctx, in) -} - -// SwapComputePayloadSHA256ForUnsignedPayloadMiddleware replaces the -// ComputePayloadSHA256 middleware with the UnsignedPayload middleware. -// -// Use this to disable computing the Payload SHA256 checksum and instead use -// UNSIGNED-PAYLOAD for the SHA256 value. -func SwapComputePayloadSHA256ForUnsignedPayloadMiddleware(stack *middleware.Stack) error { - _, err := stack.Finalize.Swap(computePayloadHashMiddlewareID, &UnsignedPayload{}) - return err -} - -// ContentSHA256Header sets the X-Amz-Content-Sha256 header value to -// the Payload hash stored in the context. -type ContentSHA256Header struct{} - -// AddContentSHA256HeaderMiddleware adds ContentSHA256Header to the -// operation middleware stack -func AddContentSHA256HeaderMiddleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&ContentSHA256Header{}, computePayloadHashMiddlewareID, middleware.After) -} - -// RemoveContentSHA256HeaderMiddleware removes contentSHA256Header middleware -// from the operation middleware stack -func RemoveContentSHA256HeaderMiddleware(stack *middleware.Stack) error { - _, err := stack.Finalize.Remove((*ContentSHA256Header)(nil).ID()) - return err -} - -// ID returns the ContentSHA256HeaderMiddleware identifier -func (m *ContentSHA256Header) ID() string { - return "SigV4ContentSHA256Header" -} - -// HandleFinalize sets the X-Amz-Content-Sha256 header value to the Payload hash -// stored in the context. -func (m *ContentSHA256Header) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &HashComputationError{Err: fmt.Errorf("unexpected request middleware type %T", in.Request)} - } - - req.Header.Set(v4Internal.ContentSHAKey, GetPayloadHash(ctx)) - return next.HandleFinalize(ctx, in) -} - -// SignHTTPRequestMiddlewareOptions is the configuration options for -// [SignHTTPRequestMiddleware]. -// -// Deprecated: [SignHTTPRequestMiddleware] is deprecated. -type SignHTTPRequestMiddlewareOptions struct { - CredentialsProvider aws.CredentialsProvider - Signer HTTPSigner - LogSigning bool -} - -// SignHTTPRequestMiddleware is a `FinalizeMiddleware` implementation for SigV4 -// HTTP Signing. -// -// Deprecated: AWS service clients no longer use this middleware. Signing as an -// SDK operation is now performed through an internal per-service middleware -// which opaquely selects and uses the signer from the resolved auth scheme. -type SignHTTPRequestMiddleware struct { - credentialsProvider aws.CredentialsProvider - signer HTTPSigner - logSigning bool -} - -// NewSignHTTPRequestMiddleware constructs a [SignHTTPRequestMiddleware] using -// the given [Signer] for signing requests. -// -// Deprecated: SignHTTPRequestMiddleware is deprecated. -func NewSignHTTPRequestMiddleware(options SignHTTPRequestMiddlewareOptions) *SignHTTPRequestMiddleware { - return &SignHTTPRequestMiddleware{ - credentialsProvider: options.CredentialsProvider, - signer: options.Signer, - logSigning: options.LogSigning, - } -} - -// ID is the SignHTTPRequestMiddleware identifier. -// -// Deprecated: SignHTTPRequestMiddleware is deprecated. -func (s *SignHTTPRequestMiddleware) ID() string { - return "Signing" -} - -// HandleFinalize will take the provided input and sign the request using the -// SigV4 authentication scheme. -// -// Deprecated: SignHTTPRequestMiddleware is deprecated. -func (s *SignHTTPRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - if !haveCredentialProvider(s.credentialsProvider) { - return next.HandleFinalize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &SigningError{Err: fmt.Errorf("unexpected request middleware type %T", in.Request)} - } - - signingName, signingRegion := awsmiddleware.GetSigningName(ctx), awsmiddleware.GetSigningRegion(ctx) - payloadHash := GetPayloadHash(ctx) - if len(payloadHash) == 0 { - return out, metadata, &SigningError{Err: fmt.Errorf("computed payload hash missing from context")} - } - - credentials, err := s.credentialsProvider.Retrieve(ctx) - if err != nil { - return out, metadata, &SigningError{Err: fmt.Errorf("failed to retrieve credentials: %w", err)} - } - - signerOptions := []func(o *SignerOptions){ - func(o *SignerOptions) { - o.Logger = middleware.GetLogger(ctx) - o.LogSigning = s.logSigning - }, - } - - // existing DisableURIPathEscaping is equivalent in purpose - // to authentication scheme property DisableDoubleEncoding - disableDoubleEncoding, overridden := internalauth.GetDisableDoubleEncoding(ctx) - if overridden { - signerOptions = append(signerOptions, func(o *SignerOptions) { - o.DisableURIPathEscaping = disableDoubleEncoding - }) - } - - err = s.signer.SignHTTP(ctx, credentials, req.Request, payloadHash, signingName, signingRegion, sdk.NowTime(), signerOptions...) - if err != nil { - return out, metadata, &SigningError{Err: fmt.Errorf("failed to sign http request, %w", err)} - } - - ctx = awsmiddleware.SetSigningCredentials(ctx, credentials) - - return next.HandleFinalize(ctx, in) -} - -// StreamingEventsPayload signs input event stream messages. -type StreamingEventsPayload struct{} - -// AddStreamingEventsPayload adds the streamingEventsPayload middleware to the stack. -func AddStreamingEventsPayload(stack *middleware.Stack) error { - return stack.Finalize.Add(&StreamingEventsPayload{}, middleware.Before) -} - -// ID identifies the middleware. -func (s *StreamingEventsPayload) ID() string { - return computePayloadHashMiddlewareID -} - -// HandleFinalize marks the input stream to be signed with SigV4. -func (s *StreamingEventsPayload) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - contentSHA := GetPayloadHash(ctx) - if len(contentSHA) == 0 { - contentSHA = v4Internal.StreamingEventsPayload - } - - ctx = SetPayloadHash(ctx, contentSHA) - - return next.HandleFinalize(ctx, in) -} - -// GetSignedRequestSignature attempts to extract the signature of the request. -// Returning an error if the request is unsigned, or unable to extract the -// signature. -func GetSignedRequestSignature(r *http.Request) ([]byte, error) { - const authHeaderSignatureElem = "Signature=" - - if auth := r.Header.Get(authorizationHeader); len(auth) != 0 { - ps := strings.Split(auth, ",") - for _, p := range ps { - p = strings.TrimSpace(p) - if idx := strings.Index(p, authHeaderSignatureElem); idx >= 0 { - sig := p[len(authHeaderSignatureElem):] - if len(sig) == 0 { - return nil, fmt.Errorf("invalid request signature authorization header") - } - return hex.DecodeString(sig) - } - } - } - - if sig := r.URL.Query().Get("X-Amz-Signature"); len(sig) != 0 { - return hex.DecodeString(sig) - } - - return nil, fmt.Errorf("request not signed") -} - -func haveCredentialProvider(p aws.CredentialsProvider) bool { - if p == nil { - return false - } - - return !aws.IsCredentialsProvider(p, (*aws.AnonymousCredentials)(nil)) -} - -type payloadHashKey struct{} - -// GetPayloadHash retrieves the payload hash to use for signing -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func GetPayloadHash(ctx context.Context) (v string) { - v, _ = middleware.GetStackValue(ctx, payloadHashKey{}).(string) - return v -} - -// SetPayloadHash sets the payload hash to be used for signing the request -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func SetPayloadHash(ctx context.Context, hash string) context.Context { - return middleware.WithStackValue(ctx, payloadHashKey{}, hash) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/presign_middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/presign_middleware.go deleted file mode 100644 index e1a06651..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/presign_middleware.go +++ /dev/null @@ -1,127 +0,0 @@ -package v4 - -import ( - "context" - "fmt" - "net/http" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/smithy-go/middleware" - smithyHTTP "github.com/aws/smithy-go/transport/http" -) - -// HTTPPresigner is an interface to a SigV4 signer that can sign create a -// presigned URL for a HTTP requests. -type HTTPPresigner interface { - PresignHTTP( - ctx context.Context, credentials aws.Credentials, r *http.Request, - payloadHash string, service string, region string, signingTime time.Time, - optFns ...func(*SignerOptions), - ) (url string, signedHeader http.Header, err error) -} - -// PresignedHTTPRequest provides the URL and signed headers that are included -// in the presigned URL. -type PresignedHTTPRequest struct { - URL string - Method string - SignedHeader http.Header -} - -// PresignHTTPRequestMiddlewareOptions is the options for the PresignHTTPRequestMiddleware middleware. -type PresignHTTPRequestMiddlewareOptions struct { - CredentialsProvider aws.CredentialsProvider - Presigner HTTPPresigner - LogSigning bool -} - -// PresignHTTPRequestMiddleware provides the Finalize middleware for creating a -// presigned URL for an HTTP request. -// -// Will short circuit the middleware stack and not forward onto the next -// Finalize handler. -type PresignHTTPRequestMiddleware struct { - credentialsProvider aws.CredentialsProvider - presigner HTTPPresigner - logSigning bool -} - -// NewPresignHTTPRequestMiddleware returns a new PresignHTTPRequestMiddleware -// initialized with the presigner. -func NewPresignHTTPRequestMiddleware(options PresignHTTPRequestMiddlewareOptions) *PresignHTTPRequestMiddleware { - return &PresignHTTPRequestMiddleware{ - credentialsProvider: options.CredentialsProvider, - presigner: options.Presigner, - logSigning: options.LogSigning, - } -} - -// ID provides the middleware ID. -func (*PresignHTTPRequestMiddleware) ID() string { return "PresignHTTPRequest" } - -// HandleFinalize will take the provided input and create a presigned url for -// the http request using the SigV4 presign authentication scheme. -// -// Since the signed request is not a valid HTTP request -func (s *PresignHTTPRequestMiddleware) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyHTTP.Request) - if !ok { - return out, metadata, &SigningError{ - Err: fmt.Errorf("unexpected request middleware type %T", in.Request), - } - } - - httpReq := req.Build(ctx) - if !haveCredentialProvider(s.credentialsProvider) { - out.Result = &PresignedHTTPRequest{ - URL: httpReq.URL.String(), - Method: httpReq.Method, - SignedHeader: http.Header{}, - } - - return out, metadata, nil - } - - signingName := awsmiddleware.GetSigningName(ctx) - signingRegion := awsmiddleware.GetSigningRegion(ctx) - payloadHash := GetPayloadHash(ctx) - if len(payloadHash) == 0 { - return out, metadata, &SigningError{ - Err: fmt.Errorf("computed payload hash missing from context"), - } - } - - credentials, err := s.credentialsProvider.Retrieve(ctx) - if err != nil { - return out, metadata, &SigningError{ - Err: fmt.Errorf("failed to retrieve credentials: %w", err), - } - } - - u, h, err := s.presigner.PresignHTTP(ctx, credentials, - httpReq, payloadHash, signingName, signingRegion, sdk.NowTime(), - func(o *SignerOptions) { - o.Logger = middleware.GetLogger(ctx) - o.LogSigning = s.logSigning - }) - if err != nil { - return out, metadata, &SigningError{ - Err: fmt.Errorf("failed to sign http request, %w", err), - } - } - - out.Result = &PresignedHTTPRequest{ - URL: u, - Method: httpReq.Method, - SignedHeader: h, - } - - return out, metadata, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/stream.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/stream.go deleted file mode 100644 index 66aa2bd6..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/stream.go +++ /dev/null @@ -1,86 +0,0 @@ -package v4 - -import ( - "context" - "crypto/sha256" - "encoding/hex" - "github.com/aws/aws-sdk-go-v2/aws" - v4Internal "github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4" - "strings" - "time" -) - -// EventStreamSigner is an AWS EventStream protocol signer. -type EventStreamSigner interface { - GetSignature(ctx context.Context, headers, payload []byte, signingTime time.Time, optFns ...func(*StreamSignerOptions)) ([]byte, error) -} - -// StreamSignerOptions is the configuration options for StreamSigner. -type StreamSignerOptions struct{} - -// StreamSigner implements Signature Version 4 (SigV4) signing of event stream encoded payloads. -type StreamSigner struct { - options StreamSignerOptions - - credentials aws.Credentials - service string - region string - - prevSignature []byte - - signingKeyDeriver *v4Internal.SigningKeyDeriver -} - -// NewStreamSigner returns a new AWS EventStream protocol signer. -func NewStreamSigner(credentials aws.Credentials, service, region string, seedSignature []byte, optFns ...func(*StreamSignerOptions)) *StreamSigner { - o := StreamSignerOptions{} - - for _, fn := range optFns { - fn(&o) - } - - return &StreamSigner{ - options: o, - credentials: credentials, - service: service, - region: region, - signingKeyDeriver: v4Internal.NewSigningKeyDeriver(), - prevSignature: seedSignature, - } -} - -// GetSignature signs the provided header and payload bytes. -func (s *StreamSigner) GetSignature(ctx context.Context, headers, payload []byte, signingTime time.Time, optFns ...func(*StreamSignerOptions)) ([]byte, error) { - options := s.options - - for _, fn := range optFns { - fn(&options) - } - - prevSignature := s.prevSignature - - st := v4Internal.NewSigningTime(signingTime) - - sigKey := s.signingKeyDeriver.DeriveKey(s.credentials, s.service, s.region, st) - - scope := v4Internal.BuildCredentialScope(st, s.region, s.service) - - stringToSign := s.buildEventStreamStringToSign(headers, payload, prevSignature, scope, &st) - - signature := v4Internal.HMACSHA256(sigKey, []byte(stringToSign)) - s.prevSignature = signature - - return signature, nil -} - -func (s *StreamSigner) buildEventStreamStringToSign(headers, payload, previousSignature []byte, credentialScope string, signingTime *v4Internal.SigningTime) string { - hash := sha256.New() - return strings.Join([]string{ - "AWS4-HMAC-SHA256-PAYLOAD", - signingTime.TimeFormat(), - credentialScope, - hex.EncodeToString(previousSignature), - hex.EncodeToString(makeHash(hash, headers)), - hex.EncodeToString(makeHash(hash, payload)), - }, "\n") -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/v4.go deleted file mode 100644 index 7ed91d5b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/signer/v4/v4.go +++ /dev/null @@ -1,564 +0,0 @@ -// Package v4 implements the AWS signature version 4 algorithm (commonly known -// as SigV4). -// -// For more information about SigV4, see [Signing AWS API requests] in the IAM -// user guide. -// -// While this implementation CAN work in an external context, it is developed -// primarily for SDK use and you may encounter fringe behaviors around header -// canonicalization. -// -// # Pre-escaping a request URI -// -// AWS v4 signature validation requires that the canonical string's URI path -// component must be the escaped form of the HTTP request's path. -// -// The Go HTTP client will perform escaping automatically on the HTTP request. -// This may cause signature validation errors because the request differs from -// the URI path or query from which the signature was generated. -// -// Because of this, we recommend that you explicitly escape the request when -// using this signer outside of the SDK to prevent possible signature mismatch. -// This can be done by setting URL.Opaque on the request. The signer will -// prefer that value, falling back to the return of URL.EscapedPath if unset. -// -// When setting URL.Opaque you must do so in the form of: -// -// "///" -// -// // e.g. -// "//example.com/some/path" -// -// The leading "//" and hostname are required or the escaping will not work -// correctly. -// -// The TestStandaloneSign unit test provides a complete example of using the -// signer outside of the SDK and pre-escaping the URI path. -// -// [Signing AWS API requests]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html -package v4 - -import ( - "context" - "crypto/sha256" - "encoding/hex" - "fmt" - "hash" - "net/http" - "net/textproto" - "net/url" - "sort" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - v4Internal "github.com/aws/aws-sdk-go-v2/aws/signer/internal/v4" - "github.com/aws/smithy-go/encoding/httpbinding" - "github.com/aws/smithy-go/logging" -) - -const ( - signingAlgorithm = "AWS4-HMAC-SHA256" - authorizationHeader = "Authorization" - - // Version of signing v4 - Version = "SigV4" -) - -// HTTPSigner is an interface to a SigV4 signer that can sign HTTP requests -type HTTPSigner interface { - SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*SignerOptions)) error -} - -type keyDerivator interface { - DeriveKey(credential aws.Credentials, service, region string, signingTime v4Internal.SigningTime) []byte -} - -// SignerOptions is the SigV4 Signer options. -type SignerOptions struct { - // Disables the Signer's moving HTTP header key/value pairs from the HTTP - // request header to the request's query string. This is most commonly used - // with pre-signed requests preventing headers from being added to the - // request's query string. - DisableHeaderHoisting bool - - // Disables the automatic escaping of the URI path of the request for the - // siganture's canonical string's path. For services that do not need additional - // escaping then use this to disable the signer escaping the path. - // - // S3 is an example of a service that does not need additional escaping. - // - // http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html - DisableURIPathEscaping bool - - // The logger to send log messages to. - Logger logging.Logger - - // Enable logging of signed requests. - // This will enable logging of the canonical request, the string to sign, and for presigning the subsequent - // presigned URL. - LogSigning bool - - // Disables setting the session token on the request as part of signing - // through X-Amz-Security-Token. This is needed for variations of v4 that - // present the token elsewhere. - DisableSessionToken bool -} - -// Signer applies AWS v4 signing to given request. Use this to sign requests -// that need to be signed with AWS V4 Signatures. -type Signer struct { - options SignerOptions - keyDerivator keyDerivator -} - -// NewSigner returns a new SigV4 Signer -func NewSigner(optFns ...func(signer *SignerOptions)) *Signer { - options := SignerOptions{} - - for _, fn := range optFns { - fn(&options) - } - - return &Signer{options: options, keyDerivator: v4Internal.NewSigningKeyDeriver()} -} - -type httpSigner struct { - Request *http.Request - ServiceName string - Region string - Time v4Internal.SigningTime - Credentials aws.Credentials - KeyDerivator keyDerivator - IsPreSign bool - - PayloadHash string - - DisableHeaderHoisting bool - DisableURIPathEscaping bool - DisableSessionToken bool -} - -func (s *httpSigner) Build() (signedRequest, error) { - req := s.Request - - query := req.URL.Query() - headers := req.Header - - s.setRequiredSigningFields(headers, query) - - // Sort Each Query Key's Values - for key := range query { - sort.Strings(query[key]) - } - - v4Internal.SanitizeHostForHeader(req) - - credentialScope := s.buildCredentialScope() - credentialStr := s.Credentials.AccessKeyID + "/" + credentialScope - if s.IsPreSign { - query.Set(v4Internal.AmzCredentialKey, credentialStr) - } - - unsignedHeaders := headers - if s.IsPreSign && !s.DisableHeaderHoisting { - var urlValues url.Values - urlValues, unsignedHeaders = buildQuery(v4Internal.AllowedQueryHoisting, headers) - for k := range urlValues { - query[k] = urlValues[k] - } - } - - host := req.URL.Host - if len(req.Host) > 0 { - host = req.Host - } - - signedHeaders, signedHeadersStr, canonicalHeaderStr := s.buildCanonicalHeaders(host, v4Internal.IgnoredHeaders, unsignedHeaders, s.Request.ContentLength) - - if s.IsPreSign { - query.Set(v4Internal.AmzSignedHeadersKey, signedHeadersStr) - } - - var rawQuery strings.Builder - rawQuery.WriteString(strings.Replace(query.Encode(), "+", "%20", -1)) - - canonicalURI := v4Internal.GetURIPath(req.URL) - if !s.DisableURIPathEscaping { - canonicalURI = httpbinding.EscapePath(canonicalURI, false) - } - - canonicalString := s.buildCanonicalString( - req.Method, - canonicalURI, - rawQuery.String(), - signedHeadersStr, - canonicalHeaderStr, - ) - - strToSign := s.buildStringToSign(credentialScope, canonicalString) - signingSignature, err := s.buildSignature(strToSign) - if err != nil { - return signedRequest{}, err - } - - if s.IsPreSign { - rawQuery.WriteString("&X-Amz-Signature=") - rawQuery.WriteString(signingSignature) - } else { - headers[authorizationHeader] = append(headers[authorizationHeader][:0], buildAuthorizationHeader(credentialStr, signedHeadersStr, signingSignature)) - } - - req.URL.RawQuery = rawQuery.String() - - return signedRequest{ - Request: req, - SignedHeaders: signedHeaders, - CanonicalString: canonicalString, - StringToSign: strToSign, - PreSigned: s.IsPreSign, - }, nil -} - -func buildAuthorizationHeader(credentialStr, signedHeadersStr, signingSignature string) string { - const credential = "Credential=" - const signedHeaders = "SignedHeaders=" - const signature = "Signature=" - const commaSpace = ", " - - var parts strings.Builder - parts.Grow(len(signingAlgorithm) + 1 + - len(credential) + len(credentialStr) + 2 + - len(signedHeaders) + len(signedHeadersStr) + 2 + - len(signature) + len(signingSignature), - ) - parts.WriteString(signingAlgorithm) - parts.WriteRune(' ') - parts.WriteString(credential) - parts.WriteString(credentialStr) - parts.WriteString(commaSpace) - parts.WriteString(signedHeaders) - parts.WriteString(signedHeadersStr) - parts.WriteString(commaSpace) - parts.WriteString(signature) - parts.WriteString(signingSignature) - return parts.String() -} - -// SignHTTP signs AWS v4 requests with the provided payload hash, service name, region the -// request is made to, and time the request is signed at. The signTime allows -// you to specify that a request is signed for the future, and cannot be -// used until then. -// -// The payloadHash is the hex encoded SHA-256 hash of the request payload, and -// must be provided. Even if the request has no payload (aka body). If the -// request has no payload you should use the hex encoded SHA-256 of an empty -// string as the payloadHash value. -// -// "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" -// -// Some services such as Amazon S3 accept alternative values for the payload -// hash, such as "UNSIGNED-PAYLOAD" for requests where the body will not be -// included in the request signature. -// -// https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html -// -// Sign differs from Presign in that it will sign the request using HTTP -// header values. This type of signing is intended for http.Request values that -// will not be shared, or are shared in a way the header values on the request -// will not be lost. -// -// The passed in request will be modified in place. -func (s Signer) SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(options *SignerOptions)) error { - options := s.options - - for _, fn := range optFns { - fn(&options) - } - - signer := &httpSigner{ - Request: r, - PayloadHash: payloadHash, - ServiceName: service, - Region: region, - Credentials: credentials, - Time: v4Internal.NewSigningTime(signingTime.UTC()), - DisableHeaderHoisting: options.DisableHeaderHoisting, - DisableURIPathEscaping: options.DisableURIPathEscaping, - DisableSessionToken: options.DisableSessionToken, - KeyDerivator: s.keyDerivator, - } - - signedRequest, err := signer.Build() - if err != nil { - return err - } - - logSigningInfo(ctx, options, &signedRequest, false) - - return nil -} - -// PresignHTTP signs AWS v4 requests with the payload hash, service name, region -// the request is made to, and time the request is signed at. The signTime -// allows you to specify that a request is signed for the future, and cannot -// be used until then. -// -// Returns the signed URL and the map of HTTP headers that were included in the -// signature or an error if signing the request failed. For presigned requests -// these headers and their values must be included on the HTTP request when it -// is made. This is helpful to know what header values need to be shared with -// the party the presigned request will be distributed to. -// -// The payloadHash is the hex encoded SHA-256 hash of the request payload, and -// must be provided. Even if the request has no payload (aka body). If the -// request has no payload you should use the hex encoded SHA-256 of an empty -// string as the payloadHash value. -// -// "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" -// -// Some services such as Amazon S3 accept alternative values for the payload -// hash, such as "UNSIGNED-PAYLOAD" for requests where the body will not be -// included in the request signature. -// -// https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html -// -// PresignHTTP differs from SignHTTP in that it will sign the request using -// query string instead of header values. This allows you to share the -// Presigned Request's URL with third parties, or distribute it throughout your -// system with minimal dependencies. -// -// PresignHTTP will not set the expires time of the presigned request -// automatically. To specify the expire duration for a request add the -// "X-Amz-Expires" query parameter on the request with the value as the -// duration in seconds the presigned URL should be considered valid for. This -// parameter is not used by all AWS services, and is most notable used by -// Amazon S3 APIs. -// -// expires := 20 * time.Minute -// query := req.URL.Query() -// query.Set("X-Amz-Expires", strconv.FormatInt(int64(expires/time.Second), 10)) -// req.URL.RawQuery = query.Encode() -// -// This method does not modify the provided request. -func (s *Signer) PresignHTTP( - ctx context.Context, credentials aws.Credentials, r *http.Request, - payloadHash string, service string, region string, signingTime time.Time, - optFns ...func(*SignerOptions), -) (signedURI string, signedHeaders http.Header, err error) { - options := s.options - - for _, fn := range optFns { - fn(&options) - } - - signer := &httpSigner{ - Request: r.Clone(r.Context()), - PayloadHash: payloadHash, - ServiceName: service, - Region: region, - Credentials: credentials, - Time: v4Internal.NewSigningTime(signingTime.UTC()), - IsPreSign: true, - DisableHeaderHoisting: options.DisableHeaderHoisting, - DisableURIPathEscaping: options.DisableURIPathEscaping, - DisableSessionToken: options.DisableSessionToken, - KeyDerivator: s.keyDerivator, - } - - signedRequest, err := signer.Build() - if err != nil { - return "", nil, err - } - - logSigningInfo(ctx, options, &signedRequest, true) - - signedHeaders = make(http.Header) - - // For the signed headers we canonicalize the header keys in the returned map. - // This avoids situations where can standard library double headers like host header. For example the standard - // library will set the Host header, even if it is present in lower-case form. - for k, v := range signedRequest.SignedHeaders { - key := textproto.CanonicalMIMEHeaderKey(k) - signedHeaders[key] = append(signedHeaders[key], v...) - } - - return signedRequest.Request.URL.String(), signedHeaders, nil -} - -func (s *httpSigner) buildCredentialScope() string { - return v4Internal.BuildCredentialScope(s.Time, s.Region, s.ServiceName) -} - -func buildQuery(r v4Internal.Rule, header http.Header) (url.Values, http.Header) { - query := url.Values{} - unsignedHeaders := http.Header{} - - // A list of headers to be converted to lower case to mitigate a limitation from S3 - lowerCaseHeaders := map[string]string{ - "X-Amz-Expected-Bucket-Owner": "x-amz-expected-bucket-owner", // see #2508 - "X-Amz-Request-Payer": "x-amz-request-payer", // see #2764 - } - - for k, h := range header { - if newKey, ok := lowerCaseHeaders[k]; ok { - k = newKey - } - - if r.IsValid(k) { - query[k] = h - } else { - unsignedHeaders[k] = h - } - } - - return query, unsignedHeaders -} - -func (s *httpSigner) buildCanonicalHeaders(host string, rule v4Internal.Rule, header http.Header, length int64) (signed http.Header, signedHeaders, canonicalHeadersStr string) { - signed = make(http.Header) - - var headers []string - const hostHeader = "host" - headers = append(headers, hostHeader) - signed[hostHeader] = append(signed[hostHeader], host) - - const contentLengthHeader = "content-length" - if length > 0 { - headers = append(headers, contentLengthHeader) - signed[contentLengthHeader] = append(signed[contentLengthHeader], strconv.FormatInt(length, 10)) - } - - for k, v := range header { - if !rule.IsValid(k) { - continue // ignored header - } - if strings.EqualFold(k, contentLengthHeader) { - // prevent signing already handled content-length header. - continue - } - - lowerCaseKey := strings.ToLower(k) - if _, ok := signed[lowerCaseKey]; ok { - // include additional values - signed[lowerCaseKey] = append(signed[lowerCaseKey], v...) - continue - } - - headers = append(headers, lowerCaseKey) - signed[lowerCaseKey] = v - } - sort.Strings(headers) - - signedHeaders = strings.Join(headers, ";") - - var canonicalHeaders strings.Builder - n := len(headers) - const colon = ':' - for i := 0; i < n; i++ { - if headers[i] == hostHeader { - canonicalHeaders.WriteString(hostHeader) - canonicalHeaders.WriteRune(colon) - canonicalHeaders.WriteString(v4Internal.StripExcessSpaces(host)) - } else { - canonicalHeaders.WriteString(headers[i]) - canonicalHeaders.WriteRune(colon) - // Trim out leading, trailing, and dedup inner spaces from signed header values. - values := signed[headers[i]] - for j, v := range values { - cleanedValue := strings.TrimSpace(v4Internal.StripExcessSpaces(v)) - canonicalHeaders.WriteString(cleanedValue) - if j < len(values)-1 { - canonicalHeaders.WriteRune(',') - } - } - } - canonicalHeaders.WriteRune('\n') - } - canonicalHeadersStr = canonicalHeaders.String() - - return signed, signedHeaders, canonicalHeadersStr -} - -func (s *httpSigner) buildCanonicalString(method, uri, query, signedHeaders, canonicalHeaders string) string { - return strings.Join([]string{ - method, - uri, - query, - canonicalHeaders, - signedHeaders, - s.PayloadHash, - }, "\n") -} - -func (s *httpSigner) buildStringToSign(credentialScope, canonicalRequestString string) string { - return strings.Join([]string{ - signingAlgorithm, - s.Time.TimeFormat(), - credentialScope, - hex.EncodeToString(makeHash(sha256.New(), []byte(canonicalRequestString))), - }, "\n") -} - -func makeHash(hash hash.Hash, b []byte) []byte { - hash.Reset() - hash.Write(b) - return hash.Sum(nil) -} - -func (s *httpSigner) buildSignature(strToSign string) (string, error) { - key := s.KeyDerivator.DeriveKey(s.Credentials, s.ServiceName, s.Region, s.Time) - return hex.EncodeToString(v4Internal.HMACSHA256(key, []byte(strToSign))), nil -} - -func (s *httpSigner) setRequiredSigningFields(headers http.Header, query url.Values) { - amzDate := s.Time.TimeFormat() - - if s.IsPreSign { - query.Set(v4Internal.AmzAlgorithmKey, signingAlgorithm) - sessionToken := s.Credentials.SessionToken - if !s.DisableSessionToken && len(sessionToken) > 0 { - query.Set("X-Amz-Security-Token", sessionToken) - } - - query.Set(v4Internal.AmzDateKey, amzDate) - return - } - - headers[v4Internal.AmzDateKey] = append(headers[v4Internal.AmzDateKey][:0], amzDate) - - if !s.DisableSessionToken && len(s.Credentials.SessionToken) > 0 { - headers[v4Internal.AmzSecurityTokenKey] = append(headers[v4Internal.AmzSecurityTokenKey][:0], s.Credentials.SessionToken) - } -} - -func logSigningInfo(ctx context.Context, options SignerOptions, request *signedRequest, isPresign bool) { - if !options.LogSigning { - return - } - signedURLMsg := "" - if isPresign { - signedURLMsg = fmt.Sprintf(logSignedURLMsg, request.Request.URL.String()) - } - logger := logging.WithContext(ctx, options.Logger) - logger.Logf(logging.Debug, logSignInfoMsg, request.CanonicalString, request.StringToSign, signedURLMsg) -} - -type signedRequest struct { - Request *http.Request - SignedHeaders http.Header - CanonicalString string - StringToSign string - PreSigned bool -} - -const logSignInfoMsg = `Request Signature: ----[ CANONICAL STRING ]----------------------------- -%s ----[ STRING TO SIGN ]-------------------------------- -%s%s ------------------------------------------------------` -const logSignedURLMsg = ` ----[ SIGNED URL ]------------------------------------ -%s` diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/to_ptr.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/to_ptr.go deleted file mode 100644 index f3fc4d61..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/to_ptr.go +++ /dev/null @@ -1,297 +0,0 @@ -// Code generated by aws/generate.go DO NOT EDIT. - -package aws - -import ( - "github.com/aws/smithy-go/ptr" - "time" -) - -// Bool returns a pointer value for the bool value passed in. -func Bool(v bool) *bool { - return ptr.Bool(v) -} - -// BoolSlice returns a slice of bool pointers from the values -// passed in. -func BoolSlice(vs []bool) []*bool { - return ptr.BoolSlice(vs) -} - -// BoolMap returns a map of bool pointers from the values -// passed in. -func BoolMap(vs map[string]bool) map[string]*bool { - return ptr.BoolMap(vs) -} - -// Byte returns a pointer value for the byte value passed in. -func Byte(v byte) *byte { - return ptr.Byte(v) -} - -// ByteSlice returns a slice of byte pointers from the values -// passed in. -func ByteSlice(vs []byte) []*byte { - return ptr.ByteSlice(vs) -} - -// ByteMap returns a map of byte pointers from the values -// passed in. -func ByteMap(vs map[string]byte) map[string]*byte { - return ptr.ByteMap(vs) -} - -// String returns a pointer value for the string value passed in. -func String(v string) *string { - return ptr.String(v) -} - -// StringSlice returns a slice of string pointers from the values -// passed in. -func StringSlice(vs []string) []*string { - return ptr.StringSlice(vs) -} - -// StringMap returns a map of string pointers from the values -// passed in. -func StringMap(vs map[string]string) map[string]*string { - return ptr.StringMap(vs) -} - -// Int returns a pointer value for the int value passed in. -func Int(v int) *int { - return ptr.Int(v) -} - -// IntSlice returns a slice of int pointers from the values -// passed in. -func IntSlice(vs []int) []*int { - return ptr.IntSlice(vs) -} - -// IntMap returns a map of int pointers from the values -// passed in. -func IntMap(vs map[string]int) map[string]*int { - return ptr.IntMap(vs) -} - -// Int8 returns a pointer value for the int8 value passed in. -func Int8(v int8) *int8 { - return ptr.Int8(v) -} - -// Int8Slice returns a slice of int8 pointers from the values -// passed in. -func Int8Slice(vs []int8) []*int8 { - return ptr.Int8Slice(vs) -} - -// Int8Map returns a map of int8 pointers from the values -// passed in. -func Int8Map(vs map[string]int8) map[string]*int8 { - return ptr.Int8Map(vs) -} - -// Int16 returns a pointer value for the int16 value passed in. -func Int16(v int16) *int16 { - return ptr.Int16(v) -} - -// Int16Slice returns a slice of int16 pointers from the values -// passed in. -func Int16Slice(vs []int16) []*int16 { - return ptr.Int16Slice(vs) -} - -// Int16Map returns a map of int16 pointers from the values -// passed in. -func Int16Map(vs map[string]int16) map[string]*int16 { - return ptr.Int16Map(vs) -} - -// Int32 returns a pointer value for the int32 value passed in. -func Int32(v int32) *int32 { - return ptr.Int32(v) -} - -// Int32Slice returns a slice of int32 pointers from the values -// passed in. -func Int32Slice(vs []int32) []*int32 { - return ptr.Int32Slice(vs) -} - -// Int32Map returns a map of int32 pointers from the values -// passed in. -func Int32Map(vs map[string]int32) map[string]*int32 { - return ptr.Int32Map(vs) -} - -// Int64 returns a pointer value for the int64 value passed in. -func Int64(v int64) *int64 { - return ptr.Int64(v) -} - -// Int64Slice returns a slice of int64 pointers from the values -// passed in. -func Int64Slice(vs []int64) []*int64 { - return ptr.Int64Slice(vs) -} - -// Int64Map returns a map of int64 pointers from the values -// passed in. -func Int64Map(vs map[string]int64) map[string]*int64 { - return ptr.Int64Map(vs) -} - -// Uint returns a pointer value for the uint value passed in. -func Uint(v uint) *uint { - return ptr.Uint(v) -} - -// UintSlice returns a slice of uint pointers from the values -// passed in. -func UintSlice(vs []uint) []*uint { - return ptr.UintSlice(vs) -} - -// UintMap returns a map of uint pointers from the values -// passed in. -func UintMap(vs map[string]uint) map[string]*uint { - return ptr.UintMap(vs) -} - -// Uint8 returns a pointer value for the uint8 value passed in. -func Uint8(v uint8) *uint8 { - return ptr.Uint8(v) -} - -// Uint8Slice returns a slice of uint8 pointers from the values -// passed in. -func Uint8Slice(vs []uint8) []*uint8 { - return ptr.Uint8Slice(vs) -} - -// Uint8Map returns a map of uint8 pointers from the values -// passed in. -func Uint8Map(vs map[string]uint8) map[string]*uint8 { - return ptr.Uint8Map(vs) -} - -// Uint16 returns a pointer value for the uint16 value passed in. -func Uint16(v uint16) *uint16 { - return ptr.Uint16(v) -} - -// Uint16Slice returns a slice of uint16 pointers from the values -// passed in. -func Uint16Slice(vs []uint16) []*uint16 { - return ptr.Uint16Slice(vs) -} - -// Uint16Map returns a map of uint16 pointers from the values -// passed in. -func Uint16Map(vs map[string]uint16) map[string]*uint16 { - return ptr.Uint16Map(vs) -} - -// Uint32 returns a pointer value for the uint32 value passed in. -func Uint32(v uint32) *uint32 { - return ptr.Uint32(v) -} - -// Uint32Slice returns a slice of uint32 pointers from the values -// passed in. -func Uint32Slice(vs []uint32) []*uint32 { - return ptr.Uint32Slice(vs) -} - -// Uint32Map returns a map of uint32 pointers from the values -// passed in. -func Uint32Map(vs map[string]uint32) map[string]*uint32 { - return ptr.Uint32Map(vs) -} - -// Uint64 returns a pointer value for the uint64 value passed in. -func Uint64(v uint64) *uint64 { - return ptr.Uint64(v) -} - -// Uint64Slice returns a slice of uint64 pointers from the values -// passed in. -func Uint64Slice(vs []uint64) []*uint64 { - return ptr.Uint64Slice(vs) -} - -// Uint64Map returns a map of uint64 pointers from the values -// passed in. -func Uint64Map(vs map[string]uint64) map[string]*uint64 { - return ptr.Uint64Map(vs) -} - -// Float32 returns a pointer value for the float32 value passed in. -func Float32(v float32) *float32 { - return ptr.Float32(v) -} - -// Float32Slice returns a slice of float32 pointers from the values -// passed in. -func Float32Slice(vs []float32) []*float32 { - return ptr.Float32Slice(vs) -} - -// Float32Map returns a map of float32 pointers from the values -// passed in. -func Float32Map(vs map[string]float32) map[string]*float32 { - return ptr.Float32Map(vs) -} - -// Float64 returns a pointer value for the float64 value passed in. -func Float64(v float64) *float64 { - return ptr.Float64(v) -} - -// Float64Slice returns a slice of float64 pointers from the values -// passed in. -func Float64Slice(vs []float64) []*float64 { - return ptr.Float64Slice(vs) -} - -// Float64Map returns a map of float64 pointers from the values -// passed in. -func Float64Map(vs map[string]float64) map[string]*float64 { - return ptr.Float64Map(vs) -} - -// Time returns a pointer value for the time.Time value passed in. -func Time(v time.Time) *time.Time { - return ptr.Time(v) -} - -// TimeSlice returns a slice of time.Time pointers from the values -// passed in. -func TimeSlice(vs []time.Time) []*time.Time { - return ptr.TimeSlice(vs) -} - -// TimeMap returns a map of time.Time pointers from the values -// passed in. -func TimeMap(vs map[string]time.Time) map[string]*time.Time { - return ptr.TimeMap(vs) -} - -// Duration returns a pointer value for the time.Duration value passed in. -func Duration(v time.Duration) *time.Duration { - return ptr.Duration(v) -} - -// DurationSlice returns a slice of time.Duration pointers from the values -// passed in. -func DurationSlice(vs []time.Duration) []*time.Duration { - return ptr.DurationSlice(vs) -} - -// DurationMap returns a map of time.Duration pointers from the values -// passed in. -func DurationMap(vs map[string]time.Duration) map[string]*time.Duration { - return ptr.DurationMap(vs) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go deleted file mode 100644 index 8d7c35a9..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go +++ /dev/null @@ -1,342 +0,0 @@ -package http - -import ( - "context" - "crypto/tls" - "net" - "net/http" - "reflect" - "sync" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/smithy-go/tracing" -) - -// Defaults for the HTTPTransportBuilder. -var ( - // Default connection pool options - DefaultHTTPTransportMaxIdleConns = 100 - DefaultHTTPTransportMaxIdleConnsPerHost = 10 - - // Default connection timeouts - DefaultHTTPTransportIdleConnTimeout = 90 * time.Second - DefaultHTTPTransportTLSHandleshakeTimeout = 10 * time.Second - DefaultHTTPTransportExpectContinueTimeout = 1 * time.Second - - // Default to TLS 1.2 for all HTTPS requests. - DefaultHTTPTransportTLSMinVersion uint16 = tls.VersionTLS12 -) - -// Timeouts for net.Dialer's network connection. -var ( - DefaultDialConnectTimeout = 30 * time.Second - DefaultDialKeepAliveTimeout = 30 * time.Second -) - -// BuildableClient provides a HTTPClient implementation with options to -// create copies of the HTTPClient when additional configuration is provided. -// -// The client's methods will not share the http.Transport value between copies -// of the BuildableClient. Only exported member values of the Transport and -// optional Dialer will be copied between copies of BuildableClient. -type BuildableClient struct { - transport *http.Transport - dialer *net.Dialer - - initOnce sync.Once - - clientTimeout time.Duration - client *http.Client -} - -// NewBuildableClient returns an initialized client for invoking HTTP -// requests. -func NewBuildableClient() *BuildableClient { - return &BuildableClient{} -} - -// Do implements the HTTPClient interface's Do method to invoke a HTTP request, -// and receive the response. Uses the BuildableClient's current -// configuration to invoke the http.Request. -// -// If connection pooling is enabled (aka HTTP KeepAlive) the client will only -// share pooled connections with its own instance. Copies of the -// BuildableClient will have their own connection pools. -// -// Redirect (3xx) responses will not be followed, the HTTP response received -// will returned instead. -func (b *BuildableClient) Do(req *http.Request) (*http.Response, error) { - b.initOnce.Do(b.build) - - return b.client.Do(req) -} - -// Freeze returns a frozen aws.HTTPClient implementation that is no longer a BuildableClient. -// Use this to prevent the SDK from applying DefaultMode configuration values to a buildable client. -func (b *BuildableClient) Freeze() aws.HTTPClient { - cpy := b.clone() - cpy.build() - return cpy.client -} - -func (b *BuildableClient) build() { - b.client = wrapWithLimitedRedirect(&http.Client{ - Timeout: b.clientTimeout, - Transport: b.GetTransport(), - }) -} - -func (b *BuildableClient) clone() *BuildableClient { - cpy := NewBuildableClient() - cpy.transport = b.GetTransport() - cpy.dialer = b.GetDialer() - cpy.clientTimeout = b.clientTimeout - - return cpy -} - -// WithTransportOptions copies the BuildableClient and returns it with the -// http.Transport options applied. -// -// If a non (*http.Transport) was set as the round tripper, the round tripper -// will be replaced with a default Transport value before invoking the option -// functions. -func (b *BuildableClient) WithTransportOptions(opts ...func(*http.Transport)) *BuildableClient { - cpy := b.clone() - - tr := cpy.GetTransport() - for _, opt := range opts { - opt(tr) - } - cpy.transport = tr - - return cpy -} - -// WithDialerOptions copies the BuildableClient and returns it with the -// net.Dialer options applied. Will set the client's http.Transport DialContext -// member. -func (b *BuildableClient) WithDialerOptions(opts ...func(*net.Dialer)) *BuildableClient { - cpy := b.clone() - - dialer := cpy.GetDialer() - for _, opt := range opts { - opt(dialer) - } - cpy.dialer = dialer - - tr := cpy.GetTransport() - tr.DialContext = cpy.dialer.DialContext - cpy.transport = tr - - return cpy -} - -// WithTimeout Sets the timeout used by the client for all requests. -func (b *BuildableClient) WithTimeout(timeout time.Duration) *BuildableClient { - cpy := b.clone() - cpy.clientTimeout = timeout - return cpy -} - -// GetTransport returns a copy of the client's HTTP Transport. -func (b *BuildableClient) GetTransport() *http.Transport { - var tr *http.Transport - if b.transport != nil { - tr = b.transport.Clone() - } else { - tr = defaultHTTPTransport() - } - - return tr -} - -// GetDialer returns a copy of the client's network dialer. -func (b *BuildableClient) GetDialer() *net.Dialer { - var dialer *net.Dialer - if b.dialer != nil { - dialer = shallowCopyStruct(b.dialer).(*net.Dialer) - } else { - dialer = defaultDialer() - } - - return dialer -} - -// GetTimeout returns a copy of the client's timeout to cancel requests with. -func (b *BuildableClient) GetTimeout() time.Duration { - return b.clientTimeout -} - -func defaultDialer() *net.Dialer { - return &net.Dialer{ - Timeout: DefaultDialConnectTimeout, - KeepAlive: DefaultDialKeepAliveTimeout, - DualStack: true, - } -} - -func defaultHTTPTransport() *http.Transport { - dialer := defaultDialer() - - tr := &http.Transport{ - Proxy: http.ProxyFromEnvironment, - DialContext: traceDialContext(dialer.DialContext), - TLSHandshakeTimeout: DefaultHTTPTransportTLSHandleshakeTimeout, - MaxIdleConns: DefaultHTTPTransportMaxIdleConns, - MaxIdleConnsPerHost: DefaultHTTPTransportMaxIdleConnsPerHost, - IdleConnTimeout: DefaultHTTPTransportIdleConnTimeout, - ExpectContinueTimeout: DefaultHTTPTransportExpectContinueTimeout, - ForceAttemptHTTP2: true, - TLSClientConfig: &tls.Config{ - MinVersion: DefaultHTTPTransportTLSMinVersion, - }, - } - - return tr -} - -type dialContext func(ctx context.Context, network, addr string) (net.Conn, error) - -func traceDialContext(dc dialContext) dialContext { - return func(ctx context.Context, network, addr string) (net.Conn, error) { - span, _ := tracing.GetSpan(ctx) - span.SetProperty("net.peer.name", addr) - - conn, err := dc(ctx, network, addr) - if err != nil { - return conn, err - } - - raddr := conn.RemoteAddr() - if raddr == nil { - return conn, err - } - - host, port, err := net.SplitHostPort(raddr.String()) - if err != nil { // don't blow up just because we couldn't parse - span.SetProperty("net.peer.addr", raddr.String()) - } else { - span.SetProperty("net.peer.host", host) - span.SetProperty("net.peer.port", port) - } - - return conn, err - } -} - -// shallowCopyStruct creates a shallow copy of the passed in source struct, and -// returns that copy of the same struct type. -func shallowCopyStruct(src interface{}) interface{} { - srcVal := reflect.ValueOf(src) - srcValType := srcVal.Type() - - var returnAsPtr bool - if srcValType.Kind() == reflect.Ptr { - srcVal = srcVal.Elem() - srcValType = srcValType.Elem() - returnAsPtr = true - } - dstVal := reflect.New(srcValType).Elem() - - for i := 0; i < srcValType.NumField(); i++ { - ft := srcValType.Field(i) - if len(ft.PkgPath) != 0 { - // unexported fields have a PkgPath - continue - } - - dstVal.Field(i).Set(srcVal.Field(i)) - } - - if returnAsPtr { - dstVal = dstVal.Addr() - } - - return dstVal.Interface() -} - -// wrapWithLimitedRedirect updates the Client's Transport and CheckRedirect to -// not follow any redirect other than 307 and 308. No other redirect will be -// followed. -// -// If the client does not have a Transport defined will use a new SDK default -// http.Transport configuration. -func wrapWithLimitedRedirect(c *http.Client) *http.Client { - tr := c.Transport - if tr == nil { - tr = defaultHTTPTransport() - } - - cc := *c - cc.CheckRedirect = limitedRedirect - cc.Transport = suppressBadHTTPRedirectTransport{ - tr: tr, - } - - return &cc -} - -// limitedRedirect is a CheckRedirect that prevents the client from following -// any non 307/308 HTTP status code redirects. -// -// The 307 and 308 redirects are allowed because the client must use the -// original HTTP method for the redirected to location. Whereas 301 and 302 -// allow the client to switch to GET for the redirect. -// -// Suppresses all redirect requests with a URL of badHTTPRedirectLocation. -func limitedRedirect(r *http.Request, via []*http.Request) error { - // Request.Response, in CheckRedirect is the response that is triggering - // the redirect. - resp := r.Response - if r.URL.String() == badHTTPRedirectLocation { - resp.Header.Del(badHTTPRedirectLocation) - return http.ErrUseLastResponse - } - - switch resp.StatusCode { - case 307, 308: - // Only allow 307 and 308 redirects as they preserve the method. - return nil - } - - return http.ErrUseLastResponse -} - -// suppressBadHTTPRedirectTransport provides an http.RoundTripper -// implementation that wraps another http.RoundTripper to prevent HTTP client -// receiving 301 and 302 HTTP responses redirects without the required location -// header. -// -// Clients using this utility must have a CheckRedirect, e.g. limitedRedirect, -// that check for responses with having a URL of baseHTTPRedirectLocation, and -// suppress the redirect. -type suppressBadHTTPRedirectTransport struct { - tr http.RoundTripper -} - -const badHTTPRedirectLocation = `https://amazonaws.com/badhttpredirectlocation` - -// RoundTrip backfills a stub location when a 301/302 response is received -// without a location. This stub location is used by limitedRedirect to prevent -// the HTTP client from failing attempting to use follow a redirect without a -// location value. -func (t suppressBadHTTPRedirectTransport) RoundTrip(r *http.Request) (*http.Response, error) { - resp, err := t.tr.RoundTrip(r) - if err != nil { - return resp, err - } - - // S3 is the only known service to return 301 without location header. - // The Go standard library HTTP client will return an opaque error if it - // tries to follow a 301/302 response missing the location header. - switch resp.StatusCode { - case 301, 302: - if v := resp.Header.Get("Location"); len(v) == 0 { - resp.Header.Set("Location", badHTTPRedirectLocation) - } - } - - return resp, err -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/content_type.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/content_type.go deleted file mode 100644 index 556f54a7..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/content_type.go +++ /dev/null @@ -1,42 +0,0 @@ -package http - -import ( - "context" - "fmt" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// removeContentTypeHeader is a build middleware that removes -// content type header if content-length header is unset or -// is set to zero, -type removeContentTypeHeader struct { -} - -// ID the name of the middleware. -func (m *removeContentTypeHeader) ID() string { - return "RemoveContentTypeHeader" -} - -// HandleBuild adds or appends the constructed user agent to the request. -func (m *removeContentTypeHeader) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in) - } - - // remove contentTypeHeader when content-length is zero - if req.ContentLength == 0 { - req.Header.Del("content-type") - } - - return next.HandleBuild(ctx, in) -} - -// RemoveContentTypeHeader removes content-type header if -// content length is unset or equal to zero. -func RemoveContentTypeHeader(stack *middleware.Stack) error { - return stack.Build.Add(&removeContentTypeHeader{}, middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error.go deleted file mode 100644 index 44651c99..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error.go +++ /dev/null @@ -1,33 +0,0 @@ -package http - -import ( - "errors" - "fmt" - - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// ResponseError provides the HTTP centric error type wrapping the underlying error -// with the HTTP response value and the deserialized RequestID. -type ResponseError struct { - *smithyhttp.ResponseError - - // RequestID associated with response error - RequestID string -} - -// ServiceRequestID returns the request id associated with Response Error -func (e *ResponseError) ServiceRequestID() string { return e.RequestID } - -// Error returns the formatted error -func (e *ResponseError) Error() string { - return fmt.Sprintf( - "https response error StatusCode: %d, RequestID: %s, %v", - e.Response.StatusCode, e.RequestID, e.Err) -} - -// As populates target and returns true if the type of target is a error type that -// the ResponseError embeds, (e.g.AWS HTTP ResponseError) -func (e *ResponseError) As(target interface{}) bool { - return errors.As(e.ResponseError, target) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error_middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error_middleware.go deleted file mode 100644 index a1ad20fe..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/response_error_middleware.go +++ /dev/null @@ -1,56 +0,0 @@ -package http - -import ( - "context" - - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// AddResponseErrorMiddleware adds response error wrapper middleware -func AddResponseErrorMiddleware(stack *middleware.Stack) error { - // add error wrapper middleware before request id retriever middleware so that it can wrap the error response - // returned by operation deserializers - return stack.Deserialize.Insert(&ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before) -} - -// ResponseErrorWrapper wraps operation errors with ResponseError. -type ResponseErrorWrapper struct { -} - -// ID returns the middleware identifier -func (m *ResponseErrorWrapper) ID() string { - return "ResponseErrorWrapper" -} - -// HandleDeserialize wraps the stack error with smithyhttp.ResponseError. -func (m *ResponseErrorWrapper) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err == nil { - // Nothing to do when there is no error. - return out, metadata, err - } - - resp, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - // No raw response to wrap with. - return out, metadata, err - } - - // look for request id in metadata - reqID, _ := awsmiddleware.GetRequestIDMetadata(metadata) - - // Wrap the returned smithy error with the request id retrieved from the metadata - err = &ResponseError{ - ResponseError: &smithyhttp.ResponseError{ - Response: resp, - Err: err, - }, - RequestID: reqID, - } - - return out, metadata, err -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/timeout_read_closer.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/timeout_read_closer.go deleted file mode 100644 index 993929bd..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/timeout_read_closer.go +++ /dev/null @@ -1,104 +0,0 @@ -package http - -import ( - "context" - "fmt" - "io" - "time" - - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -type readResult struct { - n int - err error -} - -// ResponseTimeoutError is an error when the reads from the response are -// delayed longer than the timeout the read was configured for. -type ResponseTimeoutError struct { - TimeoutDur time.Duration -} - -// Timeout returns that the error is was caused by a timeout, and can be -// retried. -func (*ResponseTimeoutError) Timeout() bool { return true } - -func (e *ResponseTimeoutError) Error() string { - return fmt.Sprintf("read on body reach timeout limit, %v", e.TimeoutDur) -} - -// timeoutReadCloser will handle body reads that take too long. -// We will return a ErrReadTimeout error if a timeout occurs. -type timeoutReadCloser struct { - reader io.ReadCloser - duration time.Duration -} - -// Read will spin off a goroutine to call the reader's Read method. We will -// select on the timer's channel or the read's channel. Whoever completes first -// will be returned. -func (r *timeoutReadCloser) Read(b []byte) (int, error) { - timer := time.NewTimer(r.duration) - c := make(chan readResult, 1) - - go func() { - n, err := r.reader.Read(b) - timer.Stop() - c <- readResult{n: n, err: err} - }() - - select { - case data := <-c: - return data.n, data.err - case <-timer.C: - return 0, &ResponseTimeoutError{TimeoutDur: r.duration} - } -} - -func (r *timeoutReadCloser) Close() error { - return r.reader.Close() -} - -// AddResponseReadTimeoutMiddleware adds a middleware to the stack that wraps the -// response body so that a read that takes too long will return an error. -func AddResponseReadTimeoutMiddleware(stack *middleware.Stack, duration time.Duration) error { - return stack.Deserialize.Add(&readTimeout{duration: duration}, middleware.After) -} - -// readTimeout wraps the response body with a timeoutReadCloser -type readTimeout struct { - duration time.Duration -} - -// ID returns the id of the middleware -func (*readTimeout) ID() string { - return "ReadResponseTimeout" -} - -// HandleDeserialize implements the DeserializeMiddleware interface -func (m *readTimeout) HandleDeserialize( - ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler, -) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - response.Body = &timeoutReadCloser{ - reader: response.Body, - duration: m.duration, - } - out.RawResponse = response - - return out, metadata, err -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/types.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/types.go deleted file mode 100644 index cc3ae811..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/types.go +++ /dev/null @@ -1,42 +0,0 @@ -package aws - -import ( - "fmt" -) - -// Ternary is an enum allowing an unknown or none state in addition to a bool's -// true and false. -type Ternary int - -func (t Ternary) String() string { - switch t { - case UnknownTernary: - return "unknown" - case FalseTernary: - return "false" - case TrueTernary: - return "true" - default: - return fmt.Sprintf("unknown value, %d", int(t)) - } -} - -// Bool returns true if the value is TrueTernary, false otherwise. -func (t Ternary) Bool() bool { - return t == TrueTernary -} - -// Enumerations for the values of the Ternary type. -const ( - UnknownTernary Ternary = iota - FalseTernary - TrueTernary -) - -// BoolTernary returns a true or false Ternary value for the bool provided. -func BoolTernary(v bool) Ternary { - if v { - return TrueTernary - } - return FalseTernary -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/version.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/version.go deleted file mode 100644 index 5f729d45..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/version.go +++ /dev/null @@ -1,8 +0,0 @@ -// Package aws provides core functionality for making requests to AWS services. -package aws - -// SDKName is the name of this AWS SDK -const SDKName = "aws-sdk-go-v2" - -// SDKVersion is the version of this SDK -const SDKVersion = goModuleVersion diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md deleted file mode 100644 index 9bcc2160..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md +++ /dev/null @@ -1,837 +0,0 @@ -# v1.29.9 (2025-03-04.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.8 (2025-02-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.7 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.6 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.5 (2025-02-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.4 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.3 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.2 (2025-01-24) - -* **Bug Fix**: Fix env config naming and usage of deprecated ioutil -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.29.1 (2025-01-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.0 (2025-01-15) - -* **Feature**: S3 client behavior is updated to always calculate a checksum by default for operations that support it (such as PutObject or UploadPart), or require it (such as DeleteObjects). The checksum algorithm used by default now becomes CRC32. Checksum behavior can be configured using `when_supported` and `when_required` options - in code using RequestChecksumCalculation, in shared config using request_checksum_calculation, or as env variable using AWS_REQUEST_CHECKSUM_CALCULATION. The S3 client attempts to validate response checksums for all S3 API operations that support checksums. However, if the SDK has not implemented the specified checksum algorithm then this validation is skipped. Checksum validation behavior can be configured using `when_supported` and `when_required` options - in code using ResponseChecksumValidation, in shared config using response_checksum_validation, or as env variable using AWS_RESPONSE_CHECKSUM_VALIDATION. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.11 (2025-01-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.10 (2025-01-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.9 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.8 (2025-01-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.7 (2024-12-19) - -* **Bug Fix**: Fix improper use of printf-style functions. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.6 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.5 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.4 (2024-11-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.3 (2024-11-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.2 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.1 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.0 (2024-10-16) - -* **Feature**: Adds the LoadOptions hook `WithBaseEndpoint` for setting global endpoint override in-code. - -# v1.27.43 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.42 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.41 (2024-10-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.40 (2024-10-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.39 (2024-09-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.38 (2024-09-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.37 (2024-09-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.36 (2024-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.35 (2024-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.34 (2024-09-16) - -* **Bug Fix**: Read `AWS_CONTAINER_CREDENTIALS_FULL_URI` env variable if set when reading a profile with `credential_source`. Also ensure `AWS_CONTAINER_CREDENTIALS_RELATIVE_URI` is always read before it - -# v1.27.33 (2024-09-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.32 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.31 (2024-08-26) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.30 (2024-08-23) - -* **Bug Fix**: Don't fail credentials unit tests if credentials are found on a file - -# v1.27.29 (2024-08-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.28 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.27 (2024-07-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.26 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.25 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.24 (2024-07-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.23 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.22 (2024-06-26) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.21 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.20 (2024-06-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.19 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.18 (2024-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.17 (2024-06-03) - -* **Documentation**: Add deprecation docs to global endpoint resolution interfaces. These APIs were previously deprecated with the introduction of service-specific endpoint resolution (EndpointResolverV2 and BaseEndpoint on service client options). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.16 (2024-05-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.15 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.14 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.13 (2024-05-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.12 (2024-05-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.11 (2024-04-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.10 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.9 (2024-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.8 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.7 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.6 (2024-03-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.5 (2024-03-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.4 (2024-02-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.3 (2024-02-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.2 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.1 (2024-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.6 (2024-01-22) - -* **Bug Fix**: Remove invalid escaping of shared config values. All values in the shared config file will now be interpreted literally, save for fully-quoted strings which are unwrapped for legacy reasons. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.5 (2024-01-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.4 (2024-01-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.3 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.2 (2023-12-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.1 (2023-12-08) - -* **Bug Fix**: Correct loading of [services *] sections into shared config. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.0 (2023-12-07) - -* **Feature**: Support modeled request compression. The only algorithm supported at this time is `gzip`. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.12 (2023-12-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.11 (2023-12-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.10 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.9 (2023-11-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.8 (2023-11-28.3) - -* **Bug Fix**: Correct resolution of S3Express auth disable toggle. - -# v1.25.7 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.6 (2023-11-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.5 (2023-11-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.4 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.3 (2023-11-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.2 (2023-11-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.1 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.0 (2023-11-14) - -* **Feature**: Add support for dynamic auth token from file and EKS container host in absolute/relative URIs in the HTTP credential provider. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.0 (2023-11-13) - -* **Feature**: Replace the legacy config parser with a modern, less-strict implementation. Parsing failures within a section will now simply ignore the invalid line rather than silently drop the entire section. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.0 (2023-11-09.2) - -* **Feature**: BREAKFIX: In order to support subproperty parsing, invalid property definitions must not be ignored -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.3 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.2 (2023-11-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.1 (2023-11-06) - -* No change notes available for this release. - -# v1.22.0 (2023-11-02) - -* **Feature**: Add env and shared config settings for disabling IMDSv1 fallback. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.0 (2023-11-01) - -* **Feature**: Adds support for configured endpoints via environment variables and the AWS shared configuration file. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.1 (2023-10-24) - -* No change notes available for this release. - -# v1.19.0 (2023-10-16) - -* **Feature**: Modify logic of retrieving user agent appID from env config - -# v1.18.45 (2023-10-12) - -* **Bug Fix**: Fail to load config if an explicitly provided profile doesn't exist. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.44 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.43 (2023-10-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.42 (2023-09-22) - -* **Bug Fix**: Fixed a bug where merging `max_attempts` or `duration_seconds` fields across shared config files with invalid values would silently default them to 0. -* **Bug Fix**: Move type assertion of config values out of the parsing stage, which resolves an issue where the contents of a profile would silently be dropped with certain numeric formats. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.41 (2023-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.40 (2023-09-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.39 (2023-09-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.38 (2023-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.37 (2023-08-23) - -* No change notes available for this release. - -# v1.18.36 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.35 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.34 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.33 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.32 (2023-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.31 (2023-07-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.30 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.29 (2023-07-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.28 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.27 (2023-06-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.26 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.25 (2023-05-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.24 (2023-05-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.23 (2023-05-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.22 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.21 (2023-04-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.20 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.19 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.18 (2023-03-16) - -* **Bug Fix**: Allow RoleARN to be set as functional option on STS WebIdentityRoleOptions. Fixes aws/aws-sdk-go-v2#2015. - -# v1.18.17 (2023-03-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.16 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.15 (2023-02-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.14 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.13 (2023-02-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.12 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.11 (2023-02-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.10 (2023-01-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.9 (2023-01-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.8 (2023-01-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.7 (2022-12-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.6 (2022-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.5 (2022-12-15) - -* **Bug Fix**: Unify logic between shared config and in finding home directory -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.4 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.3 (2022-11-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.2 (2022-11-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.1 (2022-11-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.0 (2022-11-11) - -* **Announcement**: When using the SSOTokenProvider, a previous implementation incorrectly compensated for invalid SSOTokenProvider configurations in the shared profile. This has been fixed via PR #1903 and tracked in issue #1846 -* **Feature**: Adds token refresh support (via SSOTokenProvider) when using the SSOCredentialProvider -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.11 (2022-11-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.10 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.9 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.8 (2022-09-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.7 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.6 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.5 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.4 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.3 (2022-08-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.2 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.1 (2022-08-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.0 (2022-08-14) - -* **Feature**: Add alternative mechanism for determning the users `$HOME` or `%USERPROFILE%` location when the environment variables are not present. - -# v1.16.1 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.0 (2022-08-10) - -* **Feature**: Adds support for the following settings in the `~/.aws/credentials` file: `sso_account_id`, `sso_region`, `sso_role_name`, `sso_start_url`, and `ca_bundle`. - -# v1.15.17 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.16 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.15 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.14 (2022-07-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.13 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.12 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.11 (2022-06-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.10 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.9 (2022-05-26) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.8 (2022-05-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.7 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.6 (2022-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.5 (2022-05-09) - -* **Bug Fix**: Fixes a bug in LoadDefaultConfig to correctly assign ConfigSources so all config resolvers have access to the config sources. This fixes the feature/ec2/imds client not having configuration applied via config.LoadOptions such as EC2IMDSClientEnableState. PR [#1682](https://github.com/aws/aws-sdk-go-v2/pull/1682) - -# v1.15.4 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.3 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.2 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.1 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.0 (2022-02-24) - -* **Feature**: Adds support for loading RetryMaxAttempts and RetryMod from the environment and shared configuration files. These parameters drive how the SDK's API client will initialize its default retryer, if custome retryer has not been specified. See [config](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/config) module and [aws.Config](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws#Config) for more information about and how to use these new options. -* **Feature**: Adds support for the `ca_bundle` parameter in shared config and credentials files. The usage of the file is the same as environment variable, `AWS_CA_BUNDLE`, but sourced from shared config. Fixes [#1589](https://github.com/aws/aws-sdk-go-v2/issues/1589) -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.1 (2022-01-28) - -* **Bug Fix**: Fixes LoadDefaultConfig handling of errors returned by passed in functional options. Previously errors returned from the LoadOptions passed into LoadDefaultConfig were incorrectly ignored. [#1562](https://github.com/aws/aws-sdk-go-v2/pull/1562). Thanks to [Pinglei Guo](https://github.com/pingleig) for submitting this PR. -* **Bug Fix**: Fixes the SDK's handling of `duration_sections` in the shared credentials file or specified in multiple shared config and shared credentials files under the same profile. [#1568](https://github.com/aws/aws-sdk-go-v2/pull/1568). Thanks to [Amir Szekely](https://github.com/kichik) for help reproduce this bug. -* **Bug Fix**: Updates `config` module to use os.UserHomeDir instead of hard coded environment variable for OS. [#1563](https://github.com/aws/aws-sdk-go-v2/pull/1563) -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.0 (2022-01-07) - -* **Feature**: Add load option for CredentialCache. Adds a new member to the LoadOptions struct, CredentialsCacheOptions. This member allows specifying a function that will be used to configure the CredentialsCache. The CredentialsCacheOptions will only be used if the configuration loader will wrap the underlying credential provider in the CredentialsCache. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.1 (2021-12-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.0 (2021-12-02) - -* **Feature**: Add support for specifying `EndpointResolverWithOptions` on `LoadOptions`, and associated `WithEndpointResolverWithOptions`. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.3 (2021-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.2 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.1 (2021-11-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.0 (2021-11-06) - -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.0 (2021-10-21) - -* **Feature**: Updated to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.3 (2021-10-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.2 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.1 (2021-09-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.0 (2021-09-02) - -* **Feature**: Add support for S3 Multi-Region Access Point ARNs. - -# v1.7.0 (2021-08-27) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.1 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.0 (2021-08-04) - -* **Feature**: adds error handling for defered close calls -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.0 (2021-07-15) - -* **Feature**: Support has been added for EC2 IPv6-enabled Instance Metadata Service Endpoints. -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.1 (2021-07-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.0 (2021-06-25) - -* **Feature**: Adds configuration setting for enabling endpoint discovery. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2021-05-20) - -* **Feature**: SSO credentials can now be defined alongside other credential providers within the same configuration profile. -* **Bug Fix**: Profile names were incorrectly normalized to lower-case, which could result in unexpected profile configurations. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/config/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/config.go b/vendor/github.com/aws/aws-sdk-go-v2/config/config.go deleted file mode 100644 index 09d9b631..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/config.go +++ /dev/null @@ -1,228 +0,0 @@ -package config - -import ( - "context" - "os" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -// defaultAWSConfigResolvers are a slice of functions that will resolve external -// configuration values into AWS configuration values. -// -// This will setup the AWS configuration's Region, -var defaultAWSConfigResolvers = []awsConfigResolver{ - // Resolves the default configuration the SDK's aws.Config will be - // initialized with. - resolveDefaultAWSConfig, - - // Sets the logger to be used. Could be user provided logger, and client - // logging mode. - resolveLogger, - resolveClientLogMode, - - // Sets the HTTP client and configuration to use for making requests using - // the HTTP transport. - resolveHTTPClient, - resolveCustomCABundle, - - // Sets the endpoint resolving behavior the API Clients will use for making - // requests to. Clients default to their own clients this allows overrides - // to be specified. The resolveEndpointResolver option is deprecated, but - // we still need to set it for backwards compatibility on config - // construction. - resolveEndpointResolver, - resolveEndpointResolverWithOptions, - - // Sets the retry behavior API clients will use within their retry attempt - // middleware. Defaults to unset, allowing API clients to define their own - // retry behavior. - resolveRetryer, - - // Sets the region the API Clients should use for making requests to. - resolveRegion, - resolveEC2IMDSRegion, - resolveDefaultRegion, - - // Sets the additional set of middleware stack mutators that will custom - // API client request pipeline middleware. - resolveAPIOptions, - - // Resolves the DefaultsMode that should be used by SDK clients. If this - // mode is set to DefaultsModeAuto. - // - // Comes after HTTPClient and CustomCABundle to ensure the HTTP client is - // configured if provided before invoking IMDS if mode is auto. Comes - // before resolving credentials so that those subsequent clients use the - // configured auto mode. - resolveDefaultsModeOptions, - - // Sets the resolved credentials the API clients will use for - // authentication. Provides the SDK's default credential chain. - // - // Should probably be the last step in the resolve chain to ensure that all - // other configurations are resolved first in case downstream credentials - // implementations depend on or can be configured with earlier resolved - // configuration options. - resolveCredentials, - - // Sets the resolved bearer authentication token API clients will use for - // httpBearerAuth authentication scheme. - resolveBearerAuthToken, - - // Sets the sdk app ID if present in env var or shared config profile - resolveAppID, - - resolveBaseEndpoint, - - // Sets the DisableRequestCompression if present in env var or shared config profile - resolveDisableRequestCompression, - - // Sets the RequestMinCompressSizeBytes if present in env var or shared config profile - resolveRequestMinCompressSizeBytes, - - // Sets the AccountIDEndpointMode if present in env var or shared config profile - resolveAccountIDEndpointMode, - - // Sets the RequestChecksumCalculation if present in env var or shared config profile - resolveRequestChecksumCalculation, - - // Sets the ResponseChecksumValidation if present in env var or shared config profile - resolveResponseChecksumValidation, -} - -// A Config represents a generic configuration value or set of values. This type -// will be used by the AWSConfigResolvers to extract -// -// General the Config type will use type assertion against the Provider interfaces -// to extract specific data from the Config. -type Config interface{} - -// A loader is used to load external configuration data and returns it as -// a generic Config type. -// -// The loader should return an error if it fails to load the external configuration -// or the configuration data is malformed, or required components missing. -type loader func(context.Context, configs) (Config, error) - -// An awsConfigResolver will extract configuration data from the configs slice -// using the provider interfaces to extract specific functionality. The extracted -// configuration values will be written to the AWS Config value. -// -// The resolver should return an error if it it fails to extract the data, the -// data is malformed, or incomplete. -type awsConfigResolver func(ctx context.Context, cfg *aws.Config, configs configs) error - -// configs is a slice of Config values. These values will be used by the -// AWSConfigResolvers to extract external configuration values to populate the -// AWS Config type. -// -// Use AppendFromLoaders to add additional external Config values that are -// loaded from external sources. -// -// Use ResolveAWSConfig after external Config values have been added or loaded -// to extract the loaded configuration values into the AWS Config. -type configs []Config - -// AppendFromLoaders iterates over the slice of loaders passed in calling each -// loader function in order. The external config value returned by the loader -// will be added to the returned configs slice. -// -// If a loader returns an error this method will stop iterating and return -// that error. -func (cs configs) AppendFromLoaders(ctx context.Context, loaders []loader) (configs, error) { - for _, fn := range loaders { - cfg, err := fn(ctx, cs) - if err != nil { - return nil, err - } - - cs = append(cs, cfg) - } - - return cs, nil -} - -// ResolveAWSConfig returns a AWS configuration populated with values by calling -// the resolvers slice passed in. Each resolver is called in order. Any resolver -// may overwrite the AWS Configuration value of a previous resolver. -// -// If an resolver returns an error this method will return that error, and stop -// iterating over the resolvers. -func (cs configs) ResolveAWSConfig(ctx context.Context, resolvers []awsConfigResolver) (aws.Config, error) { - var cfg aws.Config - - for _, fn := range resolvers { - if err := fn(ctx, &cfg, cs); err != nil { - return aws.Config{}, err - } - } - - return cfg, nil -} - -// ResolveConfig calls the provide function passing slice of configuration sources. -// This implements the aws.ConfigResolver interface. -func (cs configs) ResolveConfig(f func(configs []interface{}) error) error { - var cfgs []interface{} - for i := range cs { - cfgs = append(cfgs, cs[i]) - } - return f(cfgs) -} - -// LoadDefaultConfig reads the SDK's default external configurations, and -// populates an AWS Config with the values from the external configurations. -// -// An optional variadic set of additional Config values can be provided as input -// that will be prepended to the configs slice. Use this to add custom configuration. -// The custom configurations must satisfy the respective providers for their data -// or the custom data will be ignored by the resolvers and config loaders. -// -// cfg, err := config.LoadDefaultConfig( context.TODO(), -// config.WithSharedConfigProfile("test-profile"), -// ) -// if err != nil { -// panic(fmt.Sprintf("failed loading config, %v", err)) -// } -// -// The default configuration sources are: -// * Environment Variables -// * Shared Configuration and Shared Credentials files. -func LoadDefaultConfig(ctx context.Context, optFns ...func(*LoadOptions) error) (cfg aws.Config, err error) { - var options LoadOptions - for _, optFn := range optFns { - if err := optFn(&options); err != nil { - return aws.Config{}, err - } - } - - // assign Load Options to configs - var cfgCpy = configs{options} - - cfgCpy, err = cfgCpy.AppendFromLoaders(ctx, resolveConfigLoaders(&options)) - if err != nil { - return aws.Config{}, err - } - - cfg, err = cfgCpy.ResolveAWSConfig(ctx, defaultAWSConfigResolvers) - if err != nil { - return aws.Config{}, err - } - - return cfg, nil -} - -func resolveConfigLoaders(options *LoadOptions) []loader { - loaders := make([]loader, 2) - loaders[0] = loadEnvConfig - - // specification of a profile should cause a load failure if it doesn't exist - if os.Getenv(awsProfileEnv) != "" || options.SharedConfigProfile != "" { - loaders[1] = loadSharedConfig - } else { - loaders[1] = loadSharedConfigIgnoreNotExist - } - - return loaders -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/defaultsmode.go b/vendor/github.com/aws/aws-sdk-go-v2/config/defaultsmode.go deleted file mode 100644 index 20b66367..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/defaultsmode.go +++ /dev/null @@ -1,47 +0,0 @@ -package config - -import ( - "context" - "os" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" -) - -const execEnvVar = "AWS_EXECUTION_ENV" - -// DefaultsModeOptions is the set of options that are used to configure -type DefaultsModeOptions struct { - // The SDK configuration defaults mode. Defaults to legacy if not specified. - // - // Supported modes are: auto, cross-region, in-region, legacy, mobile, standard - Mode aws.DefaultsMode - - // The EC2 Instance Metadata Client that should be used when performing environment - // discovery when aws.DefaultsModeAuto is set. - // - // If not specified the SDK will construct a client if the instance metadata service has not been disabled by - // the AWS_EC2_METADATA_DISABLED environment variable. - IMDSClient *imds.Client -} - -func resolveDefaultsModeRuntimeEnvironment(ctx context.Context, envConfig *EnvConfig, client *imds.Client) (aws.RuntimeEnvironment, error) { - getRegionOutput, err := client.GetRegion(ctx, &imds.GetRegionInput{}) - // honor context timeouts, but if we couldn't talk to IMDS don't fail runtime environment introspection. - select { - case <-ctx.Done(): - return aws.RuntimeEnvironment{}, err - default: - } - - var imdsRegion string - if err == nil { - imdsRegion = getRegionOutput.Region - } - - return aws.RuntimeEnvironment{ - EnvironmentIdentifier: aws.ExecutionEnvironmentID(os.Getenv(execEnvVar)), - Region: envConfig.Region, - EC2InstanceMetadataRegion: imdsRegion, - }, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/config/doc.go deleted file mode 100644 index aab7164e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/doc.go +++ /dev/null @@ -1,20 +0,0 @@ -// Package config provides utilities for loading configuration from multiple -// sources that can be used to configure the SDK's API clients, and utilities. -// -// The config package will load configuration from environment variables, AWS -// shared configuration file (~/.aws/config), and AWS shared credentials file -// (~/.aws/credentials). -// -// Use the LoadDefaultConfig to load configuration from all the SDK's supported -// sources, and resolve credentials using the SDK's default credential chain. -// -// LoadDefaultConfig allows for a variadic list of additional Config sources that can -// provide one or more configuration values which can be used to programmatically control the resolution -// of a specific value, or allow for broader range of additional configuration sources not supported by the SDK. -// A Config source implements one or more provider interfaces defined in this package. Config sources passed in will -// take precedence over the default environment and shared config sources used by the SDK. If one or more Config sources -// implement the same provider interface, priority will be handled by the order in which the sources were passed in. -// -// A number of helpers (prefixed by “With“) are provided in this package that implement their respective provider -// interface. These helpers should be used for overriding configuration programmatically at runtime. -package config diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go b/vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go deleted file mode 100644 index 9db507e3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/env_config.go +++ /dev/null @@ -1,918 +0,0 @@ -package config - -import ( - "bytes" - "context" - "fmt" - "io" - "os" - "strconv" - "strings" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" - smithyrequestcompression "github.com/aws/smithy-go/private/requestcompression" -) - -// CredentialsSourceName provides a name of the provider when config is -// loaded from environment. -const CredentialsSourceName = "EnvConfigCredentials" - -// Environment variables that will be read for configuration values. -const ( - awsAccessKeyIDEnv = "AWS_ACCESS_KEY_ID" - awsAccessKeyEnv = "AWS_ACCESS_KEY" - - awsSecretAccessKeyEnv = "AWS_SECRET_ACCESS_KEY" - awsSecretKeyEnv = "AWS_SECRET_KEY" - - awsSessionTokenEnv = "AWS_SESSION_TOKEN" - - awsContainerCredentialsFullURIEnv = "AWS_CONTAINER_CREDENTIALS_FULL_URI" - awsContainerCredentialsRelativeURIEnv = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI" - awsContainerAuthorizationTokenEnv = "AWS_CONTAINER_AUTHORIZATION_TOKEN" - - awsRegionEnv = "AWS_REGION" - awsDefaultRegionEnv = "AWS_DEFAULT_REGION" - - awsProfileEnv = "AWS_PROFILE" - awsDefaultProfileEnv = "AWS_DEFAULT_PROFILE" - - awsSharedCredentialsFileEnv = "AWS_SHARED_CREDENTIALS_FILE" - - awsConfigFileEnv = "AWS_CONFIG_FILE" - - awsCABundleEnv = "AWS_CA_BUNDLE" - - awsWebIdentityTokenFileEnv = "AWS_WEB_IDENTITY_TOKEN_FILE" - - awsRoleARNEnv = "AWS_ROLE_ARN" - awsRoleSessionNameEnv = "AWS_ROLE_SESSION_NAME" - - awsEnableEndpointDiscoveryEnv = "AWS_ENABLE_ENDPOINT_DISCOVERY" - - awsS3UseARNRegionEnv = "AWS_S3_USE_ARN_REGION" - - awsEc2MetadataServiceEndpointModeEnv = "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE" - - awsEc2MetadataServiceEndpointEnv = "AWS_EC2_METADATA_SERVICE_ENDPOINT" - - awsEc2MetadataDisabledEnv = "AWS_EC2_METADATA_DISABLED" - awsEc2MetadataV1DisabledEnv = "AWS_EC2_METADATA_V1_DISABLED" - - awsS3DisableMultiRegionAccessPointsEnv = "AWS_S3_DISABLE_MULTIREGION_ACCESS_POINTS" - - awsUseDualStackEndpointEnv = "AWS_USE_DUALSTACK_ENDPOINT" - - awsUseFIPSEndpointEnv = "AWS_USE_FIPS_ENDPOINT" - - awsDefaultsModeEnv = "AWS_DEFAULTS_MODE" - - awsMaxAttemptsEnv = "AWS_MAX_ATTEMPTS" - awsRetryModeEnv = "AWS_RETRY_MODE" - awsSdkUaAppIDEnv = "AWS_SDK_UA_APP_ID" - - awsIgnoreConfiguredEndpointURLEnv = "AWS_IGNORE_CONFIGURED_ENDPOINT_URLS" - awsEndpointURLEnv = "AWS_ENDPOINT_URL" - - awsDisableRequestCompressionEnv = "AWS_DISABLE_REQUEST_COMPRESSION" - awsRequestMinCompressionSizeBytesEnv = "AWS_REQUEST_MIN_COMPRESSION_SIZE_BYTES" - - awsS3DisableExpressSessionAuthEnv = "AWS_S3_DISABLE_EXPRESS_SESSION_AUTH" - - awsAccountIDEnv = "AWS_ACCOUNT_ID" - awsAccountIDEndpointModeEnv = "AWS_ACCOUNT_ID_ENDPOINT_MODE" - - awsRequestChecksumCalculation = "AWS_REQUEST_CHECKSUM_CALCULATION" - awsResponseChecksumValidation = "AWS_RESPONSE_CHECKSUM_VALIDATION" -) - -var ( - credAccessEnvKeys = []string{ - awsAccessKeyIDEnv, - awsAccessKeyEnv, - } - credSecretEnvKeys = []string{ - awsSecretAccessKeyEnv, - awsSecretKeyEnv, - } - regionEnvKeys = []string{ - awsRegionEnv, - awsDefaultRegionEnv, - } - profileEnvKeys = []string{ - awsProfileEnv, - awsDefaultProfileEnv, - } -) - -// EnvConfig is a collection of environment values the SDK will read -// setup config from. All environment values are optional. But some values -// such as credentials require multiple values to be complete or the values -// will be ignored. -type EnvConfig struct { - // Environment configuration values. If set both Access Key ID and Secret Access - // Key must be provided. Session Token and optionally also be provided, but is - // not required. - // - // # Access Key ID - // AWS_ACCESS_KEY_ID=AKID - // AWS_ACCESS_KEY=AKID # only read if AWS_ACCESS_KEY_ID is not set. - // - // # Secret Access Key - // AWS_SECRET_ACCESS_KEY=SECRET - // AWS_SECRET_KEY=SECRET # only read if AWS_SECRET_ACCESS_KEY is not set. - // - // # Session Token - // AWS_SESSION_TOKEN=TOKEN - Credentials aws.Credentials - - // ContainerCredentialsEndpoint value is the HTTP enabled endpoint to retrieve credentials - // using the endpointcreds.Provider - ContainerCredentialsEndpoint string - - // ContainerCredentialsRelativePath is the relative URI path that will be used when attempting to retrieve - // credentials from the container endpoint. - ContainerCredentialsRelativePath string - - // ContainerAuthorizationToken is the authorization token that will be included in the HTTP Authorization - // header when attempting to retrieve credentials from the container credentials endpoint. - ContainerAuthorizationToken string - - // Region value will instruct the SDK where to make service API requests to. If is - // not provided in the environment the region must be provided before a service - // client request is made. - // - // AWS_REGION=us-west-2 - // AWS_DEFAULT_REGION=us-west-2 - Region string - - // Profile name the SDK should load use when loading shared configuration from the - // shared configuration files. If not provided "default" will be used as the - // profile name. - // - // AWS_PROFILE=my_profile - // AWS_DEFAULT_PROFILE=my_profile - SharedConfigProfile string - - // Shared credentials file path can be set to instruct the SDK to use an alternate - // file for the shared credentials. If not set the file will be loaded from - // $HOME/.aws/credentials on Linux/Unix based systems, and - // %USERPROFILE%\.aws\credentials on Windows. - // - // AWS_SHARED_CREDENTIALS_FILE=$HOME/my_shared_credentials - SharedCredentialsFile string - - // Shared config file path can be set to instruct the SDK to use an alternate - // file for the shared config. If not set the file will be loaded from - // $HOME/.aws/config on Linux/Unix based systems, and - // %USERPROFILE%\.aws\config on Windows. - // - // AWS_CONFIG_FILE=$HOME/my_shared_config - SharedConfigFile string - - // Sets the path to a custom Credentials Authority (CA) Bundle PEM file - // that the SDK will use instead of the system's root CA bundle. - // Only use this if you want to configure the SDK to use a custom set - // of CAs. - // - // Enabling this option will attempt to merge the Transport - // into the SDK's HTTP client. If the client's Transport is - // not a http.Transport an error will be returned. If the - // Transport's TLS config is set this option will cause the - // SDK to overwrite the Transport's TLS config's RootCAs value. - // - // Setting a custom HTTPClient in the aws.Config options will override this setting. - // To use this option and custom HTTP client, the HTTP client needs to be provided - // when creating the config. Not the service client. - // - // AWS_CA_BUNDLE=$HOME/my_custom_ca_bundle - CustomCABundle string - - // Enables endpoint discovery via environment variables. - // - // AWS_ENABLE_ENDPOINT_DISCOVERY=true - EnableEndpointDiscovery aws.EndpointDiscoveryEnableState - - // Specifies the WebIdentity token the SDK should use to assume a role - // with. - // - // AWS_WEB_IDENTITY_TOKEN_FILE=file_path - WebIdentityTokenFilePath string - - // Specifies the IAM role arn to use when assuming an role. - // - // AWS_ROLE_ARN=role_arn - RoleARN string - - // Specifies the IAM role session name to use when assuming a role. - // - // AWS_ROLE_SESSION_NAME=session_name - RoleSessionName string - - // Specifies if the S3 service should allow ARNs to direct the region - // the client's requests are sent to. - // - // AWS_S3_USE_ARN_REGION=true - S3UseARNRegion *bool - - // Specifies if the EC2 IMDS service client is enabled. - // - // AWS_EC2_METADATA_DISABLED=true - EC2IMDSClientEnableState imds.ClientEnableState - - // Specifies if EC2 IMDSv1 fallback is disabled. - // - // AWS_EC2_METADATA_V1_DISABLED=true - EC2IMDSv1Disabled *bool - - // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) - // - // AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6 - EC2IMDSEndpointMode imds.EndpointModeState - - // Specifies the EC2 Instance Metadata Service endpoint to use. If specified it overrides EC2IMDSEndpointMode. - // - // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://fd00:ec2::254 - EC2IMDSEndpoint string - - // Specifies if the S3 service should disable multi-region access points - // support. - // - // AWS_S3_DISABLE_MULTIREGION_ACCESS_POINTS=true - S3DisableMultiRegionAccessPoints *bool - - // Specifies that SDK clients must resolve a dual-stack endpoint for - // services. - // - // AWS_USE_DUALSTACK_ENDPOINT=true - UseDualStackEndpoint aws.DualStackEndpointState - - // Specifies that SDK clients must resolve a FIPS endpoint for - // services. - // - // AWS_USE_FIPS_ENDPOINT=true - UseFIPSEndpoint aws.FIPSEndpointState - - // Specifies the SDK Defaults Mode used by services. - // - // AWS_DEFAULTS_MODE=standard - DefaultsMode aws.DefaultsMode - - // Specifies the maximum number attempts an API client will call an - // operation that fails with a retryable error. - // - // AWS_MAX_ATTEMPTS=3 - RetryMaxAttempts int - - // Specifies the retry model the API client will be created with. - // - // aws_retry_mode=standard - RetryMode aws.RetryMode - - // aws sdk app ID that can be added to user agent header string - AppID string - - // Flag used to disable configured endpoints. - IgnoreConfiguredEndpoints *bool - - // Value to contain configured endpoints to be propagated to - // corresponding endpoint resolution field. - BaseEndpoint string - - // determine if request compression is allowed, default to false - // retrieved from env var AWS_DISABLE_REQUEST_COMPRESSION - DisableRequestCompression *bool - - // inclusive threshold request body size to trigger compression, - // default to 10240 and must be within 0 and 10485760 bytes inclusive - // retrieved from env var AWS_REQUEST_MIN_COMPRESSION_SIZE_BYTES - RequestMinCompressSizeBytes *int64 - - // Whether S3Express auth is disabled. - // - // This will NOT prevent requests from being made to S3Express buckets, it - // will only bypass the modified endpoint routing and signing behaviors - // associated with the feature. - S3DisableExpressAuth *bool - - // Indicates whether account ID will be required/ignored in endpoint2.0 routing - AccountIDEndpointMode aws.AccountIDEndpointMode - - // Indicates whether request checksum should be calculated - RequestChecksumCalculation aws.RequestChecksumCalculation - - // Indicates whether response checksum should be validated - ResponseChecksumValidation aws.ResponseChecksumValidation -} - -// loadEnvConfig reads configuration values from the OS's environment variables. -// Returning the a Config typed EnvConfig to satisfy the ConfigLoader func type. -func loadEnvConfig(ctx context.Context, cfgs configs) (Config, error) { - return NewEnvConfig() -} - -// NewEnvConfig retrieves the SDK's environment configuration. -// See `EnvConfig` for the values that will be retrieved. -func NewEnvConfig() (EnvConfig, error) { - var cfg EnvConfig - - creds := aws.Credentials{ - Source: CredentialsSourceName, - } - setStringFromEnvVal(&creds.AccessKeyID, credAccessEnvKeys) - setStringFromEnvVal(&creds.SecretAccessKey, credSecretEnvKeys) - if creds.HasKeys() { - creds.AccountID = os.Getenv(awsAccountIDEnv) - creds.SessionToken = os.Getenv(awsSessionTokenEnv) - cfg.Credentials = creds - } - - cfg.ContainerCredentialsEndpoint = os.Getenv(awsContainerCredentialsFullURIEnv) - cfg.ContainerCredentialsRelativePath = os.Getenv(awsContainerCredentialsRelativeURIEnv) - cfg.ContainerAuthorizationToken = os.Getenv(awsContainerAuthorizationTokenEnv) - - setStringFromEnvVal(&cfg.Region, regionEnvKeys) - setStringFromEnvVal(&cfg.SharedConfigProfile, profileEnvKeys) - - cfg.SharedCredentialsFile = os.Getenv(awsSharedCredentialsFileEnv) - cfg.SharedConfigFile = os.Getenv(awsConfigFileEnv) - - cfg.CustomCABundle = os.Getenv(awsCABundleEnv) - - cfg.WebIdentityTokenFilePath = os.Getenv(awsWebIdentityTokenFileEnv) - - cfg.RoleARN = os.Getenv(awsRoleARNEnv) - cfg.RoleSessionName = os.Getenv(awsRoleSessionNameEnv) - - cfg.AppID = os.Getenv(awsSdkUaAppIDEnv) - - if err := setBoolPtrFromEnvVal(&cfg.DisableRequestCompression, []string{awsDisableRequestCompressionEnv}); err != nil { - return cfg, err - } - if err := setInt64PtrFromEnvVal(&cfg.RequestMinCompressSizeBytes, []string{awsRequestMinCompressionSizeBytesEnv}, smithyrequestcompression.MaxRequestMinCompressSizeBytes); err != nil { - return cfg, err - } - - if err := setEndpointDiscoveryTypeFromEnvVal(&cfg.EnableEndpointDiscovery, []string{awsEnableEndpointDiscoveryEnv}); err != nil { - return cfg, err - } - - if err := setBoolPtrFromEnvVal(&cfg.S3UseARNRegion, []string{awsS3UseARNRegionEnv}); err != nil { - return cfg, err - } - - setEC2IMDSClientEnableState(&cfg.EC2IMDSClientEnableState, []string{awsEc2MetadataDisabledEnv}) - if err := setEC2IMDSEndpointMode(&cfg.EC2IMDSEndpointMode, []string{awsEc2MetadataServiceEndpointModeEnv}); err != nil { - return cfg, err - } - cfg.EC2IMDSEndpoint = os.Getenv(awsEc2MetadataServiceEndpointEnv) - if err := setBoolPtrFromEnvVal(&cfg.EC2IMDSv1Disabled, []string{awsEc2MetadataV1DisabledEnv}); err != nil { - return cfg, err - } - - if err := setBoolPtrFromEnvVal(&cfg.S3DisableMultiRegionAccessPoints, []string{awsS3DisableMultiRegionAccessPointsEnv}); err != nil { - return cfg, err - } - - if err := setUseDualStackEndpointFromEnvVal(&cfg.UseDualStackEndpoint, []string{awsUseDualStackEndpointEnv}); err != nil { - return cfg, err - } - - if err := setUseFIPSEndpointFromEnvVal(&cfg.UseFIPSEndpoint, []string{awsUseFIPSEndpointEnv}); err != nil { - return cfg, err - } - - if err := setDefaultsModeFromEnvVal(&cfg.DefaultsMode, []string{awsDefaultsModeEnv}); err != nil { - return cfg, err - } - - if err := setIntFromEnvVal(&cfg.RetryMaxAttempts, []string{awsMaxAttemptsEnv}); err != nil { - return cfg, err - } - if err := setRetryModeFromEnvVal(&cfg.RetryMode, []string{awsRetryModeEnv}); err != nil { - return cfg, err - } - - setStringFromEnvVal(&cfg.BaseEndpoint, []string{awsEndpointURLEnv}) - - if err := setBoolPtrFromEnvVal(&cfg.IgnoreConfiguredEndpoints, []string{awsIgnoreConfiguredEndpointURLEnv}); err != nil { - return cfg, err - } - - if err := setBoolPtrFromEnvVal(&cfg.S3DisableExpressAuth, []string{awsS3DisableExpressSessionAuthEnv}); err != nil { - return cfg, err - } - - if err := setAIDEndPointModeFromEnvVal(&cfg.AccountIDEndpointMode, []string{awsAccountIDEndpointModeEnv}); err != nil { - return cfg, err - } - - if err := setRequestChecksumCalculationFromEnvVal(&cfg.RequestChecksumCalculation, []string{awsRequestChecksumCalculation}); err != nil { - return cfg, err - } - if err := setResponseChecksumValidationFromEnvVal(&cfg.ResponseChecksumValidation, []string{awsResponseChecksumValidation}); err != nil { - return cfg, err - } - - return cfg, nil -} - -func (c EnvConfig) getDefaultsMode(ctx context.Context) (aws.DefaultsMode, bool, error) { - if len(c.DefaultsMode) == 0 { - return "", false, nil - } - return c.DefaultsMode, true, nil -} - -func (c EnvConfig) getAppID(context.Context) (string, bool, error) { - return c.AppID, len(c.AppID) > 0, nil -} - -func (c EnvConfig) getDisableRequestCompression(context.Context) (bool, bool, error) { - if c.DisableRequestCompression == nil { - return false, false, nil - } - return *c.DisableRequestCompression, true, nil -} - -func (c EnvConfig) getRequestMinCompressSizeBytes(context.Context) (int64, bool, error) { - if c.RequestMinCompressSizeBytes == nil { - return 0, false, nil - } - return *c.RequestMinCompressSizeBytes, true, nil -} - -func (c EnvConfig) getAccountIDEndpointMode(context.Context) (aws.AccountIDEndpointMode, bool, error) { - return c.AccountIDEndpointMode, len(c.AccountIDEndpointMode) > 0, nil -} - -func (c EnvConfig) getRequestChecksumCalculation(context.Context) (aws.RequestChecksumCalculation, bool, error) { - return c.RequestChecksumCalculation, c.RequestChecksumCalculation > 0, nil -} - -func (c EnvConfig) getResponseChecksumValidation(context.Context) (aws.ResponseChecksumValidation, bool, error) { - return c.ResponseChecksumValidation, c.ResponseChecksumValidation > 0, nil -} - -// GetRetryMaxAttempts returns the value of AWS_MAX_ATTEMPTS if was specified, -// and not 0. -func (c EnvConfig) GetRetryMaxAttempts(ctx context.Context) (int, bool, error) { - if c.RetryMaxAttempts == 0 { - return 0, false, nil - } - return c.RetryMaxAttempts, true, nil -} - -// GetRetryMode returns the RetryMode of AWS_RETRY_MODE if was specified, and a -// valid value. -func (c EnvConfig) GetRetryMode(ctx context.Context) (aws.RetryMode, bool, error) { - if len(c.RetryMode) == 0 { - return "", false, nil - } - return c.RetryMode, true, nil -} - -func setEC2IMDSClientEnableState(state *imds.ClientEnableState, keys []string) { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - switch { - case strings.EqualFold(value, "true"): - *state = imds.ClientDisabled - case strings.EqualFold(value, "false"): - *state = imds.ClientEnabled - default: - continue - } - break - } -} - -func setDefaultsModeFromEnvVal(mode *aws.DefaultsMode, keys []string) error { - for _, k := range keys { - if value := os.Getenv(k); len(value) > 0 { - if ok := mode.SetFromString(value); !ok { - return fmt.Errorf("invalid %s value: %s", k, value) - } - break - } - } - return nil -} - -func setRetryModeFromEnvVal(mode *aws.RetryMode, keys []string) (err error) { - for _, k := range keys { - if value := os.Getenv(k); len(value) > 0 { - *mode, err = aws.ParseRetryMode(value) - if err != nil { - return fmt.Errorf("invalid %s value, %w", k, err) - } - break - } - } - return nil -} - -func setEC2IMDSEndpointMode(mode *imds.EndpointModeState, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - if err := mode.SetFromString(value); err != nil { - return fmt.Errorf("invalid value for environment variable, %s=%s, %v", k, value, err) - } - } - return nil -} - -func setAIDEndPointModeFromEnvVal(m *aws.AccountIDEndpointMode, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - - switch value { - case "preferred": - *m = aws.AccountIDEndpointModePreferred - case "required": - *m = aws.AccountIDEndpointModeRequired - case "disabled": - *m = aws.AccountIDEndpointModeDisabled - default: - return fmt.Errorf("invalid value for environment variable, %s=%s, must be preferred/required/disabled", k, value) - } - break - } - return nil -} - -func setRequestChecksumCalculationFromEnvVal(m *aws.RequestChecksumCalculation, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - - switch strings.ToLower(value) { - case checksumWhenSupported: - *m = aws.RequestChecksumCalculationWhenSupported - case checksumWhenRequired: - *m = aws.RequestChecksumCalculationWhenRequired - default: - return fmt.Errorf("invalid value for environment variable, %s=%s, must be when_supported/when_required", k, value) - } - } - return nil -} - -func setResponseChecksumValidationFromEnvVal(m *aws.ResponseChecksumValidation, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - - switch strings.ToLower(value) { - case checksumWhenSupported: - *m = aws.ResponseChecksumValidationWhenSupported - case checksumWhenRequired: - *m = aws.ResponseChecksumValidationWhenRequired - default: - return fmt.Errorf("invalid value for environment variable, %s=%s, must be when_supported/when_required", k, value) - } - - } - return nil -} - -// GetRegion returns the AWS Region if set in the environment. Returns an empty -// string if not set. -func (c EnvConfig) getRegion(ctx context.Context) (string, bool, error) { - if len(c.Region) == 0 { - return "", false, nil - } - return c.Region, true, nil -} - -// GetSharedConfigProfile returns the shared config profile if set in the -// environment. Returns an empty string if not set. -func (c EnvConfig) getSharedConfigProfile(ctx context.Context) (string, bool, error) { - if len(c.SharedConfigProfile) == 0 { - return "", false, nil - } - - return c.SharedConfigProfile, true, nil -} - -// getSharedConfigFiles returns a slice of filenames set in the environment. -// -// Will return the filenames in the order of: -// * Shared Config -func (c EnvConfig) getSharedConfigFiles(context.Context) ([]string, bool, error) { - var files []string - if v := c.SharedConfigFile; len(v) > 0 { - files = append(files, v) - } - - if len(files) == 0 { - return nil, false, nil - } - return files, true, nil -} - -// getSharedCredentialsFiles returns a slice of filenames set in the environment. -// -// Will return the filenames in the order of: -// * Shared Credentials -func (c EnvConfig) getSharedCredentialsFiles(context.Context) ([]string, bool, error) { - var files []string - if v := c.SharedCredentialsFile; len(v) > 0 { - files = append(files, v) - } - if len(files) == 0 { - return nil, false, nil - } - return files, true, nil -} - -// GetCustomCABundle returns the custom CA bundle's PEM bytes if the file was -func (c EnvConfig) getCustomCABundle(context.Context) (io.Reader, bool, error) { - if len(c.CustomCABundle) == 0 { - return nil, false, nil - } - - b, err := os.ReadFile(c.CustomCABundle) - if err != nil { - return nil, false, err - } - return bytes.NewReader(b), true, nil -} - -// GetIgnoreConfiguredEndpoints is used in knowing when to disable configured -// endpoints feature. -func (c EnvConfig) GetIgnoreConfiguredEndpoints(context.Context) (bool, bool, error) { - if c.IgnoreConfiguredEndpoints == nil { - return false, false, nil - } - - return *c.IgnoreConfiguredEndpoints, true, nil -} - -func (c EnvConfig) getBaseEndpoint(context.Context) (string, bool, error) { - return c.BaseEndpoint, len(c.BaseEndpoint) > 0, nil -} - -// GetServiceBaseEndpoint is used to retrieve a normalized SDK ID for use -// with configured endpoints. -func (c EnvConfig) GetServiceBaseEndpoint(ctx context.Context, sdkID string) (string, bool, error) { - if endpt := os.Getenv(fmt.Sprintf("%s_%s", awsEndpointURLEnv, normalizeEnv(sdkID))); endpt != "" { - return endpt, true, nil - } - return "", false, nil -} - -func normalizeEnv(sdkID string) string { - upper := strings.ToUpper(sdkID) - return strings.ReplaceAll(upper, " ", "_") -} - -// GetS3UseARNRegion returns whether to allow ARNs to direct the region -// the S3 client's requests are sent to. -func (c EnvConfig) GetS3UseARNRegion(ctx context.Context) (value, ok bool, err error) { - if c.S3UseARNRegion == nil { - return false, false, nil - } - - return *c.S3UseARNRegion, true, nil -} - -// GetS3DisableMultiRegionAccessPoints returns whether to disable multi-region access point -// support for the S3 client. -func (c EnvConfig) GetS3DisableMultiRegionAccessPoints(ctx context.Context) (value, ok bool, err error) { - if c.S3DisableMultiRegionAccessPoints == nil { - return false, false, nil - } - - return *c.S3DisableMultiRegionAccessPoints, true, nil -} - -// GetUseDualStackEndpoint returns whether the service's dual-stack endpoint should be -// used for requests. -func (c EnvConfig) GetUseDualStackEndpoint(ctx context.Context) (value aws.DualStackEndpointState, found bool, err error) { - if c.UseDualStackEndpoint == aws.DualStackEndpointStateUnset { - return aws.DualStackEndpointStateUnset, false, nil - } - - return c.UseDualStackEndpoint, true, nil -} - -// GetUseFIPSEndpoint returns whether the service's FIPS endpoint should be -// used for requests. -func (c EnvConfig) GetUseFIPSEndpoint(ctx context.Context) (value aws.FIPSEndpointState, found bool, err error) { - if c.UseFIPSEndpoint == aws.FIPSEndpointStateUnset { - return aws.FIPSEndpointStateUnset, false, nil - } - - return c.UseFIPSEndpoint, true, nil -} - -func setStringFromEnvVal(dst *string, keys []string) { - for _, k := range keys { - if v := os.Getenv(k); len(v) > 0 { - *dst = v - break - } - } -} - -func setIntFromEnvVal(dst *int, keys []string) error { - for _, k := range keys { - if v := os.Getenv(k); len(v) > 0 { - i, err := strconv.ParseInt(v, 10, 64) - if err != nil { - return fmt.Errorf("invalid value %s=%s, %w", k, v, err) - } - *dst = int(i) - break - } - } - - return nil -} - -func setBoolPtrFromEnvVal(dst **bool, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - - if *dst == nil { - *dst = new(bool) - } - - switch { - case strings.EqualFold(value, "false"): - **dst = false - case strings.EqualFold(value, "true"): - **dst = true - default: - return fmt.Errorf( - "invalid value for environment variable, %s=%s, need true or false", - k, value) - } - break - } - - return nil -} - -func setInt64PtrFromEnvVal(dst **int64, keys []string, max int64) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - - v, err := strconv.ParseInt(value, 10, 64) - if err != nil { - return fmt.Errorf("invalid value for env var, %s=%s, need int64", k, value) - } else if v < 0 || v > max { - return fmt.Errorf("invalid range for env var min request compression size bytes %q, must be within 0 and 10485760 inclusively", v) - } - if *dst == nil { - *dst = new(int64) - } - - **dst = v - break - } - - return nil -} - -func setEndpointDiscoveryTypeFromEnvVal(dst *aws.EndpointDiscoveryEnableState, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue // skip if empty - } - - switch { - case strings.EqualFold(value, endpointDiscoveryDisabled): - *dst = aws.EndpointDiscoveryDisabled - case strings.EqualFold(value, endpointDiscoveryEnabled): - *dst = aws.EndpointDiscoveryEnabled - case strings.EqualFold(value, endpointDiscoveryAuto): - *dst = aws.EndpointDiscoveryAuto - default: - return fmt.Errorf( - "invalid value for environment variable, %s=%s, need true, false or auto", - k, value) - } - } - return nil -} - -func setUseDualStackEndpointFromEnvVal(dst *aws.DualStackEndpointState, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue // skip if empty - } - - switch { - case strings.EqualFold(value, "true"): - *dst = aws.DualStackEndpointStateEnabled - case strings.EqualFold(value, "false"): - *dst = aws.DualStackEndpointStateDisabled - default: - return fmt.Errorf( - "invalid value for environment variable, %s=%s, need true, false", - k, value) - } - } - return nil -} - -func setUseFIPSEndpointFromEnvVal(dst *aws.FIPSEndpointState, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue // skip if empty - } - - switch { - case strings.EqualFold(value, "true"): - *dst = aws.FIPSEndpointStateEnabled - case strings.EqualFold(value, "false"): - *dst = aws.FIPSEndpointStateDisabled - default: - return fmt.Errorf( - "invalid value for environment variable, %s=%s, need true, false", - k, value) - } - } - return nil -} - -// GetEnableEndpointDiscovery returns resolved value for EnableEndpointDiscovery env variable setting. -func (c EnvConfig) GetEnableEndpointDiscovery(ctx context.Context) (value aws.EndpointDiscoveryEnableState, found bool, err error) { - if c.EnableEndpointDiscovery == aws.EndpointDiscoveryUnset { - return aws.EndpointDiscoveryUnset, false, nil - } - - return c.EnableEndpointDiscovery, true, nil -} - -// GetEC2IMDSClientEnableState implements a EC2IMDSClientEnableState options resolver interface. -func (c EnvConfig) GetEC2IMDSClientEnableState() (imds.ClientEnableState, bool, error) { - if c.EC2IMDSClientEnableState == imds.ClientDefaultEnableState { - return imds.ClientDefaultEnableState, false, nil - } - - return c.EC2IMDSClientEnableState, true, nil -} - -// GetEC2IMDSEndpointMode implements a EC2IMDSEndpointMode option resolver interface. -func (c EnvConfig) GetEC2IMDSEndpointMode() (imds.EndpointModeState, bool, error) { - if c.EC2IMDSEndpointMode == imds.EndpointModeStateUnset { - return imds.EndpointModeStateUnset, false, nil - } - - return c.EC2IMDSEndpointMode, true, nil -} - -// GetEC2IMDSEndpoint implements a EC2IMDSEndpoint option resolver interface. -func (c EnvConfig) GetEC2IMDSEndpoint() (string, bool, error) { - if len(c.EC2IMDSEndpoint) == 0 { - return "", false, nil - } - - return c.EC2IMDSEndpoint, true, nil -} - -// GetEC2IMDSV1FallbackDisabled implements an EC2IMDSV1FallbackDisabled option -// resolver interface. -func (c EnvConfig) GetEC2IMDSV1FallbackDisabled() (bool, bool) { - if c.EC2IMDSv1Disabled == nil { - return false, false - } - - return *c.EC2IMDSv1Disabled, true -} - -// GetS3DisableExpressAuth returns the configured value for -// [EnvConfig.S3DisableExpressAuth]. -func (c EnvConfig) GetS3DisableExpressAuth() (value, ok bool) { - if c.S3DisableExpressAuth == nil { - return false, false - } - - return *c.S3DisableExpressAuth, true -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/generate.go b/vendor/github.com/aws/aws-sdk-go-v2/config/generate.go deleted file mode 100644 index 654a7a77..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/generate.go +++ /dev/null @@ -1,4 +0,0 @@ -package config - -//go:generate go run -tags codegen ./codegen -output=provider_assert_test.go -//go:generate gofmt -s -w ./ diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go deleted file mode 100644 index 51b0c57c..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package config - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.29.9" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go b/vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go deleted file mode 100644 index 0810ecf1..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/load_options.go +++ /dev/null @@ -1,1209 +0,0 @@ -package config - -import ( - "context" - "io" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds" - "github.com/aws/aws-sdk-go-v2/credentials/endpointcreds" - "github.com/aws/aws-sdk-go-v2/credentials/processcreds" - "github.com/aws/aws-sdk-go-v2/credentials/ssocreds" - "github.com/aws/aws-sdk-go-v2/credentials/stscreds" - "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" - smithybearer "github.com/aws/smithy-go/auth/bearer" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/middleware" -) - -// LoadOptionsFunc is a type alias for LoadOptions functional option -type LoadOptionsFunc func(*LoadOptions) error - -// LoadOptions are discrete set of options that are valid for loading the -// configuration -type LoadOptions struct { - - // Region is the region to send requests to. - Region string - - // Credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // Token provider for authentication operations with bearer authentication. - BearerAuthTokenProvider smithybearer.TokenProvider - - // HTTPClient the SDK's API clients will use to invoke HTTP requests. - HTTPClient HTTPClient - - // EndpointResolver that can be used to provide or override an endpoint for - // the given service and region. - // - // See the `aws.EndpointResolver` documentation on usage. - // - // Deprecated: See EndpointResolverWithOptions - EndpointResolver aws.EndpointResolver - - // EndpointResolverWithOptions that can be used to provide or override an - // endpoint for the given service and region. - // - // See the `aws.EndpointResolverWithOptions` documentation on usage. - EndpointResolverWithOptions aws.EndpointResolverWithOptions - - // RetryMaxAttempts specifies the maximum number attempts an API client - // will call an operation that fails with a retryable error. - // - // This value will only be used if Retryer option is nil. - RetryMaxAttempts int - - // RetryMode specifies the retry model the API client will be created with. - // - // This value will only be used if Retryer option is nil. - RetryMode aws.RetryMode - - // Retryer is a function that provides a Retryer implementation. A Retryer - // guides how HTTP requests should be retried in case of recoverable - // failures. - // - // If not nil, RetryMaxAttempts, and RetryMode will be ignored. - Retryer func() aws.Retryer - - // APIOptions provides the set of middleware mutations modify how the API - // client requests will be handled. This is useful for adding additional - // tracing data to a request, or changing behavior of the SDK's client. - APIOptions []func(*middleware.Stack) error - - // Logger writer interface to write logging messages to. - Logger logging.Logger - - // ClientLogMode is used to configure the events that will be sent to the - // configured logger. This can be used to configure the logging of signing, - // retries, request, and responses of the SDK clients. - // - // See the ClientLogMode type documentation for the complete set of logging - // modes and available configuration. - ClientLogMode *aws.ClientLogMode - - // SharedConfigProfile is the profile to be used when loading the SharedConfig - SharedConfigProfile string - - // SharedConfigFiles is the slice of custom shared config files to use when - // loading the SharedConfig. A non-default profile used within config file - // must have name defined with prefix 'profile '. eg [profile xyz] - // indicates a profile with name 'xyz'. To read more on the format of the - // config file, please refer the documentation at - // https://docs.aws.amazon.com/credref/latest/refdocs/file-format.html#file-format-config - // - // If duplicate profiles are provided within the same, or across multiple - // shared config files, the next parsed profile will override only the - // properties that conflict with the previously defined profile. Note that - // if duplicate profiles are provided within the SharedCredentialsFiles and - // SharedConfigFiles, the properties defined in shared credentials file - // take precedence. - SharedConfigFiles []string - - // SharedCredentialsFile is the slice of custom shared credentials files to - // use when loading the SharedConfig. The profile name used within - // credentials file must not prefix 'profile '. eg [xyz] indicates a - // profile with name 'xyz'. Profile declared as [profile xyz] will be - // ignored. To read more on the format of the credentials file, please - // refer the documentation at - // https://docs.aws.amazon.com/credref/latest/refdocs/file-format.html#file-format-creds - // - // If duplicate profiles are provided with a same, or across multiple - // shared credentials files, the next parsed profile will override only - // properties that conflict with the previously defined profile. Note that - // if duplicate profiles are provided within the SharedCredentialsFiles and - // SharedConfigFiles, the properties defined in shared credentials file - // take precedence. - SharedCredentialsFiles []string - - // CustomCABundle is CA bundle PEM bytes reader - CustomCABundle io.Reader - - // DefaultRegion is the fall back region, used if a region was not resolved - // from other sources - DefaultRegion string - - // UseEC2IMDSRegion indicates if SDK should retrieve the region - // from the EC2 Metadata service - UseEC2IMDSRegion *UseEC2IMDSRegion - - // CredentialsCacheOptions is a function for setting the - // aws.CredentialsCacheOptions - CredentialsCacheOptions func(*aws.CredentialsCacheOptions) - - // BearerAuthTokenCacheOptions is a function for setting the smithy-go - // auth/bearer#TokenCacheOptions - BearerAuthTokenCacheOptions func(*smithybearer.TokenCacheOptions) - - // SSOTokenProviderOptions is a function for setting the - // credentials/ssocreds.SSOTokenProviderOptions - SSOTokenProviderOptions func(*ssocreds.SSOTokenProviderOptions) - - // ProcessCredentialOptions is a function for setting - // the processcreds.Options - ProcessCredentialOptions func(*processcreds.Options) - - // EC2RoleCredentialOptions is a function for setting - // the ec2rolecreds.Options - EC2RoleCredentialOptions func(*ec2rolecreds.Options) - - // EndpointCredentialOptions is a function for setting - // the endpointcreds.Options - EndpointCredentialOptions func(*endpointcreds.Options) - - // WebIdentityRoleCredentialOptions is a function for setting - // the stscreds.WebIdentityRoleOptions - WebIdentityRoleCredentialOptions func(*stscreds.WebIdentityRoleOptions) - - // AssumeRoleCredentialOptions is a function for setting the - // stscreds.AssumeRoleOptions - AssumeRoleCredentialOptions func(*stscreds.AssumeRoleOptions) - - // SSOProviderOptions is a function for setting - // the ssocreds.Options - SSOProviderOptions func(options *ssocreds.Options) - - // LogConfigurationWarnings when set to true, enables logging - // configuration warnings - LogConfigurationWarnings *bool - - // S3UseARNRegion specifies if the S3 service should allow ARNs to direct - // the region, the client's requests are sent to. - S3UseARNRegion *bool - - // S3DisableMultiRegionAccessPoints specifies if the S3 service should disable - // the S3 Multi-Region access points feature. - S3DisableMultiRegionAccessPoints *bool - - // EnableEndpointDiscovery specifies if endpoint discovery is enable for - // the client. - EnableEndpointDiscovery aws.EndpointDiscoveryEnableState - - // Specifies if the EC2 IMDS service client is enabled. - // - // AWS_EC2_METADATA_DISABLED=true - EC2IMDSClientEnableState imds.ClientEnableState - - // Specifies the EC2 Instance Metadata Service default endpoint selection - // mode (IPv4 or IPv6) - EC2IMDSEndpointMode imds.EndpointModeState - - // Specifies the EC2 Instance Metadata Service endpoint to use. If - // specified it overrides EC2IMDSEndpointMode. - EC2IMDSEndpoint string - - // Specifies that SDK clients must resolve a dual-stack endpoint for - // services. - UseDualStackEndpoint aws.DualStackEndpointState - - // Specifies that SDK clients must resolve a FIPS endpoint for - // services. - UseFIPSEndpoint aws.FIPSEndpointState - - // Specifies the SDK configuration mode for defaults. - DefaultsModeOptions DefaultsModeOptions - - // The sdk app ID retrieved from env var or shared config to be added to request user agent header - AppID string - - // Specifies whether an operation request could be compressed - DisableRequestCompression *bool - - // The inclusive min bytes of a request body that could be compressed - RequestMinCompressSizeBytes *int64 - - // Whether S3 Express auth is disabled. - S3DisableExpressAuth *bool - - // Whether account id should be built into endpoint resolution - AccountIDEndpointMode aws.AccountIDEndpointMode - - // Specify if request checksum should be calculated - RequestChecksumCalculation aws.RequestChecksumCalculation - - // Specifies if response checksum should be validated - ResponseChecksumValidation aws.ResponseChecksumValidation - - // Service endpoint override. This value is not necessarily final and is - // passed to the service's EndpointResolverV2 for further delegation. - BaseEndpoint string -} - -func (o LoadOptions) getDefaultsMode(ctx context.Context) (aws.DefaultsMode, bool, error) { - if len(o.DefaultsModeOptions.Mode) == 0 { - return "", false, nil - } - return o.DefaultsModeOptions.Mode, true, nil -} - -// GetRetryMaxAttempts returns the RetryMaxAttempts if specified in the -// LoadOptions and not 0. -func (o LoadOptions) GetRetryMaxAttempts(ctx context.Context) (int, bool, error) { - if o.RetryMaxAttempts == 0 { - return 0, false, nil - } - return o.RetryMaxAttempts, true, nil -} - -// GetRetryMode returns the RetryMode specified in the LoadOptions. -func (o LoadOptions) GetRetryMode(ctx context.Context) (aws.RetryMode, bool, error) { - if len(o.RetryMode) == 0 { - return "", false, nil - } - return o.RetryMode, true, nil -} - -func (o LoadOptions) getDefaultsModeIMDSClient(ctx context.Context) (*imds.Client, bool, error) { - if o.DefaultsModeOptions.IMDSClient == nil { - return nil, false, nil - } - return o.DefaultsModeOptions.IMDSClient, true, nil -} - -// getRegion returns Region from config's LoadOptions -func (o LoadOptions) getRegion(ctx context.Context) (string, bool, error) { - if len(o.Region) == 0 { - return "", false, nil - } - - return o.Region, true, nil -} - -// getAppID returns AppID from config's LoadOptions -func (o LoadOptions) getAppID(ctx context.Context) (string, bool, error) { - return o.AppID, len(o.AppID) > 0, nil -} - -// getDisableRequestCompression returns DisableRequestCompression from config's LoadOptions -func (o LoadOptions) getDisableRequestCompression(ctx context.Context) (bool, bool, error) { - if o.DisableRequestCompression == nil { - return false, false, nil - } - return *o.DisableRequestCompression, true, nil -} - -// getRequestMinCompressSizeBytes returns RequestMinCompressSizeBytes from config's LoadOptions -func (o LoadOptions) getRequestMinCompressSizeBytes(ctx context.Context) (int64, bool, error) { - if o.RequestMinCompressSizeBytes == nil { - return 0, false, nil - } - return *o.RequestMinCompressSizeBytes, true, nil -} - -func (o LoadOptions) getAccountIDEndpointMode(ctx context.Context) (aws.AccountIDEndpointMode, bool, error) { - return o.AccountIDEndpointMode, len(o.AccountIDEndpointMode) > 0, nil -} - -func (o LoadOptions) getRequestChecksumCalculation(ctx context.Context) (aws.RequestChecksumCalculation, bool, error) { - return o.RequestChecksumCalculation, o.RequestChecksumCalculation > 0, nil -} - -func (o LoadOptions) getResponseChecksumValidation(ctx context.Context) (aws.ResponseChecksumValidation, bool, error) { - return o.ResponseChecksumValidation, o.ResponseChecksumValidation > 0, nil -} - -func (o LoadOptions) getBaseEndpoint(context.Context) (string, bool, error) { - return o.BaseEndpoint, o.BaseEndpoint != "", nil -} - -// GetServiceBaseEndpoint satisfies (internal/configsources).ServiceBaseEndpointProvider. -// -// The sdkID value is unused because LoadOptions only supports setting a GLOBAL -// endpoint override. In-code, per-service endpoint overrides are performed via -// functional options in service client space. -func (o LoadOptions) GetServiceBaseEndpoint(context.Context, string) (string, bool, error) { - return o.BaseEndpoint, o.BaseEndpoint != "", nil -} - -// WithRegion is a helper function to construct functional options -// that sets Region on config's LoadOptions. Setting the region to -// an empty string, will result in the region value being ignored. -// If multiple WithRegion calls are made, the last call overrides -// the previous call values. -func WithRegion(v string) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.Region = v - return nil - } -} - -// WithAppID is a helper function to construct functional options -// that sets AppID on config's LoadOptions. -func WithAppID(ID string) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.AppID = ID - return nil - } -} - -// WithDisableRequestCompression is a helper function to construct functional options -// that sets DisableRequestCompression on config's LoadOptions. -func WithDisableRequestCompression(DisableRequestCompression *bool) LoadOptionsFunc { - return func(o *LoadOptions) error { - if DisableRequestCompression == nil { - return nil - } - o.DisableRequestCompression = DisableRequestCompression - return nil - } -} - -// WithRequestMinCompressSizeBytes is a helper function to construct functional options -// that sets RequestMinCompressSizeBytes on config's LoadOptions. -func WithRequestMinCompressSizeBytes(RequestMinCompressSizeBytes *int64) LoadOptionsFunc { - return func(o *LoadOptions) error { - if RequestMinCompressSizeBytes == nil { - return nil - } - o.RequestMinCompressSizeBytes = RequestMinCompressSizeBytes - return nil - } -} - -// WithAccountIDEndpointMode is a helper function to construct functional options -// that sets AccountIDEndpointMode on config's LoadOptions -func WithAccountIDEndpointMode(m aws.AccountIDEndpointMode) LoadOptionsFunc { - return func(o *LoadOptions) error { - if m != "" { - o.AccountIDEndpointMode = m - } - return nil - } -} - -// WithRequestChecksumCalculation is a helper function to construct functional options -// that sets RequestChecksumCalculation on config's LoadOptions -func WithRequestChecksumCalculation(c aws.RequestChecksumCalculation) LoadOptionsFunc { - return func(o *LoadOptions) error { - if c > 0 { - o.RequestChecksumCalculation = c - } - return nil - } -} - -// WithResponseChecksumValidation is a helper function to construct functional options -// that sets ResponseChecksumValidation on config's LoadOptions -func WithResponseChecksumValidation(v aws.ResponseChecksumValidation) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.ResponseChecksumValidation = v - return nil - } -} - -// getDefaultRegion returns DefaultRegion from config's LoadOptions -func (o LoadOptions) getDefaultRegion(ctx context.Context) (string, bool, error) { - if len(o.DefaultRegion) == 0 { - return "", false, nil - } - - return o.DefaultRegion, true, nil -} - -// WithDefaultRegion is a helper function to construct functional options -// that sets a DefaultRegion on config's LoadOptions. Setting the default -// region to an empty string, will result in the default region value -// being ignored. If multiple WithDefaultRegion calls are made, the last -// call overrides the previous call values. Note that both WithRegion and -// WithEC2IMDSRegion call takes precedence over WithDefaultRegion call -// when resolving region. -func WithDefaultRegion(v string) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.DefaultRegion = v - return nil - } -} - -// getSharedConfigProfile returns SharedConfigProfile from config's LoadOptions -func (o LoadOptions) getSharedConfigProfile(ctx context.Context) (string, bool, error) { - if len(o.SharedConfigProfile) == 0 { - return "", false, nil - } - - return o.SharedConfigProfile, true, nil -} - -// WithSharedConfigProfile is a helper function to construct functional options -// that sets SharedConfigProfile on config's LoadOptions. Setting the shared -// config profile to an empty string, will result in the shared config profile -// value being ignored. -// If multiple WithSharedConfigProfile calls are made, the last call overrides -// the previous call values. -func WithSharedConfigProfile(v string) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.SharedConfigProfile = v - return nil - } -} - -// getSharedConfigFiles returns SharedConfigFiles set on config's LoadOptions -func (o LoadOptions) getSharedConfigFiles(ctx context.Context) ([]string, bool, error) { - if o.SharedConfigFiles == nil { - return nil, false, nil - } - - return o.SharedConfigFiles, true, nil -} - -// WithSharedConfigFiles is a helper function to construct functional options -// that sets slice of SharedConfigFiles on config's LoadOptions. -// Setting the shared config files to an nil string slice, will result in the -// shared config files value being ignored. -// If multiple WithSharedConfigFiles calls are made, the last call overrides -// the previous call values. -func WithSharedConfigFiles(v []string) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.SharedConfigFiles = v - return nil - } -} - -// getSharedCredentialsFiles returns SharedCredentialsFiles set on config's LoadOptions -func (o LoadOptions) getSharedCredentialsFiles(ctx context.Context) ([]string, bool, error) { - if o.SharedCredentialsFiles == nil { - return nil, false, nil - } - - return o.SharedCredentialsFiles, true, nil -} - -// WithSharedCredentialsFiles is a helper function to construct functional options -// that sets slice of SharedCredentialsFiles on config's LoadOptions. -// Setting the shared credentials files to an nil string slice, will result in the -// shared credentials files value being ignored. -// If multiple WithSharedCredentialsFiles calls are made, the last call overrides -// the previous call values. -func WithSharedCredentialsFiles(v []string) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.SharedCredentialsFiles = v - return nil - } -} - -// getCustomCABundle returns CustomCABundle from LoadOptions -func (o LoadOptions) getCustomCABundle(ctx context.Context) (io.Reader, bool, error) { - if o.CustomCABundle == nil { - return nil, false, nil - } - - return o.CustomCABundle, true, nil -} - -// WithCustomCABundle is a helper function to construct functional options -// that sets CustomCABundle on config's LoadOptions. Setting the custom CA Bundle -// to nil will result in custom CA Bundle value being ignored. -// If multiple WithCustomCABundle calls are made, the last call overrides the -// previous call values. -func WithCustomCABundle(v io.Reader) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.CustomCABundle = v - return nil - } -} - -// UseEC2IMDSRegion provides a regionProvider that retrieves the region -// from the EC2 Metadata service. -type UseEC2IMDSRegion struct { - // If unset will default to generic EC2 IMDS client. - Client *imds.Client -} - -// getRegion attempts to retrieve the region from EC2 Metadata service. -func (p *UseEC2IMDSRegion) getRegion(ctx context.Context) (string, bool, error) { - if ctx == nil { - ctx = context.Background() - } - - client := p.Client - if client == nil { - client = imds.New(imds.Options{}) - } - - result, err := client.GetRegion(ctx, nil) - if err != nil { - return "", false, err - } - if len(result.Region) != 0 { - return result.Region, true, nil - } - return "", false, nil -} - -// getEC2IMDSRegion returns the value of EC2 IMDS region. -func (o LoadOptions) getEC2IMDSRegion(ctx context.Context) (string, bool, error) { - if o.UseEC2IMDSRegion == nil { - return "", false, nil - } - - return o.UseEC2IMDSRegion.getRegion(ctx) -} - -// WithEC2IMDSRegion is a helper function to construct functional options -// that enables resolving EC2IMDS region. The function takes -// in a UseEC2IMDSRegion functional option, and can be used to set the -// EC2IMDS client which will be used to resolve EC2IMDSRegion. -// If no functional option is provided, an EC2IMDS client is built and used -// by the resolver. If multiple WithEC2IMDSRegion calls are made, the last -// call overrides the previous call values. Note that the WithRegion calls takes -// precedence over WithEC2IMDSRegion when resolving region. -func WithEC2IMDSRegion(fnOpts ...func(o *UseEC2IMDSRegion)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.UseEC2IMDSRegion = &UseEC2IMDSRegion{} - - for _, fn := range fnOpts { - fn(o.UseEC2IMDSRegion) - } - return nil - } -} - -// getCredentialsProvider returns the credentials value -func (o LoadOptions) getCredentialsProvider(ctx context.Context) (aws.CredentialsProvider, bool, error) { - if o.Credentials == nil { - return nil, false, nil - } - - return o.Credentials, true, nil -} - -// WithCredentialsProvider is a helper function to construct functional options -// that sets Credential provider value on config's LoadOptions. If credentials -// provider is set to nil, the credentials provider value will be ignored. -// If multiple WithCredentialsProvider calls are made, the last call overrides -// the previous call values. -func WithCredentialsProvider(v aws.CredentialsProvider) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.Credentials = v - return nil - } -} - -// getCredentialsCacheOptionsProvider returns the wrapped function to set aws.CredentialsCacheOptions -func (o LoadOptions) getCredentialsCacheOptions(ctx context.Context) (func(*aws.CredentialsCacheOptions), bool, error) { - if o.CredentialsCacheOptions == nil { - return nil, false, nil - } - - return o.CredentialsCacheOptions, true, nil -} - -// WithCredentialsCacheOptions is a helper function to construct functional -// options that sets a function to modify the aws.CredentialsCacheOptions the -// aws.CredentialsCache will be configured with, if the CredentialsCache is used -// by the configuration loader. -// -// If multiple WithCredentialsCacheOptions calls are made, the last call -// overrides the previous call values. -func WithCredentialsCacheOptions(v func(*aws.CredentialsCacheOptions)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.CredentialsCacheOptions = v - return nil - } -} - -// getBearerAuthTokenProvider returns the credentials value -func (o LoadOptions) getBearerAuthTokenProvider(ctx context.Context) (smithybearer.TokenProvider, bool, error) { - if o.BearerAuthTokenProvider == nil { - return nil, false, nil - } - - return o.BearerAuthTokenProvider, true, nil -} - -// WithBearerAuthTokenProvider is a helper function to construct functional options -// that sets Credential provider value on config's LoadOptions. If credentials -// provider is set to nil, the credentials provider value will be ignored. -// If multiple WithBearerAuthTokenProvider calls are made, the last call overrides -// the previous call values. -func WithBearerAuthTokenProvider(v smithybearer.TokenProvider) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.BearerAuthTokenProvider = v - return nil - } -} - -// getBearerAuthTokenCacheOptionsProvider returns the wrapped function to set smithybearer.TokenCacheOptions -func (o LoadOptions) getBearerAuthTokenCacheOptions(ctx context.Context) (func(*smithybearer.TokenCacheOptions), bool, error) { - if o.BearerAuthTokenCacheOptions == nil { - return nil, false, nil - } - - return o.BearerAuthTokenCacheOptions, true, nil -} - -// WithBearerAuthTokenCacheOptions is a helper function to construct functional options -// that sets a function to modify the TokenCacheOptions the smithy-go -// auth/bearer#TokenCache will be configured with, if the TokenCache is used by -// the configuration loader. -// -// If multiple WithBearerAuthTokenCacheOptions calls are made, the last call overrides -// the previous call values. -func WithBearerAuthTokenCacheOptions(v func(*smithybearer.TokenCacheOptions)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.BearerAuthTokenCacheOptions = v - return nil - } -} - -// getSSOTokenProviderOptionsProvider returns the wrapped function to set smithybearer.TokenCacheOptions -func (o LoadOptions) getSSOTokenProviderOptions(ctx context.Context) (func(*ssocreds.SSOTokenProviderOptions), bool, error) { - if o.SSOTokenProviderOptions == nil { - return nil, false, nil - } - - return o.SSOTokenProviderOptions, true, nil -} - -// WithSSOTokenProviderOptions is a helper function to construct functional -// options that sets a function to modify the SSOtokenProviderOptions the SDK's -// credentials/ssocreds#SSOProvider will be configured with, if the -// SSOTokenProvider is used by the configuration loader. -// -// If multiple WithSSOTokenProviderOptions calls are made, the last call overrides -// the previous call values. -func WithSSOTokenProviderOptions(v func(*ssocreds.SSOTokenProviderOptions)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.SSOTokenProviderOptions = v - return nil - } -} - -// getProcessCredentialOptions returns the wrapped function to set processcreds.Options -func (o LoadOptions) getProcessCredentialOptions(ctx context.Context) (func(*processcreds.Options), bool, error) { - if o.ProcessCredentialOptions == nil { - return nil, false, nil - } - - return o.ProcessCredentialOptions, true, nil -} - -// WithProcessCredentialOptions is a helper function to construct functional options -// that sets a function to use processcreds.Options on config's LoadOptions. -// If process credential options is set to nil, the process credential value will -// be ignored. If multiple WithProcessCredentialOptions calls are made, the last call -// overrides the previous call values. -func WithProcessCredentialOptions(v func(*processcreds.Options)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.ProcessCredentialOptions = v - return nil - } -} - -// getEC2RoleCredentialOptions returns the wrapped function to set the ec2rolecreds.Options -func (o LoadOptions) getEC2RoleCredentialOptions(ctx context.Context) (func(*ec2rolecreds.Options), bool, error) { - if o.EC2RoleCredentialOptions == nil { - return nil, false, nil - } - - return o.EC2RoleCredentialOptions, true, nil -} - -// WithEC2RoleCredentialOptions is a helper function to construct functional options -// that sets a function to use ec2rolecreds.Options on config's LoadOptions. If -// EC2 role credential options is set to nil, the EC2 role credential options value -// will be ignored. If multiple WithEC2RoleCredentialOptions calls are made, -// the last call overrides the previous call values. -func WithEC2RoleCredentialOptions(v func(*ec2rolecreds.Options)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.EC2RoleCredentialOptions = v - return nil - } -} - -// getEndpointCredentialOptions returns the wrapped function to set endpointcreds.Options -func (o LoadOptions) getEndpointCredentialOptions(context.Context) (func(*endpointcreds.Options), bool, error) { - if o.EndpointCredentialOptions == nil { - return nil, false, nil - } - - return o.EndpointCredentialOptions, true, nil -} - -// WithEndpointCredentialOptions is a helper function to construct functional options -// that sets a function to use endpointcreds.Options on config's LoadOptions. If -// endpoint credential options is set to nil, the endpoint credential options -// value will be ignored. If multiple WithEndpointCredentialOptions calls are made, -// the last call overrides the previous call values. -func WithEndpointCredentialOptions(v func(*endpointcreds.Options)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.EndpointCredentialOptions = v - return nil - } -} - -// getWebIdentityRoleCredentialOptions returns the wrapped function -func (o LoadOptions) getWebIdentityRoleCredentialOptions(context.Context) (func(*stscreds.WebIdentityRoleOptions), bool, error) { - if o.WebIdentityRoleCredentialOptions == nil { - return nil, false, nil - } - - return o.WebIdentityRoleCredentialOptions, true, nil -} - -// WithWebIdentityRoleCredentialOptions is a helper function to construct -// functional options that sets a function to use stscreds.WebIdentityRoleOptions -// on config's LoadOptions. If web identity role credentials options is set to nil, -// the web identity role credentials value will be ignored. If multiple -// WithWebIdentityRoleCredentialOptions calls are made, the last call -// overrides the previous call values. -func WithWebIdentityRoleCredentialOptions(v func(*stscreds.WebIdentityRoleOptions)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.WebIdentityRoleCredentialOptions = v - return nil - } -} - -// getAssumeRoleCredentialOptions returns AssumeRoleCredentialOptions from LoadOptions -func (o LoadOptions) getAssumeRoleCredentialOptions(context.Context) (func(options *stscreds.AssumeRoleOptions), bool, error) { - if o.AssumeRoleCredentialOptions == nil { - return nil, false, nil - } - - return o.AssumeRoleCredentialOptions, true, nil -} - -// WithAssumeRoleCredentialOptions is a helper function to construct -// functional options that sets a function to use stscreds.AssumeRoleOptions -// on config's LoadOptions. If assume role credentials options is set to nil, -// the assume role credentials value will be ignored. If multiple -// WithAssumeRoleCredentialOptions calls are made, the last call overrides -// the previous call values. -func WithAssumeRoleCredentialOptions(v func(*stscreds.AssumeRoleOptions)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.AssumeRoleCredentialOptions = v - return nil - } -} - -func (o LoadOptions) getHTTPClient(ctx context.Context) (HTTPClient, bool, error) { - if o.HTTPClient == nil { - return nil, false, nil - } - - return o.HTTPClient, true, nil -} - -// WithHTTPClient is a helper function to construct functional options -// that sets HTTPClient on LoadOptions. If HTTPClient is set to nil, -// the HTTPClient value will be ignored. -// If multiple WithHTTPClient calls are made, the last call overrides -// the previous call values. -func WithHTTPClient(v HTTPClient) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.HTTPClient = v - return nil - } -} - -func (o LoadOptions) getAPIOptions(ctx context.Context) ([]func(*middleware.Stack) error, bool, error) { - if o.APIOptions == nil { - return nil, false, nil - } - - return o.APIOptions, true, nil -} - -// WithAPIOptions is a helper function to construct functional options -// that sets APIOptions on LoadOptions. If APIOptions is set to nil, the -// APIOptions value is ignored. If multiple WithAPIOptions calls are -// made, the last call overrides the previous call values. -func WithAPIOptions(v []func(*middleware.Stack) error) LoadOptionsFunc { - return func(o *LoadOptions) error { - if v == nil { - return nil - } - - o.APIOptions = append(o.APIOptions, v...) - return nil - } -} - -func (o LoadOptions) getRetryMaxAttempts(ctx context.Context) (int, bool, error) { - if o.RetryMaxAttempts == 0 { - return 0, false, nil - } - - return o.RetryMaxAttempts, true, nil -} - -// WithRetryMaxAttempts is a helper function to construct functional options that sets -// RetryMaxAttempts on LoadOptions. If RetryMaxAttempts is unset, the RetryMaxAttempts value is -// ignored. If multiple WithRetryMaxAttempts calls are made, the last call overrides -// the previous call values. -// -// Will be ignored of LoadOptions.Retryer or WithRetryer are used. -func WithRetryMaxAttempts(v int) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.RetryMaxAttempts = v - return nil - } -} - -func (o LoadOptions) getRetryMode(ctx context.Context) (aws.RetryMode, bool, error) { - if o.RetryMode == "" { - return "", false, nil - } - - return o.RetryMode, true, nil -} - -// WithRetryMode is a helper function to construct functional options that sets -// RetryMode on LoadOptions. If RetryMode is unset, the RetryMode value is -// ignored. If multiple WithRetryMode calls are made, the last call overrides -// the previous call values. -// -// Will be ignored of LoadOptions.Retryer or WithRetryer are used. -func WithRetryMode(v aws.RetryMode) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.RetryMode = v - return nil - } -} - -func (o LoadOptions) getRetryer(ctx context.Context) (func() aws.Retryer, bool, error) { - if o.Retryer == nil { - return nil, false, nil - } - - return o.Retryer, true, nil -} - -// WithRetryer is a helper function to construct functional options -// that sets Retryer on LoadOptions. If Retryer is set to nil, the -// Retryer value is ignored. If multiple WithRetryer calls are -// made, the last call overrides the previous call values. -func WithRetryer(v func() aws.Retryer) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.Retryer = v - return nil - } -} - -func (o LoadOptions) getEndpointResolver(ctx context.Context) (aws.EndpointResolver, bool, error) { - if o.EndpointResolver == nil { - return nil, false, nil - } - - return o.EndpointResolver, true, nil -} - -// WithEndpointResolver is a helper function to construct functional options -// that sets the EndpointResolver on LoadOptions. If the EndpointResolver is set to nil, -// the EndpointResolver value is ignored. If multiple WithEndpointResolver calls -// are made, the last call overrides the previous call values. -// -// Deprecated: The global endpoint resolution interface is deprecated. The API -// for endpoint resolution is now unique to each service and is set via the -// EndpointResolverV2 field on service client options. Use of -// WithEndpointResolver or WithEndpointResolverWithOptions will prevent you -// from using any endpoint-related service features released after the -// introduction of EndpointResolverV2. You may also encounter broken or -// unexpected behavior when using the old global interface with services that -// use many endpoint-related customizations such as S3. -func WithEndpointResolver(v aws.EndpointResolver) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.EndpointResolver = v - return nil - } -} - -func (o LoadOptions) getEndpointResolverWithOptions(ctx context.Context) (aws.EndpointResolverWithOptions, bool, error) { - if o.EndpointResolverWithOptions == nil { - return nil, false, nil - } - - return o.EndpointResolverWithOptions, true, nil -} - -// WithEndpointResolverWithOptions is a helper function to construct functional options -// that sets the EndpointResolverWithOptions on LoadOptions. If the EndpointResolverWithOptions is set to nil, -// the EndpointResolver value is ignored. If multiple WithEndpointResolver calls -// are made, the last call overrides the previous call values. -// -// Deprecated: The global endpoint resolution interface is deprecated. See -// deprecation docs on [WithEndpointResolver]. -func WithEndpointResolverWithOptions(v aws.EndpointResolverWithOptions) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.EndpointResolverWithOptions = v - return nil - } -} - -func (o LoadOptions) getLogger(ctx context.Context) (logging.Logger, bool, error) { - if o.Logger == nil { - return nil, false, nil - } - - return o.Logger, true, nil -} - -// WithLogger is a helper function to construct functional options -// that sets Logger on LoadOptions. If Logger is set to nil, the -// Logger value will be ignored. If multiple WithLogger calls are made, -// the last call overrides the previous call values. -func WithLogger(v logging.Logger) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.Logger = v - return nil - } -} - -func (o LoadOptions) getClientLogMode(ctx context.Context) (aws.ClientLogMode, bool, error) { - if o.ClientLogMode == nil { - return 0, false, nil - } - - return *o.ClientLogMode, true, nil -} - -// WithClientLogMode is a helper function to construct functional options -// that sets client log mode on LoadOptions. If client log mode is set to nil, -// the client log mode value will be ignored. If multiple WithClientLogMode calls are made, -// the last call overrides the previous call values. -func WithClientLogMode(v aws.ClientLogMode) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.ClientLogMode = &v - return nil - } -} - -func (o LoadOptions) getLogConfigurationWarnings(ctx context.Context) (v bool, found bool, err error) { - if o.LogConfigurationWarnings == nil { - return false, false, nil - } - return *o.LogConfigurationWarnings, true, nil -} - -// WithLogConfigurationWarnings is a helper function to construct -// functional options that can be used to set LogConfigurationWarnings -// on LoadOptions. -// -// If multiple WithLogConfigurationWarnings calls are made, the last call -// overrides the previous call values. -func WithLogConfigurationWarnings(v bool) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.LogConfigurationWarnings = &v - return nil - } -} - -// GetS3UseARNRegion returns whether to allow ARNs to direct the region -// the S3 client's requests are sent to. -func (o LoadOptions) GetS3UseARNRegion(ctx context.Context) (v bool, found bool, err error) { - if o.S3UseARNRegion == nil { - return false, false, nil - } - return *o.S3UseARNRegion, true, nil -} - -// WithS3UseARNRegion is a helper function to construct functional options -// that can be used to set S3UseARNRegion on LoadOptions. -// If multiple WithS3UseARNRegion calls are made, the last call overrides -// the previous call values. -func WithS3UseARNRegion(v bool) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.S3UseARNRegion = &v - return nil - } -} - -// GetS3DisableMultiRegionAccessPoints returns whether to disable -// the S3 multi-region access points feature. -func (o LoadOptions) GetS3DisableMultiRegionAccessPoints(ctx context.Context) (v bool, found bool, err error) { - if o.S3DisableMultiRegionAccessPoints == nil { - return false, false, nil - } - return *o.S3DisableMultiRegionAccessPoints, true, nil -} - -// WithS3DisableMultiRegionAccessPoints is a helper function to construct functional options -// that can be used to set S3DisableMultiRegionAccessPoints on LoadOptions. -// If multiple WithS3DisableMultiRegionAccessPoints calls are made, the last call overrides -// the previous call values. -func WithS3DisableMultiRegionAccessPoints(v bool) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.S3DisableMultiRegionAccessPoints = &v - return nil - } -} - -// GetEnableEndpointDiscovery returns if the EnableEndpointDiscovery flag is set. -func (o LoadOptions) GetEnableEndpointDiscovery(ctx context.Context) (value aws.EndpointDiscoveryEnableState, ok bool, err error) { - if o.EnableEndpointDiscovery == aws.EndpointDiscoveryUnset { - return aws.EndpointDiscoveryUnset, false, nil - } - return o.EnableEndpointDiscovery, true, nil -} - -// WithEndpointDiscovery is a helper function to construct functional options -// that can be used to enable endpoint discovery on LoadOptions for supported clients. -// If multiple WithEndpointDiscovery calls are made, the last call overrides -// the previous call values. -func WithEndpointDiscovery(v aws.EndpointDiscoveryEnableState) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.EnableEndpointDiscovery = v - return nil - } -} - -// getSSOProviderOptions returns AssumeRoleCredentialOptions from LoadOptions -func (o LoadOptions) getSSOProviderOptions(context.Context) (func(options *ssocreds.Options), bool, error) { - if o.SSOProviderOptions == nil { - return nil, false, nil - } - - return o.SSOProviderOptions, true, nil -} - -// WithSSOProviderOptions is a helper function to construct -// functional options that sets a function to use ssocreds.Options -// on config's LoadOptions. If the SSO credential provider options is set to nil, -// the sso provider options value will be ignored. If multiple -// WithSSOProviderOptions calls are made, the last call overrides -// the previous call values. -func WithSSOProviderOptions(v func(*ssocreds.Options)) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.SSOProviderOptions = v - return nil - } -} - -// GetEC2IMDSClientEnableState implements a EC2IMDSClientEnableState options resolver interface. -func (o LoadOptions) GetEC2IMDSClientEnableState() (imds.ClientEnableState, bool, error) { - if o.EC2IMDSClientEnableState == imds.ClientDefaultEnableState { - return imds.ClientDefaultEnableState, false, nil - } - - return o.EC2IMDSClientEnableState, true, nil -} - -// GetEC2IMDSEndpointMode implements a EC2IMDSEndpointMode option resolver interface. -func (o LoadOptions) GetEC2IMDSEndpointMode() (imds.EndpointModeState, bool, error) { - if o.EC2IMDSEndpointMode == imds.EndpointModeStateUnset { - return imds.EndpointModeStateUnset, false, nil - } - - return o.EC2IMDSEndpointMode, true, nil -} - -// GetEC2IMDSEndpoint implements a EC2IMDSEndpoint option resolver interface. -func (o LoadOptions) GetEC2IMDSEndpoint() (string, bool, error) { - if len(o.EC2IMDSEndpoint) == 0 { - return "", false, nil - } - - return o.EC2IMDSEndpoint, true, nil -} - -// WithEC2IMDSClientEnableState is a helper function to construct functional options that sets the EC2IMDSClientEnableState. -func WithEC2IMDSClientEnableState(v imds.ClientEnableState) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.EC2IMDSClientEnableState = v - return nil - } -} - -// WithEC2IMDSEndpointMode is a helper function to construct functional options that sets the EC2IMDSEndpointMode. -func WithEC2IMDSEndpointMode(v imds.EndpointModeState) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.EC2IMDSEndpointMode = v - return nil - } -} - -// WithEC2IMDSEndpoint is a helper function to construct functional options that sets the EC2IMDSEndpoint. -func WithEC2IMDSEndpoint(v string) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.EC2IMDSEndpoint = v - return nil - } -} - -// WithUseDualStackEndpoint is a helper function to construct -// functional options that can be used to set UseDualStackEndpoint on LoadOptions. -func WithUseDualStackEndpoint(v aws.DualStackEndpointState) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.UseDualStackEndpoint = v - return nil - } -} - -// GetUseDualStackEndpoint returns whether the service's dual-stack endpoint should be -// used for requests. -func (o LoadOptions) GetUseDualStackEndpoint(ctx context.Context) (value aws.DualStackEndpointState, found bool, err error) { - if o.UseDualStackEndpoint == aws.DualStackEndpointStateUnset { - return aws.DualStackEndpointStateUnset, false, nil - } - return o.UseDualStackEndpoint, true, nil -} - -// WithUseFIPSEndpoint is a helper function to construct -// functional options that can be used to set UseFIPSEndpoint on LoadOptions. -func WithUseFIPSEndpoint(v aws.FIPSEndpointState) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.UseFIPSEndpoint = v - return nil - } -} - -// GetUseFIPSEndpoint returns whether the service's FIPS endpoint should be -// used for requests. -func (o LoadOptions) GetUseFIPSEndpoint(ctx context.Context) (value aws.FIPSEndpointState, found bool, err error) { - if o.UseFIPSEndpoint == aws.FIPSEndpointStateUnset { - return aws.FIPSEndpointStateUnset, false, nil - } - return o.UseFIPSEndpoint, true, nil -} - -// WithDefaultsMode sets the SDK defaults configuration mode to the value provided. -// -// Zero or more functional options can be provided to provide configuration options for performing -// environment discovery when using aws.DefaultsModeAuto. -func WithDefaultsMode(mode aws.DefaultsMode, optFns ...func(options *DefaultsModeOptions)) LoadOptionsFunc { - do := DefaultsModeOptions{ - Mode: mode, - } - for _, fn := range optFns { - fn(&do) - } - return func(options *LoadOptions) error { - options.DefaultsModeOptions = do - return nil - } -} - -// GetS3DisableExpressAuth returns the configured value for -// [EnvConfig.S3DisableExpressAuth]. -func (o LoadOptions) GetS3DisableExpressAuth() (value, ok bool) { - if o.S3DisableExpressAuth == nil { - return false, false - } - - return *o.S3DisableExpressAuth, true -} - -// WithS3DisableExpressAuth sets [LoadOptions.S3DisableExpressAuth] -// to the value provided. -func WithS3DisableExpressAuth(v bool) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.S3DisableExpressAuth = &v - return nil - } -} - -// WithBaseEndpoint is a helper function to construct functional options that -// sets BaseEndpoint on config's LoadOptions. Empty values have no effect, and -// subsequent calls to this API override previous ones. -// -// This is an in-code setting, therefore, any value set using this hook takes -// precedence over and will override ALL environment and shared config -// directives that set endpoint URLs. Functional options on service clients -// have higher specificity, and functional options that modify the value of -// BaseEndpoint on a client will take precedence over this setting. -func WithBaseEndpoint(v string) LoadOptionsFunc { - return func(o *LoadOptions) error { - o.BaseEndpoint = v - return nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/local.go b/vendor/github.com/aws/aws-sdk-go-v2/config/local.go deleted file mode 100644 index b629137c..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/local.go +++ /dev/null @@ -1,51 +0,0 @@ -package config - -import ( - "fmt" - "net" - "net/url" -) - -var lookupHostFn = net.LookupHost - -func isLoopbackHost(host string) (bool, error) { - ip := net.ParseIP(host) - if ip != nil { - return ip.IsLoopback(), nil - } - - // Host is not an ip, perform lookup - addrs, err := lookupHostFn(host) - if err != nil { - return false, err - } - if len(addrs) == 0 { - return false, fmt.Errorf("no addrs found for host, %s", host) - } - - for _, addr := range addrs { - if !net.ParseIP(addr).IsLoopback() { - return false, nil - } - } - - return true, nil -} - -func validateLocalURL(v string) error { - u, err := url.Parse(v) - if err != nil { - return err - } - - host := u.Hostname() - if len(host) == 0 { - return fmt.Errorf("unable to parse host from local HTTP cred provider URL") - } else if isLoopback, err := isLoopbackHost(host); err != nil { - return fmt.Errorf("failed to resolve host %q, %v", host, err) - } else if !isLoopback { - return fmt.Errorf("invalid endpoint host, %q, only host resolving to loopback addresses are allowed", host) - } - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/provider.go b/vendor/github.com/aws/aws-sdk-go-v2/config/provider.go deleted file mode 100644 index a8ff40d8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/provider.go +++ /dev/null @@ -1,755 +0,0 @@ -package config - -import ( - "context" - "io" - "net/http" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds" - "github.com/aws/aws-sdk-go-v2/credentials/endpointcreds" - "github.com/aws/aws-sdk-go-v2/credentials/processcreds" - "github.com/aws/aws-sdk-go-v2/credentials/ssocreds" - "github.com/aws/aws-sdk-go-v2/credentials/stscreds" - "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" - smithybearer "github.com/aws/smithy-go/auth/bearer" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/middleware" -) - -// sharedConfigProfileProvider provides access to the shared config profile -// name external configuration value. -type sharedConfigProfileProvider interface { - getSharedConfigProfile(ctx context.Context) (string, bool, error) -} - -// getSharedConfigProfile searches the configs for a sharedConfigProfileProvider -// and returns the value if found. Returns an error if a provider fails before a -// value is found. -func getSharedConfigProfile(ctx context.Context, configs configs) (value string, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(sharedConfigProfileProvider); ok { - value, found, err = p.getSharedConfigProfile(ctx) - if err != nil || found { - break - } - } - } - return -} - -// sharedConfigFilesProvider provides access to the shared config filesnames -// external configuration value. -type sharedConfigFilesProvider interface { - getSharedConfigFiles(ctx context.Context) ([]string, bool, error) -} - -// getSharedConfigFiles searches the configs for a sharedConfigFilesProvider -// and returns the value if found. Returns an error if a provider fails before a -// value is found. -func getSharedConfigFiles(ctx context.Context, configs configs) (value []string, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(sharedConfigFilesProvider); ok { - value, found, err = p.getSharedConfigFiles(ctx) - if err != nil || found { - break - } - } - } - - return -} - -// sharedCredentialsFilesProvider provides access to the shared credentials filesnames -// external configuration value. -type sharedCredentialsFilesProvider interface { - getSharedCredentialsFiles(ctx context.Context) ([]string, bool, error) -} - -// getSharedCredentialsFiles searches the configs for a sharedCredentialsFilesProvider -// and returns the value if found. Returns an error if a provider fails before a -// value is found. -func getSharedCredentialsFiles(ctx context.Context, configs configs) (value []string, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(sharedCredentialsFilesProvider); ok { - value, found, err = p.getSharedCredentialsFiles(ctx) - if err != nil || found { - break - } - } - } - - return -} - -// customCABundleProvider provides access to the custom CA bundle PEM bytes. -type customCABundleProvider interface { - getCustomCABundle(ctx context.Context) (io.Reader, bool, error) -} - -// getCustomCABundle searches the configs for a customCABundleProvider -// and returns the value if found. Returns an error if a provider fails before a -// value is found. -func getCustomCABundle(ctx context.Context, configs configs) (value io.Reader, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(customCABundleProvider); ok { - value, found, err = p.getCustomCABundle(ctx) - if err != nil || found { - break - } - } - } - - return -} - -// regionProvider provides access to the region external configuration value. -type regionProvider interface { - getRegion(ctx context.Context) (string, bool, error) -} - -// getRegion searches the configs for a regionProvider and returns the value -// if found. Returns an error if a provider fails before a value is found. -func getRegion(ctx context.Context, configs configs) (value string, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(regionProvider); ok { - value, found, err = p.getRegion(ctx) - if err != nil || found { - break - } - } - } - return -} - -// IgnoreConfiguredEndpointsProvider is needed to search for all providers -// that provide a flag to disable configured endpoints. -type IgnoreConfiguredEndpointsProvider interface { - GetIgnoreConfiguredEndpoints(ctx context.Context) (bool, bool, error) -} - -// GetIgnoreConfiguredEndpoints is used in knowing when to disable configured -// endpoints feature. -func GetIgnoreConfiguredEndpoints(ctx context.Context, configs []interface{}) (value bool, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(IgnoreConfiguredEndpointsProvider); ok { - value, found, err = p.GetIgnoreConfiguredEndpoints(ctx) - if err != nil || found { - break - } - } - } - return -} - -type baseEndpointProvider interface { - getBaseEndpoint(ctx context.Context) (string, bool, error) -} - -func getBaseEndpoint(ctx context.Context, configs configs) (value string, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(baseEndpointProvider); ok { - value, found, err = p.getBaseEndpoint(ctx) - if err != nil || found { - break - } - } - } - return -} - -type servicesObjectProvider interface { - getServicesObject(ctx context.Context) (map[string]map[string]string, bool, error) -} - -func getServicesObject(ctx context.Context, configs configs) (value map[string]map[string]string, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(servicesObjectProvider); ok { - value, found, err = p.getServicesObject(ctx) - if err != nil || found { - break - } - } - } - return -} - -// appIDProvider provides access to the sdk app ID value -type appIDProvider interface { - getAppID(ctx context.Context) (string, bool, error) -} - -func getAppID(ctx context.Context, configs configs) (value string, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(appIDProvider); ok { - value, found, err = p.getAppID(ctx) - if err != nil || found { - break - } - } - } - return -} - -// disableRequestCompressionProvider provides access to the DisableRequestCompression -type disableRequestCompressionProvider interface { - getDisableRequestCompression(context.Context) (bool, bool, error) -} - -func getDisableRequestCompression(ctx context.Context, configs configs) (value bool, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(disableRequestCompressionProvider); ok { - value, found, err = p.getDisableRequestCompression(ctx) - if err != nil || found { - break - } - } - } - return -} - -// requestMinCompressSizeBytesProvider provides access to the MinCompressSizeBytes -type requestMinCompressSizeBytesProvider interface { - getRequestMinCompressSizeBytes(context.Context) (int64, bool, error) -} - -func getRequestMinCompressSizeBytes(ctx context.Context, configs configs) (value int64, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(requestMinCompressSizeBytesProvider); ok { - value, found, err = p.getRequestMinCompressSizeBytes(ctx) - if err != nil || found { - break - } - } - } - return -} - -// accountIDEndpointModeProvider provides access to the AccountIDEndpointMode -type accountIDEndpointModeProvider interface { - getAccountIDEndpointMode(context.Context) (aws.AccountIDEndpointMode, bool, error) -} - -func getAccountIDEndpointMode(ctx context.Context, configs configs) (value aws.AccountIDEndpointMode, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(accountIDEndpointModeProvider); ok { - value, found, err = p.getAccountIDEndpointMode(ctx) - if err != nil || found { - break - } - } - } - return -} - -// requestChecksumCalculationProvider provides access to the RequestChecksumCalculation -type requestChecksumCalculationProvider interface { - getRequestChecksumCalculation(context.Context) (aws.RequestChecksumCalculation, bool, error) -} - -func getRequestChecksumCalculation(ctx context.Context, configs configs) (value aws.RequestChecksumCalculation, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(requestChecksumCalculationProvider); ok { - value, found, err = p.getRequestChecksumCalculation(ctx) - if err != nil || found { - break - } - } - } - return -} - -// responseChecksumValidationProvider provides access to the ResponseChecksumValidation -type responseChecksumValidationProvider interface { - getResponseChecksumValidation(context.Context) (aws.ResponseChecksumValidation, bool, error) -} - -func getResponseChecksumValidation(ctx context.Context, configs configs) (value aws.ResponseChecksumValidation, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(responseChecksumValidationProvider); ok { - value, found, err = p.getResponseChecksumValidation(ctx) - if err != nil || found { - break - } - } - } - return -} - -// ec2IMDSRegionProvider provides access to the ec2 imds region -// configuration value -type ec2IMDSRegionProvider interface { - getEC2IMDSRegion(ctx context.Context) (string, bool, error) -} - -// getEC2IMDSRegion searches the configs for a ec2IMDSRegionProvider and -// returns the value if found. Returns an error if a provider fails before -// a value is found. -func getEC2IMDSRegion(ctx context.Context, configs configs) (region string, found bool, err error) { - for _, cfg := range configs { - if provider, ok := cfg.(ec2IMDSRegionProvider); ok { - region, found, err = provider.getEC2IMDSRegion(ctx) - if err != nil || found { - break - } - } - } - return -} - -// credentialsProviderProvider provides access to the credentials external -// configuration value. -type credentialsProviderProvider interface { - getCredentialsProvider(ctx context.Context) (aws.CredentialsProvider, bool, error) -} - -// getCredentialsProvider searches the configs for a credentialsProviderProvider -// and returns the value if found. Returns an error if a provider fails before a -// value is found. -func getCredentialsProvider(ctx context.Context, configs configs) (p aws.CredentialsProvider, found bool, err error) { - for _, cfg := range configs { - if provider, ok := cfg.(credentialsProviderProvider); ok { - p, found, err = provider.getCredentialsProvider(ctx) - if err != nil || found { - break - } - } - } - return -} - -// credentialsCacheOptionsProvider is an interface for retrieving a function for setting -// the aws.CredentialsCacheOptions. -type credentialsCacheOptionsProvider interface { - getCredentialsCacheOptions(ctx context.Context) (func(*aws.CredentialsCacheOptions), bool, error) -} - -// getCredentialsCacheOptionsProvider is an interface for retrieving a function for setting -// the aws.CredentialsCacheOptions. -func getCredentialsCacheOptionsProvider(ctx context.Context, configs configs) ( - f func(*aws.CredentialsCacheOptions), found bool, err error, -) { - for _, config := range configs { - if p, ok := config.(credentialsCacheOptionsProvider); ok { - f, found, err = p.getCredentialsCacheOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// bearerAuthTokenProviderProvider provides access to the bearer authentication -// token external configuration value. -type bearerAuthTokenProviderProvider interface { - getBearerAuthTokenProvider(context.Context) (smithybearer.TokenProvider, bool, error) -} - -// getBearerAuthTokenProvider searches the config sources for a -// bearerAuthTokenProviderProvider and returns the value if found. Returns an -// error if a provider fails before a value is found. -func getBearerAuthTokenProvider(ctx context.Context, configs configs) (p smithybearer.TokenProvider, found bool, err error) { - for _, cfg := range configs { - if provider, ok := cfg.(bearerAuthTokenProviderProvider); ok { - p, found, err = provider.getBearerAuthTokenProvider(ctx) - if err != nil || found { - break - } - } - } - return -} - -// bearerAuthTokenCacheOptionsProvider is an interface for retrieving a function for -// setting the smithy-go auth/bearer#TokenCacheOptions. -type bearerAuthTokenCacheOptionsProvider interface { - getBearerAuthTokenCacheOptions(context.Context) (func(*smithybearer.TokenCacheOptions), bool, error) -} - -// getBearerAuthTokenCacheOptionsProvider is an interface for retrieving a function for -// setting the smithy-go auth/bearer#TokenCacheOptions. -func getBearerAuthTokenCacheOptions(ctx context.Context, configs configs) ( - f func(*smithybearer.TokenCacheOptions), found bool, err error, -) { - for _, config := range configs { - if p, ok := config.(bearerAuthTokenCacheOptionsProvider); ok { - f, found, err = p.getBearerAuthTokenCacheOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// ssoTokenProviderOptionsProvider is an interface for retrieving a function for -// setting the SDK's credentials/ssocreds#SSOTokenProviderOptions. -type ssoTokenProviderOptionsProvider interface { - getSSOTokenProviderOptions(context.Context) (func(*ssocreds.SSOTokenProviderOptions), bool, error) -} - -// getSSOTokenProviderOptions is an interface for retrieving a function for -// setting the SDK's credentials/ssocreds#SSOTokenProviderOptions. -func getSSOTokenProviderOptions(ctx context.Context, configs configs) ( - f func(*ssocreds.SSOTokenProviderOptions), found bool, err error, -) { - for _, config := range configs { - if p, ok := config.(ssoTokenProviderOptionsProvider); ok { - f, found, err = p.getSSOTokenProviderOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// ssoTokenProviderOptionsProvider - -// processCredentialOptions is an interface for retrieving a function for setting -// the processcreds.Options. -type processCredentialOptions interface { - getProcessCredentialOptions(ctx context.Context) (func(*processcreds.Options), bool, error) -} - -// getProcessCredentialOptions searches the slice of configs and returns the first function found -func getProcessCredentialOptions(ctx context.Context, configs configs) (f func(*processcreds.Options), found bool, err error) { - for _, config := range configs { - if p, ok := config.(processCredentialOptions); ok { - f, found, err = p.getProcessCredentialOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// ec2RoleCredentialOptionsProvider is an interface for retrieving a function -// for setting the ec2rolecreds.Provider options. -type ec2RoleCredentialOptionsProvider interface { - getEC2RoleCredentialOptions(ctx context.Context) (func(*ec2rolecreds.Options), bool, error) -} - -// getEC2RoleCredentialProviderOptions searches the slice of configs and returns the first function found -func getEC2RoleCredentialProviderOptions(ctx context.Context, configs configs) (f func(*ec2rolecreds.Options), found bool, err error) { - for _, config := range configs { - if p, ok := config.(ec2RoleCredentialOptionsProvider); ok { - f, found, err = p.getEC2RoleCredentialOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// defaultRegionProvider is an interface for retrieving a default region if a region was not resolved from other sources -type defaultRegionProvider interface { - getDefaultRegion(ctx context.Context) (string, bool, error) -} - -// getDefaultRegion searches the slice of configs and returns the first fallback region found -func getDefaultRegion(ctx context.Context, configs configs) (value string, found bool, err error) { - for _, config := range configs { - if p, ok := config.(defaultRegionProvider); ok { - value, found, err = p.getDefaultRegion(ctx) - if err != nil || found { - break - } - } - } - return -} - -// endpointCredentialOptionsProvider is an interface for retrieving a function for setting -// the endpointcreds.ProviderOptions. -type endpointCredentialOptionsProvider interface { - getEndpointCredentialOptions(ctx context.Context) (func(*endpointcreds.Options), bool, error) -} - -// getEndpointCredentialProviderOptions searches the slice of configs and returns the first function found -func getEndpointCredentialProviderOptions(ctx context.Context, configs configs) (f func(*endpointcreds.Options), found bool, err error) { - for _, config := range configs { - if p, ok := config.(endpointCredentialOptionsProvider); ok { - f, found, err = p.getEndpointCredentialOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// webIdentityRoleCredentialOptionsProvider is an interface for retrieving a function for setting -// the stscreds.WebIdentityRoleProvider. -type webIdentityRoleCredentialOptionsProvider interface { - getWebIdentityRoleCredentialOptions(ctx context.Context) (func(*stscreds.WebIdentityRoleOptions), bool, error) -} - -// getWebIdentityCredentialProviderOptions searches the slice of configs and returns the first function found -func getWebIdentityCredentialProviderOptions(ctx context.Context, configs configs) (f func(*stscreds.WebIdentityRoleOptions), found bool, err error) { - for _, config := range configs { - if p, ok := config.(webIdentityRoleCredentialOptionsProvider); ok { - f, found, err = p.getWebIdentityRoleCredentialOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// assumeRoleCredentialOptionsProvider is an interface for retrieving a function for setting -// the stscreds.AssumeRoleOptions. -type assumeRoleCredentialOptionsProvider interface { - getAssumeRoleCredentialOptions(ctx context.Context) (func(*stscreds.AssumeRoleOptions), bool, error) -} - -// getAssumeRoleCredentialProviderOptions searches the slice of configs and returns the first function found -func getAssumeRoleCredentialProviderOptions(ctx context.Context, configs configs) (f func(*stscreds.AssumeRoleOptions), found bool, err error) { - for _, config := range configs { - if p, ok := config.(assumeRoleCredentialOptionsProvider); ok { - f, found, err = p.getAssumeRoleCredentialOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// HTTPClient is an HTTP client implementation -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// httpClientProvider is an interface for retrieving HTTPClient -type httpClientProvider interface { - getHTTPClient(ctx context.Context) (HTTPClient, bool, error) -} - -// getHTTPClient searches the slice of configs and returns the HTTPClient set on configs -func getHTTPClient(ctx context.Context, configs configs) (client HTTPClient, found bool, err error) { - for _, config := range configs { - if p, ok := config.(httpClientProvider); ok { - client, found, err = p.getHTTPClient(ctx) - if err != nil || found { - break - } - } - } - return -} - -// apiOptionsProvider is an interface for retrieving APIOptions -type apiOptionsProvider interface { - getAPIOptions(ctx context.Context) ([]func(*middleware.Stack) error, bool, error) -} - -// getAPIOptions searches the slice of configs and returns the APIOptions set on configs -func getAPIOptions(ctx context.Context, configs configs) (apiOptions []func(*middleware.Stack) error, found bool, err error) { - for _, config := range configs { - if p, ok := config.(apiOptionsProvider); ok { - // retrieve APIOptions from configs and set it on cfg - apiOptions, found, err = p.getAPIOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// endpointResolverProvider is an interface for retrieving an aws.EndpointResolver from a configuration source -type endpointResolverProvider interface { - getEndpointResolver(ctx context.Context) (aws.EndpointResolver, bool, error) -} - -// getEndpointResolver searches the provided config sources for a EndpointResolverFunc that can be used -// to configure the aws.Config.EndpointResolver value. -func getEndpointResolver(ctx context.Context, configs configs) (f aws.EndpointResolver, found bool, err error) { - for _, c := range configs { - if p, ok := c.(endpointResolverProvider); ok { - f, found, err = p.getEndpointResolver(ctx) - if err != nil || found { - break - } - } - } - return -} - -// endpointResolverWithOptionsProvider is an interface for retrieving an aws.EndpointResolverWithOptions from a configuration source -type endpointResolverWithOptionsProvider interface { - getEndpointResolverWithOptions(ctx context.Context) (aws.EndpointResolverWithOptions, bool, error) -} - -// getEndpointResolver searches the provided config sources for a EndpointResolverFunc that can be used -// to configure the aws.Config.EndpointResolver value. -func getEndpointResolverWithOptions(ctx context.Context, configs configs) (f aws.EndpointResolverWithOptions, found bool, err error) { - for _, c := range configs { - if p, ok := c.(endpointResolverWithOptionsProvider); ok { - f, found, err = p.getEndpointResolverWithOptions(ctx) - if err != nil || found { - break - } - } - } - return -} - -// loggerProvider is an interface for retrieving a logging.Logger from a configuration source. -type loggerProvider interface { - getLogger(ctx context.Context) (logging.Logger, bool, error) -} - -// getLogger searches the provided config sources for a logging.Logger that can be used -// to configure the aws.Config.Logger value. -func getLogger(ctx context.Context, configs configs) (l logging.Logger, found bool, err error) { - for _, c := range configs { - if p, ok := c.(loggerProvider); ok { - l, found, err = p.getLogger(ctx) - if err != nil || found { - break - } - } - } - return -} - -// clientLogModeProvider is an interface for retrieving the aws.ClientLogMode from a configuration source. -type clientLogModeProvider interface { - getClientLogMode(ctx context.Context) (aws.ClientLogMode, bool, error) -} - -func getClientLogMode(ctx context.Context, configs configs) (m aws.ClientLogMode, found bool, err error) { - for _, c := range configs { - if p, ok := c.(clientLogModeProvider); ok { - m, found, err = p.getClientLogMode(ctx) - if err != nil || found { - break - } - } - } - return -} - -// retryProvider is an configuration provider for custom Retryer. -type retryProvider interface { - getRetryer(ctx context.Context) (func() aws.Retryer, bool, error) -} - -func getRetryer(ctx context.Context, configs configs) (v func() aws.Retryer, found bool, err error) { - for _, c := range configs { - if p, ok := c.(retryProvider); ok { - v, found, err = p.getRetryer(ctx) - if err != nil || found { - break - } - } - } - return -} - -// logConfigurationWarningsProvider is an configuration provider for -// retrieving a boolean indicating whether configuration issues should -// be logged when loading from config sources -type logConfigurationWarningsProvider interface { - getLogConfigurationWarnings(ctx context.Context) (bool, bool, error) -} - -func getLogConfigurationWarnings(ctx context.Context, configs configs) (v bool, found bool, err error) { - for _, c := range configs { - if p, ok := c.(logConfigurationWarningsProvider); ok { - v, found, err = p.getLogConfigurationWarnings(ctx) - if err != nil || found { - break - } - } - } - return -} - -// ssoCredentialOptionsProvider is an interface for retrieving a function for setting -// the ssocreds.Options. -type ssoCredentialOptionsProvider interface { - getSSOProviderOptions(context.Context) (func(*ssocreds.Options), bool, error) -} - -func getSSOProviderOptions(ctx context.Context, configs configs) (v func(options *ssocreds.Options), found bool, err error) { - for _, c := range configs { - if p, ok := c.(ssoCredentialOptionsProvider); ok { - v, found, err = p.getSSOProviderOptions(ctx) - if err != nil || found { - break - } - } - } - return v, found, err -} - -type defaultsModeIMDSClientProvider interface { - getDefaultsModeIMDSClient(context.Context) (*imds.Client, bool, error) -} - -func getDefaultsModeIMDSClient(ctx context.Context, configs configs) (v *imds.Client, found bool, err error) { - for _, c := range configs { - if p, ok := c.(defaultsModeIMDSClientProvider); ok { - v, found, err = p.getDefaultsModeIMDSClient(ctx) - if err != nil || found { - break - } - } - } - return v, found, err -} - -type defaultsModeProvider interface { - getDefaultsMode(context.Context) (aws.DefaultsMode, bool, error) -} - -func getDefaultsMode(ctx context.Context, configs configs) (v aws.DefaultsMode, found bool, err error) { - for _, c := range configs { - if p, ok := c.(defaultsModeProvider); ok { - v, found, err = p.getDefaultsMode(ctx) - if err != nil || found { - break - } - } - } - return v, found, err -} - -type retryMaxAttemptsProvider interface { - GetRetryMaxAttempts(context.Context) (int, bool, error) -} - -func getRetryMaxAttempts(ctx context.Context, configs configs) (v int, found bool, err error) { - for _, c := range configs { - if p, ok := c.(retryMaxAttemptsProvider); ok { - v, found, err = p.GetRetryMaxAttempts(ctx) - if err != nil || found { - break - } - } - } - return v, found, err -} - -type retryModeProvider interface { - GetRetryMode(context.Context) (aws.RetryMode, bool, error) -} - -func getRetryMode(ctx context.Context, configs configs) (v aws.RetryMode, found bool, err error) { - for _, c := range configs { - if p, ok := c.(retryModeProvider); ok { - v, found, err = p.GetRetryMode(ctx) - if err != nil || found { - break - } - } - } - return v, found, err -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go deleted file mode 100644 index a68bd099..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go +++ /dev/null @@ -1,413 +0,0 @@ -package config - -import ( - "context" - "crypto/tls" - "crypto/x509" - "fmt" - "io/ioutil" - "net/http" - "os" - - "github.com/aws/aws-sdk-go-v2/aws" - awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" - "github.com/aws/smithy-go/logging" -) - -// resolveDefaultAWSConfig will write default configuration values into the cfg -// value. It will write the default values, overwriting any previous value. -// -// This should be used as the first resolver in the slice of resolvers when -// resolving external configuration. -func resolveDefaultAWSConfig(ctx context.Context, cfg *aws.Config, cfgs configs) error { - var sources []interface{} - for _, s := range cfgs { - sources = append(sources, s) - } - - *cfg = aws.Config{ - Logger: logging.NewStandardLogger(os.Stderr), - ConfigSources: sources, - } - return nil -} - -// resolveCustomCABundle extracts the first instance of a custom CA bundle filename -// from the external configurations. It will update the HTTP Client's builder -// to be configured with the custom CA bundle. -// -// Config provider used: -// * customCABundleProvider -func resolveCustomCABundle(ctx context.Context, cfg *aws.Config, cfgs configs) error { - pemCerts, found, err := getCustomCABundle(ctx, cfgs) - if err != nil { - // TODO error handling, What is the best way to handle this? - // capture previous errors continue. error out if all errors - return err - } - if !found { - return nil - } - - if cfg.HTTPClient == nil { - cfg.HTTPClient = awshttp.NewBuildableClient() - } - - trOpts, ok := cfg.HTTPClient.(*awshttp.BuildableClient) - if !ok { - return fmt.Errorf("unable to add custom RootCAs HTTPClient, "+ - "has no WithTransportOptions, %T", cfg.HTTPClient) - } - - var appendErr error - client := trOpts.WithTransportOptions(func(tr *http.Transport) { - if tr.TLSClientConfig == nil { - tr.TLSClientConfig = &tls.Config{} - } - if tr.TLSClientConfig.RootCAs == nil { - tr.TLSClientConfig.RootCAs = x509.NewCertPool() - } - - b, err := ioutil.ReadAll(pemCerts) - if err != nil { - appendErr = fmt.Errorf("failed to read custom CA bundle PEM file") - } - - if !tr.TLSClientConfig.RootCAs.AppendCertsFromPEM(b) { - appendErr = fmt.Errorf("failed to load custom CA bundle PEM file") - } - }) - if appendErr != nil { - return appendErr - } - - cfg.HTTPClient = client - return err -} - -// resolveRegion extracts the first instance of a Region from the configs slice. -// -// Config providers used: -// * regionProvider -func resolveRegion(ctx context.Context, cfg *aws.Config, configs configs) error { - v, found, err := getRegion(ctx, configs) - if err != nil { - // TODO error handling, What is the best way to handle this? - // capture previous errors continue. error out if all errors - return err - } - if !found { - return nil - } - - cfg.Region = v - return nil -} - -func resolveBaseEndpoint(ctx context.Context, cfg *aws.Config, configs configs) error { - var downcastCfgSources []interface{} - for _, cs := range configs { - downcastCfgSources = append(downcastCfgSources, interface{}(cs)) - } - - if val, found, err := GetIgnoreConfiguredEndpoints(ctx, downcastCfgSources); found && val && err == nil { - cfg.BaseEndpoint = nil - return nil - } - - v, found, err := getBaseEndpoint(ctx, configs) - if err != nil { - return err - } - - if !found { - return nil - } - cfg.BaseEndpoint = aws.String(v) - return nil -} - -// resolveAppID extracts the sdk app ID from the configs slice's SharedConfig or env var -func resolveAppID(ctx context.Context, cfg *aws.Config, configs configs) error { - ID, _, err := getAppID(ctx, configs) - if err != nil { - return err - } - - cfg.AppID = ID - return nil -} - -// resolveDisableRequestCompression extracts the DisableRequestCompression from the configs slice's -// SharedConfig or EnvConfig -func resolveDisableRequestCompression(ctx context.Context, cfg *aws.Config, configs configs) error { - disable, _, err := getDisableRequestCompression(ctx, configs) - if err != nil { - return err - } - - cfg.DisableRequestCompression = disable - return nil -} - -// resolveRequestMinCompressSizeBytes extracts the RequestMinCompressSizeBytes from the configs slice's -// SharedConfig or EnvConfig -func resolveRequestMinCompressSizeBytes(ctx context.Context, cfg *aws.Config, configs configs) error { - minBytes, found, err := getRequestMinCompressSizeBytes(ctx, configs) - if err != nil { - return err - } - // must set a default min size 10240 if not configured - if !found { - minBytes = 10240 - } - cfg.RequestMinCompressSizeBytes = minBytes - return nil -} - -// resolveAccountIDEndpointMode extracts the AccountIDEndpointMode from the configs slice's -// SharedConfig or EnvConfig -func resolveAccountIDEndpointMode(ctx context.Context, cfg *aws.Config, configs configs) error { - m, found, err := getAccountIDEndpointMode(ctx, configs) - if err != nil { - return err - } - - if !found { - m = aws.AccountIDEndpointModePreferred - } - - cfg.AccountIDEndpointMode = m - return nil -} - -// resolveRequestChecksumCalculation extracts the RequestChecksumCalculation from the configs slice's -// SharedConfig or EnvConfig -func resolveRequestChecksumCalculation(ctx context.Context, cfg *aws.Config, configs configs) error { - c, found, err := getRequestChecksumCalculation(ctx, configs) - if err != nil { - return err - } - - if !found { - c = aws.RequestChecksumCalculationWhenSupported - } - cfg.RequestChecksumCalculation = c - return nil -} - -// resolveResponseValidation extracts the ResponseChecksumValidation from the configs slice's -// SharedConfig or EnvConfig -func resolveResponseChecksumValidation(ctx context.Context, cfg *aws.Config, configs configs) error { - c, found, err := getResponseChecksumValidation(ctx, configs) - if err != nil { - return err - } - - if !found { - c = aws.ResponseChecksumValidationWhenSupported - } - cfg.ResponseChecksumValidation = c - return nil -} - -// resolveDefaultRegion extracts the first instance of a default region and sets `aws.Config.Region` to the default -// region if region had not been resolved from other sources. -func resolveDefaultRegion(ctx context.Context, cfg *aws.Config, configs configs) error { - if len(cfg.Region) > 0 { - return nil - } - - v, found, err := getDefaultRegion(ctx, configs) - if err != nil { - return err - } - if !found { - return nil - } - - cfg.Region = v - - return nil -} - -// resolveHTTPClient extracts the first instance of a HTTPClient and sets `aws.Config.HTTPClient` to the HTTPClient instance -// if one has not been resolved from other sources. -func resolveHTTPClient(ctx context.Context, cfg *aws.Config, configs configs) error { - c, found, err := getHTTPClient(ctx, configs) - if err != nil { - return err - } - if !found { - return nil - } - - cfg.HTTPClient = c - return nil -} - -// resolveAPIOptions extracts the first instance of APIOptions and sets `aws.Config.APIOptions` to the resolved API options -// if one has not been resolved from other sources. -func resolveAPIOptions(ctx context.Context, cfg *aws.Config, configs configs) error { - o, found, err := getAPIOptions(ctx, configs) - if err != nil { - return err - } - if !found { - return nil - } - - cfg.APIOptions = o - - return nil -} - -// resolveEndpointResolver extracts the first instance of a EndpointResolverFunc from the config slice -// and sets the functions result on the aws.Config.EndpointResolver -func resolveEndpointResolver(ctx context.Context, cfg *aws.Config, configs configs) error { - endpointResolver, found, err := getEndpointResolver(ctx, configs) - if err != nil { - return err - } - if !found { - return nil - } - - cfg.EndpointResolver = endpointResolver - - return nil -} - -// resolveEndpointResolver extracts the first instance of a EndpointResolverFunc from the config slice -// and sets the functions result on the aws.Config.EndpointResolver -func resolveEndpointResolverWithOptions(ctx context.Context, cfg *aws.Config, configs configs) error { - endpointResolver, found, err := getEndpointResolverWithOptions(ctx, configs) - if err != nil { - return err - } - if !found { - return nil - } - - cfg.EndpointResolverWithOptions = endpointResolver - - return nil -} - -func resolveLogger(ctx context.Context, cfg *aws.Config, configs configs) error { - logger, found, err := getLogger(ctx, configs) - if err != nil { - return err - } - if !found { - return nil - } - - cfg.Logger = logger - - return nil -} - -func resolveClientLogMode(ctx context.Context, cfg *aws.Config, configs configs) error { - mode, found, err := getClientLogMode(ctx, configs) - if err != nil { - return err - } - if !found { - return nil - } - - cfg.ClientLogMode = mode - - return nil -} - -func resolveRetryer(ctx context.Context, cfg *aws.Config, configs configs) error { - retryer, found, err := getRetryer(ctx, configs) - if err != nil { - return err - } - - if found { - cfg.Retryer = retryer - return nil - } - - // Only load the retry options if a custom retryer has not be specified. - if err = resolveRetryMaxAttempts(ctx, cfg, configs); err != nil { - return err - } - return resolveRetryMode(ctx, cfg, configs) -} - -func resolveEC2IMDSRegion(ctx context.Context, cfg *aws.Config, configs configs) error { - if len(cfg.Region) > 0 { - return nil - } - - region, found, err := getEC2IMDSRegion(ctx, configs) - if err != nil { - return err - } - if !found { - return nil - } - - cfg.Region = region - - return nil -} - -func resolveDefaultsModeOptions(ctx context.Context, cfg *aws.Config, configs configs) error { - defaultsMode, found, err := getDefaultsMode(ctx, configs) - if err != nil { - return err - } - if !found { - defaultsMode = aws.DefaultsModeLegacy - } - - var environment aws.RuntimeEnvironment - if defaultsMode == aws.DefaultsModeAuto { - envConfig, _, _ := getAWSConfigSources(configs) - - client, found, err := getDefaultsModeIMDSClient(ctx, configs) - if err != nil { - return err - } - if !found { - client = imds.NewFromConfig(*cfg) - } - - environment, err = resolveDefaultsModeRuntimeEnvironment(ctx, envConfig, client) - if err != nil { - return err - } - } - - cfg.DefaultsMode = defaultsMode - cfg.RuntimeEnvironment = environment - - return nil -} - -func resolveRetryMaxAttempts(ctx context.Context, cfg *aws.Config, configs configs) error { - maxAttempts, found, err := getRetryMaxAttempts(ctx, configs) - if err != nil || !found { - return err - } - cfg.RetryMaxAttempts = maxAttempts - - return nil -} - -func resolveRetryMode(ctx context.Context, cfg *aws.Config, configs configs) error { - retryMode, found, err := getRetryMode(ctx, configs) - if err != nil || !found { - return err - } - cfg.RetryMode = retryMode - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_bearer_token.go b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_bearer_token.go deleted file mode 100644 index a8ebb3c0..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_bearer_token.go +++ /dev/null @@ -1,122 +0,0 @@ -package config - -import ( - "context" - "fmt" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/credentials/ssocreds" - "github.com/aws/aws-sdk-go-v2/service/ssooidc" - smithybearer "github.com/aws/smithy-go/auth/bearer" -) - -// resolveBearerAuthToken extracts a token provider from the config sources. -// -// If an explicit bearer authentication token provider is not found the -// resolver will fallback to resolving token provider via other config sources -// such as SharedConfig. -func resolveBearerAuthToken(ctx context.Context, cfg *aws.Config, configs configs) error { - found, err := resolveBearerAuthTokenProvider(ctx, cfg, configs) - if found || err != nil { - return err - } - - return resolveBearerAuthTokenProviderChain(ctx, cfg, configs) -} - -// resolveBearerAuthTokenProvider extracts the first instance of -// BearerAuthTokenProvider from the config sources. -// -// The resolved BearerAuthTokenProvider will be wrapped in a cache to ensure -// the Token is only refreshed when needed. This also protects the -// TokenProvider so it can be used concurrently. -// -// Config providers used: -// * bearerAuthTokenProviderProvider -func resolveBearerAuthTokenProvider(ctx context.Context, cfg *aws.Config, configs configs) (bool, error) { - tokenProvider, found, err := getBearerAuthTokenProvider(ctx, configs) - if !found || err != nil { - return false, err - } - - cfg.BearerAuthTokenProvider, err = wrapWithBearerAuthTokenCache( - ctx, configs, tokenProvider) - if err != nil { - return false, err - } - - return true, nil -} - -func resolveBearerAuthTokenProviderChain(ctx context.Context, cfg *aws.Config, configs configs) (err error) { - _, sharedConfig, _ := getAWSConfigSources(configs) - - var provider smithybearer.TokenProvider - - if sharedConfig.SSOSession != nil { - provider, err = resolveBearerAuthSSOTokenProvider( - ctx, cfg, sharedConfig.SSOSession, configs) - } - - if err == nil && provider != nil { - cfg.BearerAuthTokenProvider, err = wrapWithBearerAuthTokenCache( - ctx, configs, provider) - } - - return err -} - -func resolveBearerAuthSSOTokenProvider(ctx context.Context, cfg *aws.Config, session *SSOSession, configs configs) (*ssocreds.SSOTokenProvider, error) { - ssoTokenProviderOptionsFn, found, err := getSSOTokenProviderOptions(ctx, configs) - if err != nil { - return nil, fmt.Errorf("failed to get SSOTokenProviderOptions from config sources, %w", err) - } - - var optFns []func(*ssocreds.SSOTokenProviderOptions) - if found { - optFns = append(optFns, ssoTokenProviderOptionsFn) - } - - cachePath, err := ssocreds.StandardCachedTokenFilepath(session.Name) - if err != nil { - return nil, fmt.Errorf("failed to get SSOTokenProvider's cache path, %w", err) - } - - client := ssooidc.NewFromConfig(*cfg) - provider := ssocreds.NewSSOTokenProvider(client, cachePath, optFns...) - - return provider, nil -} - -// wrapWithBearerAuthTokenCache will wrap provider with an smithy-go -// bearer/auth#TokenCache with the provided options if the provider is not -// already a TokenCache. -func wrapWithBearerAuthTokenCache( - ctx context.Context, - cfgs configs, - provider smithybearer.TokenProvider, - optFns ...func(*smithybearer.TokenCacheOptions), -) (smithybearer.TokenProvider, error) { - _, ok := provider.(*smithybearer.TokenCache) - if ok { - return provider, nil - } - - tokenCacheConfigOptions, optionsFound, err := getBearerAuthTokenCacheOptions(ctx, cfgs) - if err != nil { - return nil, err - } - - opts := make([]func(*smithybearer.TokenCacheOptions), 0, 2+len(optFns)) - opts = append(opts, func(o *smithybearer.TokenCacheOptions) { - o.RefreshBeforeExpires = 5 * time.Minute - o.RetrieveBearerTokenTimeout = 30 * time.Second - }) - opts = append(opts, optFns...) - if optionsFound { - opts = append(opts, tokenCacheConfigOptions) - } - - return smithybearer.NewTokenCache(provider, opts...), nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go deleted file mode 100644 index b00259df..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go +++ /dev/null @@ -1,627 +0,0 @@ -package config - -import ( - "context" - "fmt" - "io/ioutil" - "net" - "net/url" - "os" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/credentials" - "github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds" - "github.com/aws/aws-sdk-go-v2/credentials/endpointcreds" - "github.com/aws/aws-sdk-go-v2/credentials/processcreds" - "github.com/aws/aws-sdk-go-v2/credentials/ssocreds" - "github.com/aws/aws-sdk-go-v2/credentials/stscreds" - "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" - "github.com/aws/aws-sdk-go-v2/service/sso" - "github.com/aws/aws-sdk-go-v2/service/ssooidc" - "github.com/aws/aws-sdk-go-v2/service/sts" -) - -const ( - // valid credential source values - credSourceEc2Metadata = "Ec2InstanceMetadata" - credSourceEnvironment = "Environment" - credSourceECSContainer = "EcsContainer" - httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" -) - -// direct representation of the IPv4 address for the ECS container -// "169.254.170.2" -var ecsContainerIPv4 net.IP = []byte{ - 169, 254, 170, 2, -} - -// direct representation of the IPv4 address for the EKS container -// "169.254.170.23" -var eksContainerIPv4 net.IP = []byte{ - 169, 254, 170, 23, -} - -// direct representation of the IPv6 address for the EKS container -// "fd00:ec2::23" -var eksContainerIPv6 net.IP = []byte{ - 0xFD, 0, 0xE, 0xC2, - 0, 0, 0, 0, - 0, 0, 0, 0, - 0, 0, 0, 0x23, -} - -var ( - ecsContainerEndpoint = "http://169.254.170.2" // not constant to allow for swapping during unit-testing -) - -// resolveCredentials extracts a credential provider from slice of config -// sources. -// -// If an explicit credential provider is not found the resolver will fallback -// to resolving credentials by extracting a credential provider from EnvConfig -// and SharedConfig. -func resolveCredentials(ctx context.Context, cfg *aws.Config, configs configs) error { - found, err := resolveCredentialProvider(ctx, cfg, configs) - if found || err != nil { - return err - } - - return resolveCredentialChain(ctx, cfg, configs) -} - -// resolveCredentialProvider extracts the first instance of Credentials from the -// config slices. -// -// The resolved CredentialProvider will be wrapped in a cache to ensure the -// credentials are only refreshed when needed. This also protects the -// credential provider to be used concurrently. -// -// Config providers used: -// * credentialsProviderProvider -func resolveCredentialProvider(ctx context.Context, cfg *aws.Config, configs configs) (bool, error) { - credProvider, found, err := getCredentialsProvider(ctx, configs) - if !found || err != nil { - return false, err - } - - cfg.Credentials, err = wrapWithCredentialsCache(ctx, configs, credProvider) - if err != nil { - return false, err - } - - return true, nil -} - -// resolveCredentialChain resolves a credential provider chain using EnvConfig -// and SharedConfig if present in the slice of provided configs. -// -// The resolved CredentialProvider will be wrapped in a cache to ensure the -// credentials are only refreshed when needed. This also protects the -// credential provider to be used concurrently. -func resolveCredentialChain(ctx context.Context, cfg *aws.Config, configs configs) (err error) { - envConfig, sharedConfig, other := getAWSConfigSources(configs) - - // When checking if a profile was specified programmatically we should only consider the "other" - // configuration sources that have been provided. This ensures we correctly honor the expected credential - // hierarchy. - _, sharedProfileSet, err := getSharedConfigProfile(ctx, other) - if err != nil { - return err - } - - switch { - case sharedProfileSet: - ctx, err = resolveCredsFromProfile(ctx, cfg, envConfig, sharedConfig, other) - case envConfig.Credentials.HasKeys(): - ctx = addCredentialSource(ctx, aws.CredentialSourceEnvVars) - cfg.Credentials = credentials.StaticCredentialsProvider{Value: envConfig.Credentials, Source: getCredentialSources(ctx)} - case len(envConfig.WebIdentityTokenFilePath) > 0: - ctx = addCredentialSource(ctx, aws.CredentialSourceEnvVarsSTSWebIDToken) - err = assumeWebIdentity(ctx, cfg, envConfig.WebIdentityTokenFilePath, envConfig.RoleARN, envConfig.RoleSessionName, configs) - default: - ctx, err = resolveCredsFromProfile(ctx, cfg, envConfig, sharedConfig, other) - } - if err != nil { - return err - } - - // Wrap the resolved provider in a cache so the SDK will cache credentials. - cfg.Credentials, err = wrapWithCredentialsCache(ctx, configs, cfg.Credentials) - if err != nil { - return err - } - - return nil -} - -func resolveCredsFromProfile(ctx context.Context, cfg *aws.Config, envConfig *EnvConfig, sharedConfig *SharedConfig, configs configs) (ctx2 context.Context, err error) { - switch { - case sharedConfig.Source != nil: - ctx = addCredentialSource(ctx, aws.CredentialSourceProfileSourceProfile) - // Assume IAM role with credentials source from a different profile. - ctx, err = resolveCredsFromProfile(ctx, cfg, envConfig, sharedConfig.Source, configs) - - case sharedConfig.Credentials.HasKeys(): - // Static Credentials from Shared Config/Credentials file. - ctx = addCredentialSource(ctx, aws.CredentialSourceProfile) - cfg.Credentials = credentials.StaticCredentialsProvider{ - Value: sharedConfig.Credentials, - Source: getCredentialSources(ctx), - } - - case len(sharedConfig.CredentialSource) != 0: - ctx = addCredentialSource(ctx, aws.CredentialSourceProfileNamedProvider) - ctx, err = resolveCredsFromSource(ctx, cfg, envConfig, sharedConfig, configs) - - case len(sharedConfig.WebIdentityTokenFile) != 0: - // Credentials from Assume Web Identity token require an IAM Role, and - // that roll will be assumed. May be wrapped with another assume role - // via SourceProfile. - ctx = addCredentialSource(ctx, aws.CredentialSourceProfileSTSWebIDToken) - return ctx, assumeWebIdentity(ctx, cfg, sharedConfig.WebIdentityTokenFile, sharedConfig.RoleARN, sharedConfig.RoleSessionName, configs) - - case sharedConfig.hasSSOConfiguration(): - if sharedConfig.hasLegacySSOConfiguration() { - ctx = addCredentialSource(ctx, aws.CredentialSourceProfileSSOLegacy) - ctx = addCredentialSource(ctx, aws.CredentialSourceSSOLegacy) - } else { - ctx = addCredentialSource(ctx, aws.CredentialSourceSSO) - } - if sharedConfig.SSOSession != nil { - ctx = addCredentialSource(ctx, aws.CredentialSourceProfileSSO) - } - err = resolveSSOCredentials(ctx, cfg, sharedConfig, configs) - - case len(sharedConfig.CredentialProcess) != 0: - // Get credentials from CredentialProcess - ctx = addCredentialSource(ctx, aws.CredentialSourceProfileProcess) - ctx = addCredentialSource(ctx, aws.CredentialSourceProcess) - err = processCredentials(ctx, cfg, sharedConfig, configs) - - case len(envConfig.ContainerCredentialsRelativePath) != 0: - ctx = addCredentialSource(ctx, aws.CredentialSourceHTTP) - err = resolveHTTPCredProvider(ctx, cfg, ecsContainerURI(envConfig.ContainerCredentialsRelativePath), envConfig.ContainerAuthorizationToken, configs) - - case len(envConfig.ContainerCredentialsEndpoint) != 0: - ctx = addCredentialSource(ctx, aws.CredentialSourceHTTP) - err = resolveLocalHTTPCredProvider(ctx, cfg, envConfig.ContainerCredentialsEndpoint, envConfig.ContainerAuthorizationToken, configs) - - default: - ctx = addCredentialSource(ctx, aws.CredentialSourceIMDS) - err = resolveEC2RoleCredentials(ctx, cfg, configs) - } - if err != nil { - return ctx, err - } - - if len(sharedConfig.RoleARN) > 0 { - return ctx, credsFromAssumeRole(ctx, cfg, sharedConfig, configs) - } - - return ctx, nil -} - -func resolveSSOCredentials(ctx context.Context, cfg *aws.Config, sharedConfig *SharedConfig, configs configs) error { - if err := sharedConfig.validateSSOConfiguration(); err != nil { - return err - } - - var options []func(*ssocreds.Options) - v, found, err := getSSOProviderOptions(ctx, configs) - if err != nil { - return err - } - if found { - options = append(options, v) - } - - cfgCopy := cfg.Copy() - - options = append(options, func(o *ssocreds.Options) { - o.CredentialSources = getCredentialSources(ctx) - }) - - if sharedConfig.SSOSession != nil { - ssoTokenProviderOptionsFn, found, err := getSSOTokenProviderOptions(ctx, configs) - if err != nil { - return fmt.Errorf("failed to get SSOTokenProviderOptions from config sources, %w", err) - } - var optFns []func(*ssocreds.SSOTokenProviderOptions) - if found { - optFns = append(optFns, ssoTokenProviderOptionsFn) - } - cfgCopy.Region = sharedConfig.SSOSession.SSORegion - cachedPath, err := ssocreds.StandardCachedTokenFilepath(sharedConfig.SSOSession.Name) - if err != nil { - return err - } - oidcClient := ssooidc.NewFromConfig(cfgCopy) - tokenProvider := ssocreds.NewSSOTokenProvider(oidcClient, cachedPath, optFns...) - options = append(options, func(o *ssocreds.Options) { - o.SSOTokenProvider = tokenProvider - o.CachedTokenFilepath = cachedPath - }) - } else { - cfgCopy.Region = sharedConfig.SSORegion - } - - cfg.Credentials = ssocreds.New(sso.NewFromConfig(cfgCopy), sharedConfig.SSOAccountID, sharedConfig.SSORoleName, sharedConfig.SSOStartURL, options...) - - return nil -} - -func ecsContainerURI(path string) string { - return fmt.Sprintf("%s%s", ecsContainerEndpoint, path) -} - -func processCredentials(ctx context.Context, cfg *aws.Config, sharedConfig *SharedConfig, configs configs) error { - var opts []func(*processcreds.Options) - - options, found, err := getProcessCredentialOptions(ctx, configs) - if err != nil { - return err - } - if found { - opts = append(opts, options) - } - - opts = append(opts, func(o *processcreds.Options) { - o.CredentialSources = getCredentialSources(ctx) - }) - - cfg.Credentials = processcreds.NewProvider(sharedConfig.CredentialProcess, opts...) - - return nil -} - -// isAllowedHost allows host to be loopback or known ECS/EKS container IPs -// -// host can either be an IP address OR an unresolved hostname - resolution will -// be automatically performed in the latter case -func isAllowedHost(host string) (bool, error) { - if ip := net.ParseIP(host); ip != nil { - return isIPAllowed(ip), nil - } - - addrs, err := lookupHostFn(host) - if err != nil { - return false, err - } - - for _, addr := range addrs { - if ip := net.ParseIP(addr); ip == nil || !isIPAllowed(ip) { - return false, nil - } - } - - return true, nil -} - -func isIPAllowed(ip net.IP) bool { - return ip.IsLoopback() || - ip.Equal(ecsContainerIPv4) || - ip.Equal(eksContainerIPv4) || - ip.Equal(eksContainerIPv6) -} - -func resolveLocalHTTPCredProvider(ctx context.Context, cfg *aws.Config, endpointURL, authToken string, configs configs) error { - var resolveErr error - - parsed, err := url.Parse(endpointURL) - if err != nil { - resolveErr = fmt.Errorf("invalid URL, %w", err) - } else { - host := parsed.Hostname() - if len(host) == 0 { - resolveErr = fmt.Errorf("unable to parse host from local HTTP cred provider URL") - } else if parsed.Scheme == "http" { - if isAllowedHost, allowHostErr := isAllowedHost(host); allowHostErr != nil { - resolveErr = fmt.Errorf("failed to resolve host %q, %v", host, allowHostErr) - } else if !isAllowedHost { - resolveErr = fmt.Errorf("invalid endpoint host, %q, only loopback/ecs/eks hosts are allowed", host) - } - } - } - - if resolveErr != nil { - return resolveErr - } - - return resolveHTTPCredProvider(ctx, cfg, endpointURL, authToken, configs) -} - -func resolveHTTPCredProvider(ctx context.Context, cfg *aws.Config, url, authToken string, configs configs) error { - optFns := []func(*endpointcreds.Options){ - func(options *endpointcreds.Options) { - if len(authToken) != 0 { - options.AuthorizationToken = authToken - } - if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { - options.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) { - var contents []byte - var err error - if contents, err = ioutil.ReadFile(authFilePath); err != nil { - return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) - } - return string(contents), nil - }) - } - options.APIOptions = cfg.APIOptions - if cfg.Retryer != nil { - options.Retryer = cfg.Retryer() - } - options.CredentialSources = getCredentialSources(ctx) - }, - } - - optFn, found, err := getEndpointCredentialProviderOptions(ctx, configs) - if err != nil { - return err - } - if found { - optFns = append(optFns, optFn) - } - - provider := endpointcreds.New(url, optFns...) - - cfg.Credentials, err = wrapWithCredentialsCache(ctx, configs, provider, func(options *aws.CredentialsCacheOptions) { - options.ExpiryWindow = 5 * time.Minute - }) - if err != nil { - return err - } - - return nil -} - -func resolveCredsFromSource(ctx context.Context, cfg *aws.Config, envConfig *EnvConfig, sharedCfg *SharedConfig, configs configs) (context.Context, error) { - switch sharedCfg.CredentialSource { - case credSourceEc2Metadata: - ctx = addCredentialSource(ctx, aws.CredentialSourceIMDS) - return ctx, resolveEC2RoleCredentials(ctx, cfg, configs) - - case credSourceEnvironment: - ctx = addCredentialSource(ctx, aws.CredentialSourceHTTP) - cfg.Credentials = credentials.StaticCredentialsProvider{Value: envConfig.Credentials, Source: getCredentialSources(ctx)} - - case credSourceECSContainer: - ctx = addCredentialSource(ctx, aws.CredentialSourceHTTP) - if len(envConfig.ContainerCredentialsRelativePath) != 0 { - return ctx, resolveHTTPCredProvider(ctx, cfg, ecsContainerURI(envConfig.ContainerCredentialsRelativePath), envConfig.ContainerAuthorizationToken, configs) - } - if len(envConfig.ContainerCredentialsEndpoint) != 0 { - return ctx, resolveLocalHTTPCredProvider(ctx, cfg, envConfig.ContainerCredentialsEndpoint, envConfig.ContainerAuthorizationToken, configs) - } - return ctx, fmt.Errorf("EcsContainer was specified as the credential_source, but neither 'AWS_CONTAINER_CREDENTIALS_RELATIVE_URI' or AWS_CONTAINER_CREDENTIALS_FULL_URI' was set") - - default: - return ctx, fmt.Errorf("credential_source values must be EcsContainer, Ec2InstanceMetadata, or Environment") - } - - return ctx, nil -} - -func resolveEC2RoleCredentials(ctx context.Context, cfg *aws.Config, configs configs) error { - optFns := make([]func(*ec2rolecreds.Options), 0, 2) - - optFn, found, err := getEC2RoleCredentialProviderOptions(ctx, configs) - if err != nil { - return err - } - if found { - optFns = append(optFns, optFn) - } - - optFns = append(optFns, func(o *ec2rolecreds.Options) { - // Only define a client from config if not already defined. - if o.Client == nil { - o.Client = imds.NewFromConfig(*cfg) - } - o.CredentialSources = getCredentialSources(ctx) - }) - - provider := ec2rolecreds.New(optFns...) - - cfg.Credentials, err = wrapWithCredentialsCache(ctx, configs, provider) - if err != nil { - return err - } - return nil -} - -func getAWSConfigSources(cfgs configs) (*EnvConfig, *SharedConfig, configs) { - var ( - envConfig *EnvConfig - sharedConfig *SharedConfig - other configs - ) - - for i := range cfgs { - switch c := cfgs[i].(type) { - case EnvConfig: - if envConfig == nil { - envConfig = &c - } - case *EnvConfig: - if envConfig == nil { - envConfig = c - } - case SharedConfig: - if sharedConfig == nil { - sharedConfig = &c - } - case *SharedConfig: - if envConfig == nil { - sharedConfig = c - } - default: - other = append(other, c) - } - } - - if envConfig == nil { - envConfig = &EnvConfig{} - } - - if sharedConfig == nil { - sharedConfig = &SharedConfig{} - } - - return envConfig, sharedConfig, other -} - -// AssumeRoleTokenProviderNotSetError is an error returned when creating a -// session when the MFAToken option is not set when shared config is configured -// load assume a role with an MFA token. -type AssumeRoleTokenProviderNotSetError struct{} - -// Error is the error message -func (e AssumeRoleTokenProviderNotSetError) Error() string { - return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.") -} - -func assumeWebIdentity(ctx context.Context, cfg *aws.Config, filepath string, roleARN, sessionName string, configs configs) error { - if len(filepath) == 0 { - return fmt.Errorf("token file path is not set") - } - - optFns := []func(*stscreds.WebIdentityRoleOptions){ - func(options *stscreds.WebIdentityRoleOptions) { - options.RoleSessionName = sessionName - }, - } - - optFn, found, err := getWebIdentityCredentialProviderOptions(ctx, configs) - if err != nil { - return err - } - - if found { - optFns = append(optFns, optFn) - } - - opts := stscreds.WebIdentityRoleOptions{ - RoleARN: roleARN, - } - - optFns = append(optFns, func(options *stscreds.WebIdentityRoleOptions) { - options.CredentialSources = getCredentialSources(ctx) - }) - - for _, fn := range optFns { - fn(&opts) - } - - if len(opts.RoleARN) == 0 { - return fmt.Errorf("role ARN is not set") - } - - client := opts.Client - if client == nil { - client = sts.NewFromConfig(*cfg) - } - - provider := stscreds.NewWebIdentityRoleProvider(client, roleARN, stscreds.IdentityTokenFile(filepath), optFns...) - - cfg.Credentials = provider - - return nil -} - -func credsFromAssumeRole(ctx context.Context, cfg *aws.Config, sharedCfg *SharedConfig, configs configs) (err error) { - // resolve credentials early - credentialSources := getCredentialSources(ctx) - optFns := []func(*stscreds.AssumeRoleOptions){ - func(options *stscreds.AssumeRoleOptions) { - options.RoleSessionName = sharedCfg.RoleSessionName - if sharedCfg.RoleDurationSeconds != nil { - if *sharedCfg.RoleDurationSeconds/time.Minute > 15 { - options.Duration = *sharedCfg.RoleDurationSeconds - } - } - // Assume role with external ID - if len(sharedCfg.ExternalID) > 0 { - options.ExternalID = aws.String(sharedCfg.ExternalID) - } - - // Assume role with MFA - if len(sharedCfg.MFASerial) != 0 { - options.SerialNumber = aws.String(sharedCfg.MFASerial) - } - - // add existing credential chain - options.CredentialSources = credentialSources - }, - } - - optFn, found, err := getAssumeRoleCredentialProviderOptions(ctx, configs) - if err != nil { - return err - } - if found { - optFns = append(optFns, optFn) - } - - { - // Synthesize options early to validate configuration errors sooner to ensure a token provider - // is present if the SerialNumber was set. - var o stscreds.AssumeRoleOptions - for _, fn := range optFns { - fn(&o) - } - if o.TokenProvider == nil && o.SerialNumber != nil { - return AssumeRoleTokenProviderNotSetError{} - } - } - cfg.Credentials = stscreds.NewAssumeRoleProvider(sts.NewFromConfig(*cfg), sharedCfg.RoleARN, optFns...) - - return nil -} - -// wrapWithCredentialsCache will wrap provider with an aws.CredentialsCache -// with the provided options if the provider is not already a -// aws.CredentialsCache. -func wrapWithCredentialsCache( - ctx context.Context, - cfgs configs, - provider aws.CredentialsProvider, - optFns ...func(options *aws.CredentialsCacheOptions), -) (aws.CredentialsProvider, error) { - _, ok := provider.(*aws.CredentialsCache) - if ok { - return provider, nil - } - - credCacheOptions, optionsFound, err := getCredentialsCacheOptionsProvider(ctx, cfgs) - if err != nil { - return nil, err - } - - // force allocation of a new slice if the additional options are - // needed, to prevent overwriting the passed in slice of options. - optFns = optFns[:len(optFns):len(optFns)] - if optionsFound { - optFns = append(optFns, credCacheOptions) - } - - return aws.NewCredentialsCache(provider, optFns...), nil -} - -// credentialSource stores the chain of providers that was used to create an instance of -// a credentials provider on the context -type credentialSource struct{} - -func addCredentialSource(ctx context.Context, source aws.CredentialSource) context.Context { - existing, ok := ctx.Value(credentialSource{}).([]aws.CredentialSource) - if !ok { - existing = []aws.CredentialSource{source} - } else { - existing = append(existing, source) - } - return context.WithValue(ctx, credentialSource{}, existing) -} - -func getCredentialSources(ctx context.Context) []aws.CredentialSource { - return ctx.Value(credentialSource{}).([]aws.CredentialSource) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go b/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go deleted file mode 100644 index 00b071fe..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go +++ /dev/null @@ -1,1680 +0,0 @@ -package config - -import ( - "bytes" - "context" - "errors" - "fmt" - "io" - "io/ioutil" - "os" - "path/filepath" - "strings" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" - "github.com/aws/aws-sdk-go-v2/internal/ini" - "github.com/aws/aws-sdk-go-v2/internal/shareddefaults" - "github.com/aws/smithy-go/logging" - smithyrequestcompression "github.com/aws/smithy-go/private/requestcompression" -) - -const ( - // Prefix to use for filtering profiles. The profile prefix should only - // exist in the shared config file, not the credentials file. - profilePrefix = `profile ` - - // Prefix to be used for SSO sections. These are supposed to only exist in - // the shared config file, not the credentials file. - ssoSectionPrefix = `sso-session ` - - // Prefix for services section. It is referenced in profile via the services - // parameter to configure clients for service-specific parameters. - servicesPrefix = `services ` - - // string equivalent for boolean - endpointDiscoveryDisabled = `false` - endpointDiscoveryEnabled = `true` - endpointDiscoveryAuto = `auto` - - // Static Credentials group - accessKeyIDKey = `aws_access_key_id` // group required - secretAccessKey = `aws_secret_access_key` // group required - sessionTokenKey = `aws_session_token` // optional - - // Assume Role Credentials group - roleArnKey = `role_arn` // group required - sourceProfileKey = `source_profile` // group required - credentialSourceKey = `credential_source` // group required (or source_profile) - externalIDKey = `external_id` // optional - mfaSerialKey = `mfa_serial` // optional - roleSessionNameKey = `role_session_name` // optional - roleDurationSecondsKey = "duration_seconds" // optional - - // AWS Single Sign-On (AWS SSO) group - ssoSessionNameKey = "sso_session" - - ssoRegionKey = "sso_region" - ssoStartURLKey = "sso_start_url" - - ssoAccountIDKey = "sso_account_id" - ssoRoleNameKey = "sso_role_name" - - // Additional Config fields - regionKey = `region` - - // endpoint discovery group - enableEndpointDiscoveryKey = `endpoint_discovery_enabled` // optional - - // External Credential process - credentialProcessKey = `credential_process` // optional - - // Web Identity Token File - webIdentityTokenFileKey = `web_identity_token_file` // optional - - // S3 ARN Region Usage - s3UseARNRegionKey = "s3_use_arn_region" - - ec2MetadataServiceEndpointModeKey = "ec2_metadata_service_endpoint_mode" - - ec2MetadataServiceEndpointKey = "ec2_metadata_service_endpoint" - - ec2MetadataV1DisabledKey = "ec2_metadata_v1_disabled" - - // Use DualStack Endpoint Resolution - useDualStackEndpoint = "use_dualstack_endpoint" - - // DefaultSharedConfigProfile is the default profile to be used when - // loading configuration from the config files if another profile name - // is not provided. - DefaultSharedConfigProfile = `default` - - // S3 Disable Multi-Region AccessPoints - s3DisableMultiRegionAccessPointsKey = `s3_disable_multiregion_access_points` - - useFIPSEndpointKey = "use_fips_endpoint" - - defaultsModeKey = "defaults_mode" - - // Retry options - retryMaxAttemptsKey = "max_attempts" - retryModeKey = "retry_mode" - - caBundleKey = "ca_bundle" - - sdkAppID = "sdk_ua_app_id" - - ignoreConfiguredEndpoints = "ignore_configured_endpoint_urls" - - endpointURL = "endpoint_url" - - servicesSectionKey = "services" - - disableRequestCompression = "disable_request_compression" - requestMinCompressionSizeBytes = "request_min_compression_size_bytes" - - s3DisableExpressSessionAuthKey = "s3_disable_express_session_auth" - - accountIDKey = "aws_account_id" - accountIDEndpointMode = "account_id_endpoint_mode" - - requestChecksumCalculationKey = "request_checksum_calculation" - responseChecksumValidationKey = "response_checksum_validation" - checksumWhenSupported = "when_supported" - checksumWhenRequired = "when_required" -) - -// defaultSharedConfigProfile allows for swapping the default profile for testing -var defaultSharedConfigProfile = DefaultSharedConfigProfile - -// DefaultSharedCredentialsFilename returns the SDK's default file path -// for the shared credentials file. -// -// Builds the shared config file path based on the OS's platform. -// -// - Linux/Unix: $HOME/.aws/credentials -// - Windows: %USERPROFILE%\.aws\credentials -func DefaultSharedCredentialsFilename() string { - return filepath.Join(shareddefaults.UserHomeDir(), ".aws", "credentials") -} - -// DefaultSharedConfigFilename returns the SDK's default file path for -// the shared config file. -// -// Builds the shared config file path based on the OS's platform. -// -// - Linux/Unix: $HOME/.aws/config -// - Windows: %USERPROFILE%\.aws\config -func DefaultSharedConfigFilename() string { - return filepath.Join(shareddefaults.UserHomeDir(), ".aws", "config") -} - -// DefaultSharedConfigFiles is a slice of the default shared config files that -// the will be used in order to load the SharedConfig. -var DefaultSharedConfigFiles = []string{ - DefaultSharedConfigFilename(), -} - -// DefaultSharedCredentialsFiles is a slice of the default shared credentials -// files that the will be used in order to load the SharedConfig. -var DefaultSharedCredentialsFiles = []string{ - DefaultSharedCredentialsFilename(), -} - -// SSOSession provides the shared configuration parameters of the sso-session -// section. -type SSOSession struct { - Name string - SSORegion string - SSOStartURL string -} - -func (s *SSOSession) setFromIniSection(section ini.Section) { - updateString(&s.Name, section, ssoSessionNameKey) - updateString(&s.SSORegion, section, ssoRegionKey) - updateString(&s.SSOStartURL, section, ssoStartURLKey) -} - -// Services contains values configured in the services section -// of the AWS configuration file. -type Services struct { - // Services section values - // {"serviceId": {"key": "value"}} - // e.g. {"s3": {"endpoint_url": "example.com"}} - ServiceValues map[string]map[string]string -} - -func (s *Services) setFromIniSection(section ini.Section) { - if s.ServiceValues == nil { - s.ServiceValues = make(map[string]map[string]string) - } - for _, service := range section.List() { - s.ServiceValues[service] = section.Map(service) - } -} - -// SharedConfig represents the configuration fields of the SDK config files. -type SharedConfig struct { - Profile string - - // Credentials values from the config file. Both aws_access_key_id - // and aws_secret_access_key must be provided together in the same file - // to be considered valid. The values will be ignored if not a complete group. - // aws_session_token is an optional field that can be provided if both of the - // other two fields are also provided. - // - // aws_access_key_id - // aws_secret_access_key - // aws_session_token - Credentials aws.Credentials - - CredentialSource string - CredentialProcess string - WebIdentityTokenFile string - - // SSO session options - SSOSessionName string - SSOSession *SSOSession - - // Legacy SSO session options - SSORegion string - SSOStartURL string - - // SSO fields not used - SSOAccountID string - SSORoleName string - - RoleARN string - ExternalID string - MFASerial string - RoleSessionName string - RoleDurationSeconds *time.Duration - - SourceProfileName string - Source *SharedConfig - - // Region is the region the SDK should use for looking up AWS service endpoints - // and signing requests. - // - // region = us-west-2 - Region string - - // EnableEndpointDiscovery can be enabled or disabled in the shared config - // by setting endpoint_discovery_enabled to true, or false respectively. - // - // endpoint_discovery_enabled = true - EnableEndpointDiscovery aws.EndpointDiscoveryEnableState - - // Specifies if the S3 service should allow ARNs to direct the region - // the client's requests are sent to. - // - // s3_use_arn_region=true - S3UseARNRegion *bool - - // Specifies the EC2 Instance Metadata Service default endpoint selection - // mode (IPv4 or IPv6) - // - // ec2_metadata_service_endpoint_mode=IPv6 - EC2IMDSEndpointMode imds.EndpointModeState - - // Specifies the EC2 Instance Metadata Service endpoint to use. If - // specified it overrides EC2IMDSEndpointMode. - // - // ec2_metadata_service_endpoint=http://fd00:ec2::254 - EC2IMDSEndpoint string - - // Specifies that IMDS clients should not fallback to IMDSv1 if token - // requests fail. - // - // ec2_metadata_v1_disabled=true - EC2IMDSv1Disabled *bool - - // Specifies if the S3 service should disable support for Multi-Region - // access-points - // - // s3_disable_multiregion_access_points=true - S3DisableMultiRegionAccessPoints *bool - - // Specifies that SDK clients must resolve a dual-stack endpoint for - // services. - // - // use_dualstack_endpoint=true - UseDualStackEndpoint aws.DualStackEndpointState - - // Specifies that SDK clients must resolve a FIPS endpoint for - // services. - // - // use_fips_endpoint=true - UseFIPSEndpoint aws.FIPSEndpointState - - // Specifies which defaults mode should be used by services. - // - // defaults_mode=standard - DefaultsMode aws.DefaultsMode - - // Specifies the maximum number attempts an API client will call an - // operation that fails with a retryable error. - // - // max_attempts=3 - RetryMaxAttempts int - - // Specifies the retry model the API client will be created with. - // - // retry_mode=standard - RetryMode aws.RetryMode - - // Sets the path to a custom Credentials Authority (CA) Bundle PEM file - // that the SDK will use instead of the system's root CA bundle. Only use - // this if you want to configure the SDK to use a custom set of CAs. - // - // Enabling this option will attempt to merge the Transport into the SDK's - // HTTP client. If the client's Transport is not a http.Transport an error - // will be returned. If the Transport's TLS config is set this option will - // cause the SDK to overwrite the Transport's TLS config's RootCAs value. - // - // Setting a custom HTTPClient in the aws.Config options will override this - // setting. To use this option and custom HTTP client, the HTTP client - // needs to be provided when creating the config. Not the service client. - // - // ca_bundle=$HOME/my_custom_ca_bundle - CustomCABundle string - - // aws sdk app ID that can be added to user agent header string - AppID string - - // Flag used to disable configured endpoints. - IgnoreConfiguredEndpoints *bool - - // Value to contain configured endpoints to be propagated to - // corresponding endpoint resolution field. - BaseEndpoint string - - // Services section config. - ServicesSectionName string - Services Services - - // determine if request compression is allowed, default to false - // retrieved from config file's profile field disable_request_compression - DisableRequestCompression *bool - - // inclusive threshold request body size to trigger compression, - // default to 10240 and must be within 0 and 10485760 bytes inclusive - // retrieved from config file's profile field request_min_compression_size_bytes - RequestMinCompressSizeBytes *int64 - - // Whether S3Express auth is disabled. - // - // This will NOT prevent requests from being made to S3Express buckets, it - // will only bypass the modified endpoint routing and signing behaviors - // associated with the feature. - S3DisableExpressAuth *bool - - AccountIDEndpointMode aws.AccountIDEndpointMode - - // RequestChecksumCalculation indicates if the request checksum should be calculated - RequestChecksumCalculation aws.RequestChecksumCalculation - - // ResponseChecksumValidation indicates if the response checksum should be validated - ResponseChecksumValidation aws.ResponseChecksumValidation -} - -func (c SharedConfig) getDefaultsMode(ctx context.Context) (value aws.DefaultsMode, ok bool, err error) { - if len(c.DefaultsMode) == 0 { - return "", false, nil - } - - return c.DefaultsMode, true, nil -} - -// GetRetryMaxAttempts returns the maximum number of attempts an API client -// created Retryer should attempt an operation call before failing. -func (c SharedConfig) GetRetryMaxAttempts(ctx context.Context) (value int, ok bool, err error) { - if c.RetryMaxAttempts == 0 { - return 0, false, nil - } - - return c.RetryMaxAttempts, true, nil -} - -// GetRetryMode returns the model the API client should create its Retryer in. -func (c SharedConfig) GetRetryMode(ctx context.Context) (value aws.RetryMode, ok bool, err error) { - if len(c.RetryMode) == 0 { - return "", false, nil - } - - return c.RetryMode, true, nil -} - -// GetS3UseARNRegion returns if the S3 service should allow ARNs to direct the region -// the client's requests are sent to. -func (c SharedConfig) GetS3UseARNRegion(ctx context.Context) (value, ok bool, err error) { - if c.S3UseARNRegion == nil { - return false, false, nil - } - - return *c.S3UseARNRegion, true, nil -} - -// GetEnableEndpointDiscovery returns if the enable_endpoint_discovery is set. -func (c SharedConfig) GetEnableEndpointDiscovery(ctx context.Context) (value aws.EndpointDiscoveryEnableState, ok bool, err error) { - if c.EnableEndpointDiscovery == aws.EndpointDiscoveryUnset { - return aws.EndpointDiscoveryUnset, false, nil - } - - return c.EnableEndpointDiscovery, true, nil -} - -// GetS3DisableMultiRegionAccessPoints returns if the S3 service should disable support for Multi-Region -// access-points. -func (c SharedConfig) GetS3DisableMultiRegionAccessPoints(ctx context.Context) (value, ok bool, err error) { - if c.S3DisableMultiRegionAccessPoints == nil { - return false, false, nil - } - - return *c.S3DisableMultiRegionAccessPoints, true, nil -} - -// GetRegion returns the region for the profile if a region is set. -func (c SharedConfig) getRegion(ctx context.Context) (string, bool, error) { - if len(c.Region) == 0 { - return "", false, nil - } - return c.Region, true, nil -} - -// GetCredentialsProvider returns the credentials for a profile if they were set. -func (c SharedConfig) getCredentialsProvider() (aws.Credentials, bool, error) { - return c.Credentials, true, nil -} - -// GetEC2IMDSEndpointMode implements a EC2IMDSEndpointMode option resolver interface. -func (c SharedConfig) GetEC2IMDSEndpointMode() (imds.EndpointModeState, bool, error) { - if c.EC2IMDSEndpointMode == imds.EndpointModeStateUnset { - return imds.EndpointModeStateUnset, false, nil - } - - return c.EC2IMDSEndpointMode, true, nil -} - -// GetEC2IMDSEndpoint implements a EC2IMDSEndpoint option resolver interface. -func (c SharedConfig) GetEC2IMDSEndpoint() (string, bool, error) { - if len(c.EC2IMDSEndpoint) == 0 { - return "", false, nil - } - - return c.EC2IMDSEndpoint, true, nil -} - -// GetEC2IMDSV1FallbackDisabled implements an EC2IMDSV1FallbackDisabled option -// resolver interface. -func (c SharedConfig) GetEC2IMDSV1FallbackDisabled() (bool, bool) { - if c.EC2IMDSv1Disabled == nil { - return false, false - } - - return *c.EC2IMDSv1Disabled, true -} - -// GetUseDualStackEndpoint returns whether the service's dual-stack endpoint should be -// used for requests. -func (c SharedConfig) GetUseDualStackEndpoint(ctx context.Context) (value aws.DualStackEndpointState, found bool, err error) { - if c.UseDualStackEndpoint == aws.DualStackEndpointStateUnset { - return aws.DualStackEndpointStateUnset, false, nil - } - - return c.UseDualStackEndpoint, true, nil -} - -// GetUseFIPSEndpoint returns whether the service's FIPS endpoint should be -// used for requests. -func (c SharedConfig) GetUseFIPSEndpoint(ctx context.Context) (value aws.FIPSEndpointState, found bool, err error) { - if c.UseFIPSEndpoint == aws.FIPSEndpointStateUnset { - return aws.FIPSEndpointStateUnset, false, nil - } - - return c.UseFIPSEndpoint, true, nil -} - -// GetS3DisableExpressAuth returns the configured value for -// [SharedConfig.S3DisableExpressAuth]. -func (c SharedConfig) GetS3DisableExpressAuth() (value, ok bool) { - if c.S3DisableExpressAuth == nil { - return false, false - } - - return *c.S3DisableExpressAuth, true -} - -// GetCustomCABundle returns the custom CA bundle's PEM bytes if the file was -func (c SharedConfig) getCustomCABundle(context.Context) (io.Reader, bool, error) { - if len(c.CustomCABundle) == 0 { - return nil, false, nil - } - - b, err := ioutil.ReadFile(c.CustomCABundle) - if err != nil { - return nil, false, err - } - return bytes.NewReader(b), true, nil -} - -// getAppID returns the sdk app ID if set in shared config profile -func (c SharedConfig) getAppID(context.Context) (string, bool, error) { - return c.AppID, len(c.AppID) > 0, nil -} - -// GetIgnoreConfiguredEndpoints is used in knowing when to disable configured -// endpoints feature. -func (c SharedConfig) GetIgnoreConfiguredEndpoints(context.Context) (bool, bool, error) { - if c.IgnoreConfiguredEndpoints == nil { - return false, false, nil - } - - return *c.IgnoreConfiguredEndpoints, true, nil -} - -func (c SharedConfig) getBaseEndpoint(context.Context) (string, bool, error) { - return c.BaseEndpoint, len(c.BaseEndpoint) > 0, nil -} - -// GetServiceBaseEndpoint is used to retrieve a normalized SDK ID for use -// with configured endpoints. -func (c SharedConfig) GetServiceBaseEndpoint(ctx context.Context, sdkID string) (string, bool, error) { - if service, ok := c.Services.ServiceValues[normalizeShared(sdkID)]; ok { - if endpt, ok := service[endpointURL]; ok { - return endpt, true, nil - } - } - return "", false, nil -} - -func normalizeShared(sdkID string) string { - lower := strings.ToLower(sdkID) - return strings.ReplaceAll(lower, " ", "_") -} - -func (c SharedConfig) getServicesObject(context.Context) (map[string]map[string]string, bool, error) { - return c.Services.ServiceValues, c.Services.ServiceValues != nil, nil -} - -// loadSharedConfigIgnoreNotExist is an alias for loadSharedConfig with the -// addition of ignoring when none of the files exist or when the profile -// is not found in any of the files. -func loadSharedConfigIgnoreNotExist(ctx context.Context, configs configs) (Config, error) { - cfg, err := loadSharedConfig(ctx, configs) - if err != nil { - if _, ok := err.(SharedConfigProfileNotExistError); ok { - return SharedConfig{}, nil - } - return nil, err - } - - return cfg, nil -} - -// loadSharedConfig uses the configs passed in to load the SharedConfig from file -// The file names and profile name are sourced from the configs. -// -// If profile name is not provided DefaultSharedConfigProfile (default) will -// be used. -// -// If shared config filenames are not provided DefaultSharedConfigFiles will -// be used. -// -// Config providers used: -// * sharedConfigProfileProvider -// * sharedConfigFilesProvider -func loadSharedConfig(ctx context.Context, configs configs) (Config, error) { - var profile string - var configFiles []string - var credentialsFiles []string - var ok bool - var err error - - profile, ok, err = getSharedConfigProfile(ctx, configs) - if err != nil { - return nil, err - } - if !ok { - profile = defaultSharedConfigProfile - } - - configFiles, ok, err = getSharedConfigFiles(ctx, configs) - if err != nil { - return nil, err - } - - credentialsFiles, ok, err = getSharedCredentialsFiles(ctx, configs) - if err != nil { - return nil, err - } - - // setup logger if log configuration warning is seti - var logger logging.Logger - logWarnings, found, err := getLogConfigurationWarnings(ctx, configs) - if err != nil { - return SharedConfig{}, err - } - if found && logWarnings { - logger, found, err = getLogger(ctx, configs) - if err != nil { - return SharedConfig{}, err - } - if !found { - logger = logging.NewStandardLogger(os.Stderr) - } - } - - return LoadSharedConfigProfile(ctx, profile, - func(o *LoadSharedConfigOptions) { - o.Logger = logger - o.ConfigFiles = configFiles - o.CredentialsFiles = credentialsFiles - }, - ) -} - -// LoadSharedConfigOptions struct contains optional values that can be used to load the config. -type LoadSharedConfigOptions struct { - - // CredentialsFiles are the shared credentials files - CredentialsFiles []string - - // ConfigFiles are the shared config files - ConfigFiles []string - - // Logger is the logger used to log shared config behavior - Logger logging.Logger -} - -// LoadSharedConfigProfile retrieves the configuration from the list of files -// using the profile provided. The order the files are listed will determine -// precedence. Values in subsequent files will overwrite values defined in -// earlier files. -// -// For example, given two files A and B. Both define credentials. If the order -// of the files are A then B, B's credential values will be used instead of A's. -// -// If config files are not set, SDK will default to using a file at location `.aws/config` if present. -// If credentials files are not set, SDK will default to using a file at location `.aws/credentials` if present. -// No default files are set, if files set to an empty slice. -// -// You can read more about shared config and credentials file location at -// https://docs.aws.amazon.com/credref/latest/refdocs/file-location.html#file-location -func LoadSharedConfigProfile(ctx context.Context, profile string, optFns ...func(*LoadSharedConfigOptions)) (SharedConfig, error) { - var option LoadSharedConfigOptions - for _, fn := range optFns { - fn(&option) - } - - if option.ConfigFiles == nil { - option.ConfigFiles = DefaultSharedConfigFiles - } - - if option.CredentialsFiles == nil { - option.CredentialsFiles = DefaultSharedCredentialsFiles - } - - // load shared configuration sections from shared configuration INI options - configSections, err := loadIniFiles(option.ConfigFiles) - if err != nil { - return SharedConfig{}, err - } - - // check for profile prefix and drop duplicates or invalid profiles - err = processConfigSections(ctx, &configSections, option.Logger) - if err != nil { - return SharedConfig{}, err - } - - // load shared credentials sections from shared credentials INI options - credentialsSections, err := loadIniFiles(option.CredentialsFiles) - if err != nil { - return SharedConfig{}, err - } - - // check for profile prefix and drop duplicates or invalid profiles - err = processCredentialsSections(ctx, &credentialsSections, option.Logger) - if err != nil { - return SharedConfig{}, err - } - - err = mergeSections(&configSections, credentialsSections) - if err != nil { - return SharedConfig{}, err - } - - cfg := SharedConfig{} - profiles := map[string]struct{}{} - - if err = cfg.setFromIniSections(profiles, profile, configSections, option.Logger); err != nil { - return SharedConfig{}, err - } - - return cfg, nil -} - -func processConfigSections(ctx context.Context, sections *ini.Sections, logger logging.Logger) error { - skipSections := map[string]struct{}{} - - for _, section := range sections.List() { - if _, ok := skipSections[section]; ok { - continue - } - - // drop sections from config file that do not have expected prefixes. - switch { - case strings.HasPrefix(section, profilePrefix): - // Rename sections to remove "profile " prefixing to match with - // credentials file. If default is already present, it will be - // dropped. - newName, err := renameProfileSection(section, sections, logger) - if err != nil { - return fmt.Errorf("failed to rename profile section, %w", err) - } - skipSections[newName] = struct{}{} - - case strings.HasPrefix(section, ssoSectionPrefix): - case strings.HasPrefix(section, servicesPrefix): - case strings.EqualFold(section, "default"): - default: - // drop this section, as invalid profile name - sections.DeleteSection(section) - - if logger != nil { - logger.Logf(logging.Debug, "A profile defined with name `%v` is ignored. "+ - "For use within a shared configuration file, "+ - "a non-default profile must have `profile ` "+ - "prefixed to the profile name.", - section, - ) - } - } - } - return nil -} - -func renameProfileSection(section string, sections *ini.Sections, logger logging.Logger) (string, error) { - v, ok := sections.GetSection(section) - if !ok { - return "", fmt.Errorf("error processing profiles within the shared configuration files") - } - - // delete section with profile as prefix - sections.DeleteSection(section) - - // set the value to non-prefixed name in sections. - section = strings.TrimPrefix(section, profilePrefix) - if sections.HasSection(section) { - oldSection, _ := sections.GetSection(section) - v.Logs = append(v.Logs, - fmt.Sprintf("A non-default profile not prefixed with `profile ` found in %s, "+ - "overriding non-default profile from %s", - v.SourceFile, oldSection.SourceFile)) - sections.DeleteSection(section) - } - - // assign non-prefixed name to section - v.Name = section - sections.SetSection(section, v) - - return section, nil -} - -func processCredentialsSections(ctx context.Context, sections *ini.Sections, logger logging.Logger) error { - for _, section := range sections.List() { - // drop profiles with prefix for credential files - if strings.HasPrefix(section, profilePrefix) { - // drop this section, as invalid profile name - sections.DeleteSection(section) - - if logger != nil { - logger.Logf(logging.Debug, - "The profile defined with name `%v` is ignored. A profile with the `profile ` prefix is invalid "+ - "for the shared credentials file.\n", - section, - ) - } - } - } - return nil -} - -func loadIniFiles(filenames []string) (ini.Sections, error) { - mergedSections := ini.NewSections() - - for _, filename := range filenames { - sections, err := ini.OpenFile(filename) - var v *ini.UnableToReadFile - if ok := errors.As(err, &v); ok { - // Skip files which can't be opened and read for whatever reason. - // We treat such files as empty, and do not fall back to other locations. - continue - } else if err != nil { - return ini.Sections{}, SharedConfigLoadError{Filename: filename, Err: err} - } - - // mergeSections into mergedSections - err = mergeSections(&mergedSections, sections) - if err != nil { - return ini.Sections{}, SharedConfigLoadError{Filename: filename, Err: err} - } - } - - return mergedSections, nil -} - -// mergeSections merges source section properties into destination section properties -func mergeSections(dst *ini.Sections, src ini.Sections) error { - for _, sectionName := range src.List() { - srcSection, _ := src.GetSection(sectionName) - - if (!srcSection.Has(accessKeyIDKey) && srcSection.Has(secretAccessKey)) || - (srcSection.Has(accessKeyIDKey) && !srcSection.Has(secretAccessKey)) { - srcSection.Errors = append(srcSection.Errors, - fmt.Errorf("partial credentials found for profile %v", sectionName)) - } - - if !dst.HasSection(sectionName) { - dst.SetSection(sectionName, srcSection) - continue - } - - // merge with destination srcSection - dstSection, _ := dst.GetSection(sectionName) - - // errors should be overriden if any - dstSection.Errors = srcSection.Errors - - // Access key id update - if srcSection.Has(accessKeyIDKey) && srcSection.Has(secretAccessKey) { - accessKey := srcSection.String(accessKeyIDKey) - secretKey := srcSection.String(secretAccessKey) - - if dstSection.Has(accessKeyIDKey) { - dstSection.Logs = append(dstSection.Logs, newMergeKeyLogMessage(sectionName, accessKeyIDKey, - dstSection.SourceFile[accessKeyIDKey], srcSection.SourceFile[accessKeyIDKey])) - } - - // update access key - v, err := ini.NewStringValue(accessKey) - if err != nil { - return fmt.Errorf("error merging access key, %w", err) - } - dstSection.UpdateValue(accessKeyIDKey, v) - - // update secret key - v, err = ini.NewStringValue(secretKey) - if err != nil { - return fmt.Errorf("error merging secret key, %w", err) - } - dstSection.UpdateValue(secretAccessKey, v) - - // update session token - if err = mergeStringKey(&srcSection, &dstSection, sectionName, sessionTokenKey); err != nil { - return err - } - - // update source file to reflect where the static creds came from - dstSection.UpdateSourceFile(accessKeyIDKey, srcSection.SourceFile[accessKeyIDKey]) - dstSection.UpdateSourceFile(secretAccessKey, srcSection.SourceFile[secretAccessKey]) - } - - stringKeys := []string{ - roleArnKey, - sourceProfileKey, - credentialSourceKey, - externalIDKey, - mfaSerialKey, - roleSessionNameKey, - regionKey, - enableEndpointDiscoveryKey, - credentialProcessKey, - webIdentityTokenFileKey, - s3UseARNRegionKey, - s3DisableMultiRegionAccessPointsKey, - ec2MetadataServiceEndpointModeKey, - ec2MetadataServiceEndpointKey, - ec2MetadataV1DisabledKey, - useDualStackEndpoint, - useFIPSEndpointKey, - defaultsModeKey, - retryModeKey, - caBundleKey, - roleDurationSecondsKey, - retryMaxAttemptsKey, - - ssoSessionNameKey, - ssoAccountIDKey, - ssoRegionKey, - ssoRoleNameKey, - ssoStartURLKey, - } - for i := range stringKeys { - if err := mergeStringKey(&srcSection, &dstSection, sectionName, stringKeys[i]); err != nil { - return err - } - } - - // set srcSection on dst srcSection - *dst = dst.SetSection(sectionName, dstSection) - } - - return nil -} - -func mergeStringKey(srcSection *ini.Section, dstSection *ini.Section, sectionName, key string) error { - if srcSection.Has(key) { - srcValue := srcSection.String(key) - val, err := ini.NewStringValue(srcValue) - if err != nil { - return fmt.Errorf("error merging %s, %w", key, err) - } - - if dstSection.Has(key) { - dstSection.Logs = append(dstSection.Logs, newMergeKeyLogMessage(sectionName, key, - dstSection.SourceFile[key], srcSection.SourceFile[key])) - } - - dstSection.UpdateValue(key, val) - dstSection.UpdateSourceFile(key, srcSection.SourceFile[key]) - } - return nil -} - -func newMergeKeyLogMessage(sectionName, key, dstSourceFile, srcSourceFile string) string { - return fmt.Sprintf("For profile: %v, overriding %v value, defined in %v "+ - "with a %v value found in a duplicate profile defined at file %v. \n", - sectionName, key, dstSourceFile, key, srcSourceFile) -} - -// Returns an error if all of the files fail to load. If at least one file is -// successfully loaded and contains the profile, no error will be returned. -func (c *SharedConfig) setFromIniSections(profiles map[string]struct{}, profile string, - sections ini.Sections, logger logging.Logger) error { - c.Profile = profile - - section, ok := sections.GetSection(profile) - if !ok { - return SharedConfigProfileNotExistError{ - Profile: profile, - } - } - - // if logs are appended to the section, log them - if section.Logs != nil && logger != nil { - for _, log := range section.Logs { - logger.Logf(logging.Debug, log) - } - } - - // set config from the provided INI section - err := c.setFromIniSection(profile, section) - if err != nil { - return fmt.Errorf("error fetching config from profile, %v, %w", profile, err) - } - - if _, ok := profiles[profile]; ok { - // if this is the second instance of the profile the Assume Role - // options must be cleared because they are only valid for the - // first reference of a profile. The self linked instance of the - // profile only have credential provider options. - c.clearAssumeRoleOptions() - } else { - // First time a profile has been seen. Assert if the credential type - // requires a role ARN, the ARN is also set - if err := c.validateCredentialsConfig(profile); err != nil { - return err - } - } - - // if not top level profile and has credentials, return with credentials. - if len(profiles) != 0 && c.Credentials.HasKeys() { - return nil - } - - profiles[profile] = struct{}{} - - // validate no colliding credentials type are present - if err := c.validateCredentialType(); err != nil { - return err - } - - // Link source profiles for assume roles - if len(c.SourceProfileName) != 0 { - // Linked profile via source_profile ignore credential provider - // options, the source profile must provide the credentials. - c.clearCredentialOptions() - - srcCfg := &SharedConfig{} - err := srcCfg.setFromIniSections(profiles, c.SourceProfileName, sections, logger) - if err != nil { - // SourceProfileName that doesn't exist is an error in configuration. - if _, ok := err.(SharedConfigProfileNotExistError); ok { - err = SharedConfigAssumeRoleError{ - RoleARN: c.RoleARN, - Profile: c.SourceProfileName, - Err: err, - } - } - return err - } - - if !srcCfg.hasCredentials() { - return SharedConfigAssumeRoleError{ - RoleARN: c.RoleARN, - Profile: c.SourceProfileName, - } - } - - c.Source = srcCfg - } - - // If the profile contains an SSO session parameter, the session MUST exist - // as a section in the config file. Load the SSO session using the name - // provided. If the session section is not found or incomplete an error - // will be returned. - if c.hasSSOTokenProviderConfiguration() { - section, ok := sections.GetSection(ssoSectionPrefix + strings.TrimSpace(c.SSOSessionName)) - if !ok { - return fmt.Errorf("failed to find SSO session section, %v", c.SSOSessionName) - } - var ssoSession SSOSession - ssoSession.setFromIniSection(section) - ssoSession.Name = c.SSOSessionName - c.SSOSession = &ssoSession - } - - if len(c.ServicesSectionName) > 0 { - if section, ok := sections.GetSection(servicesPrefix + c.ServicesSectionName); ok { - var svcs Services - svcs.setFromIniSection(section) - c.Services = svcs - } - } - - return nil -} - -// setFromIniSection loads the configuration from the profile section defined in -// the provided INI file. A SharedConfig pointer type value is used so that -// multiple config file loadings can be chained. -// -// Only loads complete logically grouped values, and will not set fields in cfg -// for incomplete grouped values in the config. Such as credentials. For example -// if a config file only includes aws_access_key_id but no aws_secret_access_key -// the aws_access_key_id will be ignored. -func (c *SharedConfig) setFromIniSection(profile string, section ini.Section) error { - if len(section.Name) == 0 { - sources := make([]string, 0) - for _, v := range section.SourceFile { - sources = append(sources, v) - } - - return fmt.Errorf("parsing error : could not find profile section name after processing files: %v", sources) - } - - if len(section.Errors) != 0 { - var errStatement string - for i, e := range section.Errors { - errStatement = fmt.Sprintf("%d, %v\n", i+1, e.Error()) - } - return fmt.Errorf("Error using profile: \n %v", errStatement) - } - - // Assume Role - updateString(&c.RoleARN, section, roleArnKey) - updateString(&c.ExternalID, section, externalIDKey) - updateString(&c.MFASerial, section, mfaSerialKey) - updateString(&c.RoleSessionName, section, roleSessionNameKey) - updateString(&c.SourceProfileName, section, sourceProfileKey) - updateString(&c.CredentialSource, section, credentialSourceKey) - updateString(&c.Region, section, regionKey) - - // AWS Single Sign-On (AWS SSO) - // SSO session options - updateString(&c.SSOSessionName, section, ssoSessionNameKey) - - // Legacy SSO session options - updateString(&c.SSORegion, section, ssoRegionKey) - updateString(&c.SSOStartURL, section, ssoStartURLKey) - - // SSO fields not used - updateString(&c.SSOAccountID, section, ssoAccountIDKey) - updateString(&c.SSORoleName, section, ssoRoleNameKey) - - // we're retaining a behavioral quirk with this field that existed before - // the removal of literal parsing for #2276: - // - if the key is missing, the config field will not be set - // - if the key is set to a non-numeric, the config field will be set to 0 - if section.Has(roleDurationSecondsKey) { - if v, ok := section.Int(roleDurationSecondsKey); ok { - c.RoleDurationSeconds = aws.Duration(time.Duration(v) * time.Second) - } else { - c.RoleDurationSeconds = aws.Duration(time.Duration(0)) - } - } - - updateString(&c.CredentialProcess, section, credentialProcessKey) - updateString(&c.WebIdentityTokenFile, section, webIdentityTokenFileKey) - - updateEndpointDiscoveryType(&c.EnableEndpointDiscovery, section, enableEndpointDiscoveryKey) - updateBoolPtr(&c.S3UseARNRegion, section, s3UseARNRegionKey) - updateBoolPtr(&c.S3DisableMultiRegionAccessPoints, section, s3DisableMultiRegionAccessPointsKey) - updateBoolPtr(&c.S3DisableExpressAuth, section, s3DisableExpressSessionAuthKey) - - if err := updateEC2MetadataServiceEndpointMode(&c.EC2IMDSEndpointMode, section, ec2MetadataServiceEndpointModeKey); err != nil { - return fmt.Errorf("failed to load %s from shared config, %v", ec2MetadataServiceEndpointModeKey, err) - } - updateString(&c.EC2IMDSEndpoint, section, ec2MetadataServiceEndpointKey) - updateBoolPtr(&c.EC2IMDSv1Disabled, section, ec2MetadataV1DisabledKey) - - updateUseDualStackEndpoint(&c.UseDualStackEndpoint, section, useDualStackEndpoint) - updateUseFIPSEndpoint(&c.UseFIPSEndpoint, section, useFIPSEndpointKey) - - if err := updateDefaultsMode(&c.DefaultsMode, section, defaultsModeKey); err != nil { - return fmt.Errorf("failed to load %s from shared config, %w", defaultsModeKey, err) - } - - if err := updateInt(&c.RetryMaxAttempts, section, retryMaxAttemptsKey); err != nil { - return fmt.Errorf("failed to load %s from shared config, %w", retryMaxAttemptsKey, err) - } - if err := updateRetryMode(&c.RetryMode, section, retryModeKey); err != nil { - return fmt.Errorf("failed to load %s from shared config, %w", retryModeKey, err) - } - - updateString(&c.CustomCABundle, section, caBundleKey) - - // user agent app ID added to request User-Agent header - updateString(&c.AppID, section, sdkAppID) - - updateBoolPtr(&c.IgnoreConfiguredEndpoints, section, ignoreConfiguredEndpoints) - - updateString(&c.BaseEndpoint, section, endpointURL) - - if err := updateDisableRequestCompression(&c.DisableRequestCompression, section, disableRequestCompression); err != nil { - return fmt.Errorf("failed to load %s from shared config, %w", disableRequestCompression, err) - } - if err := updateRequestMinCompressSizeBytes(&c.RequestMinCompressSizeBytes, section, requestMinCompressionSizeBytes); err != nil { - return fmt.Errorf("failed to load %s from shared config, %w", requestMinCompressionSizeBytes, err) - } - - if err := updateAIDEndpointMode(&c.AccountIDEndpointMode, section, accountIDEndpointMode); err != nil { - return fmt.Errorf("failed to load %s from shared config, %w", accountIDEndpointMode, err) - } - - if err := updateRequestChecksumCalculation(&c.RequestChecksumCalculation, section, requestChecksumCalculationKey); err != nil { - return fmt.Errorf("failed to load %s from shared config, %w", requestChecksumCalculationKey, err) - } - if err := updateResponseChecksumValidation(&c.ResponseChecksumValidation, section, responseChecksumValidationKey); err != nil { - return fmt.Errorf("failed to load %s from shared config, %w", responseChecksumValidationKey, err) - } - - // Shared Credentials - creds := aws.Credentials{ - AccessKeyID: section.String(accessKeyIDKey), - SecretAccessKey: section.String(secretAccessKey), - SessionToken: section.String(sessionTokenKey), - Source: fmt.Sprintf("SharedConfigCredentials: %s", section.SourceFile[accessKeyIDKey]), - AccountID: section.String(accountIDKey), - } - - if creds.HasKeys() { - c.Credentials = creds - } - - updateString(&c.ServicesSectionName, section, servicesSectionKey) - - return nil -} - -func updateRequestMinCompressSizeBytes(bytes **int64, sec ini.Section, key string) error { - if !sec.Has(key) { - return nil - } - - v, ok := sec.Int(key) - if !ok { - return fmt.Errorf("invalid value for min request compression size bytes %s, need int64", sec.String(key)) - } - if v < 0 || v > smithyrequestcompression.MaxRequestMinCompressSizeBytes { - return fmt.Errorf("invalid range for min request compression size bytes %d, must be within 0 and 10485760 inclusively", v) - } - *bytes = new(int64) - **bytes = v - return nil -} - -func updateDisableRequestCompression(disable **bool, sec ini.Section, key string) error { - if !sec.Has(key) { - return nil - } - - v := sec.String(key) - switch { - case v == "true": - *disable = new(bool) - **disable = true - case v == "false": - *disable = new(bool) - **disable = false - default: - return fmt.Errorf("invalid value for shared config profile field, %s=%s, need true or false", key, v) - } - return nil -} - -func updateAIDEndpointMode(m *aws.AccountIDEndpointMode, sec ini.Section, key string) error { - if !sec.Has(key) { - return nil - } - - v := sec.String(key) - switch v { - case "preferred": - *m = aws.AccountIDEndpointModePreferred - case "required": - *m = aws.AccountIDEndpointModeRequired - case "disabled": - *m = aws.AccountIDEndpointModeDisabled - default: - return fmt.Errorf("invalid value for shared config profile field, %s=%s, must be preferred/required/disabled", key, v) - } - - return nil -} - -func updateRequestChecksumCalculation(m *aws.RequestChecksumCalculation, sec ini.Section, key string) error { - if !sec.Has(key) { - return nil - } - - v := sec.String(key) - switch strings.ToLower(v) { - case checksumWhenSupported: - *m = aws.RequestChecksumCalculationWhenSupported - case checksumWhenRequired: - *m = aws.RequestChecksumCalculationWhenRequired - default: - return fmt.Errorf("invalid value for shared config profile field, %s=%s, must be when_supported/when_required", key, v) - } - - return nil -} - -func updateResponseChecksumValidation(m *aws.ResponseChecksumValidation, sec ini.Section, key string) error { - if !sec.Has(key) { - return nil - } - - v := sec.String(key) - switch strings.ToLower(v) { - case checksumWhenSupported: - *m = aws.ResponseChecksumValidationWhenSupported - case checksumWhenRequired: - *m = aws.ResponseChecksumValidationWhenRequired - default: - return fmt.Errorf("invalid value for shared config profile field, %s=%s, must be when_supported/when_required", key, v) - } - - return nil -} - -func (c SharedConfig) getRequestMinCompressSizeBytes(ctx context.Context) (int64, bool, error) { - if c.RequestMinCompressSizeBytes == nil { - return 0, false, nil - } - return *c.RequestMinCompressSizeBytes, true, nil -} - -func (c SharedConfig) getDisableRequestCompression(ctx context.Context) (bool, bool, error) { - if c.DisableRequestCompression == nil { - return false, false, nil - } - return *c.DisableRequestCompression, true, nil -} - -func (c SharedConfig) getAccountIDEndpointMode(ctx context.Context) (aws.AccountIDEndpointMode, bool, error) { - return c.AccountIDEndpointMode, len(c.AccountIDEndpointMode) > 0, nil -} - -func (c SharedConfig) getRequestChecksumCalculation(ctx context.Context) (aws.RequestChecksumCalculation, bool, error) { - return c.RequestChecksumCalculation, c.RequestChecksumCalculation > 0, nil -} - -func (c SharedConfig) getResponseChecksumValidation(ctx context.Context) (aws.ResponseChecksumValidation, bool, error) { - return c.ResponseChecksumValidation, c.ResponseChecksumValidation > 0, nil -} - -func updateDefaultsMode(mode *aws.DefaultsMode, section ini.Section, key string) error { - if !section.Has(key) { - return nil - } - value := section.String(key) - if ok := mode.SetFromString(value); !ok { - return fmt.Errorf("invalid value: %s", value) - } - return nil -} - -func updateRetryMode(mode *aws.RetryMode, section ini.Section, key string) (err error) { - if !section.Has(key) { - return nil - } - value := section.String(key) - if *mode, err = aws.ParseRetryMode(value); err != nil { - return err - } - return nil -} - -func updateEC2MetadataServiceEndpointMode(endpointMode *imds.EndpointModeState, section ini.Section, key string) error { - if !section.Has(key) { - return nil - } - value := section.String(key) - return endpointMode.SetFromString(value) -} - -func (c *SharedConfig) validateCredentialsConfig(profile string) error { - if err := c.validateCredentialsRequireARN(profile); err != nil { - return err - } - - return nil -} - -func (c *SharedConfig) validateCredentialsRequireARN(profile string) error { - var credSource string - - switch { - case len(c.SourceProfileName) != 0: - credSource = sourceProfileKey - case len(c.CredentialSource) != 0: - credSource = credentialSourceKey - case len(c.WebIdentityTokenFile) != 0: - credSource = webIdentityTokenFileKey - } - - if len(credSource) != 0 && len(c.RoleARN) == 0 { - return CredentialRequiresARNError{ - Type: credSource, - Profile: profile, - } - } - - return nil -} - -func (c *SharedConfig) validateCredentialType() error { - // Only one or no credential type can be defined. - if !oneOrNone( - len(c.SourceProfileName) != 0, - len(c.CredentialSource) != 0, - len(c.CredentialProcess) != 0, - len(c.WebIdentityTokenFile) != 0, - ) { - return fmt.Errorf("only one credential type may be specified per profile: source profile, credential source, credential process, web identity token") - } - - return nil -} - -func (c *SharedConfig) validateSSOConfiguration() error { - if c.hasSSOTokenProviderConfiguration() { - err := c.validateSSOTokenProviderConfiguration() - if err != nil { - return err - } - return nil - } - - if c.hasLegacySSOConfiguration() { - err := c.validateLegacySSOConfiguration() - if err != nil { - return err - } - } - return nil -} - -func (c *SharedConfig) validateSSOTokenProviderConfiguration() error { - var missing []string - - if len(c.SSOSessionName) == 0 { - missing = append(missing, ssoSessionNameKey) - } - - if c.SSOSession == nil { - missing = append(missing, ssoSectionPrefix) - } else { - if len(c.SSOSession.SSORegion) == 0 { - missing = append(missing, ssoRegionKey) - } - - if len(c.SSOSession.SSOStartURL) == 0 { - missing = append(missing, ssoStartURLKey) - } - } - - if len(missing) > 0 { - return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", - c.Profile, strings.Join(missing, ", ")) - } - - if len(c.SSORegion) > 0 && c.SSORegion != c.SSOSession.SSORegion { - return fmt.Errorf("%s in profile %q must match %s in %s", ssoRegionKey, c.Profile, ssoRegionKey, ssoSectionPrefix) - } - - if len(c.SSOStartURL) > 0 && c.SSOStartURL != c.SSOSession.SSOStartURL { - return fmt.Errorf("%s in profile %q must match %s in %s", ssoStartURLKey, c.Profile, ssoStartURLKey, ssoSectionPrefix) - } - - return nil -} - -func (c *SharedConfig) validateLegacySSOConfiguration() error { - var missing []string - - if len(c.SSORegion) == 0 { - missing = append(missing, ssoRegionKey) - } - - if len(c.SSOStartURL) == 0 { - missing = append(missing, ssoStartURLKey) - } - - if len(c.SSOAccountID) == 0 { - missing = append(missing, ssoAccountIDKey) - } - - if len(c.SSORoleName) == 0 { - missing = append(missing, ssoRoleNameKey) - } - - if len(missing) > 0 { - return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", - c.Profile, strings.Join(missing, ", ")) - } - return nil -} - -func (c *SharedConfig) hasCredentials() bool { - switch { - case len(c.SourceProfileName) != 0: - case len(c.CredentialSource) != 0: - case len(c.CredentialProcess) != 0: - case len(c.WebIdentityTokenFile) != 0: - case c.hasSSOConfiguration(): - case c.Credentials.HasKeys(): - default: - return false - } - - return true -} - -func (c *SharedConfig) hasSSOConfiguration() bool { - return c.hasSSOTokenProviderConfiguration() || c.hasLegacySSOConfiguration() -} - -func (c *SharedConfig) hasSSOTokenProviderConfiguration() bool { - return len(c.SSOSessionName) > 0 -} - -func (c *SharedConfig) hasLegacySSOConfiguration() bool { - return len(c.SSORegion) > 0 || len(c.SSOAccountID) > 0 || len(c.SSOStartURL) > 0 || len(c.SSORoleName) > 0 -} - -func (c *SharedConfig) clearAssumeRoleOptions() { - c.RoleARN = "" - c.ExternalID = "" - c.MFASerial = "" - c.RoleSessionName = "" - c.SourceProfileName = "" -} - -func (c *SharedConfig) clearCredentialOptions() { - c.CredentialSource = "" - c.CredentialProcess = "" - c.WebIdentityTokenFile = "" - c.Credentials = aws.Credentials{} - c.SSOAccountID = "" - c.SSORegion = "" - c.SSORoleName = "" - c.SSOStartURL = "" -} - -// SharedConfigLoadError is an error for the shared config file failed to load. -type SharedConfigLoadError struct { - Filename string - Err error -} - -// Unwrap returns the underlying error that caused the failure. -func (e SharedConfigLoadError) Unwrap() error { - return e.Err -} - -func (e SharedConfigLoadError) Error() string { - return fmt.Sprintf("failed to load shared config file, %s, %v", e.Filename, e.Err) -} - -// SharedConfigProfileNotExistError is an error for the shared config when -// the profile was not find in the config file. -type SharedConfigProfileNotExistError struct { - Filename []string - Profile string - Err error -} - -// Unwrap returns the underlying error that caused the failure. -func (e SharedConfigProfileNotExistError) Unwrap() error { - return e.Err -} - -func (e SharedConfigProfileNotExistError) Error() string { - return fmt.Sprintf("failed to get shared config profile, %s", e.Profile) -} - -// SharedConfigAssumeRoleError is an error for the shared config when the -// profile contains assume role information, but that information is invalid -// or not complete. -type SharedConfigAssumeRoleError struct { - Profile string - RoleARN string - Err error -} - -// Unwrap returns the underlying error that caused the failure. -func (e SharedConfigAssumeRoleError) Unwrap() error { - return e.Err -} - -func (e SharedConfigAssumeRoleError) Error() string { - return fmt.Sprintf("failed to load assume role %s, of profile %s, %v", - e.RoleARN, e.Profile, e.Err) -} - -// CredentialRequiresARNError provides the error for shared config credentials -// that are incorrectly configured in the shared config or credentials file. -type CredentialRequiresARNError struct { - // type of credentials that were configured. - Type string - - // Profile name the credentials were in. - Profile string -} - -// Error satisfies the error interface. -func (e CredentialRequiresARNError) Error() string { - return fmt.Sprintf( - "credential type %s requires role_arn, profile %s", - e.Type, e.Profile, - ) -} - -func oneOrNone(bs ...bool) bool { - var count int - - for _, b := range bs { - if b { - count++ - if count > 1 { - return false - } - } - } - - return true -} - -// updateString will only update the dst with the value in the section key, key -// is present in the section. -func updateString(dst *string, section ini.Section, key string) { - if !section.Has(key) { - return - } - *dst = section.String(key) -} - -// updateInt will only update the dst with the value in the section key, key -// is present in the section. -// -// Down casts the INI integer value from a int64 to an int, which could be -// different bit size depending on platform. -func updateInt(dst *int, section ini.Section, key string) error { - if !section.Has(key) { - return nil - } - - v, ok := section.Int(key) - if !ok { - return fmt.Errorf("invalid value %s=%s, expect integer", key, section.String(key)) - } - - *dst = int(v) - return nil -} - -// updateBool will only update the dst with the value in the section key, key -// is present in the section. -func updateBool(dst *bool, section ini.Section, key string) { - if !section.Has(key) { - return - } - - // retains pre-#2276 behavior where non-bool value would resolve to false - v, _ := section.Bool(key) - *dst = v -} - -// updateBoolPtr will only update the dst with the value in the section key, -// key is present in the section. -func updateBoolPtr(dst **bool, section ini.Section, key string) { - if !section.Has(key) { - return - } - - // retains pre-#2276 behavior where non-bool value would resolve to false - v, _ := section.Bool(key) - *dst = new(bool) - **dst = v -} - -// updateEndpointDiscoveryType will only update the dst with the value in the section, if -// a valid key and corresponding EndpointDiscoveryType is found. -func updateEndpointDiscoveryType(dst *aws.EndpointDiscoveryEnableState, section ini.Section, key string) { - if !section.Has(key) { - return - } - - value := section.String(key) - if len(value) == 0 { - return - } - - switch { - case strings.EqualFold(value, endpointDiscoveryDisabled): - *dst = aws.EndpointDiscoveryDisabled - case strings.EqualFold(value, endpointDiscoveryEnabled): - *dst = aws.EndpointDiscoveryEnabled - case strings.EqualFold(value, endpointDiscoveryAuto): - *dst = aws.EndpointDiscoveryAuto - } -} - -// updateEndpointDiscoveryType will only update the dst with the value in the section, if -// a valid key and corresponding EndpointDiscoveryType is found. -func updateUseDualStackEndpoint(dst *aws.DualStackEndpointState, section ini.Section, key string) { - if !section.Has(key) { - return - } - - // retains pre-#2276 behavior where non-bool value would resolve to false - if v, _ := section.Bool(key); v { - *dst = aws.DualStackEndpointStateEnabled - } else { - *dst = aws.DualStackEndpointStateDisabled - } - - return -} - -// updateEndpointDiscoveryType will only update the dst with the value in the section, if -// a valid key and corresponding EndpointDiscoveryType is found. -func updateUseFIPSEndpoint(dst *aws.FIPSEndpointState, section ini.Section, key string) { - if !section.Has(key) { - return - } - - // retains pre-#2276 behavior where non-bool value would resolve to false - if v, _ := section.Bool(key); v { - *dst = aws.FIPSEndpointStateEnabled - } else { - *dst = aws.FIPSEndpointStateDisabled - } - - return -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md deleted file mode 100644 index c5fe7ddc..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md +++ /dev/null @@ -1,736 +0,0 @@ -# v1.17.62 (2025-03-04.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.61 (2025-02-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.60 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.59 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.58 (2025-02-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.57 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.56 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.55 (2025-01-24) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.17.54 (2025-01-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.53 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.52 (2025-01-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.51 (2025-01-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.50 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.49 (2025-01-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.48 (2024-12-19) - -* **Bug Fix**: Fix improper use of printf-style functions. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.47 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.46 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.45 (2024-11-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.44 (2024-11-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.43 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.42 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.41 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.40 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.39 (2024-10-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.38 (2024-10-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.37 (2024-09-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.36 (2024-09-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.35 (2024-09-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.34 (2024-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.33 (2024-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.32 (2024-09-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.31 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.30 (2024-08-26) - -* **Bug Fix**: Save SSO cached token expiry in UTC to ensure cross-SDK compatibility. - -# v1.17.29 (2024-08-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.28 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.27 (2024-07-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.26 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.25 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.24 (2024-07-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.23 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.22 (2024-06-26) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.21 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.20 (2024-06-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.19 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.18 (2024-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.17 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.16 (2024-05-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.15 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.14 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.13 (2024-05-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.12 (2024-05-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.11 (2024-04-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.10 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.9 (2024-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.8 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.7 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.6 (2024-03-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.5 (2024-03-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.4 (2024-02-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.3 (2024-02-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.2 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.1 (2024-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.16 (2024-01-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.15 (2024-01-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.14 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.13 (2023-12-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.12 (2023-12-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.11 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.10 (2023-12-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.9 (2023-12-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.8 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.7 (2023-11-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.6 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.5 (2023-11-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.4 (2023-11-21) - -* **Bug Fix**: Don't expect error responses to have a JSON payload in the endpointcreds provider. - -# v1.16.3 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.2 (2023-11-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.1 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.0 (2023-11-14) - -* **Feature**: Add support for dynamic auth token from file and EKS container host in absolute/relative URIs in the HTTP credential provider. - -# v1.15.2 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.1 (2023-11-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.0 (2023-11-01) - -* **Feature**: Adds support for configured endpoints via environment variables and the AWS shared configuration file. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.43 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.42 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.41 (2023-10-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.40 (2023-09-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.39 (2023-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.38 (2023-09-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.37 (2023-09-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.36 (2023-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.35 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.34 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.33 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.32 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.31 (2023-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.30 (2023-07-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.29 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.28 (2023-07-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.27 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.26 (2023-06-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.25 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.24 (2023-05-09) - -* No change notes available for this release. - -# v1.13.23 (2023-05-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.22 (2023-05-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.21 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.20 (2023-04-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.19 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.18 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.17 (2023-03-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.16 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.15 (2023-02-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.14 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.13 (2023-02-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.12 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.11 (2023-02-01) - -* No change notes available for this release. - -# v1.13.10 (2023-01-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.9 (2023-01-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.8 (2023-01-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.7 (2022-12-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.6 (2022-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.5 (2022-12-15) - -* **Bug Fix**: Unify logic between shared config and in finding home directory -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.4 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.3 (2022-11-22) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.2 (2022-11-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.1 (2022-11-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.0 (2022-11-11) - -* **Announcement**: When using the SSOTokenProvider, a previous implementation incorrectly compensated for invalid SSOTokenProvider configurations in the shared profile. This has been fixed via PR #1903 and tracked in issue #1846 -* **Feature**: Adds token refresh support (via SSOTokenProvider) when using the SSOCredentialProvider - -# v1.12.24 (2022-11-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.23 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.22 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.21 (2022-09-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.20 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.19 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.18 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.17 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.16 (2022-08-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.15 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.14 (2022-08-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.13 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.12 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.11 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.10 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.9 (2022-07-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.8 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.7 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.6 (2022-06-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.5 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.4 (2022-05-26) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.3 (2022-05-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.2 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.1 (2022-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.0 (2022-04-25) - -* **Feature**: Adds Duration and Policy options that can be used when creating stscreds.WebIdentityRoleProvider credentials provider. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.2 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.1 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.0 (2022-03-23) - -* **Feature**: Update `ec2rolecreds` package's `Provider` to implememnt support for CredentialsCache new optional caching strategy interfaces, HandleFailRefreshCredentialsCacheStrategy and AdjustExpiresByCredentialsCacheStrategy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.0 (2022-02-24) - -* **Feature**: Adds support for `SourceIdentity` to `stscreds.AssumeRoleProvider` [#1588](https://github.com/aws/aws-sdk-go-v2/pull/1588). Fixes [#1575](https://github.com/aws/aws-sdk-go-v2/issues/1575) -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.0 (2022-01-07) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.5 (2021-12-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.4 (2021-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.3 (2021-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.2 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.1 (2021-11-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.0 (2021-11-06) - -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.0 (2021-10-21) - -* **Feature**: Updated to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.3 (2021-10-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.2 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.1 (2021-09-10) - -* **Documentation**: Fixes the AssumeRoleProvider's documentation for using custom TokenProviders. - -# v1.4.0 (2021-08-27) - -* **Feature**: Adds support for Tags and TransitiveTagKeys to stscreds.AssumeRoleProvider. Closes https://github.com/aws/aws-sdk-go-v2/issues/723 -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.3 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.2 (2021-08-04) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.1 (2021-07-15) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2021-06-25) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Bug Fix**: Fixed example usages of aws.CredentialsCache ([#1275](https://github.com/aws/aws-sdk-go-v2/pull/1275)) -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.1 (2021-05-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/credentials/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/doc.go deleted file mode 100644 index f6e2873a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/doc.go +++ /dev/null @@ -1,4 +0,0 @@ -/* -Package credentials provides types for retrieving credentials from credentials sources. -*/ -package credentials diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds/doc.go deleted file mode 100644 index 6ed71b42..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds/doc.go +++ /dev/null @@ -1,58 +0,0 @@ -// Package ec2rolecreds provides the credentials provider implementation for -// retrieving AWS credentials from Amazon EC2 Instance Roles via Amazon EC2 IMDS. -// -// # Concurrency and caching -// -// The Provider is not safe to be used concurrently, and does not provide any -// caching of credentials retrieved. You should wrap the Provider with a -// `aws.CredentialsCache` to provide concurrency safety, and caching of -// credentials. -// -// # Loading credentials with the SDK's AWS Config -// -// The EC2 Instance role credentials provider will automatically be the resolved -// credential provider in the credential chain if no other credential provider is -// resolved first. -// -// To explicitly instruct the SDK's credentials resolving to use the EC2 Instance -// role for credentials, you specify a `credentials_source` property in the config -// profile the SDK will load. -// -// [default] -// credential_source = Ec2InstanceMetadata -// -// # Loading credentials with the Provider directly -// -// Another way to use the EC2 Instance role credentials provider is to create it -// directly and assign it as the credentials provider for an API client. -// -// The following example creates a credentials provider for a command, and wraps -// it with the CredentialsCache before assigning the provider to the Amazon S3 API -// client's Credentials option. -// -// provider := imds.New(imds.Options{}) -// -// // Create the service client value configured for credentials. -// svc := s3.New(s3.Options{ -// Credentials: aws.NewCredentialsCache(provider), -// }) -// -// If you need more control, you can set the configuration options on the -// credentials provider using the imds.Options type to configure the EC2 IMDS -// API Client and ExpiryWindow of the retrieved credentials. -// -// provider := imds.New(imds.Options{ -// // See imds.Options type's documentation for more options available. -// Client: imds.New(Options{ -// HTTPClient: customHTTPClient, -// }), -// -// // Modify how soon credentials expire prior to their original expiry time. -// ExpiryWindow: 5 * time.Minute, -// }) -// -// # EC2 IMDS API Client -// -// See the github.com/aws/aws-sdk-go-v2/feature/ec2/imds module for more details on -// configuring the client, and options available. -package ec2rolecreds diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds/provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds/provider.go deleted file mode 100644 index a95e6c8b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds/provider.go +++ /dev/null @@ -1,241 +0,0 @@ -package ec2rolecreds - -import ( - "bufio" - "context" - "encoding/json" - "fmt" - "math" - "path" - "strings" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/feature/ec2/imds" - sdkrand "github.com/aws/aws-sdk-go-v2/internal/rand" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/middleware" -) - -// ProviderName provides a name of EC2Role provider -const ProviderName = "EC2RoleProvider" - -// GetMetadataAPIClient provides the interface for an EC2 IMDS API client for the -// GetMetadata operation. -type GetMetadataAPIClient interface { - GetMetadata(context.Context, *imds.GetMetadataInput, ...func(*imds.Options)) (*imds.GetMetadataOutput, error) -} - -// A Provider retrieves credentials from the EC2 service, and keeps track if -// those credentials are expired. -// -// The New function must be used to create the with a custom EC2 IMDS client. -// -// p := &ec2rolecreds.New(func(o *ec2rolecreds.Options{ -// o.Client = imds.New(imds.Options{/* custom options */}) -// }) -type Provider struct { - options Options -} - -// Options is a list of user settable options for setting the behavior of the Provider. -type Options struct { - // The API client that will be used by the provider to make GetMetadata API - // calls to EC2 IMDS. - // - // If nil, the provider will default to the EC2 IMDS client. - Client GetMetadataAPIClient - - // The chain of providers that was used to create this provider - // These values are for reporting purposes and are not meant to be set up directly - CredentialSources []aws.CredentialSource -} - -// New returns an initialized Provider value configured to retrieve -// credentials from EC2 Instance Metadata service. -func New(optFns ...func(*Options)) *Provider { - options := Options{} - - for _, fn := range optFns { - fn(&options) - } - - if options.Client == nil { - options.Client = imds.New(imds.Options{}) - } - - return &Provider{ - options: options, - } -} - -// Retrieve retrieves credentials from the EC2 service. Error will be returned -// if the request fails, or unable to extract the desired credentials. -func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error) { - credsList, err := requestCredList(ctx, p.options.Client) - if err != nil { - return aws.Credentials{Source: ProviderName}, err - } - - if len(credsList) == 0 { - return aws.Credentials{Source: ProviderName}, - fmt.Errorf("unexpected empty EC2 IMDS role list") - } - credsName := credsList[0] - - roleCreds, err := requestCred(ctx, p.options.Client, credsName) - if err != nil { - return aws.Credentials{Source: ProviderName}, err - } - - creds := aws.Credentials{ - AccessKeyID: roleCreds.AccessKeyID, - SecretAccessKey: roleCreds.SecretAccessKey, - SessionToken: roleCreds.Token, - Source: ProviderName, - - CanExpire: true, - Expires: roleCreds.Expiration, - } - - // Cap role credentials Expires to 1 hour so they can be refreshed more - // often. Jitter will be applied credentials cache if being used. - if anHour := sdk.NowTime().Add(1 * time.Hour); creds.Expires.After(anHour) { - creds.Expires = anHour - } - - return creds, nil -} - -// HandleFailToRefresh will extend the credentials Expires time if it it is -// expired. If the credentials will not expire within the minimum time, they -// will be returned. -// -// If the credentials cannot expire, the original error will be returned. -func (p *Provider) HandleFailToRefresh(ctx context.Context, prevCreds aws.Credentials, err error) ( - aws.Credentials, error, -) { - if !prevCreds.CanExpire { - return aws.Credentials{}, err - } - - if prevCreds.Expires.After(sdk.NowTime().Add(5 * time.Minute)) { - return prevCreds, nil - } - - newCreds := prevCreds - randFloat64, err := sdkrand.CryptoRandFloat64() - if err != nil { - return aws.Credentials{}, fmt.Errorf("failed to get random float, %w", err) - } - - // Random distribution of [5,15) minutes. - expireOffset := time.Duration(randFloat64*float64(10*time.Minute)) + 5*time.Minute - newCreds.Expires = sdk.NowTime().Add(expireOffset) - - logger := middleware.GetLogger(ctx) - logger.Logf(logging.Warn, "Attempting credential expiration extension due to a credential service availability issue. A refresh of these credentials will be attempted again in %v minutes.", math.Floor(expireOffset.Minutes())) - - return newCreds, nil -} - -// AdjustExpiresBy will adds the passed in duration to the passed in -// credential's Expires time, unless the time until Expires is less than 15 -// minutes. Returns the credentials, even if not updated. -func (p *Provider) AdjustExpiresBy(creds aws.Credentials, dur time.Duration) ( - aws.Credentials, error, -) { - if !creds.CanExpire { - return creds, nil - } - if creds.Expires.Before(sdk.NowTime().Add(15 * time.Minute)) { - return creds, nil - } - - creds.Expires = creds.Expires.Add(dur) - return creds, nil -} - -// ec2RoleCredRespBody provides the shape for unmarshaling credential -// request responses. -type ec2RoleCredRespBody struct { - // Success State - Expiration time.Time - AccessKeyID string - SecretAccessKey string - Token string - - // Error state - Code string - Message string -} - -const iamSecurityCredsPath = "/iam/security-credentials/" - -// requestCredList requests a list of credentials from the EC2 service. If -// there are no credentials, or there is an error making or receiving the -// request -func requestCredList(ctx context.Context, client GetMetadataAPIClient) ([]string, error) { - resp, err := client.GetMetadata(ctx, &imds.GetMetadataInput{ - Path: iamSecurityCredsPath, - }) - if err != nil { - return nil, fmt.Errorf("no EC2 IMDS role found, %w", err) - } - defer resp.Content.Close() - - credsList := []string{} - s := bufio.NewScanner(resp.Content) - for s.Scan() { - credsList = append(credsList, s.Text()) - } - - if err := s.Err(); err != nil { - return nil, fmt.Errorf("failed to read EC2 IMDS role, %w", err) - } - - return credsList, nil -} - -// requestCred requests the credentials for a specific credentials from the EC2 service. -// -// If the credentials cannot be found, or there is an error reading the response -// and error will be returned. -func requestCred(ctx context.Context, client GetMetadataAPIClient, credsName string) (ec2RoleCredRespBody, error) { - resp, err := client.GetMetadata(ctx, &imds.GetMetadataInput{ - Path: path.Join(iamSecurityCredsPath, credsName), - }) - if err != nil { - return ec2RoleCredRespBody{}, - fmt.Errorf("failed to get %s EC2 IMDS role credentials, %w", - credsName, err) - } - defer resp.Content.Close() - - var respCreds ec2RoleCredRespBody - if err := json.NewDecoder(resp.Content).Decode(&respCreds); err != nil { - return ec2RoleCredRespBody{}, - fmt.Errorf("failed to decode %s EC2 IMDS role credentials, %w", - credsName, err) - } - - if !strings.EqualFold(respCreds.Code, "Success") { - // If an error code was returned something failed requesting the role. - return ec2RoleCredRespBody{}, - fmt.Errorf("failed to get %s EC2 IMDS role credentials, %w", - credsName, - &smithy.GenericAPIError{Code: respCreds.Code, Message: respCreds.Message}) - } - - return respCreds, nil -} - -// ProviderSources returns the credential chain that was used to construct this provider -func (p *Provider) ProviderSources() []aws.CredentialSource { - if p.options.CredentialSources == nil { - return []aws.CredentialSource{aws.CredentialSourceIMDS} - } // If no source has been set, assume this is used directly which means just call to assume role - return p.options.CredentialSources -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/auth.go deleted file mode 100644 index c3f5dadc..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/auth.go +++ /dev/null @@ -1,48 +0,0 @@ -package client - -import ( - "context" - "github.com/aws/smithy-go/middleware" -) - -type getIdentityMiddleware struct { - options Options -} - -func (*getIdentityMiddleware) ID() string { - return "GetIdentity" -} - -func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - return next.HandleFinalize(ctx, in) -} - -type signRequestMiddleware struct { -} - -func (*signRequestMiddleware) ID() string { - return "Signing" -} - -func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - return next.HandleFinalize(ctx, in) -} - -type resolveAuthSchemeMiddleware struct { - operation string - options Options -} - -func (*resolveAuthSchemeMiddleware) ID() string { - return "ResolveAuthScheme" -} - -func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/client.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/client.go deleted file mode 100644 index dc291c97..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/client.go +++ /dev/null @@ -1,165 +0,0 @@ -package client - -import ( - "context" - "fmt" - "net/http" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/retry" - awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - "github.com/aws/smithy-go" - smithymiddleware "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// ServiceID is the client identifer -const ServiceID = "endpoint-credentials" - -// HTTPClient is a client for sending HTTP requests -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// Options is the endpoint client configurable options -type Options struct { - // The endpoint to retrieve credentials from - Endpoint string - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. - Retryer aws.Retryer - - // Set of options to modify how the credentials operation is invoked. - APIOptions []func(*smithymiddleware.Stack) error -} - -// Copy creates a copy of the API options. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*smithymiddleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - return to -} - -// Client is an client for retrieving AWS credentials from an endpoint -type Client struct { - options Options -} - -// New constructs a new Client from the given options -func New(options Options, optFns ...func(*Options)) *Client { - options = options.Copy() - - if options.HTTPClient == nil { - options.HTTPClient = awshttp.NewBuildableClient() - } - - if options.Retryer == nil { - // Amazon-owned implementations of this endpoint are known to sometimes - // return plaintext responses (i.e. no Code) like normal, add a few - // additional status codes - options.Retryer = retry.NewStandard(func(o *retry.StandardOptions) { - o.Retryables = append(o.Retryables, retry.RetryableHTTPStatusCode{ - Codes: map[int]struct{}{ - http.StatusTooManyRequests: {}, - }, - }) - }) - } - - for _, fn := range optFns { - fn(&options) - } - - client := &Client{ - options: options, - } - - return client -} - -// GetCredentialsInput is the input to send with the endpoint service to receive credentials. -type GetCredentialsInput struct { - AuthorizationToken string -} - -// GetCredentials retrieves credentials from credential endpoint -func (c *Client) GetCredentials(ctx context.Context, params *GetCredentialsInput, optFns ...func(*Options)) (*GetCredentialsOutput, error) { - stack := smithymiddleware.NewStack("GetCredentials", smithyhttp.NewStackRequest) - options := c.options.Copy() - for _, fn := range optFns { - fn(&options) - } - - stack.Serialize.Add(&serializeOpGetCredential{}, smithymiddleware.After) - stack.Build.Add(&buildEndpoint{Endpoint: options.Endpoint}, smithymiddleware.After) - stack.Deserialize.Add(&deserializeOpGetCredential{}, smithymiddleware.After) - addProtocolFinalizerMiddlewares(stack, options, "GetCredentials") - retry.AddRetryMiddlewares(stack, retry.AddRetryMiddlewaresOptions{Retryer: options.Retryer}) - middleware.AddSDKAgentKey(middleware.FeatureMetadata, ServiceID) - smithyhttp.AddErrorCloseResponseBodyMiddleware(stack) - smithyhttp.AddCloseResponseBodyMiddleware(stack) - - for _, fn := range options.APIOptions { - if err := fn(stack); err != nil { - return nil, err - } - } - - handler := smithymiddleware.DecorateHandler(smithyhttp.NewClientHandler(options.HTTPClient), stack) - result, _, err := handler.Handle(ctx, params) - if err != nil { - return nil, err - } - - return result.(*GetCredentialsOutput), err -} - -// GetCredentialsOutput is the response from the credential endpoint -type GetCredentialsOutput struct { - Expiration *time.Time - AccessKeyID string - SecretAccessKey string - Token string - AccountID string -} - -// EndpointError is an error returned from the endpoint service -type EndpointError struct { - Code string `json:"code"` - Message string `json:"message"` - Fault smithy.ErrorFault `json:"-"` - statusCode int `json:"-"` -} - -// Error is the error mesage string -func (e *EndpointError) Error() string { - return fmt.Sprintf("%s: %s", e.Code, e.Message) -} - -// ErrorCode is the error code returned by the endpoint -func (e *EndpointError) ErrorCode() string { - return e.Code -} - -// ErrorMessage is the error message returned by the endpoint -func (e *EndpointError) ErrorMessage() string { - return e.Message -} - -// ErrorFault indicates error fault classification -func (e *EndpointError) ErrorFault() smithy.ErrorFault { - return e.Fault -} - -// HTTPStatusCode implements retry.HTTPStatusCode. -func (e *EndpointError) HTTPStatusCode() int { - return e.statusCode -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/endpoints.go deleted file mode 100644 index 748ee672..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/endpoints.go +++ /dev/null @@ -1,20 +0,0 @@ -package client - -import ( - "context" - "github.com/aws/smithy-go/middleware" -) - -type resolveEndpointV2Middleware struct { - options Options -} - -func (*resolveEndpointV2Middleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/middleware.go deleted file mode 100644 index f2820d20..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client/middleware.go +++ /dev/null @@ -1,164 +0,0 @@ -package client - -import ( - "context" - "encoding/json" - "fmt" - "io" - "net/url" - - "github.com/aws/smithy-go" - smithymiddleware "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -type buildEndpoint struct { - Endpoint string -} - -func (b *buildEndpoint) ID() string { - return "BuildEndpoint" -} - -func (b *buildEndpoint) HandleBuild(ctx context.Context, in smithymiddleware.BuildInput, next smithymiddleware.BuildHandler) ( - out smithymiddleware.BuildOutput, metadata smithymiddleware.Metadata, err error, -) { - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport, %T", in.Request) - } - - if len(b.Endpoint) == 0 { - return out, metadata, fmt.Errorf("endpoint not provided") - } - - parsed, err := url.Parse(b.Endpoint) - if err != nil { - return out, metadata, fmt.Errorf("failed to parse endpoint, %w", err) - } - - request.URL = parsed - - return next.HandleBuild(ctx, in) -} - -type serializeOpGetCredential struct{} - -func (s *serializeOpGetCredential) ID() string { - return "OperationSerializer" -} - -func (s *serializeOpGetCredential) HandleSerialize(ctx context.Context, in smithymiddleware.SerializeInput, next smithymiddleware.SerializeHandler) ( - out smithymiddleware.SerializeOutput, metadata smithymiddleware.Metadata, err error, -) { - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type, %T", in.Request) - } - - params, ok := in.Parameters.(*GetCredentialsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters, %T", in.Parameters) - } - - const acceptHeader = "Accept" - request.Header[acceptHeader] = append(request.Header[acceptHeader][:0], "application/json") - - if len(params.AuthorizationToken) > 0 { - const authHeader = "Authorization" - request.Header[authHeader] = append(request.Header[authHeader][:0], params.AuthorizationToken) - } - - return next.HandleSerialize(ctx, in) -} - -type deserializeOpGetCredential struct{} - -func (d *deserializeOpGetCredential) ID() string { - return "OperationDeserializer" -} - -func (d *deserializeOpGetCredential) HandleDeserialize(ctx context.Context, in smithymiddleware.DeserializeInput, next smithymiddleware.DeserializeHandler) ( - out smithymiddleware.DeserializeOutput, metadata smithymiddleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, deserializeError(response) - } - - var shape *GetCredentialsOutput - if err = json.NewDecoder(response.Body).Decode(&shape); err != nil { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("failed to deserialize json response, %w", err)} - } - - out.Result = shape - return out, metadata, err -} - -func deserializeError(response *smithyhttp.Response) error { - // we could be talking to anything, json isn't guaranteed - // see https://github.com/aws/aws-sdk-go-v2/issues/2316 - if response.Header.Get("Content-Type") == "application/json" { - return deserializeJSONError(response) - } - - msg, err := io.ReadAll(response.Body) - if err != nil { - return &smithy.DeserializationError{ - Err: fmt.Errorf("read response, %w", err), - } - } - - return &EndpointError{ - // no sensible value for Code - Message: string(msg), - Fault: stof(response.StatusCode), - statusCode: response.StatusCode, - } -} - -func deserializeJSONError(response *smithyhttp.Response) error { - var errShape *EndpointError - if err := json.NewDecoder(response.Body).Decode(&errShape); err != nil { - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode error message, %w", err), - } - } - - errShape.Fault = stof(response.StatusCode) - errShape.statusCode = response.StatusCode - return errShape -} - -// maps HTTP status code to smithy ErrorFault -func stof(code int) smithy.ErrorFault { - if code >= 500 { - return smithy.FaultServer - } - return smithy.FaultClient -} - -func addProtocolFinalizerMiddlewares(stack *smithymiddleware.Stack, options Options, operation string) error { - if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, smithymiddleware.Before); err != nil { - return fmt.Errorf("add ResolveAuthScheme: %w", err) - } - if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", smithymiddleware.After); err != nil { - return fmt.Errorf("add GetIdentity: %w", err) - } - if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", smithymiddleware.After); err != nil { - return fmt.Errorf("add ResolveEndpointV2: %w", err) - } - if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", smithymiddleware.After); err != nil { - return fmt.Errorf("add Signing: %w", err) - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/provider.go deleted file mode 100644 index c8ac6d9f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/provider.go +++ /dev/null @@ -1,207 +0,0 @@ -// Package endpointcreds provides support for retrieving credentials from an -// arbitrary HTTP endpoint. -// -// The credentials endpoint Provider can receive both static and refreshable -// credentials that will expire. Credentials are static when an "Expiration" -// value is not provided in the endpoint's response. -// -// Static credentials will never expire once they have been retrieved. The format -// of the static credentials response: -// -// { -// "AccessKeyId" : "MUA...", -// "SecretAccessKey" : "/7PC5om....", -// } -// -// Refreshable credentials will expire within the "ExpiryWindow" of the Expiration -// value in the response. The format of the refreshable credentials response: -// -// { -// "AccessKeyId" : "MUA...", -// "SecretAccessKey" : "/7PC5om....", -// "Token" : "AQoDY....=", -// "Expiration" : "2016-02-25T06:03:31Z" -// } -// -// Errors should be returned in the following format and only returned with 400 -// or 500 HTTP status codes. -// -// { -// "code": "ErrorCode", -// "message": "Helpful error message." -// } -package endpointcreds - -import ( - "context" - "fmt" - "net/http" - "strings" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/credentials/endpointcreds/internal/client" - "github.com/aws/smithy-go/middleware" -) - -// ProviderName is the name of the credentials provider. -const ProviderName = `CredentialsEndpointProvider` - -type getCredentialsAPIClient interface { - GetCredentials(context.Context, *client.GetCredentialsInput, ...func(*client.Options)) (*client.GetCredentialsOutput, error) -} - -// Provider satisfies the aws.CredentialsProvider interface, and is a client to -// retrieve credentials from an arbitrary endpoint. -type Provider struct { - // The AWS Client to make HTTP requests to the endpoint with. The endpoint - // the request will be made to is provided by the aws.Config's - // EndpointResolver. - client getCredentialsAPIClient - - options Options -} - -// HTTPClient is a client for sending HTTP requests -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// Options is structure of configurable options for Provider -type Options struct { - // Endpoint to retrieve credentials from. Required - Endpoint string - - // HTTPClient to handle sending HTTP requests to the target endpoint. - HTTPClient HTTPClient - - // Set of options to modify how the credentials operation is invoked. - APIOptions []func(*middleware.Stack) error - - // The Retryer to be used for determining whether a failed requested should be retried - Retryer aws.Retryer - - // Optional authorization token value if set will be used as the value of - // the Authorization header of the endpoint credential request. - // - // When constructed from environment, the provider will use the value of - // AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token - // - // Will be overridden if AuthorizationTokenProvider is configured - AuthorizationToken string - - // Optional auth provider func to dynamically load the auth token from a file - // everytime a credential is retrieved - // - // When constructed from environment, the provider will read and use the content - // of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable - // as the auth token everytime credentials are retrieved - // - // Will override AuthorizationToken if configured - AuthorizationTokenProvider AuthTokenProvider - - // The chain of providers that was used to create this provider - // These values are for reporting purposes and are not meant to be set up directly - CredentialSources []aws.CredentialSource -} - -// AuthTokenProvider defines an interface to dynamically load a value to be passed -// for the Authorization header of a credentials request. -type AuthTokenProvider interface { - GetToken() (string, error) -} - -// TokenProviderFunc is a func type implementing AuthTokenProvider interface -// and enables customizing token provider behavior -type TokenProviderFunc func() (string, error) - -// GetToken func retrieves auth token according to TokenProviderFunc implementation -func (p TokenProviderFunc) GetToken() (string, error) { - return p() -} - -// New returns a credentials Provider for retrieving AWS credentials -// from arbitrary endpoint. -func New(endpoint string, optFns ...func(*Options)) *Provider { - o := Options{ - Endpoint: endpoint, - } - - for _, fn := range optFns { - fn(&o) - } - - p := &Provider{ - client: client.New(client.Options{ - HTTPClient: o.HTTPClient, - Endpoint: o.Endpoint, - APIOptions: o.APIOptions, - Retryer: o.Retryer, - }), - options: o, - } - - return p -} - -// Retrieve will attempt to request the credentials from the endpoint the Provider -// was configured for. And error will be returned if the retrieval fails. -func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error) { - resp, err := p.getCredentials(ctx) - if err != nil { - return aws.Credentials{}, fmt.Errorf("failed to load credentials, %w", err) - } - - creds := aws.Credentials{ - AccessKeyID: resp.AccessKeyID, - SecretAccessKey: resp.SecretAccessKey, - SessionToken: resp.Token, - Source: ProviderName, - AccountID: resp.AccountID, - } - - if resp.Expiration != nil { - creds.CanExpire = true - creds.Expires = *resp.Expiration - } - - return creds, nil -} - -func (p *Provider) getCredentials(ctx context.Context) (*client.GetCredentialsOutput, error) { - authToken, err := p.resolveAuthToken() - if err != nil { - return nil, fmt.Errorf("resolve auth token: %v", err) - } - - return p.client.GetCredentials(ctx, &client.GetCredentialsInput{ - AuthorizationToken: authToken, - }) -} - -func (p *Provider) resolveAuthToken() (string, error) { - authToken := p.options.AuthorizationToken - - var err error - if p.options.AuthorizationTokenProvider != nil { - authToken, err = p.options.AuthorizationTokenProvider.GetToken() - if err != nil { - return "", err - } - } - - if strings.ContainsAny(authToken, "\r\n") { - return "", fmt.Errorf("authorization token contains invalid newline sequence") - } - - return authToken, nil -} - -var _ aws.CredentialProviderSource = (*Provider)(nil) - -// ProviderSources returns the credential chain that was used to construct this provider -func (p *Provider) ProviderSources() []aws.CredentialSource { - if p.options.CredentialSources == nil { - return []aws.CredentialSource{aws.CredentialSourceHTTP} - } - return p.options.CredentialSources -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go deleted file mode 100644 index 628b3d58..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package credentials - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.17.62" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/processcreds/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/processcreds/doc.go deleted file mode 100644 index a3137b8f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/processcreds/doc.go +++ /dev/null @@ -1,92 +0,0 @@ -// Package processcreds is a credentials provider to retrieve credentials from a -// external CLI invoked process. -// -// WARNING: The following describes a method of sourcing credentials from an external -// process. This can potentially be dangerous, so proceed with caution. Other -// credential providers should be preferred if at all possible. If using this -// option, you should make sure that the config file is as locked down as possible -// using security best practices for your operating system. -// -// # Concurrency and caching -// -// The Provider is not safe to be used concurrently, and does not provide any -// caching of credentials retrieved. You should wrap the Provider with a -// `aws.CredentialsCache` to provide concurrency safety, and caching of -// credentials. -// -// # Loading credentials with the SDKs AWS Config -// -// You can use credentials from a AWS shared config `credential_process` in a -// variety of ways. -// -// One way is to setup your shared config file, located in the default -// location, with the `credential_process` key and the command you want to be -// called. You also need to set the AWS_SDK_LOAD_CONFIG environment variable -// (e.g., `export AWS_SDK_LOAD_CONFIG=1`) to use the shared config file. -// -// [default] -// credential_process = /command/to/call -// -// Loading configuration using external will use the credential process to -// retrieve credentials. NOTE: If there are credentials in the profile you are -// using, the credential process will not be used. -// -// // Initialize a session to load credentials. -// cfg, _ := config.LoadDefaultConfig(context.TODO()) -// -// // Create S3 service client to use the credentials. -// svc := s3.NewFromConfig(cfg) -// -// # Loading credentials with the Provider directly -// -// Another way to use the credentials process provider is by using the -// `NewProvider` constructor to create the provider and providing a it with a -// command to be executed to retrieve credentials. -// -// The following example creates a credentials provider for a command, and wraps -// it with the CredentialsCache before assigning the provider to the Amazon S3 API -// client's Credentials option. -// -// // Create credentials using the Provider. -// provider := processcreds.NewProvider("/path/to/command") -// -// // Create the service client value configured for credentials. -// svc := s3.New(s3.Options{ -// Credentials: aws.NewCredentialsCache(provider), -// }) -// -// If you need more control, you can set any configurable options in the -// credentials using one or more option functions. -// -// provider := processcreds.NewProvider("/path/to/command", -// func(o *processcreds.Options) { -// // Override the provider's default timeout -// o.Timeout = 2 * time.Minute -// }) -// -// You can also use your own `exec.Cmd` value by satisfying a value that satisfies -// the `NewCommandBuilder` interface and use the `NewProviderCommand` constructor. -// -// // Create an exec.Cmd -// cmdBuilder := processcreds.NewCommandBuilderFunc( -// func(ctx context.Context) (*exec.Cmd, error) { -// cmd := exec.CommandContext(ctx, -// "customCLICommand", -// "-a", "argument", -// ) -// cmd.Env = []string{ -// "ENV_VAR_FOO=value", -// "ENV_VAR_BAR=other_value", -// } -// -// return cmd, nil -// }, -// ) -// -// // Create credentials using your exec.Cmd and custom timeout -// provider := processcreds.NewProviderCommand(cmdBuilder, -// func(opt *processcreds.Provider) { -// // optionally override the provider's default timeout -// opt.Timeout = 1 * time.Second -// }) -package processcreds diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/processcreds/provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/processcreds/provider.go deleted file mode 100644 index dfc6b254..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/processcreds/provider.go +++ /dev/null @@ -1,296 +0,0 @@ -package processcreds - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "io" - "os" - "os/exec" - "runtime" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/internal/sdkio" -) - -const ( - // ProviderName is the name this credentials provider will label any - // returned credentials Value with. - ProviderName = `ProcessProvider` - - // DefaultTimeout default limit on time a process can run. - DefaultTimeout = time.Duration(1) * time.Minute -) - -// ProviderError is an error indicating failure initializing or executing the -// process credentials provider -type ProviderError struct { - Err error -} - -// Error returns the error message. -func (e *ProviderError) Error() string { - return fmt.Sprintf("process provider error: %v", e.Err) -} - -// Unwrap returns the underlying error the provider error wraps. -func (e *ProviderError) Unwrap() error { - return e.Err -} - -// Provider satisfies the credentials.Provider interface, and is a -// client to retrieve credentials from a process. -type Provider struct { - // Provides a constructor for exec.Cmd that are invoked by the provider for - // retrieving credentials. Use this to provide custom creation of exec.Cmd - // with things like environment variables, or other configuration. - // - // The provider defaults to the DefaultNewCommand function. - commandBuilder NewCommandBuilder - - options Options -} - -// Options is the configuration options for configuring the Provider. -type Options struct { - // Timeout limits the time a process can run. - Timeout time.Duration - // The chain of providers that was used to create this provider - // These values are for reporting purposes and are not meant to be set up directly - CredentialSources []aws.CredentialSource -} - -// NewCommandBuilder provides the interface for specifying how command will be -// created that the Provider will use to retrieve credentials with. -type NewCommandBuilder interface { - NewCommand(context.Context) (*exec.Cmd, error) -} - -// NewCommandBuilderFunc provides a wrapper type around a function pointer to -// satisfy the NewCommandBuilder interface. -type NewCommandBuilderFunc func(context.Context) (*exec.Cmd, error) - -// NewCommand calls the underlying function pointer the builder was initialized with. -func (fn NewCommandBuilderFunc) NewCommand(ctx context.Context) (*exec.Cmd, error) { - return fn(ctx) -} - -// DefaultNewCommandBuilder provides the default NewCommandBuilder -// implementation used by the provider. It takes a command and arguments to -// invoke. The command will also be initialized with the current process -// environment variables, stderr, and stdin pipes. -type DefaultNewCommandBuilder struct { - Args []string -} - -// NewCommand returns an initialized exec.Cmd with the builder's initialized -// Args. The command is also initialized current process environment variables, -// stderr, and stdin pipes. -func (b DefaultNewCommandBuilder) NewCommand(ctx context.Context) (*exec.Cmd, error) { - var cmdArgs []string - if runtime.GOOS == "windows" { - cmdArgs = []string{"cmd.exe", "/C"} - } else { - cmdArgs = []string{"sh", "-c"} - } - - if len(b.Args) == 0 { - return nil, &ProviderError{ - Err: fmt.Errorf("failed to prepare command: command must not be empty"), - } - } - - cmdArgs = append(cmdArgs, b.Args...) - cmd := exec.CommandContext(ctx, cmdArgs[0], cmdArgs[1:]...) - cmd.Env = os.Environ() - - cmd.Stderr = os.Stderr // display stderr on console for MFA - cmd.Stdin = os.Stdin // enable stdin for MFA - - return cmd, nil -} - -// NewProvider returns a pointer to a new Credentials object wrapping the -// Provider. -// -// The provider defaults to the DefaultNewCommandBuilder for creating command -// the Provider will use to retrieve credentials with. -func NewProvider(command string, options ...func(*Options)) *Provider { - var args []string - - // Ensure that the command arguments are not set if the provided command is - // empty. This will error out when the command is executed since no - // arguments are specified. - if len(command) > 0 { - args = []string{command} - } - - commanBuilder := DefaultNewCommandBuilder{ - Args: args, - } - return NewProviderCommand(commanBuilder, options...) -} - -// NewProviderCommand returns a pointer to a new Credentials object with the -// specified command, and default timeout duration. Use this to provide custom -// creation of exec.Cmd for options like environment variables, or other -// configuration. -func NewProviderCommand(builder NewCommandBuilder, options ...func(*Options)) *Provider { - p := &Provider{ - commandBuilder: builder, - options: Options{ - Timeout: DefaultTimeout, - }, - } - - for _, option := range options { - option(&p.options) - } - - return p -} - -// A CredentialProcessResponse is the AWS credentials format that must be -// returned when executing an external credential_process. -type CredentialProcessResponse struct { - // As of this writing, the Version key must be set to 1. This might - // increment over time as the structure evolves. - Version int - - // The access key ID that identifies the temporary security credentials. - AccessKeyID string `json:"AccessKeyId"` - - // The secret access key that can be used to sign requests. - SecretAccessKey string - - // The token that users must pass to the service API to use the temporary credentials. - SessionToken string - - // The date on which the current credentials expire. - Expiration *time.Time - - // The ID of the account for credentials - AccountID string `json:"AccountId"` -} - -// Retrieve executes the credential process command and returns the -// credentials, or error if the command fails. -func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error) { - out, err := p.executeCredentialProcess(ctx) - if err != nil { - return aws.Credentials{Source: ProviderName}, err - } - - // Serialize and validate response - resp := &CredentialProcessResponse{} - if err = json.Unmarshal(out, resp); err != nil { - return aws.Credentials{Source: ProviderName}, &ProviderError{ - Err: fmt.Errorf("parse failed of process output: %s, error: %w", out, err), - } - } - - if resp.Version != 1 { - return aws.Credentials{Source: ProviderName}, &ProviderError{ - Err: fmt.Errorf("wrong version in process output (not 1)"), - } - } - - if len(resp.AccessKeyID) == 0 { - return aws.Credentials{Source: ProviderName}, &ProviderError{ - Err: fmt.Errorf("missing AccessKeyId in process output"), - } - } - - if len(resp.SecretAccessKey) == 0 { - return aws.Credentials{Source: ProviderName}, &ProviderError{ - Err: fmt.Errorf("missing SecretAccessKey in process output"), - } - } - - creds := aws.Credentials{ - Source: ProviderName, - AccessKeyID: resp.AccessKeyID, - SecretAccessKey: resp.SecretAccessKey, - SessionToken: resp.SessionToken, - AccountID: resp.AccountID, - } - - // Handle expiration - if resp.Expiration != nil { - creds.CanExpire = true - creds.Expires = *resp.Expiration - } - - return creds, nil -} - -// executeCredentialProcess starts the credential process on the OS and -// returns the results or an error. -func (p *Provider) executeCredentialProcess(ctx context.Context) ([]byte, error) { - if p.options.Timeout >= 0 { - var cancelFunc func() - ctx, cancelFunc = context.WithTimeout(ctx, p.options.Timeout) - defer cancelFunc() - } - - cmd, err := p.commandBuilder.NewCommand(ctx) - if err != nil { - return nil, err - } - - // get creds json on process's stdout - output := bytes.NewBuffer(make([]byte, 0, int(8*sdkio.KibiByte))) - if cmd.Stdout != nil { - cmd.Stdout = io.MultiWriter(cmd.Stdout, output) - } else { - cmd.Stdout = output - } - - execCh := make(chan error, 1) - go executeCommand(cmd, execCh) - - select { - case execError := <-execCh: - if execError == nil { - break - } - select { - case <-ctx.Done(): - return output.Bytes(), &ProviderError{ - Err: fmt.Errorf("credential process timed out: %w", execError), - } - default: - return output.Bytes(), &ProviderError{ - Err: fmt.Errorf("error in credential_process: %w", execError), - } - } - } - - out := output.Bytes() - if runtime.GOOS == "windows" { - // windows adds slashes to quotes - out = bytes.ReplaceAll(out, []byte(`\"`), []byte(`"`)) - } - - return out, nil -} - -// ProviderSources returns the credential chain that was used to construct this provider -func (p *Provider) ProviderSources() []aws.CredentialSource { - if p.options.CredentialSources == nil { - return []aws.CredentialSource{aws.CredentialSourceProcess} - } - return p.options.CredentialSources -} - -func executeCommand(cmd *exec.Cmd, exec chan error) { - // Start the command - err := cmd.Start() - if err == nil { - err = cmd.Wait() - } - - exec <- err -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/doc.go deleted file mode 100644 index ece1e65f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/doc.go +++ /dev/null @@ -1,81 +0,0 @@ -// Package ssocreds provides a credential provider for retrieving temporary AWS -// credentials using an SSO access token. -// -// IMPORTANT: The provider in this package does not initiate or perform the AWS -// SSO login flow. The SDK provider expects that you have already performed the -// SSO login flow using AWS CLI using the "aws sso login" command, or by some -// other mechanism. The provider must find a valid non-expired access token for -// the AWS SSO user portal URL in ~/.aws/sso/cache. If a cached token is not -// found, it is expired, or the file is malformed an error will be returned. -// -// # Loading AWS SSO credentials with the AWS shared configuration file -// -// You can use configure AWS SSO credentials from the AWS shared configuration file by -// specifying the required keys in the profile and referencing an sso-session: -// -// sso_session -// sso_account_id -// sso_role_name -// -// For example, the following defines a profile "devsso" and specifies the AWS -// SSO parameters that defines the target account, role, sign-on portal, and -// the region where the user portal is located. Note: all SSO arguments must be -// provided, or an error will be returned. -// -// [profile devsso] -// sso_session = dev-session -// sso_role_name = SSOReadOnlyRole -// sso_account_id = 123456789012 -// -// [sso-session dev-session] -// sso_start_url = https://my-sso-portal.awsapps.com/start -// sso_region = us-east-1 -// sso_registration_scopes = sso:account:access -// -// Using the config module, you can load the AWS SDK shared configuration, and -// specify that this profile be used to retrieve credentials. For example: -// -// config, err := config.LoadDefaultConfig(context.TODO(), config.WithSharedConfigProfile("devsso")) -// if err != nil { -// return err -// } -// -// # Programmatically loading AWS SSO credentials directly -// -// You can programmatically construct the AWS SSO Provider in your application, -// and provide the necessary information to load and retrieve temporary -// credentials using an access token from ~/.aws/sso/cache. -// -// ssoClient := sso.NewFromConfig(cfg) -// ssoOidcClient := ssooidc.NewFromConfig(cfg) -// tokenPath, err := ssocreds.StandardCachedTokenFilepath("dev-session") -// if err != nil { -// return err -// } -// -// var provider aws.CredentialsProvider -// provider = ssocreds.New(ssoClient, "123456789012", "SSOReadOnlyRole", "https://my-sso-portal.awsapps.com/start", func(options *ssocreds.Options) { -// options.SSOTokenProvider = ssocreds.NewSSOTokenProvider(ssoOidcClient, tokenPath) -// }) -// -// // Wrap the provider with aws.CredentialsCache to cache the credentials until their expire time -// provider = aws.NewCredentialsCache(provider) -// -// credentials, err := provider.Retrieve(context.TODO()) -// if err != nil { -// return err -// } -// -// It is important that you wrap the Provider with aws.CredentialsCache if you -// are programmatically constructing the provider directly. This prevents your -// application from accessing the cached access token and requesting new -// credentials each time the credentials are used. -// -// # Additional Resources -// -// Configuring the AWS CLI to use AWS Single Sign-On: -// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html -// -// AWS Single Sign-On User Guide: -// https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html -package ssocreds diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_cached_token.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_cached_token.go deleted file mode 100644 index 46ae2f92..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_cached_token.go +++ /dev/null @@ -1,233 +0,0 @@ -package ssocreds - -import ( - "crypto/sha1" - "encoding/hex" - "encoding/json" - "fmt" - "io/ioutil" - "os" - "path/filepath" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/aws-sdk-go-v2/internal/shareddefaults" -) - -var osUserHomeDur = shareddefaults.UserHomeDir - -// StandardCachedTokenFilepath returns the filepath for the cached SSO token file, or -// error if unable get derive the path. Key that will be used to compute a SHA1 -// value that is hex encoded. -// -// Derives the filepath using the Key as: -// -// ~/.aws/sso/cache/.json -func StandardCachedTokenFilepath(key string) (string, error) { - homeDir := osUserHomeDur() - if len(homeDir) == 0 { - return "", fmt.Errorf("unable to get USER's home directory for cached token") - } - hash := sha1.New() - if _, err := hash.Write([]byte(key)); err != nil { - return "", fmt.Errorf("unable to compute cached token filepath key SHA1 hash, %w", err) - } - - cacheFilename := strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json" - - return filepath.Join(homeDir, ".aws", "sso", "cache", cacheFilename), nil -} - -type tokenKnownFields struct { - AccessToken string `json:"accessToken,omitempty"` - ExpiresAt *rfc3339 `json:"expiresAt,omitempty"` - - RefreshToken string `json:"refreshToken,omitempty"` - ClientID string `json:"clientId,omitempty"` - ClientSecret string `json:"clientSecret,omitempty"` -} - -type token struct { - tokenKnownFields - UnknownFields map[string]interface{} `json:"-"` -} - -func (t token) MarshalJSON() ([]byte, error) { - fields := map[string]interface{}{} - - setTokenFieldString(fields, "accessToken", t.AccessToken) - setTokenFieldRFC3339(fields, "expiresAt", t.ExpiresAt) - - setTokenFieldString(fields, "refreshToken", t.RefreshToken) - setTokenFieldString(fields, "clientId", t.ClientID) - setTokenFieldString(fields, "clientSecret", t.ClientSecret) - - for k, v := range t.UnknownFields { - if _, ok := fields[k]; ok { - return nil, fmt.Errorf("unknown token field %v, duplicates known field", k) - } - fields[k] = v - } - - return json.Marshal(fields) -} - -func setTokenFieldString(fields map[string]interface{}, key, value string) { - if value == "" { - return - } - fields[key] = value -} -func setTokenFieldRFC3339(fields map[string]interface{}, key string, value *rfc3339) { - if value == nil { - return - } - fields[key] = value -} - -func (t *token) UnmarshalJSON(b []byte) error { - var fields map[string]interface{} - if err := json.Unmarshal(b, &fields); err != nil { - return nil - } - - t.UnknownFields = map[string]interface{}{} - - for k, v := range fields { - var err error - switch k { - case "accessToken": - err = getTokenFieldString(v, &t.AccessToken) - case "expiresAt": - err = getTokenFieldRFC3339(v, &t.ExpiresAt) - case "refreshToken": - err = getTokenFieldString(v, &t.RefreshToken) - case "clientId": - err = getTokenFieldString(v, &t.ClientID) - case "clientSecret": - err = getTokenFieldString(v, &t.ClientSecret) - default: - t.UnknownFields[k] = v - } - - if err != nil { - return fmt.Errorf("field %q, %w", k, err) - } - } - - return nil -} - -func getTokenFieldString(v interface{}, value *string) error { - var ok bool - *value, ok = v.(string) - if !ok { - return fmt.Errorf("expect value to be string, got %T", v) - } - return nil -} - -func getTokenFieldRFC3339(v interface{}, value **rfc3339) error { - var stringValue string - if err := getTokenFieldString(v, &stringValue); err != nil { - return err - } - - timeValue, err := parseRFC3339(stringValue) - if err != nil { - return err - } - - *value = &timeValue - return nil -} - -func loadCachedToken(filename string) (token, error) { - fileBytes, err := ioutil.ReadFile(filename) - if err != nil { - return token{}, fmt.Errorf("failed to read cached SSO token file, %w", err) - } - - var t token - if err := json.Unmarshal(fileBytes, &t); err != nil { - return token{}, fmt.Errorf("failed to parse cached SSO token file, %w", err) - } - - if len(t.AccessToken) == 0 || t.ExpiresAt == nil || time.Time(*t.ExpiresAt).IsZero() { - return token{}, fmt.Errorf( - "cached SSO token must contain accessToken and expiresAt fields") - } - - return t, nil -} - -func storeCachedToken(filename string, t token, fileMode os.FileMode) (err error) { - tmpFilename := filename + ".tmp-" + strconv.FormatInt(sdk.NowTime().UnixNano(), 10) - if err := writeCacheFile(tmpFilename, fileMode, t); err != nil { - return err - } - - if err := os.Rename(tmpFilename, filename); err != nil { - return fmt.Errorf("failed to replace old cached SSO token file, %w", err) - } - - return nil -} - -func writeCacheFile(filename string, fileMode os.FileMode, t token) (err error) { - var f *os.File - f, err = os.OpenFile(filename, os.O_CREATE|os.O_TRUNC|os.O_RDWR, fileMode) - if err != nil { - return fmt.Errorf("failed to create cached SSO token file %w", err) - } - - defer func() { - closeErr := f.Close() - if err == nil && closeErr != nil { - err = fmt.Errorf("failed to close cached SSO token file, %w", closeErr) - } - }() - - encoder := json.NewEncoder(f) - - if err = encoder.Encode(t); err != nil { - return fmt.Errorf("failed to serialize cached SSO token, %w", err) - } - - return nil -} - -type rfc3339 time.Time - -func parseRFC3339(v string) (rfc3339, error) { - parsed, err := time.Parse(time.RFC3339, v) - if err != nil { - return rfc3339{}, fmt.Errorf("expected RFC3339 timestamp: %w", err) - } - - return rfc3339(parsed), nil -} - -func (r *rfc3339) UnmarshalJSON(bytes []byte) (err error) { - var value string - - // Use JSON unmarshal to unescape the quoted value making use of JSON's - // unquoting rules. - if err = json.Unmarshal(bytes, &value); err != nil { - return err - } - - *r, err = parseRFC3339(value) - - return nil -} - -func (r *rfc3339) MarshalJSON() ([]byte, error) { - value := time.Time(*r).UTC().Format(time.RFC3339) - - // Use JSON unmarshal to unescape the quoted value making use of JSON's - // quoting rules. - return json.Marshal(value) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_credentials_provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_credentials_provider.go deleted file mode 100644 index 3ed9cbb3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_credentials_provider.go +++ /dev/null @@ -1,165 +0,0 @@ -package ssocreds - -import ( - "context" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/aws-sdk-go-v2/service/sso" -) - -// ProviderName is the name of the provider used to specify the source of -// credentials. -const ProviderName = "SSOProvider" - -// GetRoleCredentialsAPIClient is a API client that implements the -// GetRoleCredentials operation. -type GetRoleCredentialsAPIClient interface { - GetRoleCredentials(context.Context, *sso.GetRoleCredentialsInput, ...func(*sso.Options)) ( - *sso.GetRoleCredentialsOutput, error, - ) -} - -// Options is the Provider options structure. -type Options struct { - // The Client which is configured for the AWS Region where the AWS SSO user - // portal is located. - Client GetRoleCredentialsAPIClient - - // The AWS account that is assigned to the user. - AccountID string - - // The role name that is assigned to the user. - RoleName string - - // The URL that points to the organization's AWS Single Sign-On (AWS SSO) - // user portal. - StartURL string - - // The filepath the cached token will be retrieved from. If unset Provider will - // use the startURL to determine the filepath at. - // - // ~/.aws/sso/cache/.json - // - // If custom cached token filepath is used, the Provider's startUrl - // parameter will be ignored. - CachedTokenFilepath string - - // Used by the SSOCredentialProvider if a token configuration - // profile is used in the shared config - SSOTokenProvider *SSOTokenProvider - - // The chain of providers that was used to create this provider. - // These values are for reporting purposes and are not meant to be set up directly - CredentialSources []aws.CredentialSource -} - -// Provider is an AWS credential provider that retrieves temporary AWS -// credentials by exchanging an SSO login token. -type Provider struct { - options Options - - cachedTokenFilepath string -} - -// New returns a new AWS Single Sign-On (AWS SSO) credential provider. The -// provided client is expected to be configured for the AWS Region where the -// AWS SSO user portal is located. -func New(client GetRoleCredentialsAPIClient, accountID, roleName, startURL string, optFns ...func(options *Options)) *Provider { - options := Options{ - Client: client, - AccountID: accountID, - RoleName: roleName, - StartURL: startURL, - } - - for _, fn := range optFns { - fn(&options) - } - - return &Provider{ - options: options, - cachedTokenFilepath: options.CachedTokenFilepath, - } -} - -// Retrieve retrieves temporary AWS credentials from the configured Amazon -// Single Sign-On (AWS SSO) user portal by exchanging the accessToken present -// in ~/.aws/sso/cache. However, if a token provider configuration exists -// in the shared config, then we ought to use the token provider rather then -// direct access on the cached token. -func (p *Provider) Retrieve(ctx context.Context) (aws.Credentials, error) { - var accessToken *string - if p.options.SSOTokenProvider != nil { - token, err := p.options.SSOTokenProvider.RetrieveBearerToken(ctx) - if err != nil { - return aws.Credentials{}, err - } - accessToken = &token.Value - } else { - if p.cachedTokenFilepath == "" { - cachedTokenFilepath, err := StandardCachedTokenFilepath(p.options.StartURL) - if err != nil { - return aws.Credentials{}, &InvalidTokenError{Err: err} - } - p.cachedTokenFilepath = cachedTokenFilepath - } - - tokenFile, err := loadCachedToken(p.cachedTokenFilepath) - if err != nil { - return aws.Credentials{}, &InvalidTokenError{Err: err} - } - - if tokenFile.ExpiresAt == nil || sdk.NowTime().After(time.Time(*tokenFile.ExpiresAt)) { - return aws.Credentials{}, &InvalidTokenError{} - } - accessToken = &tokenFile.AccessToken - } - - output, err := p.options.Client.GetRoleCredentials(ctx, &sso.GetRoleCredentialsInput{ - AccessToken: accessToken, - AccountId: &p.options.AccountID, - RoleName: &p.options.RoleName, - }) - if err != nil { - return aws.Credentials{}, err - } - - return aws.Credentials{ - AccessKeyID: aws.ToString(output.RoleCredentials.AccessKeyId), - SecretAccessKey: aws.ToString(output.RoleCredentials.SecretAccessKey), - SessionToken: aws.ToString(output.RoleCredentials.SessionToken), - CanExpire: true, - Expires: time.Unix(0, output.RoleCredentials.Expiration*int64(time.Millisecond)).UTC(), - Source: ProviderName, - AccountID: p.options.AccountID, - }, nil -} - -// ProviderSources returns the credential chain that was used to construct this provider -func (p *Provider) ProviderSources() []aws.CredentialSource { - if p.options.CredentialSources == nil { - return []aws.CredentialSource{aws.CredentialSourceSSO} - } - return p.options.CredentialSources -} - -// InvalidTokenError is the error type that is returned if loaded token has -// expired or is otherwise invalid. To refresh the SSO session run AWS SSO -// login with the corresponding profile. -type InvalidTokenError struct { - Err error -} - -func (i *InvalidTokenError) Unwrap() error { - return i.Err -} - -func (i *InvalidTokenError) Error() string { - const msg = "the SSO session has expired or is invalid" - if i.Err == nil { - return msg - } - return msg + ": " + i.Err.Error() -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_token_provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_token_provider.go deleted file mode 100644 index 7f4fc546..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_token_provider.go +++ /dev/null @@ -1,147 +0,0 @@ -package ssocreds - -import ( - "context" - "fmt" - "os" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/aws-sdk-go-v2/service/ssooidc" - "github.com/aws/smithy-go/auth/bearer" -) - -// CreateTokenAPIClient provides the interface for the SSOTokenProvider's API -// client for calling CreateToken operation to refresh the SSO token. -type CreateTokenAPIClient interface { - CreateToken(context.Context, *ssooidc.CreateTokenInput, ...func(*ssooidc.Options)) ( - *ssooidc.CreateTokenOutput, error, - ) -} - -// SSOTokenProviderOptions provides the options for configuring the -// SSOTokenProvider. -type SSOTokenProviderOptions struct { - // Client that can be overridden - Client CreateTokenAPIClient - - // The set of API Client options to be applied when invoking the - // CreateToken operation. - ClientOptions []func(*ssooidc.Options) - - // The path the file containing the cached SSO token will be read from. - // Initialized the NewSSOTokenProvider's cachedTokenFilepath parameter. - CachedTokenFilepath string -} - -// SSOTokenProvider provides an utility for refreshing SSO AccessTokens for -// Bearer Authentication. The SSOTokenProvider can only be used to refresh -// already cached SSO Tokens. This utility cannot perform the initial SSO -// create token. -// -// The SSOTokenProvider is not safe to use concurrently. It must be wrapped in -// a utility such as smithy-go's auth/bearer#TokenCache. The SDK's -// config.LoadDefaultConfig will automatically wrap the SSOTokenProvider with -// the smithy-go TokenCache, if the external configuration loaded configured -// for an SSO session. -// -// The initial SSO create token should be preformed with the AWS CLI before the -// Go application using the SSOTokenProvider will need to retrieve the SSO -// token. If the AWS CLI has not created the token cache file, this provider -// will return an error when attempting to retrieve the cached token. -// -// This provider will attempt to refresh the cached SSO token periodically if -// needed when RetrieveBearerToken is called. -// -// A utility such as the AWS CLI must be used to initially create the SSO -// session and cached token file. -// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html -type SSOTokenProvider struct { - options SSOTokenProviderOptions -} - -var _ bearer.TokenProvider = (*SSOTokenProvider)(nil) - -// NewSSOTokenProvider returns an initialized SSOTokenProvider that will -// periodically refresh the SSO token cached stored in the cachedTokenFilepath. -// The cachedTokenFilepath file's content will be rewritten by the token -// provider when the token is refreshed. -// -// The client must be configured for the AWS region the SSO token was created for. -func NewSSOTokenProvider(client CreateTokenAPIClient, cachedTokenFilepath string, optFns ...func(o *SSOTokenProviderOptions)) *SSOTokenProvider { - options := SSOTokenProviderOptions{ - Client: client, - CachedTokenFilepath: cachedTokenFilepath, - } - for _, fn := range optFns { - fn(&options) - } - - provider := &SSOTokenProvider{ - options: options, - } - - return provider -} - -// RetrieveBearerToken returns the SSO token stored in the cachedTokenFilepath -// the SSOTokenProvider was created with. If the token has expired -// RetrieveBearerToken will attempt to refresh it. If the token cannot be -// refreshed or is not present an error will be returned. -// -// A utility such as the AWS CLI must be used to initially create the SSO -// session and cached token file. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html -func (p SSOTokenProvider) RetrieveBearerToken(ctx context.Context) (bearer.Token, error) { - cachedToken, err := loadCachedToken(p.options.CachedTokenFilepath) - if err != nil { - return bearer.Token{}, err - } - - if cachedToken.ExpiresAt != nil && sdk.NowTime().After(time.Time(*cachedToken.ExpiresAt)) { - cachedToken, err = p.refreshToken(ctx, cachedToken) - if err != nil { - return bearer.Token{}, fmt.Errorf("refresh cached SSO token failed, %w", err) - } - } - - expiresAt := aws.ToTime((*time.Time)(cachedToken.ExpiresAt)) - return bearer.Token{ - Value: cachedToken.AccessToken, - CanExpire: !expiresAt.IsZero(), - Expires: expiresAt, - }, nil -} - -func (p SSOTokenProvider) refreshToken(ctx context.Context, cachedToken token) (token, error) { - if cachedToken.ClientSecret == "" || cachedToken.ClientID == "" || cachedToken.RefreshToken == "" { - return token{}, fmt.Errorf("cached SSO token is expired, or not present, and cannot be refreshed") - } - - createResult, err := p.options.Client.CreateToken(ctx, &ssooidc.CreateTokenInput{ - ClientId: &cachedToken.ClientID, - ClientSecret: &cachedToken.ClientSecret, - RefreshToken: &cachedToken.RefreshToken, - GrantType: aws.String("refresh_token"), - }, p.options.ClientOptions...) - if err != nil { - return token{}, fmt.Errorf("unable to refresh SSO token, %w", err) - } - - expiresAt := sdk.NowTime().Add(time.Duration(createResult.ExpiresIn) * time.Second) - - cachedToken.AccessToken = aws.ToString(createResult.AccessToken) - cachedToken.ExpiresAt = (*rfc3339)(&expiresAt) - cachedToken.RefreshToken = aws.ToString(createResult.RefreshToken) - - fileInfo, err := os.Stat(p.options.CachedTokenFilepath) - if err != nil { - return token{}, fmt.Errorf("failed to stat cached SSO token file %w", err) - } - - if err = storeCachedToken(p.options.CachedTokenFilepath, cachedToken, fileInfo.Mode()); err != nil { - return token{}, fmt.Errorf("unable to cache refreshed SSO token, %w", err) - } - - return cachedToken, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/static_provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/static_provider.go deleted file mode 100644 index a469abdb..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/static_provider.go +++ /dev/null @@ -1,63 +0,0 @@ -package credentials - -import ( - "context" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -const ( - // StaticCredentialsName provides a name of Static provider - StaticCredentialsName = "StaticCredentials" -) - -// StaticCredentialsEmptyError is emitted when static credentials are empty. -type StaticCredentialsEmptyError struct{} - -func (*StaticCredentialsEmptyError) Error() string { - return "static credentials are empty" -} - -// A StaticCredentialsProvider is a set of credentials which are set, and will -// never expire. -type StaticCredentialsProvider struct { - Value aws.Credentials - // These values are for reporting purposes and are not meant to be set up directly - Source []aws.CredentialSource -} - -// ProviderSources returns the credential chain that was used to construct this provider -func (s StaticCredentialsProvider) ProviderSources() []aws.CredentialSource { - if s.Source == nil { - return []aws.CredentialSource{aws.CredentialSourceCode} // If no source has been set, assume this is used directly which means hardcoded creds - } - return s.Source -} - -// NewStaticCredentialsProvider return a StaticCredentialsProvider initialized with the AWS -// credentials passed in. -func NewStaticCredentialsProvider(key, secret, session string) StaticCredentialsProvider { - return StaticCredentialsProvider{ - Value: aws.Credentials{ - AccessKeyID: key, - SecretAccessKey: secret, - SessionToken: session, - }, - } -} - -// Retrieve returns the credentials or error if the credentials are invalid. -func (s StaticCredentialsProvider) Retrieve(_ context.Context) (aws.Credentials, error) { - v := s.Value - if v.AccessKeyID == "" || v.SecretAccessKey == "" { - return aws.Credentials{ - Source: StaticCredentialsName, - }, &StaticCredentialsEmptyError{} - } - - if len(v.Source) == 0 { - v.Source = StaticCredentialsName - } - - return v, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/assume_role_provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/assume_role_provider.go deleted file mode 100644 index 1ccf71e7..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/assume_role_provider.go +++ /dev/null @@ -1,338 +0,0 @@ -// Package stscreds are credential Providers to retrieve STS AWS credentials. -// -// STS provides multiple ways to retrieve credentials which can be used when making -// future AWS service API operation calls. -// -// The SDK will ensure that per instance of credentials.Credentials all requests -// to refresh the credentials will be synchronized. But, the SDK is unable to -// ensure synchronous usage of the AssumeRoleProvider if the value is shared -// between multiple Credentials or service clients. -// -// # Assume Role -// -// To assume an IAM role using STS with the SDK you can create a new Credentials -// with the SDKs's stscreds package. -// -// // Initial credentials loaded from SDK's default credential chain. Such as -// // the environment, shared credentials (~/.aws/credentials), or EC2 Instance -// // Role. These credentials will be used to to make the STS Assume Role API. -// cfg, err := config.LoadDefaultConfig(context.TODO()) -// if err != nil { -// panic(err) -// } -// -// // Create the credentials from AssumeRoleProvider to assume the role -// // referenced by the "myRoleARN" ARN. -// stsSvc := sts.NewFromConfig(cfg) -// creds := stscreds.NewAssumeRoleProvider(stsSvc, "myRoleArn") -// -// cfg.Credentials = aws.NewCredentialsCache(creds) -// -// // Create service client value configured for credentials -// // from assumed role. -// svc := s3.NewFromConfig(cfg) -// -// # Assume Role with custom MFA Token provider -// -// To assume an IAM role with a MFA token you can either specify a custom MFA -// token provider or use the SDK's built in StdinTokenProvider that will prompt -// the user for a token code each time the credentials need to to be refreshed. -// Specifying a custom token provider allows you to control where the token -// code is retrieved from, and how it is refreshed. -// -// With a custom token provider, the provider is responsible for refreshing the -// token code when called. -// -// cfg, err := config.LoadDefaultConfig(context.TODO()) -// if err != nil { -// panic(err) -// } -// -// staticTokenProvider := func() (string, error) { -// return someTokenCode, nil -// } -// -// // Create the credentials from AssumeRoleProvider to assume the role -// // referenced by the "myRoleARN" ARN using the MFA token code provided. -// creds := stscreds.NewAssumeRoleProvider(sts.NewFromConfig(cfg), "myRoleArn", func(o *stscreds.AssumeRoleOptions) { -// o.SerialNumber = aws.String("myTokenSerialNumber") -// o.TokenProvider = staticTokenProvider -// }) -// -// cfg.Credentials = aws.NewCredentialsCache(creds) -// -// // Create service client value configured for credentials -// // from assumed role. -// svc := s3.NewFromConfig(cfg) -// -// # Assume Role with MFA Token Provider -// -// To assume an IAM role with MFA for longer running tasks where the credentials -// may need to be refreshed setting the TokenProvider field of AssumeRoleProvider -// will allow the credential provider to prompt for new MFA token code when the -// role's credentials need to be refreshed. -// -// The StdinTokenProvider function is available to prompt on stdin to retrieve -// the MFA token code from the user. You can also implement custom prompts by -// satisfying the TokenProvider function signature. -// -// Using StdinTokenProvider with multiple AssumeRoleProviders, or Credentials will -// have undesirable results as the StdinTokenProvider will not be synchronized. A -// single Credentials with an AssumeRoleProvider can be shared safely. -// -// cfg, err := config.LoadDefaultConfig(context.TODO()) -// if err != nil { -// panic(err) -// } -// -// // Create the credentials from AssumeRoleProvider to assume the role -// // referenced by the "myRoleARN" ARN using the MFA token code provided. -// creds := stscreds.NewAssumeRoleProvider(sts.NewFromConfig(cfg), "myRoleArn", func(o *stscreds.AssumeRoleOptions) { -// o.SerialNumber = aws.String("myTokenSerialNumber") -// o.TokenProvider = stscreds.StdinTokenProvider -// }) -// -// cfg.Credentials = aws.NewCredentialsCache(creds) -// -// // Create service client value configured for credentials -// // from assumed role. -// svc := s3.NewFromConfig(cfg) -package stscreds - -import ( - "context" - "fmt" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/service/sts" - "github.com/aws/aws-sdk-go-v2/service/sts/types" -) - -// StdinTokenProvider will prompt on stdout and read from stdin for a string value. -// An error is returned if reading from stdin fails. -// -// Use this function go read MFA tokens from stdin. The function makes no attempt -// to make atomic prompts from stdin across multiple gorouties. -// -// Using StdinTokenProvider with multiple AssumeRoleProviders, or Credentials will -// have undesirable results as the StdinTokenProvider will not be synchronized. A -// single Credentials with an AssumeRoleProvider can be shared safely -// -// Will wait forever until something is provided on the stdin. -func StdinTokenProvider() (string, error) { - var v string - fmt.Printf("Assume Role MFA token code: ") - _, err := fmt.Scanln(&v) - - return v, err -} - -// ProviderName provides a name of AssumeRole provider -const ProviderName = "AssumeRoleProvider" - -// AssumeRoleAPIClient is a client capable of the STS AssumeRole operation. -type AssumeRoleAPIClient interface { - AssumeRole(ctx context.Context, params *sts.AssumeRoleInput, optFns ...func(*sts.Options)) (*sts.AssumeRoleOutput, error) -} - -// DefaultDuration is the default amount of time in minutes that the -// credentials will be valid for. This value is only used by AssumeRoleProvider -// for specifying the default expiry duration of an assume role. -// -// Other providers such as WebIdentityRoleProvider do not use this value, and -// instead rely on STS API's default parameter handing to assign a default -// value. -var DefaultDuration = time.Duration(15) * time.Minute - -// AssumeRoleProvider retrieves temporary credentials from the STS service, and -// keeps track of their expiration time. -// -// This credential provider will be used by the SDKs default credential change -// when shared configuration is enabled, and the shared config or shared credentials -// file configure assume role. See Session docs for how to do this. -// -// AssumeRoleProvider does not provide any synchronization and it is not safe -// to share this value across multiple Credentials, Sessions, or service clients -// without also sharing the same Credentials instance. -type AssumeRoleProvider struct { - options AssumeRoleOptions -} - -// AssumeRoleOptions is the configurable options for AssumeRoleProvider -type AssumeRoleOptions struct { - // Client implementation of the AssumeRole operation. Required - Client AssumeRoleAPIClient - - // IAM Role ARN to be assumed. Required - RoleARN string - - // Session name, if you wish to uniquely identify this session. - RoleSessionName string - - // Expiry duration of the STS credentials. Defaults to 15 minutes if not set. - Duration time.Duration - - // Optional ExternalID to pass along, defaults to nil if not set. - ExternalID *string - - // The policy plain text must be 2048 bytes or shorter. However, an internal - // conversion compresses it into a packed binary format with a separate limit. - // The PackedPolicySize response element indicates by percentage how close to - // the upper size limit the policy is, with 100% equaling the maximum allowed - // size. - Policy *string - - // The ARNs of IAM managed policies you want to use as managed session policies. - // The policies must exist in the same account as the role. - // - // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plain text that you use for both inline and managed session - // policies can't exceed 2,048 characters. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. - // - // Passing policies to this operation returns new temporary credentials. The - // resulting session's permissions are the intersection of the role's identity-based - // policy and the session policies. You can use the role's temporary credentials - // in subsequent AWS API calls to access resources in the account that owns - // the role. You cannot use session policies to grant more permissions than - // those allowed by the identity-based policy of the role that is being assumed. - // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - PolicyARNs []types.PolicyDescriptorType - - // The identification number of the MFA device that is associated with the user - // who is making the AssumeRole call. Specify this value if the trust policy - // of the role being assumed includes a condition that requires MFA authentication. - // The value is either the serial number for a hardware device (such as GAHT12345678) - // or an Amazon Resource Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user). - SerialNumber *string - - // The source identity specified by the principal that is calling the AssumeRole - // operation. You can require users to specify a source identity when they assume a - // role. You do this by using the sts:SourceIdentity condition key in a role trust - // policy. You can use source identity information in CloudTrail logs to determine - // who took actions with a role. You can use the aws:SourceIdentity condition key - // to further control access to Amazon Web Services resources based on the value of - // source identity. For more information about using source identity, see Monitor - // and control actions taken with assumed roles - // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) - // in the IAM User Guide. - SourceIdentity *string - - // Async method of providing MFA token code for assuming an IAM role with MFA. - // The value returned by the function will be used as the TokenCode in the Retrieve - // call. See StdinTokenProvider for a provider that prompts and reads from stdin. - // - // This token provider will be called when ever the assumed role's - // credentials need to be refreshed when SerialNumber is set. - TokenProvider func() (string, error) - - // A list of session tags that you want to pass. Each session tag consists of a key - // name and an associated value. For more information about session tags, see - // Tagging STS Sessions - // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the - // IAM User Guide. This parameter is optional. You can pass up to 50 session tags. - Tags []types.Tag - - // A list of keys for session tags that you want to set as transitive. If you set a - // tag key as transitive, the corresponding key and value passes to subsequent - // sessions in a role chain. For more information, see Chaining Roles with Session - // Tags - // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) - // in the IAM User Guide. This parameter is optional. - TransitiveTagKeys []string - - // The chain of providers that was used to create this provider - // These values are for reporting purposes and are not meant to be set up directly - CredentialSources []aws.CredentialSource -} - -// NewAssumeRoleProvider constructs and returns a credentials provider that -// will retrieve credentials by assuming a IAM role using STS. -func NewAssumeRoleProvider(client AssumeRoleAPIClient, roleARN string, optFns ...func(*AssumeRoleOptions)) *AssumeRoleProvider { - o := AssumeRoleOptions{ - Client: client, - RoleARN: roleARN, - } - - for _, fn := range optFns { - fn(&o) - } - - return &AssumeRoleProvider{ - options: o, - } -} - -// Retrieve generates a new set of temporary credentials using STS. -func (p *AssumeRoleProvider) Retrieve(ctx context.Context) (aws.Credentials, error) { - // Apply defaults where parameters are not set. - if len(p.options.RoleSessionName) == 0 { - // Try to work out a role name that will hopefully end up unique. - p.options.RoleSessionName = fmt.Sprintf("aws-go-sdk-%d", time.Now().UTC().UnixNano()) - } - if p.options.Duration == 0 { - // Expire as often as AWS permits. - p.options.Duration = DefaultDuration - } - input := &sts.AssumeRoleInput{ - DurationSeconds: aws.Int32(int32(p.options.Duration / time.Second)), - PolicyArns: p.options.PolicyARNs, - RoleArn: aws.String(p.options.RoleARN), - RoleSessionName: aws.String(p.options.RoleSessionName), - ExternalId: p.options.ExternalID, - SourceIdentity: p.options.SourceIdentity, - Tags: p.options.Tags, - TransitiveTagKeys: p.options.TransitiveTagKeys, - } - if p.options.Policy != nil { - input.Policy = p.options.Policy - } - if p.options.SerialNumber != nil { - if p.options.TokenProvider != nil { - input.SerialNumber = p.options.SerialNumber - code, err := p.options.TokenProvider() - if err != nil { - return aws.Credentials{}, err - } - input.TokenCode = aws.String(code) - } else { - return aws.Credentials{}, fmt.Errorf("assume role with MFA enabled, but TokenProvider is not set") - } - } - - resp, err := p.options.Client.AssumeRole(ctx, input) - if err != nil { - return aws.Credentials{Source: ProviderName}, err - } - - var accountID string - if resp.AssumedRoleUser != nil { - accountID = getAccountID(resp.AssumedRoleUser) - } - - return aws.Credentials{ - AccessKeyID: *resp.Credentials.AccessKeyId, - SecretAccessKey: *resp.Credentials.SecretAccessKey, - SessionToken: *resp.Credentials.SessionToken, - Source: ProviderName, - - CanExpire: true, - Expires: *resp.Credentials.Expiration, - AccountID: accountID, - }, nil -} - -// ProviderSources returns the credential chain that was used to construct this provider -func (p *AssumeRoleProvider) ProviderSources() []aws.CredentialSource { - if p.options.CredentialSources == nil { - return []aws.CredentialSource{aws.CredentialSourceSTSAssumeRole} - } // If no source has been set, assume this is used directly which means just call to assume role - return append(p.options.CredentialSources, aws.CredentialSourceSTSAssumeRole) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/web_identity_provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/web_identity_provider.go deleted file mode 100644 index 5f4286dd..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/web_identity_provider.go +++ /dev/null @@ -1,181 +0,0 @@ -package stscreds - -import ( - "context" - "fmt" - "io/ioutil" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/retry" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/aws-sdk-go-v2/service/sts" - "github.com/aws/aws-sdk-go-v2/service/sts/types" -) - -var invalidIdentityTokenExceptionCode = (&types.InvalidIdentityTokenException{}).ErrorCode() - -const ( - // WebIdentityProviderName is the web identity provider name - WebIdentityProviderName = "WebIdentityCredentials" -) - -// AssumeRoleWithWebIdentityAPIClient is a client capable of the STS AssumeRoleWithWebIdentity operation. -type AssumeRoleWithWebIdentityAPIClient interface { - AssumeRoleWithWebIdentity(ctx context.Context, params *sts.AssumeRoleWithWebIdentityInput, optFns ...func(*sts.Options)) (*sts.AssumeRoleWithWebIdentityOutput, error) -} - -// WebIdentityRoleProvider is used to retrieve credentials using -// an OIDC token. -type WebIdentityRoleProvider struct { - options WebIdentityRoleOptions -} - -// WebIdentityRoleOptions is a structure of configurable options for WebIdentityRoleProvider -type WebIdentityRoleOptions struct { - // Client implementation of the AssumeRoleWithWebIdentity operation. Required - Client AssumeRoleWithWebIdentityAPIClient - - // JWT Token Provider. Required - TokenRetriever IdentityTokenRetriever - - // IAM Role ARN to assume. Required - RoleARN string - - // Session name, if you wish to uniquely identify this session. - RoleSessionName string - - // Expiry duration of the STS credentials. STS will assign a default expiry - // duration if this value is unset. This is different from the Duration - // option of AssumeRoleProvider, which automatically assigns 15 minutes if - // Duration is unset. - // - // See the STS AssumeRoleWithWebIdentity API reference guide for more - // information on defaults. - // https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html - Duration time.Duration - - // An IAM policy in JSON format that you want to use as an inline session policy. - Policy *string - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you - // want to use as managed session policies. The policies must exist in the - // same account as the role. - PolicyARNs []types.PolicyDescriptorType - - // The chain of providers that was used to create this provider - // These values are for reporting purposes and are not meant to be set up directly - CredentialSources []aws.CredentialSource -} - -// IdentityTokenRetriever is an interface for retrieving a JWT -type IdentityTokenRetriever interface { - GetIdentityToken() ([]byte, error) -} - -// IdentityTokenFile is for retrieving an identity token from the given file name -type IdentityTokenFile string - -// GetIdentityToken retrieves the JWT token from the file and returns the contents as a []byte -func (j IdentityTokenFile) GetIdentityToken() ([]byte, error) { - b, err := ioutil.ReadFile(string(j)) - if err != nil { - return nil, fmt.Errorf("unable to read file at %s: %v", string(j), err) - } - - return b, nil -} - -// NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the -// provided stsiface.ClientAPI -func NewWebIdentityRoleProvider(client AssumeRoleWithWebIdentityAPIClient, roleARN string, tokenRetriever IdentityTokenRetriever, optFns ...func(*WebIdentityRoleOptions)) *WebIdentityRoleProvider { - o := WebIdentityRoleOptions{ - Client: client, - RoleARN: roleARN, - TokenRetriever: tokenRetriever, - } - - for _, fn := range optFns { - fn(&o) - } - - return &WebIdentityRoleProvider{options: o} -} - -// Retrieve will attempt to assume a role from a token which is located at -// 'WebIdentityTokenFilePath' specified destination and if that is empty an -// error will be returned. -func (p *WebIdentityRoleProvider) Retrieve(ctx context.Context) (aws.Credentials, error) { - b, err := p.options.TokenRetriever.GetIdentityToken() - if err != nil { - return aws.Credentials{}, fmt.Errorf("failed to retrieve jwt from provide source, %w", err) - } - - sessionName := p.options.RoleSessionName - if len(sessionName) == 0 { - // session name is used to uniquely identify a session. This simply - // uses unix time in nanoseconds to uniquely identify sessions. - sessionName = strconv.FormatInt(sdk.NowTime().UnixNano(), 10) - } - input := &sts.AssumeRoleWithWebIdentityInput{ - PolicyArns: p.options.PolicyARNs, - RoleArn: &p.options.RoleARN, - RoleSessionName: &sessionName, - WebIdentityToken: aws.String(string(b)), - } - if p.options.Duration != 0 { - // If set use the value, otherwise STS will assign a default expiration duration. - input.DurationSeconds = aws.Int32(int32(p.options.Duration / time.Second)) - } - if p.options.Policy != nil { - input.Policy = p.options.Policy - } - - resp, err := p.options.Client.AssumeRoleWithWebIdentity(ctx, input, func(options *sts.Options) { - options.Retryer = retry.AddWithErrorCodes(options.Retryer, invalidIdentityTokenExceptionCode) - }) - if err != nil { - return aws.Credentials{}, fmt.Errorf("failed to retrieve credentials, %w", err) - } - - var accountID string - if resp.AssumedRoleUser != nil { - accountID = getAccountID(resp.AssumedRoleUser) - } - - // InvalidIdentityToken error is a temporary error that can occur - // when assuming an Role with a JWT web identity token. - - value := aws.Credentials{ - AccessKeyID: aws.ToString(resp.Credentials.AccessKeyId), - SecretAccessKey: aws.ToString(resp.Credentials.SecretAccessKey), - SessionToken: aws.ToString(resp.Credentials.SessionToken), - Source: WebIdentityProviderName, - CanExpire: true, - Expires: *resp.Credentials.Expiration, - AccountID: accountID, - } - return value, nil -} - -// extract accountID from arn with format "arn:partition:service:region:account-id:[resource-section]" -func getAccountID(u *types.AssumedRoleUser) string { - if u.Arn == nil { - return "" - } - parts := strings.Split(*u.Arn, ":") - if len(parts) < 5 { - return "" - } - return parts[4] -} - -// ProviderSources returns the credential chain that was used to construct this provider -func (p *WebIdentityRoleProvider) ProviderSources() []aws.CredentialSource { - if p.options.CredentialSources == nil { - return []aws.CredentialSource{aws.CredentialSourceSTSAssumeRoleWebID} - } - return p.options.CredentialSources -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md deleted file mode 100644 index 1f69e820..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md +++ /dev/null @@ -1,435 +0,0 @@ -# v1.16.30 (2025-02-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.29 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.28 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.27 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.26 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.25 (2025-01-24) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.16.24 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.23 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.22 (2024-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.21 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.20 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.19 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.18 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.17 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.16 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.15 (2024-10-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.14 (2024-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.13 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.12 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.11 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.10 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.9 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.8 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.7 (2024-06-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.6 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.5 (2024-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.4 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.3 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.2 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.1 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.0 (2024-03-21) - -* **Feature**: Add config switch `DisableDefaultTimeout` that allows you to disable the default operation timeout (5 seconds) for IMDS calls. - -# v1.15.4 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.3 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.2 (2024-02-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.1 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.11 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.10 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.9 (2023-12-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.8 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.7 (2023-11-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.6 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.5 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.4 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.3 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.2 (2023-11-02) - -* No change notes available for this release. - -# v1.14.1 (2023-11-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.13 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.12 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.11 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.10 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.9 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.8 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.7 (2023-07-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.6 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.5 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.4 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.3 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.2 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.1 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.0 (2023-03-14) - -* **Feature**: Add flag to disable IMDSv1 fallback - -# v1.12.24 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.23 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.22 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.21 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.20 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.19 (2022-10-24) - -* **Bug Fix**: Fixes an issue that prevented logging of the API request or responses when the respective log modes were enabled. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.18 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.17 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.16 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.15 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.14 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.13 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.12 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.11 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.10 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.9 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.8 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.7 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.6 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.5 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.4 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.3 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.2 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.1 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.0 (2022-02-24) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.0 (2022-01-07) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.2 (2021-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.0 (2021-11-06) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.0 (2021-10-21) - -* **Feature**: Updated to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.0 (2021-10-11) - -* **Feature**: Respect passed in Context Deadline/Timeout. Updates the IMDS Client operations to not override the passed in Context's Deadline or Timeout options. If an Client operation is called with a Context with a Deadline or Timeout, the client will no longer override it with the client's default timeout. -* **Bug Fix**: Fix IMDS client's response handling and operation timeout race. Fixes #1253 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.1 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.0 (2021-08-27) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.1 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.0 (2021-08-04) - -* **Feature**: adds error handling for defered close calls -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2021-07-15) - -* **Feature**: Support has been added for EC2 IPv6-enabled Instance Metadata Service Endpoints. -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.0 (2021-06-25) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.1 (2021-05-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_client.go deleted file mode 100644 index 3f4a10e2..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_client.go +++ /dev/null @@ -1,352 +0,0 @@ -package imds - -import ( - "context" - "fmt" - "net" - "net/http" - "os" - "strings" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/retry" - awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - internalconfig "github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/config" - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// ServiceID provides the unique name of this API client -const ServiceID = "ec2imds" - -// Client provides the API client for interacting with the Amazon EC2 Instance -// Metadata Service API. -type Client struct { - options Options -} - -// ClientEnableState provides an enumeration if the client is enabled, -// disabled, or default behavior. -type ClientEnableState = internalconfig.ClientEnableState - -// Enumeration values for ClientEnableState -const ( - ClientDefaultEnableState ClientEnableState = internalconfig.ClientDefaultEnableState // default behavior - ClientDisabled ClientEnableState = internalconfig.ClientDisabled // client disabled - ClientEnabled ClientEnableState = internalconfig.ClientEnabled // client enabled -) - -// EndpointModeState is an enum configuration variable describing the client endpoint mode. -// Not configurable directly, but used when using the NewFromConfig. -type EndpointModeState = internalconfig.EndpointModeState - -// Enumeration values for EndpointModeState -const ( - EndpointModeStateUnset EndpointModeState = internalconfig.EndpointModeStateUnset - EndpointModeStateIPv4 EndpointModeState = internalconfig.EndpointModeStateIPv4 - EndpointModeStateIPv6 EndpointModeState = internalconfig.EndpointModeStateIPv6 -) - -const ( - disableClientEnvVar = "AWS_EC2_METADATA_DISABLED" - - // Client endpoint options - endpointEnvVar = "AWS_EC2_METADATA_SERVICE_ENDPOINT" - - defaultIPv4Endpoint = "http://169.254.169.254" - defaultIPv6Endpoint = "http://[fd00:ec2::254]" -) - -// New returns an initialized Client based on the functional options. Provide -// additional functional options to further configure the behavior of the client, -// such as changing the client's endpoint or adding custom middleware behavior. -func New(options Options, optFns ...func(*Options)) *Client { - options = options.Copy() - - for _, fn := range optFns { - fn(&options) - } - - options.HTTPClient = resolveHTTPClient(options.HTTPClient) - - if options.Retryer == nil { - options.Retryer = retry.NewStandard() - } - options.Retryer = retry.AddWithMaxBackoffDelay(options.Retryer, 1*time.Second) - - if options.ClientEnableState == ClientDefaultEnableState { - if v := os.Getenv(disableClientEnvVar); strings.EqualFold(v, "true") { - options.ClientEnableState = ClientDisabled - } - } - - if len(options.Endpoint) == 0 { - if v := os.Getenv(endpointEnvVar); len(v) != 0 { - options.Endpoint = v - } - } - - client := &Client{ - options: options, - } - - if client.options.tokenProvider == nil && !client.options.disableAPIToken { - client.options.tokenProvider = newTokenProvider(client, defaultTokenTTL) - } - - return client -} - -// NewFromConfig returns an initialized Client based the AWS SDK config, and -// functional options. Provide additional functional options to further -// configure the behavior of the client, such as changing the client's endpoint -// or adding custom middleware behavior. -func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { - opts := Options{ - APIOptions: append([]func(*middleware.Stack) error{}, cfg.APIOptions...), - HTTPClient: cfg.HTTPClient, - ClientLogMode: cfg.ClientLogMode, - Logger: cfg.Logger, - } - - if cfg.Retryer != nil { - opts.Retryer = cfg.Retryer() - } - - resolveClientEnableState(cfg, &opts) - resolveEndpointConfig(cfg, &opts) - resolveEndpointModeConfig(cfg, &opts) - resolveEnableFallback(cfg, &opts) - - return New(opts, optFns...) -} - -// Options provides the fields for configuring the API client's behavior. -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation - // call to modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The endpoint the client will use to retrieve EC2 instance metadata. - // - // Specifies the EC2 Instance Metadata Service endpoint to use. If specified it overrides EndpointMode. - // - // If unset, and the environment variable AWS_EC2_METADATA_SERVICE_ENDPOINT - // has a value the client will use the value of the environment variable as - // the endpoint for operation calls. - // - // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] - Endpoint string - - // The endpoint selection mode the client will use if no explicit endpoint is provided using the Endpoint field. - // - // Setting EndpointMode to EndpointModeStateIPv4 will configure the client to use the default EC2 IPv4 endpoint. - // Setting EndpointMode to EndpointModeStateIPv6 will configure the client to use the default EC2 IPv6 endpoint. - // - // By default if EndpointMode is not set (EndpointModeStateUnset) than the default endpoint selection mode EndpointModeStateIPv4. - EndpointMode EndpointModeState - - // The HTTP client to invoke API calls with. Defaults to client's default - // HTTP implementation if nil. - HTTPClient HTTPClient - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. - Retryer aws.Retryer - - // Changes if the EC2 Instance Metadata client is enabled or not. Client - // will default to enabled if not set to ClientDisabled. When the client is - // disabled it will return an error for all operation calls. - // - // If ClientEnableState value is ClientDefaultEnableState (default value), - // and the environment variable "AWS_EC2_METADATA_DISABLED" is set to - // "true", the client will be disabled. - // - // AWS_EC2_METADATA_DISABLED=true - ClientEnableState ClientEnableState - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // Configure IMDSv1 fallback behavior. By default, the client will attempt - // to fall back to IMDSv1 as needed for backwards compatibility. When set to [aws.FalseTernary] - // the client will return any errors encountered from attempting to fetch a token - // instead of silently using the insecure data flow of IMDSv1. - // - // See [configuring IMDS] for more information. - // - // [configuring IMDS]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html - EnableFallback aws.Ternary - - // By default, all IMDS client operations enforce a 5-second timeout. You - // can disable that behavior with this setting. - DisableDefaultTimeout bool - - // provides the caching of API tokens used for operation calls. If unset, - // the API token will not be retrieved for the operation. - tokenProvider *tokenProvider - - // option to disable the API token provider for testing. - disableAPIToken bool -} - -// HTTPClient provides the interface for a client making HTTP requests with the -// API. -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -// Copy creates a copy of the API options. -func (o Options) Copy() Options { - to := o - to.APIOptions = append([]func(*middleware.Stack) error{}, o.APIOptions...) - return to -} - -// WithAPIOptions wraps the API middleware functions, as a functional option -// for the API Client Options. Use this helper to add additional functional -// options to the API client, or operation calls. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -func (c *Client) invokeOperation( - ctx context.Context, opID string, params interface{}, optFns []func(*Options), - stackFns ...func(*middleware.Stack, Options) error, -) ( - result interface{}, metadata middleware.Metadata, err error, -) { - stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) - options := c.options.Copy() - for _, fn := range optFns { - fn(&options) - } - - if options.ClientEnableState == ClientDisabled { - return nil, metadata, &smithy.OperationError{ - ServiceID: ServiceID, - OperationName: opID, - Err: fmt.Errorf( - "access disabled to EC2 IMDS via client option, or %q environment variable", - disableClientEnvVar), - } - } - - for _, fn := range stackFns { - if err := fn(stack, options); err != nil { - return nil, metadata, err - } - } - - for _, fn := range options.APIOptions { - if err := fn(stack); err != nil { - return nil, metadata, err - } - } - - handler := middleware.DecorateHandler(smithyhttp.NewClientHandler(options.HTTPClient), stack) - result, metadata, err = handler.Handle(ctx, params) - if err != nil { - return nil, metadata, &smithy.OperationError{ - ServiceID: ServiceID, - OperationName: opID, - Err: err, - } - } - - return result, metadata, err -} - -const ( - // HTTP client constants - defaultDialerTimeout = 250 * time.Millisecond - defaultResponseHeaderTimeout = 500 * time.Millisecond -) - -func resolveHTTPClient(client HTTPClient) HTTPClient { - if client == nil { - client = awshttp.NewBuildableClient() - } - - if c, ok := client.(*awshttp.BuildableClient); ok { - client = c. - WithDialerOptions(func(d *net.Dialer) { - // Use a custom Dial timeout for the EC2 Metadata service to account - // for the possibility the application might not be running in an - // environment with the service present. The client should fail fast in - // this case. - d.Timeout = defaultDialerTimeout - }). - WithTransportOptions(func(tr *http.Transport) { - // Use a custom Transport timeout for the EC2 Metadata service to - // account for the possibility that the application might be running in - // a container, and EC2Metadata service drops the connection after a - // single IP Hop. The client should fail fast in this case. - tr.ResponseHeaderTimeout = defaultResponseHeaderTimeout - }) - } - - return client -} - -func resolveClientEnableState(cfg aws.Config, options *Options) error { - if options.ClientEnableState != ClientDefaultEnableState { - return nil - } - value, found, err := internalconfig.ResolveClientEnableState(cfg.ConfigSources) - if err != nil || !found { - return err - } - options.ClientEnableState = value - return nil -} - -func resolveEndpointModeConfig(cfg aws.Config, options *Options) error { - if options.EndpointMode != EndpointModeStateUnset { - return nil - } - value, found, err := internalconfig.ResolveEndpointModeConfig(cfg.ConfigSources) - if err != nil || !found { - return err - } - options.EndpointMode = value - return nil -} - -func resolveEndpointConfig(cfg aws.Config, options *Options) error { - if len(options.Endpoint) != 0 { - return nil - } - value, found, err := internalconfig.ResolveEndpointConfig(cfg.ConfigSources) - if err != nil || !found { - return err - } - options.Endpoint = value - return nil -} - -func resolveEnableFallback(cfg aws.Config, options *Options) { - if options.EnableFallback != aws.UnknownTernary { - return - } - - disabled, ok := internalconfig.ResolveV1FallbackDisabled(cfg.ConfigSources) - if !ok { - return - } - - if disabled { - options.EnableFallback = aws.FalseTernary - } else { - options.EnableFallback = aws.TrueTernary - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetDynamicData.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetDynamicData.go deleted file mode 100644 index af58b6bb..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetDynamicData.go +++ /dev/null @@ -1,77 +0,0 @@ -package imds - -import ( - "context" - "fmt" - "io" - - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const getDynamicDataPath = "/latest/dynamic" - -// GetDynamicData uses the path provided to request information from the EC2 -// instance metadata service for dynamic data. The content will be returned -// as a string, or error if the request failed. -func (c *Client) GetDynamicData(ctx context.Context, params *GetDynamicDataInput, optFns ...func(*Options)) (*GetDynamicDataOutput, error) { - if params == nil { - params = &GetDynamicDataInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetDynamicData", params, optFns, - addGetDynamicDataMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*GetDynamicDataOutput) - out.ResultMetadata = metadata - return out, nil -} - -// GetDynamicDataInput provides the input parameters for the GetDynamicData -// operation. -type GetDynamicDataInput struct { - // The relative dynamic data path to retrieve. Can be empty string to - // retrieve a response containing a new line separated list of dynamic data - // resources available. - // - // Must not include the dynamic data base path. - // - // May include leading slash. If Path includes trailing slash the trailing - // slash will be included in the request for the resource. - Path string -} - -// GetDynamicDataOutput provides the output parameters for the GetDynamicData -// operation. -type GetDynamicDataOutput struct { - Content io.ReadCloser - - ResultMetadata middleware.Metadata -} - -func addGetDynamicDataMiddleware(stack *middleware.Stack, options Options) error { - return addAPIRequestMiddleware(stack, - options, - "GetDynamicData", - buildGetDynamicDataPath, - buildGetDynamicDataOutput) -} - -func buildGetDynamicDataPath(params interface{}) (string, error) { - p, ok := params.(*GetDynamicDataInput) - if !ok { - return "", fmt.Errorf("unknown parameter type %T", params) - } - - return appendURIPath(getDynamicDataPath, p.Path), nil -} - -func buildGetDynamicDataOutput(resp *smithyhttp.Response) (interface{}, error) { - return &GetDynamicDataOutput{ - Content: resp.Body, - }, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetIAMInfo.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetIAMInfo.go deleted file mode 100644 index 5111cc90..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetIAMInfo.go +++ /dev/null @@ -1,103 +0,0 @@ -package imds - -import ( - "context" - "encoding/json" - "fmt" - "io" - "strings" - "time" - - "github.com/aws/smithy-go" - smithyio "github.com/aws/smithy-go/io" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const getIAMInfoPath = getMetadataPath + "/iam/info" - -// GetIAMInfo retrieves an identity document describing an -// instance. Error is returned if the request fails or is unable to parse -// the response. -func (c *Client) GetIAMInfo( - ctx context.Context, params *GetIAMInfoInput, optFns ...func(*Options), -) ( - *GetIAMInfoOutput, error, -) { - if params == nil { - params = &GetIAMInfoInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetIAMInfo", params, optFns, - addGetIAMInfoMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*GetIAMInfoOutput) - out.ResultMetadata = metadata - return out, nil -} - -// GetIAMInfoInput provides the input parameters for GetIAMInfo operation. -type GetIAMInfoInput struct{} - -// GetIAMInfoOutput provides the output parameters for GetIAMInfo operation. -type GetIAMInfoOutput struct { - IAMInfo - - ResultMetadata middleware.Metadata -} - -func addGetIAMInfoMiddleware(stack *middleware.Stack, options Options) error { - return addAPIRequestMiddleware(stack, - options, - "GetIAMInfo", - buildGetIAMInfoPath, - buildGetIAMInfoOutput, - ) -} - -func buildGetIAMInfoPath(params interface{}) (string, error) { - return getIAMInfoPath, nil -} - -func buildGetIAMInfoOutput(resp *smithyhttp.Response) (v interface{}, err error) { - defer func() { - closeErr := resp.Body.Close() - if err == nil { - err = closeErr - } else if closeErr != nil { - err = fmt.Errorf("response body close error: %v, original error: %w", closeErr, err) - } - }() - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(resp.Body, ringBuffer) - - imdsResult := &GetIAMInfoOutput{} - if err = json.NewDecoder(body).Decode(&imdsResult.IAMInfo); err != nil { - return nil, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode instance identity document, %w", err), - Snapshot: ringBuffer.Bytes(), - } - } - // Any code other success is an error - if !strings.EqualFold(imdsResult.Code, "success") { - return nil, fmt.Errorf("failed to get EC2 IMDS IAM info, %s", - imdsResult.Code) - } - - return imdsResult, nil -} - -// IAMInfo provides the shape for unmarshaling an IAM info from the metadata -// API. -type IAMInfo struct { - Code string - LastUpdated time.Time - InstanceProfileArn string - InstanceProfileID string -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetInstanceIdentityDocument.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetInstanceIdentityDocument.go deleted file mode 100644 index dc8c09ed..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetInstanceIdentityDocument.go +++ /dev/null @@ -1,110 +0,0 @@ -package imds - -import ( - "context" - "encoding/json" - "fmt" - "io" - "time" - - "github.com/aws/smithy-go" - smithyio "github.com/aws/smithy-go/io" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const getInstanceIdentityDocumentPath = getDynamicDataPath + "/instance-identity/document" - -// GetInstanceIdentityDocument retrieves an identity document describing an -// instance. Error is returned if the request fails or is unable to parse -// the response. -func (c *Client) GetInstanceIdentityDocument( - ctx context.Context, params *GetInstanceIdentityDocumentInput, optFns ...func(*Options), -) ( - *GetInstanceIdentityDocumentOutput, error, -) { - if params == nil { - params = &GetInstanceIdentityDocumentInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetInstanceIdentityDocument", params, optFns, - addGetInstanceIdentityDocumentMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*GetInstanceIdentityDocumentOutput) - out.ResultMetadata = metadata - return out, nil -} - -// GetInstanceIdentityDocumentInput provides the input parameters for -// GetInstanceIdentityDocument operation. -type GetInstanceIdentityDocumentInput struct{} - -// GetInstanceIdentityDocumentOutput provides the output parameters for -// GetInstanceIdentityDocument operation. -type GetInstanceIdentityDocumentOutput struct { - InstanceIdentityDocument - - ResultMetadata middleware.Metadata -} - -func addGetInstanceIdentityDocumentMiddleware(stack *middleware.Stack, options Options) error { - return addAPIRequestMiddleware(stack, - options, - "GetInstanceIdentityDocument", - buildGetInstanceIdentityDocumentPath, - buildGetInstanceIdentityDocumentOutput, - ) -} - -func buildGetInstanceIdentityDocumentPath(params interface{}) (string, error) { - return getInstanceIdentityDocumentPath, nil -} - -func buildGetInstanceIdentityDocumentOutput(resp *smithyhttp.Response) (v interface{}, err error) { - defer func() { - closeErr := resp.Body.Close() - if err == nil { - err = closeErr - } else if closeErr != nil { - err = fmt.Errorf("response body close error: %v, original error: %w", closeErr, err) - } - }() - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(resp.Body, ringBuffer) - - output := &GetInstanceIdentityDocumentOutput{} - if err = json.NewDecoder(body).Decode(&output.InstanceIdentityDocument); err != nil { - return nil, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode instance identity document, %w", err), - Snapshot: ringBuffer.Bytes(), - } - } - - return output, nil -} - -// InstanceIdentityDocument provides the shape for unmarshaling -// an instance identity document -type InstanceIdentityDocument struct { - DevpayProductCodes []string `json:"devpayProductCodes"` - MarketplaceProductCodes []string `json:"marketplaceProductCodes"` - AvailabilityZone string `json:"availabilityZone"` - PrivateIP string `json:"privateIp"` - Version string `json:"version"` - Region string `json:"region"` - InstanceID string `json:"instanceId"` - BillingProducts []string `json:"billingProducts"` - InstanceType string `json:"instanceType"` - AccountID string `json:"accountId"` - PendingTime time.Time `json:"pendingTime"` - ImageID string `json:"imageId"` - KernelID string `json:"kernelId"` - RamdiskID string `json:"ramdiskId"` - Architecture string `json:"architecture"` -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetMetadata.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetMetadata.go deleted file mode 100644 index 869bfc9f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetMetadata.go +++ /dev/null @@ -1,77 +0,0 @@ -package imds - -import ( - "context" - "fmt" - "io" - - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const getMetadataPath = "/latest/meta-data" - -// GetMetadata uses the path provided to request information from the Amazon -// EC2 Instance Metadata Service. The content will be returned as a string, or -// error if the request failed. -func (c *Client) GetMetadata(ctx context.Context, params *GetMetadataInput, optFns ...func(*Options)) (*GetMetadataOutput, error) { - if params == nil { - params = &GetMetadataInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetMetadata", params, optFns, - addGetMetadataMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*GetMetadataOutput) - out.ResultMetadata = metadata - return out, nil -} - -// GetMetadataInput provides the input parameters for the GetMetadata -// operation. -type GetMetadataInput struct { - // The relative metadata path to retrieve. Can be empty string to retrieve - // a response containing a new line separated list of metadata resources - // available. - // - // Must not include the metadata base path. - // - // May include leading slash. If Path includes trailing slash the trailing slash - // will be included in the request for the resource. - Path string -} - -// GetMetadataOutput provides the output parameters for the GetMetadata -// operation. -type GetMetadataOutput struct { - Content io.ReadCloser - - ResultMetadata middleware.Metadata -} - -func addGetMetadataMiddleware(stack *middleware.Stack, options Options) error { - return addAPIRequestMiddleware(stack, - options, - "GetMetadata", - buildGetMetadataPath, - buildGetMetadataOutput) -} - -func buildGetMetadataPath(params interface{}) (string, error) { - p, ok := params.(*GetMetadataInput) - if !ok { - return "", fmt.Errorf("unknown parameter type %T", params) - } - - return appendURIPath(getMetadataPath, p.Path), nil -} - -func buildGetMetadataOutput(resp *smithyhttp.Response) (interface{}, error) { - return &GetMetadataOutput{ - Content: resp.Body, - }, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetRegion.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetRegion.go deleted file mode 100644 index 8c0572bb..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetRegion.go +++ /dev/null @@ -1,73 +0,0 @@ -package imds - -import ( - "context" - "fmt" - - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// GetRegion retrieves an identity document describing an -// instance. Error is returned if the request fails or is unable to parse -// the response. -func (c *Client) GetRegion( - ctx context.Context, params *GetRegionInput, optFns ...func(*Options), -) ( - *GetRegionOutput, error, -) { - if params == nil { - params = &GetRegionInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetRegion", params, optFns, - addGetRegionMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*GetRegionOutput) - out.ResultMetadata = metadata - return out, nil -} - -// GetRegionInput provides the input parameters for GetRegion operation. -type GetRegionInput struct{} - -// GetRegionOutput provides the output parameters for GetRegion operation. -type GetRegionOutput struct { - Region string - - ResultMetadata middleware.Metadata -} - -func addGetRegionMiddleware(stack *middleware.Stack, options Options) error { - return addAPIRequestMiddleware(stack, - options, - "GetRegion", - buildGetInstanceIdentityDocumentPath, - buildGetRegionOutput, - ) -} - -func buildGetRegionOutput(resp *smithyhttp.Response) (interface{}, error) { - out, err := buildGetInstanceIdentityDocumentOutput(resp) - if err != nil { - return nil, err - } - - result, ok := out.(*GetInstanceIdentityDocumentOutput) - if !ok { - return nil, fmt.Errorf("unexpected instance identity document type, %T", out) - } - - region := result.Region - if len(region) == 0 { - return "", fmt.Errorf("instance metadata did not return a region value") - } - - return &GetRegionOutput{ - Region: region, - }, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetToken.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetToken.go deleted file mode 100644 index 1f9ee97a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetToken.go +++ /dev/null @@ -1,119 +0,0 @@ -package imds - -import ( - "context" - "fmt" - "io" - "strconv" - "strings" - "time" - - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const getTokenPath = "/latest/api/token" -const tokenTTLHeader = "X-Aws-Ec2-Metadata-Token-Ttl-Seconds" - -// getToken uses the duration to return a token for EC2 IMDS, or an error if -// the request failed. -func (c *Client) getToken(ctx context.Context, params *getTokenInput, optFns ...func(*Options)) (*getTokenOutput, error) { - if params == nil { - params = &getTokenInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "getToken", params, optFns, - addGetTokenMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*getTokenOutput) - out.ResultMetadata = metadata - return out, nil -} - -type getTokenInput struct { - TokenTTL time.Duration -} - -type getTokenOutput struct { - Token string - TokenTTL time.Duration - - ResultMetadata middleware.Metadata -} - -func addGetTokenMiddleware(stack *middleware.Stack, options Options) error { - err := addRequestMiddleware(stack, - options, - "PUT", - "GetToken", - buildGetTokenPath, - buildGetTokenOutput) - if err != nil { - return err - } - - err = stack.Serialize.Add(&tokenTTLRequestHeader{}, middleware.After) - if err != nil { - return err - } - - return nil -} - -func buildGetTokenPath(interface{}) (string, error) { - return getTokenPath, nil -} - -func buildGetTokenOutput(resp *smithyhttp.Response) (v interface{}, err error) { - defer func() { - closeErr := resp.Body.Close() - if err == nil { - err = closeErr - } else if closeErr != nil { - err = fmt.Errorf("response body close error: %v, original error: %w", closeErr, err) - } - }() - - ttlHeader := resp.Header.Get(tokenTTLHeader) - tokenTTL, err := strconv.ParseInt(ttlHeader, 10, 64) - if err != nil { - return nil, fmt.Errorf("unable to parse API token, %w", err) - } - - var token strings.Builder - if _, err = io.Copy(&token, resp.Body); err != nil { - return nil, fmt.Errorf("unable to read API token, %w", err) - } - - return &getTokenOutput{ - Token: token.String(), - TokenTTL: time.Duration(tokenTTL) * time.Second, - }, nil -} - -type tokenTTLRequestHeader struct{} - -func (*tokenTTLRequestHeader) ID() string { return "tokenTTLRequestHeader" } -func (*tokenTTLRequestHeader) HandleSerialize( - ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, -) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("expect HTTP transport, got %T", in.Request) - } - - input, ok := in.Parameters.(*getTokenInput) - if !ok { - return out, metadata, fmt.Errorf("expect getTokenInput, got %T", in.Parameters) - } - - req.Header.Set(tokenTTLHeader, strconv.Itoa(int(input.TokenTTL/time.Second))) - - return next.HandleSerialize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetUserData.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetUserData.go deleted file mode 100644 index 89036972..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/api_op_GetUserData.go +++ /dev/null @@ -1,61 +0,0 @@ -package imds - -import ( - "context" - "io" - - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const getUserDataPath = "/latest/user-data" - -// GetUserData uses the path provided to request information from the EC2 -// instance metadata service for dynamic data. The content will be returned -// as a string, or error if the request failed. -func (c *Client) GetUserData(ctx context.Context, params *GetUserDataInput, optFns ...func(*Options)) (*GetUserDataOutput, error) { - if params == nil { - params = &GetUserDataInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetUserData", params, optFns, - addGetUserDataMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*GetUserDataOutput) - out.ResultMetadata = metadata - return out, nil -} - -// GetUserDataInput provides the input parameters for the GetUserData -// operation. -type GetUserDataInput struct{} - -// GetUserDataOutput provides the output parameters for the GetUserData -// operation. -type GetUserDataOutput struct { - Content io.ReadCloser - - ResultMetadata middleware.Metadata -} - -func addGetUserDataMiddleware(stack *middleware.Stack, options Options) error { - return addAPIRequestMiddleware(stack, - options, - "GetUserData", - buildGetUserDataPath, - buildGetUserDataOutput) -} - -func buildGetUserDataPath(params interface{}) (string, error) { - return getUserDataPath, nil -} - -func buildGetUserDataOutput(resp *smithyhttp.Response) (interface{}, error) { - return &GetUserDataOutput{ - Content: resp.Body, - }, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/auth.go deleted file mode 100644 index ad283cf8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/auth.go +++ /dev/null @@ -1,48 +0,0 @@ -package imds - -import ( - "context" - "github.com/aws/smithy-go/middleware" -) - -type getIdentityMiddleware struct { - options Options -} - -func (*getIdentityMiddleware) ID() string { - return "GetIdentity" -} - -func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - return next.HandleFinalize(ctx, in) -} - -type signRequestMiddleware struct { -} - -func (*signRequestMiddleware) ID() string { - return "Signing" -} - -func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - return next.HandleFinalize(ctx, in) -} - -type resolveAuthSchemeMiddleware struct { - operation string - options Options -} - -func (*resolveAuthSchemeMiddleware) ID() string { - return "ResolveAuthScheme" -} - -func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/doc.go deleted file mode 100644 index d5765c36..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/doc.go +++ /dev/null @@ -1,12 +0,0 @@ -// Package imds provides the API client for interacting with the Amazon EC2 -// Instance Metadata Service. -// -// All Client operation calls have a default timeout. If the operation is not -// completed before this timeout expires, the operation will be canceled. This -// timeout can be overridden through the following: -// - Set the options flag DisableDefaultTimeout -// - Provide a Context with a timeout or deadline with calling the client's operations. -// -// See the EC2 IMDS user guide for more information on using the API. -// https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html -package imds diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/endpoints.go deleted file mode 100644 index d7540da3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/endpoints.go +++ /dev/null @@ -1,20 +0,0 @@ -package imds - -import ( - "context" - "github.com/aws/smithy-go/middleware" -) - -type resolveEndpointV2Middleware struct { - options Options -} - -func (*resolveEndpointV2Middleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go deleted file mode 100644 index dba9ef60..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package imds - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.16.30" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/config/resolvers.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/config/resolvers.go deleted file mode 100644 index ce774558..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/config/resolvers.go +++ /dev/null @@ -1,114 +0,0 @@ -package config - -import ( - "fmt" - "strings" -) - -// ClientEnableState provides an enumeration if the client is enabled, -// disabled, or default behavior. -type ClientEnableState uint - -// Enumeration values for ClientEnableState -const ( - ClientDefaultEnableState ClientEnableState = iota - ClientDisabled - ClientEnabled -) - -// EndpointModeState is the EC2 IMDS Endpoint Configuration Mode -type EndpointModeState uint - -// Enumeration values for ClientEnableState -const ( - EndpointModeStateUnset EndpointModeState = iota - EndpointModeStateIPv4 - EndpointModeStateIPv6 -) - -// SetFromString sets the EndpointModeState based on the provided string value. Unknown values will default to EndpointModeStateUnset -func (e *EndpointModeState) SetFromString(v string) error { - v = strings.TrimSpace(v) - - switch { - case len(v) == 0: - *e = EndpointModeStateUnset - case strings.EqualFold(v, "IPv6"): - *e = EndpointModeStateIPv6 - case strings.EqualFold(v, "IPv4"): - *e = EndpointModeStateIPv4 - default: - return fmt.Errorf("unknown EC2 IMDS endpoint mode, must be either IPv6 or IPv4") - } - return nil -} - -// ClientEnableStateResolver is a config resolver interface for retrieving whether the IMDS client is disabled. -type ClientEnableStateResolver interface { - GetEC2IMDSClientEnableState() (ClientEnableState, bool, error) -} - -// EndpointModeResolver is a config resolver interface for retrieving the EndpointModeState configuration. -type EndpointModeResolver interface { - GetEC2IMDSEndpointMode() (EndpointModeState, bool, error) -} - -// EndpointResolver is a config resolver interface for retrieving the endpoint. -type EndpointResolver interface { - GetEC2IMDSEndpoint() (string, bool, error) -} - -type v1FallbackDisabledResolver interface { - GetEC2IMDSV1FallbackDisabled() (bool, bool) -} - -// ResolveClientEnableState resolves the ClientEnableState from a list of configuration sources. -func ResolveClientEnableState(sources []interface{}) (value ClientEnableState, found bool, err error) { - for _, source := range sources { - if resolver, ok := source.(ClientEnableStateResolver); ok { - value, found, err = resolver.GetEC2IMDSClientEnableState() - if err != nil || found { - return value, found, err - } - } - } - return value, found, err -} - -// ResolveEndpointModeConfig resolves the EndpointModeState from a list of configuration sources. -func ResolveEndpointModeConfig(sources []interface{}) (value EndpointModeState, found bool, err error) { - for _, source := range sources { - if resolver, ok := source.(EndpointModeResolver); ok { - value, found, err = resolver.GetEC2IMDSEndpointMode() - if err != nil || found { - return value, found, err - } - } - } - return value, found, err -} - -// ResolveEndpointConfig resolves the endpoint from a list of configuration sources. -func ResolveEndpointConfig(sources []interface{}) (value string, found bool, err error) { - for _, source := range sources { - if resolver, ok := source.(EndpointResolver); ok { - value, found, err = resolver.GetEC2IMDSEndpoint() - if err != nil || found { - return value, found, err - } - } - } - return value, found, err -} - -// ResolveV1FallbackDisabled ... -func ResolveV1FallbackDisabled(sources []interface{}) (bool, bool) { - for _, source := range sources { - if resolver, ok := source.(v1FallbackDisabledResolver); ok { - if v, found := resolver.GetEC2IMDSV1FallbackDisabled(); found { - return v, true - } - } - } - return false, false -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go deleted file mode 100644 index 90cf4aeb..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go +++ /dev/null @@ -1,313 +0,0 @@ -package imds - -import ( - "bytes" - "context" - "fmt" - "io/ioutil" - "net/url" - "path" - "time" - - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/retry" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -func addAPIRequestMiddleware(stack *middleware.Stack, - options Options, - operation string, - getPath func(interface{}) (string, error), - getOutput func(*smithyhttp.Response) (interface{}, error), -) (err error) { - err = addRequestMiddleware(stack, options, "GET", operation, getPath, getOutput) - if err != nil { - return err - } - - // Token Serializer build and state management. - if !options.disableAPIToken { - err = stack.Finalize.Insert(options.tokenProvider, (*retry.Attempt)(nil).ID(), middleware.After) - if err != nil { - return err - } - - err = stack.Deserialize.Insert(options.tokenProvider, "OperationDeserializer", middleware.Before) - if err != nil { - return err - } - } - - return nil -} - -func addRequestMiddleware(stack *middleware.Stack, - options Options, - method string, - operation string, - getPath func(interface{}) (string, error), - getOutput func(*smithyhttp.Response) (interface{}, error), -) (err error) { - err = awsmiddleware.AddSDKAgentKey(awsmiddleware.FeatureMetadata, "ec2-imds")(stack) - if err != nil { - return err - } - - // Operation timeout - err = stack.Initialize.Add(&operationTimeout{ - Disabled: options.DisableDefaultTimeout, - DefaultTimeout: defaultOperationTimeout, - }, middleware.Before) - if err != nil { - return err - } - - // Operation Serializer - err = stack.Serialize.Add(&serializeRequest{ - GetPath: getPath, - Method: method, - }, middleware.After) - if err != nil { - return err - } - - // Operation endpoint resolver - err = stack.Serialize.Insert(&resolveEndpoint{ - Endpoint: options.Endpoint, - EndpointMode: options.EndpointMode, - }, "OperationSerializer", middleware.Before) - if err != nil { - return err - } - - // Operation Deserializer - err = stack.Deserialize.Add(&deserializeResponse{ - GetOutput: getOutput, - }, middleware.After) - if err != nil { - return err - } - - err = stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{ - LogRequest: options.ClientLogMode.IsRequest(), - LogRequestWithBody: options.ClientLogMode.IsRequestWithBody(), - LogResponse: options.ClientLogMode.IsResponse(), - LogResponseWithBody: options.ClientLogMode.IsResponseWithBody(), - }, middleware.After) - if err != nil { - return err - } - - err = addSetLoggerMiddleware(stack, options) - if err != nil { - return err - } - - if err := addProtocolFinalizerMiddlewares(stack, options, operation); err != nil { - return fmt.Errorf("add protocol finalizers: %w", err) - } - - // Retry support - return retry.AddRetryMiddlewares(stack, retry.AddRetryMiddlewaresOptions{ - Retryer: options.Retryer, - LogRetryAttempts: options.ClientLogMode.IsRetries(), - }) -} - -func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error { - return middleware.AddSetLoggerMiddleware(stack, o.Logger) -} - -type serializeRequest struct { - GetPath func(interface{}) (string, error) - Method string -} - -func (*serializeRequest) ID() string { - return "OperationSerializer" -} - -func (m *serializeRequest) HandleSerialize( - ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, -) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - reqPath, err := m.GetPath(in.Parameters) - if err != nil { - return out, metadata, fmt.Errorf("unable to get request URL path, %w", err) - } - - request.Request.URL.Path = reqPath - request.Request.Method = m.Method - - return next.HandleSerialize(ctx, in) -} - -type deserializeResponse struct { - GetOutput func(*smithyhttp.Response) (interface{}, error) -} - -func (*deserializeResponse) ID() string { - return "OperationDeserializer" -} - -func (m *deserializeResponse) HandleDeserialize( - ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler, -) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - resp, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, fmt.Errorf( - "unexpected transport response type, %T, want %T", out.RawResponse, resp) - } - defer resp.Body.Close() - - // read the full body so that any operation timeouts cleanup will not race - // the body being read. - body, err := ioutil.ReadAll(resp.Body) - if err != nil { - return out, metadata, fmt.Errorf("read response body failed, %w", err) - } - resp.Body = ioutil.NopCloser(bytes.NewReader(body)) - - // Anything that's not 200 |< 300 is error - if resp.StatusCode < 200 || resp.StatusCode >= 300 { - return out, metadata, &smithyhttp.ResponseError{ - Response: resp, - Err: fmt.Errorf("request to EC2 IMDS failed"), - } - } - - result, err := m.GetOutput(resp) - if err != nil { - return out, metadata, fmt.Errorf( - "unable to get deserialized result for response, %w", err, - ) - } - out.Result = result - - return out, metadata, err -} - -type resolveEndpoint struct { - Endpoint string - EndpointMode EndpointModeState -} - -func (*resolveEndpoint) ID() string { - return "ResolveEndpoint" -} - -func (m *resolveEndpoint) HandleSerialize( - ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, -) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - var endpoint string - if len(m.Endpoint) > 0 { - endpoint = m.Endpoint - } else { - switch m.EndpointMode { - case EndpointModeStateIPv6: - endpoint = defaultIPv6Endpoint - case EndpointModeStateIPv4: - fallthrough - case EndpointModeStateUnset: - endpoint = defaultIPv4Endpoint - default: - return out, metadata, fmt.Errorf("unsupported IMDS endpoint mode") - } - } - - req.URL, err = url.Parse(endpoint) - if err != nil { - return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err) - } - - return next.HandleSerialize(ctx, in) -} - -const ( - defaultOperationTimeout = 5 * time.Second -) - -// operationTimeout adds a timeout on the middleware stack if the Context the -// stack was called with does not have a deadline. The next middleware must -// complete before the timeout, or the context will be canceled. -// -// If DefaultTimeout is zero, no default timeout will be used if the Context -// does not have a timeout. -// -// The next middleware must also ensure that any resources that are also -// canceled by the stack's context are completely consumed before returning. -// Otherwise the timeout cleanup will race the resource being consumed -// upstream. -type operationTimeout struct { - Disabled bool - DefaultTimeout time.Duration -} - -func (*operationTimeout) ID() string { return "OperationTimeout" } - -func (m *operationTimeout) HandleInitialize( - ctx context.Context, input middleware.InitializeInput, next middleware.InitializeHandler, -) ( - output middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.Disabled { - return next.HandleInitialize(ctx, input) - } - - if _, ok := ctx.Deadline(); !ok && m.DefaultTimeout != 0 { - var cancelFn func() - ctx, cancelFn = context.WithTimeout(ctx, m.DefaultTimeout) - defer cancelFn() - } - - return next.HandleInitialize(ctx, input) -} - -// appendURIPath joins a URI path component to the existing path with `/` -// separators between the path components. If the path being added ends with a -// trailing `/` that slash will be maintained. -func appendURIPath(base, add string) string { - reqPath := path.Join(base, add) - if len(add) != 0 && add[len(add)-1] == '/' { - reqPath += "/" - } - return reqPath -} - -func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { - if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { - return fmt.Errorf("add ResolveAuthScheme: %w", err) - } - if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { - return fmt.Errorf("add GetIdentity: %w", err) - } - if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { - return fmt.Errorf("add ResolveEndpointV2: %w", err) - } - if err := stack.Finalize.Insert(&signRequestMiddleware{}, "ResolveEndpointV2", middleware.After); err != nil { - return fmt.Errorf("add Signing: %w", err) - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/token_provider.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/token_provider.go deleted file mode 100644 index 5703c6e1..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/token_provider.go +++ /dev/null @@ -1,261 +0,0 @@ -package imds - -import ( - "context" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/logging" - "net/http" - "sync" - "sync/atomic" - "time" - - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const ( - // Headers for Token and TTL - tokenHeader = "x-aws-ec2-metadata-token" - defaultTokenTTL = 5 * time.Minute -) - -type tokenProvider struct { - client *Client - tokenTTL time.Duration - - token *apiToken - tokenMux sync.RWMutex - - disabled uint32 // Atomic updated -} - -func newTokenProvider(client *Client, ttl time.Duration) *tokenProvider { - return &tokenProvider{ - client: client, - tokenTTL: ttl, - } -} - -// apiToken provides the API token used by all operation calls for th EC2 -// Instance metadata service. -type apiToken struct { - token string - expires time.Time -} - -var timeNow = time.Now - -// Expired returns if the token is expired. -func (t *apiToken) Expired() bool { - // Calling Round(0) on the current time will truncate the monotonic reading only. Ensures credential expiry - // time is always based on reported wall-clock time. - return timeNow().Round(0).After(t.expires) -} - -func (t *tokenProvider) ID() string { return "APITokenProvider" } - -// HandleFinalize is the finalize stack middleware, that if the token provider is -// enabled, will attempt to add the cached API token to the request. If the API -// token is not cached, it will be retrieved in a separate API call, getToken. -// -// For retry attempts, handler must be added after attempt retryer. -// -// If request for getToken fails the token provider may be disabled from future -// requests, depending on the response status code. -func (t *tokenProvider) HandleFinalize( - ctx context.Context, input middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - if t.fallbackEnabled() && !t.enabled() { - // short-circuits to insecure data flow if token provider is disabled. - return next.HandleFinalize(ctx, input) - } - - req, ok := input.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unexpected transport request type %T", input.Request) - } - - tok, err := t.getToken(ctx) - if err != nil { - // If the error allows the token to downgrade to insecure flow allow that. - var bypassErr *bypassTokenRetrievalError - if errors.As(err, &bypassErr) { - return next.HandleFinalize(ctx, input) - } - - return out, metadata, fmt.Errorf("failed to get API token, %w", err) - } - - req.Header.Set(tokenHeader, tok.token) - - return next.HandleFinalize(ctx, input) -} - -// HandleDeserialize is the deserialize stack middleware for determining if the -// operation the token provider is decorating failed because of a 401 -// unauthorized status code. If the operation failed for that reason the token -// provider needs to be re-enabled so that it can start adding the API token to -// operation calls. -func (t *tokenProvider) HandleDeserialize( - ctx context.Context, input middleware.DeserializeInput, next middleware.DeserializeHandler, -) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, input) - if err == nil { - return out, metadata, err - } - - resp, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, fmt.Errorf("expect HTTP transport, got %T", out.RawResponse) - } - - if resp.StatusCode == http.StatusUnauthorized { // unauthorized - t.enable() - err = &retryableError{Err: err, isRetryable: true} - } - - return out, metadata, err -} - -func (t *tokenProvider) getToken(ctx context.Context) (tok *apiToken, err error) { - if t.fallbackEnabled() && !t.enabled() { - return nil, &bypassTokenRetrievalError{ - Err: fmt.Errorf("cannot get API token, provider disabled"), - } - } - - t.tokenMux.RLock() - tok = t.token - t.tokenMux.RUnlock() - - if tok != nil && !tok.Expired() { - return tok, nil - } - - tok, err = t.updateToken(ctx) - if err != nil { - return nil, err - } - - return tok, nil -} - -func (t *tokenProvider) updateToken(ctx context.Context) (*apiToken, error) { - t.tokenMux.Lock() - defer t.tokenMux.Unlock() - - // Prevent multiple requests to update retrieving the token. - if t.token != nil && !t.token.Expired() { - tok := t.token - return tok, nil - } - - result, err := t.client.getToken(ctx, &getTokenInput{ - TokenTTL: t.tokenTTL, - }) - if err != nil { - var statusErr interface{ HTTPStatusCode() int } - if errors.As(err, &statusErr) { - switch statusErr.HTTPStatusCode() { - // Disable future get token if failed because of 403, 404, or 405 - case http.StatusForbidden, - http.StatusNotFound, - http.StatusMethodNotAllowed: - - if t.fallbackEnabled() { - logger := middleware.GetLogger(ctx) - logger.Logf(logging.Warn, "falling back to IMDSv1: %v", err) - t.disable() - } - - // 400 errors are terminal, and need to be upstreamed - case http.StatusBadRequest: - return nil, err - } - } - - // Disable if request send failed or timed out getting response - var re *smithyhttp.RequestSendError - var ce *smithy.CanceledError - if errors.As(err, &re) || errors.As(err, &ce) { - atomic.StoreUint32(&t.disabled, 1) - } - - if !t.fallbackEnabled() { - // NOTE: getToken() is an implementation detail of some outer operation - // (e.g. GetMetadata). It has its own retries that have already been exhausted. - // Mark the underlying error as a terminal error. - err = &retryableError{Err: err, isRetryable: false} - return nil, err - } - - // Token couldn't be retrieved, fallback to IMDSv1 insecure flow for this request - // and allow the request to proceed. Future requests _may_ re-attempt fetching a - // token if not disabled. - return nil, &bypassTokenRetrievalError{Err: err} - } - - tok := &apiToken{ - token: result.Token, - expires: timeNow().Add(result.TokenTTL), - } - t.token = tok - - return tok, nil -} - -// enabled returns if the token provider is current enabled or not. -func (t *tokenProvider) enabled() bool { - return atomic.LoadUint32(&t.disabled) == 0 -} - -// fallbackEnabled returns false if EnableFallback is [aws.FalseTernary], true otherwise -func (t *tokenProvider) fallbackEnabled() bool { - switch t.client.options.EnableFallback { - case aws.FalseTernary: - return false - default: - return true - } -} - -// disable disables the token provider and it will no longer attempt to inject -// the token, nor request updates. -func (t *tokenProvider) disable() { - atomic.StoreUint32(&t.disabled, 1) -} - -// enable enables the token provide to start refreshing tokens, and adding them -// to the pending request. -func (t *tokenProvider) enable() { - t.tokenMux.Lock() - t.token = nil - t.tokenMux.Unlock() - atomic.StoreUint32(&t.disabled, 0) -} - -type bypassTokenRetrievalError struct { - Err error -} - -func (e *bypassTokenRetrievalError) Error() string { - return fmt.Sprintf("bypass token retrieval, %v", e.Err) -} - -func (e *bypassTokenRetrievalError) Unwrap() error { return e.Err } - -type retryableError struct { - Err error - isRetryable bool -} - -func (e *retryableError) RetryableError() bool { return e.isRetryable } - -func (e *retryableError) Error() string { return e.Err.Error() } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/auth.go deleted file mode 100644 index 0b81db54..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/auth.go +++ /dev/null @@ -1,45 +0,0 @@ -package auth - -import ( - "github.com/aws/smithy-go/auth" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// HTTPAuthScheme is the SDK's internal implementation of smithyhttp.AuthScheme -// for pre-existing implementations where the signer was added to client -// config. SDK clients will key off of this type and ensure per-operation -// updates to those signers persist on the scheme itself. -type HTTPAuthScheme struct { - schemeID string - signer smithyhttp.Signer -} - -var _ smithyhttp.AuthScheme = (*HTTPAuthScheme)(nil) - -// NewHTTPAuthScheme returns an auth scheme instance with the given config. -func NewHTTPAuthScheme(schemeID string, signer smithyhttp.Signer) *HTTPAuthScheme { - return &HTTPAuthScheme{ - schemeID: schemeID, - signer: signer, - } -} - -// SchemeID identifies the auth scheme. -func (s *HTTPAuthScheme) SchemeID() string { - return s.schemeID -} - -// IdentityResolver gets the identity resolver for the auth scheme. -func (s *HTTPAuthScheme) IdentityResolver(o auth.IdentityResolverOptions) auth.IdentityResolver { - return o.GetIdentityResolver(s.schemeID) -} - -// Signer gets the signer for the auth scheme. -func (s *HTTPAuthScheme) Signer() smithyhttp.Signer { - return s.signer -} - -// WithSigner returns a new instance of the auth scheme with the updated signer. -func (s *HTTPAuthScheme) WithSigner(signer smithyhttp.Signer) *HTTPAuthScheme { - return NewHTTPAuthScheme(s.schemeID, signer) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/scheme.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/scheme.go deleted file mode 100644 index bbc2ec06..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/scheme.go +++ /dev/null @@ -1,191 +0,0 @@ -package auth - -import ( - "context" - "fmt" - - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/middleware" -) - -// SigV4 is a constant representing -// Authentication Scheme Signature Version 4 -const SigV4 = "sigv4" - -// SigV4A is a constant representing -// Authentication Scheme Signature Version 4A -const SigV4A = "sigv4a" - -// SigV4S3Express identifies the S3 S3Express auth scheme. -const SigV4S3Express = "sigv4-s3express" - -// None is a constant representing the -// None Authentication Scheme -const None = "none" - -// SupportedSchemes is a data structure -// that indicates the list of supported AWS -// authentication schemes -var SupportedSchemes = map[string]bool{ - SigV4: true, - SigV4A: true, - SigV4S3Express: true, - None: true, -} - -// AuthenticationScheme is a representation of -// AWS authentication schemes -type AuthenticationScheme interface { - isAuthenticationScheme() -} - -// AuthenticationSchemeV4 is a AWS SigV4 representation -type AuthenticationSchemeV4 struct { - Name string - SigningName *string - SigningRegion *string - DisableDoubleEncoding *bool -} - -func (a *AuthenticationSchemeV4) isAuthenticationScheme() {} - -// AuthenticationSchemeV4A is a AWS SigV4A representation -type AuthenticationSchemeV4A struct { - Name string - SigningName *string - SigningRegionSet []string - DisableDoubleEncoding *bool -} - -func (a *AuthenticationSchemeV4A) isAuthenticationScheme() {} - -// AuthenticationSchemeNone is a representation for the none auth scheme -type AuthenticationSchemeNone struct{} - -func (a *AuthenticationSchemeNone) isAuthenticationScheme() {} - -// NoAuthenticationSchemesFoundError is used in signaling -// that no authentication schemes have been specified. -type NoAuthenticationSchemesFoundError struct{} - -func (e *NoAuthenticationSchemesFoundError) Error() string { - return fmt.Sprint("No authentication schemes specified.") -} - -// UnSupportedAuthenticationSchemeSpecifiedError is used in -// signaling that only unsupported authentication schemes -// were specified. -type UnSupportedAuthenticationSchemeSpecifiedError struct { - UnsupportedSchemes []string -} - -func (e *UnSupportedAuthenticationSchemeSpecifiedError) Error() string { - return fmt.Sprint("Unsupported authentication scheme specified.") -} - -// GetAuthenticationSchemes extracts the relevant authentication scheme data -// into a custom strongly typed Go data structure. -func GetAuthenticationSchemes(p *smithy.Properties) ([]AuthenticationScheme, error) { - var result []AuthenticationScheme - if !p.Has("authSchemes") { - return nil, &NoAuthenticationSchemesFoundError{} - } - - authSchemes, _ := p.Get("authSchemes").([]interface{}) - - var unsupportedSchemes []string - for _, scheme := range authSchemes { - authScheme, _ := scheme.(map[string]interface{}) - - version := authScheme["name"].(string) - switch version { - case SigV4, SigV4S3Express: - v4Scheme := AuthenticationSchemeV4{ - Name: version, - SigningName: getSigningName(authScheme), - SigningRegion: getSigningRegion(authScheme), - DisableDoubleEncoding: getDisableDoubleEncoding(authScheme), - } - result = append(result, AuthenticationScheme(&v4Scheme)) - case SigV4A: - v4aScheme := AuthenticationSchemeV4A{ - Name: SigV4A, - SigningName: getSigningName(authScheme), - SigningRegionSet: getSigningRegionSet(authScheme), - DisableDoubleEncoding: getDisableDoubleEncoding(authScheme), - } - result = append(result, AuthenticationScheme(&v4aScheme)) - case None: - noneScheme := AuthenticationSchemeNone{} - result = append(result, AuthenticationScheme(&noneScheme)) - default: - unsupportedSchemes = append(unsupportedSchemes, authScheme["name"].(string)) - continue - } - } - - if len(result) == 0 { - return nil, &UnSupportedAuthenticationSchemeSpecifiedError{ - UnsupportedSchemes: unsupportedSchemes, - } - } - - return result, nil -} - -type disableDoubleEncoding struct{} - -// SetDisableDoubleEncoding sets or modifies the disable double encoding option -// on the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func SetDisableDoubleEncoding(ctx context.Context, value bool) context.Context { - return middleware.WithStackValue(ctx, disableDoubleEncoding{}, value) -} - -// GetDisableDoubleEncoding retrieves the disable double encoding option -// from the context. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func GetDisableDoubleEncoding(ctx context.Context) (value bool, ok bool) { - value, ok = middleware.GetStackValue(ctx, disableDoubleEncoding{}).(bool) - return value, ok -} - -func getSigningName(authScheme map[string]interface{}) *string { - signingName, ok := authScheme["signingName"].(string) - if !ok || signingName == "" { - return nil - } - return &signingName -} - -func getSigningRegionSet(authScheme map[string]interface{}) []string { - untypedSigningRegionSet, ok := authScheme["signingRegionSet"].([]interface{}) - if !ok { - return nil - } - signingRegionSet := []string{} - for _, item := range untypedSigningRegionSet { - signingRegionSet = append(signingRegionSet, item.(string)) - } - return signingRegionSet -} - -func getSigningRegion(authScheme map[string]interface{}) *string { - signingRegion, ok := authScheme["signingRegion"].(string) - if !ok || signingRegion == "" { - return nil - } - return &signingRegion -} - -func getDisableDoubleEncoding(authScheme map[string]interface{}) *bool { - disableDoubleEncoding, ok := authScheme["disableDoubleEncoding"].(bool) - if !ok { - return nil - } - return &disableDoubleEncoding -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_adapter.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_adapter.go deleted file mode 100644 index f059b5d3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_adapter.go +++ /dev/null @@ -1,43 +0,0 @@ -package smithy - -import ( - "context" - "fmt" - "time" - - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/auth/bearer" -) - -// BearerTokenAdapter adapts smithy bearer.Token to smithy auth.Identity. -type BearerTokenAdapter struct { - Token bearer.Token -} - -var _ auth.Identity = (*BearerTokenAdapter)(nil) - -// Expiration returns the time of expiration for the token. -func (v *BearerTokenAdapter) Expiration() time.Time { - return v.Token.Expires -} - -// BearerTokenProviderAdapter adapts smithy bearer.TokenProvider to smithy -// auth.IdentityResolver. -type BearerTokenProviderAdapter struct { - Provider bearer.TokenProvider -} - -var _ (auth.IdentityResolver) = (*BearerTokenProviderAdapter)(nil) - -// GetIdentity retrieves a bearer token using the underlying provider. -func (v *BearerTokenProviderAdapter) GetIdentity(ctx context.Context, _ smithy.Properties) ( - auth.Identity, error, -) { - token, err := v.Provider.RetrieveBearerToken(ctx) - if err != nil { - return nil, fmt.Errorf("get token: %w", err) - } - - return &BearerTokenAdapter{Token: token}, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_signer_adapter.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_signer_adapter.go deleted file mode 100644 index a8828152..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/bearer_token_signer_adapter.go +++ /dev/null @@ -1,35 +0,0 @@ -package smithy - -import ( - "context" - "fmt" - - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/auth/bearer" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// BearerTokenSignerAdapter adapts smithy bearer.Signer to smithy http -// auth.Signer. -type BearerTokenSignerAdapter struct { - Signer bearer.Signer -} - -var _ (smithyhttp.Signer) = (*BearerTokenSignerAdapter)(nil) - -// SignRequest signs the request with the provided bearer token. -func (v *BearerTokenSignerAdapter) SignRequest(ctx context.Context, r *smithyhttp.Request, identity auth.Identity, _ smithy.Properties) error { - ca, ok := identity.(*BearerTokenAdapter) - if !ok { - return fmt.Errorf("unexpected identity type: %T", identity) - } - - signed, err := v.Signer.SignWithBearerToken(ctx, ca.Token, r) - if err != nil { - return fmt.Errorf("sign request: %w", err) - } - - *r = *signed.(*smithyhttp.Request) - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/credentials_adapter.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/credentials_adapter.go deleted file mode 100644 index f926c4aa..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/credentials_adapter.go +++ /dev/null @@ -1,46 +0,0 @@ -package smithy - -import ( - "context" - "fmt" - "time" - - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/auth" -) - -// CredentialsAdapter adapts aws.Credentials to auth.Identity. -type CredentialsAdapter struct { - Credentials aws.Credentials -} - -var _ auth.Identity = (*CredentialsAdapter)(nil) - -// Expiration returns the time of expiration for the credentials. -func (v *CredentialsAdapter) Expiration() time.Time { - return v.Credentials.Expires -} - -// CredentialsProviderAdapter adapts aws.CredentialsProvider to auth.IdentityResolver. -type CredentialsProviderAdapter struct { - Provider aws.CredentialsProvider -} - -var _ (auth.IdentityResolver) = (*CredentialsProviderAdapter)(nil) - -// GetIdentity retrieves AWS credentials using the underlying provider. -func (v *CredentialsProviderAdapter) GetIdentity(ctx context.Context, _ smithy.Properties) ( - auth.Identity, error, -) { - if v.Provider == nil { - return &CredentialsAdapter{Credentials: aws.Credentials{}}, nil - } - - creds, err := v.Provider.Retrieve(ctx) - if err != nil { - return nil, fmt.Errorf("get credentials: %w", err) - } - - return &CredentialsAdapter{Credentials: creds}, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/smithy.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/smithy.go deleted file mode 100644 index 42b45867..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/smithy.go +++ /dev/null @@ -1,2 +0,0 @@ -// Package smithy adapts concrete AWS auth and signing types to the generic smithy versions. -package smithy diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/v4signer_adapter.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/v4signer_adapter.go deleted file mode 100644 index 24db8e14..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/auth/smithy/v4signer_adapter.go +++ /dev/null @@ -1,57 +0,0 @@ -package smithy - -import ( - "context" - "fmt" - - v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" - "github.com/aws/aws-sdk-go-v2/internal/sdk" - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/logging" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// V4SignerAdapter adapts v4.HTTPSigner to smithy http.Signer. -type V4SignerAdapter struct { - Signer v4.HTTPSigner - Logger logging.Logger - LogSigning bool -} - -var _ (smithyhttp.Signer) = (*V4SignerAdapter)(nil) - -// SignRequest signs the request with the provided identity. -func (v *V4SignerAdapter) SignRequest(ctx context.Context, r *smithyhttp.Request, identity auth.Identity, props smithy.Properties) error { - ca, ok := identity.(*CredentialsAdapter) - if !ok { - return fmt.Errorf("unexpected identity type: %T", identity) - } - - name, ok := smithyhttp.GetSigV4SigningName(&props) - if !ok { - return fmt.Errorf("sigv4 signing name is required") - } - - region, ok := smithyhttp.GetSigV4SigningRegion(&props) - if !ok { - return fmt.Errorf("sigv4 signing region is required") - } - - hash := v4.GetPayloadHash(ctx) - signingTime := sdk.NowTime() - skew := internalcontext.GetAttemptSkewContext(ctx) - signingTime = signingTime.Add(skew) - err := v.Signer.SignHTTP(ctx, ca.Credentials, r.Request, hash, name, region, signingTime, func(o *v4.SignerOptions) { - o.DisableURIPathEscaping, _ = smithyhttp.GetDisableDoubleEncoding(&props) - - o.Logger = v.Logger - o.LogSigning = v.LogSigning - }) - if err != nil { - return fmt.Errorf("sign http: %w", err) - } - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md deleted file mode 100644 index eae3e16a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md +++ /dev/null @@ -1,400 +0,0 @@ -# v1.3.34 (2025-02-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.33 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.32 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.31 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.30 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.29 (2025-01-24) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.3.28 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.27 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.26 (2024-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.25 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.24 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.23 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.22 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.21 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.20 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.19 (2024-10-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.18 (2024-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.17 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.16 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.15 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.14 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.13 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.12 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.11 (2024-06-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.10 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.9 (2024-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.8 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.7 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.6 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.5 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.4 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.3 (2024-03-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.2 (2024-02-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.1 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.10 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.9 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.8 (2023-12-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.7 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.6 (2023-11-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.5 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.4 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.3 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.2 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.1 (2023-11-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.43 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.42 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.41 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.40 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.39 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.38 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.37 (2023-07-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.36 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.35 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.34 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.33 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.32 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.31 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.30 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.29 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.28 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.27 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.26 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.25 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.24 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.23 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.22 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.21 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.20 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.19 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.18 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.17 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.16 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.15 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.14 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.13 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.12 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.11 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.10 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.9 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.8 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.7 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.6 (2022-03-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.5 (2022-02-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.4 (2022-01-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.3 (2022-01-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.2 (2021-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.0 (2021-11-06) - -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.7 (2021-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.6 (2021-10-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.5 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.4 (2021-08-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.3 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.2 (2021-08-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.1 (2021-07-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.0 (2021-06-25) - -* **Release**: Release new modules -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/config.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/config.go deleted file mode 100644 index cd4d19b8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/config.go +++ /dev/null @@ -1,65 +0,0 @@ -package configsources - -import ( - "context" - "github.com/aws/aws-sdk-go-v2/aws" -) - -// EnableEndpointDiscoveryProvider is an interface for retrieving external configuration value -// for Enable Endpoint Discovery -type EnableEndpointDiscoveryProvider interface { - GetEnableEndpointDiscovery(ctx context.Context) (value aws.EndpointDiscoveryEnableState, found bool, err error) -} - -// ResolveEnableEndpointDiscovery extracts the first instance of a EnableEndpointDiscoveryProvider from the config slice. -// Additionally returns a aws.EndpointDiscoveryEnableState to indicate if the value was found in provided configs, -// and error if one is encountered. -func ResolveEnableEndpointDiscovery(ctx context.Context, configs []interface{}) (value aws.EndpointDiscoveryEnableState, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(EnableEndpointDiscoveryProvider); ok { - value, found, err = p.GetEnableEndpointDiscovery(ctx) - if err != nil || found { - break - } - } - } - return -} - -// UseDualStackEndpointProvider is an interface for retrieving external configuration values for UseDualStackEndpoint -type UseDualStackEndpointProvider interface { - GetUseDualStackEndpoint(context.Context) (value aws.DualStackEndpointState, found bool, err error) -} - -// ResolveUseDualStackEndpoint extracts the first instance of a UseDualStackEndpoint from the config slice. -// Additionally returns a boolean to indicate if the value was found in provided configs, and error if one is encountered. -func ResolveUseDualStackEndpoint(ctx context.Context, configs []interface{}) (value aws.DualStackEndpointState, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(UseDualStackEndpointProvider); ok { - value, found, err = p.GetUseDualStackEndpoint(ctx) - if err != nil || found { - break - } - } - } - return -} - -// UseFIPSEndpointProvider is an interface for retrieving external configuration values for UseFIPSEndpoint -type UseFIPSEndpointProvider interface { - GetUseFIPSEndpoint(context.Context) (value aws.FIPSEndpointState, found bool, err error) -} - -// ResolveUseFIPSEndpoint extracts the first instance of a UseFIPSEndpointProvider from the config slice. -// Additionally, returns a boolean to indicate if the value was found in provided configs, and error if one is encountered. -func ResolveUseFIPSEndpoint(ctx context.Context, configs []interface{}) (value aws.FIPSEndpointState, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(UseFIPSEndpointProvider); ok { - value, found, err = p.GetUseFIPSEndpoint(ctx) - if err != nil || found { - break - } - } - } - return -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/endpoints.go deleted file mode 100644 index e7835f85..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/endpoints.go +++ /dev/null @@ -1,57 +0,0 @@ -package configsources - -import ( - "context" -) - -// ServiceBaseEndpointProvider is needed to search for all providers -// that provide a configured service endpoint -type ServiceBaseEndpointProvider interface { - GetServiceBaseEndpoint(ctx context.Context, sdkID string) (string, bool, error) -} - -// IgnoreConfiguredEndpointsProvider is needed to search for all providers -// that provide a flag to disable configured endpoints. -// -// Currently duplicated from github.com/aws/aws-sdk-go-v2/config because -// service packages cannot import github.com/aws/aws-sdk-go-v2/config -// due to result import cycle error. -type IgnoreConfiguredEndpointsProvider interface { - GetIgnoreConfiguredEndpoints(ctx context.Context) (bool, bool, error) -} - -// GetIgnoreConfiguredEndpoints is used in knowing when to disable configured -// endpoints feature. -// -// Currently duplicated from github.com/aws/aws-sdk-go-v2/config because -// service packages cannot import github.com/aws/aws-sdk-go-v2/config -// due to result import cycle error. -func GetIgnoreConfiguredEndpoints(ctx context.Context, configs []interface{}) (value bool, found bool, err error) { - for _, cfg := range configs { - if p, ok := cfg.(IgnoreConfiguredEndpointsProvider); ok { - value, found, err = p.GetIgnoreConfiguredEndpoints(ctx) - if err != nil || found { - break - } - } - } - return -} - -// ResolveServiceBaseEndpoint is used to retrieve service endpoints from configured sources -// while allowing for configured endpoints to be disabled -func ResolveServiceBaseEndpoint(ctx context.Context, sdkID string, configs []interface{}) (value string, found bool, err error) { - if val, found, _ := GetIgnoreConfiguredEndpoints(ctx, configs); found && val { - return "", false, nil - } - - for _, cs := range configs { - if p, ok := cs.(ServiceBaseEndpointProvider); ok { - value, found, err = p.GetServiceBaseEndpoint(context.Background(), sdkID) - if err != nil || found { - break - } - } - } - return -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go deleted file mode 100644 index eddabe63..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package configsources - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.3.34" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/context/context.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/context/context.go deleted file mode 100644 index f0c283d3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/context/context.go +++ /dev/null @@ -1,52 +0,0 @@ -package context - -import ( - "context" - "time" - - "github.com/aws/smithy-go/middleware" -) - -type s3BackendKey struct{} -type checksumInputAlgorithmKey struct{} -type clockSkew struct{} - -const ( - // S3BackendS3Express identifies the S3Express backend - S3BackendS3Express = "S3Express" -) - -// SetS3Backend stores the resolved endpoint backend within the request -// context, which is required for a variety of custom S3 behaviors. -func SetS3Backend(ctx context.Context, typ string) context.Context { - return middleware.WithStackValue(ctx, s3BackendKey{}, typ) -} - -// GetS3Backend retrieves the stored endpoint backend within the context. -func GetS3Backend(ctx context.Context) string { - v, _ := middleware.GetStackValue(ctx, s3BackendKey{}).(string) - return v -} - -// SetChecksumInputAlgorithm sets the request checksum algorithm on the -// context. -func SetChecksumInputAlgorithm(ctx context.Context, value string) context.Context { - return middleware.WithStackValue(ctx, checksumInputAlgorithmKey{}, value) -} - -// GetChecksumInputAlgorithm returns the checksum algorithm from the context. -func GetChecksumInputAlgorithm(ctx context.Context) string { - v, _ := middleware.GetStackValue(ctx, checksumInputAlgorithmKey{}).(string) - return v -} - -// SetAttemptSkewContext sets the clock skew value on the context -func SetAttemptSkewContext(ctx context.Context, v time.Duration) context.Context { - return middleware.WithStackValue(ctx, clockSkew{}, v) -} - -// GetAttemptSkewContext gets the clock skew value from the context -func GetAttemptSkewContext(ctx context.Context) time.Duration { - x, _ := middleware.GetStackValue(ctx, clockSkew{}).(time.Duration) - return x -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/arn.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/arn.go deleted file mode 100644 index e6223dd3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/arn.go +++ /dev/null @@ -1,94 +0,0 @@ -package awsrulesfn - -import ( - "strings" -) - -// ARN provides AWS ARN components broken out into a data structure. -type ARN struct { - Partition string - Service string - Region string - AccountId string - ResourceId OptionalStringSlice -} - -const ( - arnDelimiters = ":" - resourceDelimiters = "/:" - arnSections = 6 - arnPrefix = "arn:" - - // zero-indexed - sectionPartition = 1 - sectionService = 2 - sectionRegion = 3 - sectionAccountID = 4 - sectionResource = 5 -) - -// ParseARN returns an [ARN] value parsed from the input string provided. If -// the ARN cannot be parsed nil will be returned, and error added to -// [ErrorCollector]. -func ParseARN(input string) *ARN { - if !strings.HasPrefix(input, arnPrefix) { - return nil - } - - sections := strings.SplitN(input, arnDelimiters, arnSections) - if numSections := len(sections); numSections != arnSections { - return nil - } - - if sections[sectionPartition] == "" { - return nil - } - if sections[sectionService] == "" { - return nil - } - if sections[sectionResource] == "" { - return nil - } - - return &ARN{ - Partition: sections[sectionPartition], - Service: sections[sectionService], - Region: sections[sectionRegion], - AccountId: sections[sectionAccountID], - ResourceId: splitResource(sections[sectionResource]), - } -} - -// splitResource splits the resource components by the ARN resource delimiters. -func splitResource(v string) []string { - var parts []string - var offset int - - for offset <= len(v) { - idx := strings.IndexAny(v[offset:], "/:") - if idx < 0 { - parts = append(parts, v[offset:]) - break - } - parts = append(parts, v[offset:idx+offset]) - offset += idx + 1 - } - - return parts -} - -// OptionalStringSlice provides a helper to safely get the index of a string -// slice that may be out of bounds. Returns pointer to string if index is -// valid. Otherwise returns nil. -type OptionalStringSlice []string - -// Get returns a string pointer of the string at index i if the index is valid. -// Otherwise returns nil. -func (s OptionalStringSlice) Get(i int) *string { - if i < 0 || i >= len(s) { - return nil - } - - v := s[i] - return &v -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/doc.go deleted file mode 100644 index d5a36585..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/doc.go +++ /dev/null @@ -1,3 +0,0 @@ -// Package awsrulesfn provides AWS focused endpoint rule functions for -// evaluating endpoint resolution rules. -package awsrulesfn diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/generate.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/generate.go deleted file mode 100644 index df72da97..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/generate.go +++ /dev/null @@ -1,7 +0,0 @@ -//go:build codegen -// +build codegen - -package awsrulesfn - -//go:generate go run -tags codegen ./internal/partition/codegen.go -model partitions.json -output partitions.go -//go:generate gofmt -w -s . diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/host.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/host.go deleted file mode 100644 index 637e5fc1..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/host.go +++ /dev/null @@ -1,51 +0,0 @@ -package awsrulesfn - -import ( - "net" - "strings" - - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// IsVirtualHostableS3Bucket returns if the input is a DNS compatible bucket -// name and can be used with Amazon S3 virtual hosted style addressing. Similar -// to [rulesfn.IsValidHostLabel] with the added restriction that the length of label -// must be [3:63] characters long, all lowercase, and not formatted as an IP -// address. -func IsVirtualHostableS3Bucket(input string, allowSubDomains bool) bool { - // input should not be formatted as an IP address - // NOTE: this will technically trip up on IPv6 hosts with zone IDs, but - // validation further down will catch that anyway (it's guaranteed to have - // unfriendly characters % and : if that's the case) - if net.ParseIP(input) != nil { - return false - } - - var labels []string - if allowSubDomains { - labels = strings.Split(input, ".") - } else { - labels = []string{input} - } - - for _, label := range labels { - // validate special length constraints - if l := len(label); l < 3 || l > 63 { - return false - } - - // Validate no capital letters - for _, r := range label { - if r >= 'A' && r <= 'Z' { - return false - } - } - - // Validate valid host label - if !smithyhttp.ValidHostLabel(label) { - return false - } - } - - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partition.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partition.go deleted file mode 100644 index 91414afe..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partition.go +++ /dev/null @@ -1,76 +0,0 @@ -package awsrulesfn - -import "regexp" - -// Partition provides the metadata describing an AWS partition. -type Partition struct { - ID string `json:"id"` - Regions map[string]RegionOverrides `json:"regions"` - RegionRegex string `json:"regionRegex"` - DefaultConfig PartitionConfig `json:"outputs"` -} - -// PartitionConfig provides the endpoint metadata for an AWS region or partition. -type PartitionConfig struct { - Name string `json:"name"` - DnsSuffix string `json:"dnsSuffix"` - DualStackDnsSuffix string `json:"dualStackDnsSuffix"` - SupportsFIPS bool `json:"supportsFIPS"` - SupportsDualStack bool `json:"supportsDualStack"` - ImplicitGlobalRegion string `json:"implicitGlobalRegion"` -} - -type RegionOverrides struct { - Name *string `json:"name"` - DnsSuffix *string `json:"dnsSuffix"` - DualStackDnsSuffix *string `json:"dualStackDnsSuffix"` - SupportsFIPS *bool `json:"supportsFIPS"` - SupportsDualStack *bool `json:"supportsDualStack"` -} - -const defaultPartition = "aws" - -func getPartition(partitions []Partition, region string) *PartitionConfig { - for _, partition := range partitions { - if v, ok := partition.Regions[region]; ok { - p := mergeOverrides(partition.DefaultConfig, v) - return &p - } - } - - for _, partition := range partitions { - regionRegex := regexp.MustCompile(partition.RegionRegex) - if regionRegex.MatchString(region) { - v := partition.DefaultConfig - return &v - } - } - - for _, partition := range partitions { - if partition.ID == defaultPartition { - v := partition.DefaultConfig - return &v - } - } - - return nil -} - -func mergeOverrides(into PartitionConfig, from RegionOverrides) PartitionConfig { - if from.Name != nil { - into.Name = *from.Name - } - if from.DnsSuffix != nil { - into.DnsSuffix = *from.DnsSuffix - } - if from.DualStackDnsSuffix != nil { - into.DualStackDnsSuffix = *from.DualStackDnsSuffix - } - if from.SupportsFIPS != nil { - into.SupportsFIPS = *from.SupportsFIPS - } - if from.SupportsDualStack != nil { - into.SupportsDualStack = *from.SupportsDualStack - } - return into -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.go deleted file mode 100644 index 5f077999..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.go +++ /dev/null @@ -1,403 +0,0 @@ -// Code generated by endpoint/awsrulesfn/internal/partition. DO NOT EDIT. - -package awsrulesfn - -// GetPartition returns an AWS [Partition] for the region provided. If the -// partition cannot be determined nil will be returned. -func GetPartition(region string) *PartitionConfig { - return getPartition(partitions, region) -} - -var partitions = []Partition{ - { - ID: "aws", - RegionRegex: "^(us|eu|ap|sa|ca|me|af|il)\\-\\w+\\-\\d+$", - DefaultConfig: PartitionConfig{ - Name: "aws", - DnsSuffix: "amazonaws.com", - DualStackDnsSuffix: "api.aws", - SupportsFIPS: true, - SupportsDualStack: true, - ImplicitGlobalRegion: "us-east-1", - }, - Regions: map[string]RegionOverrides{ - "af-south-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-east-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-northeast-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-northeast-2": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-northeast-3": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-south-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-south-2": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-southeast-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-southeast-2": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-southeast-3": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ap-southeast-4": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "aws-global": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ca-central-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "ca-west-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "eu-central-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "eu-central-2": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "eu-north-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "eu-south-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "eu-south-2": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "eu-west-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "eu-west-2": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "eu-west-3": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "il-central-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "me-central-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "me-south-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "sa-east-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-east-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-east-2": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-west-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-west-2": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - }, - }, - { - ID: "aws-cn", - RegionRegex: "^cn\\-\\w+\\-\\d+$", - DefaultConfig: PartitionConfig{ - Name: "aws-cn", - DnsSuffix: "amazonaws.com.cn", - DualStackDnsSuffix: "api.amazonwebservices.com.cn", - SupportsFIPS: true, - SupportsDualStack: true, - ImplicitGlobalRegion: "cn-northwest-1", - }, - Regions: map[string]RegionOverrides{ - "aws-cn-global": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "cn-north-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "cn-northwest-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - }, - }, - { - ID: "aws-us-gov", - RegionRegex: "^us\\-gov\\-\\w+\\-\\d+$", - DefaultConfig: PartitionConfig{ - Name: "aws-us-gov", - DnsSuffix: "amazonaws.com", - DualStackDnsSuffix: "api.aws", - SupportsFIPS: true, - SupportsDualStack: true, - ImplicitGlobalRegion: "us-gov-west-1", - }, - Regions: map[string]RegionOverrides{ - "aws-us-gov-global": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-gov-east-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-gov-west-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - }, - }, - { - ID: "aws-iso", - RegionRegex: "^us\\-iso\\-\\w+\\-\\d+$", - DefaultConfig: PartitionConfig{ - Name: "aws-iso", - DnsSuffix: "c2s.ic.gov", - DualStackDnsSuffix: "c2s.ic.gov", - SupportsFIPS: true, - SupportsDualStack: false, - ImplicitGlobalRegion: "us-iso-east-1", - }, - Regions: map[string]RegionOverrides{ - "aws-iso-global": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-iso-east-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-iso-west-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - }, - }, - { - ID: "aws-iso-b", - RegionRegex: "^us\\-isob\\-\\w+\\-\\d+$", - DefaultConfig: PartitionConfig{ - Name: "aws-iso-b", - DnsSuffix: "sc2s.sgov.gov", - DualStackDnsSuffix: "sc2s.sgov.gov", - SupportsFIPS: true, - SupportsDualStack: false, - ImplicitGlobalRegion: "us-isob-east-1", - }, - Regions: map[string]RegionOverrides{ - "aws-iso-b-global": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - "us-isob-east-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - }, - }, - { - ID: "aws-iso-e", - RegionRegex: "^eu\\-isoe\\-\\w+\\-\\d+$", - DefaultConfig: PartitionConfig{ - Name: "aws-iso-e", - DnsSuffix: "cloud.adc-e.uk", - DualStackDnsSuffix: "cloud.adc-e.uk", - SupportsFIPS: true, - SupportsDualStack: false, - ImplicitGlobalRegion: "eu-isoe-west-1", - }, - Regions: map[string]RegionOverrides{ - "eu-isoe-west-1": { - Name: nil, - DnsSuffix: nil, - DualStackDnsSuffix: nil, - SupportsFIPS: nil, - SupportsDualStack: nil, - }, - }, - }, - { - ID: "aws-iso-f", - RegionRegex: "^us\\-isof\\-\\w+\\-\\d+$", - DefaultConfig: PartitionConfig{ - Name: "aws-iso-f", - DnsSuffix: "csp.hci.ic.gov", - DualStackDnsSuffix: "csp.hci.ic.gov", - SupportsFIPS: true, - SupportsDualStack: false, - ImplicitGlobalRegion: "us-isof-south-1", - }, - Regions: map[string]RegionOverrides{}, - }, -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json deleted file mode 100644 index e19224f1..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn/partitions.json +++ /dev/null @@ -1,239 +0,0 @@ -{ - "partitions" : [ { - "id" : "aws", - "outputs" : { - "dnsSuffix" : "amazonaws.com", - "dualStackDnsSuffix" : "api.aws", - "implicitGlobalRegion" : "us-east-1", - "name" : "aws", - "supportsDualStack" : true, - "supportsFIPS" : true - }, - "regionRegex" : "^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$", - "regions" : { - "af-south-1" : { - "description" : "Africa (Cape Town)" - }, - "ap-east-1" : { - "description" : "Asia Pacific (Hong Kong)" - }, - "ap-northeast-1" : { - "description" : "Asia Pacific (Tokyo)" - }, - "ap-northeast-2" : { - "description" : "Asia Pacific (Seoul)" - }, - "ap-northeast-3" : { - "description" : "Asia Pacific (Osaka)" - }, - "ap-south-1" : { - "description" : "Asia Pacific (Mumbai)" - }, - "ap-south-2" : { - "description" : "Asia Pacific (Hyderabad)" - }, - "ap-southeast-1" : { - "description" : "Asia Pacific (Singapore)" - }, - "ap-southeast-2" : { - "description" : "Asia Pacific (Sydney)" - }, - "ap-southeast-3" : { - "description" : "Asia Pacific (Jakarta)" - }, - "ap-southeast-4" : { - "description" : "Asia Pacific (Melbourne)" - }, - "ap-southeast-5" : { - "description" : "Asia Pacific (Malaysia)" - }, - "ap-southeast-7" : { - "description" : "Asia Pacific (Thailand)" - }, - "aws-global" : { - "description" : "AWS Standard global region" - }, - "ca-central-1" : { - "description" : "Canada (Central)" - }, - "ca-west-1" : { - "description" : "Canada West (Calgary)" - }, - "eu-central-1" : { - "description" : "Europe (Frankfurt)" - }, - "eu-central-2" : { - "description" : "Europe (Zurich)" - }, - "eu-north-1" : { - "description" : "Europe (Stockholm)" - }, - "eu-south-1" : { - "description" : "Europe (Milan)" - }, - "eu-south-2" : { - "description" : "Europe (Spain)" - }, - "eu-west-1" : { - "description" : "Europe (Ireland)" - }, - "eu-west-2" : { - "description" : "Europe (London)" - }, - "eu-west-3" : { - "description" : "Europe (Paris)" - }, - "il-central-1" : { - "description" : "Israel (Tel Aviv)" - }, - "me-central-1" : { - "description" : "Middle East (UAE)" - }, - "me-south-1" : { - "description" : "Middle East (Bahrain)" - }, - "mx-central-1" : { - "description" : "Mexico (Central)" - }, - "sa-east-1" : { - "description" : "South America (Sao Paulo)" - }, - "us-east-1" : { - "description" : "US East (N. Virginia)" - }, - "us-east-2" : { - "description" : "US East (Ohio)" - }, - "us-west-1" : { - "description" : "US West (N. California)" - }, - "us-west-2" : { - "description" : "US West (Oregon)" - } - } - }, { - "id" : "aws-cn", - "outputs" : { - "dnsSuffix" : "amazonaws.com.cn", - "dualStackDnsSuffix" : "api.amazonwebservices.com.cn", - "implicitGlobalRegion" : "cn-northwest-1", - "name" : "aws-cn", - "supportsDualStack" : true, - "supportsFIPS" : true - }, - "regionRegex" : "^cn\\-\\w+\\-\\d+$", - "regions" : { - "aws-cn-global" : { - "description" : "AWS China global region" - }, - "cn-north-1" : { - "description" : "China (Beijing)" - }, - "cn-northwest-1" : { - "description" : "China (Ningxia)" - } - } - }, { - "id" : "aws-us-gov", - "outputs" : { - "dnsSuffix" : "amazonaws.com", - "dualStackDnsSuffix" : "api.aws", - "implicitGlobalRegion" : "us-gov-west-1", - "name" : "aws-us-gov", - "supportsDualStack" : true, - "supportsFIPS" : true - }, - "regionRegex" : "^us\\-gov\\-\\w+\\-\\d+$", - "regions" : { - "aws-us-gov-global" : { - "description" : "AWS GovCloud (US) global region" - }, - "us-gov-east-1" : { - "description" : "AWS GovCloud (US-East)" - }, - "us-gov-west-1" : { - "description" : "AWS GovCloud (US-West)" - } - } - }, { - "id" : "aws-iso", - "outputs" : { - "dnsSuffix" : "c2s.ic.gov", - "dualStackDnsSuffix" : "c2s.ic.gov", - "implicitGlobalRegion" : "us-iso-east-1", - "name" : "aws-iso", - "supportsDualStack" : false, - "supportsFIPS" : true - }, - "regionRegex" : "^us\\-iso\\-\\w+\\-\\d+$", - "regions" : { - "aws-iso-global" : { - "description" : "AWS ISO (US) global region" - }, - "us-iso-east-1" : { - "description" : "US ISO East" - }, - "us-iso-west-1" : { - "description" : "US ISO WEST" - } - } - }, { - "id" : "aws-iso-b", - "outputs" : { - "dnsSuffix" : "sc2s.sgov.gov", - "dualStackDnsSuffix" : "sc2s.sgov.gov", - "implicitGlobalRegion" : "us-isob-east-1", - "name" : "aws-iso-b", - "supportsDualStack" : false, - "supportsFIPS" : true - }, - "regionRegex" : "^us\\-isob\\-\\w+\\-\\d+$", - "regions" : { - "aws-iso-b-global" : { - "description" : "AWS ISOB (US) global region" - }, - "us-isob-east-1" : { - "description" : "US ISOB East (Ohio)" - } - } - }, { - "id" : "aws-iso-e", - "outputs" : { - "dnsSuffix" : "cloud.adc-e.uk", - "dualStackDnsSuffix" : "cloud.adc-e.uk", - "implicitGlobalRegion" : "eu-isoe-west-1", - "name" : "aws-iso-e", - "supportsDualStack" : false, - "supportsFIPS" : true - }, - "regionRegex" : "^eu\\-isoe\\-\\w+\\-\\d+$", - "regions" : { - "eu-isoe-west-1" : { - "description" : "EU ISOE West" - } - } - }, { - "id" : "aws-iso-f", - "outputs" : { - "dnsSuffix" : "csp.hci.ic.gov", - "dualStackDnsSuffix" : "csp.hci.ic.gov", - "implicitGlobalRegion" : "us-isof-south-1", - "name" : "aws-iso-f", - "supportsDualStack" : false, - "supportsFIPS" : true - }, - "regionRegex" : "^us\\-isof\\-\\w+\\-\\d+$", - "regions" : { - "aws-iso-f-global" : { - "description" : "AWS ISOF global region" - }, - "us-isof-east-1" : { - "description" : "US ISOF EAST" - }, - "us-isof-south-1" : { - "description" : "US ISOF SOUTH" - } - } - } ], - "version" : "1.1" -} \ No newline at end of file diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/endpoints.go deleted file mode 100644 index 67950ca3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/endpoints.go +++ /dev/null @@ -1,201 +0,0 @@ -package endpoints - -import ( - "fmt" - "regexp" - "strings" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -const ( - defaultProtocol = "https" - defaultSigner = "v4" -) - -var ( - protocolPriority = []string{"https", "http"} - signerPriority = []string{"v4"} -) - -// Options provide configuration needed to direct how endpoints are resolved. -type Options struct { - // Disable usage of HTTPS (TLS / SSL) - DisableHTTPS bool -} - -// Partitions is a slice of partition -type Partitions []Partition - -// ResolveEndpoint resolves a service endpoint for the given region and options. -func (ps Partitions) ResolveEndpoint(region string, opts Options) (aws.Endpoint, error) { - if len(ps) == 0 { - return aws.Endpoint{}, fmt.Errorf("no partitions found") - } - - for i := 0; i < len(ps); i++ { - if !ps[i].canResolveEndpoint(region) { - continue - } - - return ps[i].ResolveEndpoint(region, opts) - } - - // fallback to first partition format to use when resolving the endpoint. - return ps[0].ResolveEndpoint(region, opts) -} - -// Partition is an AWS partition description for a service and its' region endpoints. -type Partition struct { - ID string - RegionRegex *regexp.Regexp - PartitionEndpoint string - IsRegionalized bool - Defaults Endpoint - Endpoints Endpoints -} - -func (p Partition) canResolveEndpoint(region string) bool { - _, ok := p.Endpoints[region] - return ok || p.RegionRegex.MatchString(region) -} - -// ResolveEndpoint resolves and service endpoint for the given region and options. -func (p Partition) ResolveEndpoint(region string, options Options) (resolved aws.Endpoint, err error) { - if len(region) == 0 && len(p.PartitionEndpoint) != 0 { - region = p.PartitionEndpoint - } - - e, _ := p.endpointForRegion(region) - - return e.resolve(p.ID, region, p.Defaults, options), nil -} - -func (p Partition) endpointForRegion(region string) (Endpoint, bool) { - if e, ok := p.Endpoints[region]; ok { - return e, true - } - - if !p.IsRegionalized { - return p.Endpoints[p.PartitionEndpoint], region == p.PartitionEndpoint - } - - // Unable to find any matching endpoint, return - // blank that will be used for generic endpoint creation. - return Endpoint{}, false -} - -// Endpoints is a map of service config regions to endpoints -type Endpoints map[string]Endpoint - -// CredentialScope is the credential scope of a region and service -type CredentialScope struct { - Region string - Service string -} - -// Endpoint is a service endpoint description -type Endpoint struct { - // True if the endpoint cannot be resolved for this partition/region/service - Unresolveable aws.Ternary - - Hostname string - Protocols []string - - CredentialScope CredentialScope - - SignatureVersions []string `json:"signatureVersions"` -} - -func (e Endpoint) resolve(partition, region string, def Endpoint, options Options) aws.Endpoint { - var merged Endpoint - merged.mergeIn(def) - merged.mergeIn(e) - e = merged - - var u string - if e.Unresolveable != aws.TrueTernary { - // Only attempt to resolve the endpoint if it can be resolved. - hostname := strings.Replace(e.Hostname, "{region}", region, 1) - - scheme := getEndpointScheme(e.Protocols, options.DisableHTTPS) - u = scheme + "://" + hostname - } - - signingRegion := e.CredentialScope.Region - if len(signingRegion) == 0 { - signingRegion = region - } - signingName := e.CredentialScope.Service - - return aws.Endpoint{ - URL: u, - PartitionID: partition, - SigningRegion: signingRegion, - SigningName: signingName, - SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner), - } -} - -func (e *Endpoint) mergeIn(other Endpoint) { - if other.Unresolveable != aws.UnknownTernary { - e.Unresolveable = other.Unresolveable - } - if len(other.Hostname) > 0 { - e.Hostname = other.Hostname - } - if len(other.Protocols) > 0 { - e.Protocols = other.Protocols - } - if len(other.CredentialScope.Region) > 0 { - e.CredentialScope.Region = other.CredentialScope.Region - } - if len(other.CredentialScope.Service) > 0 { - e.CredentialScope.Service = other.CredentialScope.Service - } - if len(other.SignatureVersions) > 0 { - e.SignatureVersions = other.SignatureVersions - } -} - -func getEndpointScheme(protocols []string, disableHTTPS bool) string { - if disableHTTPS { - return "http" - } - - return getByPriority(protocols, protocolPriority, defaultProtocol) -} - -func getByPriority(s []string, p []string, def string) string { - if len(s) == 0 { - return def - } - - for i := 0; i < len(p); i++ { - for j := 0; j < len(s); j++ { - if s[j] == p[i] { - return s[j] - } - } - } - - return s[0] -} - -// MapFIPSRegion extracts the intrinsic AWS region from one that may have an -// embedded FIPS microformat. -func MapFIPSRegion(region string) string { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(region, fipsInfix) || - strings.Contains(region, fipsPrefix) || - strings.Contains(region, fipsSuffix) { - region = strings.ReplaceAll(region, fipsInfix, "-") - region = strings.ReplaceAll(region, fipsPrefix, "") - region = strings.ReplaceAll(region, fipsSuffix, "") - } - - return region -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md deleted file mode 100644 index 83e5bd28..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md +++ /dev/null @@ -1,375 +0,0 @@ -# v2.6.34 (2025-02-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.33 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.32 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.31 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.30 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.29 (2025-01-24) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v2.6.28 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.27 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.26 (2024-12-19) - -* **Bug Fix**: Fix improper use of printf-style functions. -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.25 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.24 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.23 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.22 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.21 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.20 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.19 (2024-10-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.18 (2024-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.17 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.16 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.15 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.14 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.13 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.12 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.11 (2024-06-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.10 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.9 (2024-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.8 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.7 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.6 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.5 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.4 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.3 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.2 (2024-02-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.1 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.6.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.10 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.9 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.8 (2023-12-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.7 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.6 (2023-11-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.5 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.4 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.3 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.2 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.1 (2023-11-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.5.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.37 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.36 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.35 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.34 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.33 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.32 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.31 (2023-07-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.30 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.29 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.28 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.27 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.26 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.25 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.24 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.23 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.22 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.21 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.20 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.19 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.18 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.17 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.16 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.15 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.14 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.13 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.12 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.11 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.10 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.9 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.8 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.7 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.6 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.5 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.4 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.3 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.2 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.1 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.4.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.3.0 (2022-02-24) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.2.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.1.0 (2022-01-07) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.0.2 (2021-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.0.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v2.0.0 (2021-11-06) - -* **Release**: Endpoint Variant Model Support -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/endpoints.go deleted file mode 100644 index 32251a7e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/endpoints.go +++ /dev/null @@ -1,302 +0,0 @@ -package endpoints - -import ( - "fmt" - "github.com/aws/smithy-go/logging" - "regexp" - "strings" - - "github.com/aws/aws-sdk-go-v2/aws" -) - -// DefaultKey is a compound map key of a variant and other values. -type DefaultKey struct { - Variant EndpointVariant - ServiceVariant ServiceVariant -} - -// EndpointKey is a compound map key of a region and associated variant value. -type EndpointKey struct { - Region string - Variant EndpointVariant - ServiceVariant ServiceVariant -} - -// EndpointVariant is a bit field to describe the endpoints attributes. -type EndpointVariant uint64 - -const ( - // FIPSVariant indicates that the endpoint is FIPS capable. - FIPSVariant EndpointVariant = 1 << (64 - 1 - iota) - - // DualStackVariant indicates that the endpoint is DualStack capable. - DualStackVariant -) - -// ServiceVariant is a bit field to describe the service endpoint attributes. -type ServiceVariant uint64 - -const ( - defaultProtocol = "https" - defaultSigner = "v4" -) - -var ( - protocolPriority = []string{"https", "http"} - signerPriority = []string{"v4", "s3v4"} -) - -// Options provide configuration needed to direct how endpoints are resolved. -type Options struct { - // Logger is a logging implementation that log events should be sent to. - Logger logging.Logger - - // LogDeprecated indicates that deprecated endpoints should be logged to the provided logger. - LogDeprecated bool - - // ResolvedRegion is the resolved region string. If provided (non-zero length) it takes priority - // over the region name passed to the ResolveEndpoint call. - ResolvedRegion string - - // Disable usage of HTTPS (TLS / SSL) - DisableHTTPS bool - - // Instruct the resolver to use a service endpoint that supports dual-stack. - // If a service does not have a dual-stack endpoint an error will be returned by the resolver. - UseDualStackEndpoint aws.DualStackEndpointState - - // Instruct the resolver to use a service endpoint that supports FIPS. - // If a service does not have a FIPS endpoint an error will be returned by the resolver. - UseFIPSEndpoint aws.FIPSEndpointState - - // ServiceVariant is a bitfield of service specified endpoint variant data. - ServiceVariant ServiceVariant -} - -// GetEndpointVariant returns the EndpointVariant for the variant associated options. -func (o Options) GetEndpointVariant() (v EndpointVariant) { - if o.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled { - v |= DualStackVariant - } - if o.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled { - v |= FIPSVariant - } - return v -} - -// Partitions is a slice of partition -type Partitions []Partition - -// ResolveEndpoint resolves a service endpoint for the given region and options. -func (ps Partitions) ResolveEndpoint(region string, opts Options) (aws.Endpoint, error) { - if len(ps) == 0 { - return aws.Endpoint{}, fmt.Errorf("no partitions found") - } - - if opts.Logger == nil { - opts.Logger = logging.Nop{} - } - - if len(opts.ResolvedRegion) > 0 { - region = opts.ResolvedRegion - } - - for i := 0; i < len(ps); i++ { - if !ps[i].canResolveEndpoint(region, opts) { - continue - } - - return ps[i].ResolveEndpoint(region, opts) - } - - // fallback to first partition format to use when resolving the endpoint. - return ps[0].ResolveEndpoint(region, opts) -} - -// Partition is an AWS partition description for a service and its' region endpoints. -type Partition struct { - ID string - RegionRegex *regexp.Regexp - PartitionEndpoint string - IsRegionalized bool - Defaults map[DefaultKey]Endpoint - Endpoints Endpoints -} - -func (p Partition) canResolveEndpoint(region string, opts Options) bool { - _, ok := p.Endpoints[EndpointKey{ - Region: region, - Variant: opts.GetEndpointVariant(), - }] - return ok || p.RegionRegex.MatchString(region) -} - -// ResolveEndpoint resolves and service endpoint for the given region and options. -func (p Partition) ResolveEndpoint(region string, options Options) (resolved aws.Endpoint, err error) { - if len(region) == 0 && len(p.PartitionEndpoint) != 0 { - region = p.PartitionEndpoint - } - - endpoints := p.Endpoints - - variant := options.GetEndpointVariant() - serviceVariant := options.ServiceVariant - - defaults := p.Defaults[DefaultKey{ - Variant: variant, - ServiceVariant: serviceVariant, - }] - - return p.endpointForRegion(region, variant, serviceVariant, endpoints).resolve(p.ID, region, defaults, options) -} - -func (p Partition) endpointForRegion(region string, variant EndpointVariant, serviceVariant ServiceVariant, endpoints Endpoints) Endpoint { - key := EndpointKey{ - Region: region, - Variant: variant, - } - - if e, ok := endpoints[key]; ok { - return e - } - - if !p.IsRegionalized { - return endpoints[EndpointKey{ - Region: p.PartitionEndpoint, - Variant: variant, - ServiceVariant: serviceVariant, - }] - } - - // Unable to find any matching endpoint, return - // blank that will be used for generic endpoint creation. - return Endpoint{} -} - -// Endpoints is a map of service config regions to endpoints -type Endpoints map[EndpointKey]Endpoint - -// CredentialScope is the credential scope of a region and service -type CredentialScope struct { - Region string - Service string -} - -// Endpoint is a service endpoint description -type Endpoint struct { - // True if the endpoint cannot be resolved for this partition/region/service - Unresolveable aws.Ternary - - Hostname string - Protocols []string - - CredentialScope CredentialScope - - SignatureVersions []string - - // Indicates that this endpoint is deprecated. - Deprecated aws.Ternary -} - -// IsZero returns whether the endpoint structure is an empty (zero) value. -func (e Endpoint) IsZero() bool { - switch { - case e.Unresolveable != aws.UnknownTernary: - return false - case len(e.Hostname) != 0: - return false - case len(e.Protocols) != 0: - return false - case e.CredentialScope != (CredentialScope{}): - return false - case len(e.SignatureVersions) != 0: - return false - } - return true -} - -func (e Endpoint) resolve(partition, region string, def Endpoint, options Options) (aws.Endpoint, error) { - var merged Endpoint - merged.mergeIn(def) - merged.mergeIn(e) - e = merged - - if e.IsZero() { - return aws.Endpoint{}, fmt.Errorf("unable to resolve endpoint for region: %v", region) - } - - var u string - if e.Unresolveable != aws.TrueTernary { - // Only attempt to resolve the endpoint if it can be resolved. - hostname := strings.Replace(e.Hostname, "{region}", region, 1) - - scheme := getEndpointScheme(e.Protocols, options.DisableHTTPS) - u = scheme + "://" + hostname - } - - signingRegion := e.CredentialScope.Region - if len(signingRegion) == 0 { - signingRegion = region - } - signingName := e.CredentialScope.Service - - if e.Deprecated == aws.TrueTernary && options.LogDeprecated { - options.Logger.Logf(logging.Warn, "endpoint identifier %q, url %q marked as deprecated", region, u) - } - - return aws.Endpoint{ - URL: u, - PartitionID: partition, - SigningRegion: signingRegion, - SigningName: signingName, - SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner), - }, nil -} - -func (e *Endpoint) mergeIn(other Endpoint) { - if other.Unresolveable != aws.UnknownTernary { - e.Unresolveable = other.Unresolveable - } - if len(other.Hostname) > 0 { - e.Hostname = other.Hostname - } - if len(other.Protocols) > 0 { - e.Protocols = other.Protocols - } - if len(other.CredentialScope.Region) > 0 { - e.CredentialScope.Region = other.CredentialScope.Region - } - if len(other.CredentialScope.Service) > 0 { - e.CredentialScope.Service = other.CredentialScope.Service - } - if len(other.SignatureVersions) > 0 { - e.SignatureVersions = other.SignatureVersions - } - if other.Deprecated != aws.UnknownTernary { - e.Deprecated = other.Deprecated - } -} - -func getEndpointScheme(protocols []string, disableHTTPS bool) string { - if disableHTTPS { - return "http" - } - - return getByPriority(protocols, protocolPriority, defaultProtocol) -} - -func getByPriority(s []string, p []string, def string) string { - if len(s) == 0 { - return def - } - - for i := 0; i < len(p); i++ { - for j := 0; j < len(s); j++ { - if s[j] == p[i] { - return s[j] - } - } - } - - return s[0] -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go deleted file mode 100644 index 735dba7a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package endpoints - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "2.6.34" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md deleted file mode 100644 index f729db53..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md +++ /dev/null @@ -1,283 +0,0 @@ -# v1.8.3 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 - -# v1.8.2 (2025-01-24) - -* **Bug Fix**: Refactor filepath.Walk to filepath.WalkDir - -# v1.8.1 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. - -# v1.8.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. - -# v1.7.3 (2024-01-22) - -* **Bug Fix**: Remove invalid escaping of shared config values. All values in the shared config file will now be interpreted literally, save for fully-quoted strings which are unwrapped for legacy reasons. - -# v1.7.2 (2023-12-08) - -* **Bug Fix**: Correct loading of [services *] sections into shared config. - -# v1.7.1 (2023-11-16) - -* **Bug Fix**: Fix recognition of trailing comments in shared config properties. # or ; separators that aren't preceded by whitespace at the end of a property value should be considered part of it. - -# v1.7.0 (2023-11-13) - -* **Feature**: Replace the legacy config parser with a modern, less-strict implementation. Parsing failures within a section will now simply ignore the invalid line rather than silently drop the entire section. - -# v1.6.0 (2023-11-09.2) - -* **Feature**: BREAKFIX: In order to support subproperty parsing, invalid property definitions must not be ignored - -# v1.5.2 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.1 (2023-11-07) - -* **Bug Fix**: Fix subproperty performance regression - -# v1.5.0 (2023-11-01) - -* **Feature**: Adds support for configured endpoints via environment variables and the AWS shared configuration file. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.45 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.44 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.43 (2023-09-22) - -* **Bug Fix**: Fixed a bug where merging `max_attempts` or `duration_seconds` fields across shared config files with invalid values would silently default them to 0. -* **Bug Fix**: Move type assertion of config values out of the parsing stage, which resolves an issue where the contents of a profile would silently be dropped with certain numeric formats. - -# v1.3.42 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.41 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.40 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.39 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.38 (2023-07-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.37 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.36 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.35 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.34 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.33 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.32 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.31 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.30 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.29 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.28 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.27 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.26 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.25 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.24 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.23 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.22 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.21 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.20 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.19 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.18 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.17 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.16 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.15 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.14 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.13 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.12 (2022-05-17) - -* **Bug Fix**: Removes the fuzz testing files from the module, as they are invalid and not used. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.11 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.10 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.9 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.8 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.7 (2022-03-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.6 (2022-02-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.5 (2022-01-28) - -* **Bug Fix**: Fixes the SDK's handling of `duration_sections` in the shared credentials file or specified in multiple shared config and shared credentials files under the same profile. [#1568](https://github.com/aws/aws-sdk-go-v2/pull/1568). Thanks to [Amir Szekely](https://github.com/kichik) for help reproduce this bug. - -# v1.3.4 (2022-01-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.3 (2022-01-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.2 (2021-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2021-11-06) - -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.5 (2021-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.4 (2021-10-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.3 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.2 (2021-08-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.1 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.0 (2021-08-04) - -* **Feature**: adds error handling for defered close calls -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.1 (2021-07-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.0 (2021-07-01) - -* **Feature**: Support for `:`, `=`, `[`, `]` being present in expression values. - -# v1.0.1 (2021-06-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.0.0 (2021-05-20) - -* **Release**: The `github.com/aws/aws-sdk-go-v2/internal/ini` package is now a Go Module. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/errors.go deleted file mode 100644 index 0f278d55..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/errors.go +++ /dev/null @@ -1,22 +0,0 @@ -package ini - -import "fmt" - -// UnableToReadFile is an error indicating that a ini file could not be read -type UnableToReadFile struct { - Err error -} - -// Error returns an error message and the underlying error message if present -func (e *UnableToReadFile) Error() string { - base := "unable to read file" - if e.Err == nil { - return base - } - return fmt.Sprintf("%s: %v", base, e.Err) -} - -// Unwrap returns the underlying error -func (e *UnableToReadFile) Unwrap() error { - return e.Err -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go deleted file mode 100644 index 00df0e3c..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package ini - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.8.3" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/ini.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/ini.go deleted file mode 100644 index cefcce91..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/ini.go +++ /dev/null @@ -1,56 +0,0 @@ -// Package ini implements parsing of the AWS shared config file. -// -// Example: -// sections, err := ini.OpenFile("/path/to/file") -// if err != nil { -// panic(err) -// } -// -// profile := "foo" -// section, ok := sections.GetSection(profile) -// if !ok { -// fmt.Printf("section %q could not be found", profile) -// } -package ini - -import ( - "fmt" - "io" - "os" - "strings" -) - -// OpenFile parses shared config from the given file path. -func OpenFile(path string) (sections Sections, err error) { - f, oerr := os.Open(path) - if oerr != nil { - return Sections{}, &UnableToReadFile{Err: oerr} - } - - defer func() { - closeErr := f.Close() - if err == nil { - err = closeErr - } else if closeErr != nil { - err = fmt.Errorf("close error: %v, original error: %w", closeErr, err) - } - }() - - return Parse(f, path) -} - -// Parse parses shared config from the given reader. -func Parse(r io.Reader, path string) (Sections, error) { - contents, err := io.ReadAll(r) - if err != nil { - return Sections{}, fmt.Errorf("read all: %v", err) - } - - lines := strings.Split(string(contents), "\n") - tokens, err := tokenize(lines) - if err != nil { - return Sections{}, fmt.Errorf("tokenize: %v", err) - } - - return parse(tokens, path), nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/parse.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/parse.go deleted file mode 100644 index 2422d904..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/parse.go +++ /dev/null @@ -1,109 +0,0 @@ -package ini - -import ( - "fmt" - "strings" -) - -func parse(tokens []lineToken, path string) Sections { - parser := &parser{ - path: path, - sections: NewSections(), - } - parser.parse(tokens) - return parser.sections -} - -type parser struct { - csection, ckey string // current state - path string // source file path - sections Sections // parse result -} - -func (p *parser) parse(tokens []lineToken) { - for _, otok := range tokens { - switch tok := otok.(type) { - case *lineTokenProfile: - p.handleProfile(tok) - case *lineTokenProperty: - p.handleProperty(tok) - case *lineTokenSubProperty: - p.handleSubProperty(tok) - case *lineTokenContinuation: - p.handleContinuation(tok) - } - } -} - -func (p *parser) handleProfile(tok *lineTokenProfile) { - name := tok.Name - if tok.Type != "" { - name = fmt.Sprintf("%s %s", tok.Type, tok.Name) - } - p.ckey = "" - p.csection = name - if _, ok := p.sections.container[name]; !ok { - p.sections.container[name] = NewSection(name) - } -} - -func (p *parser) handleProperty(tok *lineTokenProperty) { - if p.csection == "" { - return // LEGACY: don't error on "global" properties - } - - p.ckey = tok.Key - if _, ok := p.sections.container[p.csection].values[tok.Key]; ok { - section := p.sections.container[p.csection] - section.Logs = append(p.sections.container[p.csection].Logs, - fmt.Sprintf( - "For profile: %v, overriding %v value, with a %v value found in a duplicate profile defined later in the same file %v. \n", - p.csection, tok.Key, tok.Key, p.path, - ), - ) - p.sections.container[p.csection] = section - } - - p.sections.container[p.csection].values[tok.Key] = Value{ - str: tok.Value, - } - p.sections.container[p.csection].SourceFile[tok.Key] = p.path -} - -func (p *parser) handleSubProperty(tok *lineTokenSubProperty) { - if p.csection == "" { - return // LEGACY: don't error on "global" properties - } - - if p.ckey == "" || p.sections.container[p.csection].values[p.ckey].str != "" { - // This is an "orphaned" subproperty, either because it's at - // the beginning of a section or because the last property's - // value isn't empty. Either way we're lenient here and - // "promote" this to a normal property. - p.handleProperty(&lineTokenProperty{ - Key: tok.Key, - Value: strings.TrimSpace(trimPropertyComment(tok.Value)), - }) - return - } - - if p.sections.container[p.csection].values[p.ckey].mp == nil { - p.sections.container[p.csection].values[p.ckey] = Value{ - mp: map[string]string{}, - } - } - p.sections.container[p.csection].values[p.ckey].mp[tok.Key] = tok.Value -} - -func (p *parser) handleContinuation(tok *lineTokenContinuation) { - if p.ckey == "" { - return - } - - value, _ := p.sections.container[p.csection].values[p.ckey] - if value.str != "" && value.mp == nil { - value.str = fmt.Sprintf("%s\n%s", value.str, tok.Value) - } - - p.sections.container[p.csection].values[p.ckey] = value -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/sections.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/sections.go deleted file mode 100644 index dd89848e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/sections.go +++ /dev/null @@ -1,157 +0,0 @@ -package ini - -import ( - "sort" -) - -// Sections is a map of Section structures that represent -// a configuration. -type Sections struct { - container map[string]Section -} - -// NewSections returns empty ini Sections -func NewSections() Sections { - return Sections{ - container: make(map[string]Section, 0), - } -} - -// GetSection will return section p. If section p does not exist, -// false will be returned in the second parameter. -func (t Sections) GetSection(p string) (Section, bool) { - v, ok := t.container[p] - return v, ok -} - -// HasSection denotes if Sections consist of a section with -// provided name. -func (t Sections) HasSection(p string) bool { - _, ok := t.container[p] - return ok -} - -// SetSection sets a section value for provided section name. -func (t Sections) SetSection(p string, v Section) Sections { - t.container[p] = v - return t -} - -// DeleteSection deletes a section entry/value for provided section name./ -func (t Sections) DeleteSection(p string) { - delete(t.container, p) -} - -// values represents a map of union values. -type values map[string]Value - -// List will return a list of all sections that were successfully -// parsed. -func (t Sections) List() []string { - keys := make([]string, len(t.container)) - i := 0 - for k := range t.container { - keys[i] = k - i++ - } - - sort.Strings(keys) - return keys -} - -// Section contains a name and values. This represent -// a sectioned entry in a configuration file. -type Section struct { - // Name is the Section profile name - Name string - - // values are the values within parsed profile - values values - - // Errors is the list of errors - Errors []error - - // Logs is the list of logs - Logs []string - - // SourceFile is the INI Source file from where this section - // was retrieved. They key is the property, value is the - // source file the property was retrieved from. - SourceFile map[string]string -} - -// NewSection returns an initialize section for the name -func NewSection(name string) Section { - return Section{ - Name: name, - values: values{}, - SourceFile: map[string]string{}, - } -} - -// List will return a list of all -// services in values -func (t Section) List() []string { - keys := make([]string, len(t.values)) - i := 0 - for k := range t.values { - keys[i] = k - i++ - } - - sort.Strings(keys) - return keys -} - -// UpdateSourceFile updates source file for a property to provided filepath. -func (t Section) UpdateSourceFile(property string, filepath string) { - t.SourceFile[property] = filepath -} - -// UpdateValue updates value for a provided key with provided value -func (t Section) UpdateValue(k string, v Value) error { - t.values[k] = v - return nil -} - -// Has will return whether or not an entry exists in a given section -func (t Section) Has(k string) bool { - _, ok := t.values[k] - return ok -} - -// ValueType will returned what type the union is set to. If -// k was not found, the NoneType will be returned. -func (t Section) ValueType(k string) (ValueType, bool) { - v, ok := t.values[k] - return v.Type, ok -} - -// Bool returns a bool value at k -func (t Section) Bool(k string) (bool, bool) { - return t.values[k].BoolValue() -} - -// Int returns an integer value at k -func (t Section) Int(k string) (int64, bool) { - return t.values[k].IntValue() -} - -// Map returns a map value at k -func (t Section) Map(k string) map[string]string { - return t.values[k].MapValue() -} - -// Float64 returns a float value at k -func (t Section) Float64(k string) (float64, bool) { - return t.values[k].FloatValue() -} - -// String returns the string value at k -func (t Section) String(k string) string { - _, ok := t.values[k] - if !ok { - return "" - } - return t.values[k].StringValue() -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go deleted file mode 100644 index ed77d083..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/strings.go +++ /dev/null @@ -1,89 +0,0 @@ -package ini - -import ( - "strings" -) - -func trimProfileComment(s string) string { - r, _, _ := strings.Cut(s, "#") - r, _, _ = strings.Cut(r, ";") - return r -} - -func trimPropertyComment(s string) string { - r, _, _ := strings.Cut(s, " #") - r, _, _ = strings.Cut(r, " ;") - r, _, _ = strings.Cut(r, "\t#") - r, _, _ = strings.Cut(r, "\t;") - return r -} - -// assumes no surrounding comment -func splitProperty(s string) (string, string, bool) { - equalsi := strings.Index(s, "=") - coloni := strings.Index(s, ":") // LEGACY: also supported for property assignment - sep := "=" - if equalsi == -1 || coloni != -1 && coloni < equalsi { - sep = ":" - } - - k, v, ok := strings.Cut(s, sep) - if !ok { - return "", "", false - } - return strings.TrimSpace(k), strings.TrimSpace(v), true -} - -// assumes no surrounding comment, whitespace, or profile brackets -func splitProfile(s string) (string, string) { - var first int - for i, r := range s { - if isLineSpace(r) { - if first == 0 { - first = i - } - } else { - if first != 0 { - return s[:first], s[i:] - } - } - } - if first == 0 { - return "", s // type component is effectively blank - } - return "", "" -} - -func isLineSpace(r rune) bool { - return r == ' ' || r == '\t' -} - -func unquote(s string) string { - if isSingleQuoted(s) || isDoubleQuoted(s) { - return s[1 : len(s)-1] - } - return s -} - -// applies various legacy conversions to property values: -// - remote wrapping single/doublequotes -func legacyStrconv(s string) string { - s = unquote(s) - return s -} - -func isSingleQuoted(s string) bool { - return hasAffixes(s, "'", "'") -} - -func isDoubleQuoted(s string) bool { - return hasAffixes(s, `"`, `"`) -} - -func isBracketed(s string) bool { - return hasAffixes(s, "[", "]") -} - -func hasAffixes(s, left, right string) bool { - return strings.HasPrefix(s, left) && strings.HasSuffix(s, right) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/token.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/token.go deleted file mode 100644 index 6e9a0374..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/token.go +++ /dev/null @@ -1,32 +0,0 @@ -package ini - -type lineToken interface { - isLineToken() -} - -type lineTokenProfile struct { - Type string - Name string -} - -func (*lineTokenProfile) isLineToken() {} - -type lineTokenProperty struct { - Key string - Value string -} - -func (*lineTokenProperty) isLineToken() {} - -type lineTokenContinuation struct { - Value string -} - -func (*lineTokenContinuation) isLineToken() {} - -type lineTokenSubProperty struct { - Key string - Value string -} - -func (*lineTokenSubProperty) isLineToken() {} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/tokenize.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/tokenize.go deleted file mode 100644 index 89a77368..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/tokenize.go +++ /dev/null @@ -1,92 +0,0 @@ -package ini - -import ( - "strings" -) - -func tokenize(lines []string) ([]lineToken, error) { - tokens := make([]lineToken, 0, len(lines)) - for _, line := range lines { - if len(strings.TrimSpace(line)) == 0 || isLineComment(line) { - continue - } - - if tok := asProfile(line); tok != nil { - tokens = append(tokens, tok) - } else if tok := asProperty(line); tok != nil { - tokens = append(tokens, tok) - } else if tok := asSubProperty(line); tok != nil { - tokens = append(tokens, tok) - } else if tok := asContinuation(line); tok != nil { - tokens = append(tokens, tok) - } // unrecognized tokens are effectively ignored - } - return tokens, nil -} - -func isLineComment(line string) bool { - trimmed := strings.TrimLeft(line, " \t") - return strings.HasPrefix(trimmed, "#") || strings.HasPrefix(trimmed, ";") -} - -func asProfile(line string) *lineTokenProfile { // " [ type name ] ; comment" - trimmed := strings.TrimSpace(trimProfileComment(line)) // "[ type name ]" - if !isBracketed(trimmed) { - return nil - } - trimmed = trimmed[1 : len(trimmed)-1] // " type name " (or just " name ") - trimmed = strings.TrimSpace(trimmed) // "type name" / "name" - typ, name := splitProfile(trimmed) - return &lineTokenProfile{ - Type: typ, - Name: name, - } -} - -func asProperty(line string) *lineTokenProperty { - if isLineSpace(rune(line[0])) { - return nil - } - - trimmed := trimPropertyComment(line) - trimmed = strings.TrimRight(trimmed, " \t") - k, v, ok := splitProperty(trimmed) - if !ok { - return nil - } - - return &lineTokenProperty{ - Key: strings.ToLower(k), // LEGACY: normalize key case - Value: legacyStrconv(v), // LEGACY: see func docs - } -} - -func asSubProperty(line string) *lineTokenSubProperty { - if !isLineSpace(rune(line[0])) { - return nil - } - - // comments on sub-properties are included in the value - trimmed := strings.TrimLeft(line, " \t") - k, v, ok := splitProperty(trimmed) - if !ok { - return nil - } - - return &lineTokenSubProperty{ // same LEGACY constraints as in normal property - Key: strings.ToLower(k), - Value: legacyStrconv(v), - } -} - -func asContinuation(line string) *lineTokenContinuation { - if !isLineSpace(rune(line[0])) { - return nil - } - - // includes comments like sub-properties - trimmed := strings.TrimLeft(line, " \t") - return &lineTokenContinuation{ - Value: trimmed, - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/value.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/value.go deleted file mode 100644 index e3706b3c..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/value.go +++ /dev/null @@ -1,93 +0,0 @@ -package ini - -import ( - "fmt" - "strconv" - "strings" -) - -// ValueType is an enum that will signify what type -// the Value is -type ValueType int - -func (v ValueType) String() string { - switch v { - case NoneType: - return "NONE" - case StringType: - return "STRING" - } - - return "" -} - -// ValueType enums -const ( - NoneType = ValueType(iota) - StringType - QuotedStringType -) - -// Value is a union container -type Value struct { - Type ValueType - - str string - mp map[string]string -} - -// NewStringValue returns a Value type generated using a string input. -func NewStringValue(str string) (Value, error) { - return Value{str: str}, nil -} - -func (v Value) String() string { - switch v.Type { - case StringType: - return fmt.Sprintf("string: %s", string(v.str)) - case QuotedStringType: - return fmt.Sprintf("quoted string: %s", string(v.str)) - default: - return "union not set" - } -} - -// MapValue returns a map value for sub properties -func (v Value) MapValue() map[string]string { - return v.mp -} - -// IntValue returns an integer value -func (v Value) IntValue() (int64, bool) { - i, err := strconv.ParseInt(string(v.str), 0, 64) - if err != nil { - return 0, false - } - return i, true -} - -// FloatValue returns a float value -func (v Value) FloatValue() (float64, bool) { - f, err := strconv.ParseFloat(string(v.str), 64) - if err != nil { - return 0, false - } - return f, true -} - -// BoolValue returns a bool value -func (v Value) BoolValue() (bool, bool) { - // we don't use ParseBool as it recognizes more than what we've - // historically supported - if strings.EqualFold(v.str, "true") { - return true, true - } else if strings.EqualFold(v.str, "false") { - return false, true - } - return false, false -} - -// StringValue returns the string value -func (v Value) StringValue() string { - return v.str -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/middleware/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/middleware/middleware.go deleted file mode 100644 index 8e24a3f0..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/middleware/middleware.go +++ /dev/null @@ -1,42 +0,0 @@ -package middleware - -import ( - "context" - "sync/atomic" - "time" - - internalcontext "github.com/aws/aws-sdk-go-v2/internal/context" - "github.com/aws/smithy-go/middleware" -) - -// AddTimeOffsetMiddleware sets a value representing clock skew on the request context. -// This can be read by other operations (such as signing) to correct the date value they send -// on the request -type AddTimeOffsetMiddleware struct { - Offset *atomic.Int64 -} - -// ID the identifier for AddTimeOffsetMiddleware -func (m *AddTimeOffsetMiddleware) ID() string { return "AddTimeOffsetMiddleware" } - -// HandleBuild sets a value for attemptSkew on the request context if one is set on the client. -func (m AddTimeOffsetMiddleware) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - if m.Offset != nil { - offset := time.Duration(m.Offset.Load()) - ctx = internalcontext.SetAttemptSkewContext(ctx, offset) - } - return next.HandleBuild(ctx, in) -} - -// HandleDeserialize gets the clock skew context from the context, and if set, sets it on the pointer -// held by AddTimeOffsetMiddleware -func (m *AddTimeOffsetMiddleware) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - if v := internalcontext.GetAttemptSkewContext(ctx); v != 0 { - m.Offset.Store(v.Nanoseconds()) - } - return next.HandleDeserialize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/rand/rand.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/rand/rand.go deleted file mode 100644 index c8484dcd..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/rand/rand.go +++ /dev/null @@ -1,33 +0,0 @@ -package rand - -import ( - "crypto/rand" - "fmt" - "io" - "math/big" -) - -func init() { - Reader = rand.Reader -} - -// Reader provides a random reader that can reset during testing. -var Reader io.Reader - -var floatMaxBigInt = big.NewInt(1 << 53) - -// Float64 returns a float64 read from an io.Reader source. The returned float will be between [0.0, 1.0). -func Float64(reader io.Reader) (float64, error) { - bi, err := rand.Int(reader, floatMaxBigInt) - if err != nil { - return 0, fmt.Errorf("failed to read random value, %v", err) - } - - return float64(bi.Int64()) / (1 << 53), nil -} - -// CryptoRandFloat64 returns a random float64 obtained from the crypto rand -// source. -func CryptoRandFloat64() (float64, error) { - return Float64(Reader) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/sdk/interfaces.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/sdk/interfaces.go deleted file mode 100644 index 2b42cbe6..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/sdk/interfaces.go +++ /dev/null @@ -1,9 +0,0 @@ -package sdk - -// Invalidator provides access to a type's invalidate method to make it -// invalidate it cache. -// -// e.g aws.SafeCredentialsProvider's Invalidate method. -type Invalidator interface { - Invalidate() -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/sdk/time.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/sdk/time.go deleted file mode 100644 index 8e8dabad..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/sdk/time.go +++ /dev/null @@ -1,74 +0,0 @@ -package sdk - -import ( - "context" - "time" -) - -func init() { - NowTime = time.Now - Sleep = time.Sleep - SleepWithContext = sleepWithContext -} - -// NowTime is a value for getting the current time. This value can be overridden -// for testing mocking out current time. -var NowTime func() time.Time - -// Sleep is a value for sleeping for a duration. This value can be overridden -// for testing and mocking out sleep duration. -var Sleep func(time.Duration) - -// SleepWithContext will wait for the timer duration to expire, or the context -// is canceled. Which ever happens first. If the context is canceled the Context's -// error will be returned. -// -// This value can be overridden for testing and mocking out sleep duration. -var SleepWithContext func(context.Context, time.Duration) error - -// sleepWithContext will wait for the timer duration to expire, or the context -// is canceled. Which ever happens first. If the context is canceled the -// Context's error will be returned. -func sleepWithContext(ctx context.Context, dur time.Duration) error { - t := time.NewTimer(dur) - defer t.Stop() - - select { - case <-t.C: - break - case <-ctx.Done(): - return ctx.Err() - } - - return nil -} - -// noOpSleepWithContext does nothing, returns immediately. -func noOpSleepWithContext(context.Context, time.Duration) error { - return nil -} - -func noOpSleep(time.Duration) {} - -// TestingUseNopSleep is a utility for disabling sleep across the SDK for -// testing. -func TestingUseNopSleep() func() { - SleepWithContext = noOpSleepWithContext - Sleep = noOpSleep - - return func() { - SleepWithContext = sleepWithContext - Sleep = time.Sleep - } -} - -// TestingUseReferenceTime is a utility for swapping the time function across the SDK to return a specific reference time -// for testing purposes. -func TestingUseReferenceTime(referenceTime time.Time) func() { - NowTime = func() time.Time { - return referenceTime - } - return func() { - NowTime = time.Now - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/sdkio/byte.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/sdkio/byte.go deleted file mode 100644 index 6c443988..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/sdkio/byte.go +++ /dev/null @@ -1,12 +0,0 @@ -package sdkio - -const ( - // Byte is 8 bits - Byte int64 = 1 - // KibiByte (KiB) is 1024 Bytes - KibiByte = Byte * 1024 - // MebiByte (MiB) is 1024 KiB - MebiByte = KibiByte * 1024 - // GibiByte (GiB) is 1024 MiB - GibiByte = MebiByte * 1024 -) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/shareddefaults/shared_config.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/shareddefaults/shared_config.go deleted file mode 100644 index c96b717e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/shareddefaults/shared_config.go +++ /dev/null @@ -1,47 +0,0 @@ -package shareddefaults - -import ( - "os" - "os/user" - "path/filepath" -) - -// SharedCredentialsFilename returns the SDK's default file path -// for the shared credentials file. -// -// Builds the shared config file path based on the OS's platform. -// -// - Linux/Unix: $HOME/.aws/credentials -// - Windows: %USERPROFILE%\.aws\credentials -func SharedCredentialsFilename() string { - return filepath.Join(UserHomeDir(), ".aws", "credentials") -} - -// SharedConfigFilename returns the SDK's default file path for -// the shared config file. -// -// Builds the shared config file path based on the OS's platform. -// -// - Linux/Unix: $HOME/.aws/config -// - Windows: %USERPROFILE%\.aws\config -func SharedConfigFilename() string { - return filepath.Join(UserHomeDir(), ".aws", "config") -} - -// UserHomeDir returns the home directory for the user the process is -// running under. -func UserHomeDir() string { - // Ignore errors since we only care about Windows and *nix. - home, _ := os.UserHomeDir() - - if len(home) > 0 { - return home - } - - currUser, _ := user.Current() - if currUser != nil { - home = currUser.HomeDir - } - - return home -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/strings/strings.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/strings/strings.go deleted file mode 100644 index d008ae27..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/strings/strings.go +++ /dev/null @@ -1,11 +0,0 @@ -package strings - -import ( - "strings" -) - -// HasPrefixFold tests whether the string s begins with prefix, interpreted as UTF-8 strings, -// under Unicode case-folding. -func HasPrefixFold(s, prefix string) bool { - return len(s) >= len(prefix) && strings.EqualFold(s[0:len(prefix)], prefix) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/LICENSE b/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/LICENSE deleted file mode 100644 index fe6a6200..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/LICENSE +++ /dev/null @@ -1,28 +0,0 @@ -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/docs.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/docs.go deleted file mode 100644 index cb70616e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/docs.go +++ /dev/null @@ -1,7 +0,0 @@ -// Package singleflight provides a duplicate function call suppression -// mechanism. This package is a fork of the Go golang.org/x/sync/singleflight -// package. The package is forked, because the package a part of the unstable -// and unversioned golang.org/x/sync module. -// -// https://github.com/golang/sync/tree/67f06af15bc961c363a7260195bcd53487529a21/singleflight -package singleflight diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/singleflight.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/singleflight.go deleted file mode 100644 index e8a1b17d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/sync/singleflight/singleflight.go +++ /dev/null @@ -1,210 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package singleflight - -import ( - "bytes" - "errors" - "fmt" - "runtime" - "runtime/debug" - "sync" -) - -// errGoexit indicates the runtime.Goexit was called in -// the user given function. -var errGoexit = errors.New("runtime.Goexit was called") - -// A panicError is an arbitrary value recovered from a panic -// with the stack trace during the execution of given function. -type panicError struct { - value interface{} - stack []byte -} - -// Error implements error interface. -func (p *panicError) Error() string { - return fmt.Sprintf("%v\n\n%s", p.value, p.stack) -} - -func newPanicError(v interface{}) error { - stack := debug.Stack() - - // The first line of the stack trace is of the form "goroutine N [status]:" - // but by the time the panic reaches Do the goroutine may no longer exist - // and its status will have changed. Trim out the misleading line. - if line := bytes.IndexByte(stack[:], '\n'); line >= 0 { - stack = stack[line+1:] - } - return &panicError{value: v, stack: stack} -} - -// call is an in-flight or completed singleflight.Do call -type call struct { - wg sync.WaitGroup - - // These fields are written once before the WaitGroup is done - // and are only read after the WaitGroup is done. - val interface{} - err error - - // forgotten indicates whether Forget was called with this call's key - // while the call was still in flight. - forgotten bool - - // These fields are read and written with the singleflight - // mutex held before the WaitGroup is done, and are read but - // not written after the WaitGroup is done. - dups int - chans []chan<- Result -} - -// Group represents a class of work and forms a namespace in -// which units of work can be executed with duplicate suppression. -type Group struct { - mu sync.Mutex // protects m - m map[string]*call // lazily initialized -} - -// Result holds the results of Do, so they can be passed -// on a channel. -type Result struct { - Val interface{} - Err error - Shared bool -} - -// Do executes and returns the results of the given function, making -// sure that only one execution is in-flight for a given key at a -// time. If a duplicate comes in, the duplicate caller waits for the -// original to complete and receives the same results. -// The return value shared indicates whether v was given to multiple callers. -func (g *Group) Do(key string, fn func() (interface{}, error)) (v interface{}, err error, shared bool) { - g.mu.Lock() - if g.m == nil { - g.m = make(map[string]*call) - } - if c, ok := g.m[key]; ok { - c.dups++ - g.mu.Unlock() - c.wg.Wait() - - if e, ok := c.err.(*panicError); ok { - panic(e) - } else if c.err == errGoexit { - runtime.Goexit() - } - return c.val, c.err, true - } - c := new(call) - c.wg.Add(1) - g.m[key] = c - g.mu.Unlock() - - g.doCall(c, key, fn) - return c.val, c.err, c.dups > 0 -} - -// DoChan is like Do but returns a channel that will receive the -// results when they are ready. -// -// The returned channel will not be closed. -func (g *Group) DoChan(key string, fn func() (interface{}, error)) <-chan Result { - ch := make(chan Result, 1) - g.mu.Lock() - if g.m == nil { - g.m = make(map[string]*call) - } - if c, ok := g.m[key]; ok { - c.dups++ - c.chans = append(c.chans, ch) - g.mu.Unlock() - return ch - } - c := &call{chans: []chan<- Result{ch}} - c.wg.Add(1) - g.m[key] = c - g.mu.Unlock() - - go g.doCall(c, key, fn) - - return ch -} - -// doCall handles the single call for a key. -func (g *Group) doCall(c *call, key string, fn func() (interface{}, error)) { - normalReturn := false - recovered := false - - // use double-defer to distinguish panic from runtime.Goexit, - // more details see https://golang.org/cl/134395 - defer func() { - // the given function invoked runtime.Goexit - if !normalReturn && !recovered { - c.err = errGoexit - } - - c.wg.Done() - g.mu.Lock() - defer g.mu.Unlock() - if !c.forgotten { - delete(g.m, key) - } - - if e, ok := c.err.(*panicError); ok { - // In order to prevent the waiting channels from being blocked forever, - // needs to ensure that this panic cannot be recovered. - if len(c.chans) > 0 { - go panic(e) - select {} // Keep this goroutine around so that it will appear in the crash dump. - } else { - panic(e) - } - } else if c.err == errGoexit { - // Already in the process of goexit, no need to call again - } else { - // Normal return - for _, ch := range c.chans { - ch <- Result{c.val, c.err, c.dups > 0} - } - } - }() - - func() { - defer func() { - if !normalReturn { - // Ideally, we would wait to take a stack trace until we've determined - // whether this is a panic or a runtime.Goexit. - // - // Unfortunately, the only way we can distinguish the two is to see - // whether the recover stopped the goroutine from terminating, and by - // the time we know that, the part of the stack trace relevant to the - // panic has been discarded. - if r := recover(); r != nil { - c.err = newPanicError(r) - } - } - }() - - c.val, c.err = fn() - normalReturn = true - }() - - if !normalReturn { - recovered = true - } -} - -// Forget tells the singleflight to forget about a key. Future calls -// to Do for this key will call the function rather than waiting for -// an earlier call to complete. -func (g *Group) Forget(key string) { - g.mu.Lock() - if c, ok := g.m[key]; ok { - c.forgotten = true - } - delete(g.m, key) - g.mu.Unlock() -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/timeconv/duration.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/timeconv/duration.go deleted file mode 100644 index 5d69db5f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/timeconv/duration.go +++ /dev/null @@ -1,13 +0,0 @@ -package timeconv - -import "time" - -// FloatSecondsDur converts a fractional seconds to duration. -func FloatSecondsDur(v float64) time.Duration { - return time.Duration(v * float64(time.Second)) -} - -// DurSecondsFloat converts a duration into fractional seconds. -func DurSecondsFloat(d time.Duration) float64 { - return float64(d) / float64(time.Second) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md deleted file mode 100644 index c81265a2..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md +++ /dev/null @@ -1,164 +0,0 @@ -# v1.12.3 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 - -# v1.12.2 (2025-01-24) - -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.12.1 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. - -# v1.12.0 (2024-10-04) - -* **Feature**: Add support for HTTP client metrics. - -# v1.11.5 (2024-09-20) - -* No change notes available for this release. - -# v1.11.4 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. - -# v1.11.3 (2024-06-28) - -* No change notes available for this release. - -# v1.11.2 (2024-03-29) - -* No change notes available for this release. - -# v1.11.1 (2024-02-21) - -* No change notes available for this release. - -# v1.11.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. - -# v1.10.4 (2023-12-07) - -* No change notes available for this release. - -# v1.10.3 (2023-11-30) - -* No change notes available for this release. - -# v1.10.2 (2023-11-29) - -* No change notes available for this release. - -# v1.10.1 (2023-11-15) - -* No change notes available for this release. - -# v1.10.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). - -# v1.9.15 (2023-10-06) - -* No change notes available for this release. - -# v1.9.14 (2023-08-18) - -* No change notes available for this release. - -# v1.9.13 (2023-08-07) - -* No change notes available for this release. - -# v1.9.12 (2023-07-31) - -* No change notes available for this release. - -# v1.9.11 (2022-12-02) - -* No change notes available for this release. - -# v1.9.10 (2022-10-24) - -* No change notes available for this release. - -# v1.9.9 (2022-09-14) - -* No change notes available for this release. - -# v1.9.8 (2022-09-02) - -* No change notes available for this release. - -# v1.9.7 (2022-08-31) - -* No change notes available for this release. - -# v1.9.6 (2022-08-29) - -* No change notes available for this release. - -# v1.9.5 (2022-08-11) - -* No change notes available for this release. - -# v1.9.4 (2022-08-09) - -* No change notes available for this release. - -# v1.9.3 (2022-06-29) - -* No change notes available for this release. - -# v1.9.2 (2022-06-07) - -* No change notes available for this release. - -# v1.9.1 (2022-03-24) - -* No change notes available for this release. - -# v1.9.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version - -# v1.8.0 (2022-02-24) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version - -# v1.7.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version - -# v1.6.0 (2022-01-07) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version - -# v1.5.0 (2021-11-06) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version - -# v1.4.0 (2021-10-21) - -* **Feature**: Updated to latest version - -# v1.3.0 (2021-08-27) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version - -# v1.2.2 (2021-08-04) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. - -# v1.2.1 (2021-07-15) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version - -# v1.2.0 (2021-06-25) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version - -# v1.1.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/accept_encoding_gzip.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/accept_encoding_gzip.go deleted file mode 100644 index 3f451fc9..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/accept_encoding_gzip.go +++ /dev/null @@ -1,176 +0,0 @@ -package acceptencoding - -import ( - "compress/gzip" - "context" - "fmt" - "io" - - "github.com/aws/smithy-go" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -const acceptEncodingHeaderKey = "Accept-Encoding" -const contentEncodingHeaderKey = "Content-Encoding" - -// AddAcceptEncodingGzipOptions provides the options for the -// AddAcceptEncodingGzip middleware setup. -type AddAcceptEncodingGzipOptions struct { - Enable bool -} - -// AddAcceptEncodingGzip explicitly adds handling for accept-encoding GZIP -// middleware to the operation stack. This allows checksums to be correctly -// computed without disabling GZIP support. -func AddAcceptEncodingGzip(stack *middleware.Stack, options AddAcceptEncodingGzipOptions) error { - if options.Enable { - if err := stack.Finalize.Add(&EnableGzip{}, middleware.Before); err != nil { - return err - } - if err := stack.Deserialize.Insert(&DecompressGzip{}, "OperationDeserializer", middleware.After); err != nil { - return err - } - return nil - } - - return stack.Finalize.Add(&DisableGzip{}, middleware.Before) -} - -// DisableGzip provides the middleware that will -// disable the underlying http client automatically enabling for gzip -// decompress content-encoding support. -type DisableGzip struct{} - -// ID returns the id for the middleware. -func (*DisableGzip) ID() string { - return "DisableAcceptEncodingGzip" -} - -// HandleFinalize implements the FinalizeMiddleware interface. -func (*DisableGzip) HandleFinalize( - ctx context.Context, input middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - output middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := input.Request.(*smithyhttp.Request) - if !ok { - return output, metadata, &smithy.SerializationError{ - Err: fmt.Errorf("unknown request type %T", input.Request), - } - } - - // Explicitly enable gzip support, this will prevent the http client from - // auto extracting the zipped content. - req.Header.Set(acceptEncodingHeaderKey, "identity") - - return next.HandleFinalize(ctx, input) -} - -// EnableGzip provides a middleware to enable support for -// gzip responses, with manual decompression. This prevents the underlying HTTP -// client from performing the gzip decompression automatically. -type EnableGzip struct{} - -// ID returns the id for the middleware. -func (*EnableGzip) ID() string { - return "AcceptEncodingGzip" -} - -// HandleFinalize implements the FinalizeMiddleware interface. -func (*EnableGzip) HandleFinalize( - ctx context.Context, input middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - output middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := input.Request.(*smithyhttp.Request) - if !ok { - return output, metadata, &smithy.SerializationError{ - Err: fmt.Errorf("unknown request type %T", input.Request), - } - } - - // Explicitly enable gzip support, this will prevent the http client from - // auto extracting the zipped content. - req.Header.Set(acceptEncodingHeaderKey, "gzip") - - return next.HandleFinalize(ctx, input) -} - -// DecompressGzip provides the middleware for decompressing a gzip -// response from the service. -type DecompressGzip struct{} - -// ID returns the id for the middleware. -func (*DecompressGzip) ID() string { - return "DecompressGzip" -} - -// HandleDeserialize implements the DeserializeMiddlware interface. -func (*DecompressGzip) HandleDeserialize( - ctx context.Context, input middleware.DeserializeInput, next middleware.DeserializeHandler, -) ( - output middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - output, metadata, err = next.HandleDeserialize(ctx, input) - if err != nil { - return output, metadata, err - } - - resp, ok := output.RawResponse.(*smithyhttp.Response) - if !ok { - return output, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("unknown response type %T", output.RawResponse), - } - } - if v := resp.Header.Get(contentEncodingHeaderKey); v != "gzip" { - return output, metadata, err - } - - // Clear content length since it will no longer be valid once the response - // body is decompressed. - resp.Header.Del("Content-Length") - resp.ContentLength = -1 - - resp.Body = wrapGzipReader(resp.Body) - - return output, metadata, err -} - -type gzipReader struct { - reader io.ReadCloser - gzip *gzip.Reader -} - -func wrapGzipReader(reader io.ReadCloser) *gzipReader { - return &gzipReader{ - reader: reader, - } -} - -// Read wraps the gzip reader around the underlying io.Reader to extract the -// response bytes on the fly. -func (g *gzipReader) Read(b []byte) (n int, err error) { - if g.gzip == nil { - g.gzip, err = gzip.NewReader(g.reader) - if err != nil { - g.gzip = nil // ensure uninitialized gzip value isn't used in close. - return 0, fmt.Errorf("failed to decompress gzip response, %w", err) - } - } - - return g.gzip.Read(b) -} - -func (g *gzipReader) Close() error { - if g.gzip == nil { - return nil - } - - if err := g.gzip.Close(); err != nil { - g.reader.Close() - return fmt.Errorf("failed to decompress gzip response, %w", err) - } - - return g.reader.Close() -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/doc.go deleted file mode 100644 index 7056d9bf..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/doc.go +++ /dev/null @@ -1,22 +0,0 @@ -/* -Package acceptencoding provides customizations associated with Accept Encoding Header. - -# Accept encoding gzip - -The Go HTTP client automatically supports accept-encoding and content-encoding -gzip by default. This default behavior is not desired by the SDK, and prevents -validating the response body's checksum. To prevent this the SDK must manually -control usage of content-encoding gzip. - -To control content-encoding, the SDK must always set the `Accept-Encoding` -header to a value. This prevents the HTTP client from using gzip automatically. -When gzip is enabled on the API client, the SDK's customization will control -decompressing the gzip data in order to not break the checksum validation. When -gzip is disabled, the API client will disable gzip, preventing the HTTP -client's default behavior. - -An `EnableAcceptEncodingGzip` option may or may not be present depending on the client using -the below middleware. The option if present can be used to enable auto decompressing -gzip by the SDK. -*/ -package acceptencoding diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go deleted file mode 100644 index d83e533e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package acceptencoding - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.12.3" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md deleted file mode 100644 index 2b5ceb4b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md +++ /dev/null @@ -1,427 +0,0 @@ -# v1.12.15 (2025-02-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.14 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.13 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.12 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.11 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.10 (2025-01-24) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.12.9 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.8 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.7 (2024-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.6 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.5 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.4 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.3 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.2 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.1 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.0 (2024-10-04) - -* **Feature**: Add support for HTTP client metrics. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.20 (2024-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.19 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.18 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.17 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.16 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.15 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.14 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.13 (2024-06-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.12 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.11 (2024-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.10 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.9 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.8 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.7 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.6 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.5 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.4 (2024-03-05) - -* **Bug Fix**: Restore typo'd API `AddAsIsInternalPresigingMiddleware` as an alias for backwards compatibility. - -# v1.11.3 (2024-03-04) - -* **Bug Fix**: Correct a typo in internal AddAsIsPresigningMiddleware API. - -# v1.11.2 (2024-02-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.1 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.10 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.9 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.8 (2023-12-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.7 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.6 (2023-11-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.5 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.4 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.3 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.2 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.1 (2023-11-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.37 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.36 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.35 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.34 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.33 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.32 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.31 (2023-07-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.30 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.29 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.28 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.27 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.26 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.25 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.24 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.23 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.22 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.21 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.20 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.19 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.18 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.17 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.16 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.15 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.14 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.13 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.12 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.11 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.10 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.9 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.8 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.7 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.6 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.5 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.4 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.3 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.2 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.1 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.0 (2022-02-24) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.0 (2022-01-07) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.2 (2021-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.0 (2021-11-06) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.0 (2021-10-21) - -* **Feature**: Updated to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.2 (2021-10-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.1 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2021-08-27) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.3 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.2 (2021-08-04) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.1 (2021-07-15) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.0 (2021-06-25) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.1 (2021-05-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.1.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/context.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/context.go deleted file mode 100644 index 5d5286f9..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/context.go +++ /dev/null @@ -1,56 +0,0 @@ -package presignedurl - -import ( - "context" - - "github.com/aws/smithy-go/middleware" -) - -// WithIsPresigning adds the isPresigning sentinel value to a context to signal -// that the middleware stack is using the presign flow. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func WithIsPresigning(ctx context.Context) context.Context { - return middleware.WithStackValue(ctx, isPresigningKey{}, true) -} - -// GetIsPresigning returns if the context contains the isPresigning sentinel -// value for presigning flows. -// -// Scoped to stack values. Use github.com/aws/smithy-go/middleware#ClearStackValues -// to clear all stack values. -func GetIsPresigning(ctx context.Context) bool { - v, _ := middleware.GetStackValue(ctx, isPresigningKey{}).(bool) - return v -} - -type isPresigningKey struct{} - -// AddAsIsPresigningMiddleware adds a middleware to the head of the stack that -// will update the stack's context to be flagged as being invoked for the -// purpose of presigning. -func AddAsIsPresigningMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(asIsPresigningMiddleware{}, middleware.Before) -} - -// AddAsIsPresigingMiddleware is an alias for backwards compatibility. -// -// Deprecated: This API was released with a typo. Use -// [AddAsIsPresigningMiddleware] instead. -func AddAsIsPresigingMiddleware(stack *middleware.Stack) error { - return AddAsIsPresigningMiddleware(stack) -} - -type asIsPresigningMiddleware struct{} - -func (asIsPresigningMiddleware) ID() string { return "AsIsPresigningMiddleware" } - -func (asIsPresigningMiddleware) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - ctx = WithIsPresigning(ctx) - return next.HandleInitialize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/doc.go deleted file mode 100644 index 1b85375c..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/doc.go +++ /dev/null @@ -1,3 +0,0 @@ -// Package presignedurl provides the customizations for API clients to fill in -// presigned URLs into input parameters. -package presignedurl diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go deleted file mode 100644 index a165a100..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package presignedurl - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.12.15" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/middleware.go deleted file mode 100644 index 1e2f5c81..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/middleware.go +++ /dev/null @@ -1,110 +0,0 @@ -package presignedurl - -import ( - "context" - "fmt" - - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - v4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - - "github.com/aws/smithy-go/middleware" -) - -// URLPresigner provides the interface to presign the input parameters in to a -// presigned URL. -type URLPresigner interface { - // PresignURL presigns a URL. - PresignURL(ctx context.Context, srcRegion string, params interface{}) (*v4.PresignedHTTPRequest, error) -} - -// ParameterAccessor provides an collection of accessor to for retrieving and -// setting the values needed to PresignedURL generation -type ParameterAccessor struct { - // GetPresignedURL accessor points to a function that retrieves a presigned url if present - GetPresignedURL func(interface{}) (string, bool, error) - - // GetSourceRegion accessor points to a function that retrieves source region for presigned url - GetSourceRegion func(interface{}) (string, bool, error) - - // CopyInput accessor points to a function that takes in an input, and returns a copy. - CopyInput func(interface{}) (interface{}, error) - - // SetDestinationRegion accessor points to a function that sets destination region on api input struct - SetDestinationRegion func(interface{}, string) error - - // SetPresignedURL accessor points to a function that sets presigned url on api input struct - SetPresignedURL func(interface{}, string) error -} - -// Options provides the set of options needed by the presigned URL middleware. -type Options struct { - // Accessor are the parameter accessors used by this middleware - Accessor ParameterAccessor - - // Presigner is the URLPresigner used by the middleware - Presigner URLPresigner -} - -// AddMiddleware adds the Presign URL middleware to the middleware stack. -func AddMiddleware(stack *middleware.Stack, opts Options) error { - return stack.Initialize.Add(&presign{options: opts}, middleware.Before) -} - -// RemoveMiddleware removes the Presign URL middleware from the stack. -func RemoveMiddleware(stack *middleware.Stack) error { - _, err := stack.Initialize.Remove((*presign)(nil).ID()) - return err -} - -type presign struct { - options Options -} - -func (m *presign) ID() string { return "Presign" } - -func (m *presign) HandleInitialize( - ctx context.Context, input middleware.InitializeInput, next middleware.InitializeHandler, -) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - // If PresignedURL is already set ignore middleware. - if _, ok, err := m.options.Accessor.GetPresignedURL(input.Parameters); err != nil { - return out, metadata, fmt.Errorf("presign middleware failed, %w", err) - } else if ok { - return next.HandleInitialize(ctx, input) - } - - // If have source region is not set ignore middleware. - srcRegion, ok, err := m.options.Accessor.GetSourceRegion(input.Parameters) - if err != nil { - return out, metadata, fmt.Errorf("presign middleware failed, %w", err) - } else if !ok || len(srcRegion) == 0 { - return next.HandleInitialize(ctx, input) - } - - // Create a copy of the original input so the destination region value can - // be added. This ensures that value does not leak into the original - // request parameters. - paramCpy, err := m.options.Accessor.CopyInput(input.Parameters) - if err != nil { - return out, metadata, fmt.Errorf("unable to create presigned URL, %w", err) - } - - // Destination region is the API client's configured region. - dstRegion := awsmiddleware.GetRegion(ctx) - if err = m.options.Accessor.SetDestinationRegion(paramCpy, dstRegion); err != nil { - return out, metadata, fmt.Errorf("presign middleware failed, %w", err) - } - - presignedReq, err := m.options.Presigner.PresignURL(ctx, srcRegion, paramCpy) - if err != nil { - return out, metadata, fmt.Errorf("unable to create presigned URL, %w", err) - } - - // Update the original input with the presigned URL value. - if err = m.options.Accessor.SetPresignedURL(input.Parameters, presignedReq.URL); err != nil { - return out, metadata, fmt.Errorf("presign middleware failed, %w", err) - } - - return next.HandleInitialize(ctx, input) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/CHANGELOG.md deleted file mode 100644 index 254ff4bd..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/CHANGELOG.md +++ /dev/null @@ -1,696 +0,0 @@ -# v1.35.2 (2025-03-06) - -* No change notes available for this release. - -# v1.35.1 (2025-03-04.2) - -* **Bug Fix**: Add assurance test for operation order. - -# v1.35.0 (2025-02-27) - -* **Feature**: Track credential providers via User-Agent Feature ids -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.19 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.18 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.17 (2025-02-04) - -* No change notes available for this release. - -# v1.34.16 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.15 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.14 (2025-01-24) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.34.13 (2025-01-17) - -* **Bug Fix**: Fix bug where credentials weren't refreshed during retry loop. - -# v1.34.12 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.11 (2025-01-14) - -* No change notes available for this release. - -# v1.34.10 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.9 (2025-01-08) - -* No change notes available for this release. - -# v1.34.8 (2024-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.7 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.6 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.5 (2024-11-07) - -* **Bug Fix**: Adds case-insensitive handling of error message fields in service responses - -# v1.34.4 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.3 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.2 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.1 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.34.0 (2024-10-04) - -* **Feature**: Add support for HTTP client metrics. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.4 (2024-10-03) - -* No change notes available for this release. - -# v1.33.3 (2024-09-27) - -* No change notes available for this release. - -# v1.33.2 (2024-09-25) - -* No change notes available for this release. - -# v1.33.1 (2024-09-23) - -* No change notes available for this release. - -# v1.33.0 (2024-09-20) - -* **Feature**: Add tracing and metrics support to service clients. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.9 (2024-09-17) - -* **Bug Fix**: **BREAKFIX**: Only generate AccountIDEndpointMode config for services that use it. This is a compiler break, but removes no actual functionality, as no services currently use the account ID in endpoint resolution. - -# v1.32.8 (2024-09-04) - -* No change notes available for this release. - -# v1.32.7 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.6 (2024-08-22) - -* No change notes available for this release. - -# v1.32.5 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.4 (2024-07-18) - -* **Documentation**: Doc only update for Secrets Manager - -# v1.32.3 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.2 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.1 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.0 (2024-06-26) - -* **Feature**: Support list-of-string endpoint parameter. - -# v1.31.1 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.31.0 (2024-06-18) - -* **Feature**: Track usage of various AWS SDK features in user-agent string. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.30.1 (2024-06-17) - -* **Documentation**: Doc only update for Secrets Manager -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.30.0 (2024-06-12) - -* **Feature**: Introducing RotationToken parameter for PutSecretValue API - -# v1.29.3 (2024-06-07) - -* **Bug Fix**: Add clock skew correction on all service clients -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.2 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.1 (2024-05-23) - -* No change notes available for this release. - -# v1.29.0 (2024-05-20) - -* **Feature**: add v2 smoke tests and smithy smokeTests trait for SDK testing - -# v1.28.9 (2024-05-16) - -* **Documentation**: Documentation updates for AWS Secrets Manager -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.8 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.7 (2024-05-08) - -* **Bug Fix**: GoDoc improvement - -# v1.28.6 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.5 (2024-03-27) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.28.4 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.3 (2024-03-14) - -* **Documentation**: Doc only update for Secrets Manager - -# v1.28.2 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.1 (2024-02-23) - -* **Bug Fix**: Move all common, SDK-side middleware stack ops into the service client module to prevent cross-module compatibility issues in the future. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.0 (2024-02-22) - -* **Feature**: Add middleware stack snapshot tests. - -# v1.27.3 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.2 (2024-02-20) - -* **Bug Fix**: When sourcing values for a service's `EndpointParameters`, the lack of a configured region (i.e. `options.Region == ""`) will now translate to a `nil` value for `EndpointParameters.Region` instead of a pointer to the empty string `""`. This will result in a much more explicit error when calling an operation instead of an obscure hostname lookup failure. - -# v1.27.1 (2024-02-15) - -* **Bug Fix**: Correct failure to determine the error type in awsJson services that could occur when errors were modeled with a non-string `code` field. -* **Documentation**: Doc only update for Secrets Manager - -# v1.27.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.2 (2024-01-11) - -* **Documentation**: Doc only update for Secrets Manager - -# v1.26.1 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.0 (2023-12-22) - -* **Feature**: Update endpoint rules and examples. - -# v1.25.6 (2023-12-20) - -* No change notes available for this release. - -# v1.25.5 (2023-12-08) - -* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein. - -# v1.25.4 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.3 (2023-12-06) - -* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously. - -# v1.25.2 (2023-12-01) - -* **Bug Fix**: Correct wrapping of errors in authentication workflow. -* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.1 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.0 (2023-11-29) - -* **Feature**: Expose Options() accessor on service clients. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.2 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.1 (2023-11-28) - -* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction. - -# v1.24.0 (2023-11-27) - -* **Feature**: AWS Secrets Manager has released the BatchGetSecretValue API, which allows customers to fetch up to 20 Secrets with a single request using a list of secret names or filters. - -# v1.23.3 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.2 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.1 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.0 (2023-11-01) - -* **Feature**: Adds support for configured endpoints via environment variables and the AWS shared configuration file. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.6 (2023-10-19) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.21.5 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.4 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.3 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.2 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.1 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.0 (2023-08-10) - -* **Feature**: Add additional InvalidRequestException to list of possible exceptions for ListSecret. - -# v1.20.2 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.1 (2023-08-01) - -* No change notes available for this release. - -# v1.20.0 (2023-07-31) - -* **Feature**: Adds support for smithy-modeled endpoint resolution. A new rules-based endpoint resolution will be added to the SDK which will supercede and deprecate existing endpoint resolution. Specifically, EndpointResolver will be deprecated while BaseEndpoint and EndpointResolverV2 will take its place. For more information, please see the Endpoints section in our Developer Guide. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.12 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.11 (2023-07-13) - -* **Documentation**: Documentation updates for Secrets Manager -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.10 (2023-06-15) - -* No change notes available for this release. - -# v1.19.9 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.8 (2023-05-16) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.19.7 (2023-05-04) - -* No change notes available for this release. - -# v1.19.6 (2023-04-27) - -* No change notes available for this release. - -# v1.19.5 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.4 (2023-04-19) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.19.3 (2023-04-10) - -* No change notes available for this release. - -# v1.19.2 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.1 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.0 (2023-03-10) - -* **Feature**: The type definitions of SecretString and SecretBinary now have a minimum length of 1 in the model to match the exception thrown when you pass in empty values. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.7 (2023-03-02) - -* No change notes available for this release. - -# v1.18.6 (2023-02-22) - -* **Bug Fix**: Prevent nil pointer dereference when retrieving error codes. - -# v1.18.5 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.4 (2023-02-15) - -* **Announcement**: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910. -* **Bug Fix**: Correct error type parsing for restJson services. - -# v1.18.3 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.2 (2023-01-23) - -* No change notes available for this release. - -# v1.18.1 (2023-01-12) - -* **Documentation**: Update documentation for new ListSecrets and DescribeSecret parameters - -# v1.18.0 (2023-01-05) - -* **Feature**: Add `ErrorCodeOverride` field to all error structs (aws/smithy-go#401). - -# v1.17.0 (2022-12-29) - -* **Feature**: Added owning service filter, include planned deletion flag, and next rotation date response parameter in ListSecrets. - -# v1.16.11 (2022-12-22) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.16.10 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.9 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.8 (2022-11-22) - -* No change notes available for this release. - -# v1.16.7 (2022-11-17) - -* **Documentation**: Documentation updates for Secrets Manager. - -# v1.16.6 (2022-11-16) - -* No change notes available for this release. - -# v1.16.5 (2022-11-10) - -* No change notes available for this release. - -# v1.16.4 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.3 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.2 (2022-09-29) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.16.1 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.0 (2022-09-14) - -* **Feature**: Fixed a bug in the API client generation which caused some operation parameters to be incorrectly generated as value types instead of pointer types. The service API always required these affected parameters to be nilable. This fixes the SDK client to match the expectations of the the service API. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.22 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.21 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.20 (2022-08-30) - -* No change notes available for this release. - -# v1.15.19 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.18 (2022-08-17) - -* **Documentation**: Documentation updates for Secrets Manager. - -# v1.15.17 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.16 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.15 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.14 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.13 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.12 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.11 (2022-06-16) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.15.10 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.9 (2022-05-25) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.15.8 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.7 (2022-05-11) - -* **Documentation**: Doc only update for Secrets Manager that fixes several customer-reported issues. - -# v1.15.6 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.5 (2022-04-21) - -* **Documentation**: Documentation updates for Secrets Manager - -# v1.15.4 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.3 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.2 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.1 (2022-03-11) - -* **Documentation**: Documentation updates for Secrets Manager. - -# v1.15.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.0 (2022-02-24) - -* **Feature**: API client updated -* **Feature**: Adds RetryMaxAttempts and RetryMod to API client Options. This allows the API clients' default Retryer to be configured from the shared configuration files or environment variables. Adding a new Retry mode of `Adaptive`. `Adaptive` retry mode is an experimental mode, adding client rate limiting when throttles reponses are received from an API. See [retry.AdaptiveMode](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/retry#AdaptiveMode) for more details, and configuration options. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.0 (2022-01-07) - -* **Feature**: API client updated -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.0 (2021-12-21) - -* **Feature**: API Paginators now support specifying the initial starting token, and support stopping on empty string tokens. -* **Documentation**: API client updated - -# v1.10.2 (2021-12-02) - -* **Bug Fix**: Fixes a bug that prevented aws.EndpointResolverWithOptions from being used by the service client. ([#1514](https://github.com/aws/aws-sdk-go-v2/pull/1514)) -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.0 (2021-11-12) - -* **Feature**: Service clients now support custom endpoints that have an initial URI path defined. - -# v1.9.0 (2021-11-06) - -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.0 (2021-10-21) - -* **Feature**: Updated to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.0 (2021-10-11) - -* **Feature**: API client updated -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.1 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.0 (2021-08-27) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.1 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.0 (2021-08-04) - -* **Feature**: Updated to latest API model. -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.1 (2021-07-15) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.0 (2021-06-25) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.1 (2021-05-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_client.go deleted file mode 100644 index 94dd7cf0..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_client.go +++ /dev/null @@ -1,959 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - cryptorand "crypto/rand" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/defaults" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/retry" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" - internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - smithydocument "github.com/aws/smithy-go/document" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - smithyrand "github.com/aws/smithy-go/rand" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net" - "net/http" - "sync/atomic" - "time" -) - -const ServiceID = "Secrets Manager" -const ServiceAPIVersion = "2017-10-17" - -type operationMetrics struct { - Duration metrics.Float64Histogram - SerializeDuration metrics.Float64Histogram - ResolveIdentityDuration metrics.Float64Histogram - ResolveEndpointDuration metrics.Float64Histogram - SignRequestDuration metrics.Float64Histogram - DeserializeDuration metrics.Float64Histogram -} - -func (m *operationMetrics) histogramFor(name string) metrics.Float64Histogram { - switch name { - case "client.call.duration": - return m.Duration - case "client.call.serialization_duration": - return m.SerializeDuration - case "client.call.resolve_identity_duration": - return m.ResolveIdentityDuration - case "client.call.resolve_endpoint_duration": - return m.ResolveEndpointDuration - case "client.call.signing_duration": - return m.SignRequestDuration - case "client.call.deserialization_duration": - return m.DeserializeDuration - default: - panic("unrecognized operation metric") - } -} - -func timeOperationMetric[T any]( - ctx context.Context, metric string, fn func() (T, error), - opts ...metrics.RecordMetricOption, -) (T, error) { - instr := getOperationMetrics(ctx).histogramFor(metric) - opts = append([]metrics.RecordMetricOption{withOperationMetadata(ctx)}, opts...) - - start := time.Now() - v, err := fn() - end := time.Now() - - elapsed := end.Sub(start) - instr.Record(ctx, float64(elapsed)/1e9, opts...) - return v, err -} - -func startMetricTimer(ctx context.Context, metric string, opts ...metrics.RecordMetricOption) func() { - instr := getOperationMetrics(ctx).histogramFor(metric) - opts = append([]metrics.RecordMetricOption{withOperationMetadata(ctx)}, opts...) - - var ended bool - start := time.Now() - return func() { - if ended { - return - } - ended = true - - end := time.Now() - - elapsed := end.Sub(start) - instr.Record(ctx, float64(elapsed)/1e9, opts...) - } -} - -func withOperationMetadata(ctx context.Context) metrics.RecordMetricOption { - return func(o *metrics.RecordMetricOptions) { - o.Properties.Set("rpc.service", middleware.GetServiceID(ctx)) - o.Properties.Set("rpc.method", middleware.GetOperationName(ctx)) - } -} - -type operationMetricsKey struct{} - -func withOperationMetrics(parent context.Context, mp metrics.MeterProvider) (context.Context, error) { - meter := mp.Meter("github.com/aws/aws-sdk-go-v2/service/secretsmanager") - om := &operationMetrics{} - - var err error - - om.Duration, err = operationMetricTimer(meter, "client.call.duration", - "Overall call duration (including retries and time to send or receive request and response body)") - if err != nil { - return nil, err - } - om.SerializeDuration, err = operationMetricTimer(meter, "client.call.serialization_duration", - "The time it takes to serialize a message body") - if err != nil { - return nil, err - } - om.ResolveIdentityDuration, err = operationMetricTimer(meter, "client.call.auth.resolve_identity_duration", - "The time taken to acquire an identity (AWS credentials, bearer token, etc) from an Identity Provider") - if err != nil { - return nil, err - } - om.ResolveEndpointDuration, err = operationMetricTimer(meter, "client.call.resolve_endpoint_duration", - "The time it takes to resolve an endpoint (endpoint resolver, not DNS) for the request") - if err != nil { - return nil, err - } - om.SignRequestDuration, err = operationMetricTimer(meter, "client.call.auth.signing_duration", - "The time it takes to sign a request") - if err != nil { - return nil, err - } - om.DeserializeDuration, err = operationMetricTimer(meter, "client.call.deserialization_duration", - "The time it takes to deserialize a message body") - if err != nil { - return nil, err - } - - return context.WithValue(parent, operationMetricsKey{}, om), nil -} - -func operationMetricTimer(m metrics.Meter, name, desc string) (metrics.Float64Histogram, error) { - return m.Float64Histogram(name, func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = desc - }) -} - -func getOperationMetrics(ctx context.Context) *operationMetrics { - return ctx.Value(operationMetricsKey{}).(*operationMetrics) -} - -func operationTracer(p tracing.TracerProvider) tracing.Tracer { - return p.Tracer("github.com/aws/aws-sdk-go-v2/service/secretsmanager") -} - -// Client provides the API client to make operations call for AWS Secrets Manager. -type Client struct { - options Options - - // Difference between the time reported by the server and the client - timeOffset *atomic.Int64 -} - -// New returns an initialized Client based on the functional options. Provide -// additional functional options to further configure the behavior of the client, -// such as changing the client's endpoint or adding custom middleware behavior. -func New(options Options, optFns ...func(*Options)) *Client { - options = options.Copy() - - resolveDefaultLogger(&options) - - setResolvedDefaultsMode(&options) - - resolveRetryer(&options) - - resolveHTTPClient(&options) - - resolveHTTPSignerV4(&options) - - resolveIdempotencyTokenProvider(&options) - - resolveEndpointResolverV2(&options) - - resolveTracerProvider(&options) - - resolveMeterProvider(&options) - - resolveAuthSchemeResolver(&options) - - for _, fn := range optFns { - fn(&options) - } - - finalizeRetryMaxAttempts(&options) - - ignoreAnonymousAuth(&options) - - wrapWithAnonymousAuth(&options) - - resolveAuthSchemes(&options) - - client := &Client{ - options: options, - } - - initializeTimeOffsetResolver(client) - - return client -} - -// Options returns a copy of the client configuration. -// -// Callers SHOULD NOT perform mutations on any inner structures within client -// config. Config overrides should instead be made on a per-operation basis through -// functional options. -func (c *Client) Options() Options { - return c.options.Copy() -} - -func (c *Client) invokeOperation( - ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error, -) ( - result interface{}, metadata middleware.Metadata, err error, -) { - ctx = middleware.ClearStackValues(ctx) - ctx = middleware.WithServiceID(ctx, ServiceID) - ctx = middleware.WithOperationName(ctx, opID) - - stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) - options := c.options.Copy() - - for _, fn := range optFns { - fn(&options) - } - - finalizeOperationRetryMaxAttempts(&options, *c) - - finalizeClientEndpointResolverOptions(&options) - - for _, fn := range stackFns { - if err := fn(stack, options); err != nil { - return nil, metadata, err - } - } - - for _, fn := range options.APIOptions { - if err := fn(stack); err != nil { - return nil, metadata, err - } - } - - ctx, err = withOperationMetrics(ctx, options.MeterProvider) - if err != nil { - return nil, metadata, err - } - - tracer := operationTracer(options.TracerProvider) - spanName := fmt.Sprintf("%s.%s", ServiceID, opID) - - ctx = tracing.WithOperationTracer(ctx, tracer) - - ctx, span := tracer.StartSpan(ctx, spanName, func(o *tracing.SpanOptions) { - o.Kind = tracing.SpanKindClient - o.Properties.Set("rpc.system", "aws-api") - o.Properties.Set("rpc.method", opID) - o.Properties.Set("rpc.service", ServiceID) - }) - endTimer := startMetricTimer(ctx, "client.call.duration") - defer endTimer() - defer span.End() - - handler := smithyhttp.NewClientHandlerWithOptions(options.HTTPClient, func(o *smithyhttp.ClientHandler) { - o.Meter = options.MeterProvider.Meter("github.com/aws/aws-sdk-go-v2/service/secretsmanager") - }) - decorated := middleware.DecorateHandler(handler, stack) - result, metadata, err = decorated.Handle(ctx, params) - if err != nil { - span.SetProperty("exception.type", fmt.Sprintf("%T", err)) - span.SetProperty("exception.message", err.Error()) - - var aerr smithy.APIError - if errors.As(err, &aerr) { - span.SetProperty("api.error_code", aerr.ErrorCode()) - span.SetProperty("api.error_message", aerr.ErrorMessage()) - span.SetProperty("api.error_fault", aerr.ErrorFault().String()) - } - - err = &smithy.OperationError{ - ServiceID: ServiceID, - OperationName: opID, - Err: err, - } - } - - span.SetProperty("error", err != nil) - if err == nil { - span.SetStatus(tracing.SpanStatusOK) - } else { - span.SetStatus(tracing.SpanStatusError) - } - - return result, metadata, err -} - -type operationInputKey struct{} - -func setOperationInput(ctx context.Context, input interface{}) context.Context { - return middleware.WithStackValue(ctx, operationInputKey{}, input) -} - -func getOperationInput(ctx context.Context) interface{} { - return middleware.GetStackValue(ctx, operationInputKey{}) -} - -type setOperationInputMiddleware struct { -} - -func (*setOperationInputMiddleware) ID() string { - return "setOperationInput" -} - -func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - ctx = setOperationInput(ctx, in.Parameters) - return next.HandleSerialize(ctx, in) -} - -func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { - if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { - return fmt.Errorf("add ResolveAuthScheme: %w", err) - } - if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { - return fmt.Errorf("add GetIdentity: %v", err) - } - if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { - return fmt.Errorf("add ResolveEndpointV2: %v", err) - } - if err := stack.Finalize.Insert(&signRequestMiddleware{options: options}, "ResolveEndpointV2", middleware.After); err != nil { - return fmt.Errorf("add Signing: %w", err) - } - return nil -} -func resolveAuthSchemeResolver(options *Options) { - if options.AuthSchemeResolver == nil { - options.AuthSchemeResolver = &defaultAuthSchemeResolver{} - } -} - -func resolveAuthSchemes(options *Options) { - if options.AuthSchemes == nil { - options.AuthSchemes = []smithyhttp.AuthScheme{ - internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ - Signer: options.HTTPSignerV4, - Logger: options.Logger, - LogSigning: options.ClientLogMode.IsSigning(), - }), - } - } -} - -type noSmithyDocumentSerde = smithydocument.NoSerde - -type legacyEndpointContextSetter struct { - LegacyResolver EndpointResolver -} - -func (*legacyEndpointContextSetter) ID() string { - return "legacyEndpointContextSetter" -} - -func (m *legacyEndpointContextSetter) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.LegacyResolver != nil { - ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, true) - } - - return next.HandleInitialize(ctx, in) - -} -func addlegacyEndpointContextSetter(stack *middleware.Stack, o Options) error { - return stack.Initialize.Add(&legacyEndpointContextSetter{ - LegacyResolver: o.EndpointResolver, - }, middleware.Before) -} - -func resolveDefaultLogger(o *Options) { - if o.Logger != nil { - return - } - o.Logger = logging.Nop{} -} - -func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error { - return middleware.AddSetLoggerMiddleware(stack, o.Logger) -} - -func setResolvedDefaultsMode(o *Options) { - if len(o.resolvedDefaultsMode) > 0 { - return - } - - var mode aws.DefaultsMode - mode.SetFromString(string(o.DefaultsMode)) - - if mode == aws.DefaultsModeAuto { - mode = defaults.ResolveDefaultsModeAuto(o.Region, o.RuntimeEnvironment) - } - - o.resolvedDefaultsMode = mode -} - -// NewFromConfig returns a new client from the provided config. -func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { - opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - } - resolveAWSRetryerProvider(cfg, &opts) - resolveAWSRetryMaxAttempts(cfg, &opts) - resolveAWSRetryMode(cfg, &opts) - resolveAWSEndpointResolver(cfg, &opts) - resolveUseDualStackEndpoint(cfg, &opts) - resolveUseFIPSEndpoint(cfg, &opts) - resolveBaseEndpoint(cfg, &opts) - return New(opts, optFns...) -} - -func resolveHTTPClient(o *Options) { - var buildable *awshttp.BuildableClient - - if o.HTTPClient != nil { - var ok bool - buildable, ok = o.HTTPClient.(*awshttp.BuildableClient) - if !ok { - return - } - } else { - buildable = awshttp.NewBuildableClient() - } - - modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) - if err == nil { - buildable = buildable.WithDialerOptions(func(dialer *net.Dialer) { - if dialerTimeout, ok := modeConfig.GetConnectTimeout(); ok { - dialer.Timeout = dialerTimeout - } - }) - - buildable = buildable.WithTransportOptions(func(transport *http.Transport) { - if tlsHandshakeTimeout, ok := modeConfig.GetTLSNegotiationTimeout(); ok { - transport.TLSHandshakeTimeout = tlsHandshakeTimeout - } - }) - } - - o.HTTPClient = buildable -} - -func resolveRetryer(o *Options) { - if o.Retryer != nil { - return - } - - if len(o.RetryMode) == 0 { - modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) - if err == nil { - o.RetryMode = modeConfig.RetryMode - } - } - if len(o.RetryMode) == 0 { - o.RetryMode = aws.RetryModeStandard - } - - var standardOptions []func(*retry.StandardOptions) - if v := o.RetryMaxAttempts; v != 0 { - standardOptions = append(standardOptions, func(so *retry.StandardOptions) { - so.MaxAttempts = v - }) - } - - switch o.RetryMode { - case aws.RetryModeAdaptive: - var adaptiveOptions []func(*retry.AdaptiveModeOptions) - if len(standardOptions) != 0 { - adaptiveOptions = append(adaptiveOptions, func(ao *retry.AdaptiveModeOptions) { - ao.StandardOptions = append(ao.StandardOptions, standardOptions...) - }) - } - o.Retryer = retry.NewAdaptiveMode(adaptiveOptions...) - - default: - o.Retryer = retry.NewStandard(standardOptions...) - } -} - -func resolveAWSRetryerProvider(cfg aws.Config, o *Options) { - if cfg.Retryer == nil { - return - } - o.Retryer = cfg.Retryer() -} - -func resolveAWSRetryMode(cfg aws.Config, o *Options) { - if len(cfg.RetryMode) == 0 { - return - } - o.RetryMode = cfg.RetryMode -} -func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { - if cfg.RetryMaxAttempts == 0 { - return - } - o.RetryMaxAttempts = cfg.RetryMaxAttempts -} - -func finalizeRetryMaxAttempts(o *Options) { - if o.RetryMaxAttempts == 0 { - return - } - - o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) -} - -func finalizeOperationRetryMaxAttempts(o *Options, client Client) { - if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { - return - } - - o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) -} - -func resolveAWSEndpointResolver(cfg aws.Config, o *Options) { - if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil { - return - } - o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions) -} - -func addClientUserAgent(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "secretsmanager", goModuleVersion) - if len(options.AppID) > 0 { - ua.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID) - } - - return nil -} - -func getOrAddRequestUserAgent(stack *middleware.Stack) (*awsmiddleware.RequestUserAgent, error) { - id := (*awsmiddleware.RequestUserAgent)(nil).ID() - mw, ok := stack.Build.Get(id) - if !ok { - mw = awsmiddleware.NewRequestUserAgent() - if err := stack.Build.Add(mw, middleware.After); err != nil { - return nil, err - } - } - - ua, ok := mw.(*awsmiddleware.RequestUserAgent) - if !ok { - return nil, fmt.Errorf("%T for %s middleware did not match expected type", mw, id) - } - - return ua, nil -} - -type HTTPSignerV4 interface { - SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error -} - -func resolveHTTPSignerV4(o *Options) { - if o.HTTPSignerV4 != nil { - return - } - o.HTTPSignerV4 = newDefaultV4Signer(*o) -} - -func newDefaultV4Signer(o Options) *v4.Signer { - return v4.NewSigner(func(so *v4.SignerOptions) { - so.Logger = o.Logger - so.LogSigning = o.ClientLogMode.IsSigning() - }) -} - -func addClientRequestID(stack *middleware.Stack) error { - return stack.Build.Add(&awsmiddleware.ClientRequestID{}, middleware.After) -} - -func addComputeContentLength(stack *middleware.Stack) error { - return stack.Build.Add(&smithyhttp.ComputeContentLength{}, middleware.After) -} - -func addRawResponseToMetadata(stack *middleware.Stack) error { - return stack.Deserialize.Add(&awsmiddleware.AddRawResponse{}, middleware.Before) -} - -func addRecordResponseTiming(stack *middleware.Stack) error { - return stack.Deserialize.Add(&awsmiddleware.RecordResponseTiming{}, middleware.After) -} - -func addSpanRetryLoop(stack *middleware.Stack, options Options) error { - return stack.Finalize.Insert(&spanRetryLoop{options: options}, "Retry", middleware.Before) -} - -type spanRetryLoop struct { - options Options -} - -func (*spanRetryLoop) ID() string { - return "spanRetryLoop" -} - -func (m *spanRetryLoop) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - middleware.FinalizeOutput, middleware.Metadata, error, -) { - tracer := operationTracer(m.options.TracerProvider) - ctx, span := tracer.StartSpan(ctx, "RetryLoop") - defer span.End() - - return next.HandleFinalize(ctx, in) -} -func addStreamingEventsPayload(stack *middleware.Stack) error { - return stack.Finalize.Add(&v4.StreamingEventsPayload{}, middleware.Before) -} - -func addUnsignedPayload(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.UnsignedPayload{}, "ResolveEndpointV2", middleware.After) -} - -func addComputePayloadSHA256(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After) -} - -func addContentSHA256Header(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.ContentSHA256Header{}, (*v4.ComputePayloadSHA256)(nil).ID(), middleware.After) -} - -func addIsWaiterUserAgent(o *Options) { - o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureWaiter) - return nil - }) -} - -func addIsPaginatorUserAgent(o *Options) { - o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeaturePaginator) - return nil - }) -} - -func resolveIdempotencyTokenProvider(o *Options) { - if o.IdempotencyTokenProvider != nil { - return - } - o.IdempotencyTokenProvider = smithyrand.NewUUIDIdempotencyToken(cryptorand.Reader) -} - -func addRetry(stack *middleware.Stack, o Options) error { - attempt := retry.NewAttemptMiddleware(o.Retryer, smithyhttp.RequestCloner, func(m *retry.Attempt) { - m.LogAttempts = o.ClientLogMode.IsRetries() - m.OperationMeter = o.MeterProvider.Meter("github.com/aws/aws-sdk-go-v2/service/secretsmanager") - }) - if err := stack.Finalize.Insert(attempt, "ResolveAuthScheme", middleware.Before); err != nil { - return err - } - if err := stack.Finalize.Insert(&retry.MetricsHeader{}, attempt.ID(), middleware.After); err != nil { - return err - } - return nil -} - -// resolves dual-stack endpoint configuration -func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error { - if len(cfg.ConfigSources) == 0 { - return nil - } - value, found, err := internalConfig.ResolveUseDualStackEndpoint(context.Background(), cfg.ConfigSources) - if err != nil { - return err - } - if found { - o.EndpointOptions.UseDualStackEndpoint = value - } - return nil -} - -// resolves FIPS endpoint configuration -func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { - if len(cfg.ConfigSources) == 0 { - return nil - } - value, found, err := internalConfig.ResolveUseFIPSEndpoint(context.Background(), cfg.ConfigSources) - if err != nil { - return err - } - if found { - o.EndpointOptions.UseFIPSEndpoint = value - } - return nil -} - -func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { - if mode == aws.AccountIDEndpointModeDisabled { - return nil - } - - if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { - return aws.String(ca.Credentials.AccountID) - } - - return nil -} - -func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { - mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} - if err := stack.Build.Add(&mw, middleware.After); err != nil { - return err - } - return stack.Deserialize.Insert(&mw, "RecordResponseTiming", middleware.Before) -} -func initializeTimeOffsetResolver(c *Client) { - c.timeOffset = new(atomic.Int64) -} - -func addUserAgentRetryMode(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - switch options.Retryer.(type) { - case *retry.Standard: - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeStandard) - case *retry.AdaptiveMode: - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeAdaptive) - } - return nil -} - -type setCredentialSourceMiddleware struct { - ua *awsmiddleware.RequestUserAgent - options Options -} - -func (m setCredentialSourceMiddleware) ID() string { return "SetCredentialSourceMiddleware" } - -func (m setCredentialSourceMiddleware) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - asProviderSource, ok := m.options.Credentials.(aws.CredentialProviderSource) - if !ok { - return next.HandleBuild(ctx, in) - } - providerSources := asProviderSource.ProviderSources() - for _, source := range providerSources { - m.ua.AddCredentialsSource(source) - } - return next.HandleBuild(ctx, in) -} - -func addCredentialSource(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - mw := setCredentialSourceMiddleware{ua: ua, options: options} - return stack.Build.Insert(&mw, "UserAgent", middleware.Before) -} - -func resolveTracerProvider(options *Options) { - if options.TracerProvider == nil { - options.TracerProvider = &tracing.NopTracerProvider{} - } -} - -func resolveMeterProvider(options *Options) { - if options.MeterProvider == nil { - options.MeterProvider = metrics.NopMeterProvider{} - } -} - -// IdempotencyTokenProvider interface for providing idempotency token -type IdempotencyTokenProvider interface { - GetIdempotencyToken() (string, error) -} - -func addRecursionDetection(stack *middleware.Stack) error { - return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) -} - -func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&awsmiddleware.RequestIDRetriever{}, "OperationDeserializer", middleware.Before) - -} - -func addResponseErrorMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&awshttp.ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before) - -} - -func addRequestResponseLogging(stack *middleware.Stack, o Options) error { - return stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{ - LogRequest: o.ClientLogMode.IsRequest(), - LogRequestWithBody: o.ClientLogMode.IsRequestWithBody(), - LogResponse: o.ClientLogMode.IsResponse(), - LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(), - }, middleware.After) -} - -type disableHTTPSMiddleware struct { - DisableHTTPS bool -} - -func (*disableHTTPSMiddleware) ID() string { - return "disableHTTPS" -} - -func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { - req.URL.Scheme = "http" - } - - return next.HandleFinalize(ctx, in) -} - -func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { - return stack.Finalize.Insert(&disableHTTPSMiddleware{ - DisableHTTPS: o.EndpointOptions.DisableHTTPS, - }, "ResolveEndpointV2", middleware.After) -} - -type spanInitializeStart struct { -} - -func (*spanInitializeStart) ID() string { - return "spanInitializeStart" -} - -func (m *spanInitializeStart) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - middleware.InitializeOutput, middleware.Metadata, error, -) { - ctx, _ = tracing.StartSpan(ctx, "Initialize") - - return next.HandleInitialize(ctx, in) -} - -type spanInitializeEnd struct { -} - -func (*spanInitializeEnd) ID() string { - return "spanInitializeEnd" -} - -func (m *spanInitializeEnd) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - middleware.InitializeOutput, middleware.Metadata, error, -) { - ctx, span := tracing.PopSpan(ctx) - span.End() - - return next.HandleInitialize(ctx, in) -} - -type spanBuildRequestStart struct { -} - -func (*spanBuildRequestStart) ID() string { - return "spanBuildRequestStart" -} - -func (m *spanBuildRequestStart) HandleSerialize( - ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, -) ( - middleware.SerializeOutput, middleware.Metadata, error, -) { - ctx, _ = tracing.StartSpan(ctx, "BuildRequest") - - return next.HandleSerialize(ctx, in) -} - -type spanBuildRequestEnd struct { -} - -func (*spanBuildRequestEnd) ID() string { - return "spanBuildRequestEnd" -} - -func (m *spanBuildRequestEnd) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, -) ( - middleware.BuildOutput, middleware.Metadata, error, -) { - ctx, span := tracing.PopSpan(ctx) - span.End() - - return next.HandleBuild(ctx, in) -} - -func addSpanInitializeStart(stack *middleware.Stack) error { - return stack.Initialize.Add(&spanInitializeStart{}, middleware.Before) -} - -func addSpanInitializeEnd(stack *middleware.Stack) error { - return stack.Initialize.Add(&spanInitializeEnd{}, middleware.After) -} - -func addSpanBuildRequestStart(stack *middleware.Stack) error { - return stack.Serialize.Add(&spanBuildRequestStart{}, middleware.Before) -} - -func addSpanBuildRequestEnd(stack *middleware.Stack) error { - return stack.Build.Add(&spanBuildRequestEnd{}, middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_BatchGetSecretValue.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_BatchGetSecretValue.go deleted file mode 100644 index e54bab34..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_BatchGetSecretValue.go +++ /dev/null @@ -1,303 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Retrieves the contents of the encrypted fields SecretString or SecretBinary for -// up to 20 secrets. To retrieve a single secret, call GetSecretValue. -// -// To choose which secrets to retrieve, you can specify a list of secrets by name -// or ARN, or you can use filters. If Secrets Manager encounters errors such as -// AccessDeniedException while attempting to retrieve any of the secrets, you can -// see the errors in Errors in the response. -// -// Secrets Manager generates CloudTrail GetSecretValue log entries for each secret -// you request when you call this action. Do not include sensitive information in -// request parameters because it might be logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:BatchGetSecretValue , and you must have -// secretsmanager:GetSecretValue for each secret. If you use filters, you must also -// have secretsmanager:ListSecrets . If the secrets are encrypted using -// customer-managed keys instead of the Amazon Web Services managed key -// aws/secretsmanager , then you also need kms:Decrypt permissions for the keys. -// For more information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) BatchGetSecretValue(ctx context.Context, params *BatchGetSecretValueInput, optFns ...func(*Options)) (*BatchGetSecretValueOutput, error) { - if params == nil { - params = &BatchGetSecretValueInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "BatchGetSecretValue", params, optFns, c.addOperationBatchGetSecretValueMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*BatchGetSecretValueOutput) - out.ResultMetadata = metadata - return out, nil -} - -type BatchGetSecretValueInput struct { - - // The filters to choose which secrets to retrieve. You must include Filters or - // SecretIdList , but not both. - Filters []types.Filter - - // The number of results to include in the response. - // - // If there are more results available, in the response, Secrets Manager includes - // NextToken . To get the next results, call BatchGetSecretValue again with the - // value from NextToken . To use this parameter, you must also use the Filters - // parameter. - MaxResults *int32 - - // A token that indicates where the output should continue from, if a previous - // call did not show all results. To get the next results, call BatchGetSecretValue - // again with this value. - NextToken *string - - // The ARN or names of the secrets to retrieve. You must include Filters or - // SecretIdList , but not both. - SecretIdList []string - - noSmithyDocumentSerde -} - -type BatchGetSecretValueOutput struct { - - // A list of errors Secrets Manager encountered while attempting to retrieve - // individual secrets. - Errors []types.APIErrorType - - // Secrets Manager includes this value if there's more output available than what - // is included in the current response. This can occur even when the response - // includes no values at all, such as when you ask for a filtered view of a long - // list. To get the next results, call BatchGetSecretValue again with this value. - NextToken *string - - // A list of secret values. - SecretValues []types.SecretValueEntry - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationBatchGetSecretValueMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpBatchGetSecretValue{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpBatchGetSecretValue{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "BatchGetSecretValue"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opBatchGetSecretValue(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -// BatchGetSecretValuePaginatorOptions is the paginator options for -// BatchGetSecretValue -type BatchGetSecretValuePaginatorOptions struct { - // The number of results to include in the response. - // - // If there are more results available, in the response, Secrets Manager includes - // NextToken . To get the next results, call BatchGetSecretValue again with the - // value from NextToken . To use this parameter, you must also use the Filters - // parameter. - Limit int32 - - // Set to true if pagination should stop if the service returns a pagination token - // that matches the most recent token provided to the service. - StopOnDuplicateToken bool -} - -// BatchGetSecretValuePaginator is a paginator for BatchGetSecretValue -type BatchGetSecretValuePaginator struct { - options BatchGetSecretValuePaginatorOptions - client BatchGetSecretValueAPIClient - params *BatchGetSecretValueInput - nextToken *string - firstPage bool -} - -// NewBatchGetSecretValuePaginator returns a new BatchGetSecretValuePaginator -func NewBatchGetSecretValuePaginator(client BatchGetSecretValueAPIClient, params *BatchGetSecretValueInput, optFns ...func(*BatchGetSecretValuePaginatorOptions)) *BatchGetSecretValuePaginator { - if params == nil { - params = &BatchGetSecretValueInput{} - } - - options := BatchGetSecretValuePaginatorOptions{} - if params.MaxResults != nil { - options.Limit = *params.MaxResults - } - - for _, fn := range optFns { - fn(&options) - } - - return &BatchGetSecretValuePaginator{ - options: options, - client: client, - params: params, - firstPage: true, - nextToken: params.NextToken, - } -} - -// HasMorePages returns a boolean indicating whether more pages are available -func (p *BatchGetSecretValuePaginator) HasMorePages() bool { - return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) -} - -// NextPage retrieves the next BatchGetSecretValue page. -func (p *BatchGetSecretValuePaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*BatchGetSecretValueOutput, error) { - if !p.HasMorePages() { - return nil, fmt.Errorf("no more pages available") - } - - params := *p.params - params.NextToken = p.nextToken - - var limit *int32 - if p.options.Limit > 0 { - limit = &p.options.Limit - } - params.MaxResults = limit - - optFns = append([]func(*Options){ - addIsPaginatorUserAgent, - }, optFns...) - result, err := p.client.BatchGetSecretValue(ctx, ¶ms, optFns...) - if err != nil { - return nil, err - } - p.firstPage = false - - prevToken := p.nextToken - p.nextToken = result.NextToken - - if p.options.StopOnDuplicateToken && - prevToken != nil && - p.nextToken != nil && - *prevToken == *p.nextToken { - p.nextToken = nil - } - - return result, nil -} - -// BatchGetSecretValueAPIClient is a client that implements the -// BatchGetSecretValue operation. -type BatchGetSecretValueAPIClient interface { - BatchGetSecretValue(context.Context, *BatchGetSecretValueInput, ...func(*Options)) (*BatchGetSecretValueOutput, error) -} - -var _ BatchGetSecretValueAPIClient = (*Client)(nil) - -func newServiceMetadataMiddleware_opBatchGetSecretValue(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "BatchGetSecretValue", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CancelRotateSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CancelRotateSecret.go deleted file mode 100644 index 12b149e9..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CancelRotateSecret.go +++ /dev/null @@ -1,197 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Turns off automatic rotation, and if a rotation is currently in progress, -// cancels the rotation. -// -// If you cancel a rotation in progress, it can leave the VersionStage labels in -// an unexpected state. You might need to remove the staging label AWSPENDING from -// the partially created version. You also need to determine whether to roll back -// to the previous version of the secret by moving the staging label AWSCURRENT to -// the version that has AWSPENDING . To determine which version has a specific -// staging label, call ListSecretVersionIds. Then use UpdateSecretVersionStage to change staging labels. For more information, -// see [How rotation works]. -// -// To turn on automatic rotation again, call RotateSecret. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:CancelRotateSecret . For more information, -// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [How rotation works]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) CancelRotateSecret(ctx context.Context, params *CancelRotateSecretInput, optFns ...func(*Options)) (*CancelRotateSecretOutput, error) { - if params == nil { - params = &CancelRotateSecretInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "CancelRotateSecret", params, optFns, c.addOperationCancelRotateSecretMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*CancelRotateSecretOutput) - out.ResultMetadata = metadata - return out, nil -} - -type CancelRotateSecretInput struct { - - // The ARN or name of the secret. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - noSmithyDocumentSerde -} - -type CancelRotateSecretOutput struct { - - // The ARN of the secret. - ARN *string - - // The name of the secret. - Name *string - - // The unique identifier of the version of the secret created during the rotation. - // This version might not be complete, and should be evaluated for possible - // deletion. We recommend that you remove the VersionStage value AWSPENDING from - // this version so that Secrets Manager can delete it. Failing to clean up a - // cancelled rotation can block you from starting future rotations. - VersionId *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationCancelRotateSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpCancelRotateSecret{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpCancelRotateSecret{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "CancelRotateSecret"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpCancelRotateSecretValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCancelRotateSecret(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opCancelRotateSecret(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "CancelRotateSecret", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CreateSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CreateSecret.go deleted file mode 100644 index 36e0a4a7..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_CreateSecret.go +++ /dev/null @@ -1,394 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Creates a new secret. A secret can be a password, a set of credentials such as -// a user name and password, an OAuth token, or other secret information that you -// store in an encrypted form in Secrets Manager. The secret also includes the -// connection information to access a database or other service, which Secrets -// Manager doesn't encrypt. A secret in Secrets Manager consists of both the -// protected secret data and the important information needed to manage the secret. -// -// For secrets that use managed rotation, you need to create the secret through -// the managing service. For more information, see [Secrets Manager secrets managed by other Amazon Web Services services]. -// -// For information about creating a secret in the console, see [Create a secret]. -// -// To create a secret, you can provide the secret value to be encrypted in either -// the SecretString parameter or the SecretBinary parameter, but not both. If you -// include SecretString or SecretBinary then Secrets Manager creates an initial -// secret version and automatically attaches the staging label AWSCURRENT to it. -// -// For database credentials you want to rotate, for Secrets Manager to be able to -// rotate the secret, you must make sure the JSON you store in the SecretString -// matches the [JSON structure of a database secret]. -// -// If you don't specify an KMS encryption key, Secrets Manager uses the Amazon Web -// Services managed key aws/secretsmanager . If this key doesn't already exist in -// your account, then Secrets Manager creates it for you automatically. All users -// and roles in the Amazon Web Services account automatically have access to use -// aws/secretsmanager . Creating aws/secretsmanager can result in a one-time -// significant delay in returning the result. -// -// If the secret is in a different Amazon Web Services account from the -// credentials calling the API, then you can't use aws/secretsmanager to encrypt -// the secret, and you must create and use a customer managed KMS key. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters except SecretBinary or -// SecretString because it might be logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:CreateSecret . If you include tags in the -// secret, you also need secretsmanager:TagResource . To add replica Regions, you -// must also have secretsmanager:ReplicateSecretToRegions . For more information, -// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// To encrypt the secret with a KMS key other than aws/secretsmanager , you need -// kms:GenerateDataKey and kms:Decrypt permission to the key. -// -// When you enter commands in a command shell, there is a risk of the command -// history being accessed or utilities having access to your command parameters. -// This is a concern if the command includes the value of a secret. Learn how to [Mitigate the risks of using command-line tools to store Secrets Manager secrets]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Secrets Manager secrets managed by other Amazon Web Services services]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html -// [Mitigate the risks of using command-line tools to store Secrets Manager secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html -// [Create a secret]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -// [JSON structure of a database secret]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html -func (c *Client) CreateSecret(ctx context.Context, params *CreateSecretInput, optFns ...func(*Options)) (*CreateSecretOutput, error) { - if params == nil { - params = &CreateSecretInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "CreateSecret", params, optFns, c.addOperationCreateSecretMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*CreateSecretOutput) - out.ResultMetadata = metadata - return out, nil -} - -type CreateSecretInput struct { - - // The name of the new secret. - // - // The secret name can contain ASCII letters, numbers, and the following - // characters: /_+=.@- - // - // Do not end your secret name with a hyphen followed by six characters. If you do - // so, you risk confusion and unexpected results when searching for a secret by - // partial ARN. Secrets Manager automatically adds a hyphen and six random - // characters after the secret name at the end of the ARN. - // - // This member is required. - Name *string - - // A list of Regions and KMS keys to replicate secrets. - AddReplicaRegions []types.ReplicaRegionType - - // If you include SecretString or SecretBinary , then Secrets Manager creates an - // initial version for the secret, and this parameter specifies the unique - // identifier for the new version. - // - // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs - // to call this operation, then you can leave this parameter empty. The CLI or SDK - // generates a random UUID for you and includes it as the value for this parameter - // in the request. - // - // If you generate a raw HTTP request to the Secrets Manager service endpoint, - // then you must generate a ClientRequestToken and include it in the request. - // - // This value helps ensure idempotency. Secrets Manager uses this value to prevent - // the accidental creation of duplicate versions if there are failures and retries - // during a rotation. We recommend that you generate a [UUID-type]value to ensure uniqueness - // of your versions within the specified secret. - // - // - If the ClientRequestToken value isn't already associated with a version of - // the secret then a new version of the secret is created. - // - // - If a version with this value already exists and the version SecretString and - // SecretBinary values are the same as those in the request, then the request is - // ignored. - // - // - If a version with this value already exists and that version's SecretString - // and SecretBinary values are different from those in the request, then the - // request fails because you cannot modify an existing version. Instead, use PutSecretValueto - // create a new version. - // - // This value becomes the VersionId of the new version. - // - // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier - ClientRequestToken *string - - // The description of the secret. - Description *string - - // Specifies whether to overwrite a secret with the same name in the destination - // Region. By default, secrets aren't overwritten. - ForceOverwriteReplicaSecret bool - - // The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt - // the secret value in the secret. An alias is always prefixed by alias/ , for - // example alias/aws/secretsmanager . For more information, see [About aliases]. - // - // To use a KMS key in a different account, use the key ARN or the alias ARN. - // - // If you don't specify this value, then Secrets Manager uses the key - // aws/secretsmanager . If that key doesn't yet exist, then Secrets Manager creates - // it for you automatically the first time it encrypts the secret value. - // - // If the secret is in a different Amazon Web Services account from the - // credentials calling the API, then you can't use aws/secretsmanager to encrypt - // the secret, and you must create and use a customer managed KMS key. - // - // [About aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html - KmsKeyId *string - - // The binary data to encrypt and store in the new version of the secret. We - // recommend that you store your binary data in a file and then pass the contents - // of the file as a parameter. - // - // Either SecretString or SecretBinary must have a value, but not both. - // - // This parameter is not available in the Secrets Manager console. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - SecretBinary []byte - - // The text data to encrypt and store in this new version of the secret. We - // recommend you use a JSON structure of key/value pairs for your secret value. - // - // Either SecretString or SecretBinary must have a value, but not both. - // - // If you create a secret by using the Secrets Manager console then Secrets - // Manager puts the protected secret text in only the SecretString parameter. The - // Secrets Manager console stores the information as a JSON structure of key/value - // pairs that a Lambda rotation function can parse. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - SecretString *string - - // A list of tags to attach to the secret. Each tag is a key and value pair of - // strings in a JSON text string, for example: - // - // [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}] - // - // Secrets Manager tag key names are case sensitive. A tag with the key "ABC" is a - // different tag from one with key "abc". - // - // If you check tags in permissions policies as part of your security strategy, - // then adding or removing a tag can change permissions. If the completion of this - // operation would result in you losing your permissions for this secret, then - // Secrets Manager blocks the operation and returns an Access Denied error. For - // more information, see [Control access to secrets using tags]and [Limit access to identities with tags that match secrets' tags]. - // - // For information about how to format a JSON parameter for the various command - // line tool environments, see [Using JSON for Parameters]. If your command-line tool or SDK requires - // quotation marks around the parameter, you should use single quotes to avoid - // confusion with the double quotes required in the JSON text. - // - // For tag quotas and naming restrictions, see [Service quotas for Tagging] in the Amazon Web Services General - // Reference guide. - // - // [Limit access to identities with tags that match secrets' tags]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2 - // [Using JSON for Parameters]: https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json - // [Service quotas for Tagging]: https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas - // [Control access to secrets using tags]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac - Tags []types.Tag - - noSmithyDocumentSerde -} - -type CreateSecretOutput struct { - - // The ARN of the new secret. The ARN includes the name of the secret followed by - // six random characters. This ensures that if you create a new secret with the - // same name as a deleted secret, then users with access to the old secret don't - // get access to the new secret because the ARNs are different. - ARN *string - - // The name of the new secret. - Name *string - - // A list of the replicas of this secret and their status: - // - // - Failed , which indicates that the replica was not created. - // - // - InProgress , which indicates that Secrets Manager is in the process of - // creating the replica. - // - // - InSync , which indicates that the replica was created. - ReplicationStatus []types.ReplicationStatusType - - // The unique identifier associated with the version of the new secret. - VersionId *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationCreateSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpCreateSecret{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpCreateSecret{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "CreateSecret"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addIdempotencyToken_opCreateSecretMiddleware(stack, options); err != nil { - return err - } - if err = addOpCreateSecretValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateSecret(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -type idempotencyToken_initializeOpCreateSecret struct { - tokenProvider IdempotencyTokenProvider -} - -func (*idempotencyToken_initializeOpCreateSecret) ID() string { - return "OperationIdempotencyTokenAutoFill" -} - -func (m *idempotencyToken_initializeOpCreateSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.tokenProvider == nil { - return next.HandleInitialize(ctx, in) - } - - input, ok := in.Parameters.(*CreateSecretInput) - if !ok { - return out, metadata, fmt.Errorf("expected middleware input to be of type *CreateSecretInput ") - } - - if input.ClientRequestToken == nil { - t, err := m.tokenProvider.GetIdempotencyToken() - if err != nil { - return out, metadata, err - } - input.ClientRequestToken = &t - } - return next.HandleInitialize(ctx, in) -} -func addIdempotencyToken_opCreateSecretMiddleware(stack *middleware.Stack, cfg Options) error { - return stack.Initialize.Add(&idempotencyToken_initializeOpCreateSecret{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) -} - -func newServiceMetadataMiddleware_opCreateSecret(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "CreateSecret", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteResourcePolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteResourcePolicy.go deleted file mode 100644 index dc925e54..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteResourcePolicy.go +++ /dev/null @@ -1,179 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Deletes the resource-based permission policy attached to the secret. To attach -// a policy to a secret, use PutResourcePolicy. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:DeleteResourcePolicy . For more -// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) DeleteResourcePolicy(ctx context.Context, params *DeleteResourcePolicyInput, optFns ...func(*Options)) (*DeleteResourcePolicyOutput, error) { - if params == nil { - params = &DeleteResourcePolicyInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "DeleteResourcePolicy", params, optFns, c.addOperationDeleteResourcePolicyMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*DeleteResourcePolicyOutput) - out.ResultMetadata = metadata - return out, nil -} - -type DeleteResourcePolicyInput struct { - - // The ARN or name of the secret to delete the attached resource-based policy for. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - noSmithyDocumentSerde -} - -type DeleteResourcePolicyOutput struct { - - // The ARN of the secret that the resource-based policy was deleted for. - ARN *string - - // The name of the secret that the resource-based policy was deleted for. - Name *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationDeleteResourcePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpDeleteResourcePolicy{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpDeleteResourcePolicy{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteResourcePolicy"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpDeleteResourcePolicyValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteResourcePolicy(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opDeleteResourcePolicy(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "DeleteResourcePolicy", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteSecret.go deleted file mode 100644 index b6b13e87..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DeleteSecret.go +++ /dev/null @@ -1,236 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" - "time" -) - -// Deletes a secret and all of its versions. You can specify a recovery window -// during which you can restore the secret. The minimum recovery window is 7 days. -// The default recovery window is 30 days. Secrets Manager attaches a DeletionDate -// stamp to the secret that specifies the end of the recovery window. At the end of -// the recovery window, Secrets Manager deletes the secret permanently. -// -// You can't delete a primary secret that is replicated to other Regions. You must -// first delete the replicas using RemoveRegionsFromReplication, and then delete the primary secret. When you -// delete a replica, it is deleted immediately. -// -// You can't directly delete a version of a secret. Instead, you remove all -// staging labels from the version using UpdateSecretVersionStage. This marks the version as deprecated, -// and then Secrets Manager can automatically delete the version in the background. -// -// To determine whether an application still uses a secret, you can create an -// Amazon CloudWatch alarm to alert you to any attempts to access a secret during -// the recovery window. For more information, see [Monitor secrets scheduled for deletion]. -// -// Secrets Manager performs the permanent secret deletion at the end of the -// waiting period as a background task with low priority. There is no guarantee of -// a specific time after the recovery window for the permanent delete to occur. -// -// At any time before recovery window ends, you can use RestoreSecret to remove the DeletionDate -// and cancel the deletion of the secret. -// -// When a secret is scheduled for deletion, you cannot retrieve the secret value. -// You must first cancel the deletion with RestoreSecretand then you can retrieve the secret. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:DeleteSecret . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Monitor secrets scheduled for deletion]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring_cloudwatch_deleted-secrets.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) DeleteSecret(ctx context.Context, params *DeleteSecretInput, optFns ...func(*Options)) (*DeleteSecretOutput, error) { - if params == nil { - params = &DeleteSecretInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "DeleteSecret", params, optFns, c.addOperationDeleteSecretMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*DeleteSecretOutput) - out.ResultMetadata = metadata - return out, nil -} - -type DeleteSecretInput struct { - - // The ARN or name of the secret to delete. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // Specifies whether to delete the secret without any recovery window. You can't - // use both this parameter and RecoveryWindowInDays in the same call. If you don't - // use either, then by default Secrets Manager uses a 30 day recovery window. - // - // Secrets Manager performs the actual deletion with an asynchronous background - // process, so there might be a short delay before the secret is permanently - // deleted. If you delete a secret and then immediately create a secret with the - // same name, use appropriate back off and retry logic. - // - // If you forcibly delete an already deleted or nonexistent secret, the operation - // does not return ResourceNotFoundException . - // - // Use this parameter with caution. This parameter causes the operation to skip - // the normal recovery window before the permanent deletion that Secrets Manager - // would normally impose with the RecoveryWindowInDays parameter. If you delete a - // secret with the ForceDeleteWithoutRecovery parameter, then you have no - // opportunity to recover the secret. You lose the secret permanently. - ForceDeleteWithoutRecovery *bool - - // The number of days from 7 to 30 that Secrets Manager waits before permanently - // deleting the secret. You can't use both this parameter and - // ForceDeleteWithoutRecovery in the same call. If you don't use either, then by - // default Secrets Manager uses a 30 day recovery window. - RecoveryWindowInDays *int64 - - noSmithyDocumentSerde -} - -type DeleteSecretOutput struct { - - // The ARN of the secret. - ARN *string - - // The date and time after which this secret Secrets Manager can permanently - // delete this secret, and it can no longer be restored. This value is the date and - // time of the delete request plus the number of days in RecoveryWindowInDays . - DeletionDate *time.Time - - // The name of the secret. - Name *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationDeleteSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpDeleteSecret{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpDeleteSecret{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "DeleteSecret"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpDeleteSecretValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDeleteSecret(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opDeleteSecret(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "DeleteSecret", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DescribeSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DescribeSecret.go deleted file mode 100644 index b0ccb19a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_DescribeSecret.go +++ /dev/null @@ -1,291 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" - "time" -) - -// Retrieves the details of a secret. It does not include the encrypted secret -// value. Secrets Manager only returns fields that have a value in the response. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:DescribeSecret . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) DescribeSecret(ctx context.Context, params *DescribeSecretInput, optFns ...func(*Options)) (*DescribeSecretOutput, error) { - if params == nil { - params = &DescribeSecretInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "DescribeSecret", params, optFns, c.addOperationDescribeSecretMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*DescribeSecretOutput) - out.ResultMetadata = metadata - return out, nil -} - -type DescribeSecretInput struct { - - // The ARN or name of the secret. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - noSmithyDocumentSerde -} - -type DescribeSecretOutput struct { - - // The ARN of the secret. - ARN *string - - // The date the secret was created. - CreatedDate *time.Time - - // The date the secret is scheduled for deletion. If it is not scheduled for - // deletion, this field is omitted. When you delete a secret, Secrets Manager - // requires a recovery window of at least 7 days before deleting the secret. Some - // time after the deleted date, Secrets Manager deletes the secret, including all - // of its versions. - // - // If a secret is scheduled for deletion, then its details, including the - // encrypted secret value, is not accessible. To cancel a scheduled deletion and - // restore access to the secret, use RestoreSecret. - DeletedDate *time.Time - - // The description of the secret. - Description *string - - // The key ID or alias ARN of the KMS key that Secrets Manager uses to encrypt the - // secret value. If the secret is encrypted with the Amazon Web Services managed - // key aws/secretsmanager , this field is omitted. Secrets created using the - // console use an KMS key ID. - KmsKeyId *string - - // The date that the secret was last accessed in the Region. This field is omitted - // if the secret has never been retrieved in the Region. - LastAccessedDate *time.Time - - // The last date and time that this secret was modified in any way. - LastChangedDate *time.Time - - // The last date and time that Secrets Manager rotated the secret. If the secret - // isn't configured for rotation or rotation has been disabled, Secrets Manager - // returns null. - LastRotatedDate *time.Time - - // The name of the secret. - Name *string - - // The next rotation is scheduled to occur on or before this date. If the secret - // isn't configured for rotation or rotation has been disabled, Secrets Manager - // returns null. If rotation fails, Secrets Manager retries the entire rotation - // process multiple times. If rotation is unsuccessful, this date may be in the - // past. - // - // This date represents the latest date that rotation will occur, but it is not an - // approximate rotation date. In some cases, for example if you turn off automatic - // rotation and then turn it back on, the next rotation may occur much sooner than - // this date. - NextRotationDate *time.Time - - // The ID of the service that created this secret. For more information, see [Secrets managed by other Amazon Web Services services]. - // - // [Secrets managed by other Amazon Web Services services]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html - OwningService *string - - // The Region the secret is in. If a secret is replicated to other Regions, the - // replicas are listed in ReplicationStatus . - PrimaryRegion *string - - // A list of the replicas of this secret and their status: - // - // - Failed , which indicates that the replica was not created. - // - // - InProgress , which indicates that Secrets Manager is in the process of - // creating the replica. - // - // - InSync , which indicates that the replica was created. - ReplicationStatus []types.ReplicationStatusType - - // Specifies whether automatic rotation is turned on for this secret. If the - // secret has never been configured for rotation, Secrets Manager returns null. - // - // To turn on rotation, use RotateSecret. To turn off rotation, use CancelRotateSecret. - RotationEnabled *bool - - // The ARN of the Lambda function that Secrets Manager invokes to rotate the - // secret. - RotationLambdaARN *string - - // The rotation schedule and Lambda function for this secret. If the secret - // previously had rotation turned on, but it is now turned off, this field shows - // the previous rotation schedule and rotation function. If the secret never had - // rotation turned on, this field is omitted. - RotationRules *types.RotationRulesType - - // The list of tags attached to the secret. To add tags to a secret, use TagResource. To - // remove tags, use UntagResource. - Tags []types.Tag - - // A list of the versions of the secret that have staging labels attached. - // Versions that don't have staging labels are considered deprecated and Secrets - // Manager can delete them. - // - // Secrets Manager uses staging labels to indicate the status of a secret version - // during rotation. The three staging labels for rotation are: - // - // - AWSCURRENT , which indicates the current version of the secret. - // - // - AWSPENDING , which indicates the version of the secret that contains new - // secret information that will become the next current version when rotation - // finishes. - // - // During rotation, Secrets Manager creates an AWSPENDING version ID before - // creating the new secret version. To check if a secret version exists, call GetSecretValue. - // - // - AWSPREVIOUS , which indicates the previous current version of the secret. - // You can use this as the last known good version. - // - // For more information about rotation and staging labels, see [How rotation works]. - // - // [How rotation works]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html - VersionIdsToStages map[string][]string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationDescribeSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpDescribeSecret{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpDescribeSecret{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "DescribeSecret"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpDescribeSecretValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDescribeSecret(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opDescribeSecret(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "DescribeSecret", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetRandomPassword.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetRandomPassword.go deleted file mode 100644 index d2cda17d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetRandomPassword.go +++ /dev/null @@ -1,196 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Generates a random password. We recommend that you specify the maximum length -// and include every character type that the system you are generating a password -// for can support. By default, Secrets Manager uses uppercase and lowercase -// letters, numbers, and the following characters in passwords: -// !\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ -// -// Secrets Manager generates a CloudTrail log entry when you call this action. -// -// Required permissions: secretsmanager:GetRandomPassword . For more information, -// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) GetRandomPassword(ctx context.Context, params *GetRandomPasswordInput, optFns ...func(*Options)) (*GetRandomPasswordOutput, error) { - if params == nil { - params = &GetRandomPasswordInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetRandomPassword", params, optFns, c.addOperationGetRandomPasswordMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*GetRandomPasswordOutput) - out.ResultMetadata = metadata - return out, nil -} - -type GetRandomPasswordInput struct { - - // A string of the characters that you don't want in the password. - ExcludeCharacters *string - - // Specifies whether to exclude lowercase letters from the password. If you don't - // include this switch, the password can contain lowercase letters. - ExcludeLowercase *bool - - // Specifies whether to exclude numbers from the password. If you don't include - // this switch, the password can contain numbers. - ExcludeNumbers *bool - - // Specifies whether to exclude the following punctuation characters from the - // password: ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ . If - // you don't include this switch, the password can contain punctuation. - ExcludePunctuation *bool - - // Specifies whether to exclude uppercase letters from the password. If you don't - // include this switch, the password can contain uppercase letters. - ExcludeUppercase *bool - - // Specifies whether to include the space character. If you include this switch, - // the password can contain space characters. - IncludeSpace *bool - - // The length of the password. If you don't include this parameter, the default - // length is 32 characters. - PasswordLength *int64 - - // Specifies whether to include at least one upper and lowercase letter, one - // number, and one punctuation. If you don't include this switch, the password - // contains at least one of every character type. - RequireEachIncludedType *bool - - noSmithyDocumentSerde -} - -type GetRandomPasswordOutput struct { - - // A string with the password. - RandomPassword *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationGetRandomPasswordMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetRandomPassword{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetRandomPassword{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "GetRandomPassword"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetRandomPassword(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opGetRandomPassword(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "GetRandomPassword", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetResourcePolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetResourcePolicy.go deleted file mode 100644 index cdd8584b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetResourcePolicy.go +++ /dev/null @@ -1,188 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Retrieves the JSON text of the resource-based policy document attached to the -// secret. For more information about permissions policies attached to a secret, -// see [Permissions policies attached to a secret]. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:GetResourcePolicy . For more information, -// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -// [Permissions policies attached to a secret]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-policies.html -func (c *Client) GetResourcePolicy(ctx context.Context, params *GetResourcePolicyInput, optFns ...func(*Options)) (*GetResourcePolicyOutput, error) { - if params == nil { - params = &GetResourcePolicyInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetResourcePolicy", params, optFns, c.addOperationGetResourcePolicyMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*GetResourcePolicyOutput) - out.ResultMetadata = metadata - return out, nil -} - -type GetResourcePolicyInput struct { - - // The ARN or name of the secret to retrieve the attached resource-based policy - // for. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - noSmithyDocumentSerde -} - -type GetResourcePolicyOutput struct { - - // The ARN of the secret that the resource-based policy was retrieved for. - ARN *string - - // The name of the secret that the resource-based policy was retrieved for. - Name *string - - // A JSON-formatted string that contains the permissions policy attached to the - // secret. For more information about permissions policies, see [Authentication and access control for Secrets Manager]. - // - // [Authentication and access control for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html - ResourcePolicy *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationGetResourcePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetResourcePolicy{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetResourcePolicy{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "GetResourcePolicy"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpGetResourcePolicyValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetResourcePolicy(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opGetResourcePolicy(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "GetResourcePolicy", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetSecretValue.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetSecretValue.go deleted file mode 100644 index 0f775a2a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_GetSecretValue.go +++ /dev/null @@ -1,249 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" - "time" -) - -// Retrieves the contents of the encrypted fields SecretString or SecretBinary -// from the specified version of a secret, whichever contains content. -// -// To retrieve the values for a group of secrets, call BatchGetSecretValue. -// -// We recommend that you cache your secret values by using client-side caching. -// Caching secrets improves speed and reduces your costs. For more information, see -// [Cache secrets for your applications]. -// -// To retrieve the previous version of a secret, use VersionStage and specify -// AWSPREVIOUS. To revert to the previous version of a secret, call [UpdateSecretVersionStage]. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:GetSecretValue . If the secret is encrypted -// using a customer-managed key instead of the Amazon Web Services managed key -// aws/secretsmanager , then you also need kms:Decrypt permissions for that key. -// For more information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [UpdateSecretVersionStage]: https://docs.aws.amazon.com/cli/latest/reference/secretsmanager/update-secret-version-stage.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -// [Cache secrets for your applications]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html -func (c *Client) GetSecretValue(ctx context.Context, params *GetSecretValueInput, optFns ...func(*Options)) (*GetSecretValueOutput, error) { - if params == nil { - params = &GetSecretValueInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetSecretValue", params, optFns, c.addOperationGetSecretValueMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*GetSecretValueOutput) - out.ResultMetadata = metadata - return out, nil -} - -type GetSecretValueInput struct { - - // The ARN or name of the secret to retrieve. To retrieve a secret from another - // account, you must use an ARN. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // The unique identifier of the version of the secret to retrieve. If you include - // both this parameter and VersionStage , the two parameters must refer to the same - // secret version. If you don't specify either a VersionStage or VersionId , then - // Secrets Manager returns the AWSCURRENT version. - // - // This value is typically a [UUID-type] value with 32 hexadecimal digits. - // - // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier - VersionId *string - - // The staging label of the version of the secret to retrieve. - // - // Secrets Manager uses staging labels to keep track of different versions during - // the rotation process. If you include both this parameter and VersionId , the two - // parameters must refer to the same secret version. If you don't specify either a - // VersionStage or VersionId , Secrets Manager returns the AWSCURRENT version. - VersionStage *string - - noSmithyDocumentSerde -} - -type GetSecretValueOutput struct { - - // The ARN of the secret. - ARN *string - - // The date and time that this version of the secret was created. If you don't - // specify which version in VersionId or VersionStage , then Secrets Manager uses - // the AWSCURRENT version. - CreatedDate *time.Time - - // The friendly name of the secret. - Name *string - - // The decrypted secret value, if the secret value was originally provided as - // binary data in the form of a byte array. When you retrieve a SecretBinary using - // the HTTP API, the Python SDK, or the Amazon Web Services CLI, the value is - // Base64-encoded. Otherwise, it is not encoded. - // - // If the secret was created by using the Secrets Manager console, or if the - // secret value was originally provided as a string, then this field is omitted. - // The secret value appears in SecretString instead. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - SecretBinary []byte - - // The decrypted secret value, if the secret value was originally provided as a - // string or through the Secrets Manager console. - // - // If this secret was created by using the console, then Secrets Manager stores - // the information as a JSON structure of key/value pairs. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - SecretString *string - - // The unique identifier of this version of the secret. - VersionId *string - - // A list of all of the staging labels currently attached to this version of the - // secret. - VersionStages []string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationGetSecretValueMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpGetSecretValue{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpGetSecretValue{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "GetSecretValue"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpGetSecretValueValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetSecretValue(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opGetSecretValue(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "GetSecretValue", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecretVersionIds.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecretVersionIds.go deleted file mode 100644 index b1f1ad45..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecretVersionIds.go +++ /dev/null @@ -1,308 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Lists the versions of a secret. Secrets Manager uses staging labels to indicate -// the different versions of a secret. For more information, see [Secrets Manager concepts: Versions]. -// -// To list the secrets in the account, use ListSecrets. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:ListSecretVersionIds . For more -// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Secrets Manager concepts: Versions]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) ListSecretVersionIds(ctx context.Context, params *ListSecretVersionIdsInput, optFns ...func(*Options)) (*ListSecretVersionIdsOutput, error) { - if params == nil { - params = &ListSecretVersionIdsInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "ListSecretVersionIds", params, optFns, c.addOperationListSecretVersionIdsMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*ListSecretVersionIdsOutput) - out.ResultMetadata = metadata - return out, nil -} - -type ListSecretVersionIdsInput struct { - - // The ARN or name of the secret whose versions you want to list. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // Specifies whether to include versions of secrets that don't have any staging - // labels attached to them. Versions without staging labels are considered - // deprecated and are subject to deletion by Secrets Manager. By default, versions - // without staging labels aren't included. - IncludeDeprecated *bool - - // The number of results to include in the response. - // - // If there are more results available, in the response, Secrets Manager includes - // NextToken . To get the next results, call ListSecretVersionIds again with the - // value from NextToken . - MaxResults *int32 - - // A token that indicates where the output should continue from, if a previous - // call did not show all results. To get the next results, call - // ListSecretVersionIds again with this value. - NextToken *string - - noSmithyDocumentSerde -} - -type ListSecretVersionIdsOutput struct { - - // The ARN of the secret. - ARN *string - - // The name of the secret. - Name *string - - // Secrets Manager includes this value if there's more output available than what - // is included in the current response. This can occur even when the response - // includes no values at all, such as when you ask for a filtered view of a long - // list. To get the next results, call ListSecretVersionIds again with this value. - NextToken *string - - // A list of the versions of the secret. - Versions []types.SecretVersionsListEntry - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationListSecretVersionIdsMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpListSecretVersionIds{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpListSecretVersionIds{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "ListSecretVersionIds"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpListSecretVersionIdsValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListSecretVersionIds(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -// ListSecretVersionIdsPaginatorOptions is the paginator options for -// ListSecretVersionIds -type ListSecretVersionIdsPaginatorOptions struct { - // The number of results to include in the response. - // - // If there are more results available, in the response, Secrets Manager includes - // NextToken . To get the next results, call ListSecretVersionIds again with the - // value from NextToken . - Limit int32 - - // Set to true if pagination should stop if the service returns a pagination token - // that matches the most recent token provided to the service. - StopOnDuplicateToken bool -} - -// ListSecretVersionIdsPaginator is a paginator for ListSecretVersionIds -type ListSecretVersionIdsPaginator struct { - options ListSecretVersionIdsPaginatorOptions - client ListSecretVersionIdsAPIClient - params *ListSecretVersionIdsInput - nextToken *string - firstPage bool -} - -// NewListSecretVersionIdsPaginator returns a new ListSecretVersionIdsPaginator -func NewListSecretVersionIdsPaginator(client ListSecretVersionIdsAPIClient, params *ListSecretVersionIdsInput, optFns ...func(*ListSecretVersionIdsPaginatorOptions)) *ListSecretVersionIdsPaginator { - if params == nil { - params = &ListSecretVersionIdsInput{} - } - - options := ListSecretVersionIdsPaginatorOptions{} - if params.MaxResults != nil { - options.Limit = *params.MaxResults - } - - for _, fn := range optFns { - fn(&options) - } - - return &ListSecretVersionIdsPaginator{ - options: options, - client: client, - params: params, - firstPage: true, - nextToken: params.NextToken, - } -} - -// HasMorePages returns a boolean indicating whether more pages are available -func (p *ListSecretVersionIdsPaginator) HasMorePages() bool { - return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) -} - -// NextPage retrieves the next ListSecretVersionIds page. -func (p *ListSecretVersionIdsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListSecretVersionIdsOutput, error) { - if !p.HasMorePages() { - return nil, fmt.Errorf("no more pages available") - } - - params := *p.params - params.NextToken = p.nextToken - - var limit *int32 - if p.options.Limit > 0 { - limit = &p.options.Limit - } - params.MaxResults = limit - - optFns = append([]func(*Options){ - addIsPaginatorUserAgent, - }, optFns...) - result, err := p.client.ListSecretVersionIds(ctx, ¶ms, optFns...) - if err != nil { - return nil, err - } - p.firstPage = false - - prevToken := p.nextToken - p.nextToken = result.NextToken - - if p.options.StopOnDuplicateToken && - prevToken != nil && - p.nextToken != nil && - *prevToken == *p.nextToken { - p.nextToken = nil - } - - return result, nil -} - -// ListSecretVersionIdsAPIClient is a client that implements the -// ListSecretVersionIds operation. -type ListSecretVersionIdsAPIClient interface { - ListSecretVersionIds(context.Context, *ListSecretVersionIdsInput, ...func(*Options)) (*ListSecretVersionIdsOutput, error) -} - -var _ ListSecretVersionIdsAPIClient = (*Client)(nil) - -func newServiceMetadataMiddleware_opListSecretVersionIds(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "ListSecretVersionIds", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecrets.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecrets.go deleted file mode 100644 index 8029542b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ListSecrets.go +++ /dev/null @@ -1,300 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Lists the secrets that are stored by Secrets Manager in the Amazon Web Services -// account, not including secrets that are marked for deletion. To see secrets -// marked for deletion, use the Secrets Manager console. -// -// All Secrets Manager operations are eventually consistent. ListSecrets might not -// reflect changes from the last five minutes. You can get more recent information -// for a specific secret by calling DescribeSecret. -// -// To list the versions of a secret, use ListSecretVersionIds. -// -// To retrieve the values for the secrets, call BatchGetSecretValue or GetSecretValue. -// -// For information about finding secrets in the console, see [Find secrets in Secrets Manager]. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:ListSecrets . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -// [Find secrets in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html -func (c *Client) ListSecrets(ctx context.Context, params *ListSecretsInput, optFns ...func(*Options)) (*ListSecretsOutput, error) { - if params == nil { - params = &ListSecretsInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "ListSecrets", params, optFns, c.addOperationListSecretsMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*ListSecretsOutput) - out.ResultMetadata = metadata - return out, nil -} - -type ListSecretsInput struct { - - // The filters to apply to the list of secrets. - Filters []types.Filter - - // Specifies whether to include secrets scheduled for deletion. By default, - // secrets scheduled for deletion aren't included. - IncludePlannedDeletion *bool - - // The number of results to include in the response. - // - // If there are more results available, in the response, Secrets Manager includes - // NextToken . To get the next results, call ListSecrets again with the value from - // NextToken . - MaxResults *int32 - - // A token that indicates where the output should continue from, if a previous - // call did not show all results. To get the next results, call ListSecrets again - // with this value. - NextToken *string - - // Secrets are listed by CreatedDate . - SortOrder types.SortOrderType - - noSmithyDocumentSerde -} - -type ListSecretsOutput struct { - - // Secrets Manager includes this value if there's more output available than what - // is included in the current response. This can occur even when the response - // includes no values at all, such as when you ask for a filtered view of a long - // list. To get the next results, call ListSecrets again with this value. - NextToken *string - - // A list of the secrets in the account. - SecretList []types.SecretListEntry - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationListSecretsMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpListSecrets{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpListSecrets{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "ListSecrets"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListSecrets(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -// ListSecretsPaginatorOptions is the paginator options for ListSecrets -type ListSecretsPaginatorOptions struct { - // The number of results to include in the response. - // - // If there are more results available, in the response, Secrets Manager includes - // NextToken . To get the next results, call ListSecrets again with the value from - // NextToken . - Limit int32 - - // Set to true if pagination should stop if the service returns a pagination token - // that matches the most recent token provided to the service. - StopOnDuplicateToken bool -} - -// ListSecretsPaginator is a paginator for ListSecrets -type ListSecretsPaginator struct { - options ListSecretsPaginatorOptions - client ListSecretsAPIClient - params *ListSecretsInput - nextToken *string - firstPage bool -} - -// NewListSecretsPaginator returns a new ListSecretsPaginator -func NewListSecretsPaginator(client ListSecretsAPIClient, params *ListSecretsInput, optFns ...func(*ListSecretsPaginatorOptions)) *ListSecretsPaginator { - if params == nil { - params = &ListSecretsInput{} - } - - options := ListSecretsPaginatorOptions{} - if params.MaxResults != nil { - options.Limit = *params.MaxResults - } - - for _, fn := range optFns { - fn(&options) - } - - return &ListSecretsPaginator{ - options: options, - client: client, - params: params, - firstPage: true, - nextToken: params.NextToken, - } -} - -// HasMorePages returns a boolean indicating whether more pages are available -func (p *ListSecretsPaginator) HasMorePages() bool { - return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) -} - -// NextPage retrieves the next ListSecrets page. -func (p *ListSecretsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListSecretsOutput, error) { - if !p.HasMorePages() { - return nil, fmt.Errorf("no more pages available") - } - - params := *p.params - params.NextToken = p.nextToken - - var limit *int32 - if p.options.Limit > 0 { - limit = &p.options.Limit - } - params.MaxResults = limit - - optFns = append([]func(*Options){ - addIsPaginatorUserAgent, - }, optFns...) - result, err := p.client.ListSecrets(ctx, ¶ms, optFns...) - if err != nil { - return nil, err - } - p.firstPage = false - - prevToken := p.nextToken - p.nextToken = result.NextToken - - if p.options.StopOnDuplicateToken && - prevToken != nil && - p.nextToken != nil && - *prevToken == *p.nextToken { - p.nextToken = nil - } - - return result, nil -} - -// ListSecretsAPIClient is a client that implements the ListSecrets operation. -type ListSecretsAPIClient interface { - ListSecrets(context.Context, *ListSecretsInput, ...func(*Options)) (*ListSecretsOutput, error) -} - -var _ ListSecretsAPIClient = (*Client)(nil) - -func newServiceMetadataMiddleware_opListSecrets(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "ListSecrets", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutResourcePolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutResourcePolicy.go deleted file mode 100644 index cd69f1a5..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutResourcePolicy.go +++ /dev/null @@ -1,212 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Attaches a resource-based permission policy to a secret. A resource-based -// policy is optional. For more information, see [Authentication and access control for Secrets Manager] -// -// For information about attaching a policy in the console, see [Attach a permissions policy to a secret]. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:PutResourcePolicy . For more information, -// see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Attach a permissions policy to a secret]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_resource-based-policies.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -// [Authentication and access control for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -func (c *Client) PutResourcePolicy(ctx context.Context, params *PutResourcePolicyInput, optFns ...func(*Options)) (*PutResourcePolicyOutput, error) { - if params == nil { - params = &PutResourcePolicyInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "PutResourcePolicy", params, optFns, c.addOperationPutResourcePolicyMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*PutResourcePolicyOutput) - out.ResultMetadata = metadata - return out, nil -} - -type PutResourcePolicyInput struct { - - // A JSON-formatted string for an Amazon Web Services resource-based policy. For - // example policies, see [Permissions policy examples]. - // - // [Permissions policy examples]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html - // - // This member is required. - ResourcePolicy *string - - // The ARN or name of the secret to attach the resource-based policy. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // Specifies whether to block resource-based policies that allow broad access to - // the secret, for example those that use a wildcard for the principal. By default, - // public policies aren't blocked. - // - // Resource policy validation and the BlockPublicPolicy parameter help protect - // your resources by preventing public access from being granted through the - // resource policies that are directly attached to your secrets. In addition to - // using these features, carefully inspect the following policies to confirm that - // they do not grant public access: - // - // - Identity-based policies attached to associated Amazon Web Services - // principals (for example, IAM roles) - // - // - Resource-based policies attached to associated Amazon Web Services - // resources (for example, Key Management Service (KMS) keys) - // - // To review permissions to your secrets, see [Determine who has permissions to your secrets]. - // - // [Determine who has permissions to your secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/determine-acccess_examine-iam-policies.html - BlockPublicPolicy *bool - - noSmithyDocumentSerde -} - -type PutResourcePolicyOutput struct { - - // The ARN of the secret. - ARN *string - - // The name of the secret. - Name *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationPutResourcePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpPutResourcePolicy{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpPutResourcePolicy{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "PutResourcePolicy"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpPutResourcePolicyValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutResourcePolicy(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opPutResourcePolicy(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "PutResourcePolicy", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutSecretValue.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutSecretValue.go deleted file mode 100644 index 5526bfb0..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_PutSecretValue.go +++ /dev/null @@ -1,339 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Creates a new version with a new encrypted secret value and attaches it to the -// secret. The version can contain a new SecretString value or a new SecretBinary -// value. -// -// We recommend you avoid calling PutSecretValue at a sustained rate of more than -// once every 10 minutes. When you update the secret value, Secrets Manager creates -// a new version of the secret. Secrets Manager removes outdated versions when -// there are more than 100, but it does not remove versions created less than 24 -// hours ago. If you call PutSecretValue more than once every 10 minutes, you -// create more versions than Secrets Manager removes, and you will reach the quota -// for secret versions. -// -// You can specify the staging labels to attach to the new version in VersionStages -// . If you don't include VersionStages , then Secrets Manager automatically moves -// the staging label AWSCURRENT to this version. If this operation creates the -// first version for the secret, then Secrets Manager automatically attaches the -// staging label AWSCURRENT to it. If this operation moves the staging label -// AWSCURRENT from another version to this version, then Secrets Manager also -// automatically moves the staging label AWSPREVIOUS to the version that AWSCURRENT -// was removed from. -// -// This operation is idempotent. If you call this operation with a -// ClientRequestToken that matches an existing version's VersionId, and you specify -// the same secret data, the operation succeeds but does nothing. However, if the -// secret data is different, then the operation fails because you can't modify an -// existing version; you can only create new ones. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters except SecretBinary , -// SecretString , or RotationToken because it might be logged. For more -// information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:PutSecretValue . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. -// -// When you enter commands in a command shell, there is a risk of the command -// history being accessed or utilities having access to your command parameters. -// This is a concern if the command includes the value of a secret. Learn how to [Mitigate the risks of using command-line tools to store Secrets Manager secrets]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Mitigate the risks of using command-line tools to store Secrets Manager secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) PutSecretValue(ctx context.Context, params *PutSecretValueInput, optFns ...func(*Options)) (*PutSecretValueOutput, error) { - if params == nil { - params = &PutSecretValueInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "PutSecretValue", params, optFns, c.addOperationPutSecretValueMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*PutSecretValueOutput) - out.ResultMetadata = metadata - return out, nil -} - -type PutSecretValueInput struct { - - // The ARN or name of the secret to add a new version to. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // If the secret doesn't already exist, use CreateSecret instead. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // A unique identifier for the new version of the secret. - // - // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs - // to call this operation, then you can leave this parameter empty. The CLI or SDK - // generates a random UUID for you and includes it as the value for this parameter - // in the request. - // - // If you generate a raw HTTP request to the Secrets Manager service endpoint, - // then you must generate a ClientRequestToken and include it in the request. - // - // This value helps ensure idempotency. Secrets Manager uses this value to prevent - // the accidental creation of duplicate versions if there are failures and retries - // during a rotation. We recommend that you generate a [UUID-type]value to ensure uniqueness - // of your versions within the specified secret. - // - // - If the ClientRequestToken value isn't already associated with a version of - // the secret then a new version of the secret is created. - // - // - If a version with this value already exists and that version's SecretString - // or SecretBinary values are the same as those in the request then the request - // is ignored. The operation is idempotent. - // - // - If a version with this value already exists and the version of the - // SecretString and SecretBinary values are different from those in the request, - // then the request fails because you can't modify a secret version. You can only - // create new versions to store new secret values. - // - // This value becomes the VersionId of the new version. - // - // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier - ClientRequestToken *string - - // A unique identifier that indicates the source of the request. For cross-account - // rotation (when you rotate a secret in one account by using a Lambda rotation - // function in another account) and the Lambda rotation function assumes an IAM - // role to call Secrets Manager, Secrets Manager validates the identity with the - // rotation token. For more information, see [How rotation works]. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - // - // [How rotation works]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html - RotationToken *string - - // The binary data to encrypt and store in the new version of the secret. To use - // this parameter in the command-line tools, we recommend that you store your - // binary data in a file and then pass the contents of the file as a parameter. - // - // You must include SecretBinary or SecretString , but not both. - // - // You can't access this value from the Secrets Manager console. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - SecretBinary []byte - - // The text to encrypt and store in the new version of the secret. - // - // You must include SecretBinary or SecretString , but not both. - // - // We recommend you create the secret string as JSON key/value pairs, as shown in - // the example. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - SecretString *string - - // A list of staging labels to attach to this version of the secret. Secrets - // Manager uses staging labels to track versions of a secret through the rotation - // process. - // - // If you specify a staging label that's already associated with a different - // version of the same secret, then Secrets Manager removes the label from the - // other version and attaches it to this version. If you specify AWSCURRENT , and - // it is already attached to another version, then Secrets Manager also moves the - // staging label AWSPREVIOUS to the version that AWSCURRENT was removed from. - // - // If you don't include VersionStages , then Secrets Manager automatically moves - // the staging label AWSCURRENT to this version. - VersionStages []string - - noSmithyDocumentSerde -} - -type PutSecretValueOutput struct { - - // The ARN of the secret. - ARN *string - - // The name of the secret. - Name *string - - // The unique identifier of the version of the secret. - VersionId *string - - // The list of staging labels that are currently attached to this version of the - // secret. Secrets Manager uses staging labels to track a version as it progresses - // through the secret rotation process. - VersionStages []string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationPutSecretValueMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpPutSecretValue{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpPutSecretValue{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "PutSecretValue"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addIdempotencyToken_opPutSecretValueMiddleware(stack, options); err != nil { - return err - } - if err = addOpPutSecretValueValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutSecretValue(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -type idempotencyToken_initializeOpPutSecretValue struct { - tokenProvider IdempotencyTokenProvider -} - -func (*idempotencyToken_initializeOpPutSecretValue) ID() string { - return "OperationIdempotencyTokenAutoFill" -} - -func (m *idempotencyToken_initializeOpPutSecretValue) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.tokenProvider == nil { - return next.HandleInitialize(ctx, in) - } - - input, ok := in.Parameters.(*PutSecretValueInput) - if !ok { - return out, metadata, fmt.Errorf("expected middleware input to be of type *PutSecretValueInput ") - } - - if input.ClientRequestToken == nil { - t, err := m.tokenProvider.GetIdempotencyToken() - if err != nil { - return out, metadata, err - } - input.ClientRequestToken = &t - } - return next.HandleInitialize(ctx, in) -} -func addIdempotencyToken_opPutSecretValueMiddleware(stack *middleware.Stack, cfg Options) error { - return stack.Initialize.Add(&idempotencyToken_initializeOpPutSecretValue{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) -} - -func newServiceMetadataMiddleware_opPutSecretValue(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "PutSecretValue", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RemoveRegionsFromReplication.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RemoveRegionsFromReplication.go deleted file mode 100644 index def503be..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RemoveRegionsFromReplication.go +++ /dev/null @@ -1,180 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// For a secret that is replicated to other Regions, deletes the secret replicas -// from the Regions you specify. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:RemoveRegionsFromReplication . For more -// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) RemoveRegionsFromReplication(ctx context.Context, params *RemoveRegionsFromReplicationInput, optFns ...func(*Options)) (*RemoveRegionsFromReplicationOutput, error) { - if params == nil { - params = &RemoveRegionsFromReplicationInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "RemoveRegionsFromReplication", params, optFns, c.addOperationRemoveRegionsFromReplicationMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*RemoveRegionsFromReplicationOutput) - out.ResultMetadata = metadata - return out, nil -} - -type RemoveRegionsFromReplicationInput struct { - - // The Regions of the replicas to remove. - // - // This member is required. - RemoveReplicaRegions []string - - // The ARN or name of the secret. - // - // This member is required. - SecretId *string - - noSmithyDocumentSerde -} - -type RemoveRegionsFromReplicationOutput struct { - - // The ARN of the primary secret. - ARN *string - - // The status of replicas for this secret after you remove Regions. - ReplicationStatus []types.ReplicationStatusType - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationRemoveRegionsFromReplicationMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpRemoveRegionsFromReplication{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpRemoveRegionsFromReplication{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "RemoveRegionsFromReplication"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpRemoveRegionsFromReplicationValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRemoveRegionsFromReplication(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opRemoveRegionsFromReplication(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "RemoveRegionsFromReplication", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ReplicateSecretToRegions.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ReplicateSecretToRegions.go deleted file mode 100644 index a0fb6e80..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ReplicateSecretToRegions.go +++ /dev/null @@ -1,187 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Replicates the secret to a new Regions. See [Multi-Region secrets]. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:ReplicateSecretToRegions . If the primary -// secret is encrypted with a KMS key other than aws/secretsmanager , you also need -// kms:Decrypt permission to the key. To encrypt the replicated secret with a KMS -// key other than aws/secretsmanager , you need kms:GenerateDataKey and kms:Encrypt -// to the key. For more information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Multi-Region secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/create-manage-multi-region-secrets.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) ReplicateSecretToRegions(ctx context.Context, params *ReplicateSecretToRegionsInput, optFns ...func(*Options)) (*ReplicateSecretToRegionsOutput, error) { - if params == nil { - params = &ReplicateSecretToRegionsInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "ReplicateSecretToRegions", params, optFns, c.addOperationReplicateSecretToRegionsMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*ReplicateSecretToRegionsOutput) - out.ResultMetadata = metadata - return out, nil -} - -type ReplicateSecretToRegionsInput struct { - - // A list of Regions in which to replicate the secret. - // - // This member is required. - AddReplicaRegions []types.ReplicaRegionType - - // The ARN or name of the secret to replicate. - // - // This member is required. - SecretId *string - - // Specifies whether to overwrite a secret with the same name in the destination - // Region. By default, secrets aren't overwritten. - ForceOverwriteReplicaSecret bool - - noSmithyDocumentSerde -} - -type ReplicateSecretToRegionsOutput struct { - - // The ARN of the primary secret. - ARN *string - - // The status of replication. - ReplicationStatus []types.ReplicationStatusType - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationReplicateSecretToRegionsMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpReplicateSecretToRegions{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpReplicateSecretToRegions{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "ReplicateSecretToRegions"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpReplicateSecretToRegionsValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opReplicateSecretToRegions(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opReplicateSecretToRegions(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "ReplicateSecretToRegions", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RestoreSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RestoreSecret.go deleted file mode 100644 index 8cc72cc6..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RestoreSecret.go +++ /dev/null @@ -1,179 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Cancels the scheduled deletion of a secret by removing the DeletedDate time -// stamp. You can access a secret again after it has been restored. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:RestoreSecret . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) RestoreSecret(ctx context.Context, params *RestoreSecretInput, optFns ...func(*Options)) (*RestoreSecretOutput, error) { - if params == nil { - params = &RestoreSecretInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "RestoreSecret", params, optFns, c.addOperationRestoreSecretMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*RestoreSecretOutput) - out.ResultMetadata = metadata - return out, nil -} - -type RestoreSecretInput struct { - - // The ARN or name of the secret to restore. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - noSmithyDocumentSerde -} - -type RestoreSecretOutput struct { - - // The ARN of the secret that was restored. - ARN *string - - // The name of the secret that was restored. - Name *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationRestoreSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpRestoreSecret{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpRestoreSecret{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "RestoreSecret"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpRestoreSecretValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRestoreSecret(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opRestoreSecret(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "RestoreSecret", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RotateSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RotateSecret.go deleted file mode 100644 index 416225cc..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_RotateSecret.go +++ /dev/null @@ -1,281 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Configures and starts the asynchronous process of rotating the secret. For -// information about rotation, see [Rotate secrets]in the Secrets Manager User Guide. If you -// include the configuration parameters, the operation sets the values for the -// secret and then immediately starts a rotation. If you don't include the -// configuration parameters, the operation starts a rotation with the values -// already stored in the secret. -// -// When rotation is successful, the AWSPENDING staging label might be attached to -// the same version as the AWSCURRENT version, or it might not be attached to any -// version. If the AWSPENDING staging label is present but not attached to the -// same version as AWSCURRENT , then any later invocation of RotateSecret assumes -// that a previous rotation request is still in progress and returns an error. When -// rotation is unsuccessful, the AWSPENDING staging label might be attached to an -// empty secret version. For more information, see [Troubleshoot rotation]in the Secrets Manager User -// Guide. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:RotateSecret . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. You also need lambda:InvokeFunction permissions on the rotation function. -// For more information, see [Permissions for rotation]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Permissions for rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html -// [Rotate secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Troubleshoot rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) RotateSecret(ctx context.Context, params *RotateSecretInput, optFns ...func(*Options)) (*RotateSecretOutput, error) { - if params == nil { - params = &RotateSecretInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "RotateSecret", params, optFns, c.addOperationRotateSecretMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*RotateSecretOutput) - out.ResultMetadata = metadata - return out, nil -} - -type RotateSecretInput struct { - - // The ARN or name of the secret to rotate. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // A unique identifier for the new version of the secret. You only need to specify - // this value if you implement your own retry logic and you want to ensure that - // Secrets Manager doesn't attempt to create a secret version twice. - // - // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs - // to call this operation, then you can leave this parameter empty. The CLI or SDK - // generates a random UUID for you and includes it as the value for this parameter - // in the request. - // - // If you generate a raw HTTP request to the Secrets Manager service endpoint, - // then you must generate a ClientRequestToken and include it in the request. - // - // This value helps ensure idempotency. Secrets Manager uses this value to prevent - // the accidental creation of duplicate versions if there are failures and retries - // during a rotation. We recommend that you generate a [UUID-type]value to ensure uniqueness - // of your versions within the specified secret. - // - // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier - ClientRequestToken *string - - // Specifies whether to rotate the secret immediately or wait until the next - // scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules. - // - // For secrets that use a Lambda rotation function to rotate, if you don't - // immediately rotate the secret, Secrets Manager tests the rotation configuration - // by running the [testSecret step]testSecret of the Lambda rotation function. The test creates an - // AWSPENDING version of the secret and then removes it. - // - // By default, Secrets Manager rotates the secret immediately. - // - // [testSecret step]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_lambda-functions.html#rotate-secrets_lambda-functions-code - RotateImmediately *bool - - // For secrets that use a Lambda rotation function to rotate, the ARN of the - // Lambda rotation function. - // - // For secrets that use managed rotation, omit this field. For more information, - // see [Managed rotation]in the Secrets Manager User Guide. - // - // [Managed rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html - RotationLambdaARN *string - - // A structure that defines the rotation configuration for this secret. - RotationRules *types.RotationRulesType - - noSmithyDocumentSerde -} - -type RotateSecretOutput struct { - - // The ARN of the secret. - ARN *string - - // The name of the secret. - Name *string - - // The ID of the new version of the secret. - VersionId *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationRotateSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpRotateSecret{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpRotateSecret{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "RotateSecret"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addIdempotencyToken_opRotateSecretMiddleware(stack, options); err != nil { - return err - } - if err = addOpRotateSecretValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRotateSecret(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -type idempotencyToken_initializeOpRotateSecret struct { - tokenProvider IdempotencyTokenProvider -} - -func (*idempotencyToken_initializeOpRotateSecret) ID() string { - return "OperationIdempotencyTokenAutoFill" -} - -func (m *idempotencyToken_initializeOpRotateSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.tokenProvider == nil { - return next.HandleInitialize(ctx, in) - } - - input, ok := in.Parameters.(*RotateSecretInput) - if !ok { - return out, metadata, fmt.Errorf("expected middleware input to be of type *RotateSecretInput ") - } - - if input.ClientRequestToken == nil { - t, err := m.tokenProvider.GetIdempotencyToken() - if err != nil { - return out, metadata, err - } - input.ClientRequestToken = &t - } - return next.HandleInitialize(ctx, in) -} -func addIdempotencyToken_opRotateSecretMiddleware(stack *middleware.Stack, cfg Options) error { - return stack.Initialize.Add(&idempotencyToken_initializeOpRotateSecret{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) -} - -func newServiceMetadataMiddleware_opRotateSecret(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "RotateSecret", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_StopReplicationToReplica.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_StopReplicationToReplica.go deleted file mode 100644 index c2f2ed81..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_StopReplicationToReplica.go +++ /dev/null @@ -1,175 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Removes the link between the replica secret and the primary secret and promotes -// the replica to a primary secret in the replica Region. -// -// You must call this operation from the Region in which you want to promote the -// replica to a primary secret. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:StopReplicationToReplica . For more -// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) StopReplicationToReplica(ctx context.Context, params *StopReplicationToReplicaInput, optFns ...func(*Options)) (*StopReplicationToReplicaOutput, error) { - if params == nil { - params = &StopReplicationToReplicaInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "StopReplicationToReplica", params, optFns, c.addOperationStopReplicationToReplicaMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*StopReplicationToReplicaOutput) - out.ResultMetadata = metadata - return out, nil -} - -type StopReplicationToReplicaInput struct { - - // The ARN of the primary secret. - // - // This member is required. - SecretId *string - - noSmithyDocumentSerde -} - -type StopReplicationToReplicaOutput struct { - - // The ARN of the promoted secret. The ARN is the same as the original primary - // secret except the Region is changed. - ARN *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationStopReplicationToReplicaMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpStopReplicationToReplica{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpStopReplicationToReplica{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "StopReplicationToReplica"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpStopReplicationToReplicaValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opStopReplicationToReplica(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opStopReplicationToReplica(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "StopReplicationToReplica", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_TagResource.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_TagResource.go deleted file mode 100644 index aa4bfb56..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_TagResource.go +++ /dev/null @@ -1,196 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Attaches tags to a secret. Tags consist of a key name and a value. Tags are -// part of the secret's metadata. They are not associated with specific versions of -// the secret. This operation appends tags to the existing list of tags. -// -// For tag quotas and naming restrictions, see [Service quotas for Tagging] in the Amazon Web Services General -// Reference guide. -// -// If you use tags as part of your security strategy, then adding or removing a -// tag can change permissions. If successfully completing this operation would -// result in you losing your permissions for this secret, then the operation is -// blocked and returns an Access Denied error. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:TagResource . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -// [Service quotas for Tagging]: https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas -func (c *Client) TagResource(ctx context.Context, params *TagResourceInput, optFns ...func(*Options)) (*TagResourceOutput, error) { - if params == nil { - params = &TagResourceInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "TagResource", params, optFns, c.addOperationTagResourceMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*TagResourceOutput) - out.ResultMetadata = metadata - return out, nil -} - -type TagResourceInput struct { - - // The identifier for the secret to attach tags to. You can specify either the - // Amazon Resource Name (ARN) or the friendly name of the secret. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // The tags to attach to the secret as a JSON text string argument. Each element - // in the list consists of a Key and a Value . - // - // For storing multiple values, we recommend that you use a JSON text string - // argument and specify key/value pairs. For more information, see [Specifying parameter values for the Amazon Web Services CLI]in the Amazon - // Web Services CLI User Guide. - // - // [Specifying parameter values for the Amazon Web Services CLI]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html - // - // This member is required. - Tags []types.Tag - - noSmithyDocumentSerde -} - -type TagResourceOutput struct { - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationTagResourceMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpTagResource{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpTagResource{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "TagResource"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpTagResourceValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opTagResource(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opTagResource(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "TagResource", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UntagResource.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UntagResource.go deleted file mode 100644 index e17e9176..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UntagResource.go +++ /dev/null @@ -1,193 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Removes specific tags from a secret. -// -// This operation is idempotent. If a requested tag is not attached to the secret, -// no error is returned and the secret metadata is unchanged. -// -// If you use tags as part of your security strategy, then removing a tag can -// change permissions. If successfully completing this operation would result in -// you losing your permissions for this secret, then the operation is blocked and -// returns an Access Denied error. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:UntagResource . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) UntagResource(ctx context.Context, params *UntagResourceInput, optFns ...func(*Options)) (*UntagResourceOutput, error) { - if params == nil { - params = &UntagResourceInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "UntagResource", params, optFns, c.addOperationUntagResourceMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*UntagResourceOutput) - out.ResultMetadata = metadata - return out, nil -} - -type UntagResourceInput struct { - - // The ARN or name of the secret. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // A list of tag key names to remove from the secret. You don't specify the value. - // Both the key and its associated value are removed. - // - // This parameter requires a JSON text string argument. - // - // For storing multiple values, we recommend that you use a JSON text string - // argument and specify key/value pairs. For more information, see [Specifying parameter values for the Amazon Web Services CLI]in the Amazon - // Web Services CLI User Guide. - // - // [Specifying parameter values for the Amazon Web Services CLI]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters.html - // - // This member is required. - TagKeys []string - - noSmithyDocumentSerde -} - -type UntagResourceOutput struct { - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationUntagResourceMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpUntagResource{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpUntagResource{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "UntagResource"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpUntagResourceValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUntagResource(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opUntagResource(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "UntagResource", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecret.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecret.go deleted file mode 100644 index 8225e2b4..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecret.go +++ /dev/null @@ -1,327 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Modifies the details of a secret, including metadata and the secret value. To -// change the secret value, you can also use PutSecretValue. -// -// To change the rotation configuration of a secret, use RotateSecret instead. -// -// To change a secret so that it is managed by another service, you need to -// recreate the secret in that service. See [Secrets Manager secrets managed by other Amazon Web Services services]. -// -// We recommend you avoid calling UpdateSecret at a sustained rate of more than -// once every 10 minutes. When you call UpdateSecret to update the secret value, -// Secrets Manager creates a new version of the secret. Secrets Manager removes -// outdated versions when there are more than 100, but it does not remove versions -// created less than 24 hours ago. If you update the secret value more than once -// every 10 minutes, you create more versions than Secrets Manager removes, and you -// will reach the quota for secret versions. -// -// If you include SecretString or SecretBinary to create a new secret version, -// Secrets Manager automatically moves the staging label AWSCURRENT to the new -// version. Then it attaches the label AWSPREVIOUS to the version that AWSCURRENT -// was removed from. -// -// If you call this operation with a ClientRequestToken that matches an existing -// version's VersionId , the operation results in an error. You can't modify an -// existing version, you can only create a new version. To remove a version, remove -// all staging labels from it. See UpdateSecretVersionStage. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters except SecretBinary or -// SecretString because it might be logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:UpdateSecret . For more information, see [IAM policy actions for Secrets Manager] -// and [Authentication and access control in Secrets Manager]. If you use a customer managed key, you must also have kms:GenerateDataKey -// , kms:Encrypt , and kms:Decrypt permissions on the key. If you change the KMS -// key and you don't have kms:Encrypt permission to the new key, Secrets Manager -// does not re-encrypt existing secret versions with the new key. For more -// information, see [Secret encryption and decryption]. -// -// When you enter commands in a command shell, there is a risk of the command -// history being accessed or utilities having access to your command parameters. -// This is a concern if the command includes the value of a secret. Learn how to [Mitigate the risks of using command-line tools to store Secrets Manager secrets]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Secret encryption and decryption]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html -// [Secrets Manager secrets managed by other Amazon Web Services services]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html -// [Mitigate the risks of using command-line tools to store Secrets Manager secrets]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/security_cli-exposure-risks.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) UpdateSecret(ctx context.Context, params *UpdateSecretInput, optFns ...func(*Options)) (*UpdateSecretOutput, error) { - if params == nil { - params = &UpdateSecretInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "UpdateSecret", params, optFns, c.addOperationUpdateSecretMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*UpdateSecretOutput) - out.ResultMetadata = metadata - return out, nil -} - -type UpdateSecretInput struct { - - // The ARN or name of the secret. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // If you include SecretString or SecretBinary , then Secrets Manager creates a new - // version for the secret, and this parameter specifies the unique identifier for - // the new version. - // - // If you use the Amazon Web Services CLI or one of the Amazon Web Services SDKs - // to call this operation, then you can leave this parameter empty. The CLI or SDK - // generates a random UUID for you and includes it as the value for this parameter - // in the request. - // - // If you generate a raw HTTP request to the Secrets Manager service endpoint, - // then you must generate a ClientRequestToken and include it in the request. - // - // This value helps ensure idempotency. Secrets Manager uses this value to prevent - // the accidental creation of duplicate versions if there are failures and retries - // during a rotation. We recommend that you generate a [UUID-type]value to ensure uniqueness - // of your versions within the specified secret. - // - // [UUID-type]: https://wikipedia.org/wiki/Universally_unique_identifier - ClientRequestToken *string - - // The description of the secret. - Description *string - - // The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt - // new secret versions as well as any existing versions with the staging labels - // AWSCURRENT , AWSPENDING , or AWSPREVIOUS . If you don't have kms:Encrypt - // permission to the new key, Secrets Manager does not re-encrypt existing secret - // versions with the new key. For more information about versions and staging - // labels, see [Concepts: Version]. - // - // A key alias is always prefixed by alias/ , for example alias/aws/secretsmanager - // . For more information, see [About aliases]. - // - // If you set this to an empty string, Secrets Manager uses the Amazon Web - // Services managed key aws/secretsmanager . If this key doesn't already exist in - // your account, then Secrets Manager creates it for you automatically. All users - // and roles in the Amazon Web Services account automatically have access to use - // aws/secretsmanager . Creating aws/secretsmanager can result in a one-time - // significant delay in returning the result. - // - // You can only use the Amazon Web Services managed key aws/secretsmanager if you - // call this operation using credentials from the same Amazon Web Services account - // that owns the secret. If the secret is in a different account, then you must use - // a customer managed key and provide the ARN of that KMS key in this field. The - // user making the call must have permissions to both the secret and the KMS key in - // their respective accounts. - // - // [Concepts: Version]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version - // [About aliases]: https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html - KmsKeyId *string - - // The binary data to encrypt and store in the new version of the secret. We - // recommend that you store your binary data in a file and then pass the contents - // of the file as a parameter. - // - // Either SecretBinary or SecretString must have a value, but not both. - // - // You can't access this parameter in the Secrets Manager console. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - SecretBinary []byte - - // The text data to encrypt and store in the new version of the secret. We - // recommend you use a JSON structure of key/value pairs for your secret value. - // - // Either SecretBinary or SecretString must have a value, but not both. - // - // Sensitive: This field contains sensitive information, so the service does not - // include it in CloudTrail log entries. If you create your own log entries, you - // must also avoid logging the information in this field. - SecretString *string - - noSmithyDocumentSerde -} - -type UpdateSecretOutput struct { - - // The ARN of the secret that was updated. - ARN *string - - // The name of the secret that was updated. - Name *string - - // If Secrets Manager created a new version of the secret during this operation, - // then VersionId contains the unique identifier of the new version. - VersionId *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationUpdateSecretMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpUpdateSecret{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpUpdateSecret{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "UpdateSecret"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addIdempotencyToken_opUpdateSecretMiddleware(stack, options); err != nil { - return err - } - if err = addOpUpdateSecretValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateSecret(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -type idempotencyToken_initializeOpUpdateSecret struct { - tokenProvider IdempotencyTokenProvider -} - -func (*idempotencyToken_initializeOpUpdateSecret) ID() string { - return "OperationIdempotencyTokenAutoFill" -} - -func (m *idempotencyToken_initializeOpUpdateSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.tokenProvider == nil { - return next.HandleInitialize(ctx, in) - } - - input, ok := in.Parameters.(*UpdateSecretInput) - if !ok { - return out, metadata, fmt.Errorf("expected middleware input to be of type *UpdateSecretInput ") - } - - if input.ClientRequestToken == nil { - t, err := m.tokenProvider.GetIdempotencyToken() - if err != nil { - return out, metadata, err - } - input.ClientRequestToken = &t - } - return next.HandleInitialize(ctx, in) -} -func addIdempotencyToken_opUpdateSecretMiddleware(stack *middleware.Stack, cfg Options) error { - return stack.Initialize.Add(&idempotencyToken_initializeOpUpdateSecret{tokenProvider: cfg.IdempotencyTokenProvider}, middleware.Before) -} - -func newServiceMetadataMiddleware_opUpdateSecret(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "UpdateSecret", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecretVersionStage.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecretVersionStage.go deleted file mode 100644 index a5af1a33..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_UpdateSecretVersionStage.go +++ /dev/null @@ -1,217 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Modifies the staging labels attached to a version of a secret. Secrets Manager -// uses staging labels to track a version as it progresses through the secret -// rotation process. Each staging label can be attached to only one version at a -// time. To add a staging label to a version when it is already attached to another -// version, Secrets Manager first removes it from the other version first and then -// attaches it to this one. For more information about versions and staging labels, -// see [Concepts: Version]. -// -// The staging labels that you specify in the VersionStage parameter are added to -// the existing list of staging labels for the version. -// -// You can move the AWSCURRENT staging label to this version by including it in -// this call. -// -// Whenever you move AWSCURRENT , Secrets Manager automatically moves the label -// AWSPREVIOUS to the version that AWSCURRENT was removed from. -// -// If this action results in the last label being removed from a version, then the -// version is considered to be 'deprecated' and can be deleted by Secrets Manager. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:UpdateSecretVersionStage . For more -// information, see [IAM policy actions for Secrets Manager]and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [Concepts: Version]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -func (c *Client) UpdateSecretVersionStage(ctx context.Context, params *UpdateSecretVersionStageInput, optFns ...func(*Options)) (*UpdateSecretVersionStageOutput, error) { - if params == nil { - params = &UpdateSecretVersionStageInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "UpdateSecretVersionStage", params, optFns, c.addOperationUpdateSecretVersionStageMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*UpdateSecretVersionStageOutput) - out.ResultMetadata = metadata - return out, nil -} - -type UpdateSecretVersionStageInput struct { - - // The ARN or the name of the secret with the version and staging labelsto modify. - // - // For an ARN, we recommend that you specify a complete ARN rather than a partial - // ARN. See [Finding a secret from a partial ARN]. - // - // [Finding a secret from a partial ARN]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot.html#ARN_secretnamehyphen - // - // This member is required. - SecretId *string - - // The staging label to add to this version. - // - // This member is required. - VersionStage *string - - // The ID of the version to add the staging label to. To remove a label from a - // version, then do not specify this parameter. - // - // If the staging label is already attached to a different version of the secret, - // then you must also specify the RemoveFromVersionId parameter. - MoveToVersionId *string - - // The ID of the version that the staging label is to be removed from. If the - // staging label you are trying to attach to one version is already attached to a - // different version, then you must include this parameter and specify the version - // that the label is to be removed from. If the label is attached and you either do - // not specify this parameter, or the version ID does not match, then the operation - // fails. - RemoveFromVersionId *string - - noSmithyDocumentSerde -} - -type UpdateSecretVersionStageOutput struct { - - // The ARN of the secret that was updated. - ARN *string - - // The name of the secret that was updated. - Name *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationUpdateSecretVersionStageMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpUpdateSecretVersionStage{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpUpdateSecretVersionStage{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "UpdateSecretVersionStage"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpUpdateSecretVersionStageValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opUpdateSecretVersionStage(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opUpdateSecretVersionStage(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "UpdateSecretVersionStage", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ValidateResourcePolicy.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ValidateResourcePolicy.go deleted file mode 100644 index d5e3ffc8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/api_op_ValidateResourcePolicy.go +++ /dev/null @@ -1,194 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Validates that a resource policy does not grant a wide range of principals -// access to your secret. A resource-based policy is optional for secrets. -// -// The API performs three checks when validating the policy: -// -// - Sends a call to [Zelkova], an automated reasoning engine, to ensure your resource -// policy does not allow broad access to your secret, for example policies that use -// a wildcard for the principal. -// -// - Checks for correct syntax in a policy. -// -// - Verifies the policy does not lock out a caller. -// -// Secrets Manager generates a CloudTrail log entry when you call this action. Do -// not include sensitive information in request parameters because it might be -// logged. For more information, see [Logging Secrets Manager events with CloudTrail]. -// -// Required permissions: secretsmanager:ValidateResourcePolicy and -// secretsmanager:PutResourcePolicy . For more information, see [IAM policy actions for Secrets Manager] and [Authentication and access control in Secrets Manager]. -// -// [Authentication and access control in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html -// [Logging Secrets Manager events with CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html -// [IAM policy actions for Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions -// [Zelkova]: https://aws.amazon.com/blogs/security/protect-sensitive-data-in-the-cloud-with-automated-reasoning-zelkova/ -func (c *Client) ValidateResourcePolicy(ctx context.Context, params *ValidateResourcePolicyInput, optFns ...func(*Options)) (*ValidateResourcePolicyOutput, error) { - if params == nil { - params = &ValidateResourcePolicyInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "ValidateResourcePolicy", params, optFns, c.addOperationValidateResourcePolicyMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*ValidateResourcePolicyOutput) - out.ResultMetadata = metadata - return out, nil -} - -type ValidateResourcePolicyInput struct { - - // A JSON-formatted string that contains an Amazon Web Services resource-based - // policy. The policy in the string identifies who can access or manage this secret - // and its versions. For example policies, see [Permissions policy examples]. - // - // [Permissions policy examples]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html - // - // This member is required. - ResourcePolicy *string - - // The ARN or name of the secret with the resource-based policy you want to - // validate. - SecretId *string - - noSmithyDocumentSerde -} - -type ValidateResourcePolicyOutput struct { - - // True if your policy passes validation, otherwise false. - PolicyValidationPassed bool - - // Validation errors if your policy didn't pass validation. - ValidationErrors []types.ValidationErrorsEntry - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationValidateResourcePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsjson11_serializeOpValidateResourcePolicy{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsjson11_deserializeOpValidateResourcePolicy{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "ValidateResourcePolicy"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpValidateResourcePolicyValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opValidateResourcePolicy(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opValidateResourcePolicy(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "ValidateResourcePolicy", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/auth.go deleted file mode 100644 index 5249b5ef..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/auth.go +++ /dev/null @@ -1,313 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { - params.Region = options.Region -} - -type setLegacyContextSigningOptionsMiddleware struct { -} - -func (*setLegacyContextSigningOptionsMiddleware) ID() string { - return "setLegacyContextSigningOptions" -} - -func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - rscheme := getResolvedAuthScheme(ctx) - schemeID := rscheme.Scheme.SchemeID() - - if sn := awsmiddleware.GetSigningName(ctx); sn != "" { - if schemeID == "aws.auth#sigv4" { - smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) - } else if schemeID == "aws.auth#sigv4a" { - smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) - } - } - - if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { - if schemeID == "aws.auth#sigv4" { - smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) - } else if schemeID == "aws.auth#sigv4a" { - smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) - } - } - - return next.HandleFinalize(ctx, in) -} - -func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) -} - -type withAnonymous struct { - resolver AuthSchemeResolver -} - -var _ AuthSchemeResolver = (*withAnonymous)(nil) - -func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { - opts, err := v.resolver.ResolveAuthSchemes(ctx, params) - if err != nil { - return nil, err - } - - opts = append(opts, &smithyauth.Option{ - SchemeID: smithyauth.SchemeIDAnonymous, - }) - return opts, nil -} - -func wrapWithAnonymousAuth(options *Options) { - if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { - return - } - - options.AuthSchemeResolver = &withAnonymous{ - resolver: options.AuthSchemeResolver, - } -} - -// AuthResolverParameters contains the set of inputs necessary for auth scheme -// resolution. -type AuthResolverParameters struct { - // The name of the operation being invoked. - Operation string - - // The region in which the operation is being invoked. - Region string -} - -func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { - params := &AuthResolverParameters{ - Operation: operation, - } - - bindAuthParamsRegion(ctx, params, input, options) - - return params -} - -// AuthSchemeResolver returns a set of possible authentication options for an -// operation. -type AuthSchemeResolver interface { - ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) -} - -type defaultAuthSchemeResolver struct{} - -var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) - -func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { - if overrides, ok := operationAuthOptions[params.Operation]; ok { - return overrides(params), nil - } - return serviceAuthOptions(params), nil -} - -var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{} - -func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - { - SchemeID: smithyauth.SchemeIDSigV4, - SignerProperties: func() smithy.Properties { - var props smithy.Properties - smithyhttp.SetSigV4SigningName(&props, "secretsmanager") - smithyhttp.SetSigV4SigningRegion(&props, params.Region) - return props - }(), - }, - } -} - -type resolveAuthSchemeMiddleware struct { - operation string - options Options -} - -func (*resolveAuthSchemeMiddleware) ID() string { - return "ResolveAuthScheme" -} - -func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "ResolveAuthScheme") - defer span.End() - - params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) - options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) - } - - scheme, ok := m.selectScheme(options) - if !ok { - return out, metadata, fmt.Errorf("could not select an auth scheme") - } - - ctx = setResolvedAuthScheme(ctx, scheme) - - span.SetProperty("auth.scheme_id", scheme.Scheme.SchemeID()) - span.End() - return next.HandleFinalize(ctx, in) -} - -func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { - for _, option := range options { - if option.SchemeID == smithyauth.SchemeIDAnonymous { - return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true - } - - for _, scheme := range m.options.AuthSchemes { - if scheme.SchemeID() != option.SchemeID { - continue - } - - if scheme.IdentityResolver(m.options) != nil { - return newResolvedAuthScheme(scheme, option), true - } - } - } - - return nil, false -} - -type resolvedAuthSchemeKey struct{} - -type resolvedAuthScheme struct { - Scheme smithyhttp.AuthScheme - IdentityProperties smithy.Properties - SignerProperties smithy.Properties -} - -func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { - return &resolvedAuthScheme{ - Scheme: scheme, - IdentityProperties: option.IdentityProperties, - SignerProperties: option.SignerProperties, - } -} - -func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { - return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) -} - -func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { - v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) - return v -} - -type getIdentityMiddleware struct { - options Options -} - -func (*getIdentityMiddleware) ID() string { - return "GetIdentity" -} - -func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - innerCtx, span := tracing.StartSpan(ctx, "GetIdentity") - defer span.End() - - rscheme := getResolvedAuthScheme(innerCtx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - resolver := rscheme.Scheme.IdentityResolver(m.options) - if resolver == nil { - return out, metadata, fmt.Errorf("no identity resolver") - } - - identity, err := timeOperationMetric(ctx, "client.call.resolve_identity_duration", - func() (smithyauth.Identity, error) { - return resolver.GetIdentity(innerCtx, rscheme.IdentityProperties) - }, - func(o *metrics.RecordMetricOptions) { - o.Properties.Set("auth.scheme_id", rscheme.Scheme.SchemeID()) - }) - if err != nil { - return out, metadata, fmt.Errorf("get identity: %w", err) - } - - ctx = setIdentity(ctx, identity) - - span.End() - return next.HandleFinalize(ctx, in) -} - -type identityKey struct{} - -func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { - return middleware.WithStackValue(ctx, identityKey{}, identity) -} - -func getIdentity(ctx context.Context) smithyauth.Identity { - v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) - return v -} - -type signRequestMiddleware struct { - options Options -} - -func (*signRequestMiddleware) ID() string { - return "Signing" -} - -func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "SignRequest") - defer span.End() - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) - } - - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - identity := getIdentity(ctx) - if identity == nil { - return out, metadata, fmt.Errorf("no identity") - } - - signer := rscheme.Scheme.Signer() - if signer == nil { - return out, metadata, fmt.Errorf("no signer") - } - - _, err = timeOperationMetric(ctx, "client.call.signing_duration", func() (any, error) { - return nil, signer.SignRequest(ctx, req, identity, rscheme.SignerProperties) - }, func(o *metrics.RecordMetricOptions) { - o.Properties.Set("auth.scheme_id", rscheme.Scheme.SchemeID()) - }) - if err != nil { - return out, metadata, fmt.Errorf("sign request: %w", err) - } - - span.End() - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/deserializers.go deleted file mode 100644 index 636683cc..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/deserializers.go +++ /dev/null @@ -1,6094 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "bytes" - "context" - "encoding/base64" - "encoding/json" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws/protocol/restjson" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - smithy "github.com/aws/smithy-go" - smithyio "github.com/aws/smithy-go/io" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/ptr" - smithytime "github.com/aws/smithy-go/time" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "io" - "io/ioutil" - "strings" - "time" -) - -func deserializeS3Expires(v string) (*time.Time, error) { - t, err := smithytime.ParseHTTPDate(v) - if err != nil { - return nil, nil - } - return &t, nil -} - -type awsAwsjson11_deserializeOpBatchGetSecretValue struct { -} - -func (*awsAwsjson11_deserializeOpBatchGetSecretValue) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpBatchGetSecretValue) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorBatchGetSecretValue(response, &metadata) - } - output := &BatchGetSecretValueOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentBatchGetSecretValueOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorBatchGetSecretValue(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("DecryptionFailure", errorCode): - return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) - - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidNextTokenException", errorCode): - return awsAwsjson11_deserializeErrorInvalidNextTokenException(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpCancelRotateSecret struct { -} - -func (*awsAwsjson11_deserializeOpCancelRotateSecret) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpCancelRotateSecret) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorCancelRotateSecret(response, &metadata) - } - output := &CancelRotateSecretOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentCancelRotateSecretOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorCancelRotateSecret(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpCreateSecret struct { -} - -func (*awsAwsjson11_deserializeOpCreateSecret) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpCreateSecret) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorCreateSecret(response, &metadata) - } - output := &CreateSecretOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentCreateSecretOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorCreateSecret(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("DecryptionFailure", errorCode): - return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) - - case strings.EqualFold("EncryptionFailure", errorCode): - return awsAwsjson11_deserializeErrorEncryptionFailure(response, errorBody) - - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("LimitExceededException", errorCode): - return awsAwsjson11_deserializeErrorLimitExceededException(response, errorBody) - - case strings.EqualFold("MalformedPolicyDocumentException", errorCode): - return awsAwsjson11_deserializeErrorMalformedPolicyDocumentException(response, errorBody) - - case strings.EqualFold("PreconditionNotMetException", errorCode): - return awsAwsjson11_deserializeErrorPreconditionNotMetException(response, errorBody) - - case strings.EqualFold("ResourceExistsException", errorCode): - return awsAwsjson11_deserializeErrorResourceExistsException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpDeleteResourcePolicy struct { -} - -func (*awsAwsjson11_deserializeOpDeleteResourcePolicy) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpDeleteResourcePolicy) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorDeleteResourcePolicy(response, &metadata) - } - output := &DeleteResourcePolicyOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentDeleteResourcePolicyOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorDeleteResourcePolicy(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpDeleteSecret struct { -} - -func (*awsAwsjson11_deserializeOpDeleteSecret) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpDeleteSecret) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorDeleteSecret(response, &metadata) - } - output := &DeleteSecretOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentDeleteSecretOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorDeleteSecret(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpDescribeSecret struct { -} - -func (*awsAwsjson11_deserializeOpDescribeSecret) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpDescribeSecret) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorDescribeSecret(response, &metadata) - } - output := &DescribeSecretOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentDescribeSecretOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorDescribeSecret(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpGetRandomPassword struct { -} - -func (*awsAwsjson11_deserializeOpGetRandomPassword) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpGetRandomPassword) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorGetRandomPassword(response, &metadata) - } - output := &GetRandomPasswordOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentGetRandomPasswordOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorGetRandomPassword(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpGetResourcePolicy struct { -} - -func (*awsAwsjson11_deserializeOpGetResourcePolicy) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpGetResourcePolicy) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorGetResourcePolicy(response, &metadata) - } - output := &GetResourcePolicyOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentGetResourcePolicyOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorGetResourcePolicy(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpGetSecretValue struct { -} - -func (*awsAwsjson11_deserializeOpGetSecretValue) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpGetSecretValue) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorGetSecretValue(response, &metadata) - } - output := &GetSecretValueOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentGetSecretValueOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorGetSecretValue(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("DecryptionFailure", errorCode): - return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) - - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpListSecrets struct { -} - -func (*awsAwsjson11_deserializeOpListSecrets) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpListSecrets) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorListSecrets(response, &metadata) - } - output := &ListSecretsOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentListSecretsOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorListSecrets(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidNextTokenException", errorCode): - return awsAwsjson11_deserializeErrorInvalidNextTokenException(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpListSecretVersionIds struct { -} - -func (*awsAwsjson11_deserializeOpListSecretVersionIds) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpListSecretVersionIds) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorListSecretVersionIds(response, &metadata) - } - output := &ListSecretVersionIdsOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentListSecretVersionIdsOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorListSecretVersionIds(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidNextTokenException", errorCode): - return awsAwsjson11_deserializeErrorInvalidNextTokenException(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpPutResourcePolicy struct { -} - -func (*awsAwsjson11_deserializeOpPutResourcePolicy) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpPutResourcePolicy) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorPutResourcePolicy(response, &metadata) - } - output := &PutResourcePolicyOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentPutResourcePolicyOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorPutResourcePolicy(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("MalformedPolicyDocumentException", errorCode): - return awsAwsjson11_deserializeErrorMalformedPolicyDocumentException(response, errorBody) - - case strings.EqualFold("PublicPolicyException", errorCode): - return awsAwsjson11_deserializeErrorPublicPolicyException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpPutSecretValue struct { -} - -func (*awsAwsjson11_deserializeOpPutSecretValue) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpPutSecretValue) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorPutSecretValue(response, &metadata) - } - output := &PutSecretValueOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentPutSecretValueOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorPutSecretValue(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("DecryptionFailure", errorCode): - return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) - - case strings.EqualFold("EncryptionFailure", errorCode): - return awsAwsjson11_deserializeErrorEncryptionFailure(response, errorBody) - - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("LimitExceededException", errorCode): - return awsAwsjson11_deserializeErrorLimitExceededException(response, errorBody) - - case strings.EqualFold("ResourceExistsException", errorCode): - return awsAwsjson11_deserializeErrorResourceExistsException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpRemoveRegionsFromReplication struct { -} - -func (*awsAwsjson11_deserializeOpRemoveRegionsFromReplication) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpRemoveRegionsFromReplication) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorRemoveRegionsFromReplication(response, &metadata) - } - output := &RemoveRegionsFromReplicationOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentRemoveRegionsFromReplicationOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorRemoveRegionsFromReplication(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpReplicateSecretToRegions struct { -} - -func (*awsAwsjson11_deserializeOpReplicateSecretToRegions) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpReplicateSecretToRegions) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorReplicateSecretToRegions(response, &metadata) - } - output := &ReplicateSecretToRegionsOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentReplicateSecretToRegionsOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorReplicateSecretToRegions(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpRestoreSecret struct { -} - -func (*awsAwsjson11_deserializeOpRestoreSecret) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpRestoreSecret) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorRestoreSecret(response, &metadata) - } - output := &RestoreSecretOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentRestoreSecretOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorRestoreSecret(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpRotateSecret struct { -} - -func (*awsAwsjson11_deserializeOpRotateSecret) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpRotateSecret) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorRotateSecret(response, &metadata) - } - output := &RotateSecretOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentRotateSecretOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorRotateSecret(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpStopReplicationToReplica struct { -} - -func (*awsAwsjson11_deserializeOpStopReplicationToReplica) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpStopReplicationToReplica) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorStopReplicationToReplica(response, &metadata) - } - output := &StopReplicationToReplicaOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentStopReplicationToReplicaOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorStopReplicationToReplica(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpTagResource struct { -} - -func (*awsAwsjson11_deserializeOpTagResource) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpTagResource) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorTagResource(response, &metadata) - } - output := &TagResourceOutput{} - out.Result = output - - if _, err = io.Copy(ioutil.Discard, response.Body); err != nil { - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to discard response body, %w", err), - } - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorTagResource(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpUntagResource struct { -} - -func (*awsAwsjson11_deserializeOpUntagResource) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpUntagResource) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorUntagResource(response, &metadata) - } - output := &UntagResourceOutput{} - out.Result = output - - if _, err = io.Copy(ioutil.Discard, response.Body); err != nil { - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to discard response body, %w", err), - } - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorUntagResource(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpUpdateSecret struct { -} - -func (*awsAwsjson11_deserializeOpUpdateSecret) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpUpdateSecret) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorUpdateSecret(response, &metadata) - } - output := &UpdateSecretOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentUpdateSecretOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorUpdateSecret(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("DecryptionFailure", errorCode): - return awsAwsjson11_deserializeErrorDecryptionFailure(response, errorBody) - - case strings.EqualFold("EncryptionFailure", errorCode): - return awsAwsjson11_deserializeErrorEncryptionFailure(response, errorBody) - - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("LimitExceededException", errorCode): - return awsAwsjson11_deserializeErrorLimitExceededException(response, errorBody) - - case strings.EqualFold("MalformedPolicyDocumentException", errorCode): - return awsAwsjson11_deserializeErrorMalformedPolicyDocumentException(response, errorBody) - - case strings.EqualFold("PreconditionNotMetException", errorCode): - return awsAwsjson11_deserializeErrorPreconditionNotMetException(response, errorBody) - - case strings.EqualFold("ResourceExistsException", errorCode): - return awsAwsjson11_deserializeErrorResourceExistsException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpUpdateSecretVersionStage struct { -} - -func (*awsAwsjson11_deserializeOpUpdateSecretVersionStage) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpUpdateSecretVersionStage) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorUpdateSecretVersionStage(response, &metadata) - } - output := &UpdateSecretVersionStageOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentUpdateSecretVersionStageOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorUpdateSecretVersionStage(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("LimitExceededException", errorCode): - return awsAwsjson11_deserializeErrorLimitExceededException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsjson11_deserializeOpValidateResourcePolicy struct { -} - -func (*awsAwsjson11_deserializeOpValidateResourcePolicy) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsjson11_deserializeOpValidateResourcePolicy) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsjson11_deserializeOpErrorValidateResourcePolicy(response, &metadata) - } - output := &ValidateResourcePolicyOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsAwsjson11_deserializeOpDocumentValidateResourcePolicyOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsjson11_deserializeOpErrorValidateResourcePolicy(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - bodyInfo, err := getProtocolErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if typ, ok := resolveProtocolErrorType(headerCode, bodyInfo); ok { - errorCode = restjson.SanitizeErrorCode(typ) - } - if len(bodyInfo.Message) != 0 { - errorMessage = bodyInfo.Message - } - switch { - case strings.EqualFold("InternalServiceError", errorCode): - return awsAwsjson11_deserializeErrorInternalServiceError(response, errorBody) - - case strings.EqualFold("InvalidParameterException", errorCode): - return awsAwsjson11_deserializeErrorInvalidParameterException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsAwsjson11_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("MalformedPolicyDocumentException", errorCode): - return awsAwsjson11_deserializeErrorMalformedPolicyDocumentException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsAwsjson11_deserializeErrorResourceNotFoundException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsAwsjson11_deserializeErrorDecryptionFailure(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.DecryptionFailure{} - err := awsAwsjson11_deserializeDocumentDecryptionFailure(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorEncryptionFailure(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.EncryptionFailure{} - err := awsAwsjson11_deserializeDocumentEncryptionFailure(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorInternalServiceError(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.InternalServiceError{} - err := awsAwsjson11_deserializeDocumentInternalServiceError(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorInvalidNextTokenException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.InvalidNextTokenException{} - err := awsAwsjson11_deserializeDocumentInvalidNextTokenException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorInvalidParameterException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.InvalidParameterException{} - err := awsAwsjson11_deserializeDocumentInvalidParameterException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorInvalidRequestException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.InvalidRequestException{} - err := awsAwsjson11_deserializeDocumentInvalidRequestException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorLimitExceededException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.LimitExceededException{} - err := awsAwsjson11_deserializeDocumentLimitExceededException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorMalformedPolicyDocumentException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.MalformedPolicyDocumentException{} - err := awsAwsjson11_deserializeDocumentMalformedPolicyDocumentException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorPreconditionNotMetException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.PreconditionNotMetException{} - err := awsAwsjson11_deserializeDocumentPreconditionNotMetException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorPublicPolicyException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.PublicPolicyException{} - err := awsAwsjson11_deserializeDocumentPublicPolicyException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorResourceExistsException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.ResourceExistsException{} - err := awsAwsjson11_deserializeDocumentResourceExistsException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeErrorResourceNotFoundException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - output := &types.ResourceNotFoundException{} - err := awsAwsjson11_deserializeDocumentResourceNotFoundException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - return output -} - -func awsAwsjson11_deserializeDocumentAPIErrorListType(v *[]types.APIErrorType, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.APIErrorType - if *v == nil { - cv = []types.APIErrorType{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.APIErrorType - destAddr := &col - if err := awsAwsjson11_deserializeDocumentAPIErrorType(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeDocumentAPIErrorType(v **types.APIErrorType, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.APIErrorType - if *v == nil { - sv = &types.APIErrorType{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ErrorCode": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorCode to be of type string, got %T instead", value) - } - sv.ErrorCode = ptr.String(jtv) - } - - case "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - case "SecretId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretIdType to be of type string, got %T instead", value) - } - sv.SecretId = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentDecryptionFailure(v **types.DecryptionFailure, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.DecryptionFailure - if *v == nil { - sv = &types.DecryptionFailure{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentEncryptionFailure(v **types.EncryptionFailure, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.EncryptionFailure - if *v == nil { - sv = &types.EncryptionFailure{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentInternalServiceError(v **types.InternalServiceError, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InternalServiceError - if *v == nil { - sv = &types.InternalServiceError{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentInvalidNextTokenException(v **types.InvalidNextTokenException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidNextTokenException - if *v == nil { - sv = &types.InvalidNextTokenException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentInvalidParameterException(v **types.InvalidParameterException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidParameterException - if *v == nil { - sv = &types.InvalidParameterException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentInvalidRequestException(v **types.InvalidRequestException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidRequestException - if *v == nil { - sv = &types.InvalidRequestException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentKmsKeyIdListType(v *[]string, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []string - if *v == nil { - cv = []string{} - } else { - cv = *v - } - - for _, value := range shape { - var col string - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected KmsKeyIdType to be of type string, got %T instead", value) - } - col = jtv - } - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeDocumentLimitExceededException(v **types.LimitExceededException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.LimitExceededException - if *v == nil { - sv = &types.LimitExceededException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentMalformedPolicyDocumentException(v **types.MalformedPolicyDocumentException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.MalformedPolicyDocumentException - if *v == nil { - sv = &types.MalformedPolicyDocumentException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentPreconditionNotMetException(v **types.PreconditionNotMetException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.PreconditionNotMetException - if *v == nil { - sv = &types.PreconditionNotMetException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentPublicPolicyException(v **types.PublicPolicyException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.PublicPolicyException - if *v == nil { - sv = &types.PublicPolicyException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentReplicationStatusListType(v *[]types.ReplicationStatusType, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.ReplicationStatusType - if *v == nil { - cv = []types.ReplicationStatusType{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.ReplicationStatusType - destAddr := &col - if err := awsAwsjson11_deserializeDocumentReplicationStatusType(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeDocumentReplicationStatusType(v **types.ReplicationStatusType, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.ReplicationStatusType - if *v == nil { - sv = &types.ReplicationStatusType{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "KmsKeyId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected KmsKeyIdType to be of type string, got %T instead", value) - } - sv.KmsKeyId = ptr.String(jtv) - } - - case "LastAccessedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.LastAccessedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected LastAccessedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "Region": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RegionType to be of type string, got %T instead", value) - } - sv.Region = ptr.String(jtv) - } - - case "Status": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected StatusType to be of type string, got %T instead", value) - } - sv.Status = types.StatusType(jtv) - } - - case "StatusMessage": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected StatusMessageType to be of type string, got %T instead", value) - } - sv.StatusMessage = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentResourceExistsException(v **types.ResourceExistsException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.ResourceExistsException - if *v == nil { - sv = &types.ResourceExistsException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentResourceNotFoundException(v **types.ResourceNotFoundException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.ResourceNotFoundException - if *v == nil { - sv = &types.ResourceNotFoundException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentRotationRulesType(v **types.RotationRulesType, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.RotationRulesType - if *v == nil { - sv = &types.RotationRulesType{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "AutomaticallyAfterDays": - if value != nil { - jtv, ok := value.(json.Number) - if !ok { - return fmt.Errorf("expected AutomaticallyRotateAfterDaysType to be json.Number, got %T instead", value) - } - i64, err := jtv.Int64() - if err != nil { - return err - } - sv.AutomaticallyAfterDays = ptr.Int64(i64) - } - - case "Duration": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected DurationType to be of type string, got %T instead", value) - } - sv.Duration = ptr.String(jtv) - } - - case "ScheduleExpression": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ScheduleExpressionType to be of type string, got %T instead", value) - } - sv.ScheduleExpression = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentSecretListEntry(v **types.SecretListEntry, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.SecretListEntry - if *v == nil { - sv = &types.SecretListEntry{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "CreatedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.CreatedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected TimestampType to be a JSON Number, got %T instead", value) - - } - } - - case "DeletedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.DeletedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected DeletedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "Description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected DescriptionType to be of type string, got %T instead", value) - } - sv.Description = ptr.String(jtv) - } - - case "KmsKeyId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected KmsKeyIdType to be of type string, got %T instead", value) - } - sv.KmsKeyId = ptr.String(jtv) - } - - case "LastAccessedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.LastAccessedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected LastAccessedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "LastChangedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.LastChangedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected LastChangedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "LastRotatedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.LastRotatedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected LastRotatedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "NextRotationDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.NextRotationDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected NextRotationDateType to be a JSON Number, got %T instead", value) - - } - } - - case "OwningService": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected OwningServiceType to be of type string, got %T instead", value) - } - sv.OwningService = ptr.String(jtv) - } - - case "PrimaryRegion": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RegionType to be of type string, got %T instead", value) - } - sv.PrimaryRegion = ptr.String(jtv) - } - - case "RotationEnabled": - if value != nil { - jtv, ok := value.(bool) - if !ok { - return fmt.Errorf("expected RotationEnabledType to be of type *bool, got %T instead", value) - } - sv.RotationEnabled = ptr.Bool(jtv) - } - - case "RotationLambdaARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RotationLambdaARNType to be of type string, got %T instead", value) - } - sv.RotationLambdaARN = ptr.String(jtv) - } - - case "RotationRules": - if err := awsAwsjson11_deserializeDocumentRotationRulesType(&sv.RotationRules, value); err != nil { - return err - } - - case "SecretVersionsToStages": - if err := awsAwsjson11_deserializeDocumentSecretVersionsToStagesMapType(&sv.SecretVersionsToStages, value); err != nil { - return err - } - - case "Tags": - if err := awsAwsjson11_deserializeDocumentTagListType(&sv.Tags, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentSecretListType(v *[]types.SecretListEntry, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.SecretListEntry - if *v == nil { - cv = []types.SecretListEntry{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.SecretListEntry - destAddr := &col - if err := awsAwsjson11_deserializeDocumentSecretListEntry(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeDocumentSecretValueEntry(v **types.SecretValueEntry, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.SecretValueEntry - if *v == nil { - sv = &types.SecretValueEntry{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "CreatedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.CreatedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected CreatedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "SecretBinary": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretBinaryType to be []byte, got %T instead", value) - } - dv, err := base64.StdEncoding.DecodeString(jtv) - if err != nil { - return fmt.Errorf("failed to base64 decode SecretBinaryType, %w", err) - } - sv.SecretBinary = dv - } - - case "SecretString": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretStringType to be of type string, got %T instead", value) - } - sv.SecretString = ptr.String(jtv) - } - - case "VersionId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionIdType to be of type string, got %T instead", value) - } - sv.VersionId = ptr.String(jtv) - } - - case "VersionStages": - if err := awsAwsjson11_deserializeDocumentSecretVersionStagesType(&sv.VersionStages, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentSecretValuesType(v *[]types.SecretValueEntry, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.SecretValueEntry - if *v == nil { - cv = []types.SecretValueEntry{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.SecretValueEntry - destAddr := &col - if err := awsAwsjson11_deserializeDocumentSecretValueEntry(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeDocumentSecretVersionsListEntry(v **types.SecretVersionsListEntry, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.SecretVersionsListEntry - if *v == nil { - sv = &types.SecretVersionsListEntry{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "CreatedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.CreatedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected CreatedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "KmsKeyIds": - if err := awsAwsjson11_deserializeDocumentKmsKeyIdListType(&sv.KmsKeyIds, value); err != nil { - return err - } - - case "LastAccessedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.LastAccessedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected LastAccessedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "VersionId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionIdType to be of type string, got %T instead", value) - } - sv.VersionId = ptr.String(jtv) - } - - case "VersionStages": - if err := awsAwsjson11_deserializeDocumentSecretVersionStagesType(&sv.VersionStages, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentSecretVersionsListType(v *[]types.SecretVersionsListEntry, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.SecretVersionsListEntry - if *v == nil { - cv = []types.SecretVersionsListEntry{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.SecretVersionsListEntry - destAddr := &col - if err := awsAwsjson11_deserializeDocumentSecretVersionsListEntry(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeDocumentSecretVersionStagesType(v *[]string, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []string - if *v == nil { - cv = []string{} - } else { - cv = *v - } - - for _, value := range shape { - var col string - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionStageType to be of type string, got %T instead", value) - } - col = jtv - } - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeDocumentSecretVersionsToStagesMapType(v *map[string][]string, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var mv map[string][]string - if *v == nil { - mv = map[string][]string{} - } else { - mv = *v - } - - for key, value := range shape { - var parsedVal []string - mapVar := parsedVal - if err := awsAwsjson11_deserializeDocumentSecretVersionStagesType(&mapVar, value); err != nil { - return err - } - parsedVal = mapVar - mv[key] = parsedVal - - } - *v = mv - return nil -} - -func awsAwsjson11_deserializeDocumentTag(v **types.Tag, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.Tag - if *v == nil { - sv = &types.Tag{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "Key": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected TagKeyType to be of type string, got %T instead", value) - } - sv.Key = ptr.String(jtv) - } - - case "Value": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected TagValueType to be of type string, got %T instead", value) - } - sv.Value = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentTagListType(v *[]types.Tag, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.Tag - if *v == nil { - cv = []types.Tag{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.Tag - destAddr := &col - if err := awsAwsjson11_deserializeDocumentTag(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeDocumentValidationErrorsEntry(v **types.ValidationErrorsEntry, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.ValidationErrorsEntry - if *v == nil { - sv = &types.ValidationErrorsEntry{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "CheckName": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NameType to be of type string, got %T instead", value) - } - sv.CheckName = ptr.String(jtv) - } - - case "ErrorMessage": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorMessage to be of type string, got %T instead", value) - } - sv.ErrorMessage = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeDocumentValidationErrorsType(v *[]types.ValidationErrorsEntry, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.ValidationErrorsEntry - if *v == nil { - cv = []types.ValidationErrorsEntry{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.ValidationErrorsEntry - destAddr := &col - if err := awsAwsjson11_deserializeDocumentValidationErrorsEntry(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsAwsjson11_deserializeOpDocumentBatchGetSecretValueOutput(v **BatchGetSecretValueOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *BatchGetSecretValueOutput - if *v == nil { - sv = &BatchGetSecretValueOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "Errors": - if err := awsAwsjson11_deserializeDocumentAPIErrorListType(&sv.Errors, value); err != nil { - return err - } - - case "NextToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NextTokenType to be of type string, got %T instead", value) - } - sv.NextToken = ptr.String(jtv) - } - - case "SecretValues": - if err := awsAwsjson11_deserializeDocumentSecretValuesType(&sv.SecretValues, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentCancelRotateSecretOutput(v **CancelRotateSecretOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *CancelRotateSecretOutput - if *v == nil { - sv = &CancelRotateSecretOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "VersionId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionIdType to be of type string, got %T instead", value) - } - sv.VersionId = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentCreateSecretOutput(v **CreateSecretOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *CreateSecretOutput - if *v == nil { - sv = &CreateSecretOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "ReplicationStatus": - if err := awsAwsjson11_deserializeDocumentReplicationStatusListType(&sv.ReplicationStatus, value); err != nil { - return err - } - - case "VersionId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionIdType to be of type string, got %T instead", value) - } - sv.VersionId = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentDeleteResourcePolicyOutput(v **DeleteResourcePolicyOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *DeleteResourcePolicyOutput - if *v == nil { - sv = &DeleteResourcePolicyOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentDeleteSecretOutput(v **DeleteSecretOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *DeleteSecretOutput - if *v == nil { - sv = &DeleteSecretOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "DeletionDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.DeletionDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected DeletionDateType to be a JSON Number, got %T instead", value) - - } - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentDescribeSecretOutput(v **DescribeSecretOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *DescribeSecretOutput - if *v == nil { - sv = &DescribeSecretOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "CreatedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.CreatedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected TimestampType to be a JSON Number, got %T instead", value) - - } - } - - case "DeletedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.DeletedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected DeletedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "Description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected DescriptionType to be of type string, got %T instead", value) - } - sv.Description = ptr.String(jtv) - } - - case "KmsKeyId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected KmsKeyIdType to be of type string, got %T instead", value) - } - sv.KmsKeyId = ptr.String(jtv) - } - - case "LastAccessedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.LastAccessedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected LastAccessedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "LastChangedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.LastChangedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected LastChangedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "LastRotatedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.LastRotatedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected LastRotatedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "NextRotationDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.NextRotationDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected NextRotationDateType to be a JSON Number, got %T instead", value) - - } - } - - case "OwningService": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected OwningServiceType to be of type string, got %T instead", value) - } - sv.OwningService = ptr.String(jtv) - } - - case "PrimaryRegion": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RegionType to be of type string, got %T instead", value) - } - sv.PrimaryRegion = ptr.String(jtv) - } - - case "ReplicationStatus": - if err := awsAwsjson11_deserializeDocumentReplicationStatusListType(&sv.ReplicationStatus, value); err != nil { - return err - } - - case "RotationEnabled": - if value != nil { - jtv, ok := value.(bool) - if !ok { - return fmt.Errorf("expected RotationEnabledType to be of type *bool, got %T instead", value) - } - sv.RotationEnabled = ptr.Bool(jtv) - } - - case "RotationLambdaARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RotationLambdaARNType to be of type string, got %T instead", value) - } - sv.RotationLambdaARN = ptr.String(jtv) - } - - case "RotationRules": - if err := awsAwsjson11_deserializeDocumentRotationRulesType(&sv.RotationRules, value); err != nil { - return err - } - - case "Tags": - if err := awsAwsjson11_deserializeDocumentTagListType(&sv.Tags, value); err != nil { - return err - } - - case "VersionIdsToStages": - if err := awsAwsjson11_deserializeDocumentSecretVersionsToStagesMapType(&sv.VersionIdsToStages, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentGetRandomPasswordOutput(v **GetRandomPasswordOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *GetRandomPasswordOutput - if *v == nil { - sv = &GetRandomPasswordOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "RandomPassword": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RandomPasswordType to be of type string, got %T instead", value) - } - sv.RandomPassword = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentGetResourcePolicyOutput(v **GetResourcePolicyOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *GetResourcePolicyOutput - if *v == nil { - sv = &GetResourcePolicyOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "ResourcePolicy": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NonEmptyResourcePolicyType to be of type string, got %T instead", value) - } - sv.ResourcePolicy = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentGetSecretValueOutput(v **GetSecretValueOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *GetSecretValueOutput - if *v == nil { - sv = &GetSecretValueOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "CreatedDate": - if value != nil { - switch jtv := value.(type) { - case json.Number: - f64, err := jtv.Float64() - if err != nil { - return err - } - sv.CreatedDate = ptr.Time(smithytime.ParseEpochSeconds(f64)) - - default: - return fmt.Errorf("expected CreatedDateType to be a JSON Number, got %T instead", value) - - } - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "SecretBinary": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretBinaryType to be []byte, got %T instead", value) - } - dv, err := base64.StdEncoding.DecodeString(jtv) - if err != nil { - return fmt.Errorf("failed to base64 decode SecretBinaryType, %w", err) - } - sv.SecretBinary = dv - } - - case "SecretString": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretStringType to be of type string, got %T instead", value) - } - sv.SecretString = ptr.String(jtv) - } - - case "VersionId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionIdType to be of type string, got %T instead", value) - } - sv.VersionId = ptr.String(jtv) - } - - case "VersionStages": - if err := awsAwsjson11_deserializeDocumentSecretVersionStagesType(&sv.VersionStages, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentListSecretsOutput(v **ListSecretsOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *ListSecretsOutput - if *v == nil { - sv = &ListSecretsOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "NextToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NextTokenType to be of type string, got %T instead", value) - } - sv.NextToken = ptr.String(jtv) - } - - case "SecretList": - if err := awsAwsjson11_deserializeDocumentSecretListType(&sv.SecretList, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentListSecretVersionIdsOutput(v **ListSecretVersionIdsOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *ListSecretVersionIdsOutput - if *v == nil { - sv = &ListSecretVersionIdsOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "NextToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NextTokenType to be of type string, got %T instead", value) - } - sv.NextToken = ptr.String(jtv) - } - - case "Versions": - if err := awsAwsjson11_deserializeDocumentSecretVersionsListType(&sv.Versions, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentPutResourcePolicyOutput(v **PutResourcePolicyOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *PutResourcePolicyOutput - if *v == nil { - sv = &PutResourcePolicyOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentPutSecretValueOutput(v **PutSecretValueOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *PutSecretValueOutput - if *v == nil { - sv = &PutSecretValueOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "VersionId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionIdType to be of type string, got %T instead", value) - } - sv.VersionId = ptr.String(jtv) - } - - case "VersionStages": - if err := awsAwsjson11_deserializeDocumentSecretVersionStagesType(&sv.VersionStages, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentRemoveRegionsFromReplicationOutput(v **RemoveRegionsFromReplicationOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *RemoveRegionsFromReplicationOutput - if *v == nil { - sv = &RemoveRegionsFromReplicationOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "ReplicationStatus": - if err := awsAwsjson11_deserializeDocumentReplicationStatusListType(&sv.ReplicationStatus, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentReplicateSecretToRegionsOutput(v **ReplicateSecretToRegionsOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *ReplicateSecretToRegionsOutput - if *v == nil { - sv = &ReplicateSecretToRegionsOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "ReplicationStatus": - if err := awsAwsjson11_deserializeDocumentReplicationStatusListType(&sv.ReplicationStatus, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentRestoreSecretOutput(v **RestoreSecretOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *RestoreSecretOutput - if *v == nil { - sv = &RestoreSecretOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentRotateSecretOutput(v **RotateSecretOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *RotateSecretOutput - if *v == nil { - sv = &RotateSecretOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "VersionId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionIdType to be of type string, got %T instead", value) - } - sv.VersionId = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentStopReplicationToReplicaOutput(v **StopReplicationToReplicaOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *StopReplicationToReplicaOutput - if *v == nil { - sv = &StopReplicationToReplicaOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentUpdateSecretOutput(v **UpdateSecretOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *UpdateSecretOutput - if *v == nil { - sv = &UpdateSecretOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - case "VersionId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretVersionIdType to be of type string, got %T instead", value) - } - sv.VersionId = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentUpdateSecretVersionStageOutput(v **UpdateSecretVersionStageOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *UpdateSecretVersionStageOutput - if *v == nil { - sv = &UpdateSecretVersionStageOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "ARN": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretARNType to be of type string, got %T instead", value) - } - sv.ARN = ptr.String(jtv) - } - - case "Name": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretNameType to be of type string, got %T instead", value) - } - sv.Name = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsAwsjson11_deserializeOpDocumentValidateResourcePolicyOutput(v **ValidateResourcePolicyOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *ValidateResourcePolicyOutput - if *v == nil { - sv = &ValidateResourcePolicyOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "PolicyValidationPassed": - if value != nil { - jtv, ok := value.(bool) - if !ok { - return fmt.Errorf("expected BooleanType to be of type *bool, got %T instead", value) - } - sv.PolicyValidationPassed = jtv - } - - case "ValidationErrors": - if err := awsAwsjson11_deserializeDocumentValidationErrorsType(&sv.ValidationErrors, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -type protocolErrorInfo struct { - Type string `json:"__type"` - Message string - Code any // nonstandard for awsjson but some services do present the type here -} - -func getProtocolErrorInfo(decoder *json.Decoder) (protocolErrorInfo, error) { - var errInfo protocolErrorInfo - if err := decoder.Decode(&errInfo); err != nil { - if err == io.EOF { - return errInfo, nil - } - return errInfo, err - } - - return errInfo, nil -} - -func resolveProtocolErrorType(headerType string, bodyInfo protocolErrorInfo) (string, bool) { - if len(headerType) != 0 { - return headerType, true - } else if len(bodyInfo.Type) != 0 { - return bodyInfo.Type, true - } else if code, ok := bodyInfo.Code.(string); ok && len(code) != 0 { - return code, true - } - return "", false -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/doc.go deleted file mode 100644 index 2d0ba2e6..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/doc.go +++ /dev/null @@ -1,45 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -// Package secretsmanager provides the API client, operations, and parameter types -// for AWS Secrets Manager. -// -// # Amazon Web Services Secrets Manager -// -// Amazon Web Services Secrets Manager provides a service to enable you to store, -// manage, and retrieve, secrets. -// -// This guide provides descriptions of the Secrets Manager API. For more -// information about using this service, see the [Amazon Web Services Secrets Manager User Guide]. -// -// # API Version -// -// This version of the Secrets Manager API Reference documents the Secrets Manager -// API version 2017-10-17. -// -// For a list of endpoints, see [Amazon Web Services Secrets Manager endpoints]. -// -// # Support and Feedback for Amazon Web Services Secrets Manager -// -// We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com, or post your feedback and -// questions in the [Amazon Web Services Secrets Manager Discussion Forum]. For more information about the Amazon Web Services -// Discussion Forums, see [Forums Help]. -// -// # Logging API Requests -// -// Amazon Web Services Secrets Manager supports Amazon Web Services CloudTrail, a -// service that records Amazon Web Services API calls for your Amazon Web Services -// account and delivers log files to an Amazon S3 bucket. By using information -// that's collected by Amazon Web Services CloudTrail, you can determine the -// requests successfully made to Secrets Manager, who made the request, when it was -// made, and so on. For more about Amazon Web Services Secrets Manager and support -// for Amazon Web Services CloudTrail, see [Logging Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail]in the Amazon Web Services Secrets -// Manager User Guide. To learn more about CloudTrail, including enabling it and -// find your log files, see the [Amazon Web Services CloudTrail User Guide]. -// -// [Forums Help]: http://forums.aws.amazon.com/help.jspa -// [Amazon Web Services CloudTrail User Guide]: https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html -// [Amazon Web Services Secrets Manager endpoints]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html#endpoints -// [Amazon Web Services Secrets Manager User Guide]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/introduction.html -// [Amazon Web Services Secrets Manager Discussion Forum]: http://forums.aws.amazon.com/forum.jspa?forumID=296 -// [Logging Amazon Web Services Secrets Manager Events with Amazon Web Services CloudTrail]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/monitoring.html#monitoring_cloudtrail -package secretsmanager diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/endpoints.go deleted file mode 100644 index 1a009249..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/endpoints.go +++ /dev/null @@ -1,632 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" - "github.com/aws/aws-sdk-go-v2/internal/endpoints" - "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" - internalendpoints "github.com/aws/aws-sdk-go-v2/service/secretsmanager/internal/endpoints" - smithyauth "github.com/aws/smithy-go/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/ptr" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net/http" - "net/url" - "os" - "strings" -) - -// EndpointResolverOptions is the service endpoint resolver options -type EndpointResolverOptions = internalendpoints.Options - -// EndpointResolver interface for resolving service endpoints. -type EndpointResolver interface { - ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error) -} - -var _ EndpointResolver = &internalendpoints.Resolver{} - -// NewDefaultEndpointResolver constructs a new service endpoint resolver -func NewDefaultEndpointResolver() *internalendpoints.Resolver { - return internalendpoints.New() -} - -// EndpointResolverFunc is a helper utility that wraps a function so it satisfies -// the EndpointResolver interface. This is useful when you want to add additional -// endpoint resolving logic, or stub out specific endpoints with custom values. -type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error) - -func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { - return fn(region, options) -} - -// EndpointResolverFromURL returns an EndpointResolver configured using the -// provided endpoint url. By default, the resolved endpoint resolver uses the -// client region as signing region, and the endpoint source is set to -// EndpointSourceCustom.You can provide functional options to configure endpoint -// values for the resolved endpoint. -func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver { - e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom} - for _, fn := range optFns { - fn(&e) - } - - return EndpointResolverFunc( - func(region string, options EndpointResolverOptions) (aws.Endpoint, error) { - if len(e.SigningRegion) == 0 { - e.SigningRegion = region - } - return e, nil - }, - ) -} - -type ResolveEndpoint struct { - Resolver EndpointResolver - Options EndpointResolverOptions -} - -func (*ResolveEndpoint) ID() string { - return "ResolveEndpoint" -} - -func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.Resolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - eo := m.Options - eo.Logger = middleware.GetLogger(ctx) - - var endpoint aws.Endpoint - endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo) - if err != nil { - nf := (&aws.EndpointNotFoundError{}) - if errors.As(err, &nf) { - ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false) - return next.HandleSerialize(ctx, in) - } - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL, err = url.Parse(endpoint.URL) - if err != nil { - return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err) - } - - if len(awsmiddleware.GetSigningName(ctx)) == 0 { - signingName := endpoint.SigningName - if len(signingName) == 0 { - signingName = "secretsmanager" - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - } - ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source) - ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable) - ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion) - ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID) - return next.HandleSerialize(ctx, in) -} -func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error { - return stack.Serialize.Insert(&ResolveEndpoint{ - Resolver: o.EndpointResolver, - Options: o.EndpointOptions, - }, "OperationSerializer", middleware.Before) -} - -func removeResolveEndpointMiddleware(stack *middleware.Stack) error { - _, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID()) - return err -} - -type wrappedEndpointResolver struct { - awsResolver aws.EndpointResolverWithOptions -} - -func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { - return w.awsResolver.ResolveEndpoint(ServiceID, region, options) -} - -type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error) - -func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) { - return a(service, region) -} - -var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil) - -// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver. -// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error, -// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked -// via its middleware. -// -// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated. -func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver { - var resolver aws.EndpointResolverWithOptions - - if awsResolverWithOptions != nil { - resolver = awsResolverWithOptions - } else if awsResolver != nil { - resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint) - } - - return &wrappedEndpointResolver{ - awsResolver: resolver, - } -} - -func finalizeClientEndpointResolverOptions(options *Options) { - options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage() - - if len(options.EndpointOptions.ResolvedRegion) == 0 { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(options.Region, fipsInfix) || - strings.Contains(options.Region, fipsPrefix) || - strings.Contains(options.Region, fipsSuffix) { - options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( - options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") - options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled - } - } - -} - -func resolveEndpointResolverV2(options *Options) { - if options.EndpointResolverV2 == nil { - options.EndpointResolverV2 = NewDefaultEndpointResolverV2() - } -} - -func resolveBaseEndpoint(cfg aws.Config, o *Options) { - if cfg.BaseEndpoint != nil { - o.BaseEndpoint = cfg.BaseEndpoint - } - - _, g := os.LookupEnv("AWS_ENDPOINT_URL") - _, s := os.LookupEnv("AWS_ENDPOINT_URL_SECRETS_MANAGER") - - if g && !s { - return - } - - value, found, err := internalConfig.ResolveServiceBaseEndpoint(context.Background(), "Secrets Manager", cfg.ConfigSources) - if found && err == nil { - o.BaseEndpoint = &value - } -} - -func bindRegion(region string) *string { - if region == "" { - return nil - } - return aws.String(endpoints.MapFIPSRegion(region)) -} - -// EndpointParameters provides the parameters that influence how endpoints are -// resolved. -type EndpointParameters struct { - // The AWS region used to dispatch the request. - // - // Parameter is - // required. - // - // AWS::Region - Region *string - - // When true, use the dual-stack endpoint. If the configured endpoint does not - // support dual-stack, dispatching the request MAY return an error. - // - // Defaults to - // false if no value is provided. - // - // AWS::UseDualStack - UseDualStack *bool - - // When true, send this request to the FIPS-compliant regional endpoint. If the - // configured endpoint does not have a FIPS compliant endpoint, dispatching the - // request will return an error. - // - // Defaults to false if no value is - // provided. - // - // AWS::UseFIPS - UseFIPS *bool - - // Override the endpoint used to send this request - // - // Parameter is - // required. - // - // SDK::Endpoint - Endpoint *string -} - -// ValidateRequired validates required parameters are set. -func (p EndpointParameters) ValidateRequired() error { - if p.UseDualStack == nil { - return fmt.Errorf("parameter UseDualStack is required") - } - - if p.UseFIPS == nil { - return fmt.Errorf("parameter UseFIPS is required") - } - - return nil -} - -// WithDefaults returns a shallow copy of EndpointParameterswith default values -// applied to members where applicable. -func (p EndpointParameters) WithDefaults() EndpointParameters { - if p.UseDualStack == nil { - p.UseDualStack = ptr.Bool(false) - } - - if p.UseFIPS == nil { - p.UseFIPS = ptr.Bool(false) - } - return p -} - -type stringSlice []string - -func (s stringSlice) Get(i int) *string { - if i < 0 || i >= len(s) { - return nil - } - - v := s[i] - return &v -} - -// EndpointResolverV2 provides the interface for resolving service endpoints. -type EndpointResolverV2 interface { - // ResolveEndpoint attempts to resolve the endpoint with the provided options, - // returning the endpoint if found. Otherwise an error is returned. - ResolveEndpoint(ctx context.Context, params EndpointParameters) ( - smithyendpoints.Endpoint, error, - ) -} - -// resolver provides the implementation for resolving endpoints. -type resolver struct{} - -func NewDefaultEndpointResolverV2() EndpointResolverV2 { - return &resolver{} -} - -// ResolveEndpoint attempts to resolve the endpoint with the provided options, -// returning the endpoint if found. Otherwise an error is returned. -func (r *resolver) ResolveEndpoint( - ctx context.Context, params EndpointParameters, -) ( - endpoint smithyendpoints.Endpoint, err error, -) { - params = params.WithDefaults() - if err = params.ValidateRequired(); err != nil { - return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err) - } - _UseDualStack := *params.UseDualStack - _UseFIPS := *params.UseFIPS - - if exprVal := params.Endpoint; exprVal != nil { - _Endpoint := *exprVal - _ = _Endpoint - if _UseFIPS == true { - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported") - } - if _UseDualStack == true { - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported") - } - uriString := _Endpoint - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - if exprVal := params.Region; exprVal != nil { - _Region := *exprVal - _ = _Region - if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil { - _PartitionResult := *exprVal - _ = _PartitionResult - if _UseFIPS == true { - if _UseDualStack == true { - if true == _PartitionResult.SupportsFIPS { - if true == _PartitionResult.SupportsDualStack { - if "aws" == _PartitionResult.Name { - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager-fips.") - out.WriteString(_Region) - out.WriteString(".amazonaws.com") - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - if "aws-us-gov" == _PartitionResult.Name { - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager-fips.") - out.WriteString(_Region) - out.WriteString(".amazonaws.com") - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager-fips.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DualStackDnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both") - } - } - if _UseFIPS == true { - if _PartitionResult.SupportsFIPS == true { - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager-fips.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS") - } - if _UseDualStack == true { - if true == _PartitionResult.SupportsDualStack { - if "aws" == _PartitionResult.Name { - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager.") - out.WriteString(_Region) - out.WriteString(".amazonaws.com") - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - if "aws-cn" == _PartitionResult.Name { - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager.") - out.WriteString(_Region) - out.WriteString(".amazonaws.com.cn") - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - if "aws-us-gov" == _PartitionResult.Name { - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager.") - out.WriteString(_Region) - out.WriteString(".amazonaws.com") - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DualStackDnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack") - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://secretsmanager.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.") - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region") -} - -type endpointParamsBinder interface { - bindEndpointParams(*EndpointParameters) -} - -func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { - params := &EndpointParameters{} - - params.Region = bindRegion(options.Region) - params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) - params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) - params.Endpoint = options.BaseEndpoint - - if b, ok := input.(endpointParamsBinder); ok { - b.bindEndpointParams(params) - } - - return params -} - -type resolveEndpointV2Middleware struct { - options Options -} - -func (*resolveEndpointV2Middleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "ResolveEndpoint") - defer span.End() - - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleFinalize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.options.EndpointResolverV2 == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) - endpt, err := timeOperationMetric(ctx, "client.call.resolve_endpoint_duration", - func() (smithyendpoints.Endpoint, error) { - return m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) - }) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - span.SetProperty("client.call.resolved_endpoint", endpt.URI.String()) - - if endpt.URI.RawPath == "" && req.URL.RawPath != "" { - endpt.URI.RawPath = endpt.URI.Path - } - req.URL.Scheme = endpt.URI.Scheme - req.URL.Host = endpt.URI.Host - req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) - req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) - for k := range endpt.Headers { - req.Header.Set(k, endpt.Headers.Get(k)) - } - - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) - for _, o := range opts { - rscheme.SignerProperties.SetAll(&o.SignerProperties) - } - - span.End() - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/generated.json deleted file mode 100644 index de89e16b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/generated.json +++ /dev/null @@ -1,56 +0,0 @@ -{ - "dependencies": { - "github.com/aws/aws-sdk-go-v2": "v1.4.0", - "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000", - "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000", - "github.com/aws/smithy-go": "v1.4.0" - }, - "files": [ - "api_client.go", - "api_client_test.go", - "api_op_BatchGetSecretValue.go", - "api_op_CancelRotateSecret.go", - "api_op_CreateSecret.go", - "api_op_DeleteResourcePolicy.go", - "api_op_DeleteSecret.go", - "api_op_DescribeSecret.go", - "api_op_GetRandomPassword.go", - "api_op_GetResourcePolicy.go", - "api_op_GetSecretValue.go", - "api_op_ListSecretVersionIds.go", - "api_op_ListSecrets.go", - "api_op_PutResourcePolicy.go", - "api_op_PutSecretValue.go", - "api_op_RemoveRegionsFromReplication.go", - "api_op_ReplicateSecretToRegions.go", - "api_op_RestoreSecret.go", - "api_op_RotateSecret.go", - "api_op_StopReplicationToReplica.go", - "api_op_TagResource.go", - "api_op_UntagResource.go", - "api_op_UpdateSecret.go", - "api_op_UpdateSecretVersionStage.go", - "api_op_ValidateResourcePolicy.go", - "auth.go", - "deserializers.go", - "doc.go", - "endpoints.go", - "endpoints_config_test.go", - "endpoints_test.go", - "generated.json", - "internal/endpoints/endpoints.go", - "internal/endpoints/endpoints_test.go", - "options.go", - "protocol_test.go", - "serializers.go", - "snapshot_test.go", - "sra_operation_order_test.go", - "types/enums.go", - "types/errors.go", - "types/types.go", - "validators.go" - ], - "go": "1.22", - "module": "github.com/aws/aws-sdk-go-v2/service/secretsmanager", - "unstable": false -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/go_module_metadata.go deleted file mode 100644 index 21cdbc26..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package secretsmanager - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.35.2" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/internal/endpoints/endpoints.go deleted file mode 100644 index 1ec0eb9f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/internal/endpoints/endpoints.go +++ /dev/null @@ -1,714 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package endpoints - -import ( - "github.com/aws/aws-sdk-go-v2/aws" - endpoints "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2" - "github.com/aws/smithy-go/logging" - "regexp" -) - -// Options is the endpoint resolver configuration options -type Options struct { - // Logger is a logging implementation that log events should be sent to. - Logger logging.Logger - - // LogDeprecated indicates that deprecated endpoints should be logged to the - // provided logger. - LogDeprecated bool - - // ResolvedRegion is used to override the region to be resolved, rather then the - // using the value passed to the ResolveEndpoint method. This value is used by the - // SDK to translate regions like fips-us-east-1 or us-east-1-fips to an alternative - // name. You must not set this value directly in your application. - ResolvedRegion string - - // DisableHTTPS informs the resolver to return an endpoint that does not use the - // HTTPS scheme. - DisableHTTPS bool - - // UseDualStackEndpoint specifies the resolver must resolve a dual-stack endpoint. - UseDualStackEndpoint aws.DualStackEndpointState - - // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. - UseFIPSEndpoint aws.FIPSEndpointState -} - -func (o Options) GetResolvedRegion() string { - return o.ResolvedRegion -} - -func (o Options) GetDisableHTTPS() bool { - return o.DisableHTTPS -} - -func (o Options) GetUseDualStackEndpoint() aws.DualStackEndpointState { - return o.UseDualStackEndpoint -} - -func (o Options) GetUseFIPSEndpoint() aws.FIPSEndpointState { - return o.UseFIPSEndpoint -} - -func transformToSharedOptions(options Options) endpoints.Options { - return endpoints.Options{ - Logger: options.Logger, - LogDeprecated: options.LogDeprecated, - ResolvedRegion: options.ResolvedRegion, - DisableHTTPS: options.DisableHTTPS, - UseDualStackEndpoint: options.UseDualStackEndpoint, - UseFIPSEndpoint: options.UseFIPSEndpoint, - } -} - -// Resolver Secrets Manager endpoint resolver -type Resolver struct { - partitions endpoints.Partitions -} - -// ResolveEndpoint resolves the service endpoint for the given region and options -func (r *Resolver) ResolveEndpoint(region string, options Options) (endpoint aws.Endpoint, err error) { - if len(region) == 0 { - return endpoint, &aws.MissingRegionError{} - } - - opt := transformToSharedOptions(options) - return r.partitions.ResolveEndpoint(region, opt) -} - -// New returns a new Resolver -func New() *Resolver { - return &Resolver{ - partitions: defaultPartitions, - } -} - -var partitionRegexp = struct { - Aws *regexp.Regexp - AwsCn *regexp.Regexp - AwsIso *regexp.Regexp - AwsIsoB *regexp.Regexp - AwsIsoE *regexp.Regexp - AwsIsoF *regexp.Regexp - AwsUsGov *regexp.Regexp -}{ - - Aws: regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"), - AwsCn: regexp.MustCompile("^cn\\-\\w+\\-\\d+$"), - AwsIso: regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"), - AwsIsoB: regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"), - AwsIsoE: regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"), - AwsIsoF: regexp.MustCompile("^us\\-isof\\-\\w+\\-\\d+$"), - AwsUsGov: regexp.MustCompile("^us\\-gov\\-\\w+\\-\\d+$"), -} - -var defaultPartitions = endpoints.Partitions{ - { - ID: "aws", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "secretsmanager.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "secretsmanager-fips.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "secretsmanager-fips.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "secretsmanager.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.Aws, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "af-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "af-south-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-east-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-northeast-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-northeast-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-northeast-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-northeast-2", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-northeast-3", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-northeast-3", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-south-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-south-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-south-2", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-southeast-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-southeast-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-2", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-southeast-3", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-3", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-southeast-4", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-4", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-southeast-5", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-5", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ap-southeast-7", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-7", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ca-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ca-central-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ca-central-1", - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ca-central-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ca-central-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "ca-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ca-west-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ca-west-1", - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ca-west-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "ca-west-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "eu-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-central-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "eu-central-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-central-2", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "eu-north-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-north-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "eu-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-south-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "eu-south-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-south-2", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "eu-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-west-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "eu-west-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-west-2", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "eu-west-3", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-west-3", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "il-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "il-central-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "me-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "me-central-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "me-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "me-south-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "mx-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "mx-central-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "sa-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "sa-east-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-east-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-east-1", - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-east-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-east-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-east-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-east-2", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-east-2", - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-east-2", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-east-2-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-west-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-west-1", - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-west-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-west-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-west-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-west-2", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-west-2", - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-west-2", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-west-2-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - }, - }, - { - ID: "aws-cn", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "secretsmanager.{region}.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "secretsmanager-fips.{region}.amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "secretsmanager-fips.{region}.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "secretsmanager.{region}.amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsCn, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "cn-north-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "cn-north-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "cn-northwest-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "cn-northwest-1", - Variant: endpoints.DualStackVariant, - }: {}, - }, - }, - { - ID: "aws-iso", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "secretsmanager-fips.{region}.c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "secretsmanager.{region}.c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIso, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-iso-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-iso-east-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-iso-east-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-iso-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-iso-west-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-iso-west-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - }, - }, - { - ID: "aws-iso-b", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "secretsmanager-fips.{region}.sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "secretsmanager.{region}.sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoB, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-isob-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-isob-east-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-isob-east-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - }, - }, - { - ID: "aws-iso-e", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "secretsmanager-fips.{region}.cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "secretsmanager.{region}.cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoE, - IsRegionalized: true, - }, - { - ID: "aws-iso-f", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "secretsmanager-fips.{region}.csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "secretsmanager.{region}.csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoF, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-isof-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-isof-east-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-isof-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-isof-south-1", - Variant: endpoints.DualStackVariant, - }: {}, - }, - }, - { - ID: "aws-us-gov", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "secretsmanager.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "secretsmanager-fips.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "secretsmanager-fips.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "secretsmanager.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsUsGov, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-gov-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-gov-east-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-gov-east-1", - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-gov-east-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-gov-east-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-gov-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-gov-west-1", - Variant: endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-gov-west-1", - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-gov-west-1", - Variant: endpoints.FIPSVariant, - }: {}, - endpoints.EndpointKey{ - Region: "us-gov-west-1-fips", - }: endpoints.Endpoint{ - Deprecated: aws.TrueTernary, - }, - }, - }, -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/options.go deleted file mode 100644 index 4b82cf13..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/options.go +++ /dev/null @@ -1,236 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - smithyauth "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net/http" -) - -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation call to - // modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The optional application specific identifier appended to the User-Agent header. - AppID string - - // This endpoint will be given as input to an EndpointResolverV2. It is used for - // providing a custom base endpoint that is subject to modifications by the - // processing EndpointResolverV2. - BaseEndpoint *string - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // The configuration DefaultsMode that the SDK should use when constructing the - // clients initial default settings. - DefaultsMode aws.DefaultsMode - - // The endpoint options to be used when attempting to resolve an endpoint. - EndpointOptions EndpointResolverOptions - - // The service endpoint resolver. - // - // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a - // value for this field will likely prevent you from using any endpoint-related - // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. - // - // To migrate an EndpointResolver implementation that uses a custom endpoint, set - // the client option BaseEndpoint instead. - EndpointResolver EndpointResolver - - // Resolves the endpoint used for a particular service operation. This should be - // used over the deprecated EndpointResolver. - EndpointResolverV2 EndpointResolverV2 - - // Signature Version 4 (SigV4) Signer - HTTPSignerV4 HTTPSignerV4 - - // Provides idempotency tokens values that will be automatically populated into - // idempotent API operations. - IdempotencyTokenProvider IdempotencyTokenProvider - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // The client meter provider. - MeterProvider metrics.MeterProvider - - // The region to send requests to. (Required) - Region string - - // RetryMaxAttempts specifies the maximum number attempts an API client will call - // an operation that fails with a retryable error. A value of 0 is ignored, and - // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. - // - // If specified in an operation call's functional options with a value that is - // different than the constructed client's Options, the Client's Retryer will be - // wrapped to use the operation's specific RetryMaxAttempts value. - RetryMaxAttempts int - - // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. - // - // When creating a new API Clients this member will only be used if the Retryer - // Options member is nil. This value will be ignored if Retryer is not nil. - // - // Currently does not support per operation call overrides, may in the future. - RetryMode aws.RetryMode - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. The kind of - // default retry created by the API client can be changed with the RetryMode - // option. - Retryer aws.Retryer - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set - // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You - // should not populate this structure programmatically, or rely on the values here - // within your applications. - RuntimeEnvironment aws.RuntimeEnvironment - - // The client tracer provider. - TracerProvider tracing.TracerProvider - - // The initial DefaultsMode used when the client options were constructed. If the - // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. - // - // Currently does not support per operation call overrides, may in the future. - resolvedDefaultsMode aws.DefaultsMode - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient - - // The auth scheme resolver which determines how to authenticate for each - // operation. - AuthSchemeResolver AuthSchemeResolver - - // The list of auth schemes supported by the client. - AuthSchemes []smithyhttp.AuthScheme -} - -// Copy creates a clone where the APIOptions list is deep copied. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - - return to -} - -func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { - if schemeID == "aws.auth#sigv4" { - return getSigV4IdentityResolver(o) - } - if schemeID == "smithy.api#noAuth" { - return &smithyauth.AnonymousIdentityResolver{} - } - return nil -} - -// WithAPIOptions returns a functional option for setting the Client's APIOptions -// option. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for -// this field will likely prevent you from using any endpoint-related service -// features released after the introduction of EndpointResolverV2 and BaseEndpoint. -// -// To migrate an EndpointResolver implementation that uses a custom endpoint, set -// the client option BaseEndpoint instead. -func WithEndpointResolver(v EndpointResolver) func(*Options) { - return func(o *Options) { - o.EndpointResolver = v - } -} - -// WithEndpointResolverV2 returns a functional option for setting the Client's -// EndpointResolverV2 option. -func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { - return func(o *Options) { - o.EndpointResolverV2 = v - } -} - -func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { - if o.Credentials != nil { - return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} - } - return nil -} - -// WithSigV4SigningName applies an override to the authentication workflow to -// use the given signing name for SigV4-authenticated operations. -// -// This is an advanced setting. The value here is FINAL, taking precedence over -// the resolved signing name from both auth scheme resolution and endpoint -// resolution. -func WithSigV4SigningName(name string) func(*Options) { - fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, - ) { - return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) - } - return func(o *Options) { - o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { - return s.Initialize.Add( - middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), - middleware.Before, - ) - }) - } -} - -// WithSigV4SigningRegion applies an override to the authentication workflow to -// use the given signing region for SigV4-authenticated operations. -// -// This is an advanced setting. The value here is FINAL, taking precedence over -// the resolved signing region from both auth scheme resolution and endpoint -// resolution. -func WithSigV4SigningRegion(region string) func(*Options) { - fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, - ) { - return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) - } - return func(o *Options) { - o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { - return s.Initialize.Add( - middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), - middleware.Before, - ) - }) - } -} - -func ignoreAnonymousAuth(options *Options) { - if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { - options.Credentials = nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/serializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/serializers.go deleted file mode 100644 index 2f04e03a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/serializers.go +++ /dev/null @@ -1,2156 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "bytes" - "context" - "fmt" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/encoding/httpbinding" - smithyjson "github.com/aws/smithy-go/encoding/json" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "path" -) - -type awsAwsjson11_serializeOpBatchGetSecretValue struct { -} - -func (*awsAwsjson11_serializeOpBatchGetSecretValue) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpBatchGetSecretValue) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*BatchGetSecretValueInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.BatchGetSecretValue") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentBatchGetSecretValueInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpCancelRotateSecret struct { -} - -func (*awsAwsjson11_serializeOpCancelRotateSecret) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpCancelRotateSecret) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*CancelRotateSecretInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.CancelRotateSecret") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentCancelRotateSecretInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpCreateSecret struct { -} - -func (*awsAwsjson11_serializeOpCreateSecret) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpCreateSecret) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*CreateSecretInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.CreateSecret") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentCreateSecretInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpDeleteResourcePolicy struct { -} - -func (*awsAwsjson11_serializeOpDeleteResourcePolicy) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpDeleteResourcePolicy) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*DeleteResourcePolicyInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.DeleteResourcePolicy") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentDeleteResourcePolicyInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpDeleteSecret struct { -} - -func (*awsAwsjson11_serializeOpDeleteSecret) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpDeleteSecret) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*DeleteSecretInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.DeleteSecret") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentDeleteSecretInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpDescribeSecret struct { -} - -func (*awsAwsjson11_serializeOpDescribeSecret) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpDescribeSecret) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*DescribeSecretInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.DescribeSecret") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentDescribeSecretInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpGetRandomPassword struct { -} - -func (*awsAwsjson11_serializeOpGetRandomPassword) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpGetRandomPassword) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*GetRandomPasswordInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.GetRandomPassword") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentGetRandomPasswordInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpGetResourcePolicy struct { -} - -func (*awsAwsjson11_serializeOpGetResourcePolicy) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpGetResourcePolicy) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*GetResourcePolicyInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.GetResourcePolicy") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentGetResourcePolicyInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpGetSecretValue struct { -} - -func (*awsAwsjson11_serializeOpGetSecretValue) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpGetSecretValue) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*GetSecretValueInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.GetSecretValue") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentGetSecretValueInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpListSecrets struct { -} - -func (*awsAwsjson11_serializeOpListSecrets) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpListSecrets) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*ListSecretsInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.ListSecrets") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentListSecretsInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpListSecretVersionIds struct { -} - -func (*awsAwsjson11_serializeOpListSecretVersionIds) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpListSecretVersionIds) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*ListSecretVersionIdsInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.ListSecretVersionIds") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentListSecretVersionIdsInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpPutResourcePolicy struct { -} - -func (*awsAwsjson11_serializeOpPutResourcePolicy) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpPutResourcePolicy) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*PutResourcePolicyInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.PutResourcePolicy") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentPutResourcePolicyInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpPutSecretValue struct { -} - -func (*awsAwsjson11_serializeOpPutSecretValue) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpPutSecretValue) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*PutSecretValueInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.PutSecretValue") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentPutSecretValueInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpRemoveRegionsFromReplication struct { -} - -func (*awsAwsjson11_serializeOpRemoveRegionsFromReplication) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpRemoveRegionsFromReplication) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*RemoveRegionsFromReplicationInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.RemoveRegionsFromReplication") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentRemoveRegionsFromReplicationInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpReplicateSecretToRegions struct { -} - -func (*awsAwsjson11_serializeOpReplicateSecretToRegions) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpReplicateSecretToRegions) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*ReplicateSecretToRegionsInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.ReplicateSecretToRegions") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentReplicateSecretToRegionsInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpRestoreSecret struct { -} - -func (*awsAwsjson11_serializeOpRestoreSecret) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpRestoreSecret) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*RestoreSecretInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.RestoreSecret") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentRestoreSecretInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpRotateSecret struct { -} - -func (*awsAwsjson11_serializeOpRotateSecret) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpRotateSecret) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*RotateSecretInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.RotateSecret") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentRotateSecretInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpStopReplicationToReplica struct { -} - -func (*awsAwsjson11_serializeOpStopReplicationToReplica) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpStopReplicationToReplica) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*StopReplicationToReplicaInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.StopReplicationToReplica") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentStopReplicationToReplicaInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpTagResource struct { -} - -func (*awsAwsjson11_serializeOpTagResource) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpTagResource) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*TagResourceInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.TagResource") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentTagResourceInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpUntagResource struct { -} - -func (*awsAwsjson11_serializeOpUntagResource) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpUntagResource) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*UntagResourceInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.UntagResource") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentUntagResourceInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpUpdateSecret struct { -} - -func (*awsAwsjson11_serializeOpUpdateSecret) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpUpdateSecret) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*UpdateSecretInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.UpdateSecret") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentUpdateSecretInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpUpdateSecretVersionStage struct { -} - -func (*awsAwsjson11_serializeOpUpdateSecretVersionStage) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpUpdateSecretVersionStage) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*UpdateSecretVersionStageInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.UpdateSecretVersionStage") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentUpdateSecretVersionStageInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsjson11_serializeOpValidateResourcePolicy struct { -} - -func (*awsAwsjson11_serializeOpValidateResourcePolicy) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsjson11_serializeOpValidateResourcePolicy) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*ValidateResourcePolicyInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-amz-json-1.1") - httpBindingEncoder.SetHeader("X-Amz-Target").String("secretsmanager.ValidateResourcePolicy") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsAwsjson11_serializeOpDocumentValidateResourcePolicyInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsAwsjson11_serializeDocumentAddReplicaRegionListType(v []types.ReplicaRegionType, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - if err := awsAwsjson11_serializeDocumentReplicaRegionType(&v[i], av); err != nil { - return err - } - } - return nil -} - -func awsAwsjson11_serializeDocumentFilter(v *types.Filter, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if len(v.Key) > 0 { - ok := object.Key("Key") - ok.String(string(v.Key)) - } - - if v.Values != nil { - ok := object.Key("Values") - if err := awsAwsjson11_serializeDocumentFilterValuesStringList(v.Values, ok); err != nil { - return err - } - } - - return nil -} - -func awsAwsjson11_serializeDocumentFiltersListType(v []types.Filter, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - if err := awsAwsjson11_serializeDocumentFilter(&v[i], av); err != nil { - return err - } - } - return nil -} - -func awsAwsjson11_serializeDocumentFilterValuesStringList(v []string, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} - -func awsAwsjson11_serializeDocumentRemoveReplicaRegionListType(v []string, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} - -func awsAwsjson11_serializeDocumentReplicaRegionType(v *types.ReplicaRegionType, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.KmsKeyId != nil { - ok := object.Key("KmsKeyId") - ok.String(*v.KmsKeyId) - } - - if v.Region != nil { - ok := object.Key("Region") - ok.String(*v.Region) - } - - return nil -} - -func awsAwsjson11_serializeDocumentRotationRulesType(v *types.RotationRulesType, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.AutomaticallyAfterDays != nil { - ok := object.Key("AutomaticallyAfterDays") - ok.Long(*v.AutomaticallyAfterDays) - } - - if v.Duration != nil { - ok := object.Key("Duration") - ok.String(*v.Duration) - } - - if v.ScheduleExpression != nil { - ok := object.Key("ScheduleExpression") - ok.String(*v.ScheduleExpression) - } - - return nil -} - -func awsAwsjson11_serializeDocumentSecretIdListType(v []string, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} - -func awsAwsjson11_serializeDocumentSecretVersionStagesType(v []string, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} - -func awsAwsjson11_serializeDocumentTag(v *types.Tag, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.Key != nil { - ok := object.Key("Key") - ok.String(*v.Key) - } - - if v.Value != nil { - ok := object.Key("Value") - ok.String(*v.Value) - } - - return nil -} - -func awsAwsjson11_serializeDocumentTagKeyListType(v []string, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} - -func awsAwsjson11_serializeDocumentTagListType(v []types.Tag, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - if err := awsAwsjson11_serializeDocumentTag(&v[i], av); err != nil { - return err - } - } - return nil -} - -func awsAwsjson11_serializeOpDocumentBatchGetSecretValueInput(v *BatchGetSecretValueInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.Filters != nil { - ok := object.Key("Filters") - if err := awsAwsjson11_serializeDocumentFiltersListType(v.Filters, ok); err != nil { - return err - } - } - - if v.MaxResults != nil { - ok := object.Key("MaxResults") - ok.Integer(*v.MaxResults) - } - - if v.NextToken != nil { - ok := object.Key("NextToken") - ok.String(*v.NextToken) - } - - if v.SecretIdList != nil { - ok := object.Key("SecretIdList") - if err := awsAwsjson11_serializeDocumentSecretIdListType(v.SecretIdList, ok); err != nil { - return err - } - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentCancelRotateSecretInput(v *CancelRotateSecretInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentCreateSecretInput(v *CreateSecretInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.AddReplicaRegions != nil { - ok := object.Key("AddReplicaRegions") - if err := awsAwsjson11_serializeDocumentAddReplicaRegionListType(v.AddReplicaRegions, ok); err != nil { - return err - } - } - - if v.ClientRequestToken != nil { - ok := object.Key("ClientRequestToken") - ok.String(*v.ClientRequestToken) - } - - if v.Description != nil { - ok := object.Key("Description") - ok.String(*v.Description) - } - - if v.ForceOverwriteReplicaSecret { - ok := object.Key("ForceOverwriteReplicaSecret") - ok.Boolean(v.ForceOverwriteReplicaSecret) - } - - if v.KmsKeyId != nil { - ok := object.Key("KmsKeyId") - ok.String(*v.KmsKeyId) - } - - if v.Name != nil { - ok := object.Key("Name") - ok.String(*v.Name) - } - - if v.SecretBinary != nil { - ok := object.Key("SecretBinary") - ok.Base64EncodeBytes(v.SecretBinary) - } - - if v.SecretString != nil { - ok := object.Key("SecretString") - ok.String(*v.SecretString) - } - - if v.Tags != nil { - ok := object.Key("Tags") - if err := awsAwsjson11_serializeDocumentTagListType(v.Tags, ok); err != nil { - return err - } - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentDeleteResourcePolicyInput(v *DeleteResourcePolicyInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentDeleteSecretInput(v *DeleteSecretInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ForceDeleteWithoutRecovery != nil { - ok := object.Key("ForceDeleteWithoutRecovery") - ok.Boolean(*v.ForceDeleteWithoutRecovery) - } - - if v.RecoveryWindowInDays != nil { - ok := object.Key("RecoveryWindowInDays") - ok.Long(*v.RecoveryWindowInDays) - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentDescribeSecretInput(v *DescribeSecretInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentGetRandomPasswordInput(v *GetRandomPasswordInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ExcludeCharacters != nil { - ok := object.Key("ExcludeCharacters") - ok.String(*v.ExcludeCharacters) - } - - if v.ExcludeLowercase != nil { - ok := object.Key("ExcludeLowercase") - ok.Boolean(*v.ExcludeLowercase) - } - - if v.ExcludeNumbers != nil { - ok := object.Key("ExcludeNumbers") - ok.Boolean(*v.ExcludeNumbers) - } - - if v.ExcludePunctuation != nil { - ok := object.Key("ExcludePunctuation") - ok.Boolean(*v.ExcludePunctuation) - } - - if v.ExcludeUppercase != nil { - ok := object.Key("ExcludeUppercase") - ok.Boolean(*v.ExcludeUppercase) - } - - if v.IncludeSpace != nil { - ok := object.Key("IncludeSpace") - ok.Boolean(*v.IncludeSpace) - } - - if v.PasswordLength != nil { - ok := object.Key("PasswordLength") - ok.Long(*v.PasswordLength) - } - - if v.RequireEachIncludedType != nil { - ok := object.Key("RequireEachIncludedType") - ok.Boolean(*v.RequireEachIncludedType) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentGetResourcePolicyInput(v *GetResourcePolicyInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentGetSecretValueInput(v *GetSecretValueInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - if v.VersionId != nil { - ok := object.Key("VersionId") - ok.String(*v.VersionId) - } - - if v.VersionStage != nil { - ok := object.Key("VersionStage") - ok.String(*v.VersionStage) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentListSecretsInput(v *ListSecretsInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.Filters != nil { - ok := object.Key("Filters") - if err := awsAwsjson11_serializeDocumentFiltersListType(v.Filters, ok); err != nil { - return err - } - } - - if v.IncludePlannedDeletion != nil { - ok := object.Key("IncludePlannedDeletion") - ok.Boolean(*v.IncludePlannedDeletion) - } - - if v.MaxResults != nil { - ok := object.Key("MaxResults") - ok.Integer(*v.MaxResults) - } - - if v.NextToken != nil { - ok := object.Key("NextToken") - ok.String(*v.NextToken) - } - - if len(v.SortOrder) > 0 { - ok := object.Key("SortOrder") - ok.String(string(v.SortOrder)) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentListSecretVersionIdsInput(v *ListSecretVersionIdsInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.IncludeDeprecated != nil { - ok := object.Key("IncludeDeprecated") - ok.Boolean(*v.IncludeDeprecated) - } - - if v.MaxResults != nil { - ok := object.Key("MaxResults") - ok.Integer(*v.MaxResults) - } - - if v.NextToken != nil { - ok := object.Key("NextToken") - ok.String(*v.NextToken) - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentPutResourcePolicyInput(v *PutResourcePolicyInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.BlockPublicPolicy != nil { - ok := object.Key("BlockPublicPolicy") - ok.Boolean(*v.BlockPublicPolicy) - } - - if v.ResourcePolicy != nil { - ok := object.Key("ResourcePolicy") - ok.String(*v.ResourcePolicy) - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentPutSecretValueInput(v *PutSecretValueInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ClientRequestToken != nil { - ok := object.Key("ClientRequestToken") - ok.String(*v.ClientRequestToken) - } - - if v.RotationToken != nil { - ok := object.Key("RotationToken") - ok.String(*v.RotationToken) - } - - if v.SecretBinary != nil { - ok := object.Key("SecretBinary") - ok.Base64EncodeBytes(v.SecretBinary) - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - if v.SecretString != nil { - ok := object.Key("SecretString") - ok.String(*v.SecretString) - } - - if v.VersionStages != nil { - ok := object.Key("VersionStages") - if err := awsAwsjson11_serializeDocumentSecretVersionStagesType(v.VersionStages, ok); err != nil { - return err - } - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentRemoveRegionsFromReplicationInput(v *RemoveRegionsFromReplicationInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.RemoveReplicaRegions != nil { - ok := object.Key("RemoveReplicaRegions") - if err := awsAwsjson11_serializeDocumentRemoveReplicaRegionListType(v.RemoveReplicaRegions, ok); err != nil { - return err - } - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentReplicateSecretToRegionsInput(v *ReplicateSecretToRegionsInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.AddReplicaRegions != nil { - ok := object.Key("AddReplicaRegions") - if err := awsAwsjson11_serializeDocumentAddReplicaRegionListType(v.AddReplicaRegions, ok); err != nil { - return err - } - } - - if v.ForceOverwriteReplicaSecret { - ok := object.Key("ForceOverwriteReplicaSecret") - ok.Boolean(v.ForceOverwriteReplicaSecret) - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentRestoreSecretInput(v *RestoreSecretInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentRotateSecretInput(v *RotateSecretInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ClientRequestToken != nil { - ok := object.Key("ClientRequestToken") - ok.String(*v.ClientRequestToken) - } - - if v.RotateImmediately != nil { - ok := object.Key("RotateImmediately") - ok.Boolean(*v.RotateImmediately) - } - - if v.RotationLambdaARN != nil { - ok := object.Key("RotationLambdaARN") - ok.String(*v.RotationLambdaARN) - } - - if v.RotationRules != nil { - ok := object.Key("RotationRules") - if err := awsAwsjson11_serializeDocumentRotationRulesType(v.RotationRules, ok); err != nil { - return err - } - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentStopReplicationToReplicaInput(v *StopReplicationToReplicaInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentTagResourceInput(v *TagResourceInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - if v.Tags != nil { - ok := object.Key("Tags") - if err := awsAwsjson11_serializeDocumentTagListType(v.Tags, ok); err != nil { - return err - } - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentUntagResourceInput(v *UntagResourceInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - if v.TagKeys != nil { - ok := object.Key("TagKeys") - if err := awsAwsjson11_serializeDocumentTagKeyListType(v.TagKeys, ok); err != nil { - return err - } - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentUpdateSecretInput(v *UpdateSecretInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ClientRequestToken != nil { - ok := object.Key("ClientRequestToken") - ok.String(*v.ClientRequestToken) - } - - if v.Description != nil { - ok := object.Key("Description") - ok.String(*v.Description) - } - - if v.KmsKeyId != nil { - ok := object.Key("KmsKeyId") - ok.String(*v.KmsKeyId) - } - - if v.SecretBinary != nil { - ok := object.Key("SecretBinary") - ok.Base64EncodeBytes(v.SecretBinary) - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - if v.SecretString != nil { - ok := object.Key("SecretString") - ok.String(*v.SecretString) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentUpdateSecretVersionStageInput(v *UpdateSecretVersionStageInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.MoveToVersionId != nil { - ok := object.Key("MoveToVersionId") - ok.String(*v.MoveToVersionId) - } - - if v.RemoveFromVersionId != nil { - ok := object.Key("RemoveFromVersionId") - ok.String(*v.RemoveFromVersionId) - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - if v.VersionStage != nil { - ok := object.Key("VersionStage") - ok.String(*v.VersionStage) - } - - return nil -} - -func awsAwsjson11_serializeOpDocumentValidateResourcePolicyInput(v *ValidateResourcePolicyInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ResourcePolicy != nil { - ok := object.Key("ResourcePolicy") - ok.String(*v.ResourcePolicy) - } - - if v.SecretId != nil { - ok := object.Key("SecretId") - ok.String(*v.SecretId) - } - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/enums.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/enums.go deleted file mode 100644 index e458ec8f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/enums.go +++ /dev/null @@ -1,72 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -type FilterNameStringType string - -// Enum values for FilterNameStringType -const ( - FilterNameStringTypeDescription FilterNameStringType = "description" - FilterNameStringTypeName FilterNameStringType = "name" - FilterNameStringTypeTagKey FilterNameStringType = "tag-key" - FilterNameStringTypeTagValue FilterNameStringType = "tag-value" - FilterNameStringTypePrimaryRegion FilterNameStringType = "primary-region" - FilterNameStringTypeOwningService FilterNameStringType = "owning-service" - FilterNameStringTypeAll FilterNameStringType = "all" -) - -// Values returns all known values for FilterNameStringType. Note that this can be -// expanded in the future, and so it is only as up to date as the client. -// -// The ordering of this slice is not guaranteed to be stable across updates. -func (FilterNameStringType) Values() []FilterNameStringType { - return []FilterNameStringType{ - "description", - "name", - "tag-key", - "tag-value", - "primary-region", - "owning-service", - "all", - } -} - -type SortOrderType string - -// Enum values for SortOrderType -const ( - SortOrderTypeAsc SortOrderType = "asc" - SortOrderTypeDesc SortOrderType = "desc" -) - -// Values returns all known values for SortOrderType. Note that this can be -// expanded in the future, and so it is only as up to date as the client. -// -// The ordering of this slice is not guaranteed to be stable across updates. -func (SortOrderType) Values() []SortOrderType { - return []SortOrderType{ - "asc", - "desc", - } -} - -type StatusType string - -// Enum values for StatusType -const ( - StatusTypeInSync StatusType = "InSync" - StatusTypeFailed StatusType = "Failed" - StatusTypeInProgress StatusType = "InProgress" -) - -// Values returns all known values for StatusType. Note that this can be expanded -// in the future, and so it is only as up to date as the client. -// -// The ordering of this slice is not guaranteed to be stable across updates. -func (StatusType) Values() []StatusType { - return []StatusType{ - "InSync", - "Failed", - "InProgress", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/errors.go deleted file mode 100644 index 09c59ed1..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/errors.go +++ /dev/null @@ -1,339 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -import ( - "fmt" - smithy "github.com/aws/smithy-go" -) - -// Secrets Manager can't decrypt the protected secret text using the provided KMS -// key. -type DecryptionFailure struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *DecryptionFailure) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *DecryptionFailure) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *DecryptionFailure) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "DecryptionFailure" - } - return *e.ErrorCodeOverride -} -func (e *DecryptionFailure) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Secrets Manager can't encrypt the protected secret text using the provided KMS -// key. Check that the KMS key is available, enabled, and not in an invalid state. -// For more information, see [Key state: Effect on your KMS key]. -// -// [Key state: Effect on your KMS key]: https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html -type EncryptionFailure struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *EncryptionFailure) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *EncryptionFailure) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *EncryptionFailure) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "EncryptionFailure" - } - return *e.ErrorCodeOverride -} -func (e *EncryptionFailure) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// An error occurred on the server side. -type InternalServiceError struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *InternalServiceError) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InternalServiceError) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InternalServiceError) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InternalServiceError" - } - return *e.ErrorCodeOverride -} -func (e *InternalServiceError) ErrorFault() smithy.ErrorFault { return smithy.FaultServer } - -// The NextToken value is invalid. -type InvalidNextTokenException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *InvalidNextTokenException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidNextTokenException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidNextTokenException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidNextTokenException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidNextTokenException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The parameter name or value is invalid. -type InvalidParameterException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *InvalidParameterException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidParameterException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidParameterException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidParameterException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidParameterException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// A parameter value is not valid for the current state of the resource. -// -// Possible causes: -// -// - The secret is scheduled for deletion. -// -// - You tried to enable rotation on a secret that doesn't already have a Lambda -// function ARN configured and you didn't include such an ARN as a parameter in -// this call. -// -// - The secret is managed by another service, and you must use that service to -// update it. For more information, see [Secrets managed by other Amazon Web Services services]. -// -// [Secrets managed by other Amazon Web Services services]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html -type InvalidRequestException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *InvalidRequestException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidRequestException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidRequestException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidRequestException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidRequestException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The request failed because it would exceed one of the Secrets Manager quotas. -type LimitExceededException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *LimitExceededException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *LimitExceededException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *LimitExceededException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "LimitExceededException" - } - return *e.ErrorCodeOverride -} -func (e *LimitExceededException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The resource policy has syntax errors. -type MalformedPolicyDocumentException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *MalformedPolicyDocumentException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *MalformedPolicyDocumentException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *MalformedPolicyDocumentException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "MalformedPolicyDocumentException" - } - return *e.ErrorCodeOverride -} -func (e *MalformedPolicyDocumentException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The request failed because you did not complete all the prerequisite steps. -type PreconditionNotMetException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *PreconditionNotMetException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *PreconditionNotMetException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *PreconditionNotMetException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "PreconditionNotMetException" - } - return *e.ErrorCodeOverride -} -func (e *PreconditionNotMetException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The BlockPublicPolicy parameter is set to true, and the resource policy did not -// prevent broad access to the secret. -type PublicPolicyException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *PublicPolicyException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *PublicPolicyException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *PublicPolicyException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "PublicPolicyException" - } - return *e.ErrorCodeOverride -} -func (e *PublicPolicyException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// A resource with the ID you requested already exists. -type ResourceExistsException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *ResourceExistsException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *ResourceExistsException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *ResourceExistsException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "ResourceExistsException" - } - return *e.ErrorCodeOverride -} -func (e *ResourceExistsException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Secrets Manager can't find the resource that you asked for. -type ResourceNotFoundException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *ResourceNotFoundException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *ResourceNotFoundException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *ResourceNotFoundException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "ResourceNotFoundException" - } - return *e.ErrorCodeOverride -} -func (e *ResourceNotFoundException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/types.go deleted file mode 100644 index 7b848975..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/types/types.go +++ /dev/null @@ -1,321 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -import ( - smithydocument "github.com/aws/smithy-go/document" - "time" -) - -// The error Secrets Manager encountered while retrieving an individual secret as -// part of BatchGetSecretValue. -type APIErrorType struct { - - // The error Secrets Manager encountered while retrieving an individual secret as - // part of BatchGetSecretValue, for example ResourceNotFoundException , InvalidParameterException , - // InvalidRequestException , DecryptionFailure , or AccessDeniedException . - ErrorCode *string - - // A message describing the error. - Message *string - - // The ARN or name of the secret. - SecretId *string - - noSmithyDocumentSerde -} - -// Allows you to add filters when you use the search function in Secrets Manager. -// For more information, see [Find secrets in Secrets Manager]. -// -// [Find secrets in Secrets Manager]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html -type Filter struct { - - // The following are keys you can use: - // - // - description: Prefix match, not case-sensitive. - // - // - name: Prefix match, case-sensitive. - // - // - tag-key: Prefix match, case-sensitive. - // - // - tag-value: Prefix match, case-sensitive. - // - // - primary-region: Prefix match, case-sensitive. - // - // - owning-service: Prefix match, case-sensitive. - // - // - all: Breaks the filter value string into words and then searches all - // attributes for matches. Not case-sensitive. - Key FilterNameStringType - - // The keyword to filter for. - // - // You can prefix your search value with an exclamation mark ( ! ) in order to - // perform negation filters. - Values []string - - noSmithyDocumentSerde -} - -// A custom type that specifies a Region and the KmsKeyId for a replica secret. -type ReplicaRegionType struct { - - // The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't - // include this field, Secrets Manager uses aws/secretsmanager . - KmsKeyId *string - - // A Region code. For a list of Region codes, see [Name and code of Regions]. - // - // [Name and code of Regions]: https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints - Region *string - - noSmithyDocumentSerde -} - -// A replication object consisting of a RegionReplicationStatus object and -// includes a Region, KMSKeyId, status, and status message. -type ReplicationStatusType struct { - - // Can be an ARN , Key ID , or Alias . - KmsKeyId *string - - // The date that the secret was last accessed in the Region. This field is omitted - // if the secret has never been retrieved in the Region. - LastAccessedDate *time.Time - - // The Region where replication occurs. - Region *string - - // The status can be InProgress , Failed , or InSync . - Status StatusType - - // Status message such as "Secret with this name already exists in this region". - StatusMessage *string - - noSmithyDocumentSerde -} - -// A structure that defines the rotation configuration for the secret. -type RotationRulesType struct { - - // The number of days between rotations of the secret. You can use this value to - // check that your secret meets your compliance guidelines for how often secrets - // must be rotated. If you use this field to set the rotation schedule, Secrets - // Manager calculates the next rotation date based on the previous rotation. - // Manually updating the secret value by calling PutSecretValue or UpdateSecret is - // considered a valid rotation. - // - // In DescribeSecret and ListSecrets , this value is calculated from the rotation - // schedule after every successful rotation. In RotateSecret , you can set the - // rotation schedule in RotationRules with AutomaticallyAfterDays or - // ScheduleExpression , but not both. To set a rotation schedule in hours, use - // ScheduleExpression . - AutomaticallyAfterDays *int64 - - // The length of the rotation window in hours, for example 3h for a three hour - // window. Secrets Manager rotates your secret at any time during this window. The - // window must not extend into the next rotation window or the next UTC day. The - // window starts according to the ScheduleExpression . If you don't specify a - // Duration , for a ScheduleExpression in hours, the window automatically closes - // after one hour. For a ScheduleExpression in days, the window automatically - // closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation] - // in the Secrets Manager Users Guide. - // - // [Schedule expressions in Secrets Manager rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html - Duration *string - - // A cron() or rate() expression that defines the schedule for rotating your - // secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager - // rotates your secret any time during a rotation window. - // - // Secrets Manager rate() expressions represent the interval in hours or days that - // you want to rotate your secret, for example rate(12 hours) or rate(10 days) . - // You can rotate a secret as often as every four hours. If you use a rate() - // expression, the rotation window starts at midnight. For a rate in hours, the - // default rotation window closes after one hour. For a rate in days, the default - // rotation window closes at the end of the day. You can set the Duration to - // change the rotation window. The rotation window must not extend into the next - // UTC day or into the next rotation window. - // - // You can use a cron() expression to create a rotation schedule that is more - // detailed than a rotation interval. For more information, including examples, see - // [Schedule expressions in Secrets Manager rotation]in the Secrets Manager Users Guide. For a cron expression that represents a - // schedule in hours, the default rotation window closes after one hour. For a cron - // expression that represents a schedule in days, the default rotation window - // closes at the end of the day. You can set the Duration to change the rotation - // window. The rotation window must not extend into the next UTC day or into the - // next rotation window. - // - // [Schedule expressions in Secrets Manager rotation]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html - ScheduleExpression *string - - noSmithyDocumentSerde -} - -// A structure that contains the details about a secret. It does not include the -// encrypted SecretString and SecretBinary values. To get those values, use [GetSecretValue] . -// -// [GetSecretValue]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html -type SecretListEntry struct { - - // The Amazon Resource Name (ARN) of the secret. - ARN *string - - // The date and time when a secret was created. - CreatedDate *time.Time - - // The date and time the deletion of the secret occurred. Not present on active - // secrets. The secret can be recovered until the number of days in the recovery - // window has passed, as specified in the RecoveryWindowInDays parameter of the [DeleteSecret] - // DeleteSecret operation. - // - // [DeleteSecret]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_DeleteSecret.html - DeletedDate *time.Time - - // The user-provided description of the secret. - Description *string - - // The ARN of the KMS key that Secrets Manager uses to encrypt the secret value. - // If the secret is encrypted with the Amazon Web Services managed key - // aws/secretsmanager , this field is omitted. - KmsKeyId *string - - // The date that the secret was last accessed in the Region. This field is omitted - // if the secret has never been retrieved in the Region. - LastAccessedDate *time.Time - - // The last date and time that this secret was modified in any way. - LastChangedDate *time.Time - - // The most recent date and time that the Secrets Manager rotation process was - // successfully completed. This value is null if the secret hasn't ever rotated. - LastRotatedDate *time.Time - - // The friendly name of the secret. - Name *string - - // The next rotation is scheduled to occur on or before this date. If the secret - // isn't configured for rotation or rotation has been disabled, Secrets Manager - // returns null. - NextRotationDate *time.Time - - // Returns the name of the service that created the secret. - OwningService *string - - // The Region where Secrets Manager originated the secret. - PrimaryRegion *string - - // Indicates whether automatic, scheduled rotation is enabled for this secret. - RotationEnabled *bool - - // The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to - // rotate and expire the secret either automatically per the schedule or manually - // by a call to [RotateSecret]RotateSecret . - // - // [RotateSecret]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_RotateSecret.html - RotationLambdaARN *string - - // A structure that defines the rotation configuration for the secret. - RotationRules *RotationRulesType - - // A list of all of the currently assigned SecretVersionStage staging labels and - // the SecretVersionId attached to each one. Staging labels are used to keep track - // of the different versions during the rotation process. - // - // A version that does not have any SecretVersionStage is considered deprecated - // and subject to deletion. Such versions are not included in this list. - SecretVersionsToStages map[string][]string - - // The list of user-defined tags associated with the secret. To add tags to a - // secret, use [TagResource]TagResource . To remove tags, use [UntagResource]UntagResource . - // - // [TagResource]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_TagResource.html - // [UntagResource]: https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_UntagResource.html - Tags []Tag - - noSmithyDocumentSerde -} - -// A structure that contains the secret value and other details for a secret. -type SecretValueEntry struct { - - // The Amazon Resource Name (ARN) of the secret. - ARN *string - - // The date the secret was created. - CreatedDate *time.Time - - // The friendly name of the secret. - Name *string - - // The decrypted secret value, if the secret value was originally provided as - // binary data in the form of a byte array. The parameter represents the binary - // data as a [base64-encoded]string. - // - // [base64-encoded]: https://tools.ietf.org/html/rfc4648#section-4 - SecretBinary []byte - - // The decrypted secret value, if the secret value was originally provided as a - // string or through the Secrets Manager console. - SecretString *string - - // The unique version identifier of this version of the secret. - VersionId *string - - // A list of all of the staging labels currently attached to this version of the - // secret. - VersionStages []string - - noSmithyDocumentSerde -} - -// A structure that contains information about one version of a secret. -type SecretVersionsListEntry struct { - - // The date and time this version of the secret was created. - CreatedDate *time.Time - - // The KMS keys used to encrypt the secret version. - KmsKeyIds []string - - // The date that this version of the secret was last accessed. Note that the - // resolution of this field is at the date level and does not include the time. - LastAccessedDate *time.Time - - // The unique version identifier of this version of the secret. - VersionId *string - - // An array of staging labels that are currently associated with this version of - // the secret. - VersionStages []string - - noSmithyDocumentSerde -} - -// A structure that contains information about a tag. -type Tag struct { - - // The key identifier, or name, of the tag. - Key *string - - // The string value associated with the key of the tag. - Value *string - - noSmithyDocumentSerde -} - -// Displays errors that occurred during validation of the resource policy. -type ValidationErrorsEntry struct { - - // Checks the name of the policy. - CheckName *string - - // Displays error messages if validation encounters problems during validation of - // the resource policy. - ErrorMessage *string - - noSmithyDocumentSerde -} - -type noSmithyDocumentSerde = smithydocument.NoSerde diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/validators.go b/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/validators.go deleted file mode 100644 index 90159c6c..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/secretsmanager/validators.go +++ /dev/null @@ -1,808 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package secretsmanager - -import ( - "context" - "fmt" - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/middleware" -) - -type validateOpCancelRotateSecret struct { -} - -func (*validateOpCancelRotateSecret) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpCancelRotateSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*CancelRotateSecretInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpCancelRotateSecretInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpCreateSecret struct { -} - -func (*validateOpCreateSecret) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpCreateSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*CreateSecretInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpCreateSecretInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpDeleteResourcePolicy struct { -} - -func (*validateOpDeleteResourcePolicy) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpDeleteResourcePolicy) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*DeleteResourcePolicyInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpDeleteResourcePolicyInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpDeleteSecret struct { -} - -func (*validateOpDeleteSecret) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpDeleteSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*DeleteSecretInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpDeleteSecretInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpDescribeSecret struct { -} - -func (*validateOpDescribeSecret) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpDescribeSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*DescribeSecretInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpDescribeSecretInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpGetResourcePolicy struct { -} - -func (*validateOpGetResourcePolicy) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpGetResourcePolicy) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*GetResourcePolicyInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpGetResourcePolicyInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpGetSecretValue struct { -} - -func (*validateOpGetSecretValue) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpGetSecretValue) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*GetSecretValueInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpGetSecretValueInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpListSecretVersionIds struct { -} - -func (*validateOpListSecretVersionIds) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpListSecretVersionIds) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*ListSecretVersionIdsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpListSecretVersionIdsInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpPutResourcePolicy struct { -} - -func (*validateOpPutResourcePolicy) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpPutResourcePolicy) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*PutResourcePolicyInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpPutResourcePolicyInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpPutSecretValue struct { -} - -func (*validateOpPutSecretValue) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpPutSecretValue) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*PutSecretValueInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpPutSecretValueInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpRemoveRegionsFromReplication struct { -} - -func (*validateOpRemoveRegionsFromReplication) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpRemoveRegionsFromReplication) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*RemoveRegionsFromReplicationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpRemoveRegionsFromReplicationInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpReplicateSecretToRegions struct { -} - -func (*validateOpReplicateSecretToRegions) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpReplicateSecretToRegions) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*ReplicateSecretToRegionsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpReplicateSecretToRegionsInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpRestoreSecret struct { -} - -func (*validateOpRestoreSecret) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpRestoreSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*RestoreSecretInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpRestoreSecretInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpRotateSecret struct { -} - -func (*validateOpRotateSecret) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpRotateSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*RotateSecretInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpRotateSecretInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpStopReplicationToReplica struct { -} - -func (*validateOpStopReplicationToReplica) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpStopReplicationToReplica) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*StopReplicationToReplicaInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpStopReplicationToReplicaInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpTagResource struct { -} - -func (*validateOpTagResource) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpTagResource) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*TagResourceInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpTagResourceInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpUntagResource struct { -} - -func (*validateOpUntagResource) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpUntagResource) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*UntagResourceInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpUntagResourceInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpUpdateSecret struct { -} - -func (*validateOpUpdateSecret) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpUpdateSecret) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*UpdateSecretInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpUpdateSecretInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpUpdateSecretVersionStage struct { -} - -func (*validateOpUpdateSecretVersionStage) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpUpdateSecretVersionStage) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*UpdateSecretVersionStageInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpUpdateSecretVersionStageInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpValidateResourcePolicy struct { -} - -func (*validateOpValidateResourcePolicy) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpValidateResourcePolicy) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*ValidateResourcePolicyInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpValidateResourcePolicyInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -func addOpCancelRotateSecretValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpCancelRotateSecret{}, middleware.After) -} - -func addOpCreateSecretValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpCreateSecret{}, middleware.After) -} - -func addOpDeleteResourcePolicyValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpDeleteResourcePolicy{}, middleware.After) -} - -func addOpDeleteSecretValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpDeleteSecret{}, middleware.After) -} - -func addOpDescribeSecretValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpDescribeSecret{}, middleware.After) -} - -func addOpGetResourcePolicyValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpGetResourcePolicy{}, middleware.After) -} - -func addOpGetSecretValueValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpGetSecretValue{}, middleware.After) -} - -func addOpListSecretVersionIdsValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpListSecretVersionIds{}, middleware.After) -} - -func addOpPutResourcePolicyValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpPutResourcePolicy{}, middleware.After) -} - -func addOpPutSecretValueValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpPutSecretValue{}, middleware.After) -} - -func addOpRemoveRegionsFromReplicationValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpRemoveRegionsFromReplication{}, middleware.After) -} - -func addOpReplicateSecretToRegionsValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpReplicateSecretToRegions{}, middleware.After) -} - -func addOpRestoreSecretValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpRestoreSecret{}, middleware.After) -} - -func addOpRotateSecretValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpRotateSecret{}, middleware.After) -} - -func addOpStopReplicationToReplicaValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpStopReplicationToReplica{}, middleware.After) -} - -func addOpTagResourceValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpTagResource{}, middleware.After) -} - -func addOpUntagResourceValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpUntagResource{}, middleware.After) -} - -func addOpUpdateSecretValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpUpdateSecret{}, middleware.After) -} - -func addOpUpdateSecretVersionStageValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpUpdateSecretVersionStage{}, middleware.After) -} - -func addOpValidateResourcePolicyValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpValidateResourcePolicy{}, middleware.After) -} - -func validateOpCancelRotateSecretInput(v *CancelRotateSecretInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "CancelRotateSecretInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpCreateSecretInput(v *CreateSecretInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "CreateSecretInput"} - if v.Name == nil { - invalidParams.Add(smithy.NewErrParamRequired("Name")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpDeleteResourcePolicyInput(v *DeleteResourcePolicyInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "DeleteResourcePolicyInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpDeleteSecretInput(v *DeleteSecretInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "DeleteSecretInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpDescribeSecretInput(v *DescribeSecretInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "DescribeSecretInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpGetResourcePolicyInput(v *GetResourcePolicyInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "GetResourcePolicyInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpGetSecretValueInput(v *GetSecretValueInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "GetSecretValueInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpListSecretVersionIdsInput(v *ListSecretVersionIdsInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "ListSecretVersionIdsInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpPutResourcePolicyInput(v *PutResourcePolicyInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "PutResourcePolicyInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if v.ResourcePolicy == nil { - invalidParams.Add(smithy.NewErrParamRequired("ResourcePolicy")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpPutSecretValueInput(v *PutSecretValueInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "PutSecretValueInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpRemoveRegionsFromReplicationInput(v *RemoveRegionsFromReplicationInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "RemoveRegionsFromReplicationInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if v.RemoveReplicaRegions == nil { - invalidParams.Add(smithy.NewErrParamRequired("RemoveReplicaRegions")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpReplicateSecretToRegionsInput(v *ReplicateSecretToRegionsInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "ReplicateSecretToRegionsInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if v.AddReplicaRegions == nil { - invalidParams.Add(smithy.NewErrParamRequired("AddReplicaRegions")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpRestoreSecretInput(v *RestoreSecretInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "RestoreSecretInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpRotateSecretInput(v *RotateSecretInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "RotateSecretInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpStopReplicationToReplicaInput(v *StopReplicationToReplicaInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "StopReplicationToReplicaInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpTagResourceInput(v *TagResourceInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "TagResourceInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if v.Tags == nil { - invalidParams.Add(smithy.NewErrParamRequired("Tags")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpUntagResourceInput(v *UntagResourceInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "UntagResourceInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if v.TagKeys == nil { - invalidParams.Add(smithy.NewErrParamRequired("TagKeys")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpUpdateSecretInput(v *UpdateSecretInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "UpdateSecretInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpUpdateSecretVersionStageInput(v *UpdateSecretVersionStageInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "UpdateSecretVersionStageInput"} - if v.SecretId == nil { - invalidParams.Add(smithy.NewErrParamRequired("SecretId")) - } - if v.VersionStage == nil { - invalidParams.Add(smithy.NewErrParamRequired("VersionStage")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpValidateResourcePolicyInput(v *ValidateResourcePolicyInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "ValidateResourcePolicyInput"} - if v.ResourcePolicy == nil { - invalidParams.Add(smithy.NewErrParamRequired("ResourcePolicy")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md deleted file mode 100644 index 957c0c94..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md +++ /dev/null @@ -1,594 +0,0 @@ -# v1.25.1 (2025-03-04.2) - -* **Bug Fix**: Add assurance test for operation order. - -# v1.25.0 (2025-02-27) - -* **Feature**: Track credential providers via User-Agent Feature ids -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.16 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.15 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.14 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.13 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.12 (2025-01-24) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.24.11 (2025-01-17) - -* **Bug Fix**: Fix bug where credentials weren't refreshed during retry loop. - -# v1.24.10 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.9 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.8 (2024-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.7 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.6 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.5 (2024-11-07) - -* **Bug Fix**: Adds case-insensitive handling of error message fields in service responses - -# v1.24.4 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.3 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.2 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.1 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.0 (2024-10-04) - -* **Feature**: Add support for HTTP client metrics. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.4 (2024-10-03) - -* No change notes available for this release. - -# v1.23.3 (2024-09-27) - -* No change notes available for this release. - -# v1.23.2 (2024-09-25) - -* No change notes available for this release. - -# v1.23.1 (2024-09-23) - -* No change notes available for this release. - -# v1.23.0 (2024-09-20) - -* **Feature**: Add tracing and metrics support to service clients. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.8 (2024-09-17) - -* **Bug Fix**: **BREAKFIX**: Only generate AccountIDEndpointMode config for services that use it. This is a compiler break, but removes no actual functionality, as no services currently use the account ID in endpoint resolution. - -# v1.22.7 (2024-09-04) - -* No change notes available for this release. - -# v1.22.6 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.5 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.4 (2024-07-18) - -* No change notes available for this release. - -# v1.22.3 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.2 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.1 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.0 (2024-06-26) - -* **Feature**: Support list-of-string endpoint parameter. - -# v1.21.1 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.0 (2024-06-18) - -* **Feature**: Track usage of various AWS SDK features in user-agent string. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.12 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.11 (2024-06-07) - -* **Bug Fix**: Add clock skew correction on all service clients -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.10 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.9 (2024-05-23) - -* No change notes available for this release. - -# v1.20.8 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.7 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.6 (2024-05-08) - -* **Bug Fix**: GoDoc improvement - -# v1.20.5 (2024-04-05) - -* No change notes available for this release. - -# v1.20.4 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.3 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.2 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.1 (2024-02-23) - -* **Bug Fix**: Move all common, SDK-side middleware stack ops into the service client module to prevent cross-module compatibility issues in the future. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.0 (2024-02-22) - -* **Feature**: Add middleware stack snapshot tests. - -# v1.19.2 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.1 (2024-02-20) - -* **Bug Fix**: When sourcing values for a service's `EndpointParameters`, the lack of a configured region (i.e. `options.Region == ""`) will now translate to a `nil` value for `EndpointParameters.Region` instead of a pointer to the empty string `""`. This will result in a much more explicit error when calling an operation instead of an obscure hostname lookup failure. - -# v1.19.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.7 (2024-01-18) - -* No change notes available for this release. - -# v1.18.6 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.5 (2023-12-08) - -* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein. - -# v1.18.4 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.3 (2023-12-06) - -* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously. - -# v1.18.2 (2023-12-01) - -* **Bug Fix**: Correct wrapping of errors in authentication workflow. -* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.1 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.0 (2023-11-29) - -* **Feature**: Expose Options() accessor on service clients. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.5 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.4 (2023-11-28) - -* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction. - -# v1.17.3 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.2 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.1 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.0 (2023-11-01) - -* **Feature**: Adds support for configured endpoints via environment variables and the AWS shared configuration file. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.2 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.1 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.0 (2023-10-02) - -* **Feature**: Fix FIPS Endpoints in aws-us-gov. - -# v1.14.1 (2023-09-22) - -* No change notes available for this release. - -# v1.14.0 (2023-09-18) - -* **Announcement**: [BREAKFIX] Change in MaxResults datatype from value to pointer type in cognito-sync service. -* **Feature**: Adds several endpoint ruleset changes across all models: smaller rulesets, removed non-unique regional endpoints, fixes FIPS and DualStack endpoints, and make region not required in SDK::Endpoint. Additional breakfix to cognito-sync field. - -# v1.13.6 (2023-08-31) - -* No change notes available for this release. - -# v1.13.5 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.4 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.3 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.2 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.1 (2023-08-01) - -* No change notes available for this release. - -# v1.13.0 (2023-07-31) - -* **Feature**: Adds support for smithy-modeled endpoint resolution. A new rules-based endpoint resolution will be added to the SDK which will supercede and deprecate existing endpoint resolution. Specifically, EndpointResolver will be deprecated while BaseEndpoint and EndpointResolverV2 will take its place. For more information, please see the Endpoints section in our Developer Guide. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.14 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.13 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.12 (2023-06-15) - -* No change notes available for this release. - -# v1.12.11 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.10 (2023-05-04) - -* No change notes available for this release. - -# v1.12.9 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.8 (2023-04-10) - -* No change notes available for this release. - -# v1.12.7 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.6 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.5 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.4 (2023-02-22) - -* **Bug Fix**: Prevent nil pointer dereference when retrieving error codes. - -# v1.12.3 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.2 (2023-02-15) - -* **Announcement**: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910. -* **Bug Fix**: Correct error type parsing for restJson services. - -# v1.12.1 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.0 (2023-01-05) - -* **Feature**: Add `ErrorCodeOverride` field to all error structs (aws/smithy-go#401). - -# v1.11.28 (2022-12-20) - -* No change notes available for this release. - -# v1.11.27 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.26 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.25 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.24 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.23 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.22 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.21 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.20 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.19 (2022-08-30) - -* **Documentation**: Documentation updates for the AWS IAM Identity Center Portal CLI Reference. - -# v1.11.18 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.17 (2022-08-15) - -* **Documentation**: Documentation updates to reflect service rename - AWS IAM Identity Center (successor to AWS Single Sign-On) - -# v1.11.16 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.15 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.14 (2022-08-08) - -* **Documentation**: Documentation updates to reflect service rename - AWS IAM Identity Center (successor to AWS Single Sign-On) -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.13 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.12 (2022-07-11) - -* No change notes available for this release. - -# v1.11.11 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.10 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.9 (2022-06-16) - -* No change notes available for this release. - -# v1.11.8 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.7 (2022-05-26) - -* No change notes available for this release. - -# v1.11.6 (2022-05-25) - -* No change notes available for this release. - -# v1.11.5 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.4 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.3 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.2 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.1 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.0 (2022-02-24) - -* **Feature**: API client updated -* **Feature**: Adds RetryMaxAttempts and RetryMod to API client Options. This allows the API clients' default Retryer to be configured from the shared configuration files or environment variables. Adding a new Retry mode of `Adaptive`. `Adaptive` retry mode is an experimental mode, adding client rate limiting when throttles reponses are received from an API. See [retry.AdaptiveMode](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/retry#AdaptiveMode) for more details, and configuration options. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Documentation**: Updated API models -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.0 (2022-01-07) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.0 (2021-12-21) - -* **Feature**: API Paginators now support specifying the initial starting token, and support stopping on empty string tokens. - -# v1.6.2 (2021-12-02) - -* **Bug Fix**: Fixes a bug that prevented aws.EndpointResolverWithOptions from being used by the service client. ([#1514](https://github.com/aws/aws-sdk-go-v2/pull/1514)) -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.0 (2021-11-06) - -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Feature**: Updated service to latest API model. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.0 (2021-10-21) - -* **Feature**: Updated to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.2 (2021-10-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.1 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.0 (2021-08-27) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.3 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.2 (2021-08-04) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.1 (2021-07-15) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2021-06-25) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.1 (2021-05-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_client.go deleted file mode 100644 index 9f10e65a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_client.go +++ /dev/null @@ -1,943 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/defaults" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/retry" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" - internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - smithydocument "github.com/aws/smithy-go/document" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net" - "net/http" - "sync/atomic" - "time" -) - -const ServiceID = "SSO" -const ServiceAPIVersion = "2019-06-10" - -type operationMetrics struct { - Duration metrics.Float64Histogram - SerializeDuration metrics.Float64Histogram - ResolveIdentityDuration metrics.Float64Histogram - ResolveEndpointDuration metrics.Float64Histogram - SignRequestDuration metrics.Float64Histogram - DeserializeDuration metrics.Float64Histogram -} - -func (m *operationMetrics) histogramFor(name string) metrics.Float64Histogram { - switch name { - case "client.call.duration": - return m.Duration - case "client.call.serialization_duration": - return m.SerializeDuration - case "client.call.resolve_identity_duration": - return m.ResolveIdentityDuration - case "client.call.resolve_endpoint_duration": - return m.ResolveEndpointDuration - case "client.call.signing_duration": - return m.SignRequestDuration - case "client.call.deserialization_duration": - return m.DeserializeDuration - default: - panic("unrecognized operation metric") - } -} - -func timeOperationMetric[T any]( - ctx context.Context, metric string, fn func() (T, error), - opts ...metrics.RecordMetricOption, -) (T, error) { - instr := getOperationMetrics(ctx).histogramFor(metric) - opts = append([]metrics.RecordMetricOption{withOperationMetadata(ctx)}, opts...) - - start := time.Now() - v, err := fn() - end := time.Now() - - elapsed := end.Sub(start) - instr.Record(ctx, float64(elapsed)/1e9, opts...) - return v, err -} - -func startMetricTimer(ctx context.Context, metric string, opts ...metrics.RecordMetricOption) func() { - instr := getOperationMetrics(ctx).histogramFor(metric) - opts = append([]metrics.RecordMetricOption{withOperationMetadata(ctx)}, opts...) - - var ended bool - start := time.Now() - return func() { - if ended { - return - } - ended = true - - end := time.Now() - - elapsed := end.Sub(start) - instr.Record(ctx, float64(elapsed)/1e9, opts...) - } -} - -func withOperationMetadata(ctx context.Context) metrics.RecordMetricOption { - return func(o *metrics.RecordMetricOptions) { - o.Properties.Set("rpc.service", middleware.GetServiceID(ctx)) - o.Properties.Set("rpc.method", middleware.GetOperationName(ctx)) - } -} - -type operationMetricsKey struct{} - -func withOperationMetrics(parent context.Context, mp metrics.MeterProvider) (context.Context, error) { - meter := mp.Meter("github.com/aws/aws-sdk-go-v2/service/sso") - om := &operationMetrics{} - - var err error - - om.Duration, err = operationMetricTimer(meter, "client.call.duration", - "Overall call duration (including retries and time to send or receive request and response body)") - if err != nil { - return nil, err - } - om.SerializeDuration, err = operationMetricTimer(meter, "client.call.serialization_duration", - "The time it takes to serialize a message body") - if err != nil { - return nil, err - } - om.ResolveIdentityDuration, err = operationMetricTimer(meter, "client.call.auth.resolve_identity_duration", - "The time taken to acquire an identity (AWS credentials, bearer token, etc) from an Identity Provider") - if err != nil { - return nil, err - } - om.ResolveEndpointDuration, err = operationMetricTimer(meter, "client.call.resolve_endpoint_duration", - "The time it takes to resolve an endpoint (endpoint resolver, not DNS) for the request") - if err != nil { - return nil, err - } - om.SignRequestDuration, err = operationMetricTimer(meter, "client.call.auth.signing_duration", - "The time it takes to sign a request") - if err != nil { - return nil, err - } - om.DeserializeDuration, err = operationMetricTimer(meter, "client.call.deserialization_duration", - "The time it takes to deserialize a message body") - if err != nil { - return nil, err - } - - return context.WithValue(parent, operationMetricsKey{}, om), nil -} - -func operationMetricTimer(m metrics.Meter, name, desc string) (metrics.Float64Histogram, error) { - return m.Float64Histogram(name, func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = desc - }) -} - -func getOperationMetrics(ctx context.Context) *operationMetrics { - return ctx.Value(operationMetricsKey{}).(*operationMetrics) -} - -func operationTracer(p tracing.TracerProvider) tracing.Tracer { - return p.Tracer("github.com/aws/aws-sdk-go-v2/service/sso") -} - -// Client provides the API client to make operations call for AWS Single Sign-On. -type Client struct { - options Options - - // Difference between the time reported by the server and the client - timeOffset *atomic.Int64 -} - -// New returns an initialized Client based on the functional options. Provide -// additional functional options to further configure the behavior of the client, -// such as changing the client's endpoint or adding custom middleware behavior. -func New(options Options, optFns ...func(*Options)) *Client { - options = options.Copy() - - resolveDefaultLogger(&options) - - setResolvedDefaultsMode(&options) - - resolveRetryer(&options) - - resolveHTTPClient(&options) - - resolveHTTPSignerV4(&options) - - resolveEndpointResolverV2(&options) - - resolveTracerProvider(&options) - - resolveMeterProvider(&options) - - resolveAuthSchemeResolver(&options) - - for _, fn := range optFns { - fn(&options) - } - - finalizeRetryMaxAttempts(&options) - - ignoreAnonymousAuth(&options) - - wrapWithAnonymousAuth(&options) - - resolveAuthSchemes(&options) - - client := &Client{ - options: options, - } - - initializeTimeOffsetResolver(client) - - return client -} - -// Options returns a copy of the client configuration. -// -// Callers SHOULD NOT perform mutations on any inner structures within client -// config. Config overrides should instead be made on a per-operation basis through -// functional options. -func (c *Client) Options() Options { - return c.options.Copy() -} - -func (c *Client) invokeOperation( - ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error, -) ( - result interface{}, metadata middleware.Metadata, err error, -) { - ctx = middleware.ClearStackValues(ctx) - ctx = middleware.WithServiceID(ctx, ServiceID) - ctx = middleware.WithOperationName(ctx, opID) - - stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) - options := c.options.Copy() - - for _, fn := range optFns { - fn(&options) - } - - finalizeOperationRetryMaxAttempts(&options, *c) - - finalizeClientEndpointResolverOptions(&options) - - for _, fn := range stackFns { - if err := fn(stack, options); err != nil { - return nil, metadata, err - } - } - - for _, fn := range options.APIOptions { - if err := fn(stack); err != nil { - return nil, metadata, err - } - } - - ctx, err = withOperationMetrics(ctx, options.MeterProvider) - if err != nil { - return nil, metadata, err - } - - tracer := operationTracer(options.TracerProvider) - spanName := fmt.Sprintf("%s.%s", ServiceID, opID) - - ctx = tracing.WithOperationTracer(ctx, tracer) - - ctx, span := tracer.StartSpan(ctx, spanName, func(o *tracing.SpanOptions) { - o.Kind = tracing.SpanKindClient - o.Properties.Set("rpc.system", "aws-api") - o.Properties.Set("rpc.method", opID) - o.Properties.Set("rpc.service", ServiceID) - }) - endTimer := startMetricTimer(ctx, "client.call.duration") - defer endTimer() - defer span.End() - - handler := smithyhttp.NewClientHandlerWithOptions(options.HTTPClient, func(o *smithyhttp.ClientHandler) { - o.Meter = options.MeterProvider.Meter("github.com/aws/aws-sdk-go-v2/service/sso") - }) - decorated := middleware.DecorateHandler(handler, stack) - result, metadata, err = decorated.Handle(ctx, params) - if err != nil { - span.SetProperty("exception.type", fmt.Sprintf("%T", err)) - span.SetProperty("exception.message", err.Error()) - - var aerr smithy.APIError - if errors.As(err, &aerr) { - span.SetProperty("api.error_code", aerr.ErrorCode()) - span.SetProperty("api.error_message", aerr.ErrorMessage()) - span.SetProperty("api.error_fault", aerr.ErrorFault().String()) - } - - err = &smithy.OperationError{ - ServiceID: ServiceID, - OperationName: opID, - Err: err, - } - } - - span.SetProperty("error", err != nil) - if err == nil { - span.SetStatus(tracing.SpanStatusOK) - } else { - span.SetStatus(tracing.SpanStatusError) - } - - return result, metadata, err -} - -type operationInputKey struct{} - -func setOperationInput(ctx context.Context, input interface{}) context.Context { - return middleware.WithStackValue(ctx, operationInputKey{}, input) -} - -func getOperationInput(ctx context.Context) interface{} { - return middleware.GetStackValue(ctx, operationInputKey{}) -} - -type setOperationInputMiddleware struct { -} - -func (*setOperationInputMiddleware) ID() string { - return "setOperationInput" -} - -func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - ctx = setOperationInput(ctx, in.Parameters) - return next.HandleSerialize(ctx, in) -} - -func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { - if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { - return fmt.Errorf("add ResolveAuthScheme: %w", err) - } - if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { - return fmt.Errorf("add GetIdentity: %v", err) - } - if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { - return fmt.Errorf("add ResolveEndpointV2: %v", err) - } - if err := stack.Finalize.Insert(&signRequestMiddleware{options: options}, "ResolveEndpointV2", middleware.After); err != nil { - return fmt.Errorf("add Signing: %w", err) - } - return nil -} -func resolveAuthSchemeResolver(options *Options) { - if options.AuthSchemeResolver == nil { - options.AuthSchemeResolver = &defaultAuthSchemeResolver{} - } -} - -func resolveAuthSchemes(options *Options) { - if options.AuthSchemes == nil { - options.AuthSchemes = []smithyhttp.AuthScheme{ - internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ - Signer: options.HTTPSignerV4, - Logger: options.Logger, - LogSigning: options.ClientLogMode.IsSigning(), - }), - } - } -} - -type noSmithyDocumentSerde = smithydocument.NoSerde - -type legacyEndpointContextSetter struct { - LegacyResolver EndpointResolver -} - -func (*legacyEndpointContextSetter) ID() string { - return "legacyEndpointContextSetter" -} - -func (m *legacyEndpointContextSetter) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.LegacyResolver != nil { - ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, true) - } - - return next.HandleInitialize(ctx, in) - -} -func addlegacyEndpointContextSetter(stack *middleware.Stack, o Options) error { - return stack.Initialize.Add(&legacyEndpointContextSetter{ - LegacyResolver: o.EndpointResolver, - }, middleware.Before) -} - -func resolveDefaultLogger(o *Options) { - if o.Logger != nil { - return - } - o.Logger = logging.Nop{} -} - -func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error { - return middleware.AddSetLoggerMiddleware(stack, o.Logger) -} - -func setResolvedDefaultsMode(o *Options) { - if len(o.resolvedDefaultsMode) > 0 { - return - } - - var mode aws.DefaultsMode - mode.SetFromString(string(o.DefaultsMode)) - - if mode == aws.DefaultsModeAuto { - mode = defaults.ResolveDefaultsModeAuto(o.Region, o.RuntimeEnvironment) - } - - o.resolvedDefaultsMode = mode -} - -// NewFromConfig returns a new client from the provided config. -func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { - opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - } - resolveAWSRetryerProvider(cfg, &opts) - resolveAWSRetryMaxAttempts(cfg, &opts) - resolveAWSRetryMode(cfg, &opts) - resolveAWSEndpointResolver(cfg, &opts) - resolveUseDualStackEndpoint(cfg, &opts) - resolveUseFIPSEndpoint(cfg, &opts) - resolveBaseEndpoint(cfg, &opts) - return New(opts, optFns...) -} - -func resolveHTTPClient(o *Options) { - var buildable *awshttp.BuildableClient - - if o.HTTPClient != nil { - var ok bool - buildable, ok = o.HTTPClient.(*awshttp.BuildableClient) - if !ok { - return - } - } else { - buildable = awshttp.NewBuildableClient() - } - - modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) - if err == nil { - buildable = buildable.WithDialerOptions(func(dialer *net.Dialer) { - if dialerTimeout, ok := modeConfig.GetConnectTimeout(); ok { - dialer.Timeout = dialerTimeout - } - }) - - buildable = buildable.WithTransportOptions(func(transport *http.Transport) { - if tlsHandshakeTimeout, ok := modeConfig.GetTLSNegotiationTimeout(); ok { - transport.TLSHandshakeTimeout = tlsHandshakeTimeout - } - }) - } - - o.HTTPClient = buildable -} - -func resolveRetryer(o *Options) { - if o.Retryer != nil { - return - } - - if len(o.RetryMode) == 0 { - modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) - if err == nil { - o.RetryMode = modeConfig.RetryMode - } - } - if len(o.RetryMode) == 0 { - o.RetryMode = aws.RetryModeStandard - } - - var standardOptions []func(*retry.StandardOptions) - if v := o.RetryMaxAttempts; v != 0 { - standardOptions = append(standardOptions, func(so *retry.StandardOptions) { - so.MaxAttempts = v - }) - } - - switch o.RetryMode { - case aws.RetryModeAdaptive: - var adaptiveOptions []func(*retry.AdaptiveModeOptions) - if len(standardOptions) != 0 { - adaptiveOptions = append(adaptiveOptions, func(ao *retry.AdaptiveModeOptions) { - ao.StandardOptions = append(ao.StandardOptions, standardOptions...) - }) - } - o.Retryer = retry.NewAdaptiveMode(adaptiveOptions...) - - default: - o.Retryer = retry.NewStandard(standardOptions...) - } -} - -func resolveAWSRetryerProvider(cfg aws.Config, o *Options) { - if cfg.Retryer == nil { - return - } - o.Retryer = cfg.Retryer() -} - -func resolveAWSRetryMode(cfg aws.Config, o *Options) { - if len(cfg.RetryMode) == 0 { - return - } - o.RetryMode = cfg.RetryMode -} -func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { - if cfg.RetryMaxAttempts == 0 { - return - } - o.RetryMaxAttempts = cfg.RetryMaxAttempts -} - -func finalizeRetryMaxAttempts(o *Options) { - if o.RetryMaxAttempts == 0 { - return - } - - o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) -} - -func finalizeOperationRetryMaxAttempts(o *Options, client Client) { - if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { - return - } - - o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) -} - -func resolveAWSEndpointResolver(cfg aws.Config, o *Options) { - if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil { - return - } - o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions) -} - -func addClientUserAgent(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "sso", goModuleVersion) - if len(options.AppID) > 0 { - ua.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID) - } - - return nil -} - -func getOrAddRequestUserAgent(stack *middleware.Stack) (*awsmiddleware.RequestUserAgent, error) { - id := (*awsmiddleware.RequestUserAgent)(nil).ID() - mw, ok := stack.Build.Get(id) - if !ok { - mw = awsmiddleware.NewRequestUserAgent() - if err := stack.Build.Add(mw, middleware.After); err != nil { - return nil, err - } - } - - ua, ok := mw.(*awsmiddleware.RequestUserAgent) - if !ok { - return nil, fmt.Errorf("%T for %s middleware did not match expected type", mw, id) - } - - return ua, nil -} - -type HTTPSignerV4 interface { - SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error -} - -func resolveHTTPSignerV4(o *Options) { - if o.HTTPSignerV4 != nil { - return - } - o.HTTPSignerV4 = newDefaultV4Signer(*o) -} - -func newDefaultV4Signer(o Options) *v4.Signer { - return v4.NewSigner(func(so *v4.SignerOptions) { - so.Logger = o.Logger - so.LogSigning = o.ClientLogMode.IsSigning() - }) -} - -func addClientRequestID(stack *middleware.Stack) error { - return stack.Build.Add(&awsmiddleware.ClientRequestID{}, middleware.After) -} - -func addComputeContentLength(stack *middleware.Stack) error { - return stack.Build.Add(&smithyhttp.ComputeContentLength{}, middleware.After) -} - -func addRawResponseToMetadata(stack *middleware.Stack) error { - return stack.Deserialize.Add(&awsmiddleware.AddRawResponse{}, middleware.Before) -} - -func addRecordResponseTiming(stack *middleware.Stack) error { - return stack.Deserialize.Add(&awsmiddleware.RecordResponseTiming{}, middleware.After) -} - -func addSpanRetryLoop(stack *middleware.Stack, options Options) error { - return stack.Finalize.Insert(&spanRetryLoop{options: options}, "Retry", middleware.Before) -} - -type spanRetryLoop struct { - options Options -} - -func (*spanRetryLoop) ID() string { - return "spanRetryLoop" -} - -func (m *spanRetryLoop) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - middleware.FinalizeOutput, middleware.Metadata, error, -) { - tracer := operationTracer(m.options.TracerProvider) - ctx, span := tracer.StartSpan(ctx, "RetryLoop") - defer span.End() - - return next.HandleFinalize(ctx, in) -} -func addStreamingEventsPayload(stack *middleware.Stack) error { - return stack.Finalize.Add(&v4.StreamingEventsPayload{}, middleware.Before) -} - -func addUnsignedPayload(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.UnsignedPayload{}, "ResolveEndpointV2", middleware.After) -} - -func addComputePayloadSHA256(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After) -} - -func addContentSHA256Header(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.ContentSHA256Header{}, (*v4.ComputePayloadSHA256)(nil).ID(), middleware.After) -} - -func addIsWaiterUserAgent(o *Options) { - o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureWaiter) - return nil - }) -} - -func addIsPaginatorUserAgent(o *Options) { - o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeaturePaginator) - return nil - }) -} - -func addRetry(stack *middleware.Stack, o Options) error { - attempt := retry.NewAttemptMiddleware(o.Retryer, smithyhttp.RequestCloner, func(m *retry.Attempt) { - m.LogAttempts = o.ClientLogMode.IsRetries() - m.OperationMeter = o.MeterProvider.Meter("github.com/aws/aws-sdk-go-v2/service/sso") - }) - if err := stack.Finalize.Insert(attempt, "ResolveAuthScheme", middleware.Before); err != nil { - return err - } - if err := stack.Finalize.Insert(&retry.MetricsHeader{}, attempt.ID(), middleware.After); err != nil { - return err - } - return nil -} - -// resolves dual-stack endpoint configuration -func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error { - if len(cfg.ConfigSources) == 0 { - return nil - } - value, found, err := internalConfig.ResolveUseDualStackEndpoint(context.Background(), cfg.ConfigSources) - if err != nil { - return err - } - if found { - o.EndpointOptions.UseDualStackEndpoint = value - } - return nil -} - -// resolves FIPS endpoint configuration -func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { - if len(cfg.ConfigSources) == 0 { - return nil - } - value, found, err := internalConfig.ResolveUseFIPSEndpoint(context.Background(), cfg.ConfigSources) - if err != nil { - return err - } - if found { - o.EndpointOptions.UseFIPSEndpoint = value - } - return nil -} - -func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { - if mode == aws.AccountIDEndpointModeDisabled { - return nil - } - - if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { - return aws.String(ca.Credentials.AccountID) - } - - return nil -} - -func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { - mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} - if err := stack.Build.Add(&mw, middleware.After); err != nil { - return err - } - return stack.Deserialize.Insert(&mw, "RecordResponseTiming", middleware.Before) -} -func initializeTimeOffsetResolver(c *Client) { - c.timeOffset = new(atomic.Int64) -} - -func addUserAgentRetryMode(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - switch options.Retryer.(type) { - case *retry.Standard: - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeStandard) - case *retry.AdaptiveMode: - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeAdaptive) - } - return nil -} - -type setCredentialSourceMiddleware struct { - ua *awsmiddleware.RequestUserAgent - options Options -} - -func (m setCredentialSourceMiddleware) ID() string { return "SetCredentialSourceMiddleware" } - -func (m setCredentialSourceMiddleware) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - asProviderSource, ok := m.options.Credentials.(aws.CredentialProviderSource) - if !ok { - return next.HandleBuild(ctx, in) - } - providerSources := asProviderSource.ProviderSources() - for _, source := range providerSources { - m.ua.AddCredentialsSource(source) - } - return next.HandleBuild(ctx, in) -} - -func addCredentialSource(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - mw := setCredentialSourceMiddleware{ua: ua, options: options} - return stack.Build.Insert(&mw, "UserAgent", middleware.Before) -} - -func resolveTracerProvider(options *Options) { - if options.TracerProvider == nil { - options.TracerProvider = &tracing.NopTracerProvider{} - } -} - -func resolveMeterProvider(options *Options) { - if options.MeterProvider == nil { - options.MeterProvider = metrics.NopMeterProvider{} - } -} - -func addRecursionDetection(stack *middleware.Stack) error { - return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) -} - -func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&awsmiddleware.RequestIDRetriever{}, "OperationDeserializer", middleware.Before) - -} - -func addResponseErrorMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&awshttp.ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before) - -} - -func addRequestResponseLogging(stack *middleware.Stack, o Options) error { - return stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{ - LogRequest: o.ClientLogMode.IsRequest(), - LogRequestWithBody: o.ClientLogMode.IsRequestWithBody(), - LogResponse: o.ClientLogMode.IsResponse(), - LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(), - }, middleware.After) -} - -type disableHTTPSMiddleware struct { - DisableHTTPS bool -} - -func (*disableHTTPSMiddleware) ID() string { - return "disableHTTPS" -} - -func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { - req.URL.Scheme = "http" - } - - return next.HandleFinalize(ctx, in) -} - -func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { - return stack.Finalize.Insert(&disableHTTPSMiddleware{ - DisableHTTPS: o.EndpointOptions.DisableHTTPS, - }, "ResolveEndpointV2", middleware.After) -} - -type spanInitializeStart struct { -} - -func (*spanInitializeStart) ID() string { - return "spanInitializeStart" -} - -func (m *spanInitializeStart) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - middleware.InitializeOutput, middleware.Metadata, error, -) { - ctx, _ = tracing.StartSpan(ctx, "Initialize") - - return next.HandleInitialize(ctx, in) -} - -type spanInitializeEnd struct { -} - -func (*spanInitializeEnd) ID() string { - return "spanInitializeEnd" -} - -func (m *spanInitializeEnd) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - middleware.InitializeOutput, middleware.Metadata, error, -) { - ctx, span := tracing.PopSpan(ctx) - span.End() - - return next.HandleInitialize(ctx, in) -} - -type spanBuildRequestStart struct { -} - -func (*spanBuildRequestStart) ID() string { - return "spanBuildRequestStart" -} - -func (m *spanBuildRequestStart) HandleSerialize( - ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, -) ( - middleware.SerializeOutput, middleware.Metadata, error, -) { - ctx, _ = tracing.StartSpan(ctx, "BuildRequest") - - return next.HandleSerialize(ctx, in) -} - -type spanBuildRequestEnd struct { -} - -func (*spanBuildRequestEnd) ID() string { - return "spanBuildRequestEnd" -} - -func (m *spanBuildRequestEnd) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, -) ( - middleware.BuildOutput, middleware.Metadata, error, -) { - ctx, span := tracing.PopSpan(ctx) - span.End() - - return next.HandleBuild(ctx, in) -} - -func addSpanInitializeStart(stack *middleware.Stack) error { - return stack.Initialize.Add(&spanInitializeStart{}, middleware.Before) -} - -func addSpanInitializeEnd(stack *middleware.Stack) error { - return stack.Initialize.Add(&spanInitializeEnd{}, middleware.After) -} - -func addSpanBuildRequestStart(stack *middleware.Stack) error { - return stack.Serialize.Add(&spanBuildRequestStart{}, middleware.Before) -} - -func addSpanBuildRequestEnd(stack *middleware.Stack) error { - return stack.Build.Add(&spanBuildRequestEnd{}, middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_GetRoleCredentials.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_GetRoleCredentials.go deleted file mode 100644 index b8031eee..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_GetRoleCredentials.go +++ /dev/null @@ -1,171 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/sso/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns the STS short-term credentials for a given role name that is assigned -// to the user. -func (c *Client) GetRoleCredentials(ctx context.Context, params *GetRoleCredentialsInput, optFns ...func(*Options)) (*GetRoleCredentialsOutput, error) { - if params == nil { - params = &GetRoleCredentialsInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetRoleCredentials", params, optFns, c.addOperationGetRoleCredentialsMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*GetRoleCredentialsOutput) - out.ResultMetadata = metadata - return out, nil -} - -type GetRoleCredentialsInput struct { - - // The token issued by the CreateToken API call. For more information, see [CreateToken] in the - // IAM Identity Center OIDC API Reference Guide. - // - // [CreateToken]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html - // - // This member is required. - AccessToken *string - - // The identifier for the AWS account that is assigned to the user. - // - // This member is required. - AccountId *string - - // The friendly name of the role that is assigned to the user. - // - // This member is required. - RoleName *string - - noSmithyDocumentSerde -} - -type GetRoleCredentialsOutput struct { - - // The credentials for the role that is assigned to the user. - RoleCredentials *types.RoleCredentials - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationGetRoleCredentialsMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsRestjson1_serializeOpGetRoleCredentials{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsRestjson1_deserializeOpGetRoleCredentials{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "GetRoleCredentials"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpGetRoleCredentialsValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetRoleCredentials(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opGetRoleCredentials(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "GetRoleCredentials", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccountRoles.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccountRoles.go deleted file mode 100644 index 4294e4d3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccountRoles.go +++ /dev/null @@ -1,269 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/sso/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Lists all roles that are assigned to the user for a given AWS account. -func (c *Client) ListAccountRoles(ctx context.Context, params *ListAccountRolesInput, optFns ...func(*Options)) (*ListAccountRolesOutput, error) { - if params == nil { - params = &ListAccountRolesInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "ListAccountRoles", params, optFns, c.addOperationListAccountRolesMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*ListAccountRolesOutput) - out.ResultMetadata = metadata - return out, nil -} - -type ListAccountRolesInput struct { - - // The token issued by the CreateToken API call. For more information, see [CreateToken] in the - // IAM Identity Center OIDC API Reference Guide. - // - // [CreateToken]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html - // - // This member is required. - AccessToken *string - - // The identifier for the AWS account that is assigned to the user. - // - // This member is required. - AccountId *string - - // The number of items that clients can request per page. - MaxResults *int32 - - // The page token from the previous response output when you request subsequent - // pages. - NextToken *string - - noSmithyDocumentSerde -} - -type ListAccountRolesOutput struct { - - // The page token client that is used to retrieve the list of accounts. - NextToken *string - - // A paginated response with the list of roles and the next token if more results - // are available. - RoleList []types.RoleInfo - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationListAccountRolesMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsRestjson1_serializeOpListAccountRoles{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsRestjson1_deserializeOpListAccountRoles{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "ListAccountRoles"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpListAccountRolesValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListAccountRoles(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -// ListAccountRolesPaginatorOptions is the paginator options for ListAccountRoles -type ListAccountRolesPaginatorOptions struct { - // The number of items that clients can request per page. - Limit int32 - - // Set to true if pagination should stop if the service returns a pagination token - // that matches the most recent token provided to the service. - StopOnDuplicateToken bool -} - -// ListAccountRolesPaginator is a paginator for ListAccountRoles -type ListAccountRolesPaginator struct { - options ListAccountRolesPaginatorOptions - client ListAccountRolesAPIClient - params *ListAccountRolesInput - nextToken *string - firstPage bool -} - -// NewListAccountRolesPaginator returns a new ListAccountRolesPaginator -func NewListAccountRolesPaginator(client ListAccountRolesAPIClient, params *ListAccountRolesInput, optFns ...func(*ListAccountRolesPaginatorOptions)) *ListAccountRolesPaginator { - if params == nil { - params = &ListAccountRolesInput{} - } - - options := ListAccountRolesPaginatorOptions{} - if params.MaxResults != nil { - options.Limit = *params.MaxResults - } - - for _, fn := range optFns { - fn(&options) - } - - return &ListAccountRolesPaginator{ - options: options, - client: client, - params: params, - firstPage: true, - nextToken: params.NextToken, - } -} - -// HasMorePages returns a boolean indicating whether more pages are available -func (p *ListAccountRolesPaginator) HasMorePages() bool { - return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) -} - -// NextPage retrieves the next ListAccountRoles page. -func (p *ListAccountRolesPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListAccountRolesOutput, error) { - if !p.HasMorePages() { - return nil, fmt.Errorf("no more pages available") - } - - params := *p.params - params.NextToken = p.nextToken - - var limit *int32 - if p.options.Limit > 0 { - limit = &p.options.Limit - } - params.MaxResults = limit - - optFns = append([]func(*Options){ - addIsPaginatorUserAgent, - }, optFns...) - result, err := p.client.ListAccountRoles(ctx, ¶ms, optFns...) - if err != nil { - return nil, err - } - p.firstPage = false - - prevToken := p.nextToken - p.nextToken = result.NextToken - - if p.options.StopOnDuplicateToken && - prevToken != nil && - p.nextToken != nil && - *prevToken == *p.nextToken { - p.nextToken = nil - } - - return result, nil -} - -// ListAccountRolesAPIClient is a client that implements the ListAccountRoles -// operation. -type ListAccountRolesAPIClient interface { - ListAccountRoles(context.Context, *ListAccountRolesInput, ...func(*Options)) (*ListAccountRolesOutput, error) -} - -var _ ListAccountRolesAPIClient = (*Client)(nil) - -func newServiceMetadataMiddleware_opListAccountRoles(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "ListAccountRoles", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccounts.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccounts.go deleted file mode 100644 index 1db72a99..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_ListAccounts.go +++ /dev/null @@ -1,267 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/sso/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Lists all AWS accounts assigned to the user. These AWS accounts are assigned by -// the administrator of the account. For more information, see [Assign User Access]in the IAM Identity -// Center User Guide. This operation returns a paginated response. -// -// [Assign User Access]: https://docs.aws.amazon.com/singlesignon/latest/userguide/useraccess.html#assignusers -func (c *Client) ListAccounts(ctx context.Context, params *ListAccountsInput, optFns ...func(*Options)) (*ListAccountsOutput, error) { - if params == nil { - params = &ListAccountsInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "ListAccounts", params, optFns, c.addOperationListAccountsMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*ListAccountsOutput) - out.ResultMetadata = metadata - return out, nil -} - -type ListAccountsInput struct { - - // The token issued by the CreateToken API call. For more information, see [CreateToken] in the - // IAM Identity Center OIDC API Reference Guide. - // - // [CreateToken]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html - // - // This member is required. - AccessToken *string - - // This is the number of items clients can request per page. - MaxResults *int32 - - // (Optional) When requesting subsequent pages, this is the page token from the - // previous response output. - NextToken *string - - noSmithyDocumentSerde -} - -type ListAccountsOutput struct { - - // A paginated response with the list of account information and the next token if - // more results are available. - AccountList []types.AccountInfo - - // The page token client that is used to retrieve the list of accounts. - NextToken *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationListAccountsMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsRestjson1_serializeOpListAccounts{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsRestjson1_deserializeOpListAccounts{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "ListAccounts"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpListAccountsValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opListAccounts(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -// ListAccountsPaginatorOptions is the paginator options for ListAccounts -type ListAccountsPaginatorOptions struct { - // This is the number of items clients can request per page. - Limit int32 - - // Set to true if pagination should stop if the service returns a pagination token - // that matches the most recent token provided to the service. - StopOnDuplicateToken bool -} - -// ListAccountsPaginator is a paginator for ListAccounts -type ListAccountsPaginator struct { - options ListAccountsPaginatorOptions - client ListAccountsAPIClient - params *ListAccountsInput - nextToken *string - firstPage bool -} - -// NewListAccountsPaginator returns a new ListAccountsPaginator -func NewListAccountsPaginator(client ListAccountsAPIClient, params *ListAccountsInput, optFns ...func(*ListAccountsPaginatorOptions)) *ListAccountsPaginator { - if params == nil { - params = &ListAccountsInput{} - } - - options := ListAccountsPaginatorOptions{} - if params.MaxResults != nil { - options.Limit = *params.MaxResults - } - - for _, fn := range optFns { - fn(&options) - } - - return &ListAccountsPaginator{ - options: options, - client: client, - params: params, - firstPage: true, - nextToken: params.NextToken, - } -} - -// HasMorePages returns a boolean indicating whether more pages are available -func (p *ListAccountsPaginator) HasMorePages() bool { - return p.firstPage || (p.nextToken != nil && len(*p.nextToken) != 0) -} - -// NextPage retrieves the next ListAccounts page. -func (p *ListAccountsPaginator) NextPage(ctx context.Context, optFns ...func(*Options)) (*ListAccountsOutput, error) { - if !p.HasMorePages() { - return nil, fmt.Errorf("no more pages available") - } - - params := *p.params - params.NextToken = p.nextToken - - var limit *int32 - if p.options.Limit > 0 { - limit = &p.options.Limit - } - params.MaxResults = limit - - optFns = append([]func(*Options){ - addIsPaginatorUserAgent, - }, optFns...) - result, err := p.client.ListAccounts(ctx, ¶ms, optFns...) - if err != nil { - return nil, err - } - p.firstPage = false - - prevToken := p.nextToken - p.nextToken = result.NextToken - - if p.options.StopOnDuplicateToken && - prevToken != nil && - p.nextToken != nil && - *prevToken == *p.nextToken { - p.nextToken = nil - } - - return result, nil -} - -// ListAccountsAPIClient is a client that implements the ListAccounts operation. -type ListAccountsAPIClient interface { - ListAccounts(context.Context, *ListAccountsInput, ...func(*Options)) (*ListAccountsOutput, error) -} - -var _ ListAccountsAPIClient = (*Client)(nil) - -func newServiceMetadataMiddleware_opListAccounts(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "ListAccounts", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_Logout.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_Logout.go deleted file mode 100644 index 2ca66ca5..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/api_op_Logout.go +++ /dev/null @@ -1,170 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Removes the locally stored SSO tokens from the client-side cache and sends an -// API call to the IAM Identity Center service to invalidate the corresponding -// server-side IAM Identity Center sign in session. -// -// If a user uses IAM Identity Center to access the AWS CLI, the user’s IAM -// Identity Center sign in session is used to obtain an IAM session, as specified -// in the corresponding IAM Identity Center permission set. More specifically, IAM -// Identity Center assumes an IAM role in the target account on behalf of the user, -// and the corresponding temporary AWS credentials are returned to the client. -// -// After user logout, any existing IAM role sessions that were created by using -// IAM Identity Center permission sets continue based on the duration configured in -// the permission set. For more information, see [User authentications]in the IAM Identity Center User -// Guide. -// -// [User authentications]: https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html -func (c *Client) Logout(ctx context.Context, params *LogoutInput, optFns ...func(*Options)) (*LogoutOutput, error) { - if params == nil { - params = &LogoutInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "Logout", params, optFns, c.addOperationLogoutMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*LogoutOutput) - out.ResultMetadata = metadata - return out, nil -} - -type LogoutInput struct { - - // The token issued by the CreateToken API call. For more information, see [CreateToken] in the - // IAM Identity Center OIDC API Reference Guide. - // - // [CreateToken]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html - // - // This member is required. - AccessToken *string - - noSmithyDocumentSerde -} - -type LogoutOutput struct { - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationLogoutMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsRestjson1_serializeOpLogout{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsRestjson1_deserializeOpLogout{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "Logout"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpLogoutValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opLogout(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opLogout(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "Logout", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/auth.go deleted file mode 100644 index 366963b4..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/auth.go +++ /dev/null @@ -1,337 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { - params.Region = options.Region -} - -type setLegacyContextSigningOptionsMiddleware struct { -} - -func (*setLegacyContextSigningOptionsMiddleware) ID() string { - return "setLegacyContextSigningOptions" -} - -func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - rscheme := getResolvedAuthScheme(ctx) - schemeID := rscheme.Scheme.SchemeID() - - if sn := awsmiddleware.GetSigningName(ctx); sn != "" { - if schemeID == "aws.auth#sigv4" { - smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) - } else if schemeID == "aws.auth#sigv4a" { - smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) - } - } - - if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { - if schemeID == "aws.auth#sigv4" { - smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) - } else if schemeID == "aws.auth#sigv4a" { - smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) - } - } - - return next.HandleFinalize(ctx, in) -} - -func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) -} - -type withAnonymous struct { - resolver AuthSchemeResolver -} - -var _ AuthSchemeResolver = (*withAnonymous)(nil) - -func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { - opts, err := v.resolver.ResolveAuthSchemes(ctx, params) - if err != nil { - return nil, err - } - - opts = append(opts, &smithyauth.Option{ - SchemeID: smithyauth.SchemeIDAnonymous, - }) - return opts, nil -} - -func wrapWithAnonymousAuth(options *Options) { - if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { - return - } - - options.AuthSchemeResolver = &withAnonymous{ - resolver: options.AuthSchemeResolver, - } -} - -// AuthResolverParameters contains the set of inputs necessary for auth scheme -// resolution. -type AuthResolverParameters struct { - // The name of the operation being invoked. - Operation string - - // The region in which the operation is being invoked. - Region string -} - -func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { - params := &AuthResolverParameters{ - Operation: operation, - } - - bindAuthParamsRegion(ctx, params, input, options) - - return params -} - -// AuthSchemeResolver returns a set of possible authentication options for an -// operation. -type AuthSchemeResolver interface { - ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) -} - -type defaultAuthSchemeResolver struct{} - -var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) - -func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { - if overrides, ok := operationAuthOptions[params.Operation]; ok { - return overrides(params), nil - } - return serviceAuthOptions(params), nil -} - -var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{ - "GetRoleCredentials": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, - - "ListAccountRoles": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, - - "ListAccounts": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, - - "Logout": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, -} - -func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - { - SchemeID: smithyauth.SchemeIDSigV4, - SignerProperties: func() smithy.Properties { - var props smithy.Properties - smithyhttp.SetSigV4SigningName(&props, "awsssoportal") - smithyhttp.SetSigV4SigningRegion(&props, params.Region) - return props - }(), - }, - } -} - -type resolveAuthSchemeMiddleware struct { - operation string - options Options -} - -func (*resolveAuthSchemeMiddleware) ID() string { - return "ResolveAuthScheme" -} - -func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "ResolveAuthScheme") - defer span.End() - - params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) - options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) - } - - scheme, ok := m.selectScheme(options) - if !ok { - return out, metadata, fmt.Errorf("could not select an auth scheme") - } - - ctx = setResolvedAuthScheme(ctx, scheme) - - span.SetProperty("auth.scheme_id", scheme.Scheme.SchemeID()) - span.End() - return next.HandleFinalize(ctx, in) -} - -func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { - for _, option := range options { - if option.SchemeID == smithyauth.SchemeIDAnonymous { - return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true - } - - for _, scheme := range m.options.AuthSchemes { - if scheme.SchemeID() != option.SchemeID { - continue - } - - if scheme.IdentityResolver(m.options) != nil { - return newResolvedAuthScheme(scheme, option), true - } - } - } - - return nil, false -} - -type resolvedAuthSchemeKey struct{} - -type resolvedAuthScheme struct { - Scheme smithyhttp.AuthScheme - IdentityProperties smithy.Properties - SignerProperties smithy.Properties -} - -func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { - return &resolvedAuthScheme{ - Scheme: scheme, - IdentityProperties: option.IdentityProperties, - SignerProperties: option.SignerProperties, - } -} - -func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { - return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) -} - -func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { - v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) - return v -} - -type getIdentityMiddleware struct { - options Options -} - -func (*getIdentityMiddleware) ID() string { - return "GetIdentity" -} - -func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - innerCtx, span := tracing.StartSpan(ctx, "GetIdentity") - defer span.End() - - rscheme := getResolvedAuthScheme(innerCtx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - resolver := rscheme.Scheme.IdentityResolver(m.options) - if resolver == nil { - return out, metadata, fmt.Errorf("no identity resolver") - } - - identity, err := timeOperationMetric(ctx, "client.call.resolve_identity_duration", - func() (smithyauth.Identity, error) { - return resolver.GetIdentity(innerCtx, rscheme.IdentityProperties) - }, - func(o *metrics.RecordMetricOptions) { - o.Properties.Set("auth.scheme_id", rscheme.Scheme.SchemeID()) - }) - if err != nil { - return out, metadata, fmt.Errorf("get identity: %w", err) - } - - ctx = setIdentity(ctx, identity) - - span.End() - return next.HandleFinalize(ctx, in) -} - -type identityKey struct{} - -func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { - return middleware.WithStackValue(ctx, identityKey{}, identity) -} - -func getIdentity(ctx context.Context) smithyauth.Identity { - v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) - return v -} - -type signRequestMiddleware struct { - options Options -} - -func (*signRequestMiddleware) ID() string { - return "Signing" -} - -func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "SignRequest") - defer span.End() - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) - } - - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - identity := getIdentity(ctx) - if identity == nil { - return out, metadata, fmt.Errorf("no identity") - } - - signer := rscheme.Scheme.Signer() - if signer == nil { - return out, metadata, fmt.Errorf("no signer") - } - - _, err = timeOperationMetric(ctx, "client.call.signing_duration", func() (any, error) { - return nil, signer.SignRequest(ctx, req, identity, rscheme.SignerProperties) - }, func(o *metrics.RecordMetricOptions) { - o.Properties.Set("auth.scheme_id", rscheme.Scheme.SchemeID()) - }) - if err != nil { - return out, metadata, fmt.Errorf("sign request: %w", err) - } - - span.End() - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/deserializers.go deleted file mode 100644 index ec23c36f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/deserializers.go +++ /dev/null @@ -1,1182 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws/protocol/restjson" - "github.com/aws/aws-sdk-go-v2/service/sso/types" - smithy "github.com/aws/smithy-go" - smithyio "github.com/aws/smithy-go/io" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/ptr" - smithytime "github.com/aws/smithy-go/time" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "io" - "io/ioutil" - "strings" - "time" -) - -func deserializeS3Expires(v string) (*time.Time, error) { - t, err := smithytime.ParseHTTPDate(v) - if err != nil { - return nil, nil - } - return &t, nil -} - -type awsRestjson1_deserializeOpGetRoleCredentials struct { -} - -func (*awsRestjson1_deserializeOpGetRoleCredentials) ID() string { - return "OperationDeserializer" -} - -func (m *awsRestjson1_deserializeOpGetRoleCredentials) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsRestjson1_deserializeOpErrorGetRoleCredentials(response, &metadata) - } - output := &GetRoleCredentialsOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsRestjson1_deserializeOpDocumentGetRoleCredentialsOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - span.End() - return out, metadata, err -} - -func awsRestjson1_deserializeOpErrorGetRoleCredentials(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("InvalidRequestException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) - - case strings.EqualFold("TooManyRequestsException", errorCode): - return awsRestjson1_deserializeErrorTooManyRequestsException(response, errorBody) - - case strings.EqualFold("UnauthorizedException", errorCode): - return awsRestjson1_deserializeErrorUnauthorizedException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsRestjson1_deserializeOpDocumentGetRoleCredentialsOutput(v **GetRoleCredentialsOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *GetRoleCredentialsOutput - if *v == nil { - sv = &GetRoleCredentialsOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "roleCredentials": - if err := awsRestjson1_deserializeDocumentRoleCredentials(&sv.RoleCredentials, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -type awsRestjson1_deserializeOpListAccountRoles struct { -} - -func (*awsRestjson1_deserializeOpListAccountRoles) ID() string { - return "OperationDeserializer" -} - -func (m *awsRestjson1_deserializeOpListAccountRoles) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsRestjson1_deserializeOpErrorListAccountRoles(response, &metadata) - } - output := &ListAccountRolesOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsRestjson1_deserializeOpDocumentListAccountRolesOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - span.End() - return out, metadata, err -} - -func awsRestjson1_deserializeOpErrorListAccountRoles(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("InvalidRequestException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) - - case strings.EqualFold("TooManyRequestsException", errorCode): - return awsRestjson1_deserializeErrorTooManyRequestsException(response, errorBody) - - case strings.EqualFold("UnauthorizedException", errorCode): - return awsRestjson1_deserializeErrorUnauthorizedException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsRestjson1_deserializeOpDocumentListAccountRolesOutput(v **ListAccountRolesOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *ListAccountRolesOutput - if *v == nil { - sv = &ListAccountRolesOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "nextToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NextTokenType to be of type string, got %T instead", value) - } - sv.NextToken = ptr.String(jtv) - } - - case "roleList": - if err := awsRestjson1_deserializeDocumentRoleListType(&sv.RoleList, value); err != nil { - return err - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -type awsRestjson1_deserializeOpListAccounts struct { -} - -func (*awsRestjson1_deserializeOpListAccounts) ID() string { - return "OperationDeserializer" -} - -func (m *awsRestjson1_deserializeOpListAccounts) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsRestjson1_deserializeOpErrorListAccounts(response, &metadata) - } - output := &ListAccountsOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsRestjson1_deserializeOpDocumentListAccountsOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - span.End() - return out, metadata, err -} - -func awsRestjson1_deserializeOpErrorListAccounts(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("InvalidRequestException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("ResourceNotFoundException", errorCode): - return awsRestjson1_deserializeErrorResourceNotFoundException(response, errorBody) - - case strings.EqualFold("TooManyRequestsException", errorCode): - return awsRestjson1_deserializeErrorTooManyRequestsException(response, errorBody) - - case strings.EqualFold("UnauthorizedException", errorCode): - return awsRestjson1_deserializeErrorUnauthorizedException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsRestjson1_deserializeOpDocumentListAccountsOutput(v **ListAccountsOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *ListAccountsOutput - if *v == nil { - sv = &ListAccountsOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "accountList": - if err := awsRestjson1_deserializeDocumentAccountListType(&sv.AccountList, value); err != nil { - return err - } - - case "nextToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected NextTokenType to be of type string, got %T instead", value) - } - sv.NextToken = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -type awsRestjson1_deserializeOpLogout struct { -} - -func (*awsRestjson1_deserializeOpLogout) ID() string { - return "OperationDeserializer" -} - -func (m *awsRestjson1_deserializeOpLogout) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsRestjson1_deserializeOpErrorLogout(response, &metadata) - } - output := &LogoutOutput{} - out.Result = output - - if _, err = io.Copy(ioutil.Discard, response.Body); err != nil { - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to discard response body, %w", err), - } - } - - span.End() - return out, metadata, err -} - -func awsRestjson1_deserializeOpErrorLogout(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("InvalidRequestException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("TooManyRequestsException", errorCode): - return awsRestjson1_deserializeErrorTooManyRequestsException(response, errorBody) - - case strings.EqualFold("UnauthorizedException", errorCode): - return awsRestjson1_deserializeErrorUnauthorizedException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsRestjson1_deserializeErrorInvalidRequestException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidRequestException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInvalidRequestException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorResourceNotFoundException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.ResourceNotFoundException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentResourceNotFoundException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorTooManyRequestsException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.TooManyRequestsException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentTooManyRequestsException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorUnauthorizedException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.UnauthorizedException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentUnauthorizedException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeDocumentAccountInfo(v **types.AccountInfo, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.AccountInfo - if *v == nil { - sv = &types.AccountInfo{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "accountId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected AccountIdType to be of type string, got %T instead", value) - } - sv.AccountId = ptr.String(jtv) - } - - case "accountName": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected AccountNameType to be of type string, got %T instead", value) - } - sv.AccountName = ptr.String(jtv) - } - - case "emailAddress": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected EmailAddressType to be of type string, got %T instead", value) - } - sv.EmailAddress = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentAccountListType(v *[]types.AccountInfo, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.AccountInfo - if *v == nil { - cv = []types.AccountInfo{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.AccountInfo - destAddr := &col - if err := awsRestjson1_deserializeDocumentAccountInfo(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsRestjson1_deserializeDocumentInvalidRequestException(v **types.InvalidRequestException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidRequestException - if *v == nil { - sv = &types.InvalidRequestException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentResourceNotFoundException(v **types.ResourceNotFoundException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.ResourceNotFoundException - if *v == nil { - sv = &types.ResourceNotFoundException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentRoleCredentials(v **types.RoleCredentials, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.RoleCredentials - if *v == nil { - sv = &types.RoleCredentials{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "accessKeyId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected AccessKeyType to be of type string, got %T instead", value) - } - sv.AccessKeyId = ptr.String(jtv) - } - - case "expiration": - if value != nil { - jtv, ok := value.(json.Number) - if !ok { - return fmt.Errorf("expected ExpirationTimestampType to be json.Number, got %T instead", value) - } - i64, err := jtv.Int64() - if err != nil { - return err - } - sv.Expiration = i64 - } - - case "secretAccessKey": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SecretAccessKeyType to be of type string, got %T instead", value) - } - sv.SecretAccessKey = ptr.String(jtv) - } - - case "sessionToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected SessionTokenType to be of type string, got %T instead", value) - } - sv.SessionToken = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentRoleInfo(v **types.RoleInfo, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.RoleInfo - if *v == nil { - sv = &types.RoleInfo{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "accountId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected AccountIdType to be of type string, got %T instead", value) - } - sv.AccountId = ptr.String(jtv) - } - - case "roleName": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RoleNameType to be of type string, got %T instead", value) - } - sv.RoleName = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentRoleListType(v *[]types.RoleInfo, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []types.RoleInfo - if *v == nil { - cv = []types.RoleInfo{} - } else { - cv = *v - } - - for _, value := range shape { - var col types.RoleInfo - destAddr := &col - if err := awsRestjson1_deserializeDocumentRoleInfo(&destAddr, value); err != nil { - return err - } - col = *destAddr - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsRestjson1_deserializeDocumentTooManyRequestsException(v **types.TooManyRequestsException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.TooManyRequestsException - if *v == nil { - sv = &types.TooManyRequestsException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentUnauthorizedException(v **types.UnauthorizedException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.UnauthorizedException - if *v == nil { - sv = &types.UnauthorizedException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "message", "Message": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Message = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/doc.go deleted file mode 100644 index 7f6e429f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/doc.go +++ /dev/null @@ -1,27 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -// Package sso provides the API client, operations, and parameter types for AWS -// Single Sign-On. -// -// AWS IAM Identity Center (successor to AWS Single Sign-On) Portal is a web -// service that makes it easy for you to assign user access to IAM Identity Center -// resources such as the AWS access portal. Users can get AWS account applications -// and roles assigned to them and get federated into the application. -// -// Although AWS Single Sign-On was renamed, the sso and identitystore API -// namespaces will continue to retain their original name for backward -// compatibility purposes. For more information, see [IAM Identity Center rename]. -// -// This reference guide describes the IAM Identity Center Portal operations that -// you can call programatically and includes detailed information on data types and -// errors. -// -// AWS provides SDKs that consist of libraries and sample code for various -// programming languages and platforms, such as Java, Ruby, .Net, iOS, or Android. -// The SDKs provide a convenient way to create programmatic access to IAM Identity -// Center and other AWS services. For more information about the AWS SDKs, -// including how to download and install them, see [Tools for Amazon Web Services]. -// -// [Tools for Amazon Web Services]: http://aws.amazon.com/tools/ -// [IAM Identity Center rename]: https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed -package sso diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go deleted file mode 100644 index 53c6bc75..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/endpoints.go +++ /dev/null @@ -1,556 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" - "github.com/aws/aws-sdk-go-v2/internal/endpoints" - "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" - internalendpoints "github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints" - smithyauth "github.com/aws/smithy-go/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/ptr" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net/http" - "net/url" - "os" - "strings" -) - -// EndpointResolverOptions is the service endpoint resolver options -type EndpointResolverOptions = internalendpoints.Options - -// EndpointResolver interface for resolving service endpoints. -type EndpointResolver interface { - ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error) -} - -var _ EndpointResolver = &internalendpoints.Resolver{} - -// NewDefaultEndpointResolver constructs a new service endpoint resolver -func NewDefaultEndpointResolver() *internalendpoints.Resolver { - return internalendpoints.New() -} - -// EndpointResolverFunc is a helper utility that wraps a function so it satisfies -// the EndpointResolver interface. This is useful when you want to add additional -// endpoint resolving logic, or stub out specific endpoints with custom values. -type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error) - -func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { - return fn(region, options) -} - -// EndpointResolverFromURL returns an EndpointResolver configured using the -// provided endpoint url. By default, the resolved endpoint resolver uses the -// client region as signing region, and the endpoint source is set to -// EndpointSourceCustom.You can provide functional options to configure endpoint -// values for the resolved endpoint. -func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver { - e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom} - for _, fn := range optFns { - fn(&e) - } - - return EndpointResolverFunc( - func(region string, options EndpointResolverOptions) (aws.Endpoint, error) { - if len(e.SigningRegion) == 0 { - e.SigningRegion = region - } - return e, nil - }, - ) -} - -type ResolveEndpoint struct { - Resolver EndpointResolver - Options EndpointResolverOptions -} - -func (*ResolveEndpoint) ID() string { - return "ResolveEndpoint" -} - -func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.Resolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - eo := m.Options - eo.Logger = middleware.GetLogger(ctx) - - var endpoint aws.Endpoint - endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo) - if err != nil { - nf := (&aws.EndpointNotFoundError{}) - if errors.As(err, &nf) { - ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false) - return next.HandleSerialize(ctx, in) - } - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL, err = url.Parse(endpoint.URL) - if err != nil { - return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err) - } - - if len(awsmiddleware.GetSigningName(ctx)) == 0 { - signingName := endpoint.SigningName - if len(signingName) == 0 { - signingName = "awsssoportal" - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - } - ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source) - ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable) - ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion) - ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID) - return next.HandleSerialize(ctx, in) -} -func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error { - return stack.Serialize.Insert(&ResolveEndpoint{ - Resolver: o.EndpointResolver, - Options: o.EndpointOptions, - }, "OperationSerializer", middleware.Before) -} - -func removeResolveEndpointMiddleware(stack *middleware.Stack) error { - _, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID()) - return err -} - -type wrappedEndpointResolver struct { - awsResolver aws.EndpointResolverWithOptions -} - -func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { - return w.awsResolver.ResolveEndpoint(ServiceID, region, options) -} - -type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error) - -func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) { - return a(service, region) -} - -var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil) - -// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver. -// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error, -// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked -// via its middleware. -// -// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated. -func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver { - var resolver aws.EndpointResolverWithOptions - - if awsResolverWithOptions != nil { - resolver = awsResolverWithOptions - } else if awsResolver != nil { - resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint) - } - - return &wrappedEndpointResolver{ - awsResolver: resolver, - } -} - -func finalizeClientEndpointResolverOptions(options *Options) { - options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage() - - if len(options.EndpointOptions.ResolvedRegion) == 0 { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(options.Region, fipsInfix) || - strings.Contains(options.Region, fipsPrefix) || - strings.Contains(options.Region, fipsSuffix) { - options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( - options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") - options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled - } - } - -} - -func resolveEndpointResolverV2(options *Options) { - if options.EndpointResolverV2 == nil { - options.EndpointResolverV2 = NewDefaultEndpointResolverV2() - } -} - -func resolveBaseEndpoint(cfg aws.Config, o *Options) { - if cfg.BaseEndpoint != nil { - o.BaseEndpoint = cfg.BaseEndpoint - } - - _, g := os.LookupEnv("AWS_ENDPOINT_URL") - _, s := os.LookupEnv("AWS_ENDPOINT_URL_SSO") - - if g && !s { - return - } - - value, found, err := internalConfig.ResolveServiceBaseEndpoint(context.Background(), "SSO", cfg.ConfigSources) - if found && err == nil { - o.BaseEndpoint = &value - } -} - -func bindRegion(region string) *string { - if region == "" { - return nil - } - return aws.String(endpoints.MapFIPSRegion(region)) -} - -// EndpointParameters provides the parameters that influence how endpoints are -// resolved. -type EndpointParameters struct { - // The AWS region used to dispatch the request. - // - // Parameter is - // required. - // - // AWS::Region - Region *string - - // When true, use the dual-stack endpoint. If the configured endpoint does not - // support dual-stack, dispatching the request MAY return an error. - // - // Defaults to - // false if no value is provided. - // - // AWS::UseDualStack - UseDualStack *bool - - // When true, send this request to the FIPS-compliant regional endpoint. If the - // configured endpoint does not have a FIPS compliant endpoint, dispatching the - // request will return an error. - // - // Defaults to false if no value is - // provided. - // - // AWS::UseFIPS - UseFIPS *bool - - // Override the endpoint used to send this request - // - // Parameter is - // required. - // - // SDK::Endpoint - Endpoint *string -} - -// ValidateRequired validates required parameters are set. -func (p EndpointParameters) ValidateRequired() error { - if p.UseDualStack == nil { - return fmt.Errorf("parameter UseDualStack is required") - } - - if p.UseFIPS == nil { - return fmt.Errorf("parameter UseFIPS is required") - } - - return nil -} - -// WithDefaults returns a shallow copy of EndpointParameterswith default values -// applied to members where applicable. -func (p EndpointParameters) WithDefaults() EndpointParameters { - if p.UseDualStack == nil { - p.UseDualStack = ptr.Bool(false) - } - - if p.UseFIPS == nil { - p.UseFIPS = ptr.Bool(false) - } - return p -} - -type stringSlice []string - -func (s stringSlice) Get(i int) *string { - if i < 0 || i >= len(s) { - return nil - } - - v := s[i] - return &v -} - -// EndpointResolverV2 provides the interface for resolving service endpoints. -type EndpointResolverV2 interface { - // ResolveEndpoint attempts to resolve the endpoint with the provided options, - // returning the endpoint if found. Otherwise an error is returned. - ResolveEndpoint(ctx context.Context, params EndpointParameters) ( - smithyendpoints.Endpoint, error, - ) -} - -// resolver provides the implementation for resolving endpoints. -type resolver struct{} - -func NewDefaultEndpointResolverV2() EndpointResolverV2 { - return &resolver{} -} - -// ResolveEndpoint attempts to resolve the endpoint with the provided options, -// returning the endpoint if found. Otherwise an error is returned. -func (r *resolver) ResolveEndpoint( - ctx context.Context, params EndpointParameters, -) ( - endpoint smithyendpoints.Endpoint, err error, -) { - params = params.WithDefaults() - if err = params.ValidateRequired(); err != nil { - return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err) - } - _UseDualStack := *params.UseDualStack - _UseFIPS := *params.UseFIPS - - if exprVal := params.Endpoint; exprVal != nil { - _Endpoint := *exprVal - _ = _Endpoint - if _UseFIPS == true { - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported") - } - if _UseDualStack == true { - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported") - } - uriString := _Endpoint - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - if exprVal := params.Region; exprVal != nil { - _Region := *exprVal - _ = _Region - if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil { - _PartitionResult := *exprVal - _ = _PartitionResult - if _UseFIPS == true { - if _UseDualStack == true { - if true == _PartitionResult.SupportsFIPS { - if true == _PartitionResult.SupportsDualStack { - uriString := func() string { - var out strings.Builder - out.WriteString("https://portal.sso-fips.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DualStackDnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both") - } - } - if _UseFIPS == true { - if true == _PartitionResult.SupportsFIPS { - if "aws-us-gov" == _PartitionResult.Name { - uriString := func() string { - var out strings.Builder - out.WriteString("https://portal.sso.") - out.WriteString(_Region) - out.WriteString(".amazonaws.com") - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://portal.sso-fips.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS") - } - if _UseDualStack == true { - if true == _PartitionResult.SupportsDualStack { - uriString := func() string { - var out strings.Builder - out.WriteString("https://portal.sso.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DualStackDnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack") - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://portal.sso.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.") - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region") -} - -type endpointParamsBinder interface { - bindEndpointParams(*EndpointParameters) -} - -func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { - params := &EndpointParameters{} - - params.Region = bindRegion(options.Region) - params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) - params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) - params.Endpoint = options.BaseEndpoint - - if b, ok := input.(endpointParamsBinder); ok { - b.bindEndpointParams(params) - } - - return params -} - -type resolveEndpointV2Middleware struct { - options Options -} - -func (*resolveEndpointV2Middleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "ResolveEndpoint") - defer span.End() - - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleFinalize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.options.EndpointResolverV2 == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) - endpt, err := timeOperationMetric(ctx, "client.call.resolve_endpoint_duration", - func() (smithyendpoints.Endpoint, error) { - return m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) - }) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - span.SetProperty("client.call.resolved_endpoint", endpt.URI.String()) - - if endpt.URI.RawPath == "" && req.URL.RawPath != "" { - endpt.URI.RawPath = endpt.URI.Path - } - req.URL.Scheme = endpt.URI.Scheme - req.URL.Host = endpt.URI.Host - req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) - req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) - for k := range endpt.Headers { - req.Header.Set(k, endpt.Headers.Get(k)) - } - - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) - for _, o := range opts { - rscheme.SignerProperties.SetAll(&o.SignerProperties) - } - - span.End() - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json deleted file mode 100644 index 1a88fe4d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/generated.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "dependencies": { - "github.com/aws/aws-sdk-go-v2": "v1.4.0", - "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000", - "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000", - "github.com/aws/smithy-go": "v1.4.0" - }, - "files": [ - "api_client.go", - "api_client_test.go", - "api_op_GetRoleCredentials.go", - "api_op_ListAccountRoles.go", - "api_op_ListAccounts.go", - "api_op_Logout.go", - "auth.go", - "deserializers.go", - "doc.go", - "endpoints.go", - "endpoints_config_test.go", - "endpoints_test.go", - "generated.json", - "internal/endpoints/endpoints.go", - "internal/endpoints/endpoints_test.go", - "options.go", - "protocol_test.go", - "serializers.go", - "snapshot_test.go", - "sra_operation_order_test.go", - "types/errors.go", - "types/types.go", - "validators.go" - ], - "go": "1.22", - "module": "github.com/aws/aws-sdk-go-v2/service/sso", - "unstable": false -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go deleted file mode 100644 index b4e19960..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package sso - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.25.1" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go deleted file mode 100644 index 081867b3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints/endpoints.go +++ /dev/null @@ -1,566 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package endpoints - -import ( - "github.com/aws/aws-sdk-go-v2/aws" - endpoints "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2" - "github.com/aws/smithy-go/logging" - "regexp" -) - -// Options is the endpoint resolver configuration options -type Options struct { - // Logger is a logging implementation that log events should be sent to. - Logger logging.Logger - - // LogDeprecated indicates that deprecated endpoints should be logged to the - // provided logger. - LogDeprecated bool - - // ResolvedRegion is used to override the region to be resolved, rather then the - // using the value passed to the ResolveEndpoint method. This value is used by the - // SDK to translate regions like fips-us-east-1 or us-east-1-fips to an alternative - // name. You must not set this value directly in your application. - ResolvedRegion string - - // DisableHTTPS informs the resolver to return an endpoint that does not use the - // HTTPS scheme. - DisableHTTPS bool - - // UseDualStackEndpoint specifies the resolver must resolve a dual-stack endpoint. - UseDualStackEndpoint aws.DualStackEndpointState - - // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. - UseFIPSEndpoint aws.FIPSEndpointState -} - -func (o Options) GetResolvedRegion() string { - return o.ResolvedRegion -} - -func (o Options) GetDisableHTTPS() bool { - return o.DisableHTTPS -} - -func (o Options) GetUseDualStackEndpoint() aws.DualStackEndpointState { - return o.UseDualStackEndpoint -} - -func (o Options) GetUseFIPSEndpoint() aws.FIPSEndpointState { - return o.UseFIPSEndpoint -} - -func transformToSharedOptions(options Options) endpoints.Options { - return endpoints.Options{ - Logger: options.Logger, - LogDeprecated: options.LogDeprecated, - ResolvedRegion: options.ResolvedRegion, - DisableHTTPS: options.DisableHTTPS, - UseDualStackEndpoint: options.UseDualStackEndpoint, - UseFIPSEndpoint: options.UseFIPSEndpoint, - } -} - -// Resolver SSO endpoint resolver -type Resolver struct { - partitions endpoints.Partitions -} - -// ResolveEndpoint resolves the service endpoint for the given region and options -func (r *Resolver) ResolveEndpoint(region string, options Options) (endpoint aws.Endpoint, err error) { - if len(region) == 0 { - return endpoint, &aws.MissingRegionError{} - } - - opt := transformToSharedOptions(options) - return r.partitions.ResolveEndpoint(region, opt) -} - -// New returns a new Resolver -func New() *Resolver { - return &Resolver{ - partitions: defaultPartitions, - } -} - -var partitionRegexp = struct { - Aws *regexp.Regexp - AwsCn *regexp.Regexp - AwsIso *regexp.Regexp - AwsIsoB *regexp.Regexp - AwsIsoE *regexp.Regexp - AwsIsoF *regexp.Regexp - AwsUsGov *regexp.Regexp -}{ - - Aws: regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"), - AwsCn: regexp.MustCompile("^cn\\-\\w+\\-\\d+$"), - AwsIso: regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"), - AwsIsoB: regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"), - AwsIsoE: regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"), - AwsIsoF: regexp.MustCompile("^us\\-isof\\-\\w+\\-\\d+$"), - AwsUsGov: regexp.MustCompile("^us\\-gov\\-\\w+\\-\\d+$"), -} - -var defaultPartitions = endpoints.Partitions{ - { - ID: "aws", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "portal.sso.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "portal.sso-fips.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "portal.sso-fips.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "portal.sso.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.Aws, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "af-south-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.af-south-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "af-south-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-east-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-northeast-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-northeast-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-northeast-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-northeast-2", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-northeast-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-northeast-2", - }, - }, - endpoints.EndpointKey{ - Region: "ap-northeast-3", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-northeast-3.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-northeast-3", - }, - }, - endpoints.EndpointKey{ - Region: "ap-south-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-south-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-south-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-south-2", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-south-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-south-2", - }, - }, - endpoints.EndpointKey{ - Region: "ap-southeast-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-southeast-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-southeast-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-southeast-2", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-southeast-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-southeast-2", - }, - }, - endpoints.EndpointKey{ - Region: "ap-southeast-3", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-southeast-3.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-southeast-3", - }, - }, - endpoints.EndpointKey{ - Region: "ap-southeast-4", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ap-southeast-4.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-southeast-4", - }, - }, - endpoints.EndpointKey{ - Region: "ca-central-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ca-central-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ca-central-1", - }, - }, - endpoints.EndpointKey{ - Region: "ca-west-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.ca-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ca-west-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-central-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.eu-central-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-central-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-central-2", - }: endpoints.Endpoint{ - Hostname: "portal.sso.eu-central-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-central-2", - }, - }, - endpoints.EndpointKey{ - Region: "eu-north-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.eu-north-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-north-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-south-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.eu-south-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-south-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-south-2", - }: endpoints.Endpoint{ - Hostname: "portal.sso.eu-south-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-south-2", - }, - }, - endpoints.EndpointKey{ - Region: "eu-west-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.eu-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-west-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-west-2", - }: endpoints.Endpoint{ - Hostname: "portal.sso.eu-west-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-west-2", - }, - }, - endpoints.EndpointKey{ - Region: "eu-west-3", - }: endpoints.Endpoint{ - Hostname: "portal.sso.eu-west-3.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-west-3", - }, - }, - endpoints.EndpointKey{ - Region: "il-central-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.il-central-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "il-central-1", - }, - }, - endpoints.EndpointKey{ - Region: "me-central-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.me-central-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "me-central-1", - }, - }, - endpoints.EndpointKey{ - Region: "me-south-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.me-south-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "me-south-1", - }, - }, - endpoints.EndpointKey{ - Region: "sa-east-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.sa-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "sa-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "us-east-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.us-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "us-east-2", - }: endpoints.Endpoint{ - Hostname: "portal.sso.us-east-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-east-2", - }, - }, - endpoints.EndpointKey{ - Region: "us-west-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.us-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-west-1", - }, - }, - endpoints.EndpointKey{ - Region: "us-west-2", - }: endpoints.Endpoint{ - Hostname: "portal.sso.us-west-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - { - ID: "aws-cn", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "portal.sso.{region}.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "portal.sso-fips.{region}.amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "portal.sso-fips.{region}.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "portal.sso.{region}.amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsCn, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "cn-north-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.cn-north-1.amazonaws.com.cn", - CredentialScope: endpoints.CredentialScope{ - Region: "cn-north-1", - }, - }, - endpoints.EndpointKey{ - Region: "cn-northwest-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.cn-northwest-1.amazonaws.com.cn", - CredentialScope: endpoints.CredentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - { - ID: "aws-iso", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "portal.sso-fips.{region}.c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "portal.sso.{region}.c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIso, - IsRegionalized: true, - }, - { - ID: "aws-iso-b", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "portal.sso-fips.{region}.sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "portal.sso.{region}.sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoB, - IsRegionalized: true, - }, - { - ID: "aws-iso-e", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "portal.sso-fips.{region}.cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "portal.sso.{region}.cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoE, - IsRegionalized: true, - }, - { - ID: "aws-iso-f", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "portal.sso-fips.{region}.csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "portal.sso.{region}.csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoF, - IsRegionalized: true, - }, - { - ID: "aws-us-gov", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "portal.sso.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "portal.sso-fips.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "portal.sso-fips.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "portal.sso.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsUsGov, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-gov-east-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.us-gov-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-gov-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "us-gov-west-1", - }: endpoints.Endpoint{ - Hostname: "portal.sso.us-gov-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/options.go deleted file mode 100644 index aa744f15..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/options.go +++ /dev/null @@ -1,232 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - smithyauth "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net/http" -) - -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation call to - // modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The optional application specific identifier appended to the User-Agent header. - AppID string - - // This endpoint will be given as input to an EndpointResolverV2. It is used for - // providing a custom base endpoint that is subject to modifications by the - // processing EndpointResolverV2. - BaseEndpoint *string - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // The configuration DefaultsMode that the SDK should use when constructing the - // clients initial default settings. - DefaultsMode aws.DefaultsMode - - // The endpoint options to be used when attempting to resolve an endpoint. - EndpointOptions EndpointResolverOptions - - // The service endpoint resolver. - // - // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a - // value for this field will likely prevent you from using any endpoint-related - // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. - // - // To migrate an EndpointResolver implementation that uses a custom endpoint, set - // the client option BaseEndpoint instead. - EndpointResolver EndpointResolver - - // Resolves the endpoint used for a particular service operation. This should be - // used over the deprecated EndpointResolver. - EndpointResolverV2 EndpointResolverV2 - - // Signature Version 4 (SigV4) Signer - HTTPSignerV4 HTTPSignerV4 - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // The client meter provider. - MeterProvider metrics.MeterProvider - - // The region to send requests to. (Required) - Region string - - // RetryMaxAttempts specifies the maximum number attempts an API client will call - // an operation that fails with a retryable error. A value of 0 is ignored, and - // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. - // - // If specified in an operation call's functional options with a value that is - // different than the constructed client's Options, the Client's Retryer will be - // wrapped to use the operation's specific RetryMaxAttempts value. - RetryMaxAttempts int - - // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. - // - // When creating a new API Clients this member will only be used if the Retryer - // Options member is nil. This value will be ignored if Retryer is not nil. - // - // Currently does not support per operation call overrides, may in the future. - RetryMode aws.RetryMode - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. The kind of - // default retry created by the API client can be changed with the RetryMode - // option. - Retryer aws.Retryer - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set - // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You - // should not populate this structure programmatically, or rely on the values here - // within your applications. - RuntimeEnvironment aws.RuntimeEnvironment - - // The client tracer provider. - TracerProvider tracing.TracerProvider - - // The initial DefaultsMode used when the client options were constructed. If the - // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. - // - // Currently does not support per operation call overrides, may in the future. - resolvedDefaultsMode aws.DefaultsMode - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient - - // The auth scheme resolver which determines how to authenticate for each - // operation. - AuthSchemeResolver AuthSchemeResolver - - // The list of auth schemes supported by the client. - AuthSchemes []smithyhttp.AuthScheme -} - -// Copy creates a clone where the APIOptions list is deep copied. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - - return to -} - -func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { - if schemeID == "aws.auth#sigv4" { - return getSigV4IdentityResolver(o) - } - if schemeID == "smithy.api#noAuth" { - return &smithyauth.AnonymousIdentityResolver{} - } - return nil -} - -// WithAPIOptions returns a functional option for setting the Client's APIOptions -// option. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for -// this field will likely prevent you from using any endpoint-related service -// features released after the introduction of EndpointResolverV2 and BaseEndpoint. -// -// To migrate an EndpointResolver implementation that uses a custom endpoint, set -// the client option BaseEndpoint instead. -func WithEndpointResolver(v EndpointResolver) func(*Options) { - return func(o *Options) { - o.EndpointResolver = v - } -} - -// WithEndpointResolverV2 returns a functional option for setting the Client's -// EndpointResolverV2 option. -func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { - return func(o *Options) { - o.EndpointResolverV2 = v - } -} - -func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { - if o.Credentials != nil { - return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} - } - return nil -} - -// WithSigV4SigningName applies an override to the authentication workflow to -// use the given signing name for SigV4-authenticated operations. -// -// This is an advanced setting. The value here is FINAL, taking precedence over -// the resolved signing name from both auth scheme resolution and endpoint -// resolution. -func WithSigV4SigningName(name string) func(*Options) { - fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, - ) { - return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) - } - return func(o *Options) { - o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { - return s.Initialize.Add( - middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), - middleware.Before, - ) - }) - } -} - -// WithSigV4SigningRegion applies an override to the authentication workflow to -// use the given signing region for SigV4-authenticated operations. -// -// This is an advanced setting. The value here is FINAL, taking precedence over -// the resolved signing region from both auth scheme resolution and endpoint -// resolution. -func WithSigV4SigningRegion(region string) func(*Options) { - fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, - ) { - return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) - } - return func(o *Options) { - o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { - return s.Initialize.Add( - middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), - middleware.Before, - ) - }) - } -} - -func ignoreAnonymousAuth(options *Options) { - if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { - options.Credentials = nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/serializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/serializers.go deleted file mode 100644 index a7a5b57d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/serializers.go +++ /dev/null @@ -1,309 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "fmt" - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/encoding/httpbinding" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -type awsRestjson1_serializeOpGetRoleCredentials struct { -} - -func (*awsRestjson1_serializeOpGetRoleCredentials) ID() string { - return "OperationSerializer" -} - -func (m *awsRestjson1_serializeOpGetRoleCredentials) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*GetRoleCredentialsInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - opPath, opQuery := httpbinding.SplitURI("/federation/credentials") - request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) - request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) - request.Method = "GET" - var restEncoder *httpbinding.Encoder - if request.URL.RawPath == "" { - restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - } else { - request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) - restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) - } - - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if err := awsRestjson1_serializeOpHttpBindingsGetRoleCredentialsInput(input, restEncoder); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = restEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsRestjson1_serializeOpHttpBindingsGetRoleCredentialsInput(v *GetRoleCredentialsInput, encoder *httpbinding.Encoder) error { - if v == nil { - return fmt.Errorf("unsupported serialization of nil %T", v) - } - - if v.AccessToken != nil { - locationName := "X-Amz-Sso_bearer_token" - encoder.SetHeader(locationName).String(*v.AccessToken) - } - - if v.AccountId != nil { - encoder.SetQuery("account_id").String(*v.AccountId) - } - - if v.RoleName != nil { - encoder.SetQuery("role_name").String(*v.RoleName) - } - - return nil -} - -type awsRestjson1_serializeOpListAccountRoles struct { -} - -func (*awsRestjson1_serializeOpListAccountRoles) ID() string { - return "OperationSerializer" -} - -func (m *awsRestjson1_serializeOpListAccountRoles) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*ListAccountRolesInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - opPath, opQuery := httpbinding.SplitURI("/assignment/roles") - request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) - request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) - request.Method = "GET" - var restEncoder *httpbinding.Encoder - if request.URL.RawPath == "" { - restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - } else { - request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) - restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) - } - - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if err := awsRestjson1_serializeOpHttpBindingsListAccountRolesInput(input, restEncoder); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = restEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsRestjson1_serializeOpHttpBindingsListAccountRolesInput(v *ListAccountRolesInput, encoder *httpbinding.Encoder) error { - if v == nil { - return fmt.Errorf("unsupported serialization of nil %T", v) - } - - if v.AccessToken != nil { - locationName := "X-Amz-Sso_bearer_token" - encoder.SetHeader(locationName).String(*v.AccessToken) - } - - if v.AccountId != nil { - encoder.SetQuery("account_id").String(*v.AccountId) - } - - if v.MaxResults != nil { - encoder.SetQuery("max_result").Integer(*v.MaxResults) - } - - if v.NextToken != nil { - encoder.SetQuery("next_token").String(*v.NextToken) - } - - return nil -} - -type awsRestjson1_serializeOpListAccounts struct { -} - -func (*awsRestjson1_serializeOpListAccounts) ID() string { - return "OperationSerializer" -} - -func (m *awsRestjson1_serializeOpListAccounts) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*ListAccountsInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - opPath, opQuery := httpbinding.SplitURI("/assignment/accounts") - request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) - request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) - request.Method = "GET" - var restEncoder *httpbinding.Encoder - if request.URL.RawPath == "" { - restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - } else { - request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) - restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) - } - - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if err := awsRestjson1_serializeOpHttpBindingsListAccountsInput(input, restEncoder); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = restEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsRestjson1_serializeOpHttpBindingsListAccountsInput(v *ListAccountsInput, encoder *httpbinding.Encoder) error { - if v == nil { - return fmt.Errorf("unsupported serialization of nil %T", v) - } - - if v.AccessToken != nil { - locationName := "X-Amz-Sso_bearer_token" - encoder.SetHeader(locationName).String(*v.AccessToken) - } - - if v.MaxResults != nil { - encoder.SetQuery("max_result").Integer(*v.MaxResults) - } - - if v.NextToken != nil { - encoder.SetQuery("next_token").String(*v.NextToken) - } - - return nil -} - -type awsRestjson1_serializeOpLogout struct { -} - -func (*awsRestjson1_serializeOpLogout) ID() string { - return "OperationSerializer" -} - -func (m *awsRestjson1_serializeOpLogout) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*LogoutInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - opPath, opQuery := httpbinding.SplitURI("/logout") - request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) - request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) - request.Method = "POST" - var restEncoder *httpbinding.Encoder - if request.URL.RawPath == "" { - restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - } else { - request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) - restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) - } - - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if err := awsRestjson1_serializeOpHttpBindingsLogoutInput(input, restEncoder); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = restEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsRestjson1_serializeOpHttpBindingsLogoutInput(v *LogoutInput, encoder *httpbinding.Encoder) error { - if v == nil { - return fmt.Errorf("unsupported serialization of nil %T", v) - } - - if v.AccessToken != nil { - locationName := "X-Amz-Sso_bearer_token" - encoder.SetHeader(locationName).String(*v.AccessToken) - } - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/types/errors.go deleted file mode 100644 index e97a126e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/types/errors.go +++ /dev/null @@ -1,115 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -import ( - "fmt" - smithy "github.com/aws/smithy-go" -) - -// Indicates that a problem occurred with the input to the request. For example, a -// required parameter might be missing or out of range. -type InvalidRequestException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *InvalidRequestException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidRequestException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidRequestException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidRequestException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidRequestException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The specified resource doesn't exist. -type ResourceNotFoundException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *ResourceNotFoundException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *ResourceNotFoundException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *ResourceNotFoundException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "ResourceNotFoundException" - } - return *e.ErrorCodeOverride -} -func (e *ResourceNotFoundException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that the request is being made too frequently and is more than what -// the server can handle. -type TooManyRequestsException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *TooManyRequestsException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *TooManyRequestsException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *TooManyRequestsException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "TooManyRequestsException" - } - return *e.ErrorCodeOverride -} -func (e *TooManyRequestsException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that the request is not authorized. This can happen due to an invalid -// access token in the request. -type UnauthorizedException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *UnauthorizedException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *UnauthorizedException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *UnauthorizedException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "UnauthorizedException" - } - return *e.ErrorCodeOverride -} -func (e *UnauthorizedException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/types/types.go deleted file mode 100644 index 07ac468e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/types/types.go +++ /dev/null @@ -1,63 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -import ( - smithydocument "github.com/aws/smithy-go/document" -) - -// Provides information about your AWS account. -type AccountInfo struct { - - // The identifier of the AWS account that is assigned to the user. - AccountId *string - - // The display name of the AWS account that is assigned to the user. - AccountName *string - - // The email address of the AWS account that is assigned to the user. - EmailAddress *string - - noSmithyDocumentSerde -} - -// Provides information about the role credentials that are assigned to the user. -type RoleCredentials struct { - - // The identifier used for the temporary security credentials. For more - // information, see [Using Temporary Security Credentials to Request Access to AWS Resources]in the AWS IAM User Guide. - // - // [Using Temporary Security Credentials to Request Access to AWS Resources]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - AccessKeyId *string - - // The date on which temporary security credentials expire. - Expiration int64 - - // The key that is used to sign the request. For more information, see [Using Temporary Security Credentials to Request Access to AWS Resources] in the AWS - // IAM User Guide. - // - // [Using Temporary Security Credentials to Request Access to AWS Resources]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - SecretAccessKey *string - - // The token used for temporary credentials. For more information, see [Using Temporary Security Credentials to Request Access to AWS Resources] in the AWS - // IAM User Guide. - // - // [Using Temporary Security Credentials to Request Access to AWS Resources]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html - SessionToken *string - - noSmithyDocumentSerde -} - -// Provides information about the role that is assigned to the user. -type RoleInfo struct { - - // The identifier of the AWS account assigned to the user. - AccountId *string - - // The friendly name of the role that is assigned to the user. - RoleName *string - - noSmithyDocumentSerde -} - -type noSmithyDocumentSerde = smithydocument.NoSerde diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/validators.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/validators.go deleted file mode 100644 index f6bf461f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/validators.go +++ /dev/null @@ -1,175 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sso - -import ( - "context" - "fmt" - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/middleware" -) - -type validateOpGetRoleCredentials struct { -} - -func (*validateOpGetRoleCredentials) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpGetRoleCredentials) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*GetRoleCredentialsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpGetRoleCredentialsInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpListAccountRoles struct { -} - -func (*validateOpListAccountRoles) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpListAccountRoles) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*ListAccountRolesInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpListAccountRolesInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpListAccounts struct { -} - -func (*validateOpListAccounts) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpListAccounts) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*ListAccountsInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpListAccountsInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpLogout struct { -} - -func (*validateOpLogout) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpLogout) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*LogoutInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpLogoutInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -func addOpGetRoleCredentialsValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpGetRoleCredentials{}, middleware.After) -} - -func addOpListAccountRolesValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpListAccountRoles{}, middleware.After) -} - -func addOpListAccountsValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpListAccounts{}, middleware.After) -} - -func addOpLogoutValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpLogout{}, middleware.After) -} - -func validateOpGetRoleCredentialsInput(v *GetRoleCredentialsInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "GetRoleCredentialsInput"} - if v.RoleName == nil { - invalidParams.Add(smithy.NewErrParamRequired("RoleName")) - } - if v.AccountId == nil { - invalidParams.Add(smithy.NewErrParamRequired("AccountId")) - } - if v.AccessToken == nil { - invalidParams.Add(smithy.NewErrParamRequired("AccessToken")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpListAccountRolesInput(v *ListAccountRolesInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "ListAccountRolesInput"} - if v.AccessToken == nil { - invalidParams.Add(smithy.NewErrParamRequired("AccessToken")) - } - if v.AccountId == nil { - invalidParams.Add(smithy.NewErrParamRequired("AccountId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpListAccountsInput(v *ListAccountsInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "ListAccountsInput"} - if v.AccessToken == nil { - invalidParams.Add(smithy.NewErrParamRequired("AccessToken")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpLogoutInput(v *LogoutInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "LogoutInput"} - if v.AccessToken == nil { - invalidParams.Add(smithy.NewErrParamRequired("AccessToken")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md deleted file mode 100644 index 7f2d6f3a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md +++ /dev/null @@ -1,585 +0,0 @@ -# v1.29.1 (2025-03-04.2) - -* **Bug Fix**: Add assurance test for operation order. - -# v1.29.0 (2025-02-27) - -* **Feature**: Track credential providers via User-Agent Feature ids -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.15 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.14 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.13 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.12 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.11 (2025-01-24) - -* **Documentation**: Fixed typos in the descriptions. -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.28.10 (2025-01-17) - -* **Bug Fix**: Fix bug where credentials weren't refreshed during retry loop. - -# v1.28.9 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.8 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.7 (2024-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.6 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.5 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.4 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.3 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.2 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.1 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.0 (2024-10-04) - -* **Feature**: Add support for HTTP client metrics. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.4 (2024-10-03) - -* No change notes available for this release. - -# v1.27.3 (2024-09-27) - -* No change notes available for this release. - -# v1.27.2 (2024-09-25) - -* No change notes available for this release. - -# v1.27.1 (2024-09-23) - -* No change notes available for this release. - -# v1.27.0 (2024-09-20) - -* **Feature**: Add tracing and metrics support to service clients. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.8 (2024-09-17) - -* **Bug Fix**: **BREAKFIX**: Only generate AccountIDEndpointMode config for services that use it. This is a compiler break, but removes no actual functionality, as no services currently use the account ID in endpoint resolution. - -# v1.26.7 (2024-09-04) - -* No change notes available for this release. - -# v1.26.6 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.5 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.4 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.3 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.2 (2024-07-03) - -* No change notes available for this release. - -# v1.26.1 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.0 (2024-06-26) - -* **Feature**: Support list-of-string endpoint parameter. - -# v1.25.1 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.0 (2024-06-18) - -* **Feature**: Track usage of various AWS SDK features in user-agent string. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.6 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.5 (2024-06-07) - -* **Bug Fix**: Add clock skew correction on all service clients -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.4 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.3 (2024-05-23) - -* No change notes available for this release. - -# v1.24.2 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.1 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.0 (2024-05-10) - -* **Feature**: Updated request parameters for PKCE support. - -# v1.23.5 (2024-05-08) - -* **Bug Fix**: GoDoc improvement - -# v1.23.4 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.3 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.2 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.1 (2024-02-23) - -* **Bug Fix**: Move all common, SDK-side middleware stack ops into the service client module to prevent cross-module compatibility issues in the future. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.0 (2024-02-22) - -* **Feature**: Add middleware stack snapshot tests. - -# v1.22.2 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.22.1 (2024-02-20) - -* **Bug Fix**: When sourcing values for a service's `EndpointParameters`, the lack of a configured region (i.e. `options.Region == ""`) will now translate to a `nil` value for `EndpointParameters.Region` instead of a pointer to the empty string `""`. This will result in a much more explicit error when calling an operation instead of an obscure hostname lookup failure. - -# v1.22.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.7 (2024-01-16) - -* No change notes available for this release. - -# v1.21.6 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.5 (2023-12-08) - -* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein. - -# v1.21.4 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.3 (2023-12-06) - -* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously. - -# v1.21.2 (2023-12-01) - -* **Bug Fix**: Correct wrapping of errors in authentication workflow. -* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.1 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.0 (2023-11-29) - -* **Feature**: Expose Options() accessor on service clients. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.3 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.2 (2023-11-28) - -* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction. - -# v1.20.1 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.0 (2023-11-17) - -* **Feature**: Adding support for `sso-oauth:CreateTokenWithIAM`. - -# v1.19.2 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.1 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.0 (2023-11-01) - -* **Feature**: Adds support for configured endpoints via environment variables and the AWS shared configuration file. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.3 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.2 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.1 (2023-09-22) - -* No change notes available for this release. - -# v1.17.0 (2023-09-20) - -* **Feature**: Update FIPS endpoints in aws-us-gov. - -# v1.16.0 (2023-09-18) - -* **Announcement**: [BREAKFIX] Change in MaxResults datatype from value to pointer type in cognito-sync service. -* **Feature**: Adds several endpoint ruleset changes across all models: smaller rulesets, removed non-unique regional endpoints, fixes FIPS and DualStack endpoints, and make region not required in SDK::Endpoint. Additional breakfix to cognito-sync field. - -# v1.15.6 (2023-09-05) - -* No change notes available for this release. - -# v1.15.5 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.4 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.3 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.2 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.1 (2023-08-01) - -* No change notes available for this release. - -# v1.15.0 (2023-07-31) - -* **Feature**: Adds support for smithy-modeled endpoint resolution. A new rules-based endpoint resolution will be added to the SDK which will supercede and deprecate existing endpoint resolution. Specifically, EndpointResolver will be deprecated while BaseEndpoint and EndpointResolverV2 will take its place. For more information, please see the Endpoints section in our Developer Guide. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.14 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.13 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.12 (2023-06-15) - -* No change notes available for this release. - -# v1.14.11 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.10 (2023-05-04) - -* No change notes available for this release. - -# v1.14.9 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.8 (2023-04-10) - -* No change notes available for this release. - -# v1.14.7 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.6 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.5 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.4 (2023-02-22) - -* **Bug Fix**: Prevent nil pointer dereference when retrieving error codes. - -# v1.14.3 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.2 (2023-02-15) - -* **Announcement**: When receiving an error response in restJson-based services, an incorrect error type may have been returned based on the content of the response. This has been fixed via PR #2012 tracked in issue #1910. -* **Bug Fix**: Correct error type parsing for restJson services. - -# v1.14.1 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.0 (2023-01-05) - -* **Feature**: Add `ErrorCodeOverride` field to all error structs (aws/smithy-go#401). - -# v1.13.11 (2022-12-19) - -* No change notes available for this release. - -# v1.13.10 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.9 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.8 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.7 (2022-10-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.6 (2022-09-30) - -* **Documentation**: Documentation updates for the IAM Identity Center OIDC CLI Reference. - -# v1.13.5 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.4 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.3 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.2 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.1 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.0 (2022-08-25) - -* **Feature**: Updated required request parameters on IAM Identity Center's OIDC CreateToken action. - -# v1.12.14 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.13 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.12 (2022-08-08) - -* **Documentation**: Documentation updates to reflect service rename - AWS IAM Identity Center (successor to AWS Single Sign-On) -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.11 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.10 (2022-07-11) - -* No change notes available for this release. - -# v1.12.9 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.8 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.7 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.6 (2022-05-27) - -* No change notes available for this release. - -# v1.12.5 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.4 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.3 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.2 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.1 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.0 (2022-02-24) - -* **Feature**: API client updated -* **Feature**: Adds RetryMaxAttempts and RetryMod to API client Options. This allows the API clients' default Retryer to be configured from the shared configuration files or environment variables. Adding a new Retry mode of `Adaptive`. `Adaptive` retry mode is an experimental mode, adding client rate limiting when throttles reponses are received from an API. See [retry.AdaptiveMode](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/retry#AdaptiveMode) for more details, and configuration options. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.9.0 (2022-01-07) - -* **Feature**: API client updated -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.2 (2021-12-02) - -* **Bug Fix**: Fixes a bug that prevented aws.EndpointResolverWithOptions from being used by the service client. ([#1514](https://github.com/aws/aws-sdk-go-v2/pull/1514)) -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.0 (2021-11-06) - -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.0 (2021-10-21) - -* **Feature**: Updated to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.0 (2021-10-11) - -* **Feature**: API client updated -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.0 (2021-09-17) - -* **Feature**: Updated API client and endpoints to latest revision. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.0 (2021-08-27) - -* **Feature**: Updated API model to latest revision. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.3 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.2 (2021-08-04) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.1 (2021-07-15) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.3.0 (2021-06-25) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.1 (2021-05-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.2.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_client.go deleted file mode 100644 index 57440b1f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_client.go +++ /dev/null @@ -1,943 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/defaults" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/retry" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" - internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - smithydocument "github.com/aws/smithy-go/document" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net" - "net/http" - "sync/atomic" - "time" -) - -const ServiceID = "SSO OIDC" -const ServiceAPIVersion = "2019-06-10" - -type operationMetrics struct { - Duration metrics.Float64Histogram - SerializeDuration metrics.Float64Histogram - ResolveIdentityDuration metrics.Float64Histogram - ResolveEndpointDuration metrics.Float64Histogram - SignRequestDuration metrics.Float64Histogram - DeserializeDuration metrics.Float64Histogram -} - -func (m *operationMetrics) histogramFor(name string) metrics.Float64Histogram { - switch name { - case "client.call.duration": - return m.Duration - case "client.call.serialization_duration": - return m.SerializeDuration - case "client.call.resolve_identity_duration": - return m.ResolveIdentityDuration - case "client.call.resolve_endpoint_duration": - return m.ResolveEndpointDuration - case "client.call.signing_duration": - return m.SignRequestDuration - case "client.call.deserialization_duration": - return m.DeserializeDuration - default: - panic("unrecognized operation metric") - } -} - -func timeOperationMetric[T any]( - ctx context.Context, metric string, fn func() (T, error), - opts ...metrics.RecordMetricOption, -) (T, error) { - instr := getOperationMetrics(ctx).histogramFor(metric) - opts = append([]metrics.RecordMetricOption{withOperationMetadata(ctx)}, opts...) - - start := time.Now() - v, err := fn() - end := time.Now() - - elapsed := end.Sub(start) - instr.Record(ctx, float64(elapsed)/1e9, opts...) - return v, err -} - -func startMetricTimer(ctx context.Context, metric string, opts ...metrics.RecordMetricOption) func() { - instr := getOperationMetrics(ctx).histogramFor(metric) - opts = append([]metrics.RecordMetricOption{withOperationMetadata(ctx)}, opts...) - - var ended bool - start := time.Now() - return func() { - if ended { - return - } - ended = true - - end := time.Now() - - elapsed := end.Sub(start) - instr.Record(ctx, float64(elapsed)/1e9, opts...) - } -} - -func withOperationMetadata(ctx context.Context) metrics.RecordMetricOption { - return func(o *metrics.RecordMetricOptions) { - o.Properties.Set("rpc.service", middleware.GetServiceID(ctx)) - o.Properties.Set("rpc.method", middleware.GetOperationName(ctx)) - } -} - -type operationMetricsKey struct{} - -func withOperationMetrics(parent context.Context, mp metrics.MeterProvider) (context.Context, error) { - meter := mp.Meter("github.com/aws/aws-sdk-go-v2/service/ssooidc") - om := &operationMetrics{} - - var err error - - om.Duration, err = operationMetricTimer(meter, "client.call.duration", - "Overall call duration (including retries and time to send or receive request and response body)") - if err != nil { - return nil, err - } - om.SerializeDuration, err = operationMetricTimer(meter, "client.call.serialization_duration", - "The time it takes to serialize a message body") - if err != nil { - return nil, err - } - om.ResolveIdentityDuration, err = operationMetricTimer(meter, "client.call.auth.resolve_identity_duration", - "The time taken to acquire an identity (AWS credentials, bearer token, etc) from an Identity Provider") - if err != nil { - return nil, err - } - om.ResolveEndpointDuration, err = operationMetricTimer(meter, "client.call.resolve_endpoint_duration", - "The time it takes to resolve an endpoint (endpoint resolver, not DNS) for the request") - if err != nil { - return nil, err - } - om.SignRequestDuration, err = operationMetricTimer(meter, "client.call.auth.signing_duration", - "The time it takes to sign a request") - if err != nil { - return nil, err - } - om.DeserializeDuration, err = operationMetricTimer(meter, "client.call.deserialization_duration", - "The time it takes to deserialize a message body") - if err != nil { - return nil, err - } - - return context.WithValue(parent, operationMetricsKey{}, om), nil -} - -func operationMetricTimer(m metrics.Meter, name, desc string) (metrics.Float64Histogram, error) { - return m.Float64Histogram(name, func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = desc - }) -} - -func getOperationMetrics(ctx context.Context) *operationMetrics { - return ctx.Value(operationMetricsKey{}).(*operationMetrics) -} - -func operationTracer(p tracing.TracerProvider) tracing.Tracer { - return p.Tracer("github.com/aws/aws-sdk-go-v2/service/ssooidc") -} - -// Client provides the API client to make operations call for AWS SSO OIDC. -type Client struct { - options Options - - // Difference between the time reported by the server and the client - timeOffset *atomic.Int64 -} - -// New returns an initialized Client based on the functional options. Provide -// additional functional options to further configure the behavior of the client, -// such as changing the client's endpoint or adding custom middleware behavior. -func New(options Options, optFns ...func(*Options)) *Client { - options = options.Copy() - - resolveDefaultLogger(&options) - - setResolvedDefaultsMode(&options) - - resolveRetryer(&options) - - resolveHTTPClient(&options) - - resolveHTTPSignerV4(&options) - - resolveEndpointResolverV2(&options) - - resolveTracerProvider(&options) - - resolveMeterProvider(&options) - - resolveAuthSchemeResolver(&options) - - for _, fn := range optFns { - fn(&options) - } - - finalizeRetryMaxAttempts(&options) - - ignoreAnonymousAuth(&options) - - wrapWithAnonymousAuth(&options) - - resolveAuthSchemes(&options) - - client := &Client{ - options: options, - } - - initializeTimeOffsetResolver(client) - - return client -} - -// Options returns a copy of the client configuration. -// -// Callers SHOULD NOT perform mutations on any inner structures within client -// config. Config overrides should instead be made on a per-operation basis through -// functional options. -func (c *Client) Options() Options { - return c.options.Copy() -} - -func (c *Client) invokeOperation( - ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error, -) ( - result interface{}, metadata middleware.Metadata, err error, -) { - ctx = middleware.ClearStackValues(ctx) - ctx = middleware.WithServiceID(ctx, ServiceID) - ctx = middleware.WithOperationName(ctx, opID) - - stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) - options := c.options.Copy() - - for _, fn := range optFns { - fn(&options) - } - - finalizeOperationRetryMaxAttempts(&options, *c) - - finalizeClientEndpointResolverOptions(&options) - - for _, fn := range stackFns { - if err := fn(stack, options); err != nil { - return nil, metadata, err - } - } - - for _, fn := range options.APIOptions { - if err := fn(stack); err != nil { - return nil, metadata, err - } - } - - ctx, err = withOperationMetrics(ctx, options.MeterProvider) - if err != nil { - return nil, metadata, err - } - - tracer := operationTracer(options.TracerProvider) - spanName := fmt.Sprintf("%s.%s", ServiceID, opID) - - ctx = tracing.WithOperationTracer(ctx, tracer) - - ctx, span := tracer.StartSpan(ctx, spanName, func(o *tracing.SpanOptions) { - o.Kind = tracing.SpanKindClient - o.Properties.Set("rpc.system", "aws-api") - o.Properties.Set("rpc.method", opID) - o.Properties.Set("rpc.service", ServiceID) - }) - endTimer := startMetricTimer(ctx, "client.call.duration") - defer endTimer() - defer span.End() - - handler := smithyhttp.NewClientHandlerWithOptions(options.HTTPClient, func(o *smithyhttp.ClientHandler) { - o.Meter = options.MeterProvider.Meter("github.com/aws/aws-sdk-go-v2/service/ssooidc") - }) - decorated := middleware.DecorateHandler(handler, stack) - result, metadata, err = decorated.Handle(ctx, params) - if err != nil { - span.SetProperty("exception.type", fmt.Sprintf("%T", err)) - span.SetProperty("exception.message", err.Error()) - - var aerr smithy.APIError - if errors.As(err, &aerr) { - span.SetProperty("api.error_code", aerr.ErrorCode()) - span.SetProperty("api.error_message", aerr.ErrorMessage()) - span.SetProperty("api.error_fault", aerr.ErrorFault().String()) - } - - err = &smithy.OperationError{ - ServiceID: ServiceID, - OperationName: opID, - Err: err, - } - } - - span.SetProperty("error", err != nil) - if err == nil { - span.SetStatus(tracing.SpanStatusOK) - } else { - span.SetStatus(tracing.SpanStatusError) - } - - return result, metadata, err -} - -type operationInputKey struct{} - -func setOperationInput(ctx context.Context, input interface{}) context.Context { - return middleware.WithStackValue(ctx, operationInputKey{}, input) -} - -func getOperationInput(ctx context.Context) interface{} { - return middleware.GetStackValue(ctx, operationInputKey{}) -} - -type setOperationInputMiddleware struct { -} - -func (*setOperationInputMiddleware) ID() string { - return "setOperationInput" -} - -func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - ctx = setOperationInput(ctx, in.Parameters) - return next.HandleSerialize(ctx, in) -} - -func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { - if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { - return fmt.Errorf("add ResolveAuthScheme: %w", err) - } - if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { - return fmt.Errorf("add GetIdentity: %v", err) - } - if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { - return fmt.Errorf("add ResolveEndpointV2: %v", err) - } - if err := stack.Finalize.Insert(&signRequestMiddleware{options: options}, "ResolveEndpointV2", middleware.After); err != nil { - return fmt.Errorf("add Signing: %w", err) - } - return nil -} -func resolveAuthSchemeResolver(options *Options) { - if options.AuthSchemeResolver == nil { - options.AuthSchemeResolver = &defaultAuthSchemeResolver{} - } -} - -func resolveAuthSchemes(options *Options) { - if options.AuthSchemes == nil { - options.AuthSchemes = []smithyhttp.AuthScheme{ - internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ - Signer: options.HTTPSignerV4, - Logger: options.Logger, - LogSigning: options.ClientLogMode.IsSigning(), - }), - } - } -} - -type noSmithyDocumentSerde = smithydocument.NoSerde - -type legacyEndpointContextSetter struct { - LegacyResolver EndpointResolver -} - -func (*legacyEndpointContextSetter) ID() string { - return "legacyEndpointContextSetter" -} - -func (m *legacyEndpointContextSetter) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.LegacyResolver != nil { - ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, true) - } - - return next.HandleInitialize(ctx, in) - -} -func addlegacyEndpointContextSetter(stack *middleware.Stack, o Options) error { - return stack.Initialize.Add(&legacyEndpointContextSetter{ - LegacyResolver: o.EndpointResolver, - }, middleware.Before) -} - -func resolveDefaultLogger(o *Options) { - if o.Logger != nil { - return - } - o.Logger = logging.Nop{} -} - -func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error { - return middleware.AddSetLoggerMiddleware(stack, o.Logger) -} - -func setResolvedDefaultsMode(o *Options) { - if len(o.resolvedDefaultsMode) > 0 { - return - } - - var mode aws.DefaultsMode - mode.SetFromString(string(o.DefaultsMode)) - - if mode == aws.DefaultsModeAuto { - mode = defaults.ResolveDefaultsModeAuto(o.Region, o.RuntimeEnvironment) - } - - o.resolvedDefaultsMode = mode -} - -// NewFromConfig returns a new client from the provided config. -func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { - opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - } - resolveAWSRetryerProvider(cfg, &opts) - resolveAWSRetryMaxAttempts(cfg, &opts) - resolveAWSRetryMode(cfg, &opts) - resolveAWSEndpointResolver(cfg, &opts) - resolveUseDualStackEndpoint(cfg, &opts) - resolveUseFIPSEndpoint(cfg, &opts) - resolveBaseEndpoint(cfg, &opts) - return New(opts, optFns...) -} - -func resolveHTTPClient(o *Options) { - var buildable *awshttp.BuildableClient - - if o.HTTPClient != nil { - var ok bool - buildable, ok = o.HTTPClient.(*awshttp.BuildableClient) - if !ok { - return - } - } else { - buildable = awshttp.NewBuildableClient() - } - - modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) - if err == nil { - buildable = buildable.WithDialerOptions(func(dialer *net.Dialer) { - if dialerTimeout, ok := modeConfig.GetConnectTimeout(); ok { - dialer.Timeout = dialerTimeout - } - }) - - buildable = buildable.WithTransportOptions(func(transport *http.Transport) { - if tlsHandshakeTimeout, ok := modeConfig.GetTLSNegotiationTimeout(); ok { - transport.TLSHandshakeTimeout = tlsHandshakeTimeout - } - }) - } - - o.HTTPClient = buildable -} - -func resolveRetryer(o *Options) { - if o.Retryer != nil { - return - } - - if len(o.RetryMode) == 0 { - modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) - if err == nil { - o.RetryMode = modeConfig.RetryMode - } - } - if len(o.RetryMode) == 0 { - o.RetryMode = aws.RetryModeStandard - } - - var standardOptions []func(*retry.StandardOptions) - if v := o.RetryMaxAttempts; v != 0 { - standardOptions = append(standardOptions, func(so *retry.StandardOptions) { - so.MaxAttempts = v - }) - } - - switch o.RetryMode { - case aws.RetryModeAdaptive: - var adaptiveOptions []func(*retry.AdaptiveModeOptions) - if len(standardOptions) != 0 { - adaptiveOptions = append(adaptiveOptions, func(ao *retry.AdaptiveModeOptions) { - ao.StandardOptions = append(ao.StandardOptions, standardOptions...) - }) - } - o.Retryer = retry.NewAdaptiveMode(adaptiveOptions...) - - default: - o.Retryer = retry.NewStandard(standardOptions...) - } -} - -func resolveAWSRetryerProvider(cfg aws.Config, o *Options) { - if cfg.Retryer == nil { - return - } - o.Retryer = cfg.Retryer() -} - -func resolveAWSRetryMode(cfg aws.Config, o *Options) { - if len(cfg.RetryMode) == 0 { - return - } - o.RetryMode = cfg.RetryMode -} -func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { - if cfg.RetryMaxAttempts == 0 { - return - } - o.RetryMaxAttempts = cfg.RetryMaxAttempts -} - -func finalizeRetryMaxAttempts(o *Options) { - if o.RetryMaxAttempts == 0 { - return - } - - o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) -} - -func finalizeOperationRetryMaxAttempts(o *Options, client Client) { - if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { - return - } - - o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) -} - -func resolveAWSEndpointResolver(cfg aws.Config, o *Options) { - if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil { - return - } - o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions) -} - -func addClientUserAgent(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "ssooidc", goModuleVersion) - if len(options.AppID) > 0 { - ua.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID) - } - - return nil -} - -func getOrAddRequestUserAgent(stack *middleware.Stack) (*awsmiddleware.RequestUserAgent, error) { - id := (*awsmiddleware.RequestUserAgent)(nil).ID() - mw, ok := stack.Build.Get(id) - if !ok { - mw = awsmiddleware.NewRequestUserAgent() - if err := stack.Build.Add(mw, middleware.After); err != nil { - return nil, err - } - } - - ua, ok := mw.(*awsmiddleware.RequestUserAgent) - if !ok { - return nil, fmt.Errorf("%T for %s middleware did not match expected type", mw, id) - } - - return ua, nil -} - -type HTTPSignerV4 interface { - SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error -} - -func resolveHTTPSignerV4(o *Options) { - if o.HTTPSignerV4 != nil { - return - } - o.HTTPSignerV4 = newDefaultV4Signer(*o) -} - -func newDefaultV4Signer(o Options) *v4.Signer { - return v4.NewSigner(func(so *v4.SignerOptions) { - so.Logger = o.Logger - so.LogSigning = o.ClientLogMode.IsSigning() - }) -} - -func addClientRequestID(stack *middleware.Stack) error { - return stack.Build.Add(&awsmiddleware.ClientRequestID{}, middleware.After) -} - -func addComputeContentLength(stack *middleware.Stack) error { - return stack.Build.Add(&smithyhttp.ComputeContentLength{}, middleware.After) -} - -func addRawResponseToMetadata(stack *middleware.Stack) error { - return stack.Deserialize.Add(&awsmiddleware.AddRawResponse{}, middleware.Before) -} - -func addRecordResponseTiming(stack *middleware.Stack) error { - return stack.Deserialize.Add(&awsmiddleware.RecordResponseTiming{}, middleware.After) -} - -func addSpanRetryLoop(stack *middleware.Stack, options Options) error { - return stack.Finalize.Insert(&spanRetryLoop{options: options}, "Retry", middleware.Before) -} - -type spanRetryLoop struct { - options Options -} - -func (*spanRetryLoop) ID() string { - return "spanRetryLoop" -} - -func (m *spanRetryLoop) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - middleware.FinalizeOutput, middleware.Metadata, error, -) { - tracer := operationTracer(m.options.TracerProvider) - ctx, span := tracer.StartSpan(ctx, "RetryLoop") - defer span.End() - - return next.HandleFinalize(ctx, in) -} -func addStreamingEventsPayload(stack *middleware.Stack) error { - return stack.Finalize.Add(&v4.StreamingEventsPayload{}, middleware.Before) -} - -func addUnsignedPayload(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.UnsignedPayload{}, "ResolveEndpointV2", middleware.After) -} - -func addComputePayloadSHA256(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After) -} - -func addContentSHA256Header(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.ContentSHA256Header{}, (*v4.ComputePayloadSHA256)(nil).ID(), middleware.After) -} - -func addIsWaiterUserAgent(o *Options) { - o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureWaiter) - return nil - }) -} - -func addIsPaginatorUserAgent(o *Options) { - o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeaturePaginator) - return nil - }) -} - -func addRetry(stack *middleware.Stack, o Options) error { - attempt := retry.NewAttemptMiddleware(o.Retryer, smithyhttp.RequestCloner, func(m *retry.Attempt) { - m.LogAttempts = o.ClientLogMode.IsRetries() - m.OperationMeter = o.MeterProvider.Meter("github.com/aws/aws-sdk-go-v2/service/ssooidc") - }) - if err := stack.Finalize.Insert(attempt, "ResolveAuthScheme", middleware.Before); err != nil { - return err - } - if err := stack.Finalize.Insert(&retry.MetricsHeader{}, attempt.ID(), middleware.After); err != nil { - return err - } - return nil -} - -// resolves dual-stack endpoint configuration -func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error { - if len(cfg.ConfigSources) == 0 { - return nil - } - value, found, err := internalConfig.ResolveUseDualStackEndpoint(context.Background(), cfg.ConfigSources) - if err != nil { - return err - } - if found { - o.EndpointOptions.UseDualStackEndpoint = value - } - return nil -} - -// resolves FIPS endpoint configuration -func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { - if len(cfg.ConfigSources) == 0 { - return nil - } - value, found, err := internalConfig.ResolveUseFIPSEndpoint(context.Background(), cfg.ConfigSources) - if err != nil { - return err - } - if found { - o.EndpointOptions.UseFIPSEndpoint = value - } - return nil -} - -func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { - if mode == aws.AccountIDEndpointModeDisabled { - return nil - } - - if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { - return aws.String(ca.Credentials.AccountID) - } - - return nil -} - -func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { - mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} - if err := stack.Build.Add(&mw, middleware.After); err != nil { - return err - } - return stack.Deserialize.Insert(&mw, "RecordResponseTiming", middleware.Before) -} -func initializeTimeOffsetResolver(c *Client) { - c.timeOffset = new(atomic.Int64) -} - -func addUserAgentRetryMode(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - switch options.Retryer.(type) { - case *retry.Standard: - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeStandard) - case *retry.AdaptiveMode: - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeAdaptive) - } - return nil -} - -type setCredentialSourceMiddleware struct { - ua *awsmiddleware.RequestUserAgent - options Options -} - -func (m setCredentialSourceMiddleware) ID() string { return "SetCredentialSourceMiddleware" } - -func (m setCredentialSourceMiddleware) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - asProviderSource, ok := m.options.Credentials.(aws.CredentialProviderSource) - if !ok { - return next.HandleBuild(ctx, in) - } - providerSources := asProviderSource.ProviderSources() - for _, source := range providerSources { - m.ua.AddCredentialsSource(source) - } - return next.HandleBuild(ctx, in) -} - -func addCredentialSource(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - mw := setCredentialSourceMiddleware{ua: ua, options: options} - return stack.Build.Insert(&mw, "UserAgent", middleware.Before) -} - -func resolveTracerProvider(options *Options) { - if options.TracerProvider == nil { - options.TracerProvider = &tracing.NopTracerProvider{} - } -} - -func resolveMeterProvider(options *Options) { - if options.MeterProvider == nil { - options.MeterProvider = metrics.NopMeterProvider{} - } -} - -func addRecursionDetection(stack *middleware.Stack) error { - return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) -} - -func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&awsmiddleware.RequestIDRetriever{}, "OperationDeserializer", middleware.Before) - -} - -func addResponseErrorMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&awshttp.ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before) - -} - -func addRequestResponseLogging(stack *middleware.Stack, o Options) error { - return stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{ - LogRequest: o.ClientLogMode.IsRequest(), - LogRequestWithBody: o.ClientLogMode.IsRequestWithBody(), - LogResponse: o.ClientLogMode.IsResponse(), - LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(), - }, middleware.After) -} - -type disableHTTPSMiddleware struct { - DisableHTTPS bool -} - -func (*disableHTTPSMiddleware) ID() string { - return "disableHTTPS" -} - -func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { - req.URL.Scheme = "http" - } - - return next.HandleFinalize(ctx, in) -} - -func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { - return stack.Finalize.Insert(&disableHTTPSMiddleware{ - DisableHTTPS: o.EndpointOptions.DisableHTTPS, - }, "ResolveEndpointV2", middleware.After) -} - -type spanInitializeStart struct { -} - -func (*spanInitializeStart) ID() string { - return "spanInitializeStart" -} - -func (m *spanInitializeStart) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - middleware.InitializeOutput, middleware.Metadata, error, -) { - ctx, _ = tracing.StartSpan(ctx, "Initialize") - - return next.HandleInitialize(ctx, in) -} - -type spanInitializeEnd struct { -} - -func (*spanInitializeEnd) ID() string { - return "spanInitializeEnd" -} - -func (m *spanInitializeEnd) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - middleware.InitializeOutput, middleware.Metadata, error, -) { - ctx, span := tracing.PopSpan(ctx) - span.End() - - return next.HandleInitialize(ctx, in) -} - -type spanBuildRequestStart struct { -} - -func (*spanBuildRequestStart) ID() string { - return "spanBuildRequestStart" -} - -func (m *spanBuildRequestStart) HandleSerialize( - ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, -) ( - middleware.SerializeOutput, middleware.Metadata, error, -) { - ctx, _ = tracing.StartSpan(ctx, "BuildRequest") - - return next.HandleSerialize(ctx, in) -} - -type spanBuildRequestEnd struct { -} - -func (*spanBuildRequestEnd) ID() string { - return "spanBuildRequestEnd" -} - -func (m *spanBuildRequestEnd) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, -) ( - middleware.BuildOutput, middleware.Metadata, error, -) { - ctx, span := tracing.PopSpan(ctx) - span.End() - - return next.HandleBuild(ctx, in) -} - -func addSpanInitializeStart(stack *middleware.Stack) error { - return stack.Initialize.Add(&spanInitializeStart{}, middleware.Before) -} - -func addSpanInitializeEnd(stack *middleware.Stack) error { - return stack.Initialize.Add(&spanInitializeEnd{}, middleware.After) -} - -func addSpanBuildRequestStart(stack *middleware.Stack) error { - return stack.Serialize.Add(&spanBuildRequestStart{}, middleware.Before) -} - -func addSpanBuildRequestEnd(stack *middleware.Stack) error { - return stack.Build.Add(&spanBuildRequestEnd{}, middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateToken.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateToken.go deleted file mode 100644 index 49387833..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateToken.go +++ /dev/null @@ -1,242 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Creates and returns access and refresh tokens for clients that are -// authenticated using client secrets. The access token can be used to fetch -// short-lived credentials for the assigned AWS accounts or to access application -// APIs using bearer authentication. -func (c *Client) CreateToken(ctx context.Context, params *CreateTokenInput, optFns ...func(*Options)) (*CreateTokenOutput, error) { - if params == nil { - params = &CreateTokenInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "CreateToken", params, optFns, c.addOperationCreateTokenMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*CreateTokenOutput) - out.ResultMetadata = metadata - return out, nil -} - -type CreateTokenInput struct { - - // The unique identifier string for the client or application. This value comes - // from the result of the RegisterClientAPI. - // - // This member is required. - ClientId *string - - // A secret string generated for the client. This value should come from the - // persisted result of the RegisterClientAPI. - // - // This member is required. - ClientSecret *string - - // Supports the following OAuth grant types: Authorization Code, Device Code, and - // Refresh Token. Specify one of the following values, depending on the grant type - // that you want: - // - // * Authorization Code - authorization_code - // - // * Device Code - urn:ietf:params:oauth:grant-type:device_code - // - // * Refresh Token - refresh_token - // - // This member is required. - GrantType *string - - // Used only when calling this API for the Authorization Code grant type. The - // short-lived code is used to identify this authorization request. - Code *string - - // Used only when calling this API for the Authorization Code grant type. This - // value is generated by the client and presented to validate the original code - // challenge value the client passed at authorization time. - CodeVerifier *string - - // Used only when calling this API for the Device Code grant type. This - // short-lived code is used to identify this authorization request. This comes from - // the result of the StartDeviceAuthorizationAPI. - DeviceCode *string - - // Used only when calling this API for the Authorization Code grant type. This - // value specifies the location of the client or application that has registered to - // receive the authorization code. - RedirectUri *string - - // Used only when calling this API for the Refresh Token grant type. This token is - // used to refresh short-lived tokens, such as the access token, that might expire. - // - // For more information about the features and limitations of the current IAM - // Identity Center OIDC implementation, see Considerations for Using this Guide in - // the [IAM Identity Center OIDC API Reference]. - // - // [IAM Identity Center OIDC API Reference]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html - RefreshToken *string - - // The list of scopes for which authorization is requested. The access token that - // is issued is limited to the scopes that are granted. If this value is not - // specified, IAM Identity Center authorizes all scopes that are configured for the - // client during the call to RegisterClient. - Scope []string - - noSmithyDocumentSerde -} - -type CreateTokenOutput struct { - - // A bearer token to access Amazon Web Services accounts and applications assigned - // to a user. - AccessToken *string - - // Indicates the time in seconds when an access token will expire. - ExpiresIn int32 - - // The idToken is not implemented or supported. For more information about the - // features and limitations of the current IAM Identity Center OIDC implementation, - // see Considerations for Using this Guide in the [IAM Identity Center OIDC API Reference]. - // - // A JSON Web Token (JWT) that identifies who is associated with the issued access - // token. - // - // [IAM Identity Center OIDC API Reference]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html - IdToken *string - - // A token that, if present, can be used to refresh a previously issued access - // token that might have expired. - // - // For more information about the features and limitations of the current IAM - // Identity Center OIDC implementation, see Considerations for Using this Guide in - // the [IAM Identity Center OIDC API Reference]. - // - // [IAM Identity Center OIDC API Reference]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html - RefreshToken *string - - // Used to notify the client that the returned token is an access token. The - // supported token type is Bearer . - TokenType *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationCreateTokenMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateToken{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateToken{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "CreateToken"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpCreateTokenValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateToken(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opCreateToken(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "CreateToken", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateTokenWithIAM.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateTokenWithIAM.go deleted file mode 100644 index 2a3ce35b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_CreateTokenWithIAM.go +++ /dev/null @@ -1,274 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Creates and returns access and refresh tokens for clients and applications that -// are authenticated using IAM entities. The access token can be used to fetch -// short-lived credentials for the assigned Amazon Web Services accounts or to -// access application APIs using bearer authentication. -func (c *Client) CreateTokenWithIAM(ctx context.Context, params *CreateTokenWithIAMInput, optFns ...func(*Options)) (*CreateTokenWithIAMOutput, error) { - if params == nil { - params = &CreateTokenWithIAMInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "CreateTokenWithIAM", params, optFns, c.addOperationCreateTokenWithIAMMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*CreateTokenWithIAMOutput) - out.ResultMetadata = metadata - return out, nil -} - -type CreateTokenWithIAMInput struct { - - // The unique identifier string for the client or application. This value is an - // application ARN that has OAuth grants configured. - // - // This member is required. - ClientId *string - - // Supports the following OAuth grant types: Authorization Code, Refresh Token, - // JWT Bearer, and Token Exchange. Specify one of the following values, depending - // on the grant type that you want: - // - // * Authorization Code - authorization_code - // - // * Refresh Token - refresh_token - // - // * JWT Bearer - urn:ietf:params:oauth:grant-type:jwt-bearer - // - // * Token Exchange - urn:ietf:params:oauth:grant-type:token-exchange - // - // This member is required. - GrantType *string - - // Used only when calling this API for the JWT Bearer grant type. This value - // specifies the JSON Web Token (JWT) issued by a trusted token issuer. To - // authorize a trusted token issuer, configure the JWT Bearer GrantOptions for the - // application. - Assertion *string - - // Used only when calling this API for the Authorization Code grant type. This - // short-lived code is used to identify this authorization request. The code is - // obtained through a redirect from IAM Identity Center to a redirect URI persisted - // in the Authorization Code GrantOptions for the application. - Code *string - - // Used only when calling this API for the Authorization Code grant type. This - // value is generated by the client and presented to validate the original code - // challenge value the client passed at authorization time. - CodeVerifier *string - - // Used only when calling this API for the Authorization Code grant type. This - // value specifies the location of the client or application that has registered to - // receive the authorization code. - RedirectUri *string - - // Used only when calling this API for the Refresh Token grant type. This token is - // used to refresh short-lived tokens, such as the access token, that might expire. - // - // For more information about the features and limitations of the current IAM - // Identity Center OIDC implementation, see Considerations for Using this Guide in - // the [IAM Identity Center OIDC API Reference]. - // - // [IAM Identity Center OIDC API Reference]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html - RefreshToken *string - - // Used only when calling this API for the Token Exchange grant type. This value - // specifies the type of token that the requester can receive. The following values - // are supported: - // - // * Access Token - urn:ietf:params:oauth:token-type:access_token - // - // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token - RequestedTokenType *string - - // The list of scopes for which authorization is requested. The access token that - // is issued is limited to the scopes that are granted. If the value is not - // specified, IAM Identity Center authorizes all scopes configured for the - // application, including the following default scopes: openid , aws , - // sts:identity_context . - Scope []string - - // Used only when calling this API for the Token Exchange grant type. This value - // specifies the subject of the exchange. The value of the subject token must be an - // access token issued by IAM Identity Center to a different client or application. - // The access token must have authorized scopes that indicate the requested - // application as a target audience. - SubjectToken *string - - // Used only when calling this API for the Token Exchange grant type. This value - // specifies the type of token that is passed as the subject of the exchange. The - // following value is supported: - // - // * Access Token - urn:ietf:params:oauth:token-type:access_token - SubjectTokenType *string - - noSmithyDocumentSerde -} - -type CreateTokenWithIAMOutput struct { - - // A bearer token to access Amazon Web Services accounts and applications assigned - // to a user. - AccessToken *string - - // Indicates the time in seconds when an access token will expire. - ExpiresIn int32 - - // A JSON Web Token (JWT) that identifies the user associated with the issued - // access token. - IdToken *string - - // Indicates the type of tokens that are issued by IAM Identity Center. The - // following values are supported: - // - // * Access Token - urn:ietf:params:oauth:token-type:access_token - // - // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token - IssuedTokenType *string - - // A token that, if present, can be used to refresh a previously issued access - // token that might have expired. - // - // For more information about the features and limitations of the current IAM - // Identity Center OIDC implementation, see Considerations for Using this Guide in - // the [IAM Identity Center OIDC API Reference]. - // - // [IAM Identity Center OIDC API Reference]: https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html - RefreshToken *string - - // The list of scopes for which authorization is granted. The access token that is - // issued is limited to the scopes that are granted. - Scope []string - - // Used to notify the requester that the returned token is an access token. The - // supported token type is Bearer . - TokenType *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationCreateTokenWithIAMMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsRestjson1_serializeOpCreateTokenWithIAM{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsRestjson1_deserializeOpCreateTokenWithIAM{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "CreateTokenWithIAM"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpCreateTokenWithIAMValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateTokenWithIAM(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opCreateTokenWithIAM(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "CreateTokenWithIAM", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_RegisterClient.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_RegisterClient.go deleted file mode 100644 index 1e2d3828..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_RegisterClient.go +++ /dev/null @@ -1,212 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Registers a public client with IAM Identity Center. This allows clients to -// perform authorization using the authorization code grant with Proof Key for Code -// Exchange (PKCE) or the device code grant. -func (c *Client) RegisterClient(ctx context.Context, params *RegisterClientInput, optFns ...func(*Options)) (*RegisterClientOutput, error) { - if params == nil { - params = &RegisterClientInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "RegisterClient", params, optFns, c.addOperationRegisterClientMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*RegisterClientOutput) - out.ResultMetadata = metadata - return out, nil -} - -type RegisterClientInput struct { - - // The friendly name of the client. - // - // This member is required. - ClientName *string - - // The type of client. The service supports only public as a client type. Anything - // other than public will be rejected by the service. - // - // This member is required. - ClientType *string - - // This IAM Identity Center application ARN is used to define - // administrator-managed configuration for public client access to resources. At - // authorization, the scopes, grants, and redirect URI available to this client - // will be restricted by this application resource. - EntitledApplicationArn *string - - // The list of OAuth 2.0 grant types that are defined by the client. This list is - // used to restrict the token granting flows available to the client. Supports the - // following OAuth 2.0 grant types: Authorization Code, Device Code, and Refresh - // Token. - // - // * Authorization Code - authorization_code - // - // * Device Code - urn:ietf:params:oauth:grant-type:device_code - // - // * Refresh Token - refresh_token - GrantTypes []string - - // The IAM Identity Center Issuer URL associated with an instance of IAM Identity - // Center. This value is needed for user access to resources through the client. - IssuerUrl *string - - // The list of redirect URI that are defined by the client. At completion of - // authorization, this list is used to restrict what locations the user agent can - // be redirected back to. - RedirectUris []string - - // The list of scopes that are defined by the client. Upon authorization, this - // list is used to restrict permissions when granting an access token. - Scopes []string - - noSmithyDocumentSerde -} - -type RegisterClientOutput struct { - - // An endpoint that the client can use to request authorization. - AuthorizationEndpoint *string - - // The unique identifier string for each client. This client uses this identifier - // to get authenticated by the service in subsequent calls. - ClientId *string - - // Indicates the time at which the clientId and clientSecret were issued. - ClientIdIssuedAt int64 - - // A secret string generated for the client. The client will use this string to - // get authenticated by the service in subsequent calls. - ClientSecret *string - - // Indicates the time at which the clientId and clientSecret will become invalid. - ClientSecretExpiresAt int64 - - // An endpoint that the client can use to create tokens. - TokenEndpoint *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationRegisterClientMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsRestjson1_serializeOpRegisterClient{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsRestjson1_deserializeOpRegisterClient{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "RegisterClient"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpRegisterClientValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opRegisterClient(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opRegisterClient(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "RegisterClient", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_StartDeviceAuthorization.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_StartDeviceAuthorization.go deleted file mode 100644 index de0108f1..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/api_op_StartDeviceAuthorization.go +++ /dev/null @@ -1,194 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Initiates device authorization by requesting a pair of verification codes from -// the authorization service. -func (c *Client) StartDeviceAuthorization(ctx context.Context, params *StartDeviceAuthorizationInput, optFns ...func(*Options)) (*StartDeviceAuthorizationOutput, error) { - if params == nil { - params = &StartDeviceAuthorizationInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "StartDeviceAuthorization", params, optFns, c.addOperationStartDeviceAuthorizationMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*StartDeviceAuthorizationOutput) - out.ResultMetadata = metadata - return out, nil -} - -type StartDeviceAuthorizationInput struct { - - // The unique identifier string for the client that is registered with IAM - // Identity Center. This value should come from the persisted result of the RegisterClientAPI - // operation. - // - // This member is required. - ClientId *string - - // A secret string that is generated for the client. This value should come from - // the persisted result of the RegisterClientAPI operation. - // - // This member is required. - ClientSecret *string - - // The URL for the Amazon Web Services access portal. For more information, see [Using the Amazon Web Services access portal] - // in the IAM Identity Center User Guide. - // - // [Using the Amazon Web Services access portal]: https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html - // - // This member is required. - StartUrl *string - - noSmithyDocumentSerde -} - -type StartDeviceAuthorizationOutput struct { - - // The short-lived code that is used by the device when polling for a session - // token. - DeviceCode *string - - // Indicates the number of seconds in which the verification code will become - // invalid. - ExpiresIn int32 - - // Indicates the number of seconds the client must wait between attempts when - // polling for a session. - Interval int32 - - // A one-time user verification code. This is needed to authorize an in-use device. - UserCode *string - - // The URI of the verification page that takes the userCode to authorize the - // device. - VerificationUri *string - - // An alternate URL that the client can use to automatically launch a browser. - // This process skips the manual step in which the user visits the verification - // page and enters their code. - VerificationUriComplete *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationStartDeviceAuthorizationMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsRestjson1_serializeOpStartDeviceAuthorization{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsRestjson1_deserializeOpStartDeviceAuthorization{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "StartDeviceAuthorization"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpStartDeviceAuthorizationValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opStartDeviceAuthorization(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opStartDeviceAuthorization(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "StartDeviceAuthorization", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/auth.go deleted file mode 100644 index e4b87f5b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/auth.go +++ /dev/null @@ -1,331 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { - params.Region = options.Region -} - -type setLegacyContextSigningOptionsMiddleware struct { -} - -func (*setLegacyContextSigningOptionsMiddleware) ID() string { - return "setLegacyContextSigningOptions" -} - -func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - rscheme := getResolvedAuthScheme(ctx) - schemeID := rscheme.Scheme.SchemeID() - - if sn := awsmiddleware.GetSigningName(ctx); sn != "" { - if schemeID == "aws.auth#sigv4" { - smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) - } else if schemeID == "aws.auth#sigv4a" { - smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) - } - } - - if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { - if schemeID == "aws.auth#sigv4" { - smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) - } else if schemeID == "aws.auth#sigv4a" { - smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) - } - } - - return next.HandleFinalize(ctx, in) -} - -func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) -} - -type withAnonymous struct { - resolver AuthSchemeResolver -} - -var _ AuthSchemeResolver = (*withAnonymous)(nil) - -func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { - opts, err := v.resolver.ResolveAuthSchemes(ctx, params) - if err != nil { - return nil, err - } - - opts = append(opts, &smithyauth.Option{ - SchemeID: smithyauth.SchemeIDAnonymous, - }) - return opts, nil -} - -func wrapWithAnonymousAuth(options *Options) { - if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { - return - } - - options.AuthSchemeResolver = &withAnonymous{ - resolver: options.AuthSchemeResolver, - } -} - -// AuthResolverParameters contains the set of inputs necessary for auth scheme -// resolution. -type AuthResolverParameters struct { - // The name of the operation being invoked. - Operation string - - // The region in which the operation is being invoked. - Region string -} - -func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { - params := &AuthResolverParameters{ - Operation: operation, - } - - bindAuthParamsRegion(ctx, params, input, options) - - return params -} - -// AuthSchemeResolver returns a set of possible authentication options for an -// operation. -type AuthSchemeResolver interface { - ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) -} - -type defaultAuthSchemeResolver struct{} - -var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) - -func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { - if overrides, ok := operationAuthOptions[params.Operation]; ok { - return overrides(params), nil - } - return serviceAuthOptions(params), nil -} - -var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{ - "CreateToken": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, - - "RegisterClient": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, - - "StartDeviceAuthorization": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, -} - -func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - { - SchemeID: smithyauth.SchemeIDSigV4, - SignerProperties: func() smithy.Properties { - var props smithy.Properties - smithyhttp.SetSigV4SigningName(&props, "sso-oauth") - smithyhttp.SetSigV4SigningRegion(&props, params.Region) - return props - }(), - }, - } -} - -type resolveAuthSchemeMiddleware struct { - operation string - options Options -} - -func (*resolveAuthSchemeMiddleware) ID() string { - return "ResolveAuthScheme" -} - -func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "ResolveAuthScheme") - defer span.End() - - params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) - options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) - } - - scheme, ok := m.selectScheme(options) - if !ok { - return out, metadata, fmt.Errorf("could not select an auth scheme") - } - - ctx = setResolvedAuthScheme(ctx, scheme) - - span.SetProperty("auth.scheme_id", scheme.Scheme.SchemeID()) - span.End() - return next.HandleFinalize(ctx, in) -} - -func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { - for _, option := range options { - if option.SchemeID == smithyauth.SchemeIDAnonymous { - return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true - } - - for _, scheme := range m.options.AuthSchemes { - if scheme.SchemeID() != option.SchemeID { - continue - } - - if scheme.IdentityResolver(m.options) != nil { - return newResolvedAuthScheme(scheme, option), true - } - } - } - - return nil, false -} - -type resolvedAuthSchemeKey struct{} - -type resolvedAuthScheme struct { - Scheme smithyhttp.AuthScheme - IdentityProperties smithy.Properties - SignerProperties smithy.Properties -} - -func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { - return &resolvedAuthScheme{ - Scheme: scheme, - IdentityProperties: option.IdentityProperties, - SignerProperties: option.SignerProperties, - } -} - -func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { - return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) -} - -func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { - v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) - return v -} - -type getIdentityMiddleware struct { - options Options -} - -func (*getIdentityMiddleware) ID() string { - return "GetIdentity" -} - -func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - innerCtx, span := tracing.StartSpan(ctx, "GetIdentity") - defer span.End() - - rscheme := getResolvedAuthScheme(innerCtx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - resolver := rscheme.Scheme.IdentityResolver(m.options) - if resolver == nil { - return out, metadata, fmt.Errorf("no identity resolver") - } - - identity, err := timeOperationMetric(ctx, "client.call.resolve_identity_duration", - func() (smithyauth.Identity, error) { - return resolver.GetIdentity(innerCtx, rscheme.IdentityProperties) - }, - func(o *metrics.RecordMetricOptions) { - o.Properties.Set("auth.scheme_id", rscheme.Scheme.SchemeID()) - }) - if err != nil { - return out, metadata, fmt.Errorf("get identity: %w", err) - } - - ctx = setIdentity(ctx, identity) - - span.End() - return next.HandleFinalize(ctx, in) -} - -type identityKey struct{} - -func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { - return middleware.WithStackValue(ctx, identityKey{}, identity) -} - -func getIdentity(ctx context.Context) smithyauth.Identity { - v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) - return v -} - -type signRequestMiddleware struct { - options Options -} - -func (*signRequestMiddleware) ID() string { - return "Signing" -} - -func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "SignRequest") - defer span.End() - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) - } - - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - identity := getIdentity(ctx) - if identity == nil { - return out, metadata, fmt.Errorf("no identity") - } - - signer := rscheme.Scheme.Signer() - if signer == nil { - return out, metadata, fmt.Errorf("no signer") - } - - _, err = timeOperationMetric(ctx, "client.call.signing_duration", func() (any, error) { - return nil, signer.SignRequest(ctx, req, identity, rscheme.SignerProperties) - }, func(o *metrics.RecordMetricOptions) { - o.Properties.Set("auth.scheme_id", rscheme.Scheme.SchemeID()) - }) - if err != nil { - return out, metadata, fmt.Errorf("sign request: %w", err) - } - - span.End() - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/deserializers.go deleted file mode 100644 index ae9f145e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/deserializers.go +++ /dev/null @@ -1,2188 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws/protocol/restjson" - "github.com/aws/aws-sdk-go-v2/service/ssooidc/types" - smithy "github.com/aws/smithy-go" - smithyio "github.com/aws/smithy-go/io" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/ptr" - smithytime "github.com/aws/smithy-go/time" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "io" - "strings" - "time" -) - -func deserializeS3Expires(v string) (*time.Time, error) { - t, err := smithytime.ParseHTTPDate(v) - if err != nil { - return nil, nil - } - return &t, nil -} - -type awsRestjson1_deserializeOpCreateToken struct { -} - -func (*awsRestjson1_deserializeOpCreateToken) ID() string { - return "OperationDeserializer" -} - -func (m *awsRestjson1_deserializeOpCreateToken) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsRestjson1_deserializeOpErrorCreateToken(response, &metadata) - } - output := &CreateTokenOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsRestjson1_deserializeOpDocumentCreateTokenOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - span.End() - return out, metadata, err -} - -func awsRestjson1_deserializeOpErrorCreateToken(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("AccessDeniedException", errorCode): - return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) - - case strings.EqualFold("AuthorizationPendingException", errorCode): - return awsRestjson1_deserializeErrorAuthorizationPendingException(response, errorBody) - - case strings.EqualFold("ExpiredTokenException", errorCode): - return awsRestjson1_deserializeErrorExpiredTokenException(response, errorBody) - - case strings.EqualFold("InternalServerException", errorCode): - return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) - - case strings.EqualFold("InvalidClientException", errorCode): - return awsRestjson1_deserializeErrorInvalidClientException(response, errorBody) - - case strings.EqualFold("InvalidGrantException", errorCode): - return awsRestjson1_deserializeErrorInvalidGrantException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("InvalidScopeException", errorCode): - return awsRestjson1_deserializeErrorInvalidScopeException(response, errorBody) - - case strings.EqualFold("SlowDownException", errorCode): - return awsRestjson1_deserializeErrorSlowDownException(response, errorBody) - - case strings.EqualFold("UnauthorizedClientException", errorCode): - return awsRestjson1_deserializeErrorUnauthorizedClientException(response, errorBody) - - case strings.EqualFold("UnsupportedGrantTypeException", errorCode): - return awsRestjson1_deserializeErrorUnsupportedGrantTypeException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsRestjson1_deserializeOpDocumentCreateTokenOutput(v **CreateTokenOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *CreateTokenOutput - if *v == nil { - sv = &CreateTokenOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "accessToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected AccessToken to be of type string, got %T instead", value) - } - sv.AccessToken = ptr.String(jtv) - } - - case "expiresIn": - if value != nil { - jtv, ok := value.(json.Number) - if !ok { - return fmt.Errorf("expected ExpirationInSeconds to be json.Number, got %T instead", value) - } - i64, err := jtv.Int64() - if err != nil { - return err - } - sv.ExpiresIn = int32(i64) - } - - case "idToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected IdToken to be of type string, got %T instead", value) - } - sv.IdToken = ptr.String(jtv) - } - - case "refreshToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RefreshToken to be of type string, got %T instead", value) - } - sv.RefreshToken = ptr.String(jtv) - } - - case "tokenType": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected TokenType to be of type string, got %T instead", value) - } - sv.TokenType = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -type awsRestjson1_deserializeOpCreateTokenWithIAM struct { -} - -func (*awsRestjson1_deserializeOpCreateTokenWithIAM) ID() string { - return "OperationDeserializer" -} - -func (m *awsRestjson1_deserializeOpCreateTokenWithIAM) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsRestjson1_deserializeOpErrorCreateTokenWithIAM(response, &metadata) - } - output := &CreateTokenWithIAMOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsRestjson1_deserializeOpDocumentCreateTokenWithIAMOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - span.End() - return out, metadata, err -} - -func awsRestjson1_deserializeOpErrorCreateTokenWithIAM(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("AccessDeniedException", errorCode): - return awsRestjson1_deserializeErrorAccessDeniedException(response, errorBody) - - case strings.EqualFold("AuthorizationPendingException", errorCode): - return awsRestjson1_deserializeErrorAuthorizationPendingException(response, errorBody) - - case strings.EqualFold("ExpiredTokenException", errorCode): - return awsRestjson1_deserializeErrorExpiredTokenException(response, errorBody) - - case strings.EqualFold("InternalServerException", errorCode): - return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) - - case strings.EqualFold("InvalidClientException", errorCode): - return awsRestjson1_deserializeErrorInvalidClientException(response, errorBody) - - case strings.EqualFold("InvalidGrantException", errorCode): - return awsRestjson1_deserializeErrorInvalidGrantException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("InvalidRequestRegionException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestRegionException(response, errorBody) - - case strings.EqualFold("InvalidScopeException", errorCode): - return awsRestjson1_deserializeErrorInvalidScopeException(response, errorBody) - - case strings.EqualFold("SlowDownException", errorCode): - return awsRestjson1_deserializeErrorSlowDownException(response, errorBody) - - case strings.EqualFold("UnauthorizedClientException", errorCode): - return awsRestjson1_deserializeErrorUnauthorizedClientException(response, errorBody) - - case strings.EqualFold("UnsupportedGrantTypeException", errorCode): - return awsRestjson1_deserializeErrorUnsupportedGrantTypeException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsRestjson1_deserializeOpDocumentCreateTokenWithIAMOutput(v **CreateTokenWithIAMOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *CreateTokenWithIAMOutput - if *v == nil { - sv = &CreateTokenWithIAMOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "accessToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected AccessToken to be of type string, got %T instead", value) - } - sv.AccessToken = ptr.String(jtv) - } - - case "expiresIn": - if value != nil { - jtv, ok := value.(json.Number) - if !ok { - return fmt.Errorf("expected ExpirationInSeconds to be json.Number, got %T instead", value) - } - i64, err := jtv.Int64() - if err != nil { - return err - } - sv.ExpiresIn = int32(i64) - } - - case "idToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected IdToken to be of type string, got %T instead", value) - } - sv.IdToken = ptr.String(jtv) - } - - case "issuedTokenType": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected TokenTypeURI to be of type string, got %T instead", value) - } - sv.IssuedTokenType = ptr.String(jtv) - } - - case "refreshToken": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected RefreshToken to be of type string, got %T instead", value) - } - sv.RefreshToken = ptr.String(jtv) - } - - case "scope": - if err := awsRestjson1_deserializeDocumentScopes(&sv.Scope, value); err != nil { - return err - } - - case "tokenType": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected TokenType to be of type string, got %T instead", value) - } - sv.TokenType = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -type awsRestjson1_deserializeOpRegisterClient struct { -} - -func (*awsRestjson1_deserializeOpRegisterClient) ID() string { - return "OperationDeserializer" -} - -func (m *awsRestjson1_deserializeOpRegisterClient) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsRestjson1_deserializeOpErrorRegisterClient(response, &metadata) - } - output := &RegisterClientOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsRestjson1_deserializeOpDocumentRegisterClientOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - span.End() - return out, metadata, err -} - -func awsRestjson1_deserializeOpErrorRegisterClient(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("InternalServerException", errorCode): - return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) - - case strings.EqualFold("InvalidClientMetadataException", errorCode): - return awsRestjson1_deserializeErrorInvalidClientMetadataException(response, errorBody) - - case strings.EqualFold("InvalidRedirectUriException", errorCode): - return awsRestjson1_deserializeErrorInvalidRedirectUriException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("InvalidScopeException", errorCode): - return awsRestjson1_deserializeErrorInvalidScopeException(response, errorBody) - - case strings.EqualFold("UnsupportedGrantTypeException", errorCode): - return awsRestjson1_deserializeErrorUnsupportedGrantTypeException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsRestjson1_deserializeOpDocumentRegisterClientOutput(v **RegisterClientOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *RegisterClientOutput - if *v == nil { - sv = &RegisterClientOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "authorizationEndpoint": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected URI to be of type string, got %T instead", value) - } - sv.AuthorizationEndpoint = ptr.String(jtv) - } - - case "clientId": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ClientId to be of type string, got %T instead", value) - } - sv.ClientId = ptr.String(jtv) - } - - case "clientIdIssuedAt": - if value != nil { - jtv, ok := value.(json.Number) - if !ok { - return fmt.Errorf("expected LongTimeStampType to be json.Number, got %T instead", value) - } - i64, err := jtv.Int64() - if err != nil { - return err - } - sv.ClientIdIssuedAt = i64 - } - - case "clientSecret": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ClientSecret to be of type string, got %T instead", value) - } - sv.ClientSecret = ptr.String(jtv) - } - - case "clientSecretExpiresAt": - if value != nil { - jtv, ok := value.(json.Number) - if !ok { - return fmt.Errorf("expected LongTimeStampType to be json.Number, got %T instead", value) - } - i64, err := jtv.Int64() - if err != nil { - return err - } - sv.ClientSecretExpiresAt = i64 - } - - case "tokenEndpoint": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected URI to be of type string, got %T instead", value) - } - sv.TokenEndpoint = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -type awsRestjson1_deserializeOpStartDeviceAuthorization struct { -} - -func (*awsRestjson1_deserializeOpStartDeviceAuthorization) ID() string { - return "OperationDeserializer" -} - -func (m *awsRestjson1_deserializeOpStartDeviceAuthorization) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsRestjson1_deserializeOpErrorStartDeviceAuthorization(response, &metadata) - } - output := &StartDeviceAuthorizationOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(response.Body, ringBuffer) - - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - err = awsRestjson1_deserializeOpDocumentStartDeviceAuthorizationOutput(&output, shape) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body with invalid JSON, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - span.End() - return out, metadata, err -} - -func awsRestjson1_deserializeOpErrorStartDeviceAuthorization(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - headerCode := response.Header.Get("X-Amzn-ErrorType") - if len(headerCode) != 0 { - errorCode = restjson.SanitizeErrorCode(headerCode) - } - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - jsonCode, message, err := restjson.GetErrorInfo(decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - if len(headerCode) == 0 && len(jsonCode) != 0 { - errorCode = restjson.SanitizeErrorCode(jsonCode) - } - if len(message) != 0 { - errorMessage = message - } - - switch { - case strings.EqualFold("InternalServerException", errorCode): - return awsRestjson1_deserializeErrorInternalServerException(response, errorBody) - - case strings.EqualFold("InvalidClientException", errorCode): - return awsRestjson1_deserializeErrorInvalidClientException(response, errorBody) - - case strings.EqualFold("InvalidRequestException", errorCode): - return awsRestjson1_deserializeErrorInvalidRequestException(response, errorBody) - - case strings.EqualFold("SlowDownException", errorCode): - return awsRestjson1_deserializeErrorSlowDownException(response, errorBody) - - case strings.EqualFold("UnauthorizedClientException", errorCode): - return awsRestjson1_deserializeErrorUnauthorizedClientException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsRestjson1_deserializeOpDocumentStartDeviceAuthorizationOutput(v **StartDeviceAuthorizationOutput, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *StartDeviceAuthorizationOutput - if *v == nil { - sv = &StartDeviceAuthorizationOutput{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "deviceCode": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected DeviceCode to be of type string, got %T instead", value) - } - sv.DeviceCode = ptr.String(jtv) - } - - case "expiresIn": - if value != nil { - jtv, ok := value.(json.Number) - if !ok { - return fmt.Errorf("expected ExpirationInSeconds to be json.Number, got %T instead", value) - } - i64, err := jtv.Int64() - if err != nil { - return err - } - sv.ExpiresIn = int32(i64) - } - - case "interval": - if value != nil { - jtv, ok := value.(json.Number) - if !ok { - return fmt.Errorf("expected IntervalInSeconds to be json.Number, got %T instead", value) - } - i64, err := jtv.Int64() - if err != nil { - return err - } - sv.Interval = int32(i64) - } - - case "userCode": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected UserCode to be of type string, got %T instead", value) - } - sv.UserCode = ptr.String(jtv) - } - - case "verificationUri": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected URI to be of type string, got %T instead", value) - } - sv.VerificationUri = ptr.String(jtv) - } - - case "verificationUriComplete": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected URI to be of type string, got %T instead", value) - } - sv.VerificationUriComplete = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeErrorAccessDeniedException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.AccessDeniedException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentAccessDeniedException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorAuthorizationPendingException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.AuthorizationPendingException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentAuthorizationPendingException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorExpiredTokenException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.ExpiredTokenException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentExpiredTokenException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorInternalServerException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InternalServerException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInternalServerException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorInvalidClientException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidClientException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInvalidClientException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorInvalidClientMetadataException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidClientMetadataException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInvalidClientMetadataException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorInvalidGrantException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidGrantException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInvalidGrantException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorInvalidRedirectUriException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidRedirectUriException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInvalidRedirectUriException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorInvalidRequestException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidRequestException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInvalidRequestException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorInvalidRequestRegionException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidRequestRegionException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInvalidRequestRegionException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorInvalidScopeException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidScopeException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentInvalidScopeException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorSlowDownException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.SlowDownException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentSlowDownException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorUnauthorizedClientException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.UnauthorizedClientException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentUnauthorizedClientException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeErrorUnsupportedGrantTypeException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.UnsupportedGrantTypeException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - - body := io.TeeReader(errorBody, ringBuffer) - decoder := json.NewDecoder(body) - decoder.UseNumber() - var shape interface{} - if err := decoder.Decode(&shape); err != nil && err != io.EOF { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - err := awsRestjson1_deserializeDocumentUnsupportedGrantTypeException(&output, shape) - - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return err - } - - errorBody.Seek(0, io.SeekStart) - - return output -} - -func awsRestjson1_deserializeDocumentAccessDeniedException(v **types.AccessDeniedException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.AccessDeniedException - if *v == nil { - sv = &types.AccessDeniedException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentAuthorizationPendingException(v **types.AuthorizationPendingException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.AuthorizationPendingException - if *v == nil { - sv = &types.AuthorizationPendingException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentExpiredTokenException(v **types.ExpiredTokenException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.ExpiredTokenException - if *v == nil { - sv = &types.ExpiredTokenException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentInternalServerException(v **types.InternalServerException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InternalServerException - if *v == nil { - sv = &types.InternalServerException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentInvalidClientException(v **types.InvalidClientException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidClientException - if *v == nil { - sv = &types.InvalidClientException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentInvalidClientMetadataException(v **types.InvalidClientMetadataException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidClientMetadataException - if *v == nil { - sv = &types.InvalidClientMetadataException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentInvalidGrantException(v **types.InvalidGrantException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidGrantException - if *v == nil { - sv = &types.InvalidGrantException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentInvalidRedirectUriException(v **types.InvalidRedirectUriException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidRedirectUriException - if *v == nil { - sv = &types.InvalidRedirectUriException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentInvalidRequestException(v **types.InvalidRequestException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidRequestException - if *v == nil { - sv = &types.InvalidRequestException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentInvalidRequestRegionException(v **types.InvalidRequestRegionException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidRequestRegionException - if *v == nil { - sv = &types.InvalidRequestRegionException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "endpoint": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Location to be of type string, got %T instead", value) - } - sv.Endpoint = ptr.String(jtv) - } - - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - case "region": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Region to be of type string, got %T instead", value) - } - sv.Region = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentInvalidScopeException(v **types.InvalidScopeException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.InvalidScopeException - if *v == nil { - sv = &types.InvalidScopeException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentScopes(v *[]string, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.([]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var cv []string - if *v == nil { - cv = []string{} - } else { - cv = *v - } - - for _, value := range shape { - var col string - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Scope to be of type string, got %T instead", value) - } - col = jtv - } - cv = append(cv, col) - - } - *v = cv - return nil -} - -func awsRestjson1_deserializeDocumentSlowDownException(v **types.SlowDownException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.SlowDownException - if *v == nil { - sv = &types.SlowDownException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentUnauthorizedClientException(v **types.UnauthorizedClientException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.UnauthorizedClientException - if *v == nil { - sv = &types.UnauthorizedClientException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} - -func awsRestjson1_deserializeDocumentUnsupportedGrantTypeException(v **types.UnsupportedGrantTypeException, value interface{}) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - if value == nil { - return nil - } - - shape, ok := value.(map[string]interface{}) - if !ok { - return fmt.Errorf("unexpected JSON type %v", value) - } - - var sv *types.UnsupportedGrantTypeException - if *v == nil { - sv = &types.UnsupportedGrantTypeException{} - } else { - sv = *v - } - - for key, value := range shape { - switch key { - case "error": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected Error to be of type string, got %T instead", value) - } - sv.Error_ = ptr.String(jtv) - } - - case "error_description": - if value != nil { - jtv, ok := value.(string) - if !ok { - return fmt.Errorf("expected ErrorDescription to be of type string, got %T instead", value) - } - sv.Error_description = ptr.String(jtv) - } - - default: - _, _ = key, value - - } - } - *v = sv - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/doc.go deleted file mode 100644 index f3510b18..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/doc.go +++ /dev/null @@ -1,49 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -// Package ssooidc provides the API client, operations, and parameter types for -// AWS SSO OIDC. -// -// IAM Identity Center OpenID Connect (OIDC) is a web service that enables a -// client (such as CLI or a native application) to register with IAM Identity -// Center. The service also enables the client to fetch the user’s access token -// upon successful authentication and authorization with IAM Identity Center. -// -// # API namespaces -// -// IAM Identity Center uses the sso and identitystore API namespaces. IAM Identity -// Center OpenID Connect uses the sso-oidc namespace. -// -// # Considerations for using this guide -// -// Before you begin using this guide, we recommend that you first review the -// following important information about how the IAM Identity Center OIDC service -// works. -// -// - The IAM Identity Center OIDC service currently implements only the portions -// of the OAuth 2.0 Device Authorization Grant standard ([https://tools.ietf.org/html/rfc8628] ) that are necessary to -// enable single sign-on authentication with the CLI. -// -// - With older versions of the CLI, the service only emits OIDC access tokens, -// so to obtain a new token, users must explicitly re-authenticate. To access the -// OIDC flow that supports token refresh and doesn’t require re-authentication, -// update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI V2) with -// support for OIDC token refresh and configurable IAM Identity Center session -// durations. For more information, see [Configure Amazon Web Services access portal session duration]. -// -// - The access tokens provided by this service grant access to all Amazon Web -// Services account entitlements assigned to an IAM Identity Center user, not just -// a particular application. -// -// - The documentation in this guide does not describe the mechanism to convert -// the access token into Amazon Web Services Auth (“sigv4”) credentials for use -// with IAM-protected Amazon Web Services service endpoints. For more information, -// see [GetRoleCredentials]in the IAM Identity Center Portal API Reference Guide. -// -// For general information about IAM Identity Center, see [What is IAM Identity Center?] in the IAM Identity -// Center User Guide. -// -// [Configure Amazon Web Services access portal session duration]: https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html -// [GetRoleCredentials]: https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html -// [https://tools.ietf.org/html/rfc8628]: https://tools.ietf.org/html/rfc8628 -// [What is IAM Identity Center?]: https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html -package ssooidc diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go deleted file mode 100644 index 6feea0c9..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/endpoints.go +++ /dev/null @@ -1,556 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" - "github.com/aws/aws-sdk-go-v2/internal/endpoints" - "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" - internalendpoints "github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints" - smithyauth "github.com/aws/smithy-go/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/ptr" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net/http" - "net/url" - "os" - "strings" -) - -// EndpointResolverOptions is the service endpoint resolver options -type EndpointResolverOptions = internalendpoints.Options - -// EndpointResolver interface for resolving service endpoints. -type EndpointResolver interface { - ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error) -} - -var _ EndpointResolver = &internalendpoints.Resolver{} - -// NewDefaultEndpointResolver constructs a new service endpoint resolver -func NewDefaultEndpointResolver() *internalendpoints.Resolver { - return internalendpoints.New() -} - -// EndpointResolverFunc is a helper utility that wraps a function so it satisfies -// the EndpointResolver interface. This is useful when you want to add additional -// endpoint resolving logic, or stub out specific endpoints with custom values. -type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error) - -func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { - return fn(region, options) -} - -// EndpointResolverFromURL returns an EndpointResolver configured using the -// provided endpoint url. By default, the resolved endpoint resolver uses the -// client region as signing region, and the endpoint source is set to -// EndpointSourceCustom.You can provide functional options to configure endpoint -// values for the resolved endpoint. -func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver { - e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom} - for _, fn := range optFns { - fn(&e) - } - - return EndpointResolverFunc( - func(region string, options EndpointResolverOptions) (aws.Endpoint, error) { - if len(e.SigningRegion) == 0 { - e.SigningRegion = region - } - return e, nil - }, - ) -} - -type ResolveEndpoint struct { - Resolver EndpointResolver - Options EndpointResolverOptions -} - -func (*ResolveEndpoint) ID() string { - return "ResolveEndpoint" -} - -func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.Resolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - eo := m.Options - eo.Logger = middleware.GetLogger(ctx) - - var endpoint aws.Endpoint - endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo) - if err != nil { - nf := (&aws.EndpointNotFoundError{}) - if errors.As(err, &nf) { - ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false) - return next.HandleSerialize(ctx, in) - } - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL, err = url.Parse(endpoint.URL) - if err != nil { - return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err) - } - - if len(awsmiddleware.GetSigningName(ctx)) == 0 { - signingName := endpoint.SigningName - if len(signingName) == 0 { - signingName = "sso-oauth" - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - } - ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source) - ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable) - ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion) - ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID) - return next.HandleSerialize(ctx, in) -} -func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error { - return stack.Serialize.Insert(&ResolveEndpoint{ - Resolver: o.EndpointResolver, - Options: o.EndpointOptions, - }, "OperationSerializer", middleware.Before) -} - -func removeResolveEndpointMiddleware(stack *middleware.Stack) error { - _, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID()) - return err -} - -type wrappedEndpointResolver struct { - awsResolver aws.EndpointResolverWithOptions -} - -func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { - return w.awsResolver.ResolveEndpoint(ServiceID, region, options) -} - -type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error) - -func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) { - return a(service, region) -} - -var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil) - -// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver. -// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error, -// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked -// via its middleware. -// -// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated. -func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver { - var resolver aws.EndpointResolverWithOptions - - if awsResolverWithOptions != nil { - resolver = awsResolverWithOptions - } else if awsResolver != nil { - resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint) - } - - return &wrappedEndpointResolver{ - awsResolver: resolver, - } -} - -func finalizeClientEndpointResolverOptions(options *Options) { - options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage() - - if len(options.EndpointOptions.ResolvedRegion) == 0 { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(options.Region, fipsInfix) || - strings.Contains(options.Region, fipsPrefix) || - strings.Contains(options.Region, fipsSuffix) { - options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( - options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") - options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled - } - } - -} - -func resolveEndpointResolverV2(options *Options) { - if options.EndpointResolverV2 == nil { - options.EndpointResolverV2 = NewDefaultEndpointResolverV2() - } -} - -func resolveBaseEndpoint(cfg aws.Config, o *Options) { - if cfg.BaseEndpoint != nil { - o.BaseEndpoint = cfg.BaseEndpoint - } - - _, g := os.LookupEnv("AWS_ENDPOINT_URL") - _, s := os.LookupEnv("AWS_ENDPOINT_URL_SSO_OIDC") - - if g && !s { - return - } - - value, found, err := internalConfig.ResolveServiceBaseEndpoint(context.Background(), "SSO OIDC", cfg.ConfigSources) - if found && err == nil { - o.BaseEndpoint = &value - } -} - -func bindRegion(region string) *string { - if region == "" { - return nil - } - return aws.String(endpoints.MapFIPSRegion(region)) -} - -// EndpointParameters provides the parameters that influence how endpoints are -// resolved. -type EndpointParameters struct { - // The AWS region used to dispatch the request. - // - // Parameter is - // required. - // - // AWS::Region - Region *string - - // When true, use the dual-stack endpoint. If the configured endpoint does not - // support dual-stack, dispatching the request MAY return an error. - // - // Defaults to - // false if no value is provided. - // - // AWS::UseDualStack - UseDualStack *bool - - // When true, send this request to the FIPS-compliant regional endpoint. If the - // configured endpoint does not have a FIPS compliant endpoint, dispatching the - // request will return an error. - // - // Defaults to false if no value is - // provided. - // - // AWS::UseFIPS - UseFIPS *bool - - // Override the endpoint used to send this request - // - // Parameter is - // required. - // - // SDK::Endpoint - Endpoint *string -} - -// ValidateRequired validates required parameters are set. -func (p EndpointParameters) ValidateRequired() error { - if p.UseDualStack == nil { - return fmt.Errorf("parameter UseDualStack is required") - } - - if p.UseFIPS == nil { - return fmt.Errorf("parameter UseFIPS is required") - } - - return nil -} - -// WithDefaults returns a shallow copy of EndpointParameterswith default values -// applied to members where applicable. -func (p EndpointParameters) WithDefaults() EndpointParameters { - if p.UseDualStack == nil { - p.UseDualStack = ptr.Bool(false) - } - - if p.UseFIPS == nil { - p.UseFIPS = ptr.Bool(false) - } - return p -} - -type stringSlice []string - -func (s stringSlice) Get(i int) *string { - if i < 0 || i >= len(s) { - return nil - } - - v := s[i] - return &v -} - -// EndpointResolverV2 provides the interface for resolving service endpoints. -type EndpointResolverV2 interface { - // ResolveEndpoint attempts to resolve the endpoint with the provided options, - // returning the endpoint if found. Otherwise an error is returned. - ResolveEndpoint(ctx context.Context, params EndpointParameters) ( - smithyendpoints.Endpoint, error, - ) -} - -// resolver provides the implementation for resolving endpoints. -type resolver struct{} - -func NewDefaultEndpointResolverV2() EndpointResolverV2 { - return &resolver{} -} - -// ResolveEndpoint attempts to resolve the endpoint with the provided options, -// returning the endpoint if found. Otherwise an error is returned. -func (r *resolver) ResolveEndpoint( - ctx context.Context, params EndpointParameters, -) ( - endpoint smithyendpoints.Endpoint, err error, -) { - params = params.WithDefaults() - if err = params.ValidateRequired(); err != nil { - return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err) - } - _UseDualStack := *params.UseDualStack - _UseFIPS := *params.UseFIPS - - if exprVal := params.Endpoint; exprVal != nil { - _Endpoint := *exprVal - _ = _Endpoint - if _UseFIPS == true { - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported") - } - if _UseDualStack == true { - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported") - } - uriString := _Endpoint - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - if exprVal := params.Region; exprVal != nil { - _Region := *exprVal - _ = _Region - if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil { - _PartitionResult := *exprVal - _ = _PartitionResult - if _UseFIPS == true { - if _UseDualStack == true { - if true == _PartitionResult.SupportsFIPS { - if true == _PartitionResult.SupportsDualStack { - uriString := func() string { - var out strings.Builder - out.WriteString("https://oidc-fips.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DualStackDnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both") - } - } - if _UseFIPS == true { - if _PartitionResult.SupportsFIPS == true { - if _PartitionResult.Name == "aws-us-gov" { - uriString := func() string { - var out strings.Builder - out.WriteString("https://oidc.") - out.WriteString(_Region) - out.WriteString(".amazonaws.com") - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://oidc-fips.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS") - } - if _UseDualStack == true { - if true == _PartitionResult.SupportsDualStack { - uriString := func() string { - var out strings.Builder - out.WriteString("https://oidc.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DualStackDnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack") - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://oidc.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.") - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region") -} - -type endpointParamsBinder interface { - bindEndpointParams(*EndpointParameters) -} - -func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { - params := &EndpointParameters{} - - params.Region = bindRegion(options.Region) - params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) - params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) - params.Endpoint = options.BaseEndpoint - - if b, ok := input.(endpointParamsBinder); ok { - b.bindEndpointParams(params) - } - - return params -} - -type resolveEndpointV2Middleware struct { - options Options -} - -func (*resolveEndpointV2Middleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "ResolveEndpoint") - defer span.End() - - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleFinalize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.options.EndpointResolverV2 == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) - endpt, err := timeOperationMetric(ctx, "client.call.resolve_endpoint_duration", - func() (smithyendpoints.Endpoint, error) { - return m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) - }) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - span.SetProperty("client.call.resolved_endpoint", endpt.URI.String()) - - if endpt.URI.RawPath == "" && req.URL.RawPath != "" { - endpt.URI.RawPath = endpt.URI.Path - } - req.URL.Scheme = endpt.URI.Scheme - req.URL.Host = endpt.URI.Host - req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) - req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) - for k := range endpt.Headers { - req.Header.Set(k, endpt.Headers.Get(k)) - } - - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) - for _, o := range opts { - rscheme.SignerProperties.SetAll(&o.SignerProperties) - } - - span.End() - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json deleted file mode 100644 index 35f18097..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/generated.json +++ /dev/null @@ -1,36 +0,0 @@ -{ - "dependencies": { - "github.com/aws/aws-sdk-go-v2": "v1.4.0", - "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000", - "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000", - "github.com/aws/smithy-go": "v1.4.0" - }, - "files": [ - "api_client.go", - "api_client_test.go", - "api_op_CreateToken.go", - "api_op_CreateTokenWithIAM.go", - "api_op_RegisterClient.go", - "api_op_StartDeviceAuthorization.go", - "auth.go", - "deserializers.go", - "doc.go", - "endpoints.go", - "endpoints_config_test.go", - "endpoints_test.go", - "generated.json", - "internal/endpoints/endpoints.go", - "internal/endpoints/endpoints_test.go", - "options.go", - "protocol_test.go", - "serializers.go", - "snapshot_test.go", - "sra_operation_order_test.go", - "types/errors.go", - "types/types.go", - "validators.go" - ], - "go": "1.22", - "module": "github.com/aws/aws-sdk-go-v2/service/ssooidc", - "unstable": false -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go deleted file mode 100644 index 1fad8e39..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package ssooidc - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.29.1" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go deleted file mode 100644 index b4c61eba..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints/endpoints.go +++ /dev/null @@ -1,566 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package endpoints - -import ( - "github.com/aws/aws-sdk-go-v2/aws" - endpoints "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2" - "github.com/aws/smithy-go/logging" - "regexp" -) - -// Options is the endpoint resolver configuration options -type Options struct { - // Logger is a logging implementation that log events should be sent to. - Logger logging.Logger - - // LogDeprecated indicates that deprecated endpoints should be logged to the - // provided logger. - LogDeprecated bool - - // ResolvedRegion is used to override the region to be resolved, rather then the - // using the value passed to the ResolveEndpoint method. This value is used by the - // SDK to translate regions like fips-us-east-1 or us-east-1-fips to an alternative - // name. You must not set this value directly in your application. - ResolvedRegion string - - // DisableHTTPS informs the resolver to return an endpoint that does not use the - // HTTPS scheme. - DisableHTTPS bool - - // UseDualStackEndpoint specifies the resolver must resolve a dual-stack endpoint. - UseDualStackEndpoint aws.DualStackEndpointState - - // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. - UseFIPSEndpoint aws.FIPSEndpointState -} - -func (o Options) GetResolvedRegion() string { - return o.ResolvedRegion -} - -func (o Options) GetDisableHTTPS() bool { - return o.DisableHTTPS -} - -func (o Options) GetUseDualStackEndpoint() aws.DualStackEndpointState { - return o.UseDualStackEndpoint -} - -func (o Options) GetUseFIPSEndpoint() aws.FIPSEndpointState { - return o.UseFIPSEndpoint -} - -func transformToSharedOptions(options Options) endpoints.Options { - return endpoints.Options{ - Logger: options.Logger, - LogDeprecated: options.LogDeprecated, - ResolvedRegion: options.ResolvedRegion, - DisableHTTPS: options.DisableHTTPS, - UseDualStackEndpoint: options.UseDualStackEndpoint, - UseFIPSEndpoint: options.UseFIPSEndpoint, - } -} - -// Resolver SSO OIDC endpoint resolver -type Resolver struct { - partitions endpoints.Partitions -} - -// ResolveEndpoint resolves the service endpoint for the given region and options -func (r *Resolver) ResolveEndpoint(region string, options Options) (endpoint aws.Endpoint, err error) { - if len(region) == 0 { - return endpoint, &aws.MissingRegionError{} - } - - opt := transformToSharedOptions(options) - return r.partitions.ResolveEndpoint(region, opt) -} - -// New returns a new Resolver -func New() *Resolver { - return &Resolver{ - partitions: defaultPartitions, - } -} - -var partitionRegexp = struct { - Aws *regexp.Regexp - AwsCn *regexp.Regexp - AwsIso *regexp.Regexp - AwsIsoB *regexp.Regexp - AwsIsoE *regexp.Regexp - AwsIsoF *regexp.Regexp - AwsUsGov *regexp.Regexp -}{ - - Aws: regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"), - AwsCn: regexp.MustCompile("^cn\\-\\w+\\-\\d+$"), - AwsIso: regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"), - AwsIsoB: regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"), - AwsIsoE: regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"), - AwsIsoF: regexp.MustCompile("^us\\-isof\\-\\w+\\-\\d+$"), - AwsUsGov: regexp.MustCompile("^us\\-gov\\-\\w+\\-\\d+$"), -} - -var defaultPartitions = endpoints.Partitions{ - { - ID: "aws", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "oidc.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "oidc-fips.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "oidc-fips.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "oidc.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.Aws, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "af-south-1", - }: endpoints.Endpoint{ - Hostname: "oidc.af-south-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "af-south-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-east-1", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-northeast-1", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-northeast-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-northeast-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-northeast-2", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-northeast-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-northeast-2", - }, - }, - endpoints.EndpointKey{ - Region: "ap-northeast-3", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-northeast-3.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-northeast-3", - }, - }, - endpoints.EndpointKey{ - Region: "ap-south-1", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-south-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-south-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-south-2", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-south-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-south-2", - }, - }, - endpoints.EndpointKey{ - Region: "ap-southeast-1", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-southeast-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-southeast-1", - }, - }, - endpoints.EndpointKey{ - Region: "ap-southeast-2", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-southeast-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-southeast-2", - }, - }, - endpoints.EndpointKey{ - Region: "ap-southeast-3", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-southeast-3.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-southeast-3", - }, - }, - endpoints.EndpointKey{ - Region: "ap-southeast-4", - }: endpoints.Endpoint{ - Hostname: "oidc.ap-southeast-4.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ap-southeast-4", - }, - }, - endpoints.EndpointKey{ - Region: "ca-central-1", - }: endpoints.Endpoint{ - Hostname: "oidc.ca-central-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ca-central-1", - }, - }, - endpoints.EndpointKey{ - Region: "ca-west-1", - }: endpoints.Endpoint{ - Hostname: "oidc.ca-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "ca-west-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-central-1", - }: endpoints.Endpoint{ - Hostname: "oidc.eu-central-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-central-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-central-2", - }: endpoints.Endpoint{ - Hostname: "oidc.eu-central-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-central-2", - }, - }, - endpoints.EndpointKey{ - Region: "eu-north-1", - }: endpoints.Endpoint{ - Hostname: "oidc.eu-north-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-north-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-south-1", - }: endpoints.Endpoint{ - Hostname: "oidc.eu-south-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-south-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-south-2", - }: endpoints.Endpoint{ - Hostname: "oidc.eu-south-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-south-2", - }, - }, - endpoints.EndpointKey{ - Region: "eu-west-1", - }: endpoints.Endpoint{ - Hostname: "oidc.eu-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-west-1", - }, - }, - endpoints.EndpointKey{ - Region: "eu-west-2", - }: endpoints.Endpoint{ - Hostname: "oidc.eu-west-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-west-2", - }, - }, - endpoints.EndpointKey{ - Region: "eu-west-3", - }: endpoints.Endpoint{ - Hostname: "oidc.eu-west-3.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "eu-west-3", - }, - }, - endpoints.EndpointKey{ - Region: "il-central-1", - }: endpoints.Endpoint{ - Hostname: "oidc.il-central-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "il-central-1", - }, - }, - endpoints.EndpointKey{ - Region: "me-central-1", - }: endpoints.Endpoint{ - Hostname: "oidc.me-central-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "me-central-1", - }, - }, - endpoints.EndpointKey{ - Region: "me-south-1", - }: endpoints.Endpoint{ - Hostname: "oidc.me-south-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "me-south-1", - }, - }, - endpoints.EndpointKey{ - Region: "sa-east-1", - }: endpoints.Endpoint{ - Hostname: "oidc.sa-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "sa-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "us-east-1", - }: endpoints.Endpoint{ - Hostname: "oidc.us-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "us-east-2", - }: endpoints.Endpoint{ - Hostname: "oidc.us-east-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-east-2", - }, - }, - endpoints.EndpointKey{ - Region: "us-west-1", - }: endpoints.Endpoint{ - Hostname: "oidc.us-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-west-1", - }, - }, - endpoints.EndpointKey{ - Region: "us-west-2", - }: endpoints.Endpoint{ - Hostname: "oidc.us-west-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - { - ID: "aws-cn", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "oidc.{region}.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "oidc-fips.{region}.amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "oidc-fips.{region}.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "oidc.{region}.amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsCn, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "cn-north-1", - }: endpoints.Endpoint{ - Hostname: "oidc.cn-north-1.amazonaws.com.cn", - CredentialScope: endpoints.CredentialScope{ - Region: "cn-north-1", - }, - }, - endpoints.EndpointKey{ - Region: "cn-northwest-1", - }: endpoints.Endpoint{ - Hostname: "oidc.cn-northwest-1.amazonaws.com.cn", - CredentialScope: endpoints.CredentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - { - ID: "aws-iso", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "oidc-fips.{region}.c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "oidc.{region}.c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIso, - IsRegionalized: true, - }, - { - ID: "aws-iso-b", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "oidc-fips.{region}.sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "oidc.{region}.sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoB, - IsRegionalized: true, - }, - { - ID: "aws-iso-e", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "oidc-fips.{region}.cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "oidc.{region}.cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoE, - IsRegionalized: true, - }, - { - ID: "aws-iso-f", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "oidc-fips.{region}.csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "oidc.{region}.csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoF, - IsRegionalized: true, - }, - { - ID: "aws-us-gov", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "oidc.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "oidc-fips.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "oidc-fips.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "oidc.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsUsGov, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-gov-east-1", - }: endpoints.Endpoint{ - Hostname: "oidc.us-gov-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-gov-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "us-gov-west-1", - }: endpoints.Endpoint{ - Hostname: "oidc.us-gov-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/options.go deleted file mode 100644 index 55dd80d0..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/options.go +++ /dev/null @@ -1,232 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - smithyauth "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net/http" -) - -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation call to - // modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The optional application specific identifier appended to the User-Agent header. - AppID string - - // This endpoint will be given as input to an EndpointResolverV2. It is used for - // providing a custom base endpoint that is subject to modifications by the - // processing EndpointResolverV2. - BaseEndpoint *string - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // The configuration DefaultsMode that the SDK should use when constructing the - // clients initial default settings. - DefaultsMode aws.DefaultsMode - - // The endpoint options to be used when attempting to resolve an endpoint. - EndpointOptions EndpointResolverOptions - - // The service endpoint resolver. - // - // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a - // value for this field will likely prevent you from using any endpoint-related - // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. - // - // To migrate an EndpointResolver implementation that uses a custom endpoint, set - // the client option BaseEndpoint instead. - EndpointResolver EndpointResolver - - // Resolves the endpoint used for a particular service operation. This should be - // used over the deprecated EndpointResolver. - EndpointResolverV2 EndpointResolverV2 - - // Signature Version 4 (SigV4) Signer - HTTPSignerV4 HTTPSignerV4 - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // The client meter provider. - MeterProvider metrics.MeterProvider - - // The region to send requests to. (Required) - Region string - - // RetryMaxAttempts specifies the maximum number attempts an API client will call - // an operation that fails with a retryable error. A value of 0 is ignored, and - // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. - // - // If specified in an operation call's functional options with a value that is - // different than the constructed client's Options, the Client's Retryer will be - // wrapped to use the operation's specific RetryMaxAttempts value. - RetryMaxAttempts int - - // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. - // - // When creating a new API Clients this member will only be used if the Retryer - // Options member is nil. This value will be ignored if Retryer is not nil. - // - // Currently does not support per operation call overrides, may in the future. - RetryMode aws.RetryMode - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. The kind of - // default retry created by the API client can be changed with the RetryMode - // option. - Retryer aws.Retryer - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set - // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You - // should not populate this structure programmatically, or rely on the values here - // within your applications. - RuntimeEnvironment aws.RuntimeEnvironment - - // The client tracer provider. - TracerProvider tracing.TracerProvider - - // The initial DefaultsMode used when the client options were constructed. If the - // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. - // - // Currently does not support per operation call overrides, may in the future. - resolvedDefaultsMode aws.DefaultsMode - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient - - // The auth scheme resolver which determines how to authenticate for each - // operation. - AuthSchemeResolver AuthSchemeResolver - - // The list of auth schemes supported by the client. - AuthSchemes []smithyhttp.AuthScheme -} - -// Copy creates a clone where the APIOptions list is deep copied. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - - return to -} - -func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { - if schemeID == "aws.auth#sigv4" { - return getSigV4IdentityResolver(o) - } - if schemeID == "smithy.api#noAuth" { - return &smithyauth.AnonymousIdentityResolver{} - } - return nil -} - -// WithAPIOptions returns a functional option for setting the Client's APIOptions -// option. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for -// this field will likely prevent you from using any endpoint-related service -// features released after the introduction of EndpointResolverV2 and BaseEndpoint. -// -// To migrate an EndpointResolver implementation that uses a custom endpoint, set -// the client option BaseEndpoint instead. -func WithEndpointResolver(v EndpointResolver) func(*Options) { - return func(o *Options) { - o.EndpointResolver = v - } -} - -// WithEndpointResolverV2 returns a functional option for setting the Client's -// EndpointResolverV2 option. -func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { - return func(o *Options) { - o.EndpointResolverV2 = v - } -} - -func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { - if o.Credentials != nil { - return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} - } - return nil -} - -// WithSigV4SigningName applies an override to the authentication workflow to -// use the given signing name for SigV4-authenticated operations. -// -// This is an advanced setting. The value here is FINAL, taking precedence over -// the resolved signing name from both auth scheme resolution and endpoint -// resolution. -func WithSigV4SigningName(name string) func(*Options) { - fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, - ) { - return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) - } - return func(o *Options) { - o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { - return s.Initialize.Add( - middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), - middleware.Before, - ) - }) - } -} - -// WithSigV4SigningRegion applies an override to the authentication workflow to -// use the given signing region for SigV4-authenticated operations. -// -// This is an advanced setting. The value here is FINAL, taking precedence over -// the resolved signing region from both auth scheme resolution and endpoint -// resolution. -func WithSigV4SigningRegion(region string) func(*Options) { - fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, - ) { - return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) - } - return func(o *Options) { - o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { - return s.Initialize.Add( - middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), - middleware.Before, - ) - }) - } -} - -func ignoreAnonymousAuth(options *Options) { - if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { - options.Credentials = nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/serializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/serializers.go deleted file mode 100644 index 1ad103d1..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/serializers.go +++ /dev/null @@ -1,512 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "bytes" - "context" - "fmt" - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/encoding/httpbinding" - smithyjson "github.com/aws/smithy-go/encoding/json" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -type awsRestjson1_serializeOpCreateToken struct { -} - -func (*awsRestjson1_serializeOpCreateToken) ID() string { - return "OperationSerializer" -} - -func (m *awsRestjson1_serializeOpCreateToken) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*CreateTokenInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - opPath, opQuery := httpbinding.SplitURI("/token") - request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) - request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) - request.Method = "POST" - var restEncoder *httpbinding.Encoder - if request.URL.RawPath == "" { - restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - } else { - request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) - restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) - } - - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - restEncoder.SetHeader("Content-Type").String("application/json") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsRestjson1_serializeOpDocumentCreateTokenInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = restEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsRestjson1_serializeOpHttpBindingsCreateTokenInput(v *CreateTokenInput, encoder *httpbinding.Encoder) error { - if v == nil { - return fmt.Errorf("unsupported serialization of nil %T", v) - } - - return nil -} - -func awsRestjson1_serializeOpDocumentCreateTokenInput(v *CreateTokenInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ClientId != nil { - ok := object.Key("clientId") - ok.String(*v.ClientId) - } - - if v.ClientSecret != nil { - ok := object.Key("clientSecret") - ok.String(*v.ClientSecret) - } - - if v.Code != nil { - ok := object.Key("code") - ok.String(*v.Code) - } - - if v.CodeVerifier != nil { - ok := object.Key("codeVerifier") - ok.String(*v.CodeVerifier) - } - - if v.DeviceCode != nil { - ok := object.Key("deviceCode") - ok.String(*v.DeviceCode) - } - - if v.GrantType != nil { - ok := object.Key("grantType") - ok.String(*v.GrantType) - } - - if v.RedirectUri != nil { - ok := object.Key("redirectUri") - ok.String(*v.RedirectUri) - } - - if v.RefreshToken != nil { - ok := object.Key("refreshToken") - ok.String(*v.RefreshToken) - } - - if v.Scope != nil { - ok := object.Key("scope") - if err := awsRestjson1_serializeDocumentScopes(v.Scope, ok); err != nil { - return err - } - } - - return nil -} - -type awsRestjson1_serializeOpCreateTokenWithIAM struct { -} - -func (*awsRestjson1_serializeOpCreateTokenWithIAM) ID() string { - return "OperationSerializer" -} - -func (m *awsRestjson1_serializeOpCreateTokenWithIAM) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*CreateTokenWithIAMInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - opPath, opQuery := httpbinding.SplitURI("/token?aws_iam=t") - request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) - request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) - request.Method = "POST" - var restEncoder *httpbinding.Encoder - if request.URL.RawPath == "" { - restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - } else { - request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) - restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) - } - - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - restEncoder.SetHeader("Content-Type").String("application/json") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsRestjson1_serializeOpDocumentCreateTokenWithIAMInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = restEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsRestjson1_serializeOpHttpBindingsCreateTokenWithIAMInput(v *CreateTokenWithIAMInput, encoder *httpbinding.Encoder) error { - if v == nil { - return fmt.Errorf("unsupported serialization of nil %T", v) - } - - return nil -} - -func awsRestjson1_serializeOpDocumentCreateTokenWithIAMInput(v *CreateTokenWithIAMInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.Assertion != nil { - ok := object.Key("assertion") - ok.String(*v.Assertion) - } - - if v.ClientId != nil { - ok := object.Key("clientId") - ok.String(*v.ClientId) - } - - if v.Code != nil { - ok := object.Key("code") - ok.String(*v.Code) - } - - if v.CodeVerifier != nil { - ok := object.Key("codeVerifier") - ok.String(*v.CodeVerifier) - } - - if v.GrantType != nil { - ok := object.Key("grantType") - ok.String(*v.GrantType) - } - - if v.RedirectUri != nil { - ok := object.Key("redirectUri") - ok.String(*v.RedirectUri) - } - - if v.RefreshToken != nil { - ok := object.Key("refreshToken") - ok.String(*v.RefreshToken) - } - - if v.RequestedTokenType != nil { - ok := object.Key("requestedTokenType") - ok.String(*v.RequestedTokenType) - } - - if v.Scope != nil { - ok := object.Key("scope") - if err := awsRestjson1_serializeDocumentScopes(v.Scope, ok); err != nil { - return err - } - } - - if v.SubjectToken != nil { - ok := object.Key("subjectToken") - ok.String(*v.SubjectToken) - } - - if v.SubjectTokenType != nil { - ok := object.Key("subjectTokenType") - ok.String(*v.SubjectTokenType) - } - - return nil -} - -type awsRestjson1_serializeOpRegisterClient struct { -} - -func (*awsRestjson1_serializeOpRegisterClient) ID() string { - return "OperationSerializer" -} - -func (m *awsRestjson1_serializeOpRegisterClient) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*RegisterClientInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - opPath, opQuery := httpbinding.SplitURI("/client/register") - request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) - request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) - request.Method = "POST" - var restEncoder *httpbinding.Encoder - if request.URL.RawPath == "" { - restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - } else { - request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) - restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) - } - - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - restEncoder.SetHeader("Content-Type").String("application/json") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsRestjson1_serializeOpDocumentRegisterClientInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = restEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsRestjson1_serializeOpHttpBindingsRegisterClientInput(v *RegisterClientInput, encoder *httpbinding.Encoder) error { - if v == nil { - return fmt.Errorf("unsupported serialization of nil %T", v) - } - - return nil -} - -func awsRestjson1_serializeOpDocumentRegisterClientInput(v *RegisterClientInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ClientName != nil { - ok := object.Key("clientName") - ok.String(*v.ClientName) - } - - if v.ClientType != nil { - ok := object.Key("clientType") - ok.String(*v.ClientType) - } - - if v.EntitledApplicationArn != nil { - ok := object.Key("entitledApplicationArn") - ok.String(*v.EntitledApplicationArn) - } - - if v.GrantTypes != nil { - ok := object.Key("grantTypes") - if err := awsRestjson1_serializeDocumentGrantTypes(v.GrantTypes, ok); err != nil { - return err - } - } - - if v.IssuerUrl != nil { - ok := object.Key("issuerUrl") - ok.String(*v.IssuerUrl) - } - - if v.RedirectUris != nil { - ok := object.Key("redirectUris") - if err := awsRestjson1_serializeDocumentRedirectUris(v.RedirectUris, ok); err != nil { - return err - } - } - - if v.Scopes != nil { - ok := object.Key("scopes") - if err := awsRestjson1_serializeDocumentScopes(v.Scopes, ok); err != nil { - return err - } - } - - return nil -} - -type awsRestjson1_serializeOpStartDeviceAuthorization struct { -} - -func (*awsRestjson1_serializeOpStartDeviceAuthorization) ID() string { - return "OperationSerializer" -} - -func (m *awsRestjson1_serializeOpStartDeviceAuthorization) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*StartDeviceAuthorizationInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - opPath, opQuery := httpbinding.SplitURI("/device_authorization") - request.URL.Path = smithyhttp.JoinPath(request.URL.Path, opPath) - request.URL.RawQuery = smithyhttp.JoinRawQuery(request.URL.RawQuery, opQuery) - request.Method = "POST" - var restEncoder *httpbinding.Encoder - if request.URL.RawPath == "" { - restEncoder, err = httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - } else { - request.URL.RawPath = smithyhttp.JoinPath(request.URL.RawPath, opPath) - restEncoder, err = httpbinding.NewEncoderWithRawPath(request.URL.Path, request.URL.RawPath, request.URL.RawQuery, request.Header) - } - - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - restEncoder.SetHeader("Content-Type").String("application/json") - - jsonEncoder := smithyjson.NewEncoder() - if err := awsRestjson1_serializeOpDocumentStartDeviceAuthorizationInput(input, jsonEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(jsonEncoder.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = restEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsRestjson1_serializeOpHttpBindingsStartDeviceAuthorizationInput(v *StartDeviceAuthorizationInput, encoder *httpbinding.Encoder) error { - if v == nil { - return fmt.Errorf("unsupported serialization of nil %T", v) - } - - return nil -} - -func awsRestjson1_serializeOpDocumentStartDeviceAuthorizationInput(v *StartDeviceAuthorizationInput, value smithyjson.Value) error { - object := value.Object() - defer object.Close() - - if v.ClientId != nil { - ok := object.Key("clientId") - ok.String(*v.ClientId) - } - - if v.ClientSecret != nil { - ok := object.Key("clientSecret") - ok.String(*v.ClientSecret) - } - - if v.StartUrl != nil { - ok := object.Key("startUrl") - ok.String(*v.StartUrl) - } - - return nil -} - -func awsRestjson1_serializeDocumentGrantTypes(v []string, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} - -func awsRestjson1_serializeDocumentRedirectUris(v []string, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} - -func awsRestjson1_serializeDocumentScopes(v []string, value smithyjson.Value) error { - array := value.Array() - defer array.Close() - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/errors.go deleted file mode 100644 index 2cfe7b48..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/errors.go +++ /dev/null @@ -1,428 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -import ( - "fmt" - smithy "github.com/aws/smithy-go" -) - -// You do not have sufficient access to perform this action. -type AccessDeniedException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *AccessDeniedException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *AccessDeniedException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *AccessDeniedException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "AccessDeniedException" - } - return *e.ErrorCodeOverride -} -func (e *AccessDeniedException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that a request to authorize a client with an access user session -// token is pending. -type AuthorizationPendingException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *AuthorizationPendingException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *AuthorizationPendingException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *AuthorizationPendingException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "AuthorizationPendingException" - } - return *e.ErrorCodeOverride -} -func (e *AuthorizationPendingException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that the token issued by the service is expired and is no longer -// valid. -type ExpiredTokenException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *ExpiredTokenException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *ExpiredTokenException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *ExpiredTokenException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "ExpiredTokenException" - } - return *e.ErrorCodeOverride -} -func (e *ExpiredTokenException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that an error from the service occurred while trying to process a -// request. -type InternalServerException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *InternalServerException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InternalServerException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InternalServerException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InternalServerException" - } - return *e.ErrorCodeOverride -} -func (e *InternalServerException) ErrorFault() smithy.ErrorFault { return smithy.FaultServer } - -// Indicates that the clientId or clientSecret in the request is invalid. For -// example, this can occur when a client sends an incorrect clientId or an expired -// clientSecret . -type InvalidClientException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *InvalidClientException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidClientException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidClientException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidClientException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidClientException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that the client information sent in the request during registration -// is invalid. -type InvalidClientMetadataException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *InvalidClientMetadataException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidClientMetadataException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidClientMetadataException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidClientMetadataException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidClientMetadataException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that a request contains an invalid grant. This can occur if a client -// makes a CreateTokenrequest with an invalid grant type. -type InvalidGrantException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *InvalidGrantException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidGrantException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidGrantException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidGrantException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidGrantException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that one or more redirect URI in the request is not supported for -// this operation. -type InvalidRedirectUriException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *InvalidRedirectUriException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidRedirectUriException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidRedirectUriException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidRedirectUriException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidRedirectUriException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that something is wrong with the input to the request. For example, a -// required parameter might be missing or out of range. -type InvalidRequestException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *InvalidRequestException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidRequestException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidRequestException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidRequestException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidRequestException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that a token provided as input to the request was issued by and is -// only usable by calling IAM Identity Center endpoints in another region. -type InvalidRequestRegionException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - Endpoint *string - Region *string - - noSmithyDocumentSerde -} - -func (e *InvalidRequestRegionException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidRequestRegionException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidRequestRegionException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidRequestRegionException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidRequestRegionException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that the scope provided in the request is invalid. -type InvalidScopeException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *InvalidScopeException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidScopeException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidScopeException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidScopeException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidScopeException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that the client is making the request too frequently and is more than -// the service can handle. -type SlowDownException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *SlowDownException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *SlowDownException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *SlowDownException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "SlowDownException" - } - return *e.ErrorCodeOverride -} -func (e *SlowDownException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that the client is not currently authorized to make the request. This -// can happen when a clientId is not issued for a public client. -type UnauthorizedClientException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *UnauthorizedClientException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *UnauthorizedClientException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *UnauthorizedClientException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "UnauthorizedClientException" - } - return *e.ErrorCodeOverride -} -func (e *UnauthorizedClientException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// Indicates that the grant type in the request is not supported by the service. -type UnsupportedGrantTypeException struct { - Message *string - - ErrorCodeOverride *string - - Error_ *string - Error_description *string - - noSmithyDocumentSerde -} - -func (e *UnsupportedGrantTypeException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *UnsupportedGrantTypeException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *UnsupportedGrantTypeException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "UnsupportedGrantTypeException" - } - return *e.ErrorCodeOverride -} -func (e *UnsupportedGrantTypeException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/types.go deleted file mode 100644 index 0ec0789f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/types/types.go +++ /dev/null @@ -1,9 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -import ( - smithydocument "github.com/aws/smithy-go/document" -) - -type noSmithyDocumentSerde = smithydocument.NoSerde diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/validators.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/validators.go deleted file mode 100644 index 9c17e4c8..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/validators.go +++ /dev/null @@ -1,184 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package ssooidc - -import ( - "context" - "fmt" - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/middleware" -) - -type validateOpCreateToken struct { -} - -func (*validateOpCreateToken) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpCreateToken) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*CreateTokenInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpCreateTokenInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpCreateTokenWithIAM struct { -} - -func (*validateOpCreateTokenWithIAM) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpCreateTokenWithIAM) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*CreateTokenWithIAMInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpCreateTokenWithIAMInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpRegisterClient struct { -} - -func (*validateOpRegisterClient) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpRegisterClient) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*RegisterClientInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpRegisterClientInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpStartDeviceAuthorization struct { -} - -func (*validateOpStartDeviceAuthorization) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpStartDeviceAuthorization) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*StartDeviceAuthorizationInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpStartDeviceAuthorizationInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -func addOpCreateTokenValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpCreateToken{}, middleware.After) -} - -func addOpCreateTokenWithIAMValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpCreateTokenWithIAM{}, middleware.After) -} - -func addOpRegisterClientValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpRegisterClient{}, middleware.After) -} - -func addOpStartDeviceAuthorizationValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpStartDeviceAuthorization{}, middleware.After) -} - -func validateOpCreateTokenInput(v *CreateTokenInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "CreateTokenInput"} - if v.ClientId == nil { - invalidParams.Add(smithy.NewErrParamRequired("ClientId")) - } - if v.ClientSecret == nil { - invalidParams.Add(smithy.NewErrParamRequired("ClientSecret")) - } - if v.GrantType == nil { - invalidParams.Add(smithy.NewErrParamRequired("GrantType")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpCreateTokenWithIAMInput(v *CreateTokenWithIAMInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "CreateTokenWithIAMInput"} - if v.ClientId == nil { - invalidParams.Add(smithy.NewErrParamRequired("ClientId")) - } - if v.GrantType == nil { - invalidParams.Add(smithy.NewErrParamRequired("GrantType")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpRegisterClientInput(v *RegisterClientInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "RegisterClientInput"} - if v.ClientName == nil { - invalidParams.Add(smithy.NewErrParamRequired("ClientName")) - } - if v.ClientType == nil { - invalidParams.Add(smithy.NewErrParamRequired("ClientType")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpStartDeviceAuthorizationInput(v *StartDeviceAuthorizationInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "StartDeviceAuthorizationInput"} - if v.ClientId == nil { - invalidParams.Add(smithy.NewErrParamRequired("ClientId")) - } - if v.ClientSecret == nil { - invalidParams.Add(smithy.NewErrParamRequired("ClientSecret")) - } - if v.StartUrl == nil { - invalidParams.Add(smithy.NewErrParamRequired("StartUrl")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md deleted file mode 100644 index 79ff72d7..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md +++ /dev/null @@ -1,631 +0,0 @@ -# v1.33.17 (2025-03-04.2) - -* **Bug Fix**: Add assurance test for operation order. - -# v1.33.16 (2025-02-27) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.15 (2025-02-18) - -* **Bug Fix**: Bump go version to 1.22 -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.14 (2025-02-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.13 (2025-02-04) - -* No change notes available for this release. - -# v1.33.12 (2025-01-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.11 (2025-01-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.10 (2025-01-24) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade to smithy-go v1.22.2. - -# v1.33.9 (2025-01-17) - -* **Bug Fix**: Fix bug where credentials weren't refreshed during retry loop. - -# v1.33.8 (2025-01-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.7 (2025-01-14) - -* No change notes available for this release. - -# v1.33.6 (2025-01-10) - -* **Documentation**: Fixed typos in the descriptions. - -# v1.33.5 (2025-01-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.4 (2025-01-08) - -* No change notes available for this release. - -# v1.33.3 (2024-12-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.2 (2024-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.1 (2024-11-18) - -* **Dependency Update**: Update to smithy-go v1.22.1. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.33.0 (2024-11-14) - -* **Feature**: This release introduces the new API 'AssumeRoot', which returns short-term credentials that you can use to perform privileged tasks. - -# v1.32.4 (2024-11-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.3 (2024-10-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.2 (2024-10-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.1 (2024-10-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.32.0 (2024-10-04) - -* **Feature**: Add support for HTTP client metrics. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.31.4 (2024-10-03) - -* No change notes available for this release. - -# v1.31.3 (2024-09-27) - -* No change notes available for this release. - -# v1.31.2 (2024-09-25) - -* No change notes available for this release. - -# v1.31.1 (2024-09-23) - -* No change notes available for this release. - -# v1.31.0 (2024-09-20) - -* **Feature**: Add tracing and metrics support to service clients. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.30.8 (2024-09-17) - -* **Bug Fix**: **BREAKFIX**: Only generate AccountIDEndpointMode config for services that use it. This is a compiler break, but removes no actual functionality, as no services currently use the account ID in endpoint resolution. - -# v1.30.7 (2024-09-04) - -* No change notes available for this release. - -# v1.30.6 (2024-09-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.30.5 (2024-08-22) - -* No change notes available for this release. - -# v1.30.4 (2024-08-15) - -* **Dependency Update**: Bump minimum Go version to 1.21. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.30.3 (2024-07-10.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.30.2 (2024-07-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.30.1 (2024-06-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.30.0 (2024-06-26) - -* **Feature**: Support list-of-string endpoint parameter. - -# v1.29.1 (2024-06-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.29.0 (2024-06-18) - -* **Feature**: Track usage of various AWS SDK features in user-agent string. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.13 (2024-06-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.12 (2024-06-07) - -* **Bug Fix**: Add clock skew correction on all service clients -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.11 (2024-06-03) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.10 (2024-05-23) - -* No change notes available for this release. - -# v1.28.9 (2024-05-16) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.8 (2024-05-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.7 (2024-05-08) - -* **Bug Fix**: GoDoc improvement - -# v1.28.6 (2024-03-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.5 (2024-03-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.4 (2024-03-07) - -* **Bug Fix**: Remove dependency on go-cmp. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.3 (2024-03-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.2 (2024-03-04) - -* **Bug Fix**: Update internal/presigned-url dependency for corrected API name. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.1 (2024-02-23) - -* **Bug Fix**: Move all common, SDK-side middleware stack ops into the service client module to prevent cross-module compatibility issues in the future. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.28.0 (2024-02-22) - -* **Feature**: Add middleware stack snapshot tests. - -# v1.27.2 (2024-02-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.27.1 (2024-02-20) - -* **Bug Fix**: When sourcing values for a service's `EndpointParameters`, the lack of a configured region (i.e. `options.Region == ""`) will now translate to a `nil` value for `EndpointParameters.Region` instead of a pointer to the empty string `""`. This will result in a much more explicit error when calling an operation instead of an obscure hostname lookup failure. - -# v1.27.0 (2024-02-13) - -* **Feature**: Bump minimum Go version to 1.20 per our language support policy. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.7 (2024-01-04) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.6 (2023-12-20) - -* No change notes available for this release. - -# v1.26.5 (2023-12-08) - -* **Bug Fix**: Reinstate presence of default Retryer in functional options, but still respect max attempts set therein. - -# v1.26.4 (2023-12-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.3 (2023-12-06) - -* **Bug Fix**: Restore pre-refactor auth behavior where all operations could technically be performed anonymously. -* **Bug Fix**: STS `AssumeRoleWithSAML` and `AssumeRoleWithWebIdentity` would incorrectly attempt to use SigV4 authentication. - -# v1.26.2 (2023-12-01) - -* **Bug Fix**: Correct wrapping of errors in authentication workflow. -* **Bug Fix**: Correctly recognize cache-wrapped instances of AnonymousCredentials at client construction. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.1 (2023-11-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.26.0 (2023-11-29) - -* **Feature**: Expose Options() accessor on service clients. -* **Documentation**: Documentation updates for AWS Security Token Service. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.6 (2023-11-28.2) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.5 (2023-11-28) - -* **Bug Fix**: Respect setting RetryMaxAttempts in functional options at client construction. - -# v1.25.4 (2023-11-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.3 (2023-11-17) - -* **Documentation**: API updates for the AWS Security Token Service - -# v1.25.2 (2023-11-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.1 (2023-11-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.25.0 (2023-11-01) - -* **Feature**: Adds support for configured endpoints via environment variables and the AWS shared configuration file. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.24.0 (2023-10-31) - -* **Feature**: **BREAKING CHANGE**: Bump minimum go version to 1.19 per the revised [go version support policy](https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/). -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.2 (2023-10-12) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.1 (2023-10-06) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.23.0 (2023-10-02) - -* **Feature**: STS API updates for assumeRole - -# v1.22.0 (2023-09-18) - -* **Announcement**: [BREAKFIX] Change in MaxResults datatype from value to pointer type in cognito-sync service. -* **Feature**: Adds several endpoint ruleset changes across all models: smaller rulesets, removed non-unique regional endpoints, fixes FIPS and DualStack endpoints, and make region not required in SDK::Endpoint. Additional breakfix to cognito-sync field. - -# v1.21.5 (2023-08-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.4 (2023-08-18) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.3 (2023-08-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.2 (2023-08-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.21.1 (2023-08-01) - -* No change notes available for this release. - -# v1.21.0 (2023-07-31) - -* **Feature**: Adds support for smithy-modeled endpoint resolution. A new rules-based endpoint resolution will be added to the SDK which will supercede and deprecate existing endpoint resolution. Specifically, EndpointResolver will be deprecated while BaseEndpoint and EndpointResolverV2 will take its place. For more information, please see the Endpoints section in our Developer Guide. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.1 (2023-07-28) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.20.0 (2023-07-25) - -* **Feature**: API updates for the AWS Security Token Service - -# v1.19.3 (2023-07-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.2 (2023-06-15) - -* No change notes available for this release. - -# v1.19.1 (2023-06-13) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.19.0 (2023-05-08) - -* **Feature**: Documentation updates for AWS Security Token Service. - -# v1.18.11 (2023-05-04) - -* No change notes available for this release. - -# v1.18.10 (2023-04-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.9 (2023-04-10) - -* No change notes available for this release. - -# v1.18.8 (2023-04-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.7 (2023-03-21) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.6 (2023-03-10) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.5 (2023-02-22) - -* **Bug Fix**: Prevent nil pointer dereference when retrieving error codes. - -# v1.18.4 (2023-02-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.18.3 (2023-02-03) - -* **Dependency Update**: Updated to the latest SDK module versions -* **Dependency Update**: Upgrade smithy to 1.27.2 and correct empty query list serialization. - -# v1.18.2 (2023-01-25) - -* **Documentation**: Doc only change to update wording in a key topic - -# v1.18.1 (2023-01-23) - -* No change notes available for this release. - -# v1.18.0 (2023-01-05) - -* **Feature**: Add `ErrorCodeOverride` field to all error structs (aws/smithy-go#401). - -# v1.17.7 (2022-12-15) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.6 (2022-12-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.5 (2022-11-22) - -* No change notes available for this release. - -# v1.17.4 (2022-11-17) - -* **Documentation**: Documentation updates for AWS Security Token Service. - -# v1.17.3 (2022-11-16) - -* No change notes available for this release. - -# v1.17.2 (2022-11-10) - -* No change notes available for this release. - -# v1.17.1 (2022-10-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.17.0 (2022-10-21) - -* **Feature**: Add presign functionality for sts:AssumeRole operation -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.19 (2022-09-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.18 (2022-09-14) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.17 (2022-09-02) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.16 (2022-08-31) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.15 (2022-08-30) - -* No change notes available for this release. - -# v1.16.14 (2022-08-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.13 (2022-08-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.12 (2022-08-09) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.11 (2022-08-08) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.10 (2022-08-01) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.9 (2022-07-05) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.8 (2022-06-29) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.7 (2022-06-07) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.6 (2022-05-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.5 (2022-05-16) - -* **Documentation**: Documentation updates for AWS Security Token Service. - -# v1.16.4 (2022-04-25) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.3 (2022-03-30) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.2 (2022-03-24) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.1 (2022-03-23) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.16.0 (2022-03-08) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Documentation**: Updated service client model to latest release. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.15.0 (2022-02-24) - -* **Feature**: API client updated -* **Feature**: Adds RetryMaxAttempts and RetryMod to API client Options. This allows the API clients' default Retryer to be configured from the shared configuration files or environment variables. Adding a new Retry mode of `Adaptive`. `Adaptive` retry mode is an experimental mode, adding client rate limiting when throttles reponses are received from an API. See [retry.AdaptiveMode](https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/aws/retry#AdaptiveMode) for more details, and configuration options. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.14.0 (2022-01-14) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.13.0 (2022-01-07) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.12.0 (2021-12-21) - -* **Feature**: Updated to latest service endpoints - -# v1.11.1 (2021-12-02) - -* **Bug Fix**: Fixes a bug that prevented aws.EndpointResolverWithOptions from being used by the service client. ([#1514](https://github.com/aws/aws-sdk-go-v2/pull/1514)) -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.11.0 (2021-11-30) - -* **Feature**: API client updated - -# v1.10.1 (2021-11-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.10.0 (2021-11-12) - -* **Feature**: Service clients now support custom endpoints that have an initial URI path defined. - -# v1.9.0 (2021-11-06) - -* **Feature**: The SDK now supports configuration of FIPS and DualStack endpoints using environment variables, shared configuration, or programmatically. -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.8.0 (2021-10-21) - -* **Feature**: API client updated -* **Feature**: Updated to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.2 (2021-10-11) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.1 (2021-09-17) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.7.0 (2021-08-27) - -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.2 (2021-08-19) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.1 (2021-08-04) - -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version. -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.6.0 (2021-07-15) - -* **Feature**: The ErrorCode method on generated service error types has been corrected to match the API model. -* **Documentation**: Updated service model to latest revision. -* **Dependency Update**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.5.0 (2021-06-25) - -* **Feature**: API client updated -* **Feature**: Updated `github.com/aws/smithy-go` to latest version -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.1 (2021-05-20) - -* **Dependency Update**: Updated to the latest SDK module versions - -# v1.4.0 (2021-05-14) - -* **Feature**: Constant has been added to modules to enable runtime version inspection for reporting. -* **Dependency Update**: Updated to the latest SDK module versions - diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go deleted file mode 100644 index fca363d2..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_client.go +++ /dev/null @@ -1,1095 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - "github.com/aws/aws-sdk-go-v2/aws/defaults" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/protocol/query" - "github.com/aws/aws-sdk-go-v2/aws/retry" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http" - internalauth "github.com/aws/aws-sdk-go-v2/internal/auth" - internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" - internalmiddleware "github.com/aws/aws-sdk-go-v2/internal/middleware" - acceptencodingcust "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding" - presignedurlcust "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - smithydocument "github.com/aws/smithy-go/document" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net" - "net/http" - "sync/atomic" - "time" -) - -const ServiceID = "STS" -const ServiceAPIVersion = "2011-06-15" - -type operationMetrics struct { - Duration metrics.Float64Histogram - SerializeDuration metrics.Float64Histogram - ResolveIdentityDuration metrics.Float64Histogram - ResolveEndpointDuration metrics.Float64Histogram - SignRequestDuration metrics.Float64Histogram - DeserializeDuration metrics.Float64Histogram -} - -func (m *operationMetrics) histogramFor(name string) metrics.Float64Histogram { - switch name { - case "client.call.duration": - return m.Duration - case "client.call.serialization_duration": - return m.SerializeDuration - case "client.call.resolve_identity_duration": - return m.ResolveIdentityDuration - case "client.call.resolve_endpoint_duration": - return m.ResolveEndpointDuration - case "client.call.signing_duration": - return m.SignRequestDuration - case "client.call.deserialization_duration": - return m.DeserializeDuration - default: - panic("unrecognized operation metric") - } -} - -func timeOperationMetric[T any]( - ctx context.Context, metric string, fn func() (T, error), - opts ...metrics.RecordMetricOption, -) (T, error) { - instr := getOperationMetrics(ctx).histogramFor(metric) - opts = append([]metrics.RecordMetricOption{withOperationMetadata(ctx)}, opts...) - - start := time.Now() - v, err := fn() - end := time.Now() - - elapsed := end.Sub(start) - instr.Record(ctx, float64(elapsed)/1e9, opts...) - return v, err -} - -func startMetricTimer(ctx context.Context, metric string, opts ...metrics.RecordMetricOption) func() { - instr := getOperationMetrics(ctx).histogramFor(metric) - opts = append([]metrics.RecordMetricOption{withOperationMetadata(ctx)}, opts...) - - var ended bool - start := time.Now() - return func() { - if ended { - return - } - ended = true - - end := time.Now() - - elapsed := end.Sub(start) - instr.Record(ctx, float64(elapsed)/1e9, opts...) - } -} - -func withOperationMetadata(ctx context.Context) metrics.RecordMetricOption { - return func(o *metrics.RecordMetricOptions) { - o.Properties.Set("rpc.service", middleware.GetServiceID(ctx)) - o.Properties.Set("rpc.method", middleware.GetOperationName(ctx)) - } -} - -type operationMetricsKey struct{} - -func withOperationMetrics(parent context.Context, mp metrics.MeterProvider) (context.Context, error) { - meter := mp.Meter("github.com/aws/aws-sdk-go-v2/service/sts") - om := &operationMetrics{} - - var err error - - om.Duration, err = operationMetricTimer(meter, "client.call.duration", - "Overall call duration (including retries and time to send or receive request and response body)") - if err != nil { - return nil, err - } - om.SerializeDuration, err = operationMetricTimer(meter, "client.call.serialization_duration", - "The time it takes to serialize a message body") - if err != nil { - return nil, err - } - om.ResolveIdentityDuration, err = operationMetricTimer(meter, "client.call.auth.resolve_identity_duration", - "The time taken to acquire an identity (AWS credentials, bearer token, etc) from an Identity Provider") - if err != nil { - return nil, err - } - om.ResolveEndpointDuration, err = operationMetricTimer(meter, "client.call.resolve_endpoint_duration", - "The time it takes to resolve an endpoint (endpoint resolver, not DNS) for the request") - if err != nil { - return nil, err - } - om.SignRequestDuration, err = operationMetricTimer(meter, "client.call.auth.signing_duration", - "The time it takes to sign a request") - if err != nil { - return nil, err - } - om.DeserializeDuration, err = operationMetricTimer(meter, "client.call.deserialization_duration", - "The time it takes to deserialize a message body") - if err != nil { - return nil, err - } - - return context.WithValue(parent, operationMetricsKey{}, om), nil -} - -func operationMetricTimer(m metrics.Meter, name, desc string) (metrics.Float64Histogram, error) { - return m.Float64Histogram(name, func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = desc - }) -} - -func getOperationMetrics(ctx context.Context) *operationMetrics { - return ctx.Value(operationMetricsKey{}).(*operationMetrics) -} - -func operationTracer(p tracing.TracerProvider) tracing.Tracer { - return p.Tracer("github.com/aws/aws-sdk-go-v2/service/sts") -} - -// Client provides the API client to make operations call for AWS Security Token -// Service. -type Client struct { - options Options - - // Difference between the time reported by the server and the client - timeOffset *atomic.Int64 -} - -// New returns an initialized Client based on the functional options. Provide -// additional functional options to further configure the behavior of the client, -// such as changing the client's endpoint or adding custom middleware behavior. -func New(options Options, optFns ...func(*Options)) *Client { - options = options.Copy() - - resolveDefaultLogger(&options) - - setResolvedDefaultsMode(&options) - - resolveRetryer(&options) - - resolveHTTPClient(&options) - - resolveHTTPSignerV4(&options) - - resolveEndpointResolverV2(&options) - - resolveTracerProvider(&options) - - resolveMeterProvider(&options) - - resolveAuthSchemeResolver(&options) - - for _, fn := range optFns { - fn(&options) - } - - finalizeRetryMaxAttempts(&options) - - ignoreAnonymousAuth(&options) - - wrapWithAnonymousAuth(&options) - - resolveAuthSchemes(&options) - - client := &Client{ - options: options, - } - - initializeTimeOffsetResolver(client) - - return client -} - -// Options returns a copy of the client configuration. -// -// Callers SHOULD NOT perform mutations on any inner structures within client -// config. Config overrides should instead be made on a per-operation basis through -// functional options. -func (c *Client) Options() Options { - return c.options.Copy() -} - -func (c *Client) invokeOperation( - ctx context.Context, opID string, params interface{}, optFns []func(*Options), stackFns ...func(*middleware.Stack, Options) error, -) ( - result interface{}, metadata middleware.Metadata, err error, -) { - ctx = middleware.ClearStackValues(ctx) - ctx = middleware.WithServiceID(ctx, ServiceID) - ctx = middleware.WithOperationName(ctx, opID) - - stack := middleware.NewStack(opID, smithyhttp.NewStackRequest) - options := c.options.Copy() - - for _, fn := range optFns { - fn(&options) - } - - finalizeOperationRetryMaxAttempts(&options, *c) - - finalizeClientEndpointResolverOptions(&options) - - for _, fn := range stackFns { - if err := fn(stack, options); err != nil { - return nil, metadata, err - } - } - - for _, fn := range options.APIOptions { - if err := fn(stack); err != nil { - return nil, metadata, err - } - } - - ctx, err = withOperationMetrics(ctx, options.MeterProvider) - if err != nil { - return nil, metadata, err - } - - tracer := operationTracer(options.TracerProvider) - spanName := fmt.Sprintf("%s.%s", ServiceID, opID) - - ctx = tracing.WithOperationTracer(ctx, tracer) - - ctx, span := tracer.StartSpan(ctx, spanName, func(o *tracing.SpanOptions) { - o.Kind = tracing.SpanKindClient - o.Properties.Set("rpc.system", "aws-api") - o.Properties.Set("rpc.method", opID) - o.Properties.Set("rpc.service", ServiceID) - }) - endTimer := startMetricTimer(ctx, "client.call.duration") - defer endTimer() - defer span.End() - - handler := smithyhttp.NewClientHandlerWithOptions(options.HTTPClient, func(o *smithyhttp.ClientHandler) { - o.Meter = options.MeterProvider.Meter("github.com/aws/aws-sdk-go-v2/service/sts") - }) - decorated := middleware.DecorateHandler(handler, stack) - result, metadata, err = decorated.Handle(ctx, params) - if err != nil { - span.SetProperty("exception.type", fmt.Sprintf("%T", err)) - span.SetProperty("exception.message", err.Error()) - - var aerr smithy.APIError - if errors.As(err, &aerr) { - span.SetProperty("api.error_code", aerr.ErrorCode()) - span.SetProperty("api.error_message", aerr.ErrorMessage()) - span.SetProperty("api.error_fault", aerr.ErrorFault().String()) - } - - err = &smithy.OperationError{ - ServiceID: ServiceID, - OperationName: opID, - Err: err, - } - } - - span.SetProperty("error", err != nil) - if err == nil { - span.SetStatus(tracing.SpanStatusOK) - } else { - span.SetStatus(tracing.SpanStatusError) - } - - return result, metadata, err -} - -type operationInputKey struct{} - -func setOperationInput(ctx context.Context, input interface{}) context.Context { - return middleware.WithStackValue(ctx, operationInputKey{}, input) -} - -func getOperationInput(ctx context.Context) interface{} { - return middleware.GetStackValue(ctx, operationInputKey{}) -} - -type setOperationInputMiddleware struct { -} - -func (*setOperationInputMiddleware) ID() string { - return "setOperationInput" -} - -func (m *setOperationInputMiddleware) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - ctx = setOperationInput(ctx, in.Parameters) - return next.HandleSerialize(ctx, in) -} - -func addProtocolFinalizerMiddlewares(stack *middleware.Stack, options Options, operation string) error { - if err := stack.Finalize.Add(&resolveAuthSchemeMiddleware{operation: operation, options: options}, middleware.Before); err != nil { - return fmt.Errorf("add ResolveAuthScheme: %w", err) - } - if err := stack.Finalize.Insert(&getIdentityMiddleware{options: options}, "ResolveAuthScheme", middleware.After); err != nil { - return fmt.Errorf("add GetIdentity: %v", err) - } - if err := stack.Finalize.Insert(&resolveEndpointV2Middleware{options: options}, "GetIdentity", middleware.After); err != nil { - return fmt.Errorf("add ResolveEndpointV2: %v", err) - } - if err := stack.Finalize.Insert(&signRequestMiddleware{options: options}, "ResolveEndpointV2", middleware.After); err != nil { - return fmt.Errorf("add Signing: %w", err) - } - return nil -} -func resolveAuthSchemeResolver(options *Options) { - if options.AuthSchemeResolver == nil { - options.AuthSchemeResolver = &defaultAuthSchemeResolver{} - } -} - -func resolveAuthSchemes(options *Options) { - if options.AuthSchemes == nil { - options.AuthSchemes = []smithyhttp.AuthScheme{ - internalauth.NewHTTPAuthScheme("aws.auth#sigv4", &internalauthsmithy.V4SignerAdapter{ - Signer: options.HTTPSignerV4, - Logger: options.Logger, - LogSigning: options.ClientLogMode.IsSigning(), - }), - } - } -} - -type noSmithyDocumentSerde = smithydocument.NoSerde - -type legacyEndpointContextSetter struct { - LegacyResolver EndpointResolver -} - -func (*legacyEndpointContextSetter) ID() string { - return "legacyEndpointContextSetter" -} - -func (m *legacyEndpointContextSetter) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - if m.LegacyResolver != nil { - ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, true) - } - - return next.HandleInitialize(ctx, in) - -} -func addlegacyEndpointContextSetter(stack *middleware.Stack, o Options) error { - return stack.Initialize.Add(&legacyEndpointContextSetter{ - LegacyResolver: o.EndpointResolver, - }, middleware.Before) -} - -func resolveDefaultLogger(o *Options) { - if o.Logger != nil { - return - } - o.Logger = logging.Nop{} -} - -func addSetLoggerMiddleware(stack *middleware.Stack, o Options) error { - return middleware.AddSetLoggerMiddleware(stack, o.Logger) -} - -func setResolvedDefaultsMode(o *Options) { - if len(o.resolvedDefaultsMode) > 0 { - return - } - - var mode aws.DefaultsMode - mode.SetFromString(string(o.DefaultsMode)) - - if mode == aws.DefaultsModeAuto { - mode = defaults.ResolveDefaultsModeAuto(o.Region, o.RuntimeEnvironment) - } - - o.resolvedDefaultsMode = mode -} - -// NewFromConfig returns a new client from the provided config. -func NewFromConfig(cfg aws.Config, optFns ...func(*Options)) *Client { - opts := Options{ - Region: cfg.Region, - DefaultsMode: cfg.DefaultsMode, - RuntimeEnvironment: cfg.RuntimeEnvironment, - HTTPClient: cfg.HTTPClient, - Credentials: cfg.Credentials, - APIOptions: cfg.APIOptions, - Logger: cfg.Logger, - ClientLogMode: cfg.ClientLogMode, - AppID: cfg.AppID, - } - resolveAWSRetryerProvider(cfg, &opts) - resolveAWSRetryMaxAttempts(cfg, &opts) - resolveAWSRetryMode(cfg, &opts) - resolveAWSEndpointResolver(cfg, &opts) - resolveUseDualStackEndpoint(cfg, &opts) - resolveUseFIPSEndpoint(cfg, &opts) - resolveBaseEndpoint(cfg, &opts) - return New(opts, optFns...) -} - -func resolveHTTPClient(o *Options) { - var buildable *awshttp.BuildableClient - - if o.HTTPClient != nil { - var ok bool - buildable, ok = o.HTTPClient.(*awshttp.BuildableClient) - if !ok { - return - } - } else { - buildable = awshttp.NewBuildableClient() - } - - modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) - if err == nil { - buildable = buildable.WithDialerOptions(func(dialer *net.Dialer) { - if dialerTimeout, ok := modeConfig.GetConnectTimeout(); ok { - dialer.Timeout = dialerTimeout - } - }) - - buildable = buildable.WithTransportOptions(func(transport *http.Transport) { - if tlsHandshakeTimeout, ok := modeConfig.GetTLSNegotiationTimeout(); ok { - transport.TLSHandshakeTimeout = tlsHandshakeTimeout - } - }) - } - - o.HTTPClient = buildable -} - -func resolveRetryer(o *Options) { - if o.Retryer != nil { - return - } - - if len(o.RetryMode) == 0 { - modeConfig, err := defaults.GetModeConfiguration(o.resolvedDefaultsMode) - if err == nil { - o.RetryMode = modeConfig.RetryMode - } - } - if len(o.RetryMode) == 0 { - o.RetryMode = aws.RetryModeStandard - } - - var standardOptions []func(*retry.StandardOptions) - if v := o.RetryMaxAttempts; v != 0 { - standardOptions = append(standardOptions, func(so *retry.StandardOptions) { - so.MaxAttempts = v - }) - } - - switch o.RetryMode { - case aws.RetryModeAdaptive: - var adaptiveOptions []func(*retry.AdaptiveModeOptions) - if len(standardOptions) != 0 { - adaptiveOptions = append(adaptiveOptions, func(ao *retry.AdaptiveModeOptions) { - ao.StandardOptions = append(ao.StandardOptions, standardOptions...) - }) - } - o.Retryer = retry.NewAdaptiveMode(adaptiveOptions...) - - default: - o.Retryer = retry.NewStandard(standardOptions...) - } -} - -func resolveAWSRetryerProvider(cfg aws.Config, o *Options) { - if cfg.Retryer == nil { - return - } - o.Retryer = cfg.Retryer() -} - -func resolveAWSRetryMode(cfg aws.Config, o *Options) { - if len(cfg.RetryMode) == 0 { - return - } - o.RetryMode = cfg.RetryMode -} -func resolveAWSRetryMaxAttempts(cfg aws.Config, o *Options) { - if cfg.RetryMaxAttempts == 0 { - return - } - o.RetryMaxAttempts = cfg.RetryMaxAttempts -} - -func finalizeRetryMaxAttempts(o *Options) { - if o.RetryMaxAttempts == 0 { - return - } - - o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) -} - -func finalizeOperationRetryMaxAttempts(o *Options, client Client) { - if v := o.RetryMaxAttempts; v == 0 || v == client.options.RetryMaxAttempts { - return - } - - o.Retryer = retry.AddWithMaxAttempts(o.Retryer, o.RetryMaxAttempts) -} - -func resolveAWSEndpointResolver(cfg aws.Config, o *Options) { - if cfg.EndpointResolver == nil && cfg.EndpointResolverWithOptions == nil { - return - } - o.EndpointResolver = withEndpointResolver(cfg.EndpointResolver, cfg.EndpointResolverWithOptions) -} - -func addClientUserAgent(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddSDKAgentKeyValue(awsmiddleware.APIMetadata, "sts", goModuleVersion) - if len(options.AppID) > 0 { - ua.AddSDKAgentKey(awsmiddleware.ApplicationIdentifier, options.AppID) - } - - return nil -} - -func getOrAddRequestUserAgent(stack *middleware.Stack) (*awsmiddleware.RequestUserAgent, error) { - id := (*awsmiddleware.RequestUserAgent)(nil).ID() - mw, ok := stack.Build.Get(id) - if !ok { - mw = awsmiddleware.NewRequestUserAgent() - if err := stack.Build.Add(mw, middleware.After); err != nil { - return nil, err - } - } - - ua, ok := mw.(*awsmiddleware.RequestUserAgent) - if !ok { - return nil, fmt.Errorf("%T for %s middleware did not match expected type", mw, id) - } - - return ua, nil -} - -type HTTPSignerV4 interface { - SignHTTP(ctx context.Context, credentials aws.Credentials, r *http.Request, payloadHash string, service string, region string, signingTime time.Time, optFns ...func(*v4.SignerOptions)) error -} - -func resolveHTTPSignerV4(o *Options) { - if o.HTTPSignerV4 != nil { - return - } - o.HTTPSignerV4 = newDefaultV4Signer(*o) -} - -func newDefaultV4Signer(o Options) *v4.Signer { - return v4.NewSigner(func(so *v4.SignerOptions) { - so.Logger = o.Logger - so.LogSigning = o.ClientLogMode.IsSigning() - }) -} - -func addClientRequestID(stack *middleware.Stack) error { - return stack.Build.Add(&awsmiddleware.ClientRequestID{}, middleware.After) -} - -func addComputeContentLength(stack *middleware.Stack) error { - return stack.Build.Add(&smithyhttp.ComputeContentLength{}, middleware.After) -} - -func addRawResponseToMetadata(stack *middleware.Stack) error { - return stack.Deserialize.Add(&awsmiddleware.AddRawResponse{}, middleware.Before) -} - -func addRecordResponseTiming(stack *middleware.Stack) error { - return stack.Deserialize.Add(&awsmiddleware.RecordResponseTiming{}, middleware.After) -} - -func addSpanRetryLoop(stack *middleware.Stack, options Options) error { - return stack.Finalize.Insert(&spanRetryLoop{options: options}, "Retry", middleware.Before) -} - -type spanRetryLoop struct { - options Options -} - -func (*spanRetryLoop) ID() string { - return "spanRetryLoop" -} - -func (m *spanRetryLoop) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - middleware.FinalizeOutput, middleware.Metadata, error, -) { - tracer := operationTracer(m.options.TracerProvider) - ctx, span := tracer.StartSpan(ctx, "RetryLoop") - defer span.End() - - return next.HandleFinalize(ctx, in) -} -func addStreamingEventsPayload(stack *middleware.Stack) error { - return stack.Finalize.Add(&v4.StreamingEventsPayload{}, middleware.Before) -} - -func addUnsignedPayload(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.UnsignedPayload{}, "ResolveEndpointV2", middleware.After) -} - -func addComputePayloadSHA256(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.ComputePayloadSHA256{}, "ResolveEndpointV2", middleware.After) -} - -func addContentSHA256Header(stack *middleware.Stack) error { - return stack.Finalize.Insert(&v4.ContentSHA256Header{}, (*v4.ComputePayloadSHA256)(nil).ID(), middleware.After) -} - -func addIsWaiterUserAgent(o *Options) { - o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureWaiter) - return nil - }) -} - -func addIsPaginatorUserAgent(o *Options) { - o.APIOptions = append(o.APIOptions, func(stack *middleware.Stack) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeaturePaginator) - return nil - }) -} - -func addRetry(stack *middleware.Stack, o Options) error { - attempt := retry.NewAttemptMiddleware(o.Retryer, smithyhttp.RequestCloner, func(m *retry.Attempt) { - m.LogAttempts = o.ClientLogMode.IsRetries() - m.OperationMeter = o.MeterProvider.Meter("github.com/aws/aws-sdk-go-v2/service/sts") - }) - if err := stack.Finalize.Insert(attempt, "ResolveAuthScheme", middleware.Before); err != nil { - return err - } - if err := stack.Finalize.Insert(&retry.MetricsHeader{}, attempt.ID(), middleware.After); err != nil { - return err - } - return nil -} - -// resolves dual-stack endpoint configuration -func resolveUseDualStackEndpoint(cfg aws.Config, o *Options) error { - if len(cfg.ConfigSources) == 0 { - return nil - } - value, found, err := internalConfig.ResolveUseDualStackEndpoint(context.Background(), cfg.ConfigSources) - if err != nil { - return err - } - if found { - o.EndpointOptions.UseDualStackEndpoint = value - } - return nil -} - -// resolves FIPS endpoint configuration -func resolveUseFIPSEndpoint(cfg aws.Config, o *Options) error { - if len(cfg.ConfigSources) == 0 { - return nil - } - value, found, err := internalConfig.ResolveUseFIPSEndpoint(context.Background(), cfg.ConfigSources) - if err != nil { - return err - } - if found { - o.EndpointOptions.UseFIPSEndpoint = value - } - return nil -} - -func resolveAccountID(identity smithyauth.Identity, mode aws.AccountIDEndpointMode) *string { - if mode == aws.AccountIDEndpointModeDisabled { - return nil - } - - if ca, ok := identity.(*internalauthsmithy.CredentialsAdapter); ok && ca.Credentials.AccountID != "" { - return aws.String(ca.Credentials.AccountID) - } - - return nil -} - -func addTimeOffsetBuild(stack *middleware.Stack, c *Client) error { - mw := internalmiddleware.AddTimeOffsetMiddleware{Offset: c.timeOffset} - if err := stack.Build.Add(&mw, middleware.After); err != nil { - return err - } - return stack.Deserialize.Insert(&mw, "RecordResponseTiming", middleware.Before) -} -func initializeTimeOffsetResolver(c *Client) { - c.timeOffset = new(atomic.Int64) -} - -func addUserAgentRetryMode(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - switch options.Retryer.(type) { - case *retry.Standard: - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeStandard) - case *retry.AdaptiveMode: - ua.AddUserAgentFeature(awsmiddleware.UserAgentFeatureRetryModeAdaptive) - } - return nil -} - -type setCredentialSourceMiddleware struct { - ua *awsmiddleware.RequestUserAgent - options Options -} - -func (m setCredentialSourceMiddleware) ID() string { return "SetCredentialSourceMiddleware" } - -func (m setCredentialSourceMiddleware) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - asProviderSource, ok := m.options.Credentials.(aws.CredentialProviderSource) - if !ok { - return next.HandleBuild(ctx, in) - } - providerSources := asProviderSource.ProviderSources() - for _, source := range providerSources { - m.ua.AddCredentialsSource(source) - } - return next.HandleBuild(ctx, in) -} - -func addCredentialSource(stack *middleware.Stack, options Options) error { - ua, err := getOrAddRequestUserAgent(stack) - if err != nil { - return err - } - - mw := setCredentialSourceMiddleware{ua: ua, options: options} - return stack.Build.Insert(&mw, "UserAgent", middleware.Before) -} - -func resolveTracerProvider(options *Options) { - if options.TracerProvider == nil { - options.TracerProvider = &tracing.NopTracerProvider{} - } -} - -func resolveMeterProvider(options *Options) { - if options.MeterProvider == nil { - options.MeterProvider = metrics.NopMeterProvider{} - } -} - -func addRecursionDetection(stack *middleware.Stack) error { - return stack.Build.Add(&awsmiddleware.RecursionDetection{}, middleware.After) -} - -func addRequestIDRetrieverMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&awsmiddleware.RequestIDRetriever{}, "OperationDeserializer", middleware.Before) - -} - -func addResponseErrorMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&awshttp.ResponseErrorWrapper{}, "RequestIDRetriever", middleware.Before) - -} - -// HTTPPresignerV4 represents presigner interface used by presign url client -type HTTPPresignerV4 interface { - PresignHTTP( - ctx context.Context, credentials aws.Credentials, r *http.Request, - payloadHash string, service string, region string, signingTime time.Time, - optFns ...func(*v4.SignerOptions), - ) (url string, signedHeader http.Header, err error) -} - -// PresignOptions represents the presign client options -type PresignOptions struct { - - // ClientOptions are list of functional options to mutate client options used by - // the presign client. - ClientOptions []func(*Options) - - // Presigner is the presigner used by the presign url client - Presigner HTTPPresignerV4 -} - -func (o PresignOptions) copy() PresignOptions { - clientOptions := make([]func(*Options), len(o.ClientOptions)) - copy(clientOptions, o.ClientOptions) - o.ClientOptions = clientOptions - return o -} - -// WithPresignClientFromClientOptions is a helper utility to retrieve a function -// that takes PresignOption as input -func WithPresignClientFromClientOptions(optFns ...func(*Options)) func(*PresignOptions) { - return withPresignClientFromClientOptions(optFns).options -} - -type withPresignClientFromClientOptions []func(*Options) - -func (w withPresignClientFromClientOptions) options(o *PresignOptions) { - o.ClientOptions = append(o.ClientOptions, w...) -} - -// PresignClient represents the presign url client -type PresignClient struct { - client *Client - options PresignOptions -} - -// NewPresignClient generates a presign client using provided API Client and -// presign options -func NewPresignClient(c *Client, optFns ...func(*PresignOptions)) *PresignClient { - var options PresignOptions - for _, fn := range optFns { - fn(&options) - } - if len(options.ClientOptions) != 0 { - c = New(c.options, options.ClientOptions...) - } - - if options.Presigner == nil { - options.Presigner = newDefaultV4Signer(c.options) - } - - return &PresignClient{ - client: c, - options: options, - } -} - -func withNopHTTPClientAPIOption(o *Options) { - o.HTTPClient = smithyhttp.NopClient{} -} - -type presignContextPolyfillMiddleware struct { -} - -func (*presignContextPolyfillMiddleware) ID() string { - return "presignContextPolyfill" -} - -func (m *presignContextPolyfillMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - schemeID := rscheme.Scheme.SchemeID() - - if schemeID == "aws.auth#sigv4" || schemeID == "com.amazonaws.s3#sigv4express" { - if sn, ok := smithyhttp.GetSigV4SigningName(&rscheme.SignerProperties); ok { - ctx = awsmiddleware.SetSigningName(ctx, sn) - } - if sr, ok := smithyhttp.GetSigV4SigningRegion(&rscheme.SignerProperties); ok { - ctx = awsmiddleware.SetSigningRegion(ctx, sr) - } - } else if schemeID == "aws.auth#sigv4a" { - if sn, ok := smithyhttp.GetSigV4ASigningName(&rscheme.SignerProperties); ok { - ctx = awsmiddleware.SetSigningName(ctx, sn) - } - if sr, ok := smithyhttp.GetSigV4ASigningRegions(&rscheme.SignerProperties); ok { - ctx = awsmiddleware.SetSigningRegion(ctx, sr[0]) - } - } - - return next.HandleFinalize(ctx, in) -} - -type presignConverter PresignOptions - -func (c presignConverter) convertToPresignMiddleware(stack *middleware.Stack, options Options) (err error) { - if _, ok := stack.Finalize.Get((*acceptencodingcust.DisableGzip)(nil).ID()); ok { - stack.Finalize.Remove((*acceptencodingcust.DisableGzip)(nil).ID()) - } - if _, ok := stack.Finalize.Get((*retry.Attempt)(nil).ID()); ok { - stack.Finalize.Remove((*retry.Attempt)(nil).ID()) - } - if _, ok := stack.Finalize.Get((*retry.MetricsHeader)(nil).ID()); ok { - stack.Finalize.Remove((*retry.MetricsHeader)(nil).ID()) - } - stack.Deserialize.Clear() - stack.Build.Remove((*awsmiddleware.ClientRequestID)(nil).ID()) - stack.Build.Remove("UserAgent") - if err := stack.Finalize.Insert(&presignContextPolyfillMiddleware{}, "Signing", middleware.Before); err != nil { - return err - } - - pmw := v4.NewPresignHTTPRequestMiddleware(v4.PresignHTTPRequestMiddlewareOptions{ - CredentialsProvider: options.Credentials, - Presigner: c.Presigner, - LogSigning: options.ClientLogMode.IsSigning(), - }) - if _, err := stack.Finalize.Swap("Signing", pmw); err != nil { - return err - } - if err = smithyhttp.AddNoPayloadDefaultContentTypeRemover(stack); err != nil { - return err - } - // convert request to a GET request - err = query.AddAsGetRequestMiddleware(stack) - if err != nil { - return err - } - err = presignedurlcust.AddAsIsPresigningMiddleware(stack) - if err != nil { - return err - } - return nil -} - -func addRequestResponseLogging(stack *middleware.Stack, o Options) error { - return stack.Deserialize.Add(&smithyhttp.RequestResponseLogger{ - LogRequest: o.ClientLogMode.IsRequest(), - LogRequestWithBody: o.ClientLogMode.IsRequestWithBody(), - LogResponse: o.ClientLogMode.IsResponse(), - LogResponseWithBody: o.ClientLogMode.IsResponseWithBody(), - }, middleware.After) -} - -type disableHTTPSMiddleware struct { - DisableHTTPS bool -} - -func (*disableHTTPSMiddleware) ID() string { - return "disableHTTPS" -} - -func (m *disableHTTPSMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.DisableHTTPS && !smithyhttp.GetHostnameImmutable(ctx) { - req.URL.Scheme = "http" - } - - return next.HandleFinalize(ctx, in) -} - -func addDisableHTTPSMiddleware(stack *middleware.Stack, o Options) error { - return stack.Finalize.Insert(&disableHTTPSMiddleware{ - DisableHTTPS: o.EndpointOptions.DisableHTTPS, - }, "ResolveEndpointV2", middleware.After) -} - -type spanInitializeStart struct { -} - -func (*spanInitializeStart) ID() string { - return "spanInitializeStart" -} - -func (m *spanInitializeStart) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - middleware.InitializeOutput, middleware.Metadata, error, -) { - ctx, _ = tracing.StartSpan(ctx, "Initialize") - - return next.HandleInitialize(ctx, in) -} - -type spanInitializeEnd struct { -} - -func (*spanInitializeEnd) ID() string { - return "spanInitializeEnd" -} - -func (m *spanInitializeEnd) HandleInitialize( - ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler, -) ( - middleware.InitializeOutput, middleware.Metadata, error, -) { - ctx, span := tracing.PopSpan(ctx) - span.End() - - return next.HandleInitialize(ctx, in) -} - -type spanBuildRequestStart struct { -} - -func (*spanBuildRequestStart) ID() string { - return "spanBuildRequestStart" -} - -func (m *spanBuildRequestStart) HandleSerialize( - ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, -) ( - middleware.SerializeOutput, middleware.Metadata, error, -) { - ctx, _ = tracing.StartSpan(ctx, "BuildRequest") - - return next.HandleSerialize(ctx, in) -} - -type spanBuildRequestEnd struct { -} - -func (*spanBuildRequestEnd) ID() string { - return "spanBuildRequestEnd" -} - -func (m *spanBuildRequestEnd) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, -) ( - middleware.BuildOutput, middleware.Metadata, error, -) { - ctx, span := tracing.PopSpan(ctx) - span.End() - - return next.HandleBuild(ctx, in) -} - -func addSpanInitializeStart(stack *middleware.Stack) error { - return stack.Initialize.Add(&spanInitializeStart{}, middleware.Before) -} - -func addSpanInitializeEnd(stack *middleware.Stack) error { - return stack.Initialize.Add(&spanInitializeEnd{}, middleware.After) -} - -func addSpanBuildRequestStart(stack *middleware.Stack) error { - return stack.Serialize.Add(&spanBuildRequestStart{}, middleware.Before) -} - -func addSpanBuildRequestEnd(stack *middleware.Stack) error { - return stack.Build.Add(&spanBuildRequestEnd{}, middleware.After) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go deleted file mode 100644 index 524e36eb..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRole.go +++ /dev/null @@ -1,550 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns a set of temporary security credentials that you can use to access -// Amazon Web Services resources. These temporary credentials consist of an access -// key ID, a secret access key, and a security token. Typically, you use AssumeRole -// within your account or for cross-account access. For a comparison of AssumeRole -// with other API operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the -// IAM User Guide. -// -// # Permissions -// -// The temporary security credentials created by AssumeRole can be used to make -// API calls to any Amazon Web Services service with the following exception: You -// cannot call the Amazon Web Services STS GetFederationToken or GetSessionToken -// API operations. -// -// (Optional) You can pass inline or managed session policies to this operation. -// You can pass a single JSON policy document to use as an inline session policy. -// You can also specify up to 10 managed policy Amazon Resource Names (ARNs) to use -// as managed session policies. The plaintext that you use for both inline and -// managed session policies can't exceed 2,048 characters. Passing policies to this -// operation returns new temporary credentials. The resulting session's permissions -// are the intersection of the role's identity-based policy and the session -// policies. You can use the role's temporary credentials in subsequent Amazon Web -// Services API calls to access resources in the account that owns the role. You -// cannot use session policies to grant more permissions than those allowed by the -// identity-based policy of the role that is being assumed. For more information, -// see [Session Policies]in the IAM User Guide. -// -// When you create a role, you create two policies: a role trust policy that -// specifies who can assume the role, and a permissions policy that specifies what -// can be done with the role. You specify the trusted principal that is allowed to -// assume the role in the role trust policy. -// -// To assume a role from a different account, your Amazon Web Services account -// must be trusted by the role. The trust relationship is defined in the role's -// trust policy when the role is created. That trust policy states which accounts -// are allowed to delegate that access to users in the account. -// -// A user who wants to access a role in a different account must also have -// permissions that are delegated from the account administrator. The administrator -// must attach a policy that allows the user to call AssumeRole for the ARN of the -// role in the other account. -// -// To allow a user to assume a role in the same account, you can do either of the -// following: -// -// - Attach a policy to the user that allows the user to call AssumeRole (as long -// as the role's trust policy trusts the account). -// -// - Add the user as a principal directly in the role's trust policy. -// -// You can do either because the role’s trust policy acts as an IAM resource-based -// policy. When a resource-based policy grants access to a principal in the same -// account, no additional identity-based policy is required. For more information -// about trust policies and resource-based policies, see [IAM Policies]in the IAM User Guide. -// -// # Tags -// -// (Optional) You can pass tag key-value pairs to your session. These tags are -// called session tags. For more information about session tags, see [Passing Session Tags in STS]in the IAM -// User Guide. -// -// An administrator must grant you the permissions necessary to pass session tags. -// The administrator can also create granular permissions to allow you to pass only -// specific session tags. For more information, see [Tutorial: Using Tags for Attribute-Based Access Control]in the IAM User Guide. -// -// You can set the session tags as transitive. Transitive tags persist during role -// chaining. For more information, see [Chaining Roles with Session Tags]in the IAM User Guide. -// -// # Using MFA with AssumeRole -// -// (Optional) You can include multi-factor authentication (MFA) information when -// you call AssumeRole . This is useful for cross-account scenarios to ensure that -// the user that assumes the role has been authenticated with an Amazon Web -// Services MFA device. In that scenario, the trust policy of the role being -// assumed includes a condition that tests for MFA authentication. If the caller -// does not include valid MFA information, the request to assume the role is -// denied. The condition in a trust policy that tests for MFA authentication might -// look like the following example. -// -// "Condition": {"Bool": {"aws:MultiFactorAuthPresent": true}} -// -// For more information, see [Configuring MFA-Protected API Access] in the IAM User Guide guide. -// -// To use MFA with AssumeRole , you pass values for the SerialNumber and TokenCode -// parameters. The SerialNumber value identifies the user's hardware or virtual -// MFA device. The TokenCode is the time-based one-time password (TOTP) that the -// MFA device produces. -// -// [Configuring MFA-Protected API Access]: https://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html -// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session -// [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html -// [Chaining Roles with Session Tags]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining -// [IAM Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html -// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html -// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html -// [Tutorial: Using Tags for Attribute-Based Access Control]: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html -func (c *Client) AssumeRole(ctx context.Context, params *AssumeRoleInput, optFns ...func(*Options)) (*AssumeRoleOutput, error) { - if params == nil { - params = &AssumeRoleInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "AssumeRole", params, optFns, c.addOperationAssumeRoleMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*AssumeRoleOutput) - out.ResultMetadata = metadata - return out, nil -} - -type AssumeRoleInput struct { - - // The Amazon Resource Name (ARN) of the role to assume. - // - // This member is required. - RoleArn *string - - // An identifier for the assumed role session. - // - // Use the role session name to uniquely identify a session when the same role is - // assumed by different principals or for different reasons. In cross-account - // scenarios, the role session name is visible to, and can be logged by the account - // that owns the role. The role session name is also used in the ARN of the assumed - // role principal. This means that subsequent cross-account API requests that use - // the temporary security credentials will expose the role session name to the - // external account in their CloudTrail logs. - // - // For security purposes, administrators can view this field in [CloudTrail logs] to help identify - // who performed an action in Amazon Web Services. Your administrator might require - // that you specify your user name as the session name when you assume the role. - // For more information, see [sts:RoleSessionName]sts:RoleSessionName . - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@- - // - // [CloudTrail logs]: https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html#cloudtrail-integration_signin-tempcreds - // [sts:RoleSessionName]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#ck_rolesessionname - // - // This member is required. - RoleSessionName *string - - // The duration, in seconds, of the role session. The value specified can range - // from 900 seconds (15 minutes) up to the maximum session duration set for the - // role. The maximum session duration setting can have a value from 1 hour to 12 - // hours. If you specify a value higher than this setting or the administrator - // setting (whichever is lower), the operation fails. For example, if you specify a - // session duration of 12 hours, but your administrator set the maximum session - // duration to 6 hours, your operation fails. - // - // Role chaining limits your Amazon Web Services CLI or Amazon Web Services API - // role session to a maximum of one hour. When you use the AssumeRole API - // operation to assume a role, you can specify the duration of your role session - // with the DurationSeconds parameter. You can specify a parameter value of up to - // 43200 seconds (12 hours), depending on the maximum session duration setting for - // your role. However, if you assume a role using role chaining and provide a - // DurationSeconds parameter value greater than one hour, the operation fails. To - // learn how to view the maximum value for your role, see [Update the maximum session duration for a role]. - // - // By default, the value is set to 3600 seconds. - // - // The DurationSeconds parameter is separate from the duration of a console - // session that you might request using the returned credentials. The request to - // the federation endpoint for a console sign-in token takes a SessionDuration - // parameter that specifies the maximum length of the console session. For more - // information, see [Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console]in the IAM User Guide. - // - // [Update the maximum session duration for a role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_update-role-settings.html#id_roles_update-session-duration - // [Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html - DurationSeconds *int32 - - // A unique identifier that might be required when you assume a role in another - // account. If the administrator of the account to which the role belongs provided - // you with an external ID, then provide that value in the ExternalId parameter. - // This value can be any string, such as a passphrase or account number. A - // cross-account role is usually set up to trust everyone in an account. Therefore, - // the administrator of the trusting account might send an external ID to the - // administrator of the trusted account. That way, only someone with the ID can - // assume the role, rather than everyone in the account. For more information about - // the external ID, see [How to Use an External ID When Granting Access to Your Amazon Web Services Resources to a Third Party]in the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@:/- - // - // [How to Use an External ID When Granting Access to Your Amazon Web Services Resources to a Third Party]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html - ExternalId *string - - // An IAM policy in JSON format that you want to use as an inline session policy. - // - // This parameter is optional. Passing policies to this operation returns new - // temporary credentials. The resulting session's permissions are the intersection - // of the role's identity-based policy and the session policies. You can use the - // role's temporary credentials in subsequent Amazon Web Services API calls to - // access resources in the account that owns the role. You cannot use session - // policies to grant more permissions than those allowed by the identity-based - // policy of the role that is being assumed. For more information, see [Session Policies]in the IAM - // User Guide. - // - // The plaintext that you use for both inline and managed session policies can't - // exceed 2,048 characters. The JSON policy characters can be any ASCII character - // from the space character to the end of the valid character list (\u0020 through - // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage - // return (\u000D) characters. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // For more information about role session permissions, see [Session policies]. - // - // [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - Policy *string - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you want to - // use as managed session policies. The policies must exist in the same account as - // the role. - // - // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plaintext that you use for both inline and managed session policies - // can't exceed 2,048 characters. For more information about ARNs, see [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]in the - // Amazon Web Services General Reference. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // Passing policies to this operation returns new temporary credentials. The - // resulting session's permissions are the intersection of the role's - // identity-based policy and the session policies. You can use the role's temporary - // credentials in subsequent Amazon Web Services API calls to access resources in - // the account that owns the role. You cannot use session policies to grant more - // permissions than those allowed by the identity-based policy of the role that is - // being assumed. For more information, see [Session Policies]in the IAM User Guide. - // - // [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html - PolicyArns []types.PolicyDescriptorType - - // A list of previously acquired trusted context assertions in the format of a - // JSON array. The trusted context assertion is signed and encrypted by Amazon Web - // Services STS. - // - // The following is an example of a ProvidedContext value that includes a single - // trusted context assertion and the ARN of the context provider from which the - // trusted context assertion was generated. - // - // [{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}] - ProvidedContexts []types.ProvidedContext - - // The identification number of the MFA device that is associated with the user - // who is making the AssumeRole call. Specify this value if the trust policy of - // the role being assumed includes a condition that requires MFA authentication. - // The value is either the serial number for a hardware device (such as - // GAHT12345678 ) or an Amazon Resource Name (ARN) for a virtual device (such as - // arn:aws:iam::123456789012:mfa/user ). - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@- - SerialNumber *string - - // The source identity specified by the principal that is calling the AssumeRole - // operation. The source identity value persists across [chained role]sessions. - // - // You can require users to specify a source identity when they assume a role. You - // do this by using the [sts:SourceIdentity]sts:SourceIdentity condition key in a role trust policy. - // You can use source identity information in CloudTrail logs to determine who took - // actions with a role. You can use the aws:SourceIdentity condition key to - // further control access to Amazon Web Services resources based on the value of - // source identity. For more information about using source identity, see [Monitor and control actions taken with assumed roles]in the - // IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: +=,.@-. You cannot use a - // value that begins with the text aws: . This prefix is reserved for Amazon Web - // Services internal use. - // - // [chained role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html#iam-term-role-chaining - // [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html - // [sts:SourceIdentity]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceidentity - SourceIdentity *string - - // A list of session tags that you want to pass. Each session tag consists of a - // key name and an associated value. For more information about session tags, see [Tagging Amazon Web Services STS Sessions] - // in the IAM User Guide. - // - // This parameter is optional. You can pass up to 50 session tags. The plaintext - // session tag keys can’t exceed 128 characters, and the values can’t exceed 256 - // characters. For these and additional limits, see [IAM and STS Character Limits]in the IAM User Guide. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // You can pass a session tag with the same key as a tag that is already attached - // to the role. When you do, session tags override a role tag with the same key. - // - // Tag key–value pairs are not case sensitive, but case is preserved. This means - // that you cannot have separate Department and department tag keys. Assume that - // the role has the Department = Marketing tag and you pass the department = - // engineering session tag. Department and department are not saved as separate - // tags, and the session tag passed in the request takes precedence over the role - // tag. - // - // Additionally, if you used temporary credentials to perform this operation, the - // new session inherits any transitive session tags from the calling session. If - // you pass a session tag with the same key as an inherited tag, the operation - // fails. To view the inherited tags for a session, see the CloudTrail logs. For - // more information, see [Viewing Session Tags in CloudTrail]in the IAM User Guide. - // - // [Tagging Amazon Web Services STS Sessions]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html - // [IAM and STS Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length - // [Viewing Session Tags in CloudTrail]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_ctlogs - Tags []types.Tag - - // The value provided by the MFA device, if the trust policy of the role being - // assumed requires MFA. (In other words, if the policy includes a condition that - // tests for MFA). If the role being assumed requires MFA and if the TokenCode - // value is missing or expired, the AssumeRole call returns an "access denied" - // error. - // - // The format for this parameter, as described by its regex pattern, is a sequence - // of six numeric digits. - TokenCode *string - - // A list of keys for session tags that you want to set as transitive. If you set - // a tag key as transitive, the corresponding key and value passes to subsequent - // sessions in a role chain. For more information, see [Chaining Roles with Session Tags]in the IAM User Guide. - // - // This parameter is optional. The transitive status of a session tag does not - // impact its packed binary size. - // - // If you choose not to specify a transitive tag key, then no tags are passed from - // this session to any subsequent sessions. - // - // [Chaining Roles with Session Tags]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining - TransitiveTagKeys []string - - noSmithyDocumentSerde -} - -// Contains the response to a successful AssumeRole request, including temporary Amazon Web -// Services credentials that can be used to make Amazon Web Services requests. -type AssumeRoleOutput struct { - - // The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers - // that you can use to refer to the resulting temporary security credentials. For - // example, you can reference these credentials as a principal in a resource-based - // policy by using the ARN or assumed role ID. The ARN and ID include the - // RoleSessionName that you specified when you called AssumeRole . - AssumedRoleUser *types.AssumedRoleUser - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security (or session) token. - // - // The size of the security token that STS API operations return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. - Credentials *types.Credentials - - // A percentage value that indicates the packed size of the session policies and - // session tags combined passed in the request. The request fails if the packed - // size is greater than 100 percent, which means the policies and tags exceeded the - // allowed space. - PackedPolicySize *int32 - - // The source identity specified by the principal that is calling the AssumeRole - // operation. - // - // You can require users to specify a source identity when they assume a role. You - // do this by using the sts:SourceIdentity condition key in a role trust policy. - // You can use source identity information in CloudTrail logs to determine who took - // actions with a role. You can use the aws:SourceIdentity condition key to - // further control access to Amazon Web Services resources based on the value of - // source identity. For more information about using source identity, see [Monitor and control actions taken with assumed roles]in the - // IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@- - // - // [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html - SourceIdentity *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationAssumeRoleMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRole{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAssumeRole{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRole"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpAssumeRoleValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAssumeRole(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opAssumeRole(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "AssumeRole", - } -} - -// PresignAssumeRole is used to generate a presigned HTTP Request which contains -// presigned URL, signed headers and HTTP method used. -func (c *PresignClient) PresignAssumeRole(ctx context.Context, params *AssumeRoleInput, optFns ...func(*PresignOptions)) (*v4.PresignedHTTPRequest, error) { - if params == nil { - params = &AssumeRoleInput{} - } - options := c.options.copy() - for _, fn := range optFns { - fn(&options) - } - clientOptFns := append(options.ClientOptions, withNopHTTPClientAPIOption) - - result, _, err := c.client.invokeOperation(ctx, "AssumeRole", params, clientOptFns, - c.client.addOperationAssumeRoleMiddlewares, - presignConverter(options).convertToPresignMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*v4.PresignedHTTPRequest) - return out, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go deleted file mode 100644 index 400f809e..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithSAML.go +++ /dev/null @@ -1,458 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns a set of temporary security credentials for users who have been -// authenticated via a SAML authentication response. This operation provides a -// mechanism for tying an enterprise identity store or directory to role-based -// Amazon Web Services access without user-specific credentials or configuration. -// For a comparison of AssumeRoleWithSAML with the other API operations that -// produce temporary credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the IAM User Guide. -// -// The temporary security credentials returned by this operation consist of an -// access key ID, a secret access key, and a security token. Applications can use -// these temporary security credentials to sign calls to Amazon Web Services -// services. -// -// # Session Duration -// -// By default, the temporary security credentials created by AssumeRoleWithSAML -// last for one hour. However, you can use the optional DurationSeconds parameter -// to specify the duration of your session. Your role session lasts for the -// duration that you specify, or until the time specified in the SAML -// authentication response's SessionNotOnOrAfter value, whichever is shorter. You -// can provide a DurationSeconds value from 900 seconds (15 minutes) up to the -// maximum session duration setting for the role. This setting can have a value -// from 1 hour to 12 hours. To learn how to view the maximum value for your role, -// see [View the Maximum Session Duration Setting for a Role]in the IAM User Guide. The maximum session duration limit applies when you -// use the AssumeRole* API operations or the assume-role* CLI commands. However -// the limit does not apply when you use those operations to create a console URL. -// For more information, see [Using IAM Roles]in the IAM User Guide. -// -// [Role chaining]limits your CLI or Amazon Web Services API role session to a maximum of one -// hour. When you use the AssumeRole API operation to assume a role, you can -// specify the duration of your role session with the DurationSeconds parameter. -// You can specify a parameter value of up to 43200 seconds (12 hours), depending -// on the maximum session duration setting for your role. However, if you assume a -// role using role chaining and provide a DurationSeconds parameter value greater -// than one hour, the operation fails. -// -// # Permissions -// -// The temporary security credentials created by AssumeRoleWithSAML can be used to -// make API calls to any Amazon Web Services service with the following exception: -// you cannot call the STS GetFederationToken or GetSessionToken API operations. -// -// (Optional) You can pass inline or managed [session policies] to this operation. You can pass a -// single JSON policy document to use as an inline session policy. You can also -// specify up to 10 managed policy Amazon Resource Names (ARNs) to use as managed -// session policies. The plaintext that you use for both inline and managed session -// policies can't exceed 2,048 characters. Passing policies to this operation -// returns new temporary credentials. The resulting session's permissions are the -// intersection of the role's identity-based policy and the session policies. You -// can use the role's temporary credentials in subsequent Amazon Web Services API -// calls to access resources in the account that owns the role. You cannot use -// session policies to grant more permissions than those allowed by the -// identity-based policy of the role that is being assumed. For more information, -// see [Session Policies]in the IAM User Guide. -// -// Calling AssumeRoleWithSAML does not require the use of Amazon Web Services -// security credentials. The identity of the caller is validated by using keys in -// the metadata document that is uploaded for the SAML provider entity for your -// identity provider. -// -// Calling AssumeRoleWithSAML can result in an entry in your CloudTrail logs. The -// entry includes the value in the NameID element of the SAML assertion. We -// recommend that you use a NameIDType that is not associated with any personally -// identifiable information (PII). For example, you could instead use the -// persistent identifier ( urn:oasis:names:tc:SAML:2.0:nameid-format:persistent ). -// -// # Tags -// -// (Optional) You can configure your IdP to pass attributes into your SAML -// assertion as session tags. Each session tag consists of a key name and an -// associated value. For more information about session tags, see [Passing Session Tags in STS]in the IAM User -// Guide. -// -// You can pass up to 50 session tags. The plaintext session tag keys can’t exceed -// 128 characters and the values can’t exceed 256 characters. For these and -// additional limits, see [IAM and STS Character Limits]in the IAM User Guide. -// -// An Amazon Web Services conversion compresses the passed inline session policy, -// managed policy ARNs, and session tags into a packed binary format that has a -// separate limit. Your request can fail for this limit even if your plaintext -// meets the other requirements. The PackedPolicySize response element indicates -// by percentage how close the policies and tags for your request are to the upper -// size limit. -// -// You can pass a session tag with the same key as a tag that is attached to the -// role. When you do, session tags override the role's tags with the same key. -// -// An administrator must grant you the permissions necessary to pass session tags. -// The administrator can also create granular permissions to allow you to pass only -// specific session tags. For more information, see [Tutorial: Using Tags for Attribute-Based Access Control]in the IAM User Guide. -// -// You can set the session tags as transitive. Transitive tags persist during role -// chaining. For more information, see [Chaining Roles with Session Tags]in the IAM User Guide. -// -// # SAML Configuration -// -// Before your application can call AssumeRoleWithSAML , you must configure your -// SAML identity provider (IdP) to issue the claims required by Amazon Web -// Services. Additionally, you must use Identity and Access Management (IAM) to -// create a SAML provider entity in your Amazon Web Services account that -// represents your identity provider. You must also create an IAM role that -// specifies this SAML provider in its trust policy. -// -// For more information, see the following resources: -// -// [About SAML 2.0-based Federation] -// - in the IAM User Guide. -// -// [Creating SAML Identity Providers] -// - in the IAM User Guide. -// -// [Configuring a Relying Party and Claims] -// - in the IAM User Guide. -// -// [Creating a Role for SAML 2.0 Federation] -// - in the IAM User Guide. -// -// [View the Maximum Session Duration Setting for a Role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session -// [Creating a Role for SAML 2.0 Federation]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html -// [IAM and STS Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length -// [Creating SAML Identity Providers]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html -// [session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session -// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html -// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html -// [Tutorial: Using Tags for Attribute-Based Access Control]: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html -// [Configuring a Relying Party and Claims]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html -// [Role chaining]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-role-chaining -// [Using IAM Roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html -// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session -// [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html -// [About SAML 2.0-based Federation]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html -// [Chaining Roles with Session Tags]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining -func (c *Client) AssumeRoleWithSAML(ctx context.Context, params *AssumeRoleWithSAMLInput, optFns ...func(*Options)) (*AssumeRoleWithSAMLOutput, error) { - if params == nil { - params = &AssumeRoleWithSAMLInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "AssumeRoleWithSAML", params, optFns, c.addOperationAssumeRoleWithSAMLMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*AssumeRoleWithSAMLOutput) - out.ResultMetadata = metadata - return out, nil -} - -type AssumeRoleWithSAMLInput struct { - - // The Amazon Resource Name (ARN) of the SAML provider in IAM that describes the - // IdP. - // - // This member is required. - PrincipalArn *string - - // The Amazon Resource Name (ARN) of the role that the caller is assuming. - // - // This member is required. - RoleArn *string - - // The base64 encoded SAML authentication response provided by the IdP. - // - // For more information, see [Configuring a Relying Party and Adding Claims] in the IAM User Guide. - // - // [Configuring a Relying Party and Adding Claims]: https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html - // - // This member is required. - SAMLAssertion *string - - // The duration, in seconds, of the role session. Your role session lasts for the - // duration that you specify for the DurationSeconds parameter, or until the time - // specified in the SAML authentication response's SessionNotOnOrAfter value, - // whichever is shorter. You can provide a DurationSeconds value from 900 seconds - // (15 minutes) up to the maximum session duration setting for the role. This - // setting can have a value from 1 hour to 12 hours. If you specify a value higher - // than this setting, the operation fails. For example, if you specify a session - // duration of 12 hours, but your administrator set the maximum session duration to - // 6 hours, your operation fails. To learn how to view the maximum value for your - // role, see [View the Maximum Session Duration Setting for a Role]in the IAM User Guide. - // - // By default, the value is set to 3600 seconds. - // - // The DurationSeconds parameter is separate from the duration of a console - // session that you might request using the returned credentials. The request to - // the federation endpoint for a console sign-in token takes a SessionDuration - // parameter that specifies the maximum length of the console session. For more - // information, see [Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console]in the IAM User Guide. - // - // [View the Maximum Session Duration Setting for a Role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session - // [Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html - DurationSeconds *int32 - - // An IAM policy in JSON format that you want to use as an inline session policy. - // - // This parameter is optional. Passing policies to this operation returns new - // temporary credentials. The resulting session's permissions are the intersection - // of the role's identity-based policy and the session policies. You can use the - // role's temporary credentials in subsequent Amazon Web Services API calls to - // access resources in the account that owns the role. You cannot use session - // policies to grant more permissions than those allowed by the identity-based - // policy of the role that is being assumed. For more information, see [Session Policies]in the IAM - // User Guide. - // - // The plaintext that you use for both inline and managed session policies can't - // exceed 2,048 characters. The JSON policy characters can be any ASCII character - // from the space character to the end of the valid character list (\u0020 through - // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage - // return (\u000D) characters. - // - // For more information about role session permissions, see [Session policies]. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - Policy *string - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you want to - // use as managed session policies. The policies must exist in the same account as - // the role. - // - // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plaintext that you use for both inline and managed session policies - // can't exceed 2,048 characters. For more information about ARNs, see [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]in the - // Amazon Web Services General Reference. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // Passing policies to this operation returns new temporary credentials. The - // resulting session's permissions are the intersection of the role's - // identity-based policy and the session policies. You can use the role's temporary - // credentials in subsequent Amazon Web Services API calls to access resources in - // the account that owns the role. You cannot use session policies to grant more - // permissions than those allowed by the identity-based policy of the role that is - // being assumed. For more information, see [Session Policies]in the IAM User Guide. - // - // [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html - PolicyArns []types.PolicyDescriptorType - - noSmithyDocumentSerde -} - -// Contains the response to a successful AssumeRoleWithSAML request, including temporary Amazon Web -// Services credentials that can be used to make Amazon Web Services requests. -type AssumeRoleWithSAMLOutput struct { - - // The identifiers for the temporary security credentials that the operation - // returns. - AssumedRoleUser *types.AssumedRoleUser - - // The value of the Recipient attribute of the SubjectConfirmationData element of - // the SAML assertion. - Audience *string - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security (or session) token. - // - // The size of the security token that STS API operations return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. - Credentials *types.Credentials - - // The value of the Issuer element of the SAML assertion. - Issuer *string - - // A hash value based on the concatenation of the following: - // - // - The Issuer response value. - // - // - The Amazon Web Services account ID. - // - // - The friendly name (the last part of the ARN) of the SAML provider in IAM. - // - // The combination of NameQualifier and Subject can be used to uniquely identify a - // user. - // - // The following pseudocode shows how the hash value is calculated: - // - // BASE64 ( SHA1 ( "https://example.com/saml" + "123456789012" + "/MySAMLIdP" ) ) - NameQualifier *string - - // A percentage value that indicates the packed size of the session policies and - // session tags combined passed in the request. The request fails if the packed - // size is greater than 100 percent, which means the policies and tags exceeded the - // allowed space. - PackedPolicySize *int32 - - // The value in the SourceIdentity attribute in the SAML assertion. The source - // identity value persists across [chained role]sessions. - // - // You can require users to set a source identity value when they assume a role. - // You do this by using the sts:SourceIdentity condition key in a role trust - // policy. That way, actions that are taken with the role are associated with that - // user. After the source identity is set, the value cannot be changed. It is - // present in the request for all actions that are taken by the role and persists - // across [chained role]sessions. You can configure your SAML identity provider to use an - // attribute associated with your users, like user name or email, as the source - // identity when calling AssumeRoleWithSAML . You do this by adding an attribute to - // the SAML assertion. For more information about using source identity, see [Monitor and control actions taken with assumed roles]in - // the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@- - // - // [chained role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html#id_roles_terms-and-concepts - // [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html - SourceIdentity *string - - // The value of the NameID element in the Subject element of the SAML assertion. - Subject *string - - // The format of the name ID, as defined by the Format attribute in the NameID - // element of the SAML assertion. Typical examples of the format are transient or - // persistent . - // - // If the format includes the prefix urn:oasis:names:tc:SAML:2.0:nameid-format , - // that prefix is removed. For example, - // urn:oasis:names:tc:SAML:2.0:nameid-format:transient is returned as transient . - // If the format includes any other prefix, the format is returned with no - // modifications. - SubjectType *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationAssumeRoleWithSAMLMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRoleWithSAML{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAssumeRoleWithSAML{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRoleWithSAML"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpAssumeRoleWithSAMLValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAssumeRoleWithSAML(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opAssumeRoleWithSAML(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "AssumeRoleWithSAML", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go deleted file mode 100644 index e5708cbd..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoleWithWebIdentity.go +++ /dev/null @@ -1,478 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns a set of temporary security credentials for users who have been -// authenticated in a mobile or web application with a web identity provider. -// Example providers include the OAuth 2.0 providers Login with Amazon and -// Facebook, or any OpenID Connect-compatible identity provider such as Google or [Amazon Cognito federated identities]. -// -// For mobile applications, we recommend that you use Amazon Cognito. You can use -// Amazon Cognito with the [Amazon Web Services SDK for iOS Developer Guide]and the [Amazon Web Services SDK for Android Developer Guide] to uniquely identify a user. You can also -// supply the user with a consistent identity throughout the lifetime of an -// application. -// -// To learn more about Amazon Cognito, see [Amazon Cognito identity pools] in Amazon Cognito Developer Guide. -// -// Calling AssumeRoleWithWebIdentity does not require the use of Amazon Web -// Services security credentials. Therefore, you can distribute an application (for -// example, on mobile devices) that requests temporary security credentials without -// including long-term Amazon Web Services credentials in the application. You also -// don't need to deploy server-based proxy services that use long-term Amazon Web -// Services credentials. Instead, the identity of the caller is validated by using -// a token from the web identity provider. For a comparison of -// AssumeRoleWithWebIdentity with the other API operations that produce temporary -// credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the IAM User Guide. -// -// The temporary security credentials returned by this API consist of an access -// key ID, a secret access key, and a security token. Applications can use these -// temporary security credentials to sign calls to Amazon Web Services service API -// operations. -// -// # Session Duration -// -// By default, the temporary security credentials created by -// AssumeRoleWithWebIdentity last for one hour. However, you can use the optional -// DurationSeconds parameter to specify the duration of your session. You can -// provide a value from 900 seconds (15 minutes) up to the maximum session duration -// setting for the role. This setting can have a value from 1 hour to 12 hours. To -// learn how to view the maximum value for your role, see [Update the maximum session duration for a role]in the IAM User Guide. -// The maximum session duration limit applies when you use the AssumeRole* API -// operations or the assume-role* CLI commands. However the limit does not apply -// when you use those operations to create a console URL. For more information, see -// [Using IAM Roles]in the IAM User Guide. -// -// # Permissions -// -// The temporary security credentials created by AssumeRoleWithWebIdentity can be -// used to make API calls to any Amazon Web Services service with the following -// exception: you cannot call the STS GetFederationToken or GetSessionToken API -// operations. -// -// (Optional) You can pass inline or managed [session policies] to this operation. You can pass a -// single JSON policy document to use as an inline session policy. You can also -// specify up to 10 managed policy Amazon Resource Names (ARNs) to use as managed -// session policies. The plaintext that you use for both inline and managed session -// policies can't exceed 2,048 characters. Passing policies to this operation -// returns new temporary credentials. The resulting session's permissions are the -// intersection of the role's identity-based policy and the session policies. You -// can use the role's temporary credentials in subsequent Amazon Web Services API -// calls to access resources in the account that owns the role. You cannot use -// session policies to grant more permissions than those allowed by the -// identity-based policy of the role that is being assumed. For more information, -// see [Session Policies]in the IAM User Guide. -// -// # Tags -// -// (Optional) You can configure your IdP to pass attributes into your web identity -// token as session tags. Each session tag consists of a key name and an associated -// value. For more information about session tags, see [Passing Session Tags in STS]in the IAM User Guide. -// -// You can pass up to 50 session tags. The plaintext session tag keys can’t exceed -// 128 characters and the values can’t exceed 256 characters. For these and -// additional limits, see [IAM and STS Character Limits]in the IAM User Guide. -// -// An Amazon Web Services conversion compresses the passed inline session policy, -// managed policy ARNs, and session tags into a packed binary format that has a -// separate limit. Your request can fail for this limit even if your plaintext -// meets the other requirements. The PackedPolicySize response element indicates -// by percentage how close the policies and tags for your request are to the upper -// size limit. -// -// You can pass a session tag with the same key as a tag that is attached to the -// role. When you do, the session tag overrides the role tag with the same key. -// -// An administrator must grant you the permissions necessary to pass session tags. -// The administrator can also create granular permissions to allow you to pass only -// specific session tags. For more information, see [Tutorial: Using Tags for Attribute-Based Access Control]in the IAM User Guide. -// -// You can set the session tags as transitive. Transitive tags persist during role -// chaining. For more information, see [Chaining Roles with Session Tags]in the IAM User Guide. -// -// # Identities -// -// Before your application can call AssumeRoleWithWebIdentity , you must have an -// identity token from a supported identity provider and create a role that the -// application can assume. The role that your application assumes must trust the -// identity provider that is associated with the identity token. In other words, -// the identity provider must be specified in the role's trust policy. -// -// Calling AssumeRoleWithWebIdentity can result in an entry in your CloudTrail -// logs. The entry includes the [Subject]of the provided web identity token. We recommend -// that you avoid using any personally identifiable information (PII) in this -// field. For example, you could instead use a GUID or a pairwise identifier, as [suggested in the OIDC specification]. -// -// For more information about how to use OIDC federation and the -// AssumeRoleWithWebIdentity API, see the following resources: -// -// [Using Web Identity Federation API Operations for Mobile Apps] -// - and [Federation Through a Web-based Identity Provider]. -// -// [Amazon Web Services SDK for iOS Developer Guide] -// - and [Amazon Web Services SDK for Android Developer Guide]. These toolkits contain sample apps that show how to invoke the -// identity providers. The toolkits then show how to use the information from these -// providers to get and use temporary security credentials. -// -// [Amazon Web Services SDK for iOS Developer Guide]: http://aws.amazon.com/sdkforios/ -// [Amazon Web Services SDK for Android Developer Guide]: http://aws.amazon.com/sdkforandroid/ -// [IAM and STS Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length -// [session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session -// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html -// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html -// [Subject]: http://openid.net/specs/openid-connect-core-1_0.html#Claims -// [Tutorial: Using Tags for Attribute-Based Access Control]: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html -// [Amazon Cognito identity pools]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html -// [Federation Through a Web-based Identity Provider]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity -// [Using IAM Roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html -// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session -// [Amazon Cognito federated identities]: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html -// [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html -// [Chaining Roles with Session Tags]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining -// [Update the maximum session duration for a role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_update-role-settings.html#id_roles_update-session-duration -// [Using Web Identity Federation API Operations for Mobile Apps]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html -// [suggested in the OIDC specification]: http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes -func (c *Client) AssumeRoleWithWebIdentity(ctx context.Context, params *AssumeRoleWithWebIdentityInput, optFns ...func(*Options)) (*AssumeRoleWithWebIdentityOutput, error) { - if params == nil { - params = &AssumeRoleWithWebIdentityInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "AssumeRoleWithWebIdentity", params, optFns, c.addOperationAssumeRoleWithWebIdentityMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*AssumeRoleWithWebIdentityOutput) - out.ResultMetadata = metadata - return out, nil -} - -type AssumeRoleWithWebIdentityInput struct { - - // The Amazon Resource Name (ARN) of the role that the caller is assuming. - // - // Additional considerations apply to Amazon Cognito identity pools that assume [cross-account IAM roles]. - // The trust policies of these roles must accept the cognito-identity.amazonaws.com - // service principal and must contain the cognito-identity.amazonaws.com:aud - // condition key to restrict role assumption to users from your intended identity - // pools. A policy that trusts Amazon Cognito identity pools without this condition - // creates a risk that a user from an unintended identity pool can assume the role. - // For more information, see [Trust policies for IAM roles in Basic (Classic) authentication]in the Amazon Cognito Developer Guide. - // - // [cross-account IAM roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies-cross-account-resource-access.html - // [Trust policies for IAM roles in Basic (Classic) authentication]: https://docs.aws.amazon.com/cognito/latest/developerguide/iam-roles.html#trust-policies - // - // This member is required. - RoleArn *string - - // An identifier for the assumed role session. Typically, you pass the name or - // identifier that is associated with the user who is using your application. That - // way, the temporary security credentials that your application will use are - // associated with that user. This session name is included as part of the ARN and - // assumed role ID in the AssumedRoleUser response element. - // - // For security purposes, administrators can view this field in [CloudTrail logs] to help identify - // who performed an action in Amazon Web Services. Your administrator might require - // that you specify your user name as the session name when you assume the role. - // For more information, see [sts:RoleSessionName]sts:RoleSessionName . - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@- - // - // [CloudTrail logs]: https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html#cloudtrail-integration_signin-tempcreds - // [sts:RoleSessionName]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#ck_rolesessionname - // - // This member is required. - RoleSessionName *string - - // The OAuth 2.0 access token or OpenID Connect ID token that is provided by the - // identity provider. Your application must get this token by authenticating the - // user who is using your application with a web identity provider before the - // application makes an AssumeRoleWithWebIdentity call. Timestamps in the token - // must be formatted as either an integer or a long integer. Tokens must be signed - // using either RSA keys (RS256, RS384, or RS512) or ECDSA keys (ES256, ES384, or - // ES512). - // - // This member is required. - WebIdentityToken *string - - // The duration, in seconds, of the role session. The value can range from 900 - // seconds (15 minutes) up to the maximum session duration setting for the role. - // This setting can have a value from 1 hour to 12 hours. If you specify a value - // higher than this setting, the operation fails. For example, if you specify a - // session duration of 12 hours, but your administrator set the maximum session - // duration to 6 hours, your operation fails. To learn how to view the maximum - // value for your role, see [View the Maximum Session Duration Setting for a Role]in the IAM User Guide. - // - // By default, the value is set to 3600 seconds. - // - // The DurationSeconds parameter is separate from the duration of a console - // session that you might request using the returned credentials. The request to - // the federation endpoint for a console sign-in token takes a SessionDuration - // parameter that specifies the maximum length of the console session. For more - // information, see [Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console]in the IAM User Guide. - // - // [View the Maximum Session Duration Setting for a Role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session - // [Creating a URL that Enables Federated Users to Access the Amazon Web Services Management Console]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html - DurationSeconds *int32 - - // An IAM policy in JSON format that you want to use as an inline session policy. - // - // This parameter is optional. Passing policies to this operation returns new - // temporary credentials. The resulting session's permissions are the intersection - // of the role's identity-based policy and the session policies. You can use the - // role's temporary credentials in subsequent Amazon Web Services API calls to - // access resources in the account that owns the role. You cannot use session - // policies to grant more permissions than those allowed by the identity-based - // policy of the role that is being assumed. For more information, see [Session Policies]in the IAM - // User Guide. - // - // The plaintext that you use for both inline and managed session policies can't - // exceed 2,048 characters. The JSON policy characters can be any ASCII character - // from the space character to the end of the valid character list (\u0020 through - // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage - // return (\u000D) characters. - // - // For more information about role session permissions, see [Session policies]. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Session policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - Policy *string - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you want to - // use as managed session policies. The policies must exist in the same account as - // the role. - // - // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plaintext that you use for both inline and managed session policies - // can't exceed 2,048 characters. For more information about ARNs, see [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]in the - // Amazon Web Services General Reference. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // Passing policies to this operation returns new temporary credentials. The - // resulting session's permissions are the intersection of the role's - // identity-based policy and the session policies. You can use the role's temporary - // credentials in subsequent Amazon Web Services API calls to access resources in - // the account that owns the role. You cannot use session policies to grant more - // permissions than those allowed by the identity-based policy of the role that is - // being assumed. For more information, see [Session Policies]in the IAM User Guide. - // - // [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html - PolicyArns []types.PolicyDescriptorType - - // The fully qualified host component of the domain name of the OAuth 2.0 identity - // provider. Do not specify this value for an OpenID Connect identity provider. - // - // Currently www.amazon.com and graph.facebook.com are the only supported identity - // providers for OAuth 2.0 access tokens. Do not include URL schemes and port - // numbers. - // - // Do not specify this value for OpenID Connect ID tokens. - ProviderId *string - - noSmithyDocumentSerde -} - -// Contains the response to a successful AssumeRoleWithWebIdentity request, including temporary Amazon Web -// Services credentials that can be used to make Amazon Web Services requests. -type AssumeRoleWithWebIdentityOutput struct { - - // The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers - // that you can use to refer to the resulting temporary security credentials. For - // example, you can reference these credentials as a principal in a resource-based - // policy by using the ARN or assumed role ID. The ARN and ID include the - // RoleSessionName that you specified when you called AssumeRole . - AssumedRoleUser *types.AssumedRoleUser - - // The intended audience (also known as client ID) of the web identity token. This - // is traditionally the client identifier issued to the application that requested - // the web identity token. - Audience *string - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security token. - // - // The size of the security token that STS API operations return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. - Credentials *types.Credentials - - // A percentage value that indicates the packed size of the session policies and - // session tags combined passed in the request. The request fails if the packed - // size is greater than 100 percent, which means the policies and tags exceeded the - // allowed space. - PackedPolicySize *int32 - - // The issuing authority of the web identity token presented. For OpenID Connect - // ID tokens, this contains the value of the iss field. For OAuth 2.0 access - // tokens, this contains the value of the ProviderId parameter that was passed in - // the AssumeRoleWithWebIdentity request. - Provider *string - - // The value of the source identity that is returned in the JSON web token (JWT) - // from the identity provider. - // - // You can require users to set a source identity value when they assume a role. - // You do this by using the sts:SourceIdentity condition key in a role trust - // policy. That way, actions that are taken with the role are associated with that - // user. After the source identity is set, the value cannot be changed. It is - // present in the request for all actions that are taken by the role and persists - // across [chained role]sessions. You can configure your identity provider to use an attribute - // associated with your users, like user name or email, as the source identity when - // calling AssumeRoleWithWebIdentity . You do this by adding a claim to the JSON - // web token. To learn more about OIDC tokens and claims, see [Using Tokens with User Pools]in the Amazon - // Cognito Developer Guide. For more information about using source identity, see [Monitor and control actions taken with assumed roles] - // in the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@- - // - // [chained role]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html#id_roles_terms-and-concepts - // [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html - // [Using Tokens with User Pools]: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html - SourceIdentity *string - - // The unique user identifier that is returned by the identity provider. This - // identifier is associated with the WebIdentityToken that was submitted with the - // AssumeRoleWithWebIdentity call. The identifier is typically unique to the user - // and the application that acquired the WebIdentityToken (pairwise identifier). - // For OpenID Connect ID tokens, this field contains the value returned by the - // identity provider as the token's sub (Subject) claim. - SubjectFromWebIdentityToken *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationAssumeRoleWithWebIdentityMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRoleWithWebIdentity{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAssumeRoleWithWebIdentity{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRoleWithWebIdentity"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpAssumeRoleWithWebIdentityValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAssumeRoleWithWebIdentity(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opAssumeRoleWithWebIdentity(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "AssumeRoleWithWebIdentity", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoot.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoot.go deleted file mode 100644 index a0f7a467..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_AssumeRoot.go +++ /dev/null @@ -1,223 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns a set of short term credentials you can use to perform privileged tasks -// on a member account in your organization. -// -// Before you can launch a privileged session, you must have centralized root -// access in your organization. For steps to enable this feature, see [Centralize root access for member accounts]in the IAM -// User Guide. -// -// The STS global endpoint is not supported for AssumeRoot. You must send this -// request to a Regional STS endpoint. For more information, see [Endpoints]. -// -// You can track AssumeRoot in CloudTrail logs to determine what actions were -// performed in a session. For more information, see [Track privileged tasks in CloudTrail]in the IAM User Guide. -// -// [Endpoints]: https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html#sts-endpoints -// [Track privileged tasks in CloudTrail]: https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-track-privileged-tasks.html -// [Centralize root access for member accounts]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html -func (c *Client) AssumeRoot(ctx context.Context, params *AssumeRootInput, optFns ...func(*Options)) (*AssumeRootOutput, error) { - if params == nil { - params = &AssumeRootInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "AssumeRoot", params, optFns, c.addOperationAssumeRootMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*AssumeRootOutput) - out.ResultMetadata = metadata - return out, nil -} - -type AssumeRootInput struct { - - // The member account principal ARN or account ID. - // - // This member is required. - TargetPrincipal *string - - // The identity based policy that scopes the session to the privileged tasks that - // can be performed. You can use one of following Amazon Web Services managed - // policies to scope root session actions. - // - // [IAMAuditRootUserCredentials] - // - // [IAMCreateRootUserPassword] - // - // [IAMDeleteRootUserCredentials] - // - // [S3UnlockBucketPolicy] - // - // [SQSUnlockQueuePolicy] - // - // [IAMDeleteRootUserCredentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMDeleteRootUserCredentials - // [IAMCreateRootUserPassword]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMCreateRootUserPassword - // [IAMAuditRootUserCredentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMAuditRootUserCredentials - // [S3UnlockBucketPolicy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-S3UnlockBucketPolicy - // [SQSUnlockQueuePolicy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-SQSUnlockQueuePolicy - // - // This member is required. - TaskPolicyArn *types.PolicyDescriptorType - - // The duration, in seconds, of the privileged session. The value can range from 0 - // seconds up to the maximum session duration of 900 seconds (15 minutes). If you - // specify a value higher than this setting, the operation fails. - // - // By default, the value is set to 900 seconds. - DurationSeconds *int32 - - noSmithyDocumentSerde -} - -type AssumeRootOutput struct { - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security token. - // - // The size of the security token that STS API operations return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. - Credentials *types.Credentials - - // The source identity specified by the principal that is calling the AssumeRoot - // operation. - // - // You can use the aws:SourceIdentity condition key to control access based on the - // value of source identity. For more information about using source identity, see [Monitor and control actions taken with assumed roles] - // in the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@- - // - // [Monitor and control actions taken with assumed roles]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html - SourceIdentity *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationAssumeRootMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpAssumeRoot{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpAssumeRoot{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "AssumeRoot"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpAssumeRootValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAssumeRoot(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opAssumeRoot(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "AssumeRoot", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go deleted file mode 100644 index 9e7cb17d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_DecodeAuthorizationMessage.go +++ /dev/null @@ -1,195 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Decodes additional information about the authorization status of a request from -// an encoded message returned in response to an Amazon Web Services request. -// -// For example, if a user is not authorized to perform an operation that he or she -// has requested, the request returns a Client.UnauthorizedOperation response (an -// HTTP 403 response). Some Amazon Web Services operations additionally return an -// encoded message that can provide details about this authorization failure. -// -// Only certain Amazon Web Services operations return an encoded authorization -// message. The documentation for an individual operation indicates whether that -// operation returns an encoded message in addition to returning an HTTP code. -// -// The message is encoded because the details of the authorization status can -// contain privileged information that the user who requested the operation should -// not see. To decode an authorization status message, a user must be granted -// permissions through an IAM [policy]to request the DecodeAuthorizationMessage ( -// sts:DecodeAuthorizationMessage ) action. -// -// The decoded message includes the following type of information: -// -// - Whether the request was denied due to an explicit deny or due to the -// absence of an explicit allow. For more information, see [Determining Whether a Request is Allowed or Denied]in the IAM User -// Guide. -// -// - The principal who made the request. -// -// - The requested action. -// -// - The requested resource. -// -// - The values of condition keys in the context of the user's request. -// -// [Determining Whether a Request is Allowed or Denied]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow -// [policy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html -func (c *Client) DecodeAuthorizationMessage(ctx context.Context, params *DecodeAuthorizationMessageInput, optFns ...func(*Options)) (*DecodeAuthorizationMessageOutput, error) { - if params == nil { - params = &DecodeAuthorizationMessageInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "DecodeAuthorizationMessage", params, optFns, c.addOperationDecodeAuthorizationMessageMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*DecodeAuthorizationMessageOutput) - out.ResultMetadata = metadata - return out, nil -} - -type DecodeAuthorizationMessageInput struct { - - // The encoded message that was returned with the response. - // - // This member is required. - EncodedMessage *string - - noSmithyDocumentSerde -} - -// A document that contains additional information about the authorization status -// of a request from an encoded message that is returned in response to an Amazon -// Web Services request. -type DecodeAuthorizationMessageOutput struct { - - // The API returns a response with the decoded message. - DecodedMessage *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationDecodeAuthorizationMessageMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpDecodeAuthorizationMessage{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpDecodeAuthorizationMessage{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "DecodeAuthorizationMessage"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpDecodeAuthorizationMessageValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opDecodeAuthorizationMessage(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opDecodeAuthorizationMessage(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "DecodeAuthorizationMessage", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go deleted file mode 100644 index 28c05f13..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetAccessKeyInfo.go +++ /dev/null @@ -1,186 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns the account identifier for the specified access key ID. -// -// Access keys consist of two parts: an access key ID (for example, -// AKIAIOSFODNN7EXAMPLE ) and a secret access key (for example, -// wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY ). For more information about access -// keys, see [Managing Access Keys for IAM Users]in the IAM User Guide. -// -// When you pass an access key ID to this operation, it returns the ID of the -// Amazon Web Services account to which the keys belong. Access key IDs beginning -// with AKIA are long-term credentials for an IAM user or the Amazon Web Services -// account root user. Access key IDs beginning with ASIA are temporary credentials -// that are created using STS operations. If the account in the response belongs to -// you, you can sign in as the root user and review your root user access keys. -// Then, you can pull a [credentials report]to learn which IAM user owns the keys. To learn who -// requested the temporary credentials for an ASIA access key, view the STS events -// in your [CloudTrail logs]in the IAM User Guide. -// -// This operation does not indicate the state of the access key. The key might be -// active, inactive, or deleted. Active keys might not have permissions to perform -// an operation. Providing a deleted access key might return an error that the key -// doesn't exist. -// -// [credentials report]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html -// [CloudTrail logs]: https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html -// [Managing Access Keys for IAM Users]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html -func (c *Client) GetAccessKeyInfo(ctx context.Context, params *GetAccessKeyInfoInput, optFns ...func(*Options)) (*GetAccessKeyInfoOutput, error) { - if params == nil { - params = &GetAccessKeyInfoInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetAccessKeyInfo", params, optFns, c.addOperationGetAccessKeyInfoMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*GetAccessKeyInfoOutput) - out.ResultMetadata = metadata - return out, nil -} - -type GetAccessKeyInfoInput struct { - - // The identifier of an access key. - // - // This parameter allows (through its regex pattern) a string of characters that - // can consist of any upper- or lowercase letter or digit. - // - // This member is required. - AccessKeyId *string - - noSmithyDocumentSerde -} - -type GetAccessKeyInfoOutput struct { - - // The number used to identify the Amazon Web Services account. - Account *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationGetAccessKeyInfoMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpGetAccessKeyInfo{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetAccessKeyInfo{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "GetAccessKeyInfo"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpGetAccessKeyInfoValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetAccessKeyInfo(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opGetAccessKeyInfo(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "GetAccessKeyInfo", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go deleted file mode 100644 index de137b7d..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetCallerIdentity.go +++ /dev/null @@ -1,198 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/aws/signer/v4" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns details about the IAM user or role whose credentials are used to call -// the operation. -// -// No permissions are required to perform this operation. If an administrator -// attaches a policy to your identity that explicitly denies access to the -// sts:GetCallerIdentity action, you can still perform this operation. Permissions -// are not required because the same information is returned when access is denied. -// To view an example response, see [I Am Not Authorized to Perform: iam:DeleteVirtualMFADevice]in the IAM User Guide. -// -// [I Am Not Authorized to Perform: iam:DeleteVirtualMFADevice]: https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa -func (c *Client) GetCallerIdentity(ctx context.Context, params *GetCallerIdentityInput, optFns ...func(*Options)) (*GetCallerIdentityOutput, error) { - if params == nil { - params = &GetCallerIdentityInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetCallerIdentity", params, optFns, c.addOperationGetCallerIdentityMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*GetCallerIdentityOutput) - out.ResultMetadata = metadata - return out, nil -} - -type GetCallerIdentityInput struct { - noSmithyDocumentSerde -} - -// Contains the response to a successful GetCallerIdentity request, including information about the -// entity making the request. -type GetCallerIdentityOutput struct { - - // The Amazon Web Services account ID number of the account that owns or contains - // the calling entity. - Account *string - - // The Amazon Web Services ARN associated with the calling entity. - Arn *string - - // The unique identifier of the calling entity. The exact value depends on the - // type of entity that is making the call. The values returned are those listed in - // the aws:userid column in the [Principal table]found on the Policy Variables reference page in - // the IAM User Guide. - // - // [Principal table]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable - UserId *string - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationGetCallerIdentityMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpGetCallerIdentity{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetCallerIdentity{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "GetCallerIdentity"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetCallerIdentity(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opGetCallerIdentity(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "GetCallerIdentity", - } -} - -// PresignGetCallerIdentity is used to generate a presigned HTTP Request which -// contains presigned URL, signed headers and HTTP method used. -func (c *PresignClient) PresignGetCallerIdentity(ctx context.Context, params *GetCallerIdentityInput, optFns ...func(*PresignOptions)) (*v4.PresignedHTTPRequest, error) { - if params == nil { - params = &GetCallerIdentityInput{} - } - options := c.options.copy() - for _, fn := range optFns { - fn(&options) - } - clientOptFns := append(options.ClientOptions, withNopHTTPClientAPIOption) - - result, _, err := c.client.invokeOperation(ctx, "GetCallerIdentity", params, clientOptFns, - c.client.addOperationGetCallerIdentityMiddlewares, - presignConverter(options).convertToPresignMiddleware, - ) - if err != nil { - return nil, err - } - - out := result.(*v4.PresignedHTTPRequest) - return out, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go deleted file mode 100644 index 67c041b3..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetFederationToken.go +++ /dev/null @@ -1,399 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns a set of temporary security credentials (consisting of an access key -// ID, a secret access key, and a security token) for a user. A typical use is in a -// proxy application that gets temporary security credentials on behalf of -// distributed applications inside a corporate network. -// -// You must call the GetFederationToken operation using the long-term security -// credentials of an IAM user. As a result, this call is appropriate in contexts -// where those credentials can be safeguarded, usually in a server-based -// application. For a comparison of GetFederationToken with the other API -// operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the IAM User Guide. -// -// Although it is possible to call GetFederationToken using the security -// credentials of an Amazon Web Services account root user rather than an IAM user -// that you create for the purpose of a proxy application, we do not recommend it. -// For more information, see [Safeguard your root user credentials and don't use them for everyday tasks]in the IAM User Guide. -// -// You can create a mobile-based or browser-based app that can authenticate users -// using a web identity provider like Login with Amazon, Facebook, Google, or an -// OpenID Connect-compatible identity provider. In this case, we recommend that you -// use [Amazon Cognito]or AssumeRoleWithWebIdentity . For more information, see [Federation Through a Web-based Identity Provider] in the IAM User -// Guide. -// -// # Session duration -// -// The temporary credentials are valid for the specified duration, from 900 -// seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default -// session duration is 43,200 seconds (12 hours). Temporary credentials obtained by -// using the root user credentials have a maximum duration of 3,600 seconds (1 -// hour). -// -// # Permissions -// -// You can use the temporary credentials created by GetFederationToken in any -// Amazon Web Services service with the following exceptions: -// -// - You cannot call any IAM operations using the CLI or the Amazon Web Services -// API. This limitation does not apply to console sessions. -// -// - You cannot call any STS operations except GetCallerIdentity . -// -// You can use temporary credentials for single sign-on (SSO) to the console. -// -// You must pass an inline or managed [session policy] to this operation. You can pass a single -// JSON policy document to use as an inline session policy. You can also specify up -// to 10 managed policy Amazon Resource Names (ARNs) to use as managed session -// policies. The plaintext that you use for both inline and managed session -// policies can't exceed 2,048 characters. -// -// Though the session policy parameters are optional, if you do not pass a policy, -// then the resulting federated user session has no permissions. When you pass -// session policies, the session permissions are the intersection of the IAM user -// policies and the session policies that you pass. This gives you a way to further -// restrict the permissions for a federated user. You cannot use session policies -// to grant more permissions than those that are defined in the permissions policy -// of the IAM user. For more information, see [Session Policies]in the IAM User Guide. For -// information about using GetFederationToken to create temporary security -// credentials, see [GetFederationToken—Federation Through a Custom Identity Broker]. -// -// You can use the credentials to access a resource that has a resource-based -// policy. If that policy specifically references the federated user session in the -// Principal element of the policy, the session has the permissions allowed by the -// policy. These permissions are granted in addition to the permissions granted by -// the session policies. -// -// # Tags -// -// (Optional) You can pass tag key-value pairs to your session. These are called -// session tags. For more information about session tags, see [Passing Session Tags in STS]in the IAM User -// Guide. -// -// You can create a mobile-based or browser-based app that can authenticate users -// using a web identity provider like Login with Amazon, Facebook, Google, or an -// OpenID Connect-compatible identity provider. In this case, we recommend that you -// use [Amazon Cognito]or AssumeRoleWithWebIdentity . For more information, see [Federation Through a Web-based Identity Provider] in the IAM User -// Guide. -// -// An administrator must grant you the permissions necessary to pass session tags. -// The administrator can also create granular permissions to allow you to pass only -// specific session tags. For more information, see [Tutorial: Using Tags for Attribute-Based Access Control]in the IAM User Guide. -// -// Tag key–value pairs are not case sensitive, but case is preserved. This means -// that you cannot have separate Department and department tag keys. Assume that -// the user that you are federating has the Department = Marketing tag and you -// pass the department = engineering session tag. Department and department are -// not saved as separate tags, and the session tag passed in the request takes -// precedence over the user tag. -// -// [Federation Through a Web-based Identity Provider]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity -// [session policy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session -// [Amazon Cognito]: http://aws.amazon.com/cognito/ -// [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session -// [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html -// [GetFederationToken—Federation Through a Custom Identity Broker]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken -// [Safeguard your root user credentials and don't use them for everyday tasks]: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials -// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html -// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html -// [Tutorial: Using Tags for Attribute-Based Access Control]: https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html -func (c *Client) GetFederationToken(ctx context.Context, params *GetFederationTokenInput, optFns ...func(*Options)) (*GetFederationTokenOutput, error) { - if params == nil { - params = &GetFederationTokenInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetFederationToken", params, optFns, c.addOperationGetFederationTokenMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*GetFederationTokenOutput) - out.ResultMetadata = metadata - return out, nil -} - -type GetFederationTokenInput struct { - - // The name of the federated user. The name is used as an identifier for the - // temporary security credentials (such as Bob ). For example, you can reference - // the federated user name in a resource-based policy, such as in an Amazon S3 - // bucket policy. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@- - // - // This member is required. - Name *string - - // The duration, in seconds, that the session should last. Acceptable durations - // for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds - // (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained - // using root user credentials are restricted to a maximum of 3,600 seconds (one - // hour). If the specified duration is longer than one hour, the session obtained - // by using root user credentials defaults to one hour. - DurationSeconds *int32 - - // An IAM policy in JSON format that you want to use as an inline session policy. - // - // You must pass an inline or managed [session policy] to this operation. You can pass a single - // JSON policy document to use as an inline session policy. You can also specify up - // to 10 managed policy Amazon Resource Names (ARNs) to use as managed session - // policies. - // - // This parameter is optional. However, if you do not pass any session policies, - // then the resulting federated user session has no permissions. - // - // When you pass session policies, the session permissions are the intersection of - // the IAM user policies and the session policies that you pass. This gives you a - // way to further restrict the permissions for a federated user. You cannot use - // session policies to grant more permissions than those that are defined in the - // permissions policy of the IAM user. For more information, see [Session Policies]in the IAM User - // Guide. - // - // The resulting credentials can be used to access a resource that has a - // resource-based policy. If that policy specifically references the federated user - // session in the Principal element of the policy, the session has the permissions - // allowed by the policy. These permissions are granted in addition to the - // permissions that are granted by the session policies. - // - // The plaintext that you use for both inline and managed session policies can't - // exceed 2,048 characters. The JSON policy characters can be any ASCII character - // from the space character to the end of the valid character list (\u0020 through - // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage - // return (\u000D) characters. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // [session policy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - Policy *string - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you want to - // use as a managed session policy. The policies must exist in the same account as - // the IAM user that is requesting federated access. - // - // You must pass an inline or managed [session policy] to this operation. You can pass a single - // JSON policy document to use as an inline session policy. You can also specify up - // to 10 managed policy Amazon Resource Names (ARNs) to use as managed session - // policies. The plaintext that you use for both inline and managed session - // policies can't exceed 2,048 characters. You can provide up to 10 managed policy - // ARNs. For more information about ARNs, see [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]in the Amazon Web Services General - // Reference. - // - // This parameter is optional. However, if you do not pass any session policies, - // then the resulting federated user session has no permissions. - // - // When you pass session policies, the session permissions are the intersection of - // the IAM user policies and the session policies that you pass. This gives you a - // way to further restrict the permissions for a federated user. You cannot use - // session policies to grant more permissions than those that are defined in the - // permissions policy of the IAM user. For more information, see [Session Policies]in the IAM User - // Guide. - // - // The resulting credentials can be used to access a resource that has a - // resource-based policy. If that policy specifically references the federated user - // session in the Principal element of the policy, the session has the permissions - // allowed by the policy. These permissions are granted in addition to the - // permissions that are granted by the session policies. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // [session policy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Session Policies]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session - // [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html - PolicyArns []types.PolicyDescriptorType - - // A list of session tags. Each session tag consists of a key name and an - // associated value. For more information about session tags, see [Passing Session Tags in STS]in the IAM User - // Guide. - // - // This parameter is optional. You can pass up to 50 session tags. The plaintext - // session tag keys can’t exceed 128 characters and the values can’t exceed 256 - // characters. For these and additional limits, see [IAM and STS Character Limits]in the IAM User Guide. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has a - // separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the upper - // size limit. - // - // You can pass a session tag with the same key as a tag that is already attached - // to the user you are federating. When you do, session tags override a user tag - // with the same key. - // - // Tag key–value pairs are not case sensitive, but case is preserved. This means - // that you cannot have separate Department and department tag keys. Assume that - // the role has the Department = Marketing tag and you pass the department = - // engineering session tag. Department and department are not saved as separate - // tags, and the session tag passed in the request takes precedence over the role - // tag. - // - // [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html - // [IAM and STS Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length - Tags []types.Tag - - noSmithyDocumentSerde -} - -// Contains the response to a successful GetFederationToken request, including temporary Amazon Web -// Services credentials that can be used to make Amazon Web Services requests. -type GetFederationTokenOutput struct { - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security (or session) token. - // - // The size of the security token that STS API operations return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. - Credentials *types.Credentials - - // Identifiers for the federated user associated with the credentials (such as - // arn:aws:sts::123456789012:federated-user/Bob or 123456789012:Bob ). You can use - // the federated user's ARN in your resource-based policies, such as an Amazon S3 - // bucket policy. - FederatedUser *types.FederatedUser - - // A percentage value that indicates the packed size of the session policies and - // session tags combined passed in the request. The request fails if the packed - // size is greater than 100 percent, which means the policies and tags exceeded the - // allowed space. - PackedPolicySize *int32 - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationGetFederationTokenMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpGetFederationToken{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetFederationToken{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "GetFederationToken"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = addOpGetFederationTokenValidationMiddleware(stack); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetFederationToken(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opGetFederationToken(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "GetFederationToken", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go deleted file mode 100644 index 903d151c..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/api_op_GetSessionToken.go +++ /dev/null @@ -1,245 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Returns a set of temporary credentials for an Amazon Web Services account or -// IAM user. The credentials consist of an access key ID, a secret access key, and -// a security token. Typically, you use GetSessionToken if you want to use MFA to -// protect programmatic calls to specific Amazon Web Services API operations like -// Amazon EC2 StopInstances . -// -// MFA-enabled IAM users must call GetSessionToken and submit an MFA code that is -// associated with their MFA device. Using the temporary security credentials that -// the call returns, IAM users can then make programmatic calls to API operations -// that require MFA authentication. An incorrect MFA code causes the API to return -// an access denied error. For a comparison of GetSessionToken with the other API -// operations that produce temporary credentials, see [Requesting Temporary Security Credentials]and [Compare STS credentials] in the IAM User Guide. -// -// No permissions are required for users to perform this operation. The purpose of -// the sts:GetSessionToken operation is to authenticate the user using MFA. You -// cannot use policies to control authentication operations. For more information, -// see [Permissions for GetSessionToken]in the IAM User Guide. -// -// # Session Duration -// -// The GetSessionToken operation must be called by using the long-term Amazon Web -// Services security credentials of an IAM user. Credentials that are created by -// IAM users are valid for the duration that you specify. This duration can range -// from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours), -// with a default of 43,200 seconds (12 hours). Credentials based on account -// credentials can range from 900 seconds (15 minutes) up to 3,600 seconds (1 -// hour), with a default of 1 hour. -// -// # Permissions -// -// The temporary security credentials created by GetSessionToken can be used to -// make API calls to any Amazon Web Services service with the following exceptions: -// -// - You cannot call any IAM API operations unless MFA authentication -// information is included in the request. -// -// - You cannot call any STS API except AssumeRole or GetCallerIdentity . -// -// The credentials that GetSessionToken returns are based on permissions -// associated with the IAM user whose credentials were used to call the operation. -// The temporary credentials have the same permissions as the IAM user. -// -// Although it is possible to call GetSessionToken using the security credentials -// of an Amazon Web Services account root user rather than an IAM user, we do not -// recommend it. If GetSessionToken is called using root user credentials, the -// temporary credentials have root user permissions. For more information, see [Safeguard your root user credentials and don't use them for everyday tasks]in -// the IAM User Guide -// -// For more information about using GetSessionToken to create temporary -// credentials, see [Temporary Credentials for Users in Untrusted Environments]in the IAM User Guide. -// -// [Permissions for GetSessionToken]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html -// [Temporary Credentials for Users in Untrusted Environments]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken -// [Safeguard your root user credentials and don't use them for everyday tasks]: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials -// [Requesting Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html -// [Compare STS credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_sts-comparison.html -func (c *Client) GetSessionToken(ctx context.Context, params *GetSessionTokenInput, optFns ...func(*Options)) (*GetSessionTokenOutput, error) { - if params == nil { - params = &GetSessionTokenInput{} - } - - result, metadata, err := c.invokeOperation(ctx, "GetSessionToken", params, optFns, c.addOperationGetSessionTokenMiddlewares) - if err != nil { - return nil, err - } - - out := result.(*GetSessionTokenOutput) - out.ResultMetadata = metadata - return out, nil -} - -type GetSessionTokenInput struct { - - // The duration, in seconds, that the credentials should remain valid. Acceptable - // durations for IAM user sessions range from 900 seconds (15 minutes) to 129,600 - // seconds (36 hours), with 43,200 seconds (12 hours) as the default. Sessions for - // Amazon Web Services account owners are restricted to a maximum of 3,600 seconds - // (one hour). If the duration is longer than one hour, the session for Amazon Web - // Services account owners defaults to one hour. - DurationSeconds *int32 - - // The identification number of the MFA device that is associated with the IAM - // user who is making the GetSessionToken call. Specify this value if the IAM user - // has a policy that requires MFA authentication. The value is either the serial - // number for a hardware device (such as GAHT12345678 ) or an Amazon Resource Name - // (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user ). You - // can find the device for an IAM user by going to the Amazon Web Services - // Management Console and viewing the user's security credentials. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can also - // include underscores or any of the following characters: =,.@:/- - SerialNumber *string - - // The value provided by the MFA device, if MFA is required. If any policy - // requires the IAM user to submit an MFA code, specify this value. If MFA - // authentication is required, the user must provide a code when requesting a set - // of temporary security credentials. A user who fails to provide the code receives - // an "access denied" response when requesting resources that require MFA - // authentication. - // - // The format for this parameter, as described by its regex pattern, is a sequence - // of six numeric digits. - TokenCode *string - - noSmithyDocumentSerde -} - -// Contains the response to a successful GetSessionToken request, including temporary Amazon Web -// Services credentials that can be used to make Amazon Web Services requests. -type GetSessionTokenOutput struct { - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security (or session) token. - // - // The size of the security token that STS API operations return is not fixed. We - // strongly recommend that you make no assumptions about the maximum size. - Credentials *types.Credentials - - // Metadata pertaining to the operation's result. - ResultMetadata middleware.Metadata - - noSmithyDocumentSerde -} - -func (c *Client) addOperationGetSessionTokenMiddlewares(stack *middleware.Stack, options Options) (err error) { - if err := stack.Serialize.Add(&setOperationInputMiddleware{}, middleware.After); err != nil { - return err - } - err = stack.Serialize.Add(&awsAwsquery_serializeOpGetSessionToken{}, middleware.After) - if err != nil { - return err - } - err = stack.Deserialize.Add(&awsAwsquery_deserializeOpGetSessionToken{}, middleware.After) - if err != nil { - return err - } - if err := addProtocolFinalizerMiddlewares(stack, options, "GetSessionToken"); err != nil { - return fmt.Errorf("add protocol finalizers: %v", err) - } - - if err = addlegacyEndpointContextSetter(stack, options); err != nil { - return err - } - if err = addSetLoggerMiddleware(stack, options); err != nil { - return err - } - if err = addClientRequestID(stack); err != nil { - return err - } - if err = addComputeContentLength(stack); err != nil { - return err - } - if err = addResolveEndpointMiddleware(stack, options); err != nil { - return err - } - if err = addComputePayloadSHA256(stack); err != nil { - return err - } - if err = addRetry(stack, options); err != nil { - return err - } - if err = addRawResponseToMetadata(stack); err != nil { - return err - } - if err = addRecordResponseTiming(stack); err != nil { - return err - } - if err = addSpanRetryLoop(stack, options); err != nil { - return err - } - if err = addClientUserAgent(stack, options); err != nil { - return err - } - if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { - return err - } - if err = addSetLegacyContextSigningOptionsMiddleware(stack); err != nil { - return err - } - if err = addTimeOffsetBuild(stack, c); err != nil { - return err - } - if err = addUserAgentRetryMode(stack, options); err != nil { - return err - } - if err = addCredentialSource(stack, options); err != nil { - return err - } - if err = stack.Initialize.Add(newServiceMetadataMiddleware_opGetSessionToken(options.Region), middleware.Before); err != nil { - return err - } - if err = addRecursionDetection(stack); err != nil { - return err - } - if err = addRequestIDRetrieverMiddleware(stack); err != nil { - return err - } - if err = addResponseErrorMiddleware(stack); err != nil { - return err - } - if err = addRequestResponseLogging(stack, options); err != nil { - return err - } - if err = addDisableHTTPSMiddleware(stack, options); err != nil { - return err - } - if err = addSpanInitializeStart(stack); err != nil { - return err - } - if err = addSpanInitializeEnd(stack); err != nil { - return err - } - if err = addSpanBuildRequestStart(stack); err != nil { - return err - } - if err = addSpanBuildRequestEnd(stack); err != nil { - return err - } - return nil -} - -func newServiceMetadataMiddleware_opGetSessionToken(region string) *awsmiddleware.RegisterServiceMetadata { - return &awsmiddleware.RegisterServiceMetadata{ - Region: region, - ServiceID: ServiceID, - OperationName: "GetSessionToken", - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go deleted file mode 100644 index a90b2b73..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/auth.go +++ /dev/null @@ -1,325 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -func bindAuthParamsRegion(_ interface{}, params *AuthResolverParameters, _ interface{}, options Options) { - params.Region = options.Region -} - -type setLegacyContextSigningOptionsMiddleware struct { -} - -func (*setLegacyContextSigningOptionsMiddleware) ID() string { - return "setLegacyContextSigningOptions" -} - -func (m *setLegacyContextSigningOptionsMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - rscheme := getResolvedAuthScheme(ctx) - schemeID := rscheme.Scheme.SchemeID() - - if sn := awsmiddleware.GetSigningName(ctx); sn != "" { - if schemeID == "aws.auth#sigv4" { - smithyhttp.SetSigV4SigningName(&rscheme.SignerProperties, sn) - } else if schemeID == "aws.auth#sigv4a" { - smithyhttp.SetSigV4ASigningName(&rscheme.SignerProperties, sn) - } - } - - if sr := awsmiddleware.GetSigningRegion(ctx); sr != "" { - if schemeID == "aws.auth#sigv4" { - smithyhttp.SetSigV4SigningRegion(&rscheme.SignerProperties, sr) - } else if schemeID == "aws.auth#sigv4a" { - smithyhttp.SetSigV4ASigningRegions(&rscheme.SignerProperties, []string{sr}) - } - } - - return next.HandleFinalize(ctx, in) -} - -func addSetLegacyContextSigningOptionsMiddleware(stack *middleware.Stack) error { - return stack.Finalize.Insert(&setLegacyContextSigningOptionsMiddleware{}, "Signing", middleware.Before) -} - -type withAnonymous struct { - resolver AuthSchemeResolver -} - -var _ AuthSchemeResolver = (*withAnonymous)(nil) - -func (v *withAnonymous) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { - opts, err := v.resolver.ResolveAuthSchemes(ctx, params) - if err != nil { - return nil, err - } - - opts = append(opts, &smithyauth.Option{ - SchemeID: smithyauth.SchemeIDAnonymous, - }) - return opts, nil -} - -func wrapWithAnonymousAuth(options *Options) { - if _, ok := options.AuthSchemeResolver.(*defaultAuthSchemeResolver); !ok { - return - } - - options.AuthSchemeResolver = &withAnonymous{ - resolver: options.AuthSchemeResolver, - } -} - -// AuthResolverParameters contains the set of inputs necessary for auth scheme -// resolution. -type AuthResolverParameters struct { - // The name of the operation being invoked. - Operation string - - // The region in which the operation is being invoked. - Region string -} - -func bindAuthResolverParams(ctx context.Context, operation string, input interface{}, options Options) *AuthResolverParameters { - params := &AuthResolverParameters{ - Operation: operation, - } - - bindAuthParamsRegion(ctx, params, input, options) - - return params -} - -// AuthSchemeResolver returns a set of possible authentication options for an -// operation. -type AuthSchemeResolver interface { - ResolveAuthSchemes(context.Context, *AuthResolverParameters) ([]*smithyauth.Option, error) -} - -type defaultAuthSchemeResolver struct{} - -var _ AuthSchemeResolver = (*defaultAuthSchemeResolver)(nil) - -func (*defaultAuthSchemeResolver) ResolveAuthSchemes(ctx context.Context, params *AuthResolverParameters) ([]*smithyauth.Option, error) { - if overrides, ok := operationAuthOptions[params.Operation]; ok { - return overrides(params), nil - } - return serviceAuthOptions(params), nil -} - -var operationAuthOptions = map[string]func(*AuthResolverParameters) []*smithyauth.Option{ - "AssumeRoleWithSAML": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, - - "AssumeRoleWithWebIdentity": func(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - {SchemeID: smithyauth.SchemeIDAnonymous}, - } - }, -} - -func serviceAuthOptions(params *AuthResolverParameters) []*smithyauth.Option { - return []*smithyauth.Option{ - { - SchemeID: smithyauth.SchemeIDSigV4, - SignerProperties: func() smithy.Properties { - var props smithy.Properties - smithyhttp.SetSigV4SigningName(&props, "sts") - smithyhttp.SetSigV4SigningRegion(&props, params.Region) - return props - }(), - }, - } -} - -type resolveAuthSchemeMiddleware struct { - operation string - options Options -} - -func (*resolveAuthSchemeMiddleware) ID() string { - return "ResolveAuthScheme" -} - -func (m *resolveAuthSchemeMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "ResolveAuthScheme") - defer span.End() - - params := bindAuthResolverParams(ctx, m.operation, getOperationInput(ctx), m.options) - options, err := m.options.AuthSchemeResolver.ResolveAuthSchemes(ctx, params) - if err != nil { - return out, metadata, fmt.Errorf("resolve auth scheme: %w", err) - } - - scheme, ok := m.selectScheme(options) - if !ok { - return out, metadata, fmt.Errorf("could not select an auth scheme") - } - - ctx = setResolvedAuthScheme(ctx, scheme) - - span.SetProperty("auth.scheme_id", scheme.Scheme.SchemeID()) - span.End() - return next.HandleFinalize(ctx, in) -} - -func (m *resolveAuthSchemeMiddleware) selectScheme(options []*smithyauth.Option) (*resolvedAuthScheme, bool) { - for _, option := range options { - if option.SchemeID == smithyauth.SchemeIDAnonymous { - return newResolvedAuthScheme(smithyhttp.NewAnonymousScheme(), option), true - } - - for _, scheme := range m.options.AuthSchemes { - if scheme.SchemeID() != option.SchemeID { - continue - } - - if scheme.IdentityResolver(m.options) != nil { - return newResolvedAuthScheme(scheme, option), true - } - } - } - - return nil, false -} - -type resolvedAuthSchemeKey struct{} - -type resolvedAuthScheme struct { - Scheme smithyhttp.AuthScheme - IdentityProperties smithy.Properties - SignerProperties smithy.Properties -} - -func newResolvedAuthScheme(scheme smithyhttp.AuthScheme, option *smithyauth.Option) *resolvedAuthScheme { - return &resolvedAuthScheme{ - Scheme: scheme, - IdentityProperties: option.IdentityProperties, - SignerProperties: option.SignerProperties, - } -} - -func setResolvedAuthScheme(ctx context.Context, scheme *resolvedAuthScheme) context.Context { - return middleware.WithStackValue(ctx, resolvedAuthSchemeKey{}, scheme) -} - -func getResolvedAuthScheme(ctx context.Context) *resolvedAuthScheme { - v, _ := middleware.GetStackValue(ctx, resolvedAuthSchemeKey{}).(*resolvedAuthScheme) - return v -} - -type getIdentityMiddleware struct { - options Options -} - -func (*getIdentityMiddleware) ID() string { - return "GetIdentity" -} - -func (m *getIdentityMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - innerCtx, span := tracing.StartSpan(ctx, "GetIdentity") - defer span.End() - - rscheme := getResolvedAuthScheme(innerCtx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - resolver := rscheme.Scheme.IdentityResolver(m.options) - if resolver == nil { - return out, metadata, fmt.Errorf("no identity resolver") - } - - identity, err := timeOperationMetric(ctx, "client.call.resolve_identity_duration", - func() (smithyauth.Identity, error) { - return resolver.GetIdentity(innerCtx, rscheme.IdentityProperties) - }, - func(o *metrics.RecordMetricOptions) { - o.Properties.Set("auth.scheme_id", rscheme.Scheme.SchemeID()) - }) - if err != nil { - return out, metadata, fmt.Errorf("get identity: %w", err) - } - - ctx = setIdentity(ctx, identity) - - span.End() - return next.HandleFinalize(ctx, in) -} - -type identityKey struct{} - -func setIdentity(ctx context.Context, identity smithyauth.Identity) context.Context { - return middleware.WithStackValue(ctx, identityKey{}, identity) -} - -func getIdentity(ctx context.Context) smithyauth.Identity { - v, _ := middleware.GetStackValue(ctx, identityKey{}).(smithyauth.Identity) - return v -} - -type signRequestMiddleware struct { - options Options -} - -func (*signRequestMiddleware) ID() string { - return "Signing" -} - -func (m *signRequestMiddleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "SignRequest") - defer span.End() - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unexpected transport type %T", in.Request) - } - - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - identity := getIdentity(ctx) - if identity == nil { - return out, metadata, fmt.Errorf("no identity") - } - - signer := rscheme.Scheme.Signer() - if signer == nil { - return out, metadata, fmt.Errorf("no signer") - } - - _, err = timeOperationMetric(ctx, "client.call.signing_duration", func() (any, error) { - return nil, signer.SignRequest(ctx, req, identity, rscheme.SignerProperties) - }, func(o *metrics.RecordMetricOptions) { - o.Properties.Set("auth.scheme_id", rscheme.Scheme.SchemeID()) - }) - if err != nil { - return out, metadata, fmt.Errorf("sign request: %w", err) - } - - span.End() - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/deserializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/deserializers.go deleted file mode 100644 index 59349890..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/deserializers.go +++ /dev/null @@ -1,2719 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "bytes" - "context" - "encoding/xml" - "fmt" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - awsxml "github.com/aws/aws-sdk-go-v2/aws/protocol/xml" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - smithy "github.com/aws/smithy-go" - smithyxml "github.com/aws/smithy-go/encoding/xml" - smithyio "github.com/aws/smithy-go/io" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/ptr" - smithytime "github.com/aws/smithy-go/time" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "io" - "strconv" - "strings" - "time" -) - -func deserializeS3Expires(v string) (*time.Time, error) { - t, err := smithytime.ParseHTTPDate(v) - if err != nil { - return nil, nil - } - return &t, nil -} - -type awsAwsquery_deserializeOpAssumeRole struct { -} - -func (*awsAwsquery_deserializeOpAssumeRole) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpAssumeRole) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorAssumeRole(response, &metadata) - } - output := &AssumeRoleOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("AssumeRoleResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentAssumeRoleOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorAssumeRole(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - case strings.EqualFold("ExpiredTokenException", errorCode): - return awsAwsquery_deserializeErrorExpiredTokenException(response, errorBody) - - case strings.EqualFold("MalformedPolicyDocument", errorCode): - return awsAwsquery_deserializeErrorMalformedPolicyDocumentException(response, errorBody) - - case strings.EqualFold("PackedPolicyTooLarge", errorCode): - return awsAwsquery_deserializeErrorPackedPolicyTooLargeException(response, errorBody) - - case strings.EqualFold("RegionDisabledException", errorCode): - return awsAwsquery_deserializeErrorRegionDisabledException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsquery_deserializeOpAssumeRoleWithSAML struct { -} - -func (*awsAwsquery_deserializeOpAssumeRoleWithSAML) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpAssumeRoleWithSAML) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorAssumeRoleWithSAML(response, &metadata) - } - output := &AssumeRoleWithSAMLOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("AssumeRoleWithSAMLResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentAssumeRoleWithSAMLOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorAssumeRoleWithSAML(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - case strings.EqualFold("ExpiredTokenException", errorCode): - return awsAwsquery_deserializeErrorExpiredTokenException(response, errorBody) - - case strings.EqualFold("IDPRejectedClaim", errorCode): - return awsAwsquery_deserializeErrorIDPRejectedClaimException(response, errorBody) - - case strings.EqualFold("InvalidIdentityToken", errorCode): - return awsAwsquery_deserializeErrorInvalidIdentityTokenException(response, errorBody) - - case strings.EqualFold("MalformedPolicyDocument", errorCode): - return awsAwsquery_deserializeErrorMalformedPolicyDocumentException(response, errorBody) - - case strings.EqualFold("PackedPolicyTooLarge", errorCode): - return awsAwsquery_deserializeErrorPackedPolicyTooLargeException(response, errorBody) - - case strings.EqualFold("RegionDisabledException", errorCode): - return awsAwsquery_deserializeErrorRegionDisabledException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsquery_deserializeOpAssumeRoleWithWebIdentity struct { -} - -func (*awsAwsquery_deserializeOpAssumeRoleWithWebIdentity) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpAssumeRoleWithWebIdentity) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorAssumeRoleWithWebIdentity(response, &metadata) - } - output := &AssumeRoleWithWebIdentityOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("AssumeRoleWithWebIdentityResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentAssumeRoleWithWebIdentityOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorAssumeRoleWithWebIdentity(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - case strings.EqualFold("ExpiredTokenException", errorCode): - return awsAwsquery_deserializeErrorExpiredTokenException(response, errorBody) - - case strings.EqualFold("IDPCommunicationError", errorCode): - return awsAwsquery_deserializeErrorIDPCommunicationErrorException(response, errorBody) - - case strings.EqualFold("IDPRejectedClaim", errorCode): - return awsAwsquery_deserializeErrorIDPRejectedClaimException(response, errorBody) - - case strings.EqualFold("InvalidIdentityToken", errorCode): - return awsAwsquery_deserializeErrorInvalidIdentityTokenException(response, errorBody) - - case strings.EqualFold("MalformedPolicyDocument", errorCode): - return awsAwsquery_deserializeErrorMalformedPolicyDocumentException(response, errorBody) - - case strings.EqualFold("PackedPolicyTooLarge", errorCode): - return awsAwsquery_deserializeErrorPackedPolicyTooLargeException(response, errorBody) - - case strings.EqualFold("RegionDisabledException", errorCode): - return awsAwsquery_deserializeErrorRegionDisabledException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsquery_deserializeOpAssumeRoot struct { -} - -func (*awsAwsquery_deserializeOpAssumeRoot) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpAssumeRoot) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorAssumeRoot(response, &metadata) - } - output := &AssumeRootOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("AssumeRootResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentAssumeRootOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorAssumeRoot(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - case strings.EqualFold("ExpiredTokenException", errorCode): - return awsAwsquery_deserializeErrorExpiredTokenException(response, errorBody) - - case strings.EqualFold("RegionDisabledException", errorCode): - return awsAwsquery_deserializeErrorRegionDisabledException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsquery_deserializeOpDecodeAuthorizationMessage struct { -} - -func (*awsAwsquery_deserializeOpDecodeAuthorizationMessage) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpDecodeAuthorizationMessage) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorDecodeAuthorizationMessage(response, &metadata) - } - output := &DecodeAuthorizationMessageOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("DecodeAuthorizationMessageResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentDecodeAuthorizationMessageOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorDecodeAuthorizationMessage(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - case strings.EqualFold("InvalidAuthorizationMessageException", errorCode): - return awsAwsquery_deserializeErrorInvalidAuthorizationMessageException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsquery_deserializeOpGetAccessKeyInfo struct { -} - -func (*awsAwsquery_deserializeOpGetAccessKeyInfo) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpGetAccessKeyInfo) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorGetAccessKeyInfo(response, &metadata) - } - output := &GetAccessKeyInfoOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("GetAccessKeyInfoResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentGetAccessKeyInfoOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorGetAccessKeyInfo(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsquery_deserializeOpGetCallerIdentity struct { -} - -func (*awsAwsquery_deserializeOpGetCallerIdentity) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpGetCallerIdentity) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorGetCallerIdentity(response, &metadata) - } - output := &GetCallerIdentityOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("GetCallerIdentityResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentGetCallerIdentityOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorGetCallerIdentity(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsquery_deserializeOpGetFederationToken struct { -} - -func (*awsAwsquery_deserializeOpGetFederationToken) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpGetFederationToken) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorGetFederationToken(response, &metadata) - } - output := &GetFederationTokenOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("GetFederationTokenResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentGetFederationTokenOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorGetFederationToken(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - case strings.EqualFold("MalformedPolicyDocument", errorCode): - return awsAwsquery_deserializeErrorMalformedPolicyDocumentException(response, errorBody) - - case strings.EqualFold("PackedPolicyTooLarge", errorCode): - return awsAwsquery_deserializeErrorPackedPolicyTooLargeException(response, errorBody) - - case strings.EqualFold("RegionDisabledException", errorCode): - return awsAwsquery_deserializeErrorRegionDisabledException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -type awsAwsquery_deserializeOpGetSessionToken struct { -} - -func (*awsAwsquery_deserializeOpGetSessionToken) ID() string { - return "OperationDeserializer" -} - -func (m *awsAwsquery_deserializeOpGetSessionToken) HandleDeserialize(ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - _, span := tracing.StartSpan(ctx, "OperationDeserializer") - endTimer := startMetricTimer(ctx, "client.call.deserialization_duration") - defer endTimer() - defer span.End() - response, ok := out.RawResponse.(*smithyhttp.Response) - if !ok { - return out, metadata, &smithy.DeserializationError{Err: fmt.Errorf("unknown transport type %T", out.RawResponse)} - } - - if response.StatusCode < 200 || response.StatusCode >= 300 { - return out, metadata, awsAwsquery_deserializeOpErrorGetSessionToken(response, &metadata) - } - output := &GetSessionTokenOutput{} - out.Result = output - - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(response.Body, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return out, metadata, nil - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return out, metadata, &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("GetSessionTokenResult") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeOpDocumentGetSessionTokenOutput(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - err = &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - return out, metadata, err - } - - return out, metadata, err -} - -func awsAwsquery_deserializeOpErrorGetSessionToken(response *smithyhttp.Response, metadata *middleware.Metadata) error { - var errorBuffer bytes.Buffer - if _, err := io.Copy(&errorBuffer, response.Body); err != nil { - return &smithy.DeserializationError{Err: fmt.Errorf("failed to copy error response body, %w", err)} - } - errorBody := bytes.NewReader(errorBuffer.Bytes()) - - errorCode := "UnknownError" - errorMessage := errorCode - - errorComponents, err := awsxml.GetErrorResponseComponents(errorBody, false) - if err != nil { - return err - } - if reqID := errorComponents.RequestID; len(reqID) != 0 { - awsmiddleware.SetRequestIDMetadata(metadata, reqID) - } - if len(errorComponents.Code) != 0 { - errorCode = errorComponents.Code - } - if len(errorComponents.Message) != 0 { - errorMessage = errorComponents.Message - } - errorBody.Seek(0, io.SeekStart) - switch { - case strings.EqualFold("RegionDisabledException", errorCode): - return awsAwsquery_deserializeErrorRegionDisabledException(response, errorBody) - - default: - genericError := &smithy.GenericAPIError{ - Code: errorCode, - Message: errorMessage, - } - return genericError - - } -} - -func awsAwsquery_deserializeErrorExpiredTokenException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.ExpiredTokenException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(errorBody, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return output - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("Error") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeDocumentExpiredTokenException(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - return output -} - -func awsAwsquery_deserializeErrorIDPCommunicationErrorException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.IDPCommunicationErrorException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(errorBody, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return output - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("Error") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeDocumentIDPCommunicationErrorException(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - return output -} - -func awsAwsquery_deserializeErrorIDPRejectedClaimException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.IDPRejectedClaimException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(errorBody, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return output - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("Error") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeDocumentIDPRejectedClaimException(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - return output -} - -func awsAwsquery_deserializeErrorInvalidAuthorizationMessageException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidAuthorizationMessageException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(errorBody, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return output - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("Error") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeDocumentInvalidAuthorizationMessageException(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - return output -} - -func awsAwsquery_deserializeErrorInvalidIdentityTokenException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.InvalidIdentityTokenException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(errorBody, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return output - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("Error") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeDocumentInvalidIdentityTokenException(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - return output -} - -func awsAwsquery_deserializeErrorMalformedPolicyDocumentException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.MalformedPolicyDocumentException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(errorBody, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return output - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("Error") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeDocumentMalformedPolicyDocumentException(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - return output -} - -func awsAwsquery_deserializeErrorPackedPolicyTooLargeException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.PackedPolicyTooLargeException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(errorBody, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return output - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("Error") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeDocumentPackedPolicyTooLargeException(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - return output -} - -func awsAwsquery_deserializeErrorRegionDisabledException(response *smithyhttp.Response, errorBody *bytes.Reader) error { - output := &types.RegionDisabledException{} - var buff [1024]byte - ringBuffer := smithyio.NewRingBuffer(buff[:]) - body := io.TeeReader(errorBody, ringBuffer) - rootDecoder := xml.NewDecoder(body) - t, err := smithyxml.FetchRootElement(rootDecoder) - if err == io.EOF { - return output - } - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder := smithyxml.WrapNodeDecoder(rootDecoder, t) - t, err = decoder.GetElement("Error") - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - decoder = smithyxml.WrapNodeDecoder(decoder.Decoder, t) - err = awsAwsquery_deserializeDocumentRegionDisabledException(&output, decoder) - if err != nil { - var snapshot bytes.Buffer - io.Copy(&snapshot, ringBuffer) - return &smithy.DeserializationError{ - Err: fmt.Errorf("failed to decode response body, %w", err), - Snapshot: snapshot.Bytes(), - } - } - - return output -} - -func awsAwsquery_deserializeDocumentAssumedRoleUser(v **types.AssumedRoleUser, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.AssumedRoleUser - if *v == nil { - sv = &types.AssumedRoleUser{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("Arn", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Arn = ptr.String(xtv) - } - - case strings.EqualFold("AssumedRoleId", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.AssumedRoleId = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentCredentials(v **types.Credentials, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.Credentials - if *v == nil { - sv = &types.Credentials{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("AccessKeyId", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.AccessKeyId = ptr.String(xtv) - } - - case strings.EqualFold("Expiration", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - t, err := smithytime.ParseDateTime(xtv) - if err != nil { - return err - } - sv.Expiration = ptr.Time(t) - } - - case strings.EqualFold("SecretAccessKey", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.SecretAccessKey = ptr.String(xtv) - } - - case strings.EqualFold("SessionToken", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.SessionToken = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentExpiredTokenException(v **types.ExpiredTokenException, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.ExpiredTokenException - if *v == nil { - sv = &types.ExpiredTokenException{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("message", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Message = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentFederatedUser(v **types.FederatedUser, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.FederatedUser - if *v == nil { - sv = &types.FederatedUser{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("Arn", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Arn = ptr.String(xtv) - } - - case strings.EqualFold("FederatedUserId", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.FederatedUserId = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentIDPCommunicationErrorException(v **types.IDPCommunicationErrorException, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.IDPCommunicationErrorException - if *v == nil { - sv = &types.IDPCommunicationErrorException{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("message", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Message = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentIDPRejectedClaimException(v **types.IDPRejectedClaimException, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.IDPRejectedClaimException - if *v == nil { - sv = &types.IDPRejectedClaimException{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("message", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Message = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentInvalidAuthorizationMessageException(v **types.InvalidAuthorizationMessageException, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.InvalidAuthorizationMessageException - if *v == nil { - sv = &types.InvalidAuthorizationMessageException{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("message", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Message = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentInvalidIdentityTokenException(v **types.InvalidIdentityTokenException, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.InvalidIdentityTokenException - if *v == nil { - sv = &types.InvalidIdentityTokenException{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("message", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Message = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentMalformedPolicyDocumentException(v **types.MalformedPolicyDocumentException, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.MalformedPolicyDocumentException - if *v == nil { - sv = &types.MalformedPolicyDocumentException{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("message", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Message = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentPackedPolicyTooLargeException(v **types.PackedPolicyTooLargeException, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.PackedPolicyTooLargeException - if *v == nil { - sv = &types.PackedPolicyTooLargeException{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("message", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Message = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeDocumentRegionDisabledException(v **types.RegionDisabledException, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *types.RegionDisabledException - if *v == nil { - sv = &types.RegionDisabledException{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("message", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Message = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentAssumeRoleOutput(v **AssumeRoleOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *AssumeRoleOutput - if *v == nil { - sv = &AssumeRoleOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("AssumedRoleUser", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentAssumedRoleUser(&sv.AssumedRoleUser, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("Credentials", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentCredentials(&sv.Credentials, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("PackedPolicySize", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - i64, err := strconv.ParseInt(xtv, 10, 64) - if err != nil { - return err - } - sv.PackedPolicySize = ptr.Int32(int32(i64)) - } - - case strings.EqualFold("SourceIdentity", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.SourceIdentity = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentAssumeRoleWithSAMLOutput(v **AssumeRoleWithSAMLOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *AssumeRoleWithSAMLOutput - if *v == nil { - sv = &AssumeRoleWithSAMLOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("AssumedRoleUser", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentAssumedRoleUser(&sv.AssumedRoleUser, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("Audience", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Audience = ptr.String(xtv) - } - - case strings.EqualFold("Credentials", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentCredentials(&sv.Credentials, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("Issuer", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Issuer = ptr.String(xtv) - } - - case strings.EqualFold("NameQualifier", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.NameQualifier = ptr.String(xtv) - } - - case strings.EqualFold("PackedPolicySize", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - i64, err := strconv.ParseInt(xtv, 10, 64) - if err != nil { - return err - } - sv.PackedPolicySize = ptr.Int32(int32(i64)) - } - - case strings.EqualFold("SourceIdentity", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.SourceIdentity = ptr.String(xtv) - } - - case strings.EqualFold("Subject", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Subject = ptr.String(xtv) - } - - case strings.EqualFold("SubjectType", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.SubjectType = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentAssumeRoleWithWebIdentityOutput(v **AssumeRoleWithWebIdentityOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *AssumeRoleWithWebIdentityOutput - if *v == nil { - sv = &AssumeRoleWithWebIdentityOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("AssumedRoleUser", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentAssumedRoleUser(&sv.AssumedRoleUser, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("Audience", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Audience = ptr.String(xtv) - } - - case strings.EqualFold("Credentials", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentCredentials(&sv.Credentials, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("PackedPolicySize", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - i64, err := strconv.ParseInt(xtv, 10, 64) - if err != nil { - return err - } - sv.PackedPolicySize = ptr.Int32(int32(i64)) - } - - case strings.EqualFold("Provider", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Provider = ptr.String(xtv) - } - - case strings.EqualFold("SourceIdentity", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.SourceIdentity = ptr.String(xtv) - } - - case strings.EqualFold("SubjectFromWebIdentityToken", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.SubjectFromWebIdentityToken = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentAssumeRootOutput(v **AssumeRootOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *AssumeRootOutput - if *v == nil { - sv = &AssumeRootOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("Credentials", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentCredentials(&sv.Credentials, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("SourceIdentity", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.SourceIdentity = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentDecodeAuthorizationMessageOutput(v **DecodeAuthorizationMessageOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *DecodeAuthorizationMessageOutput - if *v == nil { - sv = &DecodeAuthorizationMessageOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("DecodedMessage", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.DecodedMessage = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentGetAccessKeyInfoOutput(v **GetAccessKeyInfoOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *GetAccessKeyInfoOutput - if *v == nil { - sv = &GetAccessKeyInfoOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("Account", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Account = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentGetCallerIdentityOutput(v **GetCallerIdentityOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *GetCallerIdentityOutput - if *v == nil { - sv = &GetCallerIdentityOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("Account", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Account = ptr.String(xtv) - } - - case strings.EqualFold("Arn", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.Arn = ptr.String(xtv) - } - - case strings.EqualFold("UserId", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - sv.UserId = ptr.String(xtv) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentGetFederationTokenOutput(v **GetFederationTokenOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *GetFederationTokenOutput - if *v == nil { - sv = &GetFederationTokenOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("Credentials", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentCredentials(&sv.Credentials, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("FederatedUser", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentFederatedUser(&sv.FederatedUser, nodeDecoder); err != nil { - return err - } - - case strings.EqualFold("PackedPolicySize", t.Name.Local): - val, err := decoder.Value() - if err != nil { - return err - } - if val == nil { - break - } - { - xtv := string(val) - i64, err := strconv.ParseInt(xtv, 10, 64) - if err != nil { - return err - } - sv.PackedPolicySize = ptr.Int32(int32(i64)) - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} - -func awsAwsquery_deserializeOpDocumentGetSessionTokenOutput(v **GetSessionTokenOutput, decoder smithyxml.NodeDecoder) error { - if v == nil { - return fmt.Errorf("unexpected nil of type %T", v) - } - var sv *GetSessionTokenOutput - if *v == nil { - sv = &GetSessionTokenOutput{} - } else { - sv = *v - } - - for { - t, done, err := decoder.Token() - if err != nil { - return err - } - if done { - break - } - originalDecoder := decoder - decoder = smithyxml.WrapNodeDecoder(originalDecoder.Decoder, t) - switch { - case strings.EqualFold("Credentials", t.Name.Local): - nodeDecoder := smithyxml.WrapNodeDecoder(decoder.Decoder, t) - if err := awsAwsquery_deserializeDocumentCredentials(&sv.Credentials, nodeDecoder); err != nil { - return err - } - - default: - // Do nothing and ignore the unexpected tag element - err = decoder.Decoder.Skip() - if err != nil { - return err - } - - } - decoder = originalDecoder - } - *v = sv - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/doc.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/doc.go deleted file mode 100644 index cbb19c7f..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/doc.go +++ /dev/null @@ -1,13 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -// Package sts provides the API client, operations, and parameter types for AWS -// Security Token Service. -// -// # Security Token Service -// -// Security Token Service (STS) enables you to request temporary, -// limited-privilege credentials for users. This guide provides descriptions of the -// STS API. For more information about using this service, see [Temporary Security Credentials]. -// -// [Temporary Security Credentials]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html -package sts diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go deleted file mode 100644 index dca2ce35..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/endpoints.go +++ /dev/null @@ -1,1136 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "errors" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalConfig "github.com/aws/aws-sdk-go-v2/internal/configsources" - "github.com/aws/aws-sdk-go-v2/internal/endpoints" - "github.com/aws/aws-sdk-go-v2/internal/endpoints/awsrulesfn" - internalendpoints "github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints" - smithy "github.com/aws/smithy-go" - smithyauth "github.com/aws/smithy-go/auth" - smithyendpoints "github.com/aws/smithy-go/endpoints" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/ptr" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net/http" - "net/url" - "os" - "strings" -) - -// EndpointResolverOptions is the service endpoint resolver options -type EndpointResolverOptions = internalendpoints.Options - -// EndpointResolver interface for resolving service endpoints. -type EndpointResolver interface { - ResolveEndpoint(region string, options EndpointResolverOptions) (aws.Endpoint, error) -} - -var _ EndpointResolver = &internalendpoints.Resolver{} - -// NewDefaultEndpointResolver constructs a new service endpoint resolver -func NewDefaultEndpointResolver() *internalendpoints.Resolver { - return internalendpoints.New() -} - -// EndpointResolverFunc is a helper utility that wraps a function so it satisfies -// the EndpointResolver interface. This is useful when you want to add additional -// endpoint resolving logic, or stub out specific endpoints with custom values. -type EndpointResolverFunc func(region string, options EndpointResolverOptions) (aws.Endpoint, error) - -func (fn EndpointResolverFunc) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { - return fn(region, options) -} - -// EndpointResolverFromURL returns an EndpointResolver configured using the -// provided endpoint url. By default, the resolved endpoint resolver uses the -// client region as signing region, and the endpoint source is set to -// EndpointSourceCustom.You can provide functional options to configure endpoint -// values for the resolved endpoint. -func EndpointResolverFromURL(url string, optFns ...func(*aws.Endpoint)) EndpointResolver { - e := aws.Endpoint{URL: url, Source: aws.EndpointSourceCustom} - for _, fn := range optFns { - fn(&e) - } - - return EndpointResolverFunc( - func(region string, options EndpointResolverOptions) (aws.Endpoint, error) { - if len(e.SigningRegion) == 0 { - e.SigningRegion = region - } - return e, nil - }, - ) -} - -type ResolveEndpoint struct { - Resolver EndpointResolver - Options EndpointResolverOptions -} - -func (*ResolveEndpoint) ID() string { - return "ResolveEndpoint" -} - -func (m *ResolveEndpoint) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if !awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleSerialize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.Resolver == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - eo := m.Options - eo.Logger = middleware.GetLogger(ctx) - - var endpoint aws.Endpoint - endpoint, err = m.Resolver.ResolveEndpoint(awsmiddleware.GetRegion(ctx), eo) - if err != nil { - nf := (&aws.EndpointNotFoundError{}) - if errors.As(err, &nf) { - ctx = awsmiddleware.SetRequiresLegacyEndpoints(ctx, false) - return next.HandleSerialize(ctx, in) - } - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - req.URL, err = url.Parse(endpoint.URL) - if err != nil { - return out, metadata, fmt.Errorf("failed to parse endpoint URL: %w", err) - } - - if len(awsmiddleware.GetSigningName(ctx)) == 0 { - signingName := endpoint.SigningName - if len(signingName) == 0 { - signingName = "sts" - } - ctx = awsmiddleware.SetSigningName(ctx, signingName) - } - ctx = awsmiddleware.SetEndpointSource(ctx, endpoint.Source) - ctx = smithyhttp.SetHostnameImmutable(ctx, endpoint.HostnameImmutable) - ctx = awsmiddleware.SetSigningRegion(ctx, endpoint.SigningRegion) - ctx = awsmiddleware.SetPartitionID(ctx, endpoint.PartitionID) - return next.HandleSerialize(ctx, in) -} -func addResolveEndpointMiddleware(stack *middleware.Stack, o Options) error { - return stack.Serialize.Insert(&ResolveEndpoint{ - Resolver: o.EndpointResolver, - Options: o.EndpointOptions, - }, "OperationSerializer", middleware.Before) -} - -func removeResolveEndpointMiddleware(stack *middleware.Stack) error { - _, err := stack.Serialize.Remove((&ResolveEndpoint{}).ID()) - return err -} - -type wrappedEndpointResolver struct { - awsResolver aws.EndpointResolverWithOptions -} - -func (w *wrappedEndpointResolver) ResolveEndpoint(region string, options EndpointResolverOptions) (endpoint aws.Endpoint, err error) { - return w.awsResolver.ResolveEndpoint(ServiceID, region, options) -} - -type awsEndpointResolverAdaptor func(service, region string) (aws.Endpoint, error) - -func (a awsEndpointResolverAdaptor) ResolveEndpoint(service, region string, options ...interface{}) (aws.Endpoint, error) { - return a(service, region) -} - -var _ aws.EndpointResolverWithOptions = awsEndpointResolverAdaptor(nil) - -// withEndpointResolver returns an aws.EndpointResolverWithOptions that first delegates endpoint resolution to the awsResolver. -// If awsResolver returns aws.EndpointNotFoundError error, the v1 resolver middleware will swallow the error, -// and set an appropriate context flag such that fallback will occur when EndpointResolverV2 is invoked -// via its middleware. -// -// If another error (besides aws.EndpointNotFoundError) is returned, then that error will be propagated. -func withEndpointResolver(awsResolver aws.EndpointResolver, awsResolverWithOptions aws.EndpointResolverWithOptions) EndpointResolver { - var resolver aws.EndpointResolverWithOptions - - if awsResolverWithOptions != nil { - resolver = awsResolverWithOptions - } else if awsResolver != nil { - resolver = awsEndpointResolverAdaptor(awsResolver.ResolveEndpoint) - } - - return &wrappedEndpointResolver{ - awsResolver: resolver, - } -} - -func finalizeClientEndpointResolverOptions(options *Options) { - options.EndpointOptions.LogDeprecated = options.ClientLogMode.IsDeprecatedUsage() - - if len(options.EndpointOptions.ResolvedRegion) == 0 { - const fipsInfix = "-fips-" - const fipsPrefix = "fips-" - const fipsSuffix = "-fips" - - if strings.Contains(options.Region, fipsInfix) || - strings.Contains(options.Region, fipsPrefix) || - strings.Contains(options.Region, fipsSuffix) { - options.EndpointOptions.ResolvedRegion = strings.ReplaceAll(strings.ReplaceAll(strings.ReplaceAll( - options.Region, fipsInfix, "-"), fipsPrefix, ""), fipsSuffix, "") - options.EndpointOptions.UseFIPSEndpoint = aws.FIPSEndpointStateEnabled - } - } - -} - -func resolveEndpointResolverV2(options *Options) { - if options.EndpointResolverV2 == nil { - options.EndpointResolverV2 = NewDefaultEndpointResolverV2() - } -} - -func resolveBaseEndpoint(cfg aws.Config, o *Options) { - if cfg.BaseEndpoint != nil { - o.BaseEndpoint = cfg.BaseEndpoint - } - - _, g := os.LookupEnv("AWS_ENDPOINT_URL") - _, s := os.LookupEnv("AWS_ENDPOINT_URL_STS") - - if g && !s { - return - } - - value, found, err := internalConfig.ResolveServiceBaseEndpoint(context.Background(), "STS", cfg.ConfigSources) - if found && err == nil { - o.BaseEndpoint = &value - } -} - -func bindRegion(region string) *string { - if region == "" { - return nil - } - return aws.String(endpoints.MapFIPSRegion(region)) -} - -// EndpointParameters provides the parameters that influence how endpoints are -// resolved. -type EndpointParameters struct { - // The AWS region used to dispatch the request. - // - // Parameter is - // required. - // - // AWS::Region - Region *string - - // When true, use the dual-stack endpoint. If the configured endpoint does not - // support dual-stack, dispatching the request MAY return an error. - // - // Defaults to - // false if no value is provided. - // - // AWS::UseDualStack - UseDualStack *bool - - // When true, send this request to the FIPS-compliant regional endpoint. If the - // configured endpoint does not have a FIPS compliant endpoint, dispatching the - // request will return an error. - // - // Defaults to false if no value is - // provided. - // - // AWS::UseFIPS - UseFIPS *bool - - // Override the endpoint used to send this request - // - // Parameter is - // required. - // - // SDK::Endpoint - Endpoint *string - - // Whether the global endpoint should be used, rather then the regional endpoint - // for us-east-1. - // - // Defaults to false if no value is - // provided. - // - // AWS::STS::UseGlobalEndpoint - UseGlobalEndpoint *bool -} - -// ValidateRequired validates required parameters are set. -func (p EndpointParameters) ValidateRequired() error { - if p.UseDualStack == nil { - return fmt.Errorf("parameter UseDualStack is required") - } - - if p.UseFIPS == nil { - return fmt.Errorf("parameter UseFIPS is required") - } - - if p.UseGlobalEndpoint == nil { - return fmt.Errorf("parameter UseGlobalEndpoint is required") - } - - return nil -} - -// WithDefaults returns a shallow copy of EndpointParameterswith default values -// applied to members where applicable. -func (p EndpointParameters) WithDefaults() EndpointParameters { - if p.UseDualStack == nil { - p.UseDualStack = ptr.Bool(false) - } - - if p.UseFIPS == nil { - p.UseFIPS = ptr.Bool(false) - } - - if p.UseGlobalEndpoint == nil { - p.UseGlobalEndpoint = ptr.Bool(false) - } - return p -} - -type stringSlice []string - -func (s stringSlice) Get(i int) *string { - if i < 0 || i >= len(s) { - return nil - } - - v := s[i] - return &v -} - -// EndpointResolverV2 provides the interface for resolving service endpoints. -type EndpointResolverV2 interface { - // ResolveEndpoint attempts to resolve the endpoint with the provided options, - // returning the endpoint if found. Otherwise an error is returned. - ResolveEndpoint(ctx context.Context, params EndpointParameters) ( - smithyendpoints.Endpoint, error, - ) -} - -// resolver provides the implementation for resolving endpoints. -type resolver struct{} - -func NewDefaultEndpointResolverV2() EndpointResolverV2 { - return &resolver{} -} - -// ResolveEndpoint attempts to resolve the endpoint with the provided options, -// returning the endpoint if found. Otherwise an error is returned. -func (r *resolver) ResolveEndpoint( - ctx context.Context, params EndpointParameters, -) ( - endpoint smithyendpoints.Endpoint, err error, -) { - params = params.WithDefaults() - if err = params.ValidateRequired(); err != nil { - return endpoint, fmt.Errorf("endpoint parameters are not valid, %w", err) - } - _UseDualStack := *params.UseDualStack - _UseFIPS := *params.UseFIPS - _UseGlobalEndpoint := *params.UseGlobalEndpoint - - if _UseGlobalEndpoint == true { - if !(params.Endpoint != nil) { - if exprVal := params.Region; exprVal != nil { - _Region := *exprVal - _ = _Region - if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil { - _PartitionResult := *exprVal - _ = _PartitionResult - if _UseFIPS == false { - if _UseDualStack == false { - if _Region == "ap-northeast-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "ap-south-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "ap-southeast-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "ap-southeast-2" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "aws-global" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "ca-central-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "eu-central-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "eu-north-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "eu-west-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "eu-west-2" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "eu-west-3" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "sa-east-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "us-east-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "us-east-2" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "us-west-1" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - if _Region == "us-west-2" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://sts.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, _Region) - return sp - }(), - }, - }) - return out - }(), - }, nil - } - } - } - } - } - } - if exprVal := params.Endpoint; exprVal != nil { - _Endpoint := *exprVal - _ = _Endpoint - if _UseFIPS == true { - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: FIPS and custom endpoint are not supported") - } - if _UseDualStack == true { - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Dualstack and custom endpoint are not supported") - } - uriString := _Endpoint - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - if exprVal := params.Region; exprVal != nil { - _Region := *exprVal - _ = _Region - if exprVal := awsrulesfn.GetPartition(_Region); exprVal != nil { - _PartitionResult := *exprVal - _ = _PartitionResult - if _UseFIPS == true { - if _UseDualStack == true { - if true == _PartitionResult.SupportsFIPS { - if true == _PartitionResult.SupportsDualStack { - uriString := func() string { - var out strings.Builder - out.WriteString("https://sts-fips.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DualStackDnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS and DualStack are enabled, but this partition does not support one or both") - } - } - if _UseFIPS == true { - if _PartitionResult.SupportsFIPS == true { - if _PartitionResult.Name == "aws-us-gov" { - uriString := func() string { - var out strings.Builder - out.WriteString("https://sts.") - out.WriteString(_Region) - out.WriteString(".amazonaws.com") - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://sts-fips.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "FIPS is enabled but this partition does not support FIPS") - } - if _UseDualStack == true { - if true == _PartitionResult.SupportsDualStack { - uriString := func() string { - var out strings.Builder - out.WriteString("https://sts.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DualStackDnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "DualStack is enabled but this partition does not support DualStack") - } - if _Region == "aws-global" { - uriString := "https://sts.amazonaws.com" - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - Properties: func() smithy.Properties { - var out smithy.Properties - smithyauth.SetAuthOptions(&out, []*smithyauth.Option{ - { - SchemeID: "aws.auth#sigv4", - SignerProperties: func() smithy.Properties { - var sp smithy.Properties - smithyhttp.SetSigV4SigningName(&sp, "sts") - smithyhttp.SetSigV4ASigningName(&sp, "sts") - - smithyhttp.SetSigV4SigningRegion(&sp, "us-east-1") - return sp - }(), - }, - }) - return out - }(), - }, nil - } - uriString := func() string { - var out strings.Builder - out.WriteString("https://sts.") - out.WriteString(_Region) - out.WriteString(".") - out.WriteString(_PartitionResult.DnsSuffix) - return out.String() - }() - - uri, err := url.Parse(uriString) - if err != nil { - return endpoint, fmt.Errorf("Failed to parse uri: %s", uriString) - } - - return smithyendpoints.Endpoint{ - URI: *uri, - Headers: http.Header{}, - }, nil - } - return endpoint, fmt.Errorf("Endpoint resolution failed. Invalid operation or environment input.") - } - return endpoint, fmt.Errorf("endpoint rule error, %s", "Invalid Configuration: Missing Region") -} - -type endpointParamsBinder interface { - bindEndpointParams(*EndpointParameters) -} - -func bindEndpointParams(ctx context.Context, input interface{}, options Options) *EndpointParameters { - params := &EndpointParameters{} - - params.Region = bindRegion(options.Region) - params.UseDualStack = aws.Bool(options.EndpointOptions.UseDualStackEndpoint == aws.DualStackEndpointStateEnabled) - params.UseFIPS = aws.Bool(options.EndpointOptions.UseFIPSEndpoint == aws.FIPSEndpointStateEnabled) - params.Endpoint = options.BaseEndpoint - - if b, ok := input.(endpointParamsBinder); ok { - b.bindEndpointParams(params) - } - - return params -} - -type resolveEndpointV2Middleware struct { - options Options -} - -func (*resolveEndpointV2Middleware) ID() string { - return "ResolveEndpointV2" -} - -func (m *resolveEndpointV2Middleware) HandleFinalize(ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "ResolveEndpoint") - defer span.End() - - if awsmiddleware.GetRequiresLegacyEndpoints(ctx) { - return next.HandleFinalize(ctx, in) - } - - req, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - if m.options.EndpointResolverV2 == nil { - return out, metadata, fmt.Errorf("expected endpoint resolver to not be nil") - } - - params := bindEndpointParams(ctx, getOperationInput(ctx), m.options) - endpt, err := timeOperationMetric(ctx, "client.call.resolve_endpoint_duration", - func() (smithyendpoints.Endpoint, error) { - return m.options.EndpointResolverV2.ResolveEndpoint(ctx, *params) - }) - if err != nil { - return out, metadata, fmt.Errorf("failed to resolve service endpoint, %w", err) - } - - span.SetProperty("client.call.resolved_endpoint", endpt.URI.String()) - - if endpt.URI.RawPath == "" && req.URL.RawPath != "" { - endpt.URI.RawPath = endpt.URI.Path - } - req.URL.Scheme = endpt.URI.Scheme - req.URL.Host = endpt.URI.Host - req.URL.Path = smithyhttp.JoinPath(endpt.URI.Path, req.URL.Path) - req.URL.RawPath = smithyhttp.JoinPath(endpt.URI.RawPath, req.URL.RawPath) - for k := range endpt.Headers { - req.Header.Set(k, endpt.Headers.Get(k)) - } - - rscheme := getResolvedAuthScheme(ctx) - if rscheme == nil { - return out, metadata, fmt.Errorf("no resolved auth scheme") - } - - opts, _ := smithyauth.GetAuthOptions(&endpt.Properties) - for _, o := range opts { - rscheme.SignerProperties.SetAll(&o.SignerProperties) - } - - span.End() - return next.HandleFinalize(ctx, in) -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json deleted file mode 100644 index 86bb3b79..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/generated.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "dependencies": { - "github.com/aws/aws-sdk-go-v2": "v1.4.0", - "github.com/aws/aws-sdk-go-v2/internal/configsources": "v0.0.0-00010101000000-000000000000", - "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2": "v2.0.0-00010101000000-000000000000", - "github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding": "v1.0.5", - "github.com/aws/aws-sdk-go-v2/service/internal/presigned-url": "v1.0.7", - "github.com/aws/smithy-go": "v1.4.0" - }, - "files": [ - "api_client.go", - "api_client_test.go", - "api_op_AssumeRole.go", - "api_op_AssumeRoleWithSAML.go", - "api_op_AssumeRoleWithWebIdentity.go", - "api_op_AssumeRoot.go", - "api_op_DecodeAuthorizationMessage.go", - "api_op_GetAccessKeyInfo.go", - "api_op_GetCallerIdentity.go", - "api_op_GetFederationToken.go", - "api_op_GetSessionToken.go", - "auth.go", - "deserializers.go", - "doc.go", - "endpoints.go", - "endpoints_config_test.go", - "endpoints_test.go", - "generated.json", - "internal/endpoints/endpoints.go", - "internal/endpoints/endpoints_test.go", - "options.go", - "protocol_test.go", - "serializers.go", - "snapshot_test.go", - "sra_operation_order_test.go", - "types/errors.go", - "types/types.go", - "validators.go" - ], - "go": "1.22", - "module": "github.com/aws/aws-sdk-go-v2/service/sts", - "unstable": false -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go deleted file mode 100644 index 18e1e473..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package sts - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.33.17" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go deleted file mode 100644 index 8fc2012a..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints/endpoints.go +++ /dev/null @@ -1,529 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package endpoints - -import ( - "github.com/aws/aws-sdk-go-v2/aws" - endpoints "github.com/aws/aws-sdk-go-v2/internal/endpoints/v2" - "github.com/aws/smithy-go/logging" - "regexp" -) - -// Options is the endpoint resolver configuration options -type Options struct { - // Logger is a logging implementation that log events should be sent to. - Logger logging.Logger - - // LogDeprecated indicates that deprecated endpoints should be logged to the - // provided logger. - LogDeprecated bool - - // ResolvedRegion is used to override the region to be resolved, rather then the - // using the value passed to the ResolveEndpoint method. This value is used by the - // SDK to translate regions like fips-us-east-1 or us-east-1-fips to an alternative - // name. You must not set this value directly in your application. - ResolvedRegion string - - // DisableHTTPS informs the resolver to return an endpoint that does not use the - // HTTPS scheme. - DisableHTTPS bool - - // UseDualStackEndpoint specifies the resolver must resolve a dual-stack endpoint. - UseDualStackEndpoint aws.DualStackEndpointState - - // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. - UseFIPSEndpoint aws.FIPSEndpointState -} - -func (o Options) GetResolvedRegion() string { - return o.ResolvedRegion -} - -func (o Options) GetDisableHTTPS() bool { - return o.DisableHTTPS -} - -func (o Options) GetUseDualStackEndpoint() aws.DualStackEndpointState { - return o.UseDualStackEndpoint -} - -func (o Options) GetUseFIPSEndpoint() aws.FIPSEndpointState { - return o.UseFIPSEndpoint -} - -func transformToSharedOptions(options Options) endpoints.Options { - return endpoints.Options{ - Logger: options.Logger, - LogDeprecated: options.LogDeprecated, - ResolvedRegion: options.ResolvedRegion, - DisableHTTPS: options.DisableHTTPS, - UseDualStackEndpoint: options.UseDualStackEndpoint, - UseFIPSEndpoint: options.UseFIPSEndpoint, - } -} - -// Resolver STS endpoint resolver -type Resolver struct { - partitions endpoints.Partitions -} - -// ResolveEndpoint resolves the service endpoint for the given region and options -func (r *Resolver) ResolveEndpoint(region string, options Options) (endpoint aws.Endpoint, err error) { - if len(region) == 0 { - return endpoint, &aws.MissingRegionError{} - } - - opt := transformToSharedOptions(options) - return r.partitions.ResolveEndpoint(region, opt) -} - -// New returns a new Resolver -func New() *Resolver { - return &Resolver{ - partitions: defaultPartitions, - } -} - -var partitionRegexp = struct { - Aws *regexp.Regexp - AwsCn *regexp.Regexp - AwsIso *regexp.Regexp - AwsIsoB *regexp.Regexp - AwsIsoE *regexp.Regexp - AwsIsoF *regexp.Regexp - AwsUsGov *regexp.Regexp -}{ - - Aws: regexp.MustCompile("^(us|eu|ap|sa|ca|me|af|il|mx)\\-\\w+\\-\\d+$"), - AwsCn: regexp.MustCompile("^cn\\-\\w+\\-\\d+$"), - AwsIso: regexp.MustCompile("^us\\-iso\\-\\w+\\-\\d+$"), - AwsIsoB: regexp.MustCompile("^us\\-isob\\-\\w+\\-\\d+$"), - AwsIsoE: regexp.MustCompile("^eu\\-isoe\\-\\w+\\-\\d+$"), - AwsIsoF: regexp.MustCompile("^us\\-isof\\-\\w+\\-\\d+$"), - AwsUsGov: regexp.MustCompile("^us\\-gov\\-\\w+\\-\\d+$"), -} - -var defaultPartitions = endpoints.Partitions{ - { - ID: "aws", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "sts.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "sts-fips.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "sts.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.Aws, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "af-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-northeast-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-northeast-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-northeast-3", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-south-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-3", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-4", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-5", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ap-southeast-7", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "aws-global", - }: endpoints.Endpoint{ - Hostname: "sts.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-east-1", - }, - }, - endpoints.EndpointKey{ - Region: "ca-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "ca-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-central-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-north-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-south-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-west-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "eu-west-3", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "il-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "me-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "me-south-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "mx-central-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "sa-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-east-1", - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.us-east-1.amazonaws.com", - }, - endpoints.EndpointKey{ - Region: "us-east-1-fips", - }: endpoints.Endpoint{ - Hostname: "sts-fips.us-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-east-1", - }, - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-east-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-east-2", - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.us-east-2.amazonaws.com", - }, - endpoints.EndpointKey{ - Region: "us-east-2-fips", - }: endpoints.Endpoint{ - Hostname: "sts-fips.us-east-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-east-2", - }, - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-west-1", - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.us-west-1.amazonaws.com", - }, - endpoints.EndpointKey{ - Region: "us-west-1-fips", - }: endpoints.Endpoint{ - Hostname: "sts-fips.us-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-west-1", - }, - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-west-2", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-west-2", - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.us-west-2.amazonaws.com", - }, - endpoints.EndpointKey{ - Region: "us-west-2-fips", - }: endpoints.Endpoint{ - Hostname: "sts-fips.us-west-2.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-west-2", - }, - Deprecated: aws.TrueTernary, - }, - }, - }, - { - ID: "aws-cn", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "sts.{region}.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.{region}.amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "sts-fips.{region}.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "sts.{region}.amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsCn, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "cn-north-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "cn-northwest-1", - }: endpoints.Endpoint{}, - }, - }, - { - ID: "aws-iso", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.{region}.c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "sts.{region}.c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIso, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-iso-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-iso-west-1", - }: endpoints.Endpoint{}, - }, - }, - { - ID: "aws-iso-b", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.{region}.sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "sts.{region}.sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoB, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-isob-east-1", - }: endpoints.Endpoint{}, - }, - }, - { - ID: "aws-iso-e", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.{region}.cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "sts.{region}.cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoE, - IsRegionalized: true, - }, - { - ID: "aws-iso-f", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts-fips.{region}.csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "sts.{region}.csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsIsoF, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-isof-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-isof-south-1", - }: endpoints.Endpoint{}, - }, - }, - { - ID: "aws-us-gov", - Defaults: map[endpoints.DefaultKey]endpoints.Endpoint{ - { - Variant: endpoints.DualStackVariant, - }: { - Hostname: "sts.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: endpoints.FIPSVariant | endpoints.DualStackVariant, - }: { - Hostname: "sts-fips.{region}.api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - { - Variant: 0, - }: { - Hostname: "sts.{region}.amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - RegionRegex: partitionRegexp.AwsUsGov, - IsRegionalized: true, - Endpoints: endpoints.Endpoints{ - endpoints.EndpointKey{ - Region: "us-gov-east-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-gov-east-1", - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts.us-gov-east-1.amazonaws.com", - }, - endpoints.EndpointKey{ - Region: "us-gov-east-1-fips", - }: endpoints.Endpoint{ - Hostname: "sts.us-gov-east-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: aws.TrueTernary, - }, - endpoints.EndpointKey{ - Region: "us-gov-west-1", - }: endpoints.Endpoint{}, - endpoints.EndpointKey{ - Region: "us-gov-west-1", - Variant: endpoints.FIPSVariant, - }: { - Hostname: "sts.us-gov-west-1.amazonaws.com", - }, - endpoints.EndpointKey{ - Region: "us-gov-west-1-fips", - }: endpoints.Endpoint{ - Hostname: "sts.us-gov-west-1.amazonaws.com", - CredentialScope: endpoints.CredentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: aws.TrueTernary, - }, - }, - }, -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go deleted file mode 100644 index e1398f3b..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/options.go +++ /dev/null @@ -1,232 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "github.com/aws/aws-sdk-go-v2/aws" - awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" - internalauthsmithy "github.com/aws/aws-sdk-go-v2/internal/auth/smithy" - smithyauth "github.com/aws/smithy-go/auth" - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "net/http" -) - -type HTTPClient interface { - Do(*http.Request) (*http.Response, error) -} - -type Options struct { - // Set of options to modify how an operation is invoked. These apply to all - // operations invoked for this client. Use functional options on operation call to - // modify this list for per operation behavior. - APIOptions []func(*middleware.Stack) error - - // The optional application specific identifier appended to the User-Agent header. - AppID string - - // This endpoint will be given as input to an EndpointResolverV2. It is used for - // providing a custom base endpoint that is subject to modifications by the - // processing EndpointResolverV2. - BaseEndpoint *string - - // Configures the events that will be sent to the configured logger. - ClientLogMode aws.ClientLogMode - - // The credentials object to use when signing requests. - Credentials aws.CredentialsProvider - - // The configuration DefaultsMode that the SDK should use when constructing the - // clients initial default settings. - DefaultsMode aws.DefaultsMode - - // The endpoint options to be used when attempting to resolve an endpoint. - EndpointOptions EndpointResolverOptions - - // The service endpoint resolver. - // - // Deprecated: Deprecated: EndpointResolver and WithEndpointResolver. Providing a - // value for this field will likely prevent you from using any endpoint-related - // service features released after the introduction of EndpointResolverV2 and - // BaseEndpoint. - // - // To migrate an EndpointResolver implementation that uses a custom endpoint, set - // the client option BaseEndpoint instead. - EndpointResolver EndpointResolver - - // Resolves the endpoint used for a particular service operation. This should be - // used over the deprecated EndpointResolver. - EndpointResolverV2 EndpointResolverV2 - - // Signature Version 4 (SigV4) Signer - HTTPSignerV4 HTTPSignerV4 - - // The logger writer interface to write logging messages to. - Logger logging.Logger - - // The client meter provider. - MeterProvider metrics.MeterProvider - - // The region to send requests to. (Required) - Region string - - // RetryMaxAttempts specifies the maximum number attempts an API client will call - // an operation that fails with a retryable error. A value of 0 is ignored, and - // will not be used to configure the API client created default retryer, or modify - // per operation call's retry max attempts. - // - // If specified in an operation call's functional options with a value that is - // different than the constructed client's Options, the Client's Retryer will be - // wrapped to use the operation's specific RetryMaxAttempts value. - RetryMaxAttempts int - - // RetryMode specifies the retry mode the API client will be created with, if - // Retryer option is not also specified. - // - // When creating a new API Clients this member will only be used if the Retryer - // Options member is nil. This value will be ignored if Retryer is not nil. - // - // Currently does not support per operation call overrides, may in the future. - RetryMode aws.RetryMode - - // Retryer guides how HTTP requests should be retried in case of recoverable - // failures. When nil the API client will use a default retryer. The kind of - // default retry created by the API client can be changed with the RetryMode - // option. - Retryer aws.Retryer - - // The RuntimeEnvironment configuration, only populated if the DefaultsMode is set - // to DefaultsModeAuto and is initialized using config.LoadDefaultConfig . You - // should not populate this structure programmatically, or rely on the values here - // within your applications. - RuntimeEnvironment aws.RuntimeEnvironment - - // The client tracer provider. - TracerProvider tracing.TracerProvider - - // The initial DefaultsMode used when the client options were constructed. If the - // DefaultsMode was set to aws.DefaultsModeAuto this will store what the resolved - // value was at that point in time. - // - // Currently does not support per operation call overrides, may in the future. - resolvedDefaultsMode aws.DefaultsMode - - // The HTTP client to invoke API calls with. Defaults to client's default HTTP - // implementation if nil. - HTTPClient HTTPClient - - // The auth scheme resolver which determines how to authenticate for each - // operation. - AuthSchemeResolver AuthSchemeResolver - - // The list of auth schemes supported by the client. - AuthSchemes []smithyhttp.AuthScheme -} - -// Copy creates a clone where the APIOptions list is deep copied. -func (o Options) Copy() Options { - to := o - to.APIOptions = make([]func(*middleware.Stack) error, len(o.APIOptions)) - copy(to.APIOptions, o.APIOptions) - - return to -} - -func (o Options) GetIdentityResolver(schemeID string) smithyauth.IdentityResolver { - if schemeID == "aws.auth#sigv4" { - return getSigV4IdentityResolver(o) - } - if schemeID == "smithy.api#noAuth" { - return &smithyauth.AnonymousIdentityResolver{} - } - return nil -} - -// WithAPIOptions returns a functional option for setting the Client's APIOptions -// option. -func WithAPIOptions(optFns ...func(*middleware.Stack) error) func(*Options) { - return func(o *Options) { - o.APIOptions = append(o.APIOptions, optFns...) - } -} - -// Deprecated: EndpointResolver and WithEndpointResolver. Providing a value for -// this field will likely prevent you from using any endpoint-related service -// features released after the introduction of EndpointResolverV2 and BaseEndpoint. -// -// To migrate an EndpointResolver implementation that uses a custom endpoint, set -// the client option BaseEndpoint instead. -func WithEndpointResolver(v EndpointResolver) func(*Options) { - return func(o *Options) { - o.EndpointResolver = v - } -} - -// WithEndpointResolverV2 returns a functional option for setting the Client's -// EndpointResolverV2 option. -func WithEndpointResolverV2(v EndpointResolverV2) func(*Options) { - return func(o *Options) { - o.EndpointResolverV2 = v - } -} - -func getSigV4IdentityResolver(o Options) smithyauth.IdentityResolver { - if o.Credentials != nil { - return &internalauthsmithy.CredentialsProviderAdapter{Provider: o.Credentials} - } - return nil -} - -// WithSigV4SigningName applies an override to the authentication workflow to -// use the given signing name for SigV4-authenticated operations. -// -// This is an advanced setting. The value here is FINAL, taking precedence over -// the resolved signing name from both auth scheme resolution and endpoint -// resolution. -func WithSigV4SigningName(name string) func(*Options) { - fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, - ) { - return next.HandleInitialize(awsmiddleware.SetSigningName(ctx, name), in) - } - return func(o *Options) { - o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { - return s.Initialize.Add( - middleware.InitializeMiddlewareFunc("withSigV4SigningName", fn), - middleware.Before, - ) - }) - } -} - -// WithSigV4SigningRegion applies an override to the authentication workflow to -// use the given signing region for SigV4-authenticated operations. -// -// This is an advanced setting. The value here is FINAL, taking precedence over -// the resolved signing region from both auth scheme resolution and endpoint -// resolution. -func WithSigV4SigningRegion(region string) func(*Options) { - fn := func(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, - ) { - return next.HandleInitialize(awsmiddleware.SetSigningRegion(ctx, region), in) - } - return func(o *Options) { - o.APIOptions = append(o.APIOptions, func(s *middleware.Stack) error { - return s.Initialize.Add( - middleware.InitializeMiddlewareFunc("withSigV4SigningRegion", fn), - middleware.Before, - ) - }) - } -} - -func ignoreAnonymousAuth(options *Options) { - if aws.IsCredentialsProvider(options.Credentials, (*aws.AnonymousCredentials)(nil)) { - options.Credentials = nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/serializers.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/serializers.go deleted file mode 100644 index 96b22213..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/serializers.go +++ /dev/null @@ -1,1005 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "bytes" - "context" - "fmt" - "github.com/aws/aws-sdk-go-v2/aws/protocol/query" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/encoding/httpbinding" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" - smithyhttp "github.com/aws/smithy-go/transport/http" - "path" -) - -type awsAwsquery_serializeOpAssumeRole struct { -} - -func (*awsAwsquery_serializeOpAssumeRole) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpAssumeRole) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*AssumeRoleInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("AssumeRole") - body.Key("Version").String("2011-06-15") - - if err := awsAwsquery_serializeOpDocumentAssumeRoleInput(input, bodyEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsquery_serializeOpAssumeRoleWithSAML struct { -} - -func (*awsAwsquery_serializeOpAssumeRoleWithSAML) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpAssumeRoleWithSAML) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*AssumeRoleWithSAMLInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("AssumeRoleWithSAML") - body.Key("Version").String("2011-06-15") - - if err := awsAwsquery_serializeOpDocumentAssumeRoleWithSAMLInput(input, bodyEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsquery_serializeOpAssumeRoleWithWebIdentity struct { -} - -func (*awsAwsquery_serializeOpAssumeRoleWithWebIdentity) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpAssumeRoleWithWebIdentity) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*AssumeRoleWithWebIdentityInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("AssumeRoleWithWebIdentity") - body.Key("Version").String("2011-06-15") - - if err := awsAwsquery_serializeOpDocumentAssumeRoleWithWebIdentityInput(input, bodyEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsquery_serializeOpAssumeRoot struct { -} - -func (*awsAwsquery_serializeOpAssumeRoot) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpAssumeRoot) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*AssumeRootInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("AssumeRoot") - body.Key("Version").String("2011-06-15") - - if err := awsAwsquery_serializeOpDocumentAssumeRootInput(input, bodyEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsquery_serializeOpDecodeAuthorizationMessage struct { -} - -func (*awsAwsquery_serializeOpDecodeAuthorizationMessage) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpDecodeAuthorizationMessage) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*DecodeAuthorizationMessageInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("DecodeAuthorizationMessage") - body.Key("Version").String("2011-06-15") - - if err := awsAwsquery_serializeOpDocumentDecodeAuthorizationMessageInput(input, bodyEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsquery_serializeOpGetAccessKeyInfo struct { -} - -func (*awsAwsquery_serializeOpGetAccessKeyInfo) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpGetAccessKeyInfo) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*GetAccessKeyInfoInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("GetAccessKeyInfo") - body.Key("Version").String("2011-06-15") - - if err := awsAwsquery_serializeOpDocumentGetAccessKeyInfoInput(input, bodyEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsquery_serializeOpGetCallerIdentity struct { -} - -func (*awsAwsquery_serializeOpGetCallerIdentity) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpGetCallerIdentity) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*GetCallerIdentityInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("GetCallerIdentity") - body.Key("Version").String("2011-06-15") - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsquery_serializeOpGetFederationToken struct { -} - -func (*awsAwsquery_serializeOpGetFederationToken) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpGetFederationToken) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*GetFederationTokenInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("GetFederationToken") - body.Key("Version").String("2011-06-15") - - if err := awsAwsquery_serializeOpDocumentGetFederationTokenInput(input, bodyEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} - -type awsAwsquery_serializeOpGetSessionToken struct { -} - -func (*awsAwsquery_serializeOpGetSessionToken) ID() string { - return "OperationSerializer" -} - -func (m *awsAwsquery_serializeOpGetSessionToken) HandleSerialize(ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - _, span := tracing.StartSpan(ctx, "OperationSerializer") - endTimer := startMetricTimer(ctx, "client.call.serialization_duration") - defer endTimer() - defer span.End() - request, ok := in.Request.(*smithyhttp.Request) - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown transport type %T", in.Request)} - } - - input, ok := in.Parameters.(*GetSessionTokenInput) - _ = input - if !ok { - return out, metadata, &smithy.SerializationError{Err: fmt.Errorf("unknown input parameters type %T", in.Parameters)} - } - - operationPath := "/" - if len(request.Request.URL.Path) == 0 { - request.Request.URL.Path = operationPath - } else { - request.Request.URL.Path = path.Join(request.Request.URL.Path, operationPath) - if request.Request.URL.Path != "/" && operationPath[len(operationPath)-1] == '/' { - request.Request.URL.Path += "/" - } - } - request.Request.Method = "POST" - httpBindingEncoder, err := httpbinding.NewEncoder(request.URL.Path, request.URL.RawQuery, request.Header) - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - httpBindingEncoder.SetHeader("Content-Type").String("application/x-www-form-urlencoded") - - bodyWriter := bytes.NewBuffer(nil) - bodyEncoder := query.NewEncoder(bodyWriter) - body := bodyEncoder.Object() - body.Key("Action").String("GetSessionToken") - body.Key("Version").String("2011-06-15") - - if err := awsAwsquery_serializeOpDocumentGetSessionTokenInput(input, bodyEncoder.Value); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - err = bodyEncoder.Encode() - if err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request, err = request.SetStream(bytes.NewReader(bodyWriter.Bytes())); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - - if request.Request, err = httpBindingEncoder.Encode(request.Request); err != nil { - return out, metadata, &smithy.SerializationError{Err: err} - } - in.Request = request - - endTimer() - span.End() - return next.HandleSerialize(ctx, in) -} -func awsAwsquery_serializeDocumentPolicyDescriptorListType(v []types.PolicyDescriptorType, value query.Value) error { - array := value.Array("member") - - for i := range v { - av := array.Value() - if err := awsAwsquery_serializeDocumentPolicyDescriptorType(&v[i], av); err != nil { - return err - } - } - return nil -} - -func awsAwsquery_serializeDocumentPolicyDescriptorType(v *types.PolicyDescriptorType, value query.Value) error { - object := value.Object() - _ = object - - if v.Arn != nil { - objectKey := object.Key("arn") - objectKey.String(*v.Arn) - } - - return nil -} - -func awsAwsquery_serializeDocumentProvidedContext(v *types.ProvidedContext, value query.Value) error { - object := value.Object() - _ = object - - if v.ContextAssertion != nil { - objectKey := object.Key("ContextAssertion") - objectKey.String(*v.ContextAssertion) - } - - if v.ProviderArn != nil { - objectKey := object.Key("ProviderArn") - objectKey.String(*v.ProviderArn) - } - - return nil -} - -func awsAwsquery_serializeDocumentProvidedContextsListType(v []types.ProvidedContext, value query.Value) error { - array := value.Array("member") - - for i := range v { - av := array.Value() - if err := awsAwsquery_serializeDocumentProvidedContext(&v[i], av); err != nil { - return err - } - } - return nil -} - -func awsAwsquery_serializeDocumentTag(v *types.Tag, value query.Value) error { - object := value.Object() - _ = object - - if v.Key != nil { - objectKey := object.Key("Key") - objectKey.String(*v.Key) - } - - if v.Value != nil { - objectKey := object.Key("Value") - objectKey.String(*v.Value) - } - - return nil -} - -func awsAwsquery_serializeDocumentTagKeyListType(v []string, value query.Value) error { - array := value.Array("member") - - for i := range v { - av := array.Value() - av.String(v[i]) - } - return nil -} - -func awsAwsquery_serializeDocumentTagListType(v []types.Tag, value query.Value) error { - array := value.Array("member") - - for i := range v { - av := array.Value() - if err := awsAwsquery_serializeDocumentTag(&v[i], av); err != nil { - return err - } - } - return nil -} - -func awsAwsquery_serializeOpDocumentAssumeRoleInput(v *AssumeRoleInput, value query.Value) error { - object := value.Object() - _ = object - - if v.DurationSeconds != nil { - objectKey := object.Key("DurationSeconds") - objectKey.Integer(*v.DurationSeconds) - } - - if v.ExternalId != nil { - objectKey := object.Key("ExternalId") - objectKey.String(*v.ExternalId) - } - - if v.Policy != nil { - objectKey := object.Key("Policy") - objectKey.String(*v.Policy) - } - - if v.PolicyArns != nil { - objectKey := object.Key("PolicyArns") - if err := awsAwsquery_serializeDocumentPolicyDescriptorListType(v.PolicyArns, objectKey); err != nil { - return err - } - } - - if v.ProvidedContexts != nil { - objectKey := object.Key("ProvidedContexts") - if err := awsAwsquery_serializeDocumentProvidedContextsListType(v.ProvidedContexts, objectKey); err != nil { - return err - } - } - - if v.RoleArn != nil { - objectKey := object.Key("RoleArn") - objectKey.String(*v.RoleArn) - } - - if v.RoleSessionName != nil { - objectKey := object.Key("RoleSessionName") - objectKey.String(*v.RoleSessionName) - } - - if v.SerialNumber != nil { - objectKey := object.Key("SerialNumber") - objectKey.String(*v.SerialNumber) - } - - if v.SourceIdentity != nil { - objectKey := object.Key("SourceIdentity") - objectKey.String(*v.SourceIdentity) - } - - if v.Tags != nil { - objectKey := object.Key("Tags") - if err := awsAwsquery_serializeDocumentTagListType(v.Tags, objectKey); err != nil { - return err - } - } - - if v.TokenCode != nil { - objectKey := object.Key("TokenCode") - objectKey.String(*v.TokenCode) - } - - if v.TransitiveTagKeys != nil { - objectKey := object.Key("TransitiveTagKeys") - if err := awsAwsquery_serializeDocumentTagKeyListType(v.TransitiveTagKeys, objectKey); err != nil { - return err - } - } - - return nil -} - -func awsAwsquery_serializeOpDocumentAssumeRoleWithSAMLInput(v *AssumeRoleWithSAMLInput, value query.Value) error { - object := value.Object() - _ = object - - if v.DurationSeconds != nil { - objectKey := object.Key("DurationSeconds") - objectKey.Integer(*v.DurationSeconds) - } - - if v.Policy != nil { - objectKey := object.Key("Policy") - objectKey.String(*v.Policy) - } - - if v.PolicyArns != nil { - objectKey := object.Key("PolicyArns") - if err := awsAwsquery_serializeDocumentPolicyDescriptorListType(v.PolicyArns, objectKey); err != nil { - return err - } - } - - if v.PrincipalArn != nil { - objectKey := object.Key("PrincipalArn") - objectKey.String(*v.PrincipalArn) - } - - if v.RoleArn != nil { - objectKey := object.Key("RoleArn") - objectKey.String(*v.RoleArn) - } - - if v.SAMLAssertion != nil { - objectKey := object.Key("SAMLAssertion") - objectKey.String(*v.SAMLAssertion) - } - - return nil -} - -func awsAwsquery_serializeOpDocumentAssumeRoleWithWebIdentityInput(v *AssumeRoleWithWebIdentityInput, value query.Value) error { - object := value.Object() - _ = object - - if v.DurationSeconds != nil { - objectKey := object.Key("DurationSeconds") - objectKey.Integer(*v.DurationSeconds) - } - - if v.Policy != nil { - objectKey := object.Key("Policy") - objectKey.String(*v.Policy) - } - - if v.PolicyArns != nil { - objectKey := object.Key("PolicyArns") - if err := awsAwsquery_serializeDocumentPolicyDescriptorListType(v.PolicyArns, objectKey); err != nil { - return err - } - } - - if v.ProviderId != nil { - objectKey := object.Key("ProviderId") - objectKey.String(*v.ProviderId) - } - - if v.RoleArn != nil { - objectKey := object.Key("RoleArn") - objectKey.String(*v.RoleArn) - } - - if v.RoleSessionName != nil { - objectKey := object.Key("RoleSessionName") - objectKey.String(*v.RoleSessionName) - } - - if v.WebIdentityToken != nil { - objectKey := object.Key("WebIdentityToken") - objectKey.String(*v.WebIdentityToken) - } - - return nil -} - -func awsAwsquery_serializeOpDocumentAssumeRootInput(v *AssumeRootInput, value query.Value) error { - object := value.Object() - _ = object - - if v.DurationSeconds != nil { - objectKey := object.Key("DurationSeconds") - objectKey.Integer(*v.DurationSeconds) - } - - if v.TargetPrincipal != nil { - objectKey := object.Key("TargetPrincipal") - objectKey.String(*v.TargetPrincipal) - } - - if v.TaskPolicyArn != nil { - objectKey := object.Key("TaskPolicyArn") - if err := awsAwsquery_serializeDocumentPolicyDescriptorType(v.TaskPolicyArn, objectKey); err != nil { - return err - } - } - - return nil -} - -func awsAwsquery_serializeOpDocumentDecodeAuthorizationMessageInput(v *DecodeAuthorizationMessageInput, value query.Value) error { - object := value.Object() - _ = object - - if v.EncodedMessage != nil { - objectKey := object.Key("EncodedMessage") - objectKey.String(*v.EncodedMessage) - } - - return nil -} - -func awsAwsquery_serializeOpDocumentGetAccessKeyInfoInput(v *GetAccessKeyInfoInput, value query.Value) error { - object := value.Object() - _ = object - - if v.AccessKeyId != nil { - objectKey := object.Key("AccessKeyId") - objectKey.String(*v.AccessKeyId) - } - - return nil -} - -func awsAwsquery_serializeOpDocumentGetCallerIdentityInput(v *GetCallerIdentityInput, value query.Value) error { - object := value.Object() - _ = object - - return nil -} - -func awsAwsquery_serializeOpDocumentGetFederationTokenInput(v *GetFederationTokenInput, value query.Value) error { - object := value.Object() - _ = object - - if v.DurationSeconds != nil { - objectKey := object.Key("DurationSeconds") - objectKey.Integer(*v.DurationSeconds) - } - - if v.Name != nil { - objectKey := object.Key("Name") - objectKey.String(*v.Name) - } - - if v.Policy != nil { - objectKey := object.Key("Policy") - objectKey.String(*v.Policy) - } - - if v.PolicyArns != nil { - objectKey := object.Key("PolicyArns") - if err := awsAwsquery_serializeDocumentPolicyDescriptorListType(v.PolicyArns, objectKey); err != nil { - return err - } - } - - if v.Tags != nil { - objectKey := object.Key("Tags") - if err := awsAwsquery_serializeDocumentTagListType(v.Tags, objectKey); err != nil { - return err - } - } - - return nil -} - -func awsAwsquery_serializeOpDocumentGetSessionTokenInput(v *GetSessionTokenInput, value query.Value) error { - object := value.Object() - _ = object - - if v.DurationSeconds != nil { - objectKey := object.Key("DurationSeconds") - objectKey.Integer(*v.DurationSeconds) - } - - if v.SerialNumber != nil { - objectKey := object.Key("SerialNumber") - objectKey.String(*v.SerialNumber) - } - - if v.TokenCode != nil { - objectKey := object.Key("TokenCode") - objectKey.String(*v.TokenCode) - } - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/errors.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/errors.go deleted file mode 100644 index 041629bb..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/errors.go +++ /dev/null @@ -1,248 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -import ( - "fmt" - smithy "github.com/aws/smithy-go" -) - -// The web identity token that was passed is expired or is not valid. Get a new -// identity token from the identity provider and then retry the request. -type ExpiredTokenException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *ExpiredTokenException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *ExpiredTokenException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *ExpiredTokenException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "ExpiredTokenException" - } - return *e.ErrorCodeOverride -} -func (e *ExpiredTokenException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The request could not be fulfilled because the identity provider (IDP) that was -// asked to verify the incoming identity token could not be reached. This is often -// a transient error caused by network conditions. Retry the request a limited -// number of times so that you don't exceed the request rate. If the error -// persists, the identity provider might be down or not responding. -type IDPCommunicationErrorException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *IDPCommunicationErrorException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *IDPCommunicationErrorException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *IDPCommunicationErrorException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "IDPCommunicationError" - } - return *e.ErrorCodeOverride -} -func (e *IDPCommunicationErrorException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The identity provider (IdP) reported that authentication failed. This might be -// because the claim is invalid. -// -// If this error is returned for the AssumeRoleWithWebIdentity operation, it can -// also mean that the claim has expired or has been explicitly revoked. -type IDPRejectedClaimException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *IDPRejectedClaimException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *IDPRejectedClaimException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *IDPRejectedClaimException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "IDPRejectedClaim" - } - return *e.ErrorCodeOverride -} -func (e *IDPRejectedClaimException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The error returned if the message passed to DecodeAuthorizationMessage was -// invalid. This can happen if the token contains invalid characters, such as line -// breaks, or if the message has expired. -type InvalidAuthorizationMessageException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *InvalidAuthorizationMessageException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidAuthorizationMessageException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidAuthorizationMessageException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidAuthorizationMessageException" - } - return *e.ErrorCodeOverride -} -func (e *InvalidAuthorizationMessageException) ErrorFault() smithy.ErrorFault { - return smithy.FaultClient -} - -// The web identity token that was passed could not be validated by Amazon Web -// Services. Get a new identity token from the identity provider and then retry the -// request. -type InvalidIdentityTokenException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *InvalidIdentityTokenException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *InvalidIdentityTokenException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *InvalidIdentityTokenException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "InvalidIdentityToken" - } - return *e.ErrorCodeOverride -} -func (e *InvalidIdentityTokenException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -type MalformedPolicyDocumentException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *MalformedPolicyDocumentException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *MalformedPolicyDocumentException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *MalformedPolicyDocumentException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "MalformedPolicyDocument" - } - return *e.ErrorCodeOverride -} -func (e *MalformedPolicyDocumentException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An Amazon Web Services conversion -// compresses the session policy document, session policy ARNs, and session tags -// into a packed binary format that has a separate limit. The error message -// indicates by percentage how close the policies and tags are to the upper size -// limit. For more information, see [Passing Session Tags in STS]in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see [IAM and STS Entity Character Limits]in the IAM User Guide. -// -// [Passing Session Tags in STS]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html -// [IAM and STS Entity Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length -type PackedPolicyTooLargeException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *PackedPolicyTooLargeException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *PackedPolicyTooLargeException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *PackedPolicyTooLargeException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "PackedPolicyTooLarge" - } - return *e.ErrorCodeOverride -} -func (e *PackedPolicyTooLargeException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } - -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see [Activating and Deactivating STS in an Amazon Web Services Region]in the IAM -// User Guide. -// -// [Activating and Deactivating STS in an Amazon Web Services Region]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html -type RegionDisabledException struct { - Message *string - - ErrorCodeOverride *string - - noSmithyDocumentSerde -} - -func (e *RegionDisabledException) Error() string { - return fmt.Sprintf("%s: %s", e.ErrorCode(), e.ErrorMessage()) -} -func (e *RegionDisabledException) ErrorMessage() string { - if e.Message == nil { - return "" - } - return *e.Message -} -func (e *RegionDisabledException) ErrorCode() string { - if e == nil || e.ErrorCodeOverride == nil { - return "RegionDisabledException" - } - return *e.ErrorCodeOverride -} -func (e *RegionDisabledException) ErrorFault() smithy.ErrorFault { return smithy.FaultClient } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/types.go deleted file mode 100644 index dff7a3c2..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/types/types.go +++ /dev/null @@ -1,144 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package types - -import ( - smithydocument "github.com/aws/smithy-go/document" - "time" -) - -// The identifiers for the temporary security credentials that the operation -// returns. -type AssumedRoleUser struct { - - // The ARN of the temporary security credentials that are returned from the AssumeRole - // action. For more information about ARNs and how to use them in policies, see [IAM Identifiers]in - // the IAM User Guide. - // - // [IAM Identifiers]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html - // - // This member is required. - Arn *string - - // A unique identifier that contains the role ID and the role session name of the - // role that is being assumed. The role ID is generated by Amazon Web Services when - // the role is created. - // - // This member is required. - AssumedRoleId *string - - noSmithyDocumentSerde -} - -// Amazon Web Services credentials for API authentication. -type Credentials struct { - - // The access key ID that identifies the temporary security credentials. - // - // This member is required. - AccessKeyId *string - - // The date on which the current credentials expire. - // - // This member is required. - Expiration *time.Time - - // The secret access key that can be used to sign requests. - // - // This member is required. - SecretAccessKey *string - - // The token that users must pass to the service API to use the temporary - // credentials. - // - // This member is required. - SessionToken *string - - noSmithyDocumentSerde -} - -// Identifiers for the federated user that is associated with the credentials. -type FederatedUser struct { - - // The ARN that specifies the federated user that is associated with the - // credentials. For more information about ARNs and how to use them in policies, - // see [IAM Identifiers]in the IAM User Guide. - // - // [IAM Identifiers]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html - // - // This member is required. - Arn *string - - // The string that identifies the federated user associated with the credentials, - // similar to the unique ID of an IAM user. - // - // This member is required. - FederatedUserId *string - - noSmithyDocumentSerde -} - -// A reference to the IAM managed policy that is passed as a session policy for a -// role session or a federated user session. -type PolicyDescriptorType struct { - - // The Amazon Resource Name (ARN) of the IAM managed policy to use as a session - // policy for the role. For more information about ARNs, see [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]in the Amazon Web - // Services General Reference. - // - // [Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html - Arn *string - - noSmithyDocumentSerde -} - -// Contains information about the provided context. This includes the signed and -// encrypted trusted context assertion and the context provider ARN from which the -// trusted context assertion was generated. -type ProvidedContext struct { - - // The signed and encrypted trusted context assertion generated by the context - // provider. The trusted context assertion is signed and encrypted by Amazon Web - // Services STS. - ContextAssertion *string - - // The context provider ARN from which the trusted context assertion was generated. - ProviderArn *string - - noSmithyDocumentSerde -} - -// You can pass custom key-value pair attributes when you assume a role or -// federate a user. These are called session tags. You can then use the session -// tags to control access to resources. For more information, see [Tagging Amazon Web Services STS Sessions]in the IAM User -// Guide. -// -// [Tagging Amazon Web Services STS Sessions]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html -type Tag struct { - - // The key for a session tag. - // - // You can pass up to 50 session tags. The plain text session tag keys can’t - // exceed 128 characters. For these and additional limits, see [IAM and STS Character Limits]in the IAM User - // Guide. - // - // [IAM and STS Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length - // - // This member is required. - Key *string - - // The value for a session tag. - // - // You can pass up to 50 session tags. The plain text session tag values can’t - // exceed 256 characters. For these and additional limits, see [IAM and STS Character Limits]in the IAM User - // Guide. - // - // [IAM and STS Character Limits]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length - // - // This member is required. - Value *string - - noSmithyDocumentSerde -} - -type noSmithyDocumentSerde = smithydocument.NoSerde diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/validators.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/validators.go deleted file mode 100644 index 1026e221..00000000 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/validators.go +++ /dev/null @@ -1,347 +0,0 @@ -// Code generated by smithy-go-codegen DO NOT EDIT. - -package sts - -import ( - "context" - "fmt" - "github.com/aws/aws-sdk-go-v2/service/sts/types" - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/middleware" -) - -type validateOpAssumeRole struct { -} - -func (*validateOpAssumeRole) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpAssumeRole) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*AssumeRoleInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpAssumeRoleInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpAssumeRoleWithSAML struct { -} - -func (*validateOpAssumeRoleWithSAML) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpAssumeRoleWithSAML) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*AssumeRoleWithSAMLInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpAssumeRoleWithSAMLInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpAssumeRoleWithWebIdentity struct { -} - -func (*validateOpAssumeRoleWithWebIdentity) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpAssumeRoleWithWebIdentity) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*AssumeRoleWithWebIdentityInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpAssumeRoleWithWebIdentityInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpAssumeRoot struct { -} - -func (*validateOpAssumeRoot) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpAssumeRoot) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*AssumeRootInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpAssumeRootInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpDecodeAuthorizationMessage struct { -} - -func (*validateOpDecodeAuthorizationMessage) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpDecodeAuthorizationMessage) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*DecodeAuthorizationMessageInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpDecodeAuthorizationMessageInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpGetAccessKeyInfo struct { -} - -func (*validateOpGetAccessKeyInfo) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpGetAccessKeyInfo) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*GetAccessKeyInfoInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpGetAccessKeyInfoInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -type validateOpGetFederationToken struct { -} - -func (*validateOpGetFederationToken) ID() string { - return "OperationInputValidation" -} - -func (m *validateOpGetFederationToken) HandleInitialize(ctx context.Context, in middleware.InitializeInput, next middleware.InitializeHandler) ( - out middleware.InitializeOutput, metadata middleware.Metadata, err error, -) { - input, ok := in.Parameters.(*GetFederationTokenInput) - if !ok { - return out, metadata, fmt.Errorf("unknown input parameters type %T", in.Parameters) - } - if err := validateOpGetFederationTokenInput(input); err != nil { - return out, metadata, err - } - return next.HandleInitialize(ctx, in) -} - -func addOpAssumeRoleValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpAssumeRole{}, middleware.After) -} - -func addOpAssumeRoleWithSAMLValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpAssumeRoleWithSAML{}, middleware.After) -} - -func addOpAssumeRoleWithWebIdentityValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpAssumeRoleWithWebIdentity{}, middleware.After) -} - -func addOpAssumeRootValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpAssumeRoot{}, middleware.After) -} - -func addOpDecodeAuthorizationMessageValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpDecodeAuthorizationMessage{}, middleware.After) -} - -func addOpGetAccessKeyInfoValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpGetAccessKeyInfo{}, middleware.After) -} - -func addOpGetFederationTokenValidationMiddleware(stack *middleware.Stack) error { - return stack.Initialize.Add(&validateOpGetFederationToken{}, middleware.After) -} - -func validateTag(v *types.Tag) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "Tag"} - if v.Key == nil { - invalidParams.Add(smithy.NewErrParamRequired("Key")) - } - if v.Value == nil { - invalidParams.Add(smithy.NewErrParamRequired("Value")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateTagListType(v []types.Tag) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "TagListType"} - for i := range v { - if err := validateTag(&v[i]); err != nil { - invalidParams.AddNested(fmt.Sprintf("[%d]", i), err.(smithy.InvalidParamsError)) - } - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpAssumeRoleInput(v *AssumeRoleInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "AssumeRoleInput"} - if v.RoleArn == nil { - invalidParams.Add(smithy.NewErrParamRequired("RoleArn")) - } - if v.RoleSessionName == nil { - invalidParams.Add(smithy.NewErrParamRequired("RoleSessionName")) - } - if v.Tags != nil { - if err := validateTagListType(v.Tags); err != nil { - invalidParams.AddNested("Tags", err.(smithy.InvalidParamsError)) - } - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpAssumeRoleWithSAMLInput(v *AssumeRoleWithSAMLInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "AssumeRoleWithSAMLInput"} - if v.RoleArn == nil { - invalidParams.Add(smithy.NewErrParamRequired("RoleArn")) - } - if v.PrincipalArn == nil { - invalidParams.Add(smithy.NewErrParamRequired("PrincipalArn")) - } - if v.SAMLAssertion == nil { - invalidParams.Add(smithy.NewErrParamRequired("SAMLAssertion")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpAssumeRoleWithWebIdentityInput(v *AssumeRoleWithWebIdentityInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "AssumeRoleWithWebIdentityInput"} - if v.RoleArn == nil { - invalidParams.Add(smithy.NewErrParamRequired("RoleArn")) - } - if v.RoleSessionName == nil { - invalidParams.Add(smithy.NewErrParamRequired("RoleSessionName")) - } - if v.WebIdentityToken == nil { - invalidParams.Add(smithy.NewErrParamRequired("WebIdentityToken")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpAssumeRootInput(v *AssumeRootInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "AssumeRootInput"} - if v.TargetPrincipal == nil { - invalidParams.Add(smithy.NewErrParamRequired("TargetPrincipal")) - } - if v.TaskPolicyArn == nil { - invalidParams.Add(smithy.NewErrParamRequired("TaskPolicyArn")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpDecodeAuthorizationMessageInput(v *DecodeAuthorizationMessageInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "DecodeAuthorizationMessageInput"} - if v.EncodedMessage == nil { - invalidParams.Add(smithy.NewErrParamRequired("EncodedMessage")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpGetAccessKeyInfoInput(v *GetAccessKeyInfoInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "GetAccessKeyInfoInput"} - if v.AccessKeyId == nil { - invalidParams.Add(smithy.NewErrParamRequired("AccessKeyId")) - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} - -func validateOpGetFederationTokenInput(v *GetFederationTokenInput) error { - if v == nil { - return nil - } - invalidParams := smithy.InvalidParamsError{Context: "GetFederationTokenInput"} - if v.Name == nil { - invalidParams.Add(smithy.NewErrParamRequired("Name")) - } - if v.Tags != nil { - if err := validateTagListType(v.Tags); err != nil { - invalidParams.AddNested("Tags", err.(smithy.InvalidParamsError)) - } - } - if invalidParams.Len() > 0 { - return invalidParams - } else { - return nil - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/LICENSE.txt b/vendor/github.com/aws/aws-sdk-go/LICENSE.txt deleted file mode 100644 index d6456956..00000000 --- a/vendor/github.com/aws/aws-sdk-go/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/aws/aws-sdk-go/NOTICE.txt b/vendor/github.com/aws/aws-sdk-go/NOTICE.txt deleted file mode 100644 index 899129ec..00000000 --- a/vendor/github.com/aws/aws-sdk-go/NOTICE.txt +++ /dev/null @@ -1,3 +0,0 @@ -AWS SDK for Go -Copyright 2015 Amazon.com, Inc. or its affiliates. All Rights Reserved. -Copyright 2014-2015 Stripe, Inc. diff --git a/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go b/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go deleted file mode 100644 index dd950a28..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go +++ /dev/null @@ -1,50 +0,0 @@ -package bearer - -import ( - "github.com/aws/aws-sdk-go/aws" - "time" -) - -// Token provides a type wrapping a bearer token and expiration metadata. -type Token struct { - Value string - - CanExpire bool - Expires time.Time -} - -// Expired returns if the token's Expires time is before or equal to the time -// provided. If CanExpire is false, Expired will always return false. -func (t Token) Expired(now time.Time) bool { - if !t.CanExpire { - return false - } - now = now.Round(0) - return now.Equal(t.Expires) || now.After(t.Expires) -} - -// TokenProvider provides interface for retrieving bearer tokens. -type TokenProvider interface { - RetrieveBearerToken(aws.Context) (Token, error) -} - -// TokenProviderFunc provides a helper utility to wrap a function as a type -// that implements the TokenProvider interface. -type TokenProviderFunc func(aws.Context) (Token, error) - -// RetrieveBearerToken calls the wrapped function, returning the Token or -// error. -func (fn TokenProviderFunc) RetrieveBearerToken(ctx aws.Context) (Token, error) { - return fn(ctx) -} - -// StaticTokenProvider provides a utility for wrapping a static bearer token -// value within an implementation of a token provider. -type StaticTokenProvider struct { - Token Token -} - -// RetrieveBearerToken returns the static token specified. -func (s StaticTokenProvider) RetrieveBearerToken(aws.Context) (Token, error) { - return s.Token, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awserr/error.go b/vendor/github.com/aws/aws-sdk-go/aws/awserr/error.go deleted file mode 100644 index 99849c0e..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/awserr/error.go +++ /dev/null @@ -1,164 +0,0 @@ -// Package awserr represents API error interface accessors for the SDK. -package awserr - -// An Error wraps lower level errors with code, message and an original error. -// The underlying concrete error type may also satisfy other interfaces which -// can be to used to obtain more specific information about the error. -// -// Calling Error() or String() will always include the full information about -// an error based on its underlying type. -// -// Example: -// -// output, err := s3manage.Upload(svc, input, opts) -// if err != nil { -// if awsErr, ok := err.(awserr.Error); ok { -// // Get error details -// log.Println("Error:", awsErr.Code(), awsErr.Message()) -// -// // Prints out full error message, including original error if there was one. -// log.Println("Error:", awsErr.Error()) -// -// // Get original error -// if origErr := awsErr.OrigErr(); origErr != nil { -// // operate on original error. -// } -// } else { -// fmt.Println(err.Error()) -// } -// } -// -type Error interface { - // Satisfy the generic error interface. - error - - // Returns the short phrase depicting the classification of the error. - Code() string - - // Returns the error details message. - Message() string - - // Returns the original error if one was set. Nil is returned if not set. - OrigErr() error -} - -// BatchError is a batch of errors which also wraps lower level errors with -// code, message, and original errors. Calling Error() will include all errors -// that occurred in the batch. -// -// Deprecated: Replaced with BatchedErrors. Only defined for backwards -// compatibility. -type BatchError interface { - // Satisfy the generic error interface. - error - - // Returns the short phrase depicting the classification of the error. - Code() string - - // Returns the error details message. - Message() string - - // Returns the original error if one was set. Nil is returned if not set. - OrigErrs() []error -} - -// BatchedErrors is a batch of errors which also wraps lower level errors with -// code, message, and original errors. Calling Error() will include all errors -// that occurred in the batch. -// -// Replaces BatchError -type BatchedErrors interface { - // Satisfy the base Error interface. - Error - - // Returns the original error if one was set. Nil is returned if not set. - OrigErrs() []error -} - -// New returns an Error object described by the code, message, and origErr. -// -// If origErr satisfies the Error interface it will not be wrapped within a new -// Error object and will instead be returned. -func New(code, message string, origErr error) Error { - var errs []error - if origErr != nil { - errs = append(errs, origErr) - } - return newBaseError(code, message, errs) -} - -// NewBatchError returns an BatchedErrors with a collection of errors as an -// array of errors. -func NewBatchError(code, message string, errs []error) BatchedErrors { - return newBaseError(code, message, errs) -} - -// A RequestFailure is an interface to extract request failure information from -// an Error such as the request ID of the failed request returned by a service. -// RequestFailures may not always have a requestID value if the request failed -// prior to reaching the service such as a connection error. -// -// Example: -// -// output, err := s3manage.Upload(svc, input, opts) -// if err != nil { -// if reqerr, ok := err.(RequestFailure); ok { -// log.Println("Request failed", reqerr.Code(), reqerr.Message(), reqerr.RequestID()) -// } else { -// log.Println("Error:", err.Error()) -// } -// } -// -// Combined with awserr.Error: -// -// output, err := s3manage.Upload(svc, input, opts) -// if err != nil { -// if awsErr, ok := err.(awserr.Error); ok { -// // Generic AWS Error with Code, Message, and original error (if any) -// fmt.Println(awsErr.Code(), awsErr.Message(), awsErr.OrigErr()) -// -// if reqErr, ok := err.(awserr.RequestFailure); ok { -// // A service error occurred -// fmt.Println(reqErr.StatusCode(), reqErr.RequestID()) -// } -// } else { -// fmt.Println(err.Error()) -// } -// } -// -type RequestFailure interface { - Error - - // The status code of the HTTP response. - StatusCode() int - - // The request ID returned by the service for a request failure. This will - // be empty if no request ID is available such as the request failed due - // to a connection error. - RequestID() string -} - -// NewRequestFailure returns a wrapped error with additional information for -// request status code, and service requestID. -// -// Should be used to wrap all request which involve service requests. Even if -// the request failed without a service response, but had an HTTP status code -// that may be meaningful. -func NewRequestFailure(err Error, statusCode int, reqID string) RequestFailure { - return newRequestError(err, statusCode, reqID) -} - -// UnmarshalError provides the interface for the SDK failing to unmarshal data. -type UnmarshalError interface { - awsError - Bytes() []byte -} - -// NewUnmarshalError returns an initialized UnmarshalError error wrapper adding -// the bytes that fail to unmarshal to the error. -func NewUnmarshalError(err error, msg string, bytes []byte) UnmarshalError { - return &unmarshalError{ - awsError: New("UnmarshalError", msg, err), - bytes: bytes, - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go b/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go deleted file mode 100644 index 9cf7eaf4..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/awserr/types.go +++ /dev/null @@ -1,221 +0,0 @@ -package awserr - -import ( - "encoding/hex" - "fmt" -) - -// SprintError returns a string of the formatted error code. -// -// Both extra and origErr are optional. If they are included their lines -// will be added, but if they are not included their lines will be ignored. -func SprintError(code, message, extra string, origErr error) string { - msg := fmt.Sprintf("%s: %s", code, message) - if extra != "" { - msg = fmt.Sprintf("%s\n\t%s", msg, extra) - } - if origErr != nil { - msg = fmt.Sprintf("%s\ncaused by: %s", msg, origErr.Error()) - } - return msg -} - -// A baseError wraps the code and message which defines an error. It also -// can be used to wrap an original error object. -// -// Should be used as the root for errors satisfying the awserr.Error. Also -// for any error which does not fit into a specific error wrapper type. -type baseError struct { - // Classification of error - code string - - // Detailed information about error - message string - - // Optional original error this error is based off of. Allows building - // chained errors. - errs []error -} - -// newBaseError returns an error object for the code, message, and errors. -// -// code is a short no whitespace phrase depicting the classification of -// the error that is being created. -// -// message is the free flow string containing detailed information about the -// error. -// -// origErrs is the error objects which will be nested under the new errors to -// be returned. -func newBaseError(code, message string, origErrs []error) *baseError { - b := &baseError{ - code: code, - message: message, - errs: origErrs, - } - - return b -} - -// Error returns the string representation of the error. -// -// See ErrorWithExtra for formatting. -// -// Satisfies the error interface. -func (b baseError) Error() string { - size := len(b.errs) - if size > 0 { - return SprintError(b.code, b.message, "", errorList(b.errs)) - } - - return SprintError(b.code, b.message, "", nil) -} - -// String returns the string representation of the error. -// Alias for Error to satisfy the stringer interface. -func (b baseError) String() string { - return b.Error() -} - -// Code returns the short phrase depicting the classification of the error. -func (b baseError) Code() string { - return b.code -} - -// Message returns the error details message. -func (b baseError) Message() string { - return b.message -} - -// OrigErr returns the original error if one was set. Nil is returned if no -// error was set. This only returns the first element in the list. If the full -// list is needed, use BatchedErrors. -func (b baseError) OrigErr() error { - switch len(b.errs) { - case 0: - return nil - case 1: - return b.errs[0] - default: - if err, ok := b.errs[0].(Error); ok { - return NewBatchError(err.Code(), err.Message(), b.errs[1:]) - } - return NewBatchError("BatchedErrors", - "multiple errors occurred", b.errs) - } -} - -// OrigErrs returns the original errors if one was set. An empty slice is -// returned if no error was set. -func (b baseError) OrigErrs() []error { - return b.errs -} - -// So that the Error interface type can be included as an anonymous field -// in the requestError struct and not conflict with the error.Error() method. -type awsError Error - -// A requestError wraps a request or service error. -// -// Composed of baseError for code, message, and original error. -type requestError struct { - awsError - statusCode int - requestID string - bytes []byte -} - -// newRequestError returns a wrapped error with additional information for -// request status code, and service requestID. -// -// Should be used to wrap all request which involve service requests. Even if -// the request failed without a service response, but had an HTTP status code -// that may be meaningful. -// -// Also wraps original errors via the baseError. -func newRequestError(err Error, statusCode int, requestID string) *requestError { - return &requestError{ - awsError: err, - statusCode: statusCode, - requestID: requestID, - } -} - -// Error returns the string representation of the error. -// Satisfies the error interface. -func (r requestError) Error() string { - extra := fmt.Sprintf("status code: %d, request id: %s", - r.statusCode, r.requestID) - return SprintError(r.Code(), r.Message(), extra, r.OrigErr()) -} - -// String returns the string representation of the error. -// Alias for Error to satisfy the stringer interface. -func (r requestError) String() string { - return r.Error() -} - -// StatusCode returns the wrapped status code for the error -func (r requestError) StatusCode() int { - return r.statusCode -} - -// RequestID returns the wrapped requestID -func (r requestError) RequestID() string { - return r.requestID -} - -// OrigErrs returns the original errors if one was set. An empty slice is -// returned if no error was set. -func (r requestError) OrigErrs() []error { - if b, ok := r.awsError.(BatchedErrors); ok { - return b.OrigErrs() - } - return []error{r.OrigErr()} -} - -type unmarshalError struct { - awsError - bytes []byte -} - -// Error returns the string representation of the error. -// Satisfies the error interface. -func (e unmarshalError) Error() string { - extra := hex.Dump(e.bytes) - return SprintError(e.Code(), e.Message(), extra, e.OrigErr()) -} - -// String returns the string representation of the error. -// Alias for Error to satisfy the stringer interface. -func (e unmarshalError) String() string { - return e.Error() -} - -// Bytes returns the bytes that failed to unmarshal. -func (e unmarshalError) Bytes() []byte { - return e.bytes -} - -// An error list that satisfies the golang interface -type errorList []error - -// Error returns the string representation of the error. -// -// Satisfies the error interface. -func (e errorList) Error() string { - msg := "" - // How do we want to handle the array size being zero - if size := len(e); size > 0 { - for i := 0; i < size; i++ { - msg += e[i].Error() - // We check the next index to see if it is within the slice. - // If it is, then we append a newline. We do this, because unit tests - // could be broken with the additional '\n' - if i+1 < size { - msg += "\n" - } - } - } - return msg -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/copy.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/copy.go deleted file mode 100644 index 1a3d106d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/copy.go +++ /dev/null @@ -1,108 +0,0 @@ -package awsutil - -import ( - "io" - "reflect" - "time" -) - -// Copy deeply copies a src structure to dst. Useful for copying request and -// response structures. -// -// Can copy between structs of different type, but will only copy fields which -// are assignable, and exist in both structs. Fields which are not assignable, -// or do not exist in both structs are ignored. -func Copy(dst, src interface{}) { - dstval := reflect.ValueOf(dst) - if !dstval.IsValid() { - panic("Copy dst cannot be nil") - } - - rcopy(dstval, reflect.ValueOf(src), true) -} - -// CopyOf returns a copy of src while also allocating the memory for dst. -// src must be a pointer type or this operation will fail. -func CopyOf(src interface{}) (dst interface{}) { - dsti := reflect.New(reflect.TypeOf(src).Elem()) - dst = dsti.Interface() - rcopy(dsti, reflect.ValueOf(src), true) - return -} - -// rcopy performs a recursive copy of values from the source to destination. -// -// root is used to skip certain aspects of the copy which are not valid -// for the root node of a object. -func rcopy(dst, src reflect.Value, root bool) { - if !src.IsValid() { - return - } - - switch src.Kind() { - case reflect.Ptr: - if _, ok := src.Interface().(io.Reader); ok { - if dst.Kind() == reflect.Ptr && dst.Elem().CanSet() { - dst.Elem().Set(src) - } else if dst.CanSet() { - dst.Set(src) - } - } else { - e := src.Type().Elem() - if dst.CanSet() && !src.IsNil() { - if _, ok := src.Interface().(*time.Time); !ok { - dst.Set(reflect.New(e)) - } else { - tempValue := reflect.New(e) - tempValue.Elem().Set(src.Elem()) - // Sets time.Time's unexported values - dst.Set(tempValue) - } - } - if src.Elem().IsValid() { - // Keep the current root state since the depth hasn't changed - rcopy(dst.Elem(), src.Elem(), root) - } - } - case reflect.Struct: - t := dst.Type() - for i := 0; i < t.NumField(); i++ { - name := t.Field(i).Name - srcVal := src.FieldByName(name) - dstVal := dst.FieldByName(name) - if srcVal.IsValid() && dstVal.CanSet() { - rcopy(dstVal, srcVal, false) - } - } - case reflect.Slice: - if src.IsNil() { - break - } - - s := reflect.MakeSlice(src.Type(), src.Len(), src.Cap()) - dst.Set(s) - for i := 0; i < src.Len(); i++ { - rcopy(dst.Index(i), src.Index(i), false) - } - case reflect.Map: - if src.IsNil() { - break - } - - s := reflect.MakeMap(src.Type()) - dst.Set(s) - for _, k := range src.MapKeys() { - v := src.MapIndex(k) - v2 := reflect.New(v.Type()).Elem() - rcopy(v2, v, false) - dst.SetMapIndex(k, v2) - } - default: - // Assign the value if possible. If its not assignable, the value would - // need to be converted and the impact of that may be unexpected, or is - // not compatible with the dst type. - if src.Type().AssignableTo(dst.Type()) { - dst.Set(src) - } - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/equal.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/equal.go deleted file mode 100644 index 142a7a01..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/equal.go +++ /dev/null @@ -1,27 +0,0 @@ -package awsutil - -import ( - "reflect" -) - -// DeepEqual returns if the two values are deeply equal like reflect.DeepEqual. -// In addition to this, this method will also dereference the input values if -// possible so the DeepEqual performed will not fail if one parameter is a -// pointer and the other is not. -// -// DeepEqual will not perform indirection of nested values of the input parameters. -func DeepEqual(a, b interface{}) bool { - ra := reflect.Indirect(reflect.ValueOf(a)) - rb := reflect.Indirect(reflect.ValueOf(b)) - - if raValid, rbValid := ra.IsValid(), rb.IsValid(); !raValid && !rbValid { - // If the elements are both nil, and of the same type they are equal - // If they are of different types they are not equal - return reflect.TypeOf(a) == reflect.TypeOf(b) - } else if raValid != rbValid { - // Both values must be valid to be equal - return false - } - - return reflect.DeepEqual(ra.Interface(), rb.Interface()) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go deleted file mode 100644 index a4eb6a7f..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/path_value.go +++ /dev/null @@ -1,221 +0,0 @@ -package awsutil - -import ( - "reflect" - "regexp" - "strconv" - "strings" - - "github.com/jmespath/go-jmespath" -) - -var indexRe = regexp.MustCompile(`(.+)\[(-?\d+)?\]$`) - -// rValuesAtPath returns a slice of values found in value v. The values -// in v are explored recursively so all nested values are collected. -func rValuesAtPath(v interface{}, path string, createPath, caseSensitive, nilTerm bool) []reflect.Value { - pathparts := strings.Split(path, "||") - if len(pathparts) > 1 { - for _, pathpart := range pathparts { - vals := rValuesAtPath(v, pathpart, createPath, caseSensitive, nilTerm) - if len(vals) > 0 { - return vals - } - } - return nil - } - - values := []reflect.Value{reflect.Indirect(reflect.ValueOf(v))} - components := strings.Split(path, ".") - for len(values) > 0 && len(components) > 0 { - var index *int64 - var indexStar bool - c := strings.TrimSpace(components[0]) - if c == "" { // no actual component, illegal syntax - return nil - } else if caseSensitive && c != "*" && strings.ToLower(c[0:1]) == c[0:1] { - // TODO normalize case for user - return nil // don't support unexported fields - } - - // parse this component - if m := indexRe.FindStringSubmatch(c); m != nil { - c = m[1] - if m[2] == "" { - index = nil - indexStar = true - } else { - i, _ := strconv.ParseInt(m[2], 10, 32) - index = &i - indexStar = false - } - } - - nextvals := []reflect.Value{} - for _, value := range values { - // pull component name out of struct member - if value.Kind() != reflect.Struct { - continue - } - - if c == "*" { // pull all members - for i := 0; i < value.NumField(); i++ { - if f := reflect.Indirect(value.Field(i)); f.IsValid() { - nextvals = append(nextvals, f) - } - } - continue - } - - value = value.FieldByNameFunc(func(name string) bool { - if c == name { - return true - } else if !caseSensitive && strings.EqualFold(name, c) { - return true - } - return false - }) - - if nilTerm && value.Kind() == reflect.Ptr && len(components[1:]) == 0 { - if !value.IsNil() { - value.Set(reflect.Zero(value.Type())) - } - return []reflect.Value{value} - } - - if createPath && value.Kind() == reflect.Ptr && value.IsNil() { - // TODO if the value is the terminus it should not be created - // if the value to be set to its position is nil. - value.Set(reflect.New(value.Type().Elem())) - value = value.Elem() - } else { - value = reflect.Indirect(value) - } - - if value.Kind() == reflect.Slice || value.Kind() == reflect.Map { - if !createPath && value.IsNil() { - value = reflect.ValueOf(nil) - } - } - - if value.IsValid() { - nextvals = append(nextvals, value) - } - } - values = nextvals - - if indexStar || index != nil { - nextvals = []reflect.Value{} - for _, valItem := range values { - value := reflect.Indirect(valItem) - if value.Kind() != reflect.Slice { - continue - } - - if indexStar { // grab all indices - for i := 0; i < value.Len(); i++ { - idx := reflect.Indirect(value.Index(i)) - if idx.IsValid() { - nextvals = append(nextvals, idx) - } - } - continue - } - - // pull out index - i := int(*index) - if i >= value.Len() { // check out of bounds - if createPath { - // TODO resize slice - } else { - continue - } - } else if i < 0 { // support negative indexing - i = value.Len() + i - } - value = reflect.Indirect(value.Index(i)) - - if value.Kind() == reflect.Slice || value.Kind() == reflect.Map { - if !createPath && value.IsNil() { - value = reflect.ValueOf(nil) - } - } - - if value.IsValid() { - nextvals = append(nextvals, value) - } - } - values = nextvals - } - - components = components[1:] - } - return values -} - -// ValuesAtPath returns a list of values at the case insensitive lexical -// path inside of a structure. -func ValuesAtPath(i interface{}, path string) ([]interface{}, error) { - result, err := jmespath.Search(path, i) - if err != nil { - return nil, err - } - - v := reflect.ValueOf(result) - if !v.IsValid() || (v.Kind() == reflect.Ptr && v.IsNil()) { - return nil, nil - } - if s, ok := result.([]interface{}); ok { - return s, err - } - if v.Kind() == reflect.Map && v.Len() == 0 { - return nil, nil - } - if v.Kind() == reflect.Slice { - out := make([]interface{}, v.Len()) - for i := 0; i < v.Len(); i++ { - out[i] = v.Index(i).Interface() - } - return out, nil - } - - return []interface{}{result}, nil -} - -// SetValueAtPath sets a value at the case insensitive lexical path inside -// of a structure. -func SetValueAtPath(i interface{}, path string, v interface{}) { - rvals := rValuesAtPath(i, path, true, false, v == nil) - for _, rval := range rvals { - if rval.Kind() == reflect.Ptr && rval.IsNil() { - continue - } - setValue(rval, v) - } -} - -func setValue(dstVal reflect.Value, src interface{}) { - if dstVal.Kind() == reflect.Ptr { - dstVal = reflect.Indirect(dstVal) - } - srcVal := reflect.ValueOf(src) - - if !srcVal.IsValid() { // src is literal nil - if dstVal.CanAddr() { - // Convert to pointer so that pointer's value can be nil'ed - // dstVal = dstVal.Addr() - } - dstVal.Set(reflect.Zero(dstVal.Type())) - - } else if srcVal.Kind() == reflect.Ptr { - if srcVal.IsNil() { - srcVal = reflect.Zero(dstVal.Type()) - } else { - srcVal = reflect.ValueOf(src).Elem() - } - dstVal.Set(srcVal) - } else { - dstVal.Set(srcVal) - } - -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/prettify.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/prettify.go deleted file mode 100644 index 11d4240d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/prettify.go +++ /dev/null @@ -1,123 +0,0 @@ -package awsutil - -import ( - "bytes" - "fmt" - "io" - "reflect" - "strings" -) - -// Prettify returns the string representation of a value. -func Prettify(i interface{}) string { - var buf bytes.Buffer - prettify(reflect.ValueOf(i), 0, &buf) - return buf.String() -} - -// prettify will recursively walk value v to build a textual -// representation of the value. -func prettify(v reflect.Value, indent int, buf *bytes.Buffer) { - for v.Kind() == reflect.Ptr { - v = v.Elem() - } - - switch v.Kind() { - case reflect.Struct: - strtype := v.Type().String() - if strtype == "time.Time" { - fmt.Fprintf(buf, "%s", v.Interface()) - break - } else if strings.HasPrefix(strtype, "io.") { - buf.WriteString("") - break - } - - buf.WriteString("{\n") - - names := []string{} - for i := 0; i < v.Type().NumField(); i++ { - name := v.Type().Field(i).Name - f := v.Field(i) - if name[0:1] == strings.ToLower(name[0:1]) { - continue // ignore unexported fields - } - if (f.Kind() == reflect.Ptr || f.Kind() == reflect.Slice || f.Kind() == reflect.Map) && f.IsNil() { - continue // ignore unset fields - } - names = append(names, name) - } - - for i, n := range names { - val := v.FieldByName(n) - ft, ok := v.Type().FieldByName(n) - if !ok { - panic(fmt.Sprintf("expected to find field %v on type %v, but was not found", n, v.Type())) - } - - buf.WriteString(strings.Repeat(" ", indent+2)) - buf.WriteString(n + ": ") - - if tag := ft.Tag.Get("sensitive"); tag == "true" { - buf.WriteString("") - } else { - prettify(val, indent+2, buf) - } - - if i < len(names)-1 { - buf.WriteString(",\n") - } - } - - buf.WriteString("\n" + strings.Repeat(" ", indent) + "}") - case reflect.Slice: - strtype := v.Type().String() - if strtype == "[]uint8" { - fmt.Fprintf(buf, " len %d", v.Len()) - break - } - - nl, id, id2 := "", "", "" - if v.Len() > 3 { - nl, id, id2 = "\n", strings.Repeat(" ", indent), strings.Repeat(" ", indent+2) - } - buf.WriteString("[" + nl) - for i := 0; i < v.Len(); i++ { - buf.WriteString(id2) - prettify(v.Index(i), indent+2, buf) - - if i < v.Len()-1 { - buf.WriteString("," + nl) - } - } - - buf.WriteString(nl + id + "]") - case reflect.Map: - buf.WriteString("{\n") - - for i, k := range v.MapKeys() { - buf.WriteString(strings.Repeat(" ", indent+2)) - buf.WriteString(k.String() + ": ") - prettify(v.MapIndex(k), indent+2, buf) - - if i < v.Len()-1 { - buf.WriteString(",\n") - } - } - - buf.WriteString("\n" + strings.Repeat(" ", indent) + "}") - default: - if !v.IsValid() { - fmt.Fprint(buf, "") - return - } - format := "%v" - switch v.Interface().(type) { - case string: - format = "%q" - case io.ReadSeeker, io.Reader: - format = "buffer(%p)" - } - fmt.Fprintf(buf, format, v.Interface()) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/string_value.go b/vendor/github.com/aws/aws-sdk-go/aws/awsutil/string_value.go deleted file mode 100644 index 3f7cffd9..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/awsutil/string_value.go +++ /dev/null @@ -1,90 +0,0 @@ -package awsutil - -import ( - "bytes" - "fmt" - "reflect" - "strings" -) - -// StringValue returns the string representation of a value. -// -// Deprecated: Use Prettify instead. -func StringValue(i interface{}) string { - var buf bytes.Buffer - stringValue(reflect.ValueOf(i), 0, &buf) - return buf.String() -} - -func stringValue(v reflect.Value, indent int, buf *bytes.Buffer) { - for v.Kind() == reflect.Ptr { - v = v.Elem() - } - - switch v.Kind() { - case reflect.Struct: - buf.WriteString("{\n") - - for i := 0; i < v.Type().NumField(); i++ { - ft := v.Type().Field(i) - fv := v.Field(i) - - if ft.Name[0:1] == strings.ToLower(ft.Name[0:1]) { - continue // ignore unexported fields - } - if (fv.Kind() == reflect.Ptr || fv.Kind() == reflect.Slice) && fv.IsNil() { - continue // ignore unset fields - } - - buf.WriteString(strings.Repeat(" ", indent+2)) - buf.WriteString(ft.Name + ": ") - - if tag := ft.Tag.Get("sensitive"); tag == "true" { - buf.WriteString("") - } else { - stringValue(fv, indent+2, buf) - } - - buf.WriteString(",\n") - } - - buf.WriteString("\n" + strings.Repeat(" ", indent) + "}") - case reflect.Slice: - nl, id, id2 := "", "", "" - if v.Len() > 3 { - nl, id, id2 = "\n", strings.Repeat(" ", indent), strings.Repeat(" ", indent+2) - } - buf.WriteString("[" + nl) - for i := 0; i < v.Len(); i++ { - buf.WriteString(id2) - stringValue(v.Index(i), indent+2, buf) - - if i < v.Len()-1 { - buf.WriteString("," + nl) - } - } - - buf.WriteString(nl + id + "]") - case reflect.Map: - buf.WriteString("{\n") - - for i, k := range v.MapKeys() { - buf.WriteString(strings.Repeat(" ", indent+2)) - buf.WriteString(k.String() + ": ") - stringValue(v.MapIndex(k), indent+2, buf) - - if i < v.Len()-1 { - buf.WriteString(",\n") - } - } - - buf.WriteString("\n" + strings.Repeat(" ", indent) + "}") - default: - format := "%v" - switch v.Interface().(type) { - case string: - format = "%q" - } - fmt.Fprintf(buf, format, v.Interface()) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go b/vendor/github.com/aws/aws-sdk-go/aws/client/client.go deleted file mode 100644 index b147f103..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/client.go +++ /dev/null @@ -1,94 +0,0 @@ -package client - -import ( - "fmt" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/request" -) - -// A Config provides configuration to a service client instance. -type Config struct { - Config *aws.Config - Handlers request.Handlers - PartitionID string - Endpoint string - SigningRegion string - SigningName string - ResolvedRegion string - - // States that the signing name did not come from a modeled source but - // was derived based on other data. Used by service client constructors - // to determine if the signin name can be overridden based on metadata the - // service has. - SigningNameDerived bool -} - -// ConfigProvider provides a generic way for a service client to receive -// the ClientConfig without circular dependencies. -type ConfigProvider interface { - ClientConfig(serviceName string, cfgs ...*aws.Config) Config -} - -// ConfigNoResolveEndpointProvider same as ConfigProvider except it will not -// resolve the endpoint automatically. The service client's endpoint must be -// provided via the aws.Config.Endpoint field. -type ConfigNoResolveEndpointProvider interface { - ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) Config -} - -// A Client implements the base client request and response handling -// used by all service clients. -type Client struct { - request.Retryer - metadata.ClientInfo - - Config aws.Config - Handlers request.Handlers -} - -// New will return a pointer to a new initialized service client. -func New(cfg aws.Config, info metadata.ClientInfo, handlers request.Handlers, options ...func(*Client)) *Client { - svc := &Client{ - Config: cfg, - ClientInfo: info, - Handlers: handlers.Copy(), - } - - switch retryer, ok := cfg.Retryer.(request.Retryer); { - case ok: - svc.Retryer = retryer - case cfg.Retryer != nil && cfg.Logger != nil: - s := fmt.Sprintf("WARNING: %T does not implement request.Retryer; using DefaultRetryer instead", cfg.Retryer) - cfg.Logger.Log(s) - fallthrough - default: - maxRetries := aws.IntValue(cfg.MaxRetries) - if cfg.MaxRetries == nil || maxRetries == aws.UseServiceDefaultRetries { - maxRetries = DefaultRetryerMaxNumRetries - } - svc.Retryer = DefaultRetryer{NumMaxRetries: maxRetries} - } - - svc.AddDebugHandlers() - - for _, option := range options { - option(svc) - } - - return svc -} - -// NewRequest returns a new Request pointer for the service API -// operation and parameters. -func (c *Client) NewRequest(operation *request.Operation, params interface{}, data interface{}) *request.Request { - return request.New(c.Config, c.ClientInfo, c.Handlers, c.Retryer, operation, params, data) -} - -// AddDebugHandlers injects debug logging handlers into the service to log request -// debug information. -func (c *Client) AddDebugHandlers() { - c.Handlers.Send.PushFrontNamed(LogHTTPRequestHandler) - c.Handlers.Send.PushBackNamed(LogHTTPResponseHandler) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go deleted file mode 100644 index 9f6af19d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/default_retryer.go +++ /dev/null @@ -1,177 +0,0 @@ -package client - -import ( - "math" - "strconv" - "time" - - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/sdkrand" -) - -// DefaultRetryer implements basic retry logic using exponential backoff for -// most services. If you want to implement custom retry logic, you can implement the -// request.Retryer interface. -// -type DefaultRetryer struct { - // Num max Retries is the number of max retries that will be performed. - // By default, this is zero. - NumMaxRetries int - - // MinRetryDelay is the minimum retry delay after which retry will be performed. - // If not set, the value is 0ns. - MinRetryDelay time.Duration - - // MinThrottleRetryDelay is the minimum retry delay when throttled. - // If not set, the value is 0ns. - MinThrottleDelay time.Duration - - // MaxRetryDelay is the maximum retry delay before which retry must be performed. - // If not set, the value is 0ns. - MaxRetryDelay time.Duration - - // MaxThrottleDelay is the maximum retry delay when throttled. - // If not set, the value is 0ns. - MaxThrottleDelay time.Duration -} - -const ( - // DefaultRetryerMaxNumRetries sets maximum number of retries - DefaultRetryerMaxNumRetries = 3 - - // DefaultRetryerMinRetryDelay sets minimum retry delay - DefaultRetryerMinRetryDelay = 30 * time.Millisecond - - // DefaultRetryerMinThrottleDelay sets minimum delay when throttled - DefaultRetryerMinThrottleDelay = 500 * time.Millisecond - - // DefaultRetryerMaxRetryDelay sets maximum retry delay - DefaultRetryerMaxRetryDelay = 300 * time.Second - - // DefaultRetryerMaxThrottleDelay sets maximum delay when throttled - DefaultRetryerMaxThrottleDelay = 300 * time.Second -) - -// MaxRetries returns the number of maximum returns the service will use to make -// an individual API request. -func (d DefaultRetryer) MaxRetries() int { - return d.NumMaxRetries -} - -// setRetryerDefaults sets the default values of the retryer if not set -func (d *DefaultRetryer) setRetryerDefaults() { - if d.MinRetryDelay == 0 { - d.MinRetryDelay = DefaultRetryerMinRetryDelay - } - if d.MaxRetryDelay == 0 { - d.MaxRetryDelay = DefaultRetryerMaxRetryDelay - } - if d.MinThrottleDelay == 0 { - d.MinThrottleDelay = DefaultRetryerMinThrottleDelay - } - if d.MaxThrottleDelay == 0 { - d.MaxThrottleDelay = DefaultRetryerMaxThrottleDelay - } -} - -// RetryRules returns the delay duration before retrying this request again -func (d DefaultRetryer) RetryRules(r *request.Request) time.Duration { - - // if number of max retries is zero, no retries will be performed. - if d.NumMaxRetries == 0 { - return 0 - } - - // Sets default value for retryer members - d.setRetryerDefaults() - - // minDelay is the minimum retryer delay - minDelay := d.MinRetryDelay - - var initialDelay time.Duration - - isThrottle := r.IsErrorThrottle() - if isThrottle { - if delay, ok := getRetryAfterDelay(r); ok { - initialDelay = delay - } - minDelay = d.MinThrottleDelay - } - - retryCount := r.RetryCount - - // maxDelay the maximum retryer delay - maxDelay := d.MaxRetryDelay - - if isThrottle { - maxDelay = d.MaxThrottleDelay - } - - var delay time.Duration - - // Logic to cap the retry count based on the minDelay provided - actualRetryCount := int(math.Log2(float64(minDelay))) + 1 - if actualRetryCount < 63-retryCount { - delay = time.Duration(1< maxDelay { - delay = getJitterDelay(maxDelay / 2) - } - } else { - delay = getJitterDelay(maxDelay / 2) - } - return delay + initialDelay -} - -// getJitterDelay returns a jittered delay for retry -func getJitterDelay(duration time.Duration) time.Duration { - return time.Duration(sdkrand.SeededRand.Int63n(int64(duration)) + int64(duration)) -} - -// ShouldRetry returns true if the request should be retried. -func (d DefaultRetryer) ShouldRetry(r *request.Request) bool { - - // ShouldRetry returns false if number of max retries is 0. - if d.NumMaxRetries == 0 { - return false - } - - // If one of the other handlers already set the retry state - // we don't want to override it based on the service's state - if r.Retryable != nil { - return *r.Retryable - } - return r.IsErrorRetryable() || r.IsErrorThrottle() -} - -// This will look in the Retry-After header, RFC 7231, for how long -// it will wait before attempting another request -func getRetryAfterDelay(r *request.Request) (time.Duration, bool) { - if !canUseRetryAfterHeader(r) { - return 0, false - } - - delayStr := r.HTTPResponse.Header.Get("Retry-After") - if len(delayStr) == 0 { - return 0, false - } - - delay, err := strconv.Atoi(delayStr) - if err != nil { - return 0, false - } - - return time.Duration(delay) * time.Second, true -} - -// Will look at the status code to see if the retry header pertains to -// the status code. -func canUseRetryAfterHeader(r *request.Request) bool { - switch r.HTTPResponse.StatusCode { - case 429: - case 503: - default: - return false - } - - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go b/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go deleted file mode 100644 index 5ac5c24a..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go +++ /dev/null @@ -1,206 +0,0 @@ -package client - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "net/http/httputil" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" -) - -const logReqMsg = `DEBUG: Request %s/%s Details: ----[ REQUEST POST-SIGN ]----------------------------- -%s ------------------------------------------------------` - -const logReqErrMsg = `DEBUG ERROR: Request %s/%s: ----[ REQUEST DUMP ERROR ]----------------------------- -%s -------------------------------------------------------` - -type logWriter struct { - // Logger is what we will use to log the payload of a response. - Logger aws.Logger - // buf stores the contents of what has been read - buf *bytes.Buffer -} - -func (logger *logWriter) Write(b []byte) (int, error) { - return logger.buf.Write(b) -} - -type teeReaderCloser struct { - // io.Reader will be a tee reader that is used during logging. - // This structure will read from a body and write the contents to a logger. - io.Reader - // Source is used just to close when we are done reading. - Source io.ReadCloser -} - -func (reader *teeReaderCloser) Close() error { - return reader.Source.Close() -} - -// LogHTTPRequestHandler is a SDK request handler to log the HTTP request sent -// to a service. Will include the HTTP request body if the LogLevel of the -// request matches LogDebugWithHTTPBody. -var LogHTTPRequestHandler = request.NamedHandler{ - Name: "awssdk.client.LogRequest", - Fn: logRequest, -} - -func logRequest(r *request.Request) { - if !r.Config.LogLevel.AtLeast(aws.LogDebug) || r.Config.Logger == nil { - return - } - - logBody := r.Config.LogLevel.Matches(aws.LogDebugWithHTTPBody) - bodySeekable := aws.IsReaderSeekable(r.Body) - - b, err := httputil.DumpRequestOut(r.HTTPRequest, logBody) - if err != nil { - r.Config.Logger.Log(fmt.Sprintf(logReqErrMsg, - r.ClientInfo.ServiceName, r.Operation.Name, err)) - return - } - - if logBody { - if !bodySeekable { - r.SetReaderBody(aws.ReadSeekCloser(r.HTTPRequest.Body)) - } - // Reset the request body because dumpRequest will re-wrap the - // r.HTTPRequest's Body as a NoOpCloser and will not be reset after - // read by the HTTP client reader. - if err := r.Error; err != nil { - r.Config.Logger.Log(fmt.Sprintf(logReqErrMsg, - r.ClientInfo.ServiceName, r.Operation.Name, err)) - return - } - } - - r.Config.Logger.Log(fmt.Sprintf(logReqMsg, - r.ClientInfo.ServiceName, r.Operation.Name, string(b))) -} - -// LogHTTPRequestHeaderHandler is a SDK request handler to log the HTTP request sent -// to a service. Will only log the HTTP request's headers. The request payload -// will not be read. -var LogHTTPRequestHeaderHandler = request.NamedHandler{ - Name: "awssdk.client.LogRequestHeader", - Fn: logRequestHeader, -} - -func logRequestHeader(r *request.Request) { - if !r.Config.LogLevel.AtLeast(aws.LogDebug) || r.Config.Logger == nil { - return - } - - b, err := httputil.DumpRequestOut(r.HTTPRequest, false) - if err != nil { - r.Config.Logger.Log(fmt.Sprintf(logReqErrMsg, - r.ClientInfo.ServiceName, r.Operation.Name, err)) - return - } - - r.Config.Logger.Log(fmt.Sprintf(logReqMsg, - r.ClientInfo.ServiceName, r.Operation.Name, string(b))) -} - -const logRespMsg = `DEBUG: Response %s/%s Details: ----[ RESPONSE ]-------------------------------------- -%s ------------------------------------------------------` - -const logRespErrMsg = `DEBUG ERROR: Response %s/%s: ----[ RESPONSE DUMP ERROR ]----------------------------- -%s ------------------------------------------------------` - -// LogHTTPResponseHandler is a SDK request handler to log the HTTP response -// received from a service. Will include the HTTP response body if the LogLevel -// of the request matches LogDebugWithHTTPBody. -var LogHTTPResponseHandler = request.NamedHandler{ - Name: "awssdk.client.LogResponse", - Fn: logResponse, -} - -func logResponse(r *request.Request) { - if !r.Config.LogLevel.AtLeast(aws.LogDebug) || r.Config.Logger == nil { - return - } - - lw := &logWriter{r.Config.Logger, bytes.NewBuffer(nil)} - - if r.HTTPResponse == nil { - lw.Logger.Log(fmt.Sprintf(logRespErrMsg, - r.ClientInfo.ServiceName, r.Operation.Name, "request's HTTPResponse is nil")) - return - } - - logBody := r.Config.LogLevel.Matches(aws.LogDebugWithHTTPBody) - if logBody { - r.HTTPResponse.Body = &teeReaderCloser{ - Reader: io.TeeReader(r.HTTPResponse.Body, lw), - Source: r.HTTPResponse.Body, - } - } - - handlerFn := func(req *request.Request) { - b, err := httputil.DumpResponse(req.HTTPResponse, false) - if err != nil { - lw.Logger.Log(fmt.Sprintf(logRespErrMsg, - req.ClientInfo.ServiceName, req.Operation.Name, err)) - return - } - - lw.Logger.Log(fmt.Sprintf(logRespMsg, - req.ClientInfo.ServiceName, req.Operation.Name, string(b))) - - if logBody { - b, err := ioutil.ReadAll(lw.buf) - if err != nil { - lw.Logger.Log(fmt.Sprintf(logRespErrMsg, - req.ClientInfo.ServiceName, req.Operation.Name, err)) - return - } - - lw.Logger.Log(string(b)) - } - } - - const handlerName = "awsdk.client.LogResponse.ResponseBody" - - r.Handlers.Unmarshal.SetBackNamed(request.NamedHandler{ - Name: handlerName, Fn: handlerFn, - }) - r.Handlers.UnmarshalError.SetBackNamed(request.NamedHandler{ - Name: handlerName, Fn: handlerFn, - }) -} - -// LogHTTPResponseHeaderHandler is a SDK request handler to log the HTTP -// response received from a service. Will only log the HTTP response's headers. -// The response payload will not be read. -var LogHTTPResponseHeaderHandler = request.NamedHandler{ - Name: "awssdk.client.LogResponseHeader", - Fn: logResponseHeader, -} - -func logResponseHeader(r *request.Request) { - if !r.Config.LogLevel.AtLeast(aws.LogDebug) || r.Config.Logger == nil { - return - } - - b, err := httputil.DumpResponse(r.HTTPResponse, false) - if err != nil { - r.Config.Logger.Log(fmt.Sprintf(logRespErrMsg, - r.ClientInfo.ServiceName, r.Operation.Name, err)) - return - } - - r.Config.Logger.Log(fmt.Sprintf(logRespMsg, - r.ClientInfo.ServiceName, r.Operation.Name, string(b))) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go b/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go deleted file mode 100644 index a7530ebb..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go +++ /dev/null @@ -1,15 +0,0 @@ -package metadata - -// ClientInfo wraps immutable data from the client.Client structure. -type ClientInfo struct { - ServiceName string - ServiceID string - APIVersion string - PartitionID string - Endpoint string - SigningName string - SigningRegion string - JSONVersion string - TargetPrefix string - ResolvedRegion string -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go deleted file mode 100644 index 881d575f..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/client/no_op_retryer.go +++ /dev/null @@ -1,28 +0,0 @@ -package client - -import ( - "time" - - "github.com/aws/aws-sdk-go/aws/request" -) - -// NoOpRetryer provides a retryer that performs no retries. -// It should be used when we do not want retries to be performed. -type NoOpRetryer struct{} - -// MaxRetries returns the number of maximum returns the service will use to make -// an individual API; For NoOpRetryer the MaxRetries will always be zero. -func (d NoOpRetryer) MaxRetries() int { - return 0 -} - -// ShouldRetry will always return false for NoOpRetryer, as it should never retry. -func (d NoOpRetryer) ShouldRetry(_ *request.Request) bool { - return false -} - -// RetryRules returns the delay duration before retrying this request again; -// since NoOpRetryer does not retry, RetryRules always returns 0. -func (d NoOpRetryer) RetryRules(_ *request.Request) time.Duration { - return 0 -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/config.go b/vendor/github.com/aws/aws-sdk-go/aws/config.go deleted file mode 100644 index c483e0cb..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ /dev/null @@ -1,670 +0,0 @@ -package aws - -import ( - "net/http" - "time" - - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/endpoints" -) - -// UseServiceDefaultRetries instructs the config to use the service's own -// default number of retries. This will be the default action if -// Config.MaxRetries is nil also. -const UseServiceDefaultRetries = -1 - -// RequestRetryer is an alias for a type that implements the request.Retryer -// interface. -type RequestRetryer interface{} - -// A Config provides service configuration for service clients. By default, -// all clients will use the defaults.DefaultConfig structure. -// -// // Create Session with MaxRetries configuration to be shared by multiple -// // service clients. -// sess := session.Must(session.NewSession(&aws.Config{ -// MaxRetries: aws.Int(3), -// })) -// -// // Create S3 service client with a specific Region. -// svc := s3.New(sess, &aws.Config{ -// Region: aws.String("us-west-2"), -// }) -type Config struct { - // Enables verbose error printing of all credential chain errors. - // Should be used when wanting to see all errors while attempting to - // retrieve credentials. - CredentialsChainVerboseErrors *bool - - // The credentials object to use when signing requests. Defaults to a - // chain of credential providers to search for credentials in environment - // variables, shared credential file, and EC2 Instance Roles. - Credentials *credentials.Credentials - - // An optional endpoint URL (hostname only or fully qualified URI) - // that overrides the default generated endpoint for a client. Set this - // to `nil` or the value to `""` to use the default generated endpoint. - // - // Note: You must still provide a `Region` value when specifying an - // endpoint for a client. - Endpoint *string - - // The resolver to use for looking up endpoints for AWS service clients - // to use based on region. - EndpointResolver endpoints.Resolver - - // EnforceShouldRetryCheck is used in the AfterRetryHandler to always call - // ShouldRetry regardless of whether or not if request.Retryable is set. - // This will utilize ShouldRetry method of custom retryers. If EnforceShouldRetryCheck - // is not set, then ShouldRetry will only be called if request.Retryable is nil. - // Proper handling of the request.Retryable field is important when setting this field. - EnforceShouldRetryCheck *bool - - // The region to send requests to. This parameter is required and must - // be configured globally or on a per-client basis unless otherwise - // noted. A full list of regions is found in the "Regions and Endpoints" - // document. - // - // See http://docs.aws.amazon.com/general/latest/gr/rande.html for AWS - // Regions and Endpoints. - Region *string - - // Set this to `true` to disable SSL when sending requests. Defaults - // to `false`. - DisableSSL *bool - - // The HTTP client to use when sending requests. Defaults to - // `http.DefaultClient`. - HTTPClient *http.Client - - // An integer value representing the logging level. The default log level - // is zero (LogOff), which represents no logging. To enable logging set - // to a LogLevel Value. - LogLevel *LogLevelType - - // The logger writer interface to write logging messages to. Defaults to - // standard out. - Logger Logger - - // The maximum number of times that a request will be retried for failures. - // Defaults to -1, which defers the max retry setting to the service - // specific configuration. - MaxRetries *int - - // Retryer guides how HTTP requests should be retried in case of - // recoverable failures. - // - // When nil or the value does not implement the request.Retryer interface, - // the client.DefaultRetryer will be used. - // - // When both Retryer and MaxRetries are non-nil, the former is used and - // the latter ignored. - // - // To set the Retryer field in a type-safe manner and with chaining, use - // the request.WithRetryer helper function: - // - // cfg := request.WithRetryer(aws.NewConfig(), myRetryer) - // - Retryer RequestRetryer - - // Disables semantic parameter validation, which validates input for - // missing required fields and/or other semantic request input errors. - DisableParamValidation *bool - - // Disables the computation of request and response checksums, e.g., - // CRC32 checksums in Amazon DynamoDB. - DisableComputeChecksums *bool - - // Set this to `true` to force the request to use path-style addressing, - // i.e., `http://s3.amazonaws.com/BUCKET/KEY`. By default, the S3 client - // will use virtual hosted bucket addressing when possible - // (`http://BUCKET.s3.amazonaws.com/KEY`). - // - // Note: This configuration option is specific to the Amazon S3 service. - // - // See http://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html - // for Amazon S3: Virtual Hosting of Buckets - S3ForcePathStyle *bool - - // Set this to `true` to disable the SDK adding the `Expect: 100-Continue` - // header to PUT requests over 2MB of content. 100-Continue instructs the - // HTTP client not to send the body until the service responds with a - // `continue` status. This is useful to prevent sending the request body - // until after the request is authenticated, and validated. - // - // http://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPUT.html - // - // 100-Continue is only enabled for Go 1.6 and above. See `http.Transport`'s - // `ExpectContinueTimeout` for information on adjusting the continue wait - // timeout. https://golang.org/pkg/net/http/#Transport - // - // You should use this flag to disable 100-Continue if you experience issues - // with proxies or third party S3 compatible services. - S3Disable100Continue *bool - - // Set this to `true` to enable S3 Accelerate feature. For all operations - // compatible with S3 Accelerate will use the accelerate endpoint for - // requests. Requests not compatible will fall back to normal S3 requests. - // - // The bucket must be enable for accelerate to be used with S3 client with - // accelerate enabled. If the bucket is not enabled for accelerate an error - // will be returned. The bucket name must be DNS compatible to also work - // with accelerate. - S3UseAccelerate *bool - - // S3DisableContentMD5Validation config option is temporarily disabled, - // For S3 GetObject API calls, #1837. - // - // Set this to `true` to disable the S3 service client from automatically - // adding the ContentMD5 to S3 Object Put and Upload API calls. This option - // will also disable the SDK from performing object ContentMD5 validation - // on GetObject API calls. - S3DisableContentMD5Validation *bool - - // Set this to `true` to have the S3 service client to use the region specified - // in the ARN, when an ARN is provided as an argument to a bucket parameter. - S3UseARNRegion *bool - - // Set this to `true` to enable the SDK to unmarshal API response header maps to - // normalized lower case map keys. - // - // For example S3's X-Amz-Meta prefixed header will be unmarshaled to lower case - // Metadata member's map keys. The value of the header in the map is unaffected. - // - // The AWS SDK for Go v2, uses lower case header maps by default. The v1 - // SDK provides this opt-in for this option, for backwards compatibility. - LowerCaseHeaderMaps *bool - - // Set this to `true` to disable the EC2Metadata client from overriding the - // default http.Client's Timeout. This is helpful if you do not want the - // EC2Metadata client to create a new http.Client. This options is only - // meaningful if you're not already using a custom HTTP client with the - // SDK. Enabled by default. - // - // Must be set and provided to the session.NewSession() in order to disable - // the EC2Metadata overriding the timeout for default credentials chain. - // - // Example: - // sess := session.Must(session.NewSession(aws.NewConfig() - // .WithEC2MetadataDisableTimeoutOverride(true))) - // - // svc := s3.New(sess) - // - EC2MetadataDisableTimeoutOverride *bool - - // Set this to `false` to disable EC2Metadata client from falling back to IMDSv1. - // By default, EC2 role credentials will fall back to IMDSv1 as needed for backwards compatibility. - // You can disable this behavior by explicitly setting this flag to `false`. When false, the EC2Metadata - // client will return any errors encountered from attempting to fetch a token instead of silently - // using the insecure data flow of IMDSv1. - // - // Example: - // sess := session.Must(session.NewSession(aws.NewConfig() - // .WithEC2MetadataEnableFallback(false))) - // - // svc := s3.New(sess) - // - // See [configuring IMDS] for more information. - // - // [configuring IMDS]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html - EC2MetadataEnableFallback *bool - - // Instructs the endpoint to be generated for a service client to - // be the dual stack endpoint. The dual stack endpoint will support - // both IPv4 and IPv6 addressing. - // - // Setting this for a service which does not support dual stack will fail - // to make requests. It is not recommended to set this value on the session - // as it will apply to all service clients created with the session. Even - // services which don't support dual stack endpoints. - // - // If the Endpoint config value is also provided the UseDualStack flag - // will be ignored. - // - // Only supported with. - // - // sess := session.Must(session.NewSession()) - // - // svc := s3.New(sess, &aws.Config{ - // UseDualStack: aws.Bool(true), - // }) - // - // Deprecated: This option will continue to function for S3 and S3 Control for backwards compatibility. - // UseDualStackEndpoint should be used to enable usage of a service's dual-stack endpoint for all service clients - // moving forward. For S3 and S3 Control, when UseDualStackEndpoint is set to a non-zero value it takes higher - // precedence then this option. - UseDualStack *bool - - // Sets the resolver to resolve a dual-stack endpoint for the service. - UseDualStackEndpoint endpoints.DualStackEndpointState - - // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. - UseFIPSEndpoint endpoints.FIPSEndpointState - - // SleepDelay is an override for the func the SDK will call when sleeping - // during the lifecycle of a request. Specifically this will be used for - // request delays. This value should only be used for testing. To adjust - // the delay of a request see the aws/client.DefaultRetryer and - // aws/request.Retryer. - // - // SleepDelay will prevent any Context from being used for canceling retry - // delay of an API operation. It is recommended to not use SleepDelay at all - // and specify a Retryer instead. - SleepDelay func(time.Duration) - - // DisableRestProtocolURICleaning will not clean the URL path when making rest protocol requests. - // Will default to false. This would only be used for empty directory names in s3 requests. - // - // Example: - // sess := session.Must(session.NewSession(&aws.Config{ - // DisableRestProtocolURICleaning: aws.Bool(true), - // })) - // - // svc := s3.New(sess) - // out, err := svc.GetObject(&s3.GetObjectInput { - // Bucket: aws.String("bucketname"), - // Key: aws.String("//foo//bar//moo"), - // }) - DisableRestProtocolURICleaning *bool - - // EnableEndpointDiscovery will allow for endpoint discovery on operations that - // have the definition in its model. By default, endpoint discovery is off. - // To use EndpointDiscovery, Endpoint should be unset or set to an empty string. - // - // Example: - // sess := session.Must(session.NewSession(&aws.Config{ - // EnableEndpointDiscovery: aws.Bool(true), - // })) - // - // svc := s3.New(sess) - // out, err := svc.GetObject(&s3.GetObjectInput { - // Bucket: aws.String("bucketname"), - // Key: aws.String("/foo/bar/moo"), - // }) - EnableEndpointDiscovery *bool - - // DisableEndpointHostPrefix will disable the SDK's behavior of prefixing - // request endpoint hosts with modeled information. - // - // Disabling this feature is useful when you want to use local endpoints - // for testing that do not support the modeled host prefix pattern. - DisableEndpointHostPrefix *bool - - // STSRegionalEndpoint will enable regional or legacy endpoint resolving - STSRegionalEndpoint endpoints.STSRegionalEndpoint - - // S3UsEast1RegionalEndpoint will enable regional or legacy endpoint resolving - S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint -} - -// NewConfig returns a new Config pointer that can be chained with builder -// methods to set multiple configuration values inline without using pointers. -// -// // Create Session with MaxRetries configuration to be shared by multiple -// // service clients. -// sess := session.Must(session.NewSession(aws.NewConfig(). -// WithMaxRetries(3), -// )) -// -// // Create S3 service client with a specific Region. -// svc := s3.New(sess, aws.NewConfig(). -// WithRegion("us-west-2"), -// ) -func NewConfig() *Config { - return &Config{} -} - -// WithCredentialsChainVerboseErrors sets a config verbose errors boolean and returning -// a Config pointer. -func (c *Config) WithCredentialsChainVerboseErrors(verboseErrs bool) *Config { - c.CredentialsChainVerboseErrors = &verboseErrs - return c -} - -// WithCredentials sets a config Credentials value returning a Config pointer -// for chaining. -func (c *Config) WithCredentials(creds *credentials.Credentials) *Config { - c.Credentials = creds - return c -} - -// WithEndpoint sets a config Endpoint value returning a Config pointer for -// chaining. -func (c *Config) WithEndpoint(endpoint string) *Config { - c.Endpoint = &endpoint - return c -} - -// WithEndpointResolver sets a config EndpointResolver value returning a -// Config pointer for chaining. -func (c *Config) WithEndpointResolver(resolver endpoints.Resolver) *Config { - c.EndpointResolver = resolver - return c -} - -// WithRegion sets a config Region value returning a Config pointer for -// chaining. -func (c *Config) WithRegion(region string) *Config { - c.Region = ®ion - return c -} - -// WithDisableSSL sets a config DisableSSL value returning a Config pointer -// for chaining. -func (c *Config) WithDisableSSL(disable bool) *Config { - c.DisableSSL = &disable - return c -} - -// WithHTTPClient sets a config HTTPClient value returning a Config pointer -// for chaining. -func (c *Config) WithHTTPClient(client *http.Client) *Config { - c.HTTPClient = client - return c -} - -// WithMaxRetries sets a config MaxRetries value returning a Config pointer -// for chaining. -func (c *Config) WithMaxRetries(max int) *Config { - c.MaxRetries = &max - return c -} - -// WithDisableParamValidation sets a config DisableParamValidation value -// returning a Config pointer for chaining. -func (c *Config) WithDisableParamValidation(disable bool) *Config { - c.DisableParamValidation = &disable - return c -} - -// WithDisableComputeChecksums sets a config DisableComputeChecksums value -// returning a Config pointer for chaining. -func (c *Config) WithDisableComputeChecksums(disable bool) *Config { - c.DisableComputeChecksums = &disable - return c -} - -// WithLogLevel sets a config LogLevel value returning a Config pointer for -// chaining. -func (c *Config) WithLogLevel(level LogLevelType) *Config { - c.LogLevel = &level - return c -} - -// WithLogger sets a config Logger value returning a Config pointer for -// chaining. -func (c *Config) WithLogger(logger Logger) *Config { - c.Logger = logger - return c -} - -// WithS3ForcePathStyle sets a config S3ForcePathStyle value returning a Config -// pointer for chaining. -func (c *Config) WithS3ForcePathStyle(force bool) *Config { - c.S3ForcePathStyle = &force - return c -} - -// WithS3Disable100Continue sets a config S3Disable100Continue value returning -// a Config pointer for chaining. -func (c *Config) WithS3Disable100Continue(disable bool) *Config { - c.S3Disable100Continue = &disable - return c -} - -// WithS3UseAccelerate sets a config S3UseAccelerate value returning a Config -// pointer for chaining. -func (c *Config) WithS3UseAccelerate(enable bool) *Config { - c.S3UseAccelerate = &enable - return c - -} - -// WithS3DisableContentMD5Validation sets a config -// S3DisableContentMD5Validation value returning a Config pointer for chaining. -func (c *Config) WithS3DisableContentMD5Validation(enable bool) *Config { - c.S3DisableContentMD5Validation = &enable - return c - -} - -// WithS3UseARNRegion sets a config S3UseARNRegion value and -// returning a Config pointer for chaining -func (c *Config) WithS3UseARNRegion(enable bool) *Config { - c.S3UseARNRegion = &enable - return c -} - -// WithUseDualStack sets a config UseDualStack value returning a Config -// pointer for chaining. -func (c *Config) WithUseDualStack(enable bool) *Config { - c.UseDualStack = &enable - return c -} - -// WithUseFIPSEndpoint sets a config UseFIPSEndpoint value returning a Config -// pointer for chaining. -func (c *Config) WithUseFIPSEndpoint(enable bool) *Config { - if enable { - c.UseFIPSEndpoint = endpoints.FIPSEndpointStateEnabled - } else { - c.UseFIPSEndpoint = endpoints.FIPSEndpointStateDisabled - } - return c -} - -// WithEC2MetadataDisableTimeoutOverride sets a config EC2MetadataDisableTimeoutOverride value -// returning a Config pointer for chaining. -func (c *Config) WithEC2MetadataDisableTimeoutOverride(enable bool) *Config { - c.EC2MetadataDisableTimeoutOverride = &enable - return c -} - -// WithEC2MetadataEnableFallback sets a config EC2MetadataEnableFallback value -// returning a Config pointer for chaining. -func (c *Config) WithEC2MetadataEnableFallback(v bool) *Config { - c.EC2MetadataEnableFallback = &v - return c -} - -// WithSleepDelay overrides the function used to sleep while waiting for the -// next retry. Defaults to time.Sleep. -func (c *Config) WithSleepDelay(fn func(time.Duration)) *Config { - c.SleepDelay = fn - return c -} - -// WithEndpointDiscovery will set whether or not to use endpoint discovery. -func (c *Config) WithEndpointDiscovery(t bool) *Config { - c.EnableEndpointDiscovery = &t - return c -} - -// WithDisableEndpointHostPrefix will set whether or not to use modeled host prefix -// when making requests. -func (c *Config) WithDisableEndpointHostPrefix(t bool) *Config { - c.DisableEndpointHostPrefix = &t - return c -} - -// WithSTSRegionalEndpoint will set whether or not to use regional endpoint flag -// when resolving the endpoint for a service -func (c *Config) WithSTSRegionalEndpoint(sre endpoints.STSRegionalEndpoint) *Config { - c.STSRegionalEndpoint = sre - return c -} - -// WithS3UsEast1RegionalEndpoint will set whether or not to use regional endpoint flag -// when resolving the endpoint for a service -func (c *Config) WithS3UsEast1RegionalEndpoint(sre endpoints.S3UsEast1RegionalEndpoint) *Config { - c.S3UsEast1RegionalEndpoint = sre - return c -} - -// WithLowerCaseHeaderMaps sets a config LowerCaseHeaderMaps value -// returning a Config pointer for chaining. -func (c *Config) WithLowerCaseHeaderMaps(t bool) *Config { - c.LowerCaseHeaderMaps = &t - return c -} - -// WithDisableRestProtocolURICleaning sets a config DisableRestProtocolURICleaning value -// returning a Config pointer for chaining. -func (c *Config) WithDisableRestProtocolURICleaning(t bool) *Config { - c.DisableRestProtocolURICleaning = &t - return c -} - -// MergeIn merges the passed in configs into the existing config object. -func (c *Config) MergeIn(cfgs ...*Config) { - for _, other := range cfgs { - mergeInConfig(c, other) - } -} - -func mergeInConfig(dst *Config, other *Config) { - if other == nil { - return - } - - if other.CredentialsChainVerboseErrors != nil { - dst.CredentialsChainVerboseErrors = other.CredentialsChainVerboseErrors - } - - if other.Credentials != nil { - dst.Credentials = other.Credentials - } - - if other.Endpoint != nil { - dst.Endpoint = other.Endpoint - } - - if other.EndpointResolver != nil { - dst.EndpointResolver = other.EndpointResolver - } - - if other.Region != nil { - dst.Region = other.Region - } - - if other.DisableSSL != nil { - dst.DisableSSL = other.DisableSSL - } - - if other.HTTPClient != nil { - dst.HTTPClient = other.HTTPClient - } - - if other.LogLevel != nil { - dst.LogLevel = other.LogLevel - } - - if other.Logger != nil { - dst.Logger = other.Logger - } - - if other.MaxRetries != nil { - dst.MaxRetries = other.MaxRetries - } - - if other.Retryer != nil { - dst.Retryer = other.Retryer - } - - if other.DisableParamValidation != nil { - dst.DisableParamValidation = other.DisableParamValidation - } - - if other.DisableComputeChecksums != nil { - dst.DisableComputeChecksums = other.DisableComputeChecksums - } - - if other.S3ForcePathStyle != nil { - dst.S3ForcePathStyle = other.S3ForcePathStyle - } - - if other.S3Disable100Continue != nil { - dst.S3Disable100Continue = other.S3Disable100Continue - } - - if other.S3UseAccelerate != nil { - dst.S3UseAccelerate = other.S3UseAccelerate - } - - if other.S3DisableContentMD5Validation != nil { - dst.S3DisableContentMD5Validation = other.S3DisableContentMD5Validation - } - - if other.S3UseARNRegion != nil { - dst.S3UseARNRegion = other.S3UseARNRegion - } - - if other.UseDualStack != nil { - dst.UseDualStack = other.UseDualStack - } - - if other.UseDualStackEndpoint != endpoints.DualStackEndpointStateUnset { - dst.UseDualStackEndpoint = other.UseDualStackEndpoint - } - - if other.EC2MetadataDisableTimeoutOverride != nil { - dst.EC2MetadataDisableTimeoutOverride = other.EC2MetadataDisableTimeoutOverride - } - - if other.EC2MetadataEnableFallback != nil { - dst.EC2MetadataEnableFallback = other.EC2MetadataEnableFallback - } - - if other.SleepDelay != nil { - dst.SleepDelay = other.SleepDelay - } - - if other.DisableRestProtocolURICleaning != nil { - dst.DisableRestProtocolURICleaning = other.DisableRestProtocolURICleaning - } - - if other.EnforceShouldRetryCheck != nil { - dst.EnforceShouldRetryCheck = other.EnforceShouldRetryCheck - } - - if other.EnableEndpointDiscovery != nil { - dst.EnableEndpointDiscovery = other.EnableEndpointDiscovery - } - - if other.DisableEndpointHostPrefix != nil { - dst.DisableEndpointHostPrefix = other.DisableEndpointHostPrefix - } - - if other.STSRegionalEndpoint != endpoints.UnsetSTSEndpoint { - dst.STSRegionalEndpoint = other.STSRegionalEndpoint - } - - if other.S3UsEast1RegionalEndpoint != endpoints.UnsetS3UsEast1Endpoint { - dst.S3UsEast1RegionalEndpoint = other.S3UsEast1RegionalEndpoint - } - - if other.LowerCaseHeaderMaps != nil { - dst.LowerCaseHeaderMaps = other.LowerCaseHeaderMaps - } - - if other.UseDualStackEndpoint != endpoints.DualStackEndpointStateUnset { - dst.UseDualStackEndpoint = other.UseDualStackEndpoint - } - - if other.UseFIPSEndpoint != endpoints.FIPSEndpointStateUnset { - dst.UseFIPSEndpoint = other.UseFIPSEndpoint - } -} - -// Copy will return a shallow copy of the Config object. If any additional -// configurations are provided they will be merged into the new config returned. -func (c *Config) Copy(cfgs ...*Config) *Config { - dst := &Config{} - dst.MergeIn(c) - - for _, cfg := range cfgs { - dst.MergeIn(cfg) - } - - return dst -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/context_1_5.go b/vendor/github.com/aws/aws-sdk-go/aws/context_1_5.go deleted file mode 100644 index 89aad2c6..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/context_1_5.go +++ /dev/null @@ -1,38 +0,0 @@ -//go:build !go1.9 -// +build !go1.9 - -package aws - -import "time" - -// Context is an copy of the Go v1.7 stdlib's context.Context interface. -// It is represented as a SDK interface to enable you to use the "WithContext" -// API methods with Go v1.6 and a Context type such as golang.org/x/net/context. -// -// See https://golang.org/pkg/context on how to use contexts. -type Context interface { - // Deadline returns the time when work done on behalf of this context - // should be canceled. Deadline returns ok==false when no deadline is - // set. Successive calls to Deadline return the same results. - Deadline() (deadline time.Time, ok bool) - - // Done returns a channel that's closed when work done on behalf of this - // context should be canceled. Done may return nil if this context can - // never be canceled. Successive calls to Done return the same value. - Done() <-chan struct{} - - // Err returns a non-nil error value after Done is closed. Err returns - // Canceled if the context was canceled or DeadlineExceeded if the - // context's deadline passed. No other values for Err are defined. - // After Done is closed, successive calls to Err return the same value. - Err() error - - // Value returns the value associated with this context for key, or nil - // if no value is associated with key. Successive calls to Value with - // the same key returns the same result. - // - // Use context values only for request-scoped data that transits - // processes and API boundaries, not for passing optional parameters to - // functions. - Value(key interface{}) interface{} -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/context_1_9.go b/vendor/github.com/aws/aws-sdk-go/aws/context_1_9.go deleted file mode 100644 index 6ee9ddd1..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/context_1_9.go +++ /dev/null @@ -1,12 +0,0 @@ -//go:build go1.9 -// +build go1.9 - -package aws - -import "context" - -// Context is an alias of the Go stdlib's context.Context interface. -// It can be used within the SDK's API operation "WithContext" methods. -// -// See https://golang.org/pkg/context on how to use contexts. -type Context = context.Context diff --git a/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go b/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go deleted file mode 100644 index 31321819..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go +++ /dev/null @@ -1,23 +0,0 @@ -//go:build !go1.7 -// +build !go1.7 - -package aws - -import ( - "github.com/aws/aws-sdk-go/internal/context" -) - -// BackgroundContext returns a context that will never be canceled, has no -// values, and no deadline. This context is used by the SDK to provide -// backwards compatibility with non-context API operations and functionality. -// -// Go 1.6 and before: -// This context function is equivalent to context.Background in the Go stdlib. -// -// Go 1.7 and later: -// The context returned will be the value returned by context.Background() -// -// See https://golang.org/pkg/context for more information on Contexts. -func BackgroundContext() Context { - return context.BackgroundCtx -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_7.go b/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_7.go deleted file mode 100644 index 9975d561..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_7.go +++ /dev/null @@ -1,21 +0,0 @@ -//go:build go1.7 -// +build go1.7 - -package aws - -import "context" - -// BackgroundContext returns a context that will never be canceled, has no -// values, and no deadline. This context is used by the SDK to provide -// backwards compatibility with non-context API operations and functionality. -// -// Go 1.6 and before: -// This context function is equivalent to context.Background in the Go stdlib. -// -// Go 1.7 and later: -// The context returned will be the value returned by context.Background() -// -// See https://golang.org/pkg/context for more information on Contexts. -func BackgroundContext() Context { - return context.Background() -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/context_sleep.go b/vendor/github.com/aws/aws-sdk-go/aws/context_sleep.go deleted file mode 100644 index 304fd156..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/context_sleep.go +++ /dev/null @@ -1,24 +0,0 @@ -package aws - -import ( - "time" -) - -// SleepWithContext will wait for the timer duration to expire, or the context -// is canceled. Which ever happens first. If the context is canceled the Context's -// error will be returned. -// -// Expects Context to always return a non-nil error if the Done channel is closed. -func SleepWithContext(ctx Context, dur time.Duration) error { - t := time.NewTimer(dur) - defer t.Stop() - - select { - case <-t.C: - break - case <-ctx.Done(): - return ctx.Err() - } - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go b/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go deleted file mode 100644 index 4e076c18..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/convert_types.go +++ /dev/null @@ -1,918 +0,0 @@ -package aws - -import "time" - -// String returns a pointer to the string value passed in. -func String(v string) *string { - return &v -} - -// StringValue returns the value of the string pointer passed in or -// "" if the pointer is nil. -func StringValue(v *string) string { - if v != nil { - return *v - } - return "" -} - -// StringSlice converts a slice of string values into a slice of -// string pointers -func StringSlice(src []string) []*string { - dst := make([]*string, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// StringValueSlice converts a slice of string pointers into a slice of -// string values -func StringValueSlice(src []*string) []string { - dst := make([]string, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// StringMap converts a string map of string values into a string -// map of string pointers -func StringMap(src map[string]string) map[string]*string { - dst := make(map[string]*string) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// StringValueMap converts a string map of string pointers into a string -// map of string values -func StringValueMap(src map[string]*string) map[string]string { - dst := make(map[string]string) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Bool returns a pointer to the bool value passed in. -func Bool(v bool) *bool { - return &v -} - -// BoolValue returns the value of the bool pointer passed in or -// false if the pointer is nil. -func BoolValue(v *bool) bool { - if v != nil { - return *v - } - return false -} - -// BoolSlice converts a slice of bool values into a slice of -// bool pointers -func BoolSlice(src []bool) []*bool { - dst := make([]*bool, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// BoolValueSlice converts a slice of bool pointers into a slice of -// bool values -func BoolValueSlice(src []*bool) []bool { - dst := make([]bool, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// BoolMap converts a string map of bool values into a string -// map of bool pointers -func BoolMap(src map[string]bool) map[string]*bool { - dst := make(map[string]*bool) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// BoolValueMap converts a string map of bool pointers into a string -// map of bool values -func BoolValueMap(src map[string]*bool) map[string]bool { - dst := make(map[string]bool) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Int returns a pointer to the int value passed in. -func Int(v int) *int { - return &v -} - -// IntValue returns the value of the int pointer passed in or -// 0 if the pointer is nil. -func IntValue(v *int) int { - if v != nil { - return *v - } - return 0 -} - -// IntSlice converts a slice of int values into a slice of -// int pointers -func IntSlice(src []int) []*int { - dst := make([]*int, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// IntValueSlice converts a slice of int pointers into a slice of -// int values -func IntValueSlice(src []*int) []int { - dst := make([]int, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// IntMap converts a string map of int values into a string -// map of int pointers -func IntMap(src map[string]int) map[string]*int { - dst := make(map[string]*int) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// IntValueMap converts a string map of int pointers into a string -// map of int values -func IntValueMap(src map[string]*int) map[string]int { - dst := make(map[string]int) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Uint returns a pointer to the uint value passed in. -func Uint(v uint) *uint { - return &v -} - -// UintValue returns the value of the uint pointer passed in or -// 0 if the pointer is nil. -func UintValue(v *uint) uint { - if v != nil { - return *v - } - return 0 -} - -// UintSlice converts a slice of uint values uinto a slice of -// uint pointers -func UintSlice(src []uint) []*uint { - dst := make([]*uint, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// UintValueSlice converts a slice of uint pointers uinto a slice of -// uint values -func UintValueSlice(src []*uint) []uint { - dst := make([]uint, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// UintMap converts a string map of uint values uinto a string -// map of uint pointers -func UintMap(src map[string]uint) map[string]*uint { - dst := make(map[string]*uint) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// UintValueMap converts a string map of uint pointers uinto a string -// map of uint values -func UintValueMap(src map[string]*uint) map[string]uint { - dst := make(map[string]uint) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Int8 returns a pointer to the int8 value passed in. -func Int8(v int8) *int8 { - return &v -} - -// Int8Value returns the value of the int8 pointer passed in or -// 0 if the pointer is nil. -func Int8Value(v *int8) int8 { - if v != nil { - return *v - } - return 0 -} - -// Int8Slice converts a slice of int8 values into a slice of -// int8 pointers -func Int8Slice(src []int8) []*int8 { - dst := make([]*int8, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Int8ValueSlice converts a slice of int8 pointers into a slice of -// int8 values -func Int8ValueSlice(src []*int8) []int8 { - dst := make([]int8, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Int8Map converts a string map of int8 values into a string -// map of int8 pointers -func Int8Map(src map[string]int8) map[string]*int8 { - dst := make(map[string]*int8) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Int8ValueMap converts a string map of int8 pointers into a string -// map of int8 values -func Int8ValueMap(src map[string]*int8) map[string]int8 { - dst := make(map[string]int8) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Int16 returns a pointer to the int16 value passed in. -func Int16(v int16) *int16 { - return &v -} - -// Int16Value returns the value of the int16 pointer passed in or -// 0 if the pointer is nil. -func Int16Value(v *int16) int16 { - if v != nil { - return *v - } - return 0 -} - -// Int16Slice converts a slice of int16 values into a slice of -// int16 pointers -func Int16Slice(src []int16) []*int16 { - dst := make([]*int16, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Int16ValueSlice converts a slice of int16 pointers into a slice of -// int16 values -func Int16ValueSlice(src []*int16) []int16 { - dst := make([]int16, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Int16Map converts a string map of int16 values into a string -// map of int16 pointers -func Int16Map(src map[string]int16) map[string]*int16 { - dst := make(map[string]*int16) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Int16ValueMap converts a string map of int16 pointers into a string -// map of int16 values -func Int16ValueMap(src map[string]*int16) map[string]int16 { - dst := make(map[string]int16) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Int32 returns a pointer to the int32 value passed in. -func Int32(v int32) *int32 { - return &v -} - -// Int32Value returns the value of the int32 pointer passed in or -// 0 if the pointer is nil. -func Int32Value(v *int32) int32 { - if v != nil { - return *v - } - return 0 -} - -// Int32Slice converts a slice of int32 values into a slice of -// int32 pointers -func Int32Slice(src []int32) []*int32 { - dst := make([]*int32, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Int32ValueSlice converts a slice of int32 pointers into a slice of -// int32 values -func Int32ValueSlice(src []*int32) []int32 { - dst := make([]int32, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Int32Map converts a string map of int32 values into a string -// map of int32 pointers -func Int32Map(src map[string]int32) map[string]*int32 { - dst := make(map[string]*int32) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Int32ValueMap converts a string map of int32 pointers into a string -// map of int32 values -func Int32ValueMap(src map[string]*int32) map[string]int32 { - dst := make(map[string]int32) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Int64 returns a pointer to the int64 value passed in. -func Int64(v int64) *int64 { - return &v -} - -// Int64Value returns the value of the int64 pointer passed in or -// 0 if the pointer is nil. -func Int64Value(v *int64) int64 { - if v != nil { - return *v - } - return 0 -} - -// Int64Slice converts a slice of int64 values into a slice of -// int64 pointers -func Int64Slice(src []int64) []*int64 { - dst := make([]*int64, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Int64ValueSlice converts a slice of int64 pointers into a slice of -// int64 values -func Int64ValueSlice(src []*int64) []int64 { - dst := make([]int64, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Int64Map converts a string map of int64 values into a string -// map of int64 pointers -func Int64Map(src map[string]int64) map[string]*int64 { - dst := make(map[string]*int64) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Int64ValueMap converts a string map of int64 pointers into a string -// map of int64 values -func Int64ValueMap(src map[string]*int64) map[string]int64 { - dst := make(map[string]int64) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Uint8 returns a pointer to the uint8 value passed in. -func Uint8(v uint8) *uint8 { - return &v -} - -// Uint8Value returns the value of the uint8 pointer passed in or -// 0 if the pointer is nil. -func Uint8Value(v *uint8) uint8 { - if v != nil { - return *v - } - return 0 -} - -// Uint8Slice converts a slice of uint8 values into a slice of -// uint8 pointers -func Uint8Slice(src []uint8) []*uint8 { - dst := make([]*uint8, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Uint8ValueSlice converts a slice of uint8 pointers into a slice of -// uint8 values -func Uint8ValueSlice(src []*uint8) []uint8 { - dst := make([]uint8, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Uint8Map converts a string map of uint8 values into a string -// map of uint8 pointers -func Uint8Map(src map[string]uint8) map[string]*uint8 { - dst := make(map[string]*uint8) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Uint8ValueMap converts a string map of uint8 pointers into a string -// map of uint8 values -func Uint8ValueMap(src map[string]*uint8) map[string]uint8 { - dst := make(map[string]uint8) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Uint16 returns a pointer to the uint16 value passed in. -func Uint16(v uint16) *uint16 { - return &v -} - -// Uint16Value returns the value of the uint16 pointer passed in or -// 0 if the pointer is nil. -func Uint16Value(v *uint16) uint16 { - if v != nil { - return *v - } - return 0 -} - -// Uint16Slice converts a slice of uint16 values into a slice of -// uint16 pointers -func Uint16Slice(src []uint16) []*uint16 { - dst := make([]*uint16, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Uint16ValueSlice converts a slice of uint16 pointers into a slice of -// uint16 values -func Uint16ValueSlice(src []*uint16) []uint16 { - dst := make([]uint16, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Uint16Map converts a string map of uint16 values into a string -// map of uint16 pointers -func Uint16Map(src map[string]uint16) map[string]*uint16 { - dst := make(map[string]*uint16) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Uint16ValueMap converts a string map of uint16 pointers into a string -// map of uint16 values -func Uint16ValueMap(src map[string]*uint16) map[string]uint16 { - dst := make(map[string]uint16) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Uint32 returns a pointer to the uint32 value passed in. -func Uint32(v uint32) *uint32 { - return &v -} - -// Uint32Value returns the value of the uint32 pointer passed in or -// 0 if the pointer is nil. -func Uint32Value(v *uint32) uint32 { - if v != nil { - return *v - } - return 0 -} - -// Uint32Slice converts a slice of uint32 values into a slice of -// uint32 pointers -func Uint32Slice(src []uint32) []*uint32 { - dst := make([]*uint32, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Uint32ValueSlice converts a slice of uint32 pointers into a slice of -// uint32 values -func Uint32ValueSlice(src []*uint32) []uint32 { - dst := make([]uint32, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Uint32Map converts a string map of uint32 values into a string -// map of uint32 pointers -func Uint32Map(src map[string]uint32) map[string]*uint32 { - dst := make(map[string]*uint32) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Uint32ValueMap converts a string map of uint32 pointers into a string -// map of uint32 values -func Uint32ValueMap(src map[string]*uint32) map[string]uint32 { - dst := make(map[string]uint32) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Uint64 returns a pointer to the uint64 value passed in. -func Uint64(v uint64) *uint64 { - return &v -} - -// Uint64Value returns the value of the uint64 pointer passed in or -// 0 if the pointer is nil. -func Uint64Value(v *uint64) uint64 { - if v != nil { - return *v - } - return 0 -} - -// Uint64Slice converts a slice of uint64 values into a slice of -// uint64 pointers -func Uint64Slice(src []uint64) []*uint64 { - dst := make([]*uint64, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Uint64ValueSlice converts a slice of uint64 pointers into a slice of -// uint64 values -func Uint64ValueSlice(src []*uint64) []uint64 { - dst := make([]uint64, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Uint64Map converts a string map of uint64 values into a string -// map of uint64 pointers -func Uint64Map(src map[string]uint64) map[string]*uint64 { - dst := make(map[string]*uint64) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Uint64ValueMap converts a string map of uint64 pointers into a string -// map of uint64 values -func Uint64ValueMap(src map[string]*uint64) map[string]uint64 { - dst := make(map[string]uint64) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Float32 returns a pointer to the float32 value passed in. -func Float32(v float32) *float32 { - return &v -} - -// Float32Value returns the value of the float32 pointer passed in or -// 0 if the pointer is nil. -func Float32Value(v *float32) float32 { - if v != nil { - return *v - } - return 0 -} - -// Float32Slice converts a slice of float32 values into a slice of -// float32 pointers -func Float32Slice(src []float32) []*float32 { - dst := make([]*float32, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Float32ValueSlice converts a slice of float32 pointers into a slice of -// float32 values -func Float32ValueSlice(src []*float32) []float32 { - dst := make([]float32, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Float32Map converts a string map of float32 values into a string -// map of float32 pointers -func Float32Map(src map[string]float32) map[string]*float32 { - dst := make(map[string]*float32) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Float32ValueMap converts a string map of float32 pointers into a string -// map of float32 values -func Float32ValueMap(src map[string]*float32) map[string]float32 { - dst := make(map[string]float32) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Float64 returns a pointer to the float64 value passed in. -func Float64(v float64) *float64 { - return &v -} - -// Float64Value returns the value of the float64 pointer passed in or -// 0 if the pointer is nil. -func Float64Value(v *float64) float64 { - if v != nil { - return *v - } - return 0 -} - -// Float64Slice converts a slice of float64 values into a slice of -// float64 pointers -func Float64Slice(src []float64) []*float64 { - dst := make([]*float64, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// Float64ValueSlice converts a slice of float64 pointers into a slice of -// float64 values -func Float64ValueSlice(src []*float64) []float64 { - dst := make([]float64, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// Float64Map converts a string map of float64 values into a string -// map of float64 pointers -func Float64Map(src map[string]float64) map[string]*float64 { - dst := make(map[string]*float64) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// Float64ValueMap converts a string map of float64 pointers into a string -// map of float64 values -func Float64ValueMap(src map[string]*float64) map[string]float64 { - dst := make(map[string]float64) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} - -// Time returns a pointer to the time.Time value passed in. -func Time(v time.Time) *time.Time { - return &v -} - -// TimeValue returns the value of the time.Time pointer passed in or -// time.Time{} if the pointer is nil. -func TimeValue(v *time.Time) time.Time { - if v != nil { - return *v - } - return time.Time{} -} - -// SecondsTimeValue converts an int64 pointer to a time.Time value -// representing seconds since Epoch or time.Time{} if the pointer is nil. -func SecondsTimeValue(v *int64) time.Time { - if v != nil { - return time.Unix((*v / 1000), 0) - } - return time.Time{} -} - -// MillisecondsTimeValue converts an int64 pointer to a time.Time value -// representing milliseconds sinch Epoch or time.Time{} if the pointer is nil. -func MillisecondsTimeValue(v *int64) time.Time { - if v != nil { - return time.Unix(0, (*v * 1000000)) - } - return time.Time{} -} - -// TimeUnixMilli returns a Unix timestamp in milliseconds from "January 1, 1970 UTC". -// The result is undefined if the Unix time cannot be represented by an int64. -// Which includes calling TimeUnixMilli on a zero Time is undefined. -// -// This utility is useful for service API's such as CloudWatch Logs which require -// their unix time values to be in milliseconds. -// -// See Go stdlib https://golang.org/pkg/time/#Time.UnixNano for more information. -func TimeUnixMilli(t time.Time) int64 { - return t.UnixNano() / int64(time.Millisecond/time.Nanosecond) -} - -// TimeSlice converts a slice of time.Time values into a slice of -// time.Time pointers -func TimeSlice(src []time.Time) []*time.Time { - dst := make([]*time.Time, len(src)) - for i := 0; i < len(src); i++ { - dst[i] = &(src[i]) - } - return dst -} - -// TimeValueSlice converts a slice of time.Time pointers into a slice of -// time.Time values -func TimeValueSlice(src []*time.Time) []time.Time { - dst := make([]time.Time, len(src)) - for i := 0; i < len(src); i++ { - if src[i] != nil { - dst[i] = *(src[i]) - } - } - return dst -} - -// TimeMap converts a string map of time.Time values into a string -// map of time.Time pointers -func TimeMap(src map[string]time.Time) map[string]*time.Time { - dst := make(map[string]*time.Time) - for k, val := range src { - v := val - dst[k] = &v - } - return dst -} - -// TimeValueMap converts a string map of time.Time pointers into a string -// map of time.Time values -func TimeValueMap(src map[string]*time.Time) map[string]time.Time { - dst := make(map[string]time.Time) - for k, val := range src { - if val != nil { - dst[k] = *val - } - } - return dst -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go deleted file mode 100644 index 140242dd..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go +++ /dev/null @@ -1,4 +0,0 @@ -// DO NOT EDIT -package corehandlers - -const isAwsInternal = "" \ No newline at end of file diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go deleted file mode 100644 index 36a915ef..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go +++ /dev/null @@ -1,232 +0,0 @@ -package corehandlers - -import ( - "bytes" - "fmt" - "io/ioutil" - "net/http" - "net/url" - "regexp" - "strconv" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" -) - -// Interface for matching types which also have a Len method. -type lener interface { - Len() int -} - -// BuildContentLengthHandler builds the content length of a request based on the body, -// or will use the HTTPRequest.Header's "Content-Length" if defined. If unable -// to determine request body length and no "Content-Length" was specified it will panic. -// -// The Content-Length will only be added to the request if the length of the body -// is greater than 0. If the body is empty or the current `Content-Length` -// header is <= 0, the header will also be stripped. -var BuildContentLengthHandler = request.NamedHandler{Name: "core.BuildContentLengthHandler", Fn: func(r *request.Request) { - var length int64 - - if slength := r.HTTPRequest.Header.Get("Content-Length"); slength != "" { - length, _ = strconv.ParseInt(slength, 10, 64) - } else { - if r.Body != nil { - var err error - length, err = aws.SeekerLen(r.Body) - if err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "failed to get request body's length", err) - return - } - } - } - - if length > 0 { - r.HTTPRequest.ContentLength = length - r.HTTPRequest.Header.Set("Content-Length", fmt.Sprintf("%d", length)) - } else { - r.HTTPRequest.ContentLength = 0 - r.HTTPRequest.Header.Del("Content-Length") - } -}} - -var reStatusCode = regexp.MustCompile(`^(\d{3})`) - -// ValidateReqSigHandler is a request handler to ensure that the request's -// signature doesn't expire before it is sent. This can happen when a request -// is built and signed significantly before it is sent. Or significant delays -// occur when retrying requests that would cause the signature to expire. -var ValidateReqSigHandler = request.NamedHandler{ - Name: "core.ValidateReqSigHandler", - Fn: func(r *request.Request) { - // Unsigned requests are not signed - if r.Config.Credentials == credentials.AnonymousCredentials { - return - } - - signedTime := r.Time - if !r.LastSignedAt.IsZero() { - signedTime = r.LastSignedAt - } - - // 5 minutes to allow for some clock skew/delays in transmission. - // Would be improved with aws/aws-sdk-go#423 - if signedTime.Add(5 * time.Minute).After(time.Now()) { - return - } - - fmt.Println("request expired, resigning") - r.Sign() - }, -} - -// SendHandler is a request handler to send service request using HTTP client. -var SendHandler = request.NamedHandler{ - Name: "core.SendHandler", - Fn: func(r *request.Request) { - sender := sendFollowRedirects - if r.DisableFollowRedirects { - sender = sendWithoutFollowRedirects - } - - if request.NoBody == r.HTTPRequest.Body { - // Strip off the request body if the NoBody reader was used as a - // place holder for a request body. This prevents the SDK from - // making requests with a request body when it would be invalid - // to do so. - // - // Use a shallow copy of the http.Request to ensure the race condition - // of transport on Body will not trigger - reqOrig, reqCopy := r.HTTPRequest, *r.HTTPRequest - reqCopy.Body = nil - r.HTTPRequest = &reqCopy - defer func() { - r.HTTPRequest = reqOrig - }() - } - - var err error - r.HTTPResponse, err = sender(r) - if err != nil { - handleSendError(r, err) - } - }, -} - -func sendFollowRedirects(r *request.Request) (*http.Response, error) { - return r.Config.HTTPClient.Do(r.HTTPRequest) -} - -func sendWithoutFollowRedirects(r *request.Request) (*http.Response, error) { - transport := r.Config.HTTPClient.Transport - if transport == nil { - transport = http.DefaultTransport - } - - return transport.RoundTrip(r.HTTPRequest) -} - -func handleSendError(r *request.Request, err error) { - // Prevent leaking if an HTTPResponse was returned. Clean up - // the body. - if r.HTTPResponse != nil { - r.HTTPResponse.Body.Close() - } - // Capture the case where url.Error is returned for error processing - // response. e.g. 301 without location header comes back as string - // error and r.HTTPResponse is nil. Other URL redirect errors will - // comeback in a similar method. - if e, ok := err.(*url.Error); ok && e.Err != nil { - if s := reStatusCode.FindStringSubmatch(e.Err.Error()); s != nil { - code, _ := strconv.ParseInt(s[1], 10, 64) - r.HTTPResponse = &http.Response{ - StatusCode: int(code), - Status: http.StatusText(int(code)), - Body: ioutil.NopCloser(bytes.NewReader([]byte{})), - } - return - } - } - if r.HTTPResponse == nil { - // Add a dummy request response object to ensure the HTTPResponse - // value is consistent. - r.HTTPResponse = &http.Response{ - StatusCode: int(0), - Status: http.StatusText(int(0)), - Body: ioutil.NopCloser(bytes.NewReader([]byte{})), - } - } - // Catch all request errors, and let the default retrier determine - // if the error is retryable. - r.Error = awserr.New(request.ErrCodeRequestError, "send request failed", err) - - // Override the error with a context canceled error, if that was canceled. - ctx := r.Context() - select { - case <-ctx.Done(): - r.Error = awserr.New(request.CanceledErrorCode, - "request context canceled", ctx.Err()) - r.Retryable = aws.Bool(false) - default: - } -} - -// ValidateResponseHandler is a request handler to validate service response. -var ValidateResponseHandler = request.NamedHandler{Name: "core.ValidateResponseHandler", Fn: func(r *request.Request) { - if r.HTTPResponse.StatusCode == 0 || r.HTTPResponse.StatusCode >= 300 { - // this may be replaced by an UnmarshalError handler - r.Error = awserr.New("UnknownError", "unknown error", r.Error) - } -}} - -// AfterRetryHandler performs final checks to determine if the request should -// be retried and how long to delay. -var AfterRetryHandler = request.NamedHandler{ - Name: "core.AfterRetryHandler", - Fn: func(r *request.Request) { - // If one of the other handlers already set the retry state - // we don't want to override it based on the service's state - if r.Retryable == nil || aws.BoolValue(r.Config.EnforceShouldRetryCheck) { - r.Retryable = aws.Bool(r.ShouldRetry(r)) - } - - if r.WillRetry() { - r.RetryDelay = r.RetryRules(r) - - if sleepFn := r.Config.SleepDelay; sleepFn != nil { - // Support SleepDelay for backwards compatibility and testing - sleepFn(r.RetryDelay) - } else if err := aws.SleepWithContext(r.Context(), r.RetryDelay); err != nil { - r.Error = awserr.New(request.CanceledErrorCode, - "request context canceled", err) - r.Retryable = aws.Bool(false) - return - } - - // when the expired token exception occurs the credentials - // need to be expired locally so that the next request to - // get credentials will trigger a credentials refresh. - if r.IsErrorExpired() { - r.Config.Credentials.Expire() - } - - r.RetryCount++ - r.Error = nil - } - }} - -// ValidateEndpointHandler is a request handler to validate a request had the -// appropriate Region and Endpoint set. Will set r.Error if the endpoint or -// region is not valid. -var ValidateEndpointHandler = request.NamedHandler{Name: "core.ValidateEndpointHandler", Fn: func(r *request.Request) { - if r.ClientInfo.SigningRegion == "" && aws.StringValue(r.Config.Region) == "" { - r.Error = aws.ErrMissingRegion - } else if r.ClientInfo.Endpoint == "" { - // Was any endpoint provided by the user, or one was derived by the - // SDK's endpoint resolver? - r.Error = aws.ErrMissingEndpoint - } -}} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/param_validator.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/param_validator.go deleted file mode 100644 index 7d50b155..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/param_validator.go +++ /dev/null @@ -1,17 +0,0 @@ -package corehandlers - -import "github.com/aws/aws-sdk-go/aws/request" - -// ValidateParametersHandler is a request handler to validate the input parameters. -// Validating parameters only has meaning if done prior to the request being sent. -var ValidateParametersHandler = request.NamedHandler{Name: "core.ValidateParametersHandler", Fn: func(r *request.Request) { - if !r.ParamsFilled() { - return - } - - if v, ok := r.Params.(request.Validator); ok { - if err := v.Validate(); err != nil { - r.Error = err - } - } -}} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go b/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go deleted file mode 100644 index ac842c55..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go +++ /dev/null @@ -1,47 +0,0 @@ -package corehandlers - -import ( - "os" - "runtime" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" -) - -// SDKVersionUserAgentHandler is a request handler for adding the SDK Version -// to the user agent. -var SDKVersionUserAgentHandler = request.NamedHandler{ - Name: "core.SDKVersionUserAgentHandler", - Fn: request.MakeAddToUserAgentHandler(aws.SDKName, aws.SDKVersion, - runtime.Version(), runtime.GOOS, runtime.GOARCH), -} - -const execEnvVar = `AWS_EXECUTION_ENV` -const execEnvUAKey = `exec-env` - -// AddHostExecEnvUserAgentHander is a request handler appending the SDK's -// execution environment to the user agent. -// -// If the environment variable AWS_EXECUTION_ENV is set, its value will be -// appended to the user agent string. -var AddHostExecEnvUserAgentHander = request.NamedHandler{ - Name: "core.AddHostExecEnvUserAgentHander", - Fn: func(r *request.Request) { - v := os.Getenv(execEnvVar) - if len(v) == 0 { - return - } - - request.AddToUserAgent(r, execEnvUAKey+"/"+v) - }, -} - -var AddAwsInternal = request.NamedHandler{ - Name: "core.AddAwsInternal", - Fn: func(r *request.Request) { - if len(isAwsInternal) == 0 { - return - } - request.AddToUserAgent(r, isAwsInternal) - }, -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/chain_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/chain_provider.go deleted file mode 100644 index 3ad1e798..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/chain_provider.go +++ /dev/null @@ -1,100 +0,0 @@ -package credentials - -import ( - "github.com/aws/aws-sdk-go/aws/awserr" -) - -var ( - // ErrNoValidProvidersFoundInChain Is returned when there are no valid - // providers in the ChainProvider. - // - // This has been deprecated. For verbose error messaging set - // aws.Config.CredentialsChainVerboseErrors to true. - ErrNoValidProvidersFoundInChain = awserr.New("NoCredentialProviders", - `no valid providers in chain. Deprecated. - For verbose messaging see aws.Config.CredentialsChainVerboseErrors`, - nil) -) - -// A ChainProvider will search for a provider which returns credentials -// and cache that provider until Retrieve is called again. -// -// The ChainProvider provides a way of chaining multiple providers together -// which will pick the first available using priority order of the Providers -// in the list. -// -// If none of the Providers retrieve valid credentials Value, ChainProvider's -// Retrieve() will return the error ErrNoValidProvidersFoundInChain. -// -// If a Provider is found which returns valid credentials Value ChainProvider -// will cache that Provider for all calls to IsExpired(), until Retrieve is -// called again. -// -// Example of ChainProvider to be used with an EnvProvider and EC2RoleProvider. -// In this example EnvProvider will first check if any credentials are available -// via the environment variables. If there are none ChainProvider will check -// the next Provider in the list, EC2RoleProvider in this case. If EC2RoleProvider -// does not return any credentials ChainProvider will return the error -// ErrNoValidProvidersFoundInChain -// -// creds := credentials.NewChainCredentials( -// []credentials.Provider{ -// &credentials.EnvProvider{}, -// &ec2rolecreds.EC2RoleProvider{ -// Client: ec2metadata.New(sess), -// }, -// }) -// -// // Usage of ChainCredentials with aws.Config -// svc := ec2.New(session.Must(session.NewSession(&aws.Config{ -// Credentials: creds, -// }))) -// -type ChainProvider struct { - Providers []Provider - curr Provider - VerboseErrors bool -} - -// NewChainCredentials returns a pointer to a new Credentials object -// wrapping a chain of providers. -func NewChainCredentials(providers []Provider) *Credentials { - return NewCredentials(&ChainProvider{ - Providers: append([]Provider{}, providers...), - }) -} - -// Retrieve returns the credentials value or error if no provider returned -// without error. -// -// If a provider is found it will be cached and any calls to IsExpired() -// will return the expired state of the cached provider. -func (c *ChainProvider) Retrieve() (Value, error) { - var errs []error - for _, p := range c.Providers { - creds, err := p.Retrieve() - if err == nil { - c.curr = p - return creds, nil - } - errs = append(errs, err) - } - c.curr = nil - - var err error - err = ErrNoValidProvidersFoundInChain - if c.VerboseErrors { - err = awserr.NewBatchError("NoCredentialProviders", "no valid providers in chain", errs) - } - return Value{}, err -} - -// IsExpired will returned the expired state of the currently cached provider -// if there is one. If there is no current provider, true will be returned. -func (c *ChainProvider) IsExpired() bool { - if c.curr != nil { - return c.curr.IsExpired() - } - - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go deleted file mode 100644 index 6e3406b1..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go +++ /dev/null @@ -1,23 +0,0 @@ -//go:build !go1.7 -// +build !go1.7 - -package credentials - -import ( - "github.com/aws/aws-sdk-go/internal/context" -) - -// backgroundContext returns a context that will never be canceled, has no -// values, and no deadline. This context is used by the SDK to provide -// backwards compatibility with non-context API operations and functionality. -// -// Go 1.6 and before: -// This context function is equivalent to context.Background in the Go stdlib. -// -// Go 1.7 and later: -// The context returned will be the value returned by context.Background() -// -// See https://golang.org/pkg/context for more information on Contexts. -func backgroundContext() Context { - return context.BackgroundCtx -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go deleted file mode 100644 index a68df0ee..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go +++ /dev/null @@ -1,21 +0,0 @@ -//go:build go1.7 -// +build go1.7 - -package credentials - -import "context" - -// backgroundContext returns a context that will never be canceled, has no -// values, and no deadline. This context is used by the SDK to provide -// backwards compatibility with non-context API operations and functionality. -// -// Go 1.6 and before: -// This context function is equivalent to context.Background in the Go stdlib. -// -// Go 1.7 and later: -// The context returned will be the value returned by context.Background() -// -// See https://golang.org/pkg/context for more information on Contexts. -func backgroundContext() Context { - return context.Background() -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go deleted file mode 100644 index 0345fab2..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go +++ /dev/null @@ -1,40 +0,0 @@ -//go:build !go1.9 -// +build !go1.9 - -package credentials - -import "time" - -// Context is an copy of the Go v1.7 stdlib's context.Context interface. -// It is represented as a SDK interface to enable you to use the "WithContext" -// API methods with Go v1.6 and a Context type such as golang.org/x/net/context. -// -// This type, aws.Context, and context.Context are equivalent. -// -// See https://golang.org/pkg/context on how to use contexts. -type Context interface { - // Deadline returns the time when work done on behalf of this context - // should be canceled. Deadline returns ok==false when no deadline is - // set. Successive calls to Deadline return the same results. - Deadline() (deadline time.Time, ok bool) - - // Done returns a channel that's closed when work done on behalf of this - // context should be canceled. Done may return nil if this context can - // never be canceled. Successive calls to Done return the same value. - Done() <-chan struct{} - - // Err returns a non-nil error value after Done is closed. Err returns - // Canceled if the context was canceled or DeadlineExceeded if the - // context's deadline passed. No other values for Err are defined. - // After Done is closed, successive calls to Err return the same value. - Err() error - - // Value returns the value associated with this context for key, or nil - // if no value is associated with key. Successive calls to Value with - // the same key returns the same result. - // - // Use context values only for request-scoped data that transits - // processes and API boundaries, not for passing optional parameters to - // functions. - Value(key interface{}) interface{} -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go deleted file mode 100644 index 79018aba..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go +++ /dev/null @@ -1,14 +0,0 @@ -//go:build go1.9 -// +build go1.9 - -package credentials - -import "context" - -// Context is an alias of the Go stdlib's context.Context interface. -// It can be used within the SDK's API operation "WithContext" methods. -// -// This type, aws.Context, and context.Context are equivalent. -// -// See https://golang.org/pkg/context on how to use contexts. -type Context = context.Context diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go deleted file mode 100644 index a880a3de..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/credentials.go +++ /dev/null @@ -1,383 +0,0 @@ -// Package credentials provides credential retrieval and management -// -// The Credentials is the primary method of getting access to and managing -// credentials Values. Using dependency injection retrieval of the credential -// values is handled by a object which satisfies the Provider interface. -// -// By default the Credentials.Get() will cache the successful result of a -// Provider's Retrieve() until Provider.IsExpired() returns true. At which -// point Credentials will call Provider's Retrieve() to get new credential Value. -// -// The Provider is responsible for determining when credentials Value have expired. -// It is also important to note that Credentials will always call Retrieve the -// first time Credentials.Get() is called. -// -// Example of using the environment variable credentials. -// -// creds := credentials.NewEnvCredentials() -// -// // Retrieve the credentials value -// credValue, err := creds.Get() -// if err != nil { -// // handle error -// } -// -// Example of forcing credentials to expire and be refreshed on the next Get(). -// This may be helpful to proactively expire credentials and refresh them sooner -// than they would naturally expire on their own. -// -// creds := credentials.NewCredentials(&ec2rolecreds.EC2RoleProvider{}) -// creds.Expire() -// credsValue, err := creds.Get() -// // New credentials will be retrieved instead of from cache. -// -// -// Custom Provider -// -// Each Provider built into this package also provides a helper method to generate -// a Credentials pointer setup with the provider. To use a custom Provider just -// create a type which satisfies the Provider interface and pass it to the -// NewCredentials method. -// -// type MyProvider struct{} -// func (m *MyProvider) Retrieve() (Value, error) {...} -// func (m *MyProvider) IsExpired() bool {...} -// -// creds := credentials.NewCredentials(&MyProvider{}) -// credValue, err := creds.Get() -// -package credentials - -import ( - "fmt" - "sync" - "time" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/internal/sync/singleflight" -) - -// AnonymousCredentials is an empty Credential object that can be used as -// dummy placeholder credentials for requests that do not need signed. -// -// This Credentials can be used to configure a service to not sign requests -// when making service API calls. For example, when accessing public -// s3 buckets. -// -// svc := s3.New(session.Must(session.NewSession(&aws.Config{ -// Credentials: credentials.AnonymousCredentials, -// }))) -// // Access public S3 buckets. -var AnonymousCredentials = NewStaticCredentials("", "", "") - -// A Value is the AWS credentials value for individual credential fields. -type Value struct { - // AWS Access key ID - AccessKeyID string - - // AWS Secret Access Key - SecretAccessKey string - - // AWS Session Token - SessionToken string - - // Provider used to get credentials - ProviderName string -} - -// HasKeys returns if the credentials Value has both AccessKeyID and -// SecretAccessKey value set. -func (v Value) HasKeys() bool { - return len(v.AccessKeyID) != 0 && len(v.SecretAccessKey) != 0 -} - -// A Provider is the interface for any component which will provide credentials -// Value. A provider is required to manage its own Expired state, and what to -// be expired means. -// -// The Provider should not need to implement its own mutexes, because -// that will be managed by Credentials. -type Provider interface { - // Retrieve returns nil if it successfully retrieved the value. - // Error is returned if the value were not obtainable, or empty. - Retrieve() (Value, error) - - // IsExpired returns if the credentials are no longer valid, and need - // to be retrieved. - IsExpired() bool -} - -// ProviderWithContext is a Provider that can retrieve credentials with a Context -type ProviderWithContext interface { - Provider - - RetrieveWithContext(Context) (Value, error) -} - -// An Expirer is an interface that Providers can implement to expose the expiration -// time, if known. If the Provider cannot accurately provide this info, -// it should not implement this interface. -type Expirer interface { - // The time at which the credentials are no longer valid - ExpiresAt() time.Time -} - -// An ErrorProvider is a stub credentials provider that always returns an error -// this is used by the SDK when construction a known provider is not possible -// due to an error. -type ErrorProvider struct { - // The error to be returned from Retrieve - Err error - - // The provider name to set on the Retrieved returned Value - ProviderName string -} - -// Retrieve will always return the error that the ErrorProvider was created with. -func (p ErrorProvider) Retrieve() (Value, error) { - return Value{ProviderName: p.ProviderName}, p.Err -} - -// IsExpired will always return not expired. -func (p ErrorProvider) IsExpired() bool { - return false -} - -// A Expiry provides shared expiration logic to be used by credentials -// providers to implement expiry functionality. -// -// The best method to use this struct is as an anonymous field within the -// provider's struct. -// -// Example: -// type EC2RoleProvider struct { -// Expiry -// ... -// } -type Expiry struct { - // The date/time when to expire on - expiration time.Time - - // If set will be used by IsExpired to determine the current time. - // Defaults to time.Now if CurrentTime is not set. Available for testing - // to be able to mock out the current time. - CurrentTime func() time.Time -} - -// SetExpiration sets the expiration IsExpired will check when called. -// -// If window is greater than 0 the expiration time will be reduced by the -// window value. -// -// Using a window is helpful to trigger credentials to expire sooner than -// the expiration time given to ensure no requests are made with expired -// tokens. -func (e *Expiry) SetExpiration(expiration time.Time, window time.Duration) { - // Passed in expirations should have the monotonic clock values stripped. - // This ensures time comparisons will be based on wall-time. - e.expiration = expiration.Round(0) - if window > 0 { - e.expiration = e.expiration.Add(-window) - } -} - -// IsExpired returns if the credentials are expired. -func (e *Expiry) IsExpired() bool { - curTime := e.CurrentTime - if curTime == nil { - curTime = time.Now - } - return e.expiration.Before(curTime()) -} - -// ExpiresAt returns the expiration time of the credential -func (e *Expiry) ExpiresAt() time.Time { - return e.expiration -} - -// A Credentials provides concurrency safe retrieval of AWS credentials Value. -// Credentials will cache the credentials value until they expire. Once the value -// expires the next Get will attempt to retrieve valid credentials. -// -// Credentials is safe to use across multiple goroutines and will manage the -// synchronous state so the Providers do not need to implement their own -// synchronization. -// -// The first Credentials.Get() will always call Provider.Retrieve() to get the -// first instance of the credentials Value. All calls to Get() after that -// will return the cached credentials Value until IsExpired() returns true. -type Credentials struct { - sf singleflight.Group - - m sync.RWMutex - creds Value - provider Provider -} - -// NewCredentials returns a pointer to a new Credentials with the provider set. -func NewCredentials(provider Provider) *Credentials { - c := &Credentials{ - provider: provider, - } - return c -} - -// GetWithContext returns the credentials value, or error if the credentials -// Value failed to be retrieved. Will return early if the passed in context is -// canceled. -// -// Will return the cached credentials Value if it has not expired. If the -// credentials Value has expired the Provider's Retrieve() will be called -// to refresh the credentials. -// -// If Credentials.Expire() was called the credentials Value will be force -// expired, and the next call to Get() will cause them to be refreshed. -// -// Passed in Context is equivalent to aws.Context, and context.Context. -func (c *Credentials) GetWithContext(ctx Context) (Value, error) { - // Check if credentials are cached, and not expired. - select { - case curCreds, ok := <-c.asyncIsExpired(): - // ok will only be true, of the credentials were not expired. ok will - // be false and have no value if the credentials are expired. - if ok { - return curCreds, nil - } - case <-ctx.Done(): - return Value{}, awserr.New("RequestCanceled", - "request context canceled", ctx.Err()) - } - - // Cannot pass context down to the actual retrieve, because the first - // context would cancel the whole group when there is not direct - // association of items in the group. - resCh := c.sf.DoChan("", func() (interface{}, error) { - return c.singleRetrieve(&suppressedContext{ctx}) - }) - select { - case res := <-resCh: - return res.Val.(Value), res.Err - case <-ctx.Done(): - return Value{}, awserr.New("RequestCanceled", - "request context canceled", ctx.Err()) - } -} - -func (c *Credentials) singleRetrieve(ctx Context) (interface{}, error) { - c.m.Lock() - defer c.m.Unlock() - - if curCreds := c.creds; !c.isExpiredLocked(curCreds) { - return curCreds, nil - } - - var creds Value - var err error - if p, ok := c.provider.(ProviderWithContext); ok { - creds, err = p.RetrieveWithContext(ctx) - } else { - creds, err = c.provider.Retrieve() - } - if err == nil { - c.creds = creds - } - - return creds, err -} - -// Get returns the credentials value, or error if the credentials Value failed -// to be retrieved. -// -// Will return the cached credentials Value if it has not expired. If the -// credentials Value has expired the Provider's Retrieve() will be called -// to refresh the credentials. -// -// If Credentials.Expire() was called the credentials Value will be force -// expired, and the next call to Get() will cause them to be refreshed. -func (c *Credentials) Get() (Value, error) { - return c.GetWithContext(backgroundContext()) -} - -// Expire expires the credentials and forces them to be retrieved on the -// next call to Get(). -// -// This will override the Provider's expired state, and force Credentials -// to call the Provider's Retrieve(). -func (c *Credentials) Expire() { - c.m.Lock() - defer c.m.Unlock() - - c.creds = Value{} -} - -// IsExpired returns if the credentials are no longer valid, and need -// to be retrieved. -// -// If the Credentials were forced to be expired with Expire() this will -// reflect that override. -func (c *Credentials) IsExpired() bool { - c.m.RLock() - defer c.m.RUnlock() - - return c.isExpiredLocked(c.creds) -} - -// asyncIsExpired returns a channel of credentials Value. If the channel is -// closed the credentials are expired and credentials value are not empty. -func (c *Credentials) asyncIsExpired() <-chan Value { - ch := make(chan Value, 1) - go func() { - c.m.RLock() - defer c.m.RUnlock() - - if curCreds := c.creds; !c.isExpiredLocked(curCreds) { - ch <- curCreds - } - - close(ch) - }() - - return ch -} - -// isExpiredLocked helper method wrapping the definition of expired credentials. -func (c *Credentials) isExpiredLocked(creds interface{}) bool { - return creds == nil || creds.(Value) == Value{} || c.provider.IsExpired() -} - -// ExpiresAt provides access to the functionality of the Expirer interface of -// the underlying Provider, if it supports that interface. Otherwise, it returns -// an error. -func (c *Credentials) ExpiresAt() (time.Time, error) { - c.m.RLock() - defer c.m.RUnlock() - - expirer, ok := c.provider.(Expirer) - if !ok { - return time.Time{}, awserr.New("ProviderNotExpirer", - fmt.Sprintf("provider %s does not support ExpiresAt()", - c.creds.ProviderName), - nil) - } - if c.creds == (Value{}) { - // set expiration time to the distant past - return time.Time{}, nil - } - return expirer.ExpiresAt(), nil -} - -type suppressedContext struct { - Context -} - -func (s *suppressedContext) Deadline() (deadline time.Time, ok bool) { - return time.Time{}, false -} - -func (s *suppressedContext) Done() <-chan struct{} { - return nil -} - -func (s *suppressedContext) Err() error { - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go deleted file mode 100644 index 92af5b72..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds/ec2_role_provider.go +++ /dev/null @@ -1,188 +0,0 @@ -package ec2rolecreds - -import ( - "bufio" - "encoding/json" - "fmt" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/ec2metadata" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/sdkuri" -) - -// ProviderName provides a name of EC2Role provider -const ProviderName = "EC2RoleProvider" - -// A EC2RoleProvider retrieves credentials from the EC2 service, and keeps track if -// those credentials are expired. -// -// Example how to configure the EC2RoleProvider with custom http Client, Endpoint -// or ExpiryWindow -// -// p := &ec2rolecreds.EC2RoleProvider{ -// // Pass in a custom timeout to be used when requesting -// // IAM EC2 Role credentials. -// Client: ec2metadata.New(sess, aws.Config{ -// HTTPClient: &http.Client{Timeout: 10 * time.Second}, -// }), -// -// // Do not use early expiry of credentials. If a non zero value is -// // specified the credentials will be expired early -// ExpiryWindow: 0, -// } -type EC2RoleProvider struct { - credentials.Expiry - - // Required EC2Metadata client to use when connecting to EC2 metadata service. - Client *ec2metadata.EC2Metadata - - // ExpiryWindow will allow the credentials to trigger refreshing prior to - // the credentials actually expiring. This is beneficial so race conditions - // with expiring credentials do not cause request to fail unexpectedly - // due to ExpiredTokenException exceptions. - // - // So a ExpiryWindow of 10s would cause calls to IsExpired() to return true - // 10 seconds before the credentials are actually expired. - // - // If ExpiryWindow is 0 or less it will be ignored. - ExpiryWindow time.Duration -} - -// NewCredentials returns a pointer to a new Credentials object wrapping -// the EC2RoleProvider. Takes a ConfigProvider to create a EC2Metadata client. -// The ConfigProvider is satisfied by the session.Session type. -func NewCredentials(c client.ConfigProvider, options ...func(*EC2RoleProvider)) *credentials.Credentials { - p := &EC2RoleProvider{ - Client: ec2metadata.New(c), - } - - for _, option := range options { - option(p) - } - - return credentials.NewCredentials(p) -} - -// NewCredentialsWithClient returns a pointer to a new Credentials object wrapping -// the EC2RoleProvider. Takes a EC2Metadata client to use when connecting to EC2 -// metadata service. -func NewCredentialsWithClient(client *ec2metadata.EC2Metadata, options ...func(*EC2RoleProvider)) *credentials.Credentials { - p := &EC2RoleProvider{ - Client: client, - } - - for _, option := range options { - option(p) - } - - return credentials.NewCredentials(p) -} - -// Retrieve retrieves credentials from the EC2 service. -// Error will be returned if the request fails, or unable to extract -// the desired credentials. -func (m *EC2RoleProvider) Retrieve() (credentials.Value, error) { - return m.RetrieveWithContext(aws.BackgroundContext()) -} - -// RetrieveWithContext retrieves credentials from the EC2 service. -// Error will be returned if the request fails, or unable to extract -// the desired credentials. -func (m *EC2RoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { - credsList, err := requestCredList(ctx, m.Client) - if err != nil { - return credentials.Value{ProviderName: ProviderName}, err - } - - if len(credsList) == 0 { - return credentials.Value{ProviderName: ProviderName}, awserr.New("EmptyEC2RoleList", "empty EC2 Role list", nil) - } - credsName := credsList[0] - - roleCreds, err := requestCred(ctx, m.Client, credsName) - if err != nil { - return credentials.Value{ProviderName: ProviderName}, err - } - - m.SetExpiration(roleCreds.Expiration, m.ExpiryWindow) - - return credentials.Value{ - AccessKeyID: roleCreds.AccessKeyID, - SecretAccessKey: roleCreds.SecretAccessKey, - SessionToken: roleCreds.Token, - ProviderName: ProviderName, - }, nil -} - -// A ec2RoleCredRespBody provides the shape for unmarshaling credential -// request responses. -type ec2RoleCredRespBody struct { - // Success State - Expiration time.Time - AccessKeyID string - SecretAccessKey string - Token string - - // Error state - Code string - Message string -} - -const iamSecurityCredsPath = "iam/security-credentials/" - -// requestCredList requests a list of credentials from the EC2 service. -// If there are no credentials, or there is an error making or receiving the request -func requestCredList(ctx aws.Context, client *ec2metadata.EC2Metadata) ([]string, error) { - resp, err := client.GetMetadataWithContext(ctx, iamSecurityCredsPath) - if err != nil { - return nil, awserr.New("EC2RoleRequestError", "no EC2 instance role found", err) - } - - credsList := []string{} - s := bufio.NewScanner(strings.NewReader(resp)) - for s.Scan() { - credsList = append(credsList, s.Text()) - } - - if err := s.Err(); err != nil { - return nil, awserr.New(request.ErrCodeSerialization, - "failed to read EC2 instance role from metadata service", err) - } - - return credsList, nil -} - -// requestCred requests the credentials for a specific credentials from the EC2 service. -// -// If the credentials cannot be found, or there is an error reading the response -// and error will be returned. -func requestCred(ctx aws.Context, client *ec2metadata.EC2Metadata, credsName string) (ec2RoleCredRespBody, error) { - resp, err := client.GetMetadataWithContext(ctx, sdkuri.PathJoin(iamSecurityCredsPath, credsName)) - if err != nil { - return ec2RoleCredRespBody{}, - awserr.New("EC2RoleRequestError", - fmt.Sprintf("failed to get %s EC2 instance role credentials", credsName), - err) - } - - respCreds := ec2RoleCredRespBody{} - if err := json.NewDecoder(strings.NewReader(resp)).Decode(&respCreds); err != nil { - return ec2RoleCredRespBody{}, - awserr.New(request.ErrCodeSerialization, - fmt.Sprintf("failed to decode %s EC2 instance role credentials", credsName), - err) - } - - if respCreds.Code != "Success" { - // If an error code was returned something failed requesting the role. - return ec2RoleCredRespBody{}, awserr.New(respCreds.Code, respCreds.Message, nil) - } - - return respCreds, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go deleted file mode 100644 index 329f788a..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go +++ /dev/null @@ -1,255 +0,0 @@ -// Package endpointcreds provides support for retrieving credentials from an -// arbitrary HTTP endpoint. -// -// The credentials endpoint Provider can receive both static and refreshable -// credentials that will expire. Credentials are static when an "Expiration" -// value is not provided in the endpoint's response. -// -// Static credentials will never expire once they have been retrieved. The format -// of the static credentials response: -// { -// "AccessKeyId" : "MUA...", -// "SecretAccessKey" : "/7PC5om....", -// } -// -// Refreshable credentials will expire within the "ExpiryWindow" of the Expiration -// value in the response. The format of the refreshable credentials response: -// { -// "AccessKeyId" : "MUA...", -// "SecretAccessKey" : "/7PC5om....", -// "Token" : "AQoDY....=", -// "Expiration" : "2016-02-25T06:03:31Z" -// } -// -// Errors should be returned in the following format and only returned with 400 -// or 500 HTTP status codes. -// { -// "code": "ErrorCode", -// "message": "Helpful error message." -// } -package endpointcreds - -import ( - "encoding/json" - "fmt" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" -) - -// ProviderName is the name of the credentials provider. -const ProviderName = `CredentialsEndpointProvider` - -// Provider satisfies the credentials.Provider interface, and is a client to -// retrieve credentials from an arbitrary endpoint. -type Provider struct { - staticCreds bool - credentials.Expiry - - // Requires a AWS Client to make HTTP requests to the endpoint with. - // the Endpoint the request will be made to is provided by the aws.Config's - // Endpoint value. - Client *client.Client - - // ExpiryWindow will allow the credentials to trigger refreshing prior to - // the credentials actually expiring. This is beneficial so race conditions - // with expiring credentials do not cause request to fail unexpectedly - // due to ExpiredTokenException exceptions. - // - // So a ExpiryWindow of 10s would cause calls to IsExpired() to return true - // 10 seconds before the credentials are actually expired. - // - // If ExpiryWindow is 0 or less it will be ignored. - ExpiryWindow time.Duration - - // Optional authorization token value if set will be used as the value of - // the Authorization header of the endpoint credential request. - // - // When constructed from environment, the provider will use the value of - // AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token - // - // Will be overridden if AuthorizationTokenProvider is configured - AuthorizationToken string - - // Optional auth provider func to dynamically load the auth token from a file - // everytime a credential is retrieved - // - // When constructed from environment, the provider will read and use the content - // of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable - // as the auth token everytime credentials are retrieved - // - // Will override AuthorizationToken if configured - AuthorizationTokenProvider AuthTokenProvider -} - -// AuthTokenProvider defines an interface to dynamically load a value to be passed -// for the Authorization header of a credentials request. -type AuthTokenProvider interface { - GetToken() (string, error) -} - -// TokenProviderFunc is a func type implementing AuthTokenProvider interface -// and enables customizing token provider behavior -type TokenProviderFunc func() (string, error) - -// GetToken func retrieves auth token according to TokenProviderFunc implementation -func (p TokenProviderFunc) GetToken() (string, error) { - return p() -} - -// NewProviderClient returns a credentials Provider for retrieving AWS credentials -// from arbitrary endpoint. -func NewProviderClient(cfg aws.Config, handlers request.Handlers, endpoint string, options ...func(*Provider)) credentials.Provider { - p := &Provider{ - Client: client.New( - cfg, - metadata.ClientInfo{ - ServiceName: "CredentialsEndpoint", - Endpoint: endpoint, - }, - handlers, - ), - } - - p.Client.Handlers.Unmarshal.PushBack(unmarshalHandler) - p.Client.Handlers.UnmarshalError.PushBack(unmarshalError) - p.Client.Handlers.Validate.Clear() - p.Client.Handlers.Validate.PushBack(validateEndpointHandler) - - for _, option := range options { - option(p) - } - - return p -} - -// NewCredentialsClient returns a pointer to a new Credentials object -// wrapping the endpoint credentials Provider. -func NewCredentialsClient(cfg aws.Config, handlers request.Handlers, endpoint string, options ...func(*Provider)) *credentials.Credentials { - return credentials.NewCredentials(NewProviderClient(cfg, handlers, endpoint, options...)) -} - -// IsExpired returns true if the credentials retrieved are expired, or not yet -// retrieved. -func (p *Provider) IsExpired() bool { - if p.staticCreds { - return false - } - return p.Expiry.IsExpired() -} - -// Retrieve will attempt to request the credentials from the endpoint the Provider -// was configured for. And error will be returned if the retrieval fails. -func (p *Provider) Retrieve() (credentials.Value, error) { - return p.RetrieveWithContext(aws.BackgroundContext()) -} - -// RetrieveWithContext will attempt to request the credentials from the endpoint the Provider -// was configured for. And error will be returned if the retrieval fails. -func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { - resp, err := p.getCredentials(ctx) - if err != nil { - return credentials.Value{ProviderName: ProviderName}, - awserr.New("CredentialsEndpointError", "failed to load credentials", err) - } - - if resp.Expiration != nil { - p.SetExpiration(*resp.Expiration, p.ExpiryWindow) - } else { - p.staticCreds = true - } - - return credentials.Value{ - AccessKeyID: resp.AccessKeyID, - SecretAccessKey: resp.SecretAccessKey, - SessionToken: resp.Token, - ProviderName: ProviderName, - }, nil -} - -type getCredentialsOutput struct { - Expiration *time.Time - AccessKeyID string - SecretAccessKey string - Token string -} - -type errorOutput struct { - Code string `json:"code"` - Message string `json:"message"` -} - -func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error) { - op := &request.Operation{ - Name: "GetCredentials", - HTTPMethod: "GET", - } - - out := &getCredentialsOutput{} - req := p.Client.NewRequest(op, nil, out) - req.SetContext(ctx) - req.HTTPRequest.Header.Set("Accept", "application/json") - - authToken := p.AuthorizationToken - var err error - if p.AuthorizationTokenProvider != nil { - authToken, err = p.AuthorizationTokenProvider.GetToken() - if err != nil { - return nil, fmt.Errorf("get authorization token: %v", err) - } - } - - if strings.ContainsAny(authToken, "\r\n") { - return nil, fmt.Errorf("authorization token contains invalid newline sequence") - } - if len(authToken) != 0 { - req.HTTPRequest.Header.Set("Authorization", authToken) - } - - return out, req.Send() -} - -func validateEndpointHandler(r *request.Request) { - if len(r.ClientInfo.Endpoint) == 0 { - r.Error = aws.ErrMissingEndpoint - } -} - -func unmarshalHandler(r *request.Request) { - defer r.HTTPResponse.Body.Close() - - out := r.Data.(*getCredentialsOutput) - if err := json.NewDecoder(r.HTTPResponse.Body).Decode(&out); err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, - "failed to decode endpoint credentials", - err, - ) - } -} - -func unmarshalError(r *request.Request) { - defer r.HTTPResponse.Body.Close() - - var errOut errorOutput - err := jsonutil.UnmarshalJSONError(&errOut, r.HTTPResponse.Body) - if err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to decode error message", err), - r.HTTPResponse.StatusCode, - r.RequestID, - ) - return - } - - // Response body format is not consistent between metadata endpoints. - // Grab the error message as a string and include that as the source error - r.Error = awserr.New(errOut.Code, errOut.Message, nil) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go deleted file mode 100644 index 54c5cf73..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/env_provider.go +++ /dev/null @@ -1,74 +0,0 @@ -package credentials - -import ( - "os" - - "github.com/aws/aws-sdk-go/aws/awserr" -) - -// EnvProviderName provides a name of Env provider -const EnvProviderName = "EnvProvider" - -var ( - // ErrAccessKeyIDNotFound is returned when the AWS Access Key ID can't be - // found in the process's environment. - ErrAccessKeyIDNotFound = awserr.New("EnvAccessKeyNotFound", "AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY not found in environment", nil) - - // ErrSecretAccessKeyNotFound is returned when the AWS Secret Access Key - // can't be found in the process's environment. - ErrSecretAccessKeyNotFound = awserr.New("EnvSecretNotFound", "AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY not found in environment", nil) -) - -// A EnvProvider retrieves credentials from the environment variables of the -// running process. Environment credentials never expire. -// -// Environment variables used: -// -// * Access Key ID: AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY -// -// * Secret Access Key: AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY -type EnvProvider struct { - retrieved bool -} - -// NewEnvCredentials returns a pointer to a new Credentials object -// wrapping the environment variable provider. -func NewEnvCredentials() *Credentials { - return NewCredentials(&EnvProvider{}) -} - -// Retrieve retrieves the keys from the environment. -func (e *EnvProvider) Retrieve() (Value, error) { - e.retrieved = false - - id := os.Getenv("AWS_ACCESS_KEY_ID") - if id == "" { - id = os.Getenv("AWS_ACCESS_KEY") - } - - secret := os.Getenv("AWS_SECRET_ACCESS_KEY") - if secret == "" { - secret = os.Getenv("AWS_SECRET_KEY") - } - - if id == "" { - return Value{ProviderName: EnvProviderName}, ErrAccessKeyIDNotFound - } - - if secret == "" { - return Value{ProviderName: EnvProviderName}, ErrSecretAccessKeyNotFound - } - - e.retrieved = true - return Value{ - AccessKeyID: id, - SecretAccessKey: secret, - SessionToken: os.Getenv("AWS_SESSION_TOKEN"), - ProviderName: EnvProviderName, - }, nil -} - -// IsExpired returns if the credentials have been retrieved. -func (e *EnvProvider) IsExpired() bool { - return !e.retrieved -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/example.ini b/vendor/github.com/aws/aws-sdk-go/aws/credentials/example.ini deleted file mode 100644 index 7fc91d9d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/example.ini +++ /dev/null @@ -1,12 +0,0 @@ -[default] -aws_access_key_id = accessKey -aws_secret_access_key = secret -aws_session_token = token - -[no_token] -aws_access_key_id = accessKey -aws_secret_access_key = secret - -[with_colon] -aws_access_key_id: accessKey -aws_secret_access_key: secret diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go deleted file mode 100644 index 18694f07..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go +++ /dev/null @@ -1,438 +0,0 @@ -/* -Package processcreds is a credential Provider to retrieve `credential_process` -credentials. - -WARNING: The following describes a method of sourcing credentials from an external -process. This can potentially be dangerous, so proceed with caution. Other -credential providers should be preferred if at all possible. If using this -option, you should make sure that the config file is as locked down as possible -using security best practices for your operating system. - -You can use credentials from a `credential_process` in a variety of ways. - -One way is to setup your shared config file, located in the default -location, with the `credential_process` key and the command you want to be -called. You also need to set the AWS_SDK_LOAD_CONFIG environment variable -(e.g., `export AWS_SDK_LOAD_CONFIG=1`) to use the shared config file. - - [default] - credential_process = /command/to/call - -Creating a new session will use the credential process to retrieve credentials. -NOTE: If there are credentials in the profile you are using, the credential -process will not be used. - - // Initialize a session to load credentials. - sess, _ := session.NewSession(&aws.Config{ - Region: aws.String("us-east-1")}, - ) - - // Create S3 service client to use the credentials. - svc := s3.New(sess) - -Another way to use the `credential_process` method is by using -`credentials.NewCredentials()` and providing a command to be executed to -retrieve credentials: - - // Create credentials using the ProcessProvider. - creds := processcreds.NewCredentials("/path/to/command") - - // Create service client value configured for credentials. - svc := s3.New(sess, &aws.Config{Credentials: creds}) - -You can set a non-default timeout for the `credential_process` with another -constructor, `credentials.NewCredentialsTimeout()`, providing the timeout. To -set a one minute timeout: - - // Create credentials using the ProcessProvider. - creds := processcreds.NewCredentialsTimeout( - "/path/to/command", - time.Duration(500) * time.Millisecond) - -If you need more control, you can set any configurable options in the -credentials using one or more option functions. For example, you can set a two -minute timeout, a credential duration of 60 minutes, and a maximum stdout -buffer size of 2k. - - creds := processcreds.NewCredentials( - "/path/to/command", - func(opt *ProcessProvider) { - opt.Timeout = time.Duration(2) * time.Minute - opt.Duration = time.Duration(60) * time.Minute - opt.MaxBufSize = 2048 - }) - -You can also use your own `exec.Cmd`: - - // Create an exec.Cmd - myCommand := exec.Command("/path/to/command") - - // Create credentials using your exec.Cmd and custom timeout - creds := processcreds.NewCredentialsCommand( - myCommand, - func(opt *processcreds.ProcessProvider) { - opt.Timeout = time.Duration(1) * time.Second - }) -*/ -package processcreds - -import ( - "bytes" - "encoding/json" - "fmt" - "io" - "io/ioutil" - "os" - "os/exec" - "runtime" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/internal/sdkio" -) - -const ( - // ProviderName is the name this credentials provider will label any - // returned credentials Value with. - ProviderName = `ProcessProvider` - - // ErrCodeProcessProviderParse error parsing process output - ErrCodeProcessProviderParse = "ProcessProviderParseError" - - // ErrCodeProcessProviderVersion version error in output - ErrCodeProcessProviderVersion = "ProcessProviderVersionError" - - // ErrCodeProcessProviderRequired required attribute missing in output - ErrCodeProcessProviderRequired = "ProcessProviderRequiredError" - - // ErrCodeProcessProviderExecution execution of command failed - ErrCodeProcessProviderExecution = "ProcessProviderExecutionError" - - // errMsgProcessProviderTimeout process took longer than allowed - errMsgProcessProviderTimeout = "credential process timed out" - - // errMsgProcessProviderProcess process error - errMsgProcessProviderProcess = "error in credential_process" - - // errMsgProcessProviderParse problem parsing output - errMsgProcessProviderParse = "parse failed of credential_process output" - - // errMsgProcessProviderVersion version error in output - errMsgProcessProviderVersion = "wrong version in process output (not 1)" - - // errMsgProcessProviderMissKey missing access key id in output - errMsgProcessProviderMissKey = "missing AccessKeyId in process output" - - // errMsgProcessProviderMissSecret missing secret acess key in output - errMsgProcessProviderMissSecret = "missing SecretAccessKey in process output" - - // errMsgProcessProviderPrepareCmd prepare of command failed - errMsgProcessProviderPrepareCmd = "failed to prepare command" - - // errMsgProcessProviderEmptyCmd command must not be empty - errMsgProcessProviderEmptyCmd = "command must not be empty" - - // errMsgProcessProviderPipe failed to initialize pipe - errMsgProcessProviderPipe = "failed to initialize pipe" - - // DefaultDuration is the default amount of time in minutes that the - // credentials will be valid for. - DefaultDuration = time.Duration(15) * time.Minute - - // DefaultBufSize limits buffer size from growing to an enormous - // amount due to a faulty process. - DefaultBufSize = int(8 * sdkio.KibiByte) - - // DefaultTimeout default limit on time a process can run. - DefaultTimeout = time.Duration(1) * time.Minute -) - -// ProcessProvider satisfies the credentials.Provider interface, and is a -// client to retrieve credentials from a process. -type ProcessProvider struct { - staticCreds bool - credentials.Expiry - originalCommand []string - - // Expiry duration of the credentials. Defaults to 15 minutes if not set. - Duration time.Duration - - // ExpiryWindow will allow the credentials to trigger refreshing prior to - // the credentials actually expiring. This is beneficial so race conditions - // with expiring credentials do not cause request to fail unexpectedly - // due to ExpiredTokenException exceptions. - // - // So a ExpiryWindow of 10s would cause calls to IsExpired() to return true - // 10 seconds before the credentials are actually expired. - // - // If ExpiryWindow is 0 or less it will be ignored. - ExpiryWindow time.Duration - - // A string representing an os command that should return a JSON with - // credential information. - command *exec.Cmd - - // MaxBufSize limits memory usage from growing to an enormous - // amount due to a faulty process. - MaxBufSize int - - // Timeout limits the time a process can run. - Timeout time.Duration -} - -// NewCredentials returns a pointer to a new Credentials object wrapping the -// ProcessProvider. The credentials will expire every 15 minutes by default. -func NewCredentials(command string, options ...func(*ProcessProvider)) *credentials.Credentials { - p := &ProcessProvider{ - command: exec.Command(command), - Duration: DefaultDuration, - Timeout: DefaultTimeout, - MaxBufSize: DefaultBufSize, - } - - for _, option := range options { - option(p) - } - - return credentials.NewCredentials(p) -} - -// NewCredentialsTimeout returns a pointer to a new Credentials object with -// the specified command and timeout, and default duration and max buffer size. -func NewCredentialsTimeout(command string, timeout time.Duration) *credentials.Credentials { - p := NewCredentials(command, func(opt *ProcessProvider) { - opt.Timeout = timeout - }) - - return p -} - -// NewCredentialsCommand returns a pointer to a new Credentials object with -// the specified command, and default timeout, duration and max buffer size. -func NewCredentialsCommand(command *exec.Cmd, options ...func(*ProcessProvider)) *credentials.Credentials { - p := &ProcessProvider{ - command: command, - Duration: DefaultDuration, - Timeout: DefaultTimeout, - MaxBufSize: DefaultBufSize, - } - - for _, option := range options { - option(p) - } - - return credentials.NewCredentials(p) -} - -// A CredentialProcessResponse is the AWS credentials format that must be -// returned when executing an external credential_process. -type CredentialProcessResponse struct { - // As of this writing, the Version key must be set to 1. This might - // increment over time as the structure evolves. - Version int - - // The access key ID that identifies the temporary security credentials. - AccessKeyID string `json:"AccessKeyId"` - - // The secret access key that can be used to sign requests. - SecretAccessKey string - - // The token that users must pass to the service API to use the temporary credentials. - SessionToken string - - // The date on which the current credentials expire. - Expiration *time.Time -} - -// Retrieve executes the 'credential_process' and returns the credentials. -func (p *ProcessProvider) Retrieve() (credentials.Value, error) { - out, err := p.executeCredentialProcess() - if err != nil { - return credentials.Value{ProviderName: ProviderName}, err - } - - // Serialize and validate response - resp := &CredentialProcessResponse{} - if err = json.Unmarshal(out, resp); err != nil { - return credentials.Value{ProviderName: ProviderName}, awserr.New( - ErrCodeProcessProviderParse, - fmt.Sprintf("%s: %s", errMsgProcessProviderParse, string(out)), - err) - } - - if resp.Version != 1 { - return credentials.Value{ProviderName: ProviderName}, awserr.New( - ErrCodeProcessProviderVersion, - errMsgProcessProviderVersion, - nil) - } - - if len(resp.AccessKeyID) == 0 { - return credentials.Value{ProviderName: ProviderName}, awserr.New( - ErrCodeProcessProviderRequired, - errMsgProcessProviderMissKey, - nil) - } - - if len(resp.SecretAccessKey) == 0 { - return credentials.Value{ProviderName: ProviderName}, awserr.New( - ErrCodeProcessProviderRequired, - errMsgProcessProviderMissSecret, - nil) - } - - // Handle expiration - p.staticCreds = resp.Expiration == nil - if resp.Expiration != nil { - p.SetExpiration(*resp.Expiration, p.ExpiryWindow) - } - - return credentials.Value{ - ProviderName: ProviderName, - AccessKeyID: resp.AccessKeyID, - SecretAccessKey: resp.SecretAccessKey, - SessionToken: resp.SessionToken, - }, nil -} - -// IsExpired returns true if the credentials retrieved are expired, or not yet -// retrieved. -func (p *ProcessProvider) IsExpired() bool { - if p.staticCreds { - return false - } - return p.Expiry.IsExpired() -} - -// prepareCommand prepares the command to be executed. -func (p *ProcessProvider) prepareCommand() error { - - var cmdArgs []string - if runtime.GOOS == "windows" { - cmdArgs = []string{"cmd.exe", "/C"} - } else { - cmdArgs = []string{"sh", "-c"} - } - - if len(p.originalCommand) == 0 { - p.originalCommand = make([]string, len(p.command.Args)) - copy(p.originalCommand, p.command.Args) - - // check for empty command because it succeeds - if len(strings.TrimSpace(p.originalCommand[0])) < 1 { - return awserr.New( - ErrCodeProcessProviderExecution, - fmt.Sprintf( - "%s: %s", - errMsgProcessProviderPrepareCmd, - errMsgProcessProviderEmptyCmd), - nil) - } - } - - cmdArgs = append(cmdArgs, p.originalCommand...) - p.command = exec.Command(cmdArgs[0], cmdArgs[1:]...) - p.command.Env = os.Environ() - - return nil -} - -// executeCredentialProcess starts the credential process on the OS and -// returns the results or an error. -func (p *ProcessProvider) executeCredentialProcess() ([]byte, error) { - - if err := p.prepareCommand(); err != nil { - return nil, err - } - - // Setup the pipes - outReadPipe, outWritePipe, err := os.Pipe() - if err != nil { - return nil, awserr.New( - ErrCodeProcessProviderExecution, - errMsgProcessProviderPipe, - err) - } - - p.command.Stderr = os.Stderr // display stderr on console for MFA - p.command.Stdout = outWritePipe // get creds json on process's stdout - p.command.Stdin = os.Stdin // enable stdin for MFA - - output := bytes.NewBuffer(make([]byte, 0, p.MaxBufSize)) - - stdoutCh := make(chan error, 1) - go readInput( - io.LimitReader(outReadPipe, int64(p.MaxBufSize)), - output, - stdoutCh) - - execCh := make(chan error, 1) - go executeCommand(*p.command, execCh) - - finished := false - var errors []error - for !finished { - select { - case readError := <-stdoutCh: - errors = appendError(errors, readError) - finished = true - case execError := <-execCh: - err := outWritePipe.Close() - errors = appendError(errors, err) - errors = appendError(errors, execError) - if errors != nil { - return output.Bytes(), awserr.NewBatchError( - ErrCodeProcessProviderExecution, - errMsgProcessProviderProcess, - errors) - } - case <-time.After(p.Timeout): - finished = true - return output.Bytes(), awserr.NewBatchError( - ErrCodeProcessProviderExecution, - errMsgProcessProviderTimeout, - errors) // errors can be nil - } - } - - out := output.Bytes() - - if runtime.GOOS == "windows" { - // windows adds slashes to quotes - out = []byte(strings.Replace(string(out), `\"`, `"`, -1)) - } - - return out, nil -} - -// appendError conveniently checks for nil before appending slice -func appendError(errors []error, err error) []error { - if err != nil { - return append(errors, err) - } - return errors -} - -func executeCommand(cmd exec.Cmd, exec chan error) { - // Start the command - err := cmd.Start() - if err == nil { - err = cmd.Wait() - } - - exec <- err -} - -func readInput(r io.Reader, w io.Writer, read chan error) { - tee := io.TeeReader(r, w) - - _, err := ioutil.ReadAll(tee) - - if err == io.EOF { - err = nil - } - - read <- err // will only arrive here when write end of pipe is closed -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go deleted file mode 100644 index 22b5c5d9..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/shared_credentials_provider.go +++ /dev/null @@ -1,151 +0,0 @@ -package credentials - -import ( - "fmt" - "os" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/internal/ini" - "github.com/aws/aws-sdk-go/internal/shareddefaults" -) - -// SharedCredsProviderName provides a name of SharedCreds provider -const SharedCredsProviderName = "SharedCredentialsProvider" - -var ( - // ErrSharedCredentialsHomeNotFound is emitted when the user directory cannot be found. - ErrSharedCredentialsHomeNotFound = awserr.New("UserHomeNotFound", "user home directory not found.", nil) -) - -// A SharedCredentialsProvider retrieves access key pair (access key ID, -// secret access key, and session token if present) credentials from the current -// user's home directory, and keeps track if those credentials are expired. -// -// Profile ini file example: $HOME/.aws/credentials -type SharedCredentialsProvider struct { - // Path to the shared credentials file. - // - // If empty will look for "AWS_SHARED_CREDENTIALS_FILE" env variable. If the - // env value is empty will default to current user's home directory. - // Linux/OSX: "$HOME/.aws/credentials" - // Windows: "%USERPROFILE%\.aws\credentials" - Filename string - - // AWS Profile to extract credentials from the shared credentials file. If empty - // will default to environment variable "AWS_PROFILE" or "default" if - // environment variable is also not set. - Profile string - - // retrieved states if the credentials have been successfully retrieved. - retrieved bool -} - -// NewSharedCredentials returns a pointer to a new Credentials object -// wrapping the Profile file provider. -func NewSharedCredentials(filename, profile string) *Credentials { - return NewCredentials(&SharedCredentialsProvider{ - Filename: filename, - Profile: profile, - }) -} - -// Retrieve reads and extracts the shared credentials from the current -// users home directory. -func (p *SharedCredentialsProvider) Retrieve() (Value, error) { - p.retrieved = false - - filename, err := p.filename() - if err != nil { - return Value{ProviderName: SharedCredsProviderName}, err - } - - creds, err := loadProfile(filename, p.profile()) - if err != nil { - return Value{ProviderName: SharedCredsProviderName}, err - } - - p.retrieved = true - return creds, nil -} - -// IsExpired returns if the shared credentials have expired. -func (p *SharedCredentialsProvider) IsExpired() bool { - return !p.retrieved -} - -// loadProfiles loads from the file pointed to by shared credentials filename for profile. -// The credentials retrieved from the profile will be returned or error. Error will be -// returned if it fails to read from the file, or the data is invalid. -func loadProfile(filename, profile string) (Value, error) { - config, err := ini.OpenFile(filename) - if err != nil { - return Value{ProviderName: SharedCredsProviderName}, awserr.New("SharedCredsLoad", "failed to load shared credentials file", err) - } - - iniProfile, ok := config.GetSection(profile) - if !ok { - return Value{ProviderName: SharedCredsProviderName}, awserr.New("SharedCredsLoad", "failed to get profile", nil) - } - - id := iniProfile.String("aws_access_key_id") - if len(id) == 0 { - return Value{ProviderName: SharedCredsProviderName}, awserr.New("SharedCredsAccessKey", - fmt.Sprintf("shared credentials %s in %s did not contain aws_access_key_id", profile, filename), - nil) - } - - secret := iniProfile.String("aws_secret_access_key") - if len(secret) == 0 { - return Value{ProviderName: SharedCredsProviderName}, awserr.New("SharedCredsSecret", - fmt.Sprintf("shared credentials %s in %s did not contain aws_secret_access_key", profile, filename), - nil) - } - - // Default to empty string if not found - token := iniProfile.String("aws_session_token") - - return Value{ - AccessKeyID: id, - SecretAccessKey: secret, - SessionToken: token, - ProviderName: SharedCredsProviderName, - }, nil -} - -// filename returns the filename to use to read AWS shared credentials. -// -// Will return an error if the user's home directory path cannot be found. -func (p *SharedCredentialsProvider) filename() (string, error) { - if len(p.Filename) != 0 { - return p.Filename, nil - } - - if p.Filename = os.Getenv("AWS_SHARED_CREDENTIALS_FILE"); len(p.Filename) != 0 { - return p.Filename, nil - } - - if home := shareddefaults.UserHomeDir(); len(home) == 0 { - // Backwards compatibility of home directly not found error being returned. - // This error is too verbose, failure when opening the file would of been - // a better error to return. - return "", ErrSharedCredentialsHomeNotFound - } - - p.Filename = shareddefaults.SharedCredentialsFilename() - - return p.Filename, nil -} - -// profile returns the AWS shared credentials profile. If empty will read -// environment variable "AWS_PROFILE". If that is not set profile will -// return "default". -func (p *SharedCredentialsProvider) profile() string { - if p.Profile == "" { - p.Profile = os.Getenv("AWS_PROFILE") - } - if p.Profile == "" { - p.Profile = "default" - } - - return p.Profile -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go deleted file mode 100644 index 18c940ab..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go +++ /dev/null @@ -1,60 +0,0 @@ -// Package ssocreds provides a credential provider for retrieving temporary AWS credentials using an SSO access token. -// -// IMPORTANT: The provider in this package does not initiate or perform the AWS SSO login flow. The SDK provider -// expects that you have already performed the SSO login flow using AWS CLI using the "aws sso login" command, or by -// some other mechanism. The provider must find a valid non-expired access token for the AWS SSO user portal URL in -// ~/.aws/sso/cache. If a cached token is not found, it is expired, or the file is malformed an error will be returned. -// -// Loading AWS SSO credentials with the AWS shared configuration file -// -// You can use configure AWS SSO credentials from the AWS shared configuration file by -// providing the specifying the required keys in the profile: -// -// sso_account_id -// sso_region -// sso_role_name -// sso_start_url -// -// For example, the following defines a profile "devsso" and specifies the AWS SSO parameters that defines the target -// account, role, sign-on portal, and the region where the user portal is located. Note: all SSO arguments must be -// provided, or an error will be returned. -// -// [profile devsso] -// sso_start_url = https://my-sso-portal.awsapps.com/start -// sso_role_name = SSOReadOnlyRole -// sso_region = us-east-1 -// sso_account_id = 123456789012 -// -// Using the config module, you can load the AWS SDK shared configuration, and specify that this profile be used to -// retrieve credentials. For example: -// -// sess, err := session.NewSessionWithOptions(session.Options{ -// SharedConfigState: session.SharedConfigEnable, -// Profile: "devsso", -// }) -// if err != nil { -// return err -// } -// -// Programmatically loading AWS SSO credentials directly -// -// You can programmatically construct the AWS SSO Provider in your application, and provide the necessary information -// to load and retrieve temporary credentials using an access token from ~/.aws/sso/cache. -// -// svc := sso.New(sess, &aws.Config{ -// Region: aws.String("us-west-2"), // Client Region must correspond to the AWS SSO user portal region -// }) -// -// provider := ssocreds.NewCredentialsWithClient(svc, "123456789012", "SSOReadOnlyRole", "https://my-sso-portal.awsapps.com/start") -// -// credentials, err := provider.Get() -// if err != nil { -// return err -// } -// -// Additional Resources -// -// Configuring the AWS CLI to use AWS Single Sign-On: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html -// -// AWS Single Sign-On User Guide: https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html -package ssocreds diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go deleted file mode 100644 index d4df39a7..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go +++ /dev/null @@ -1,10 +0,0 @@ -//go:build !windows -// +build !windows - -package ssocreds - -import "os" - -func getHomeDirectory() string { - return os.Getenv("HOME") -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go deleted file mode 100644 index eb48f61e..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go +++ /dev/null @@ -1,7 +0,0 @@ -package ssocreds - -import "os" - -func getHomeDirectory() string { - return os.Getenv("USERPROFILE") -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go deleted file mode 100644 index 4138e725..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go +++ /dev/null @@ -1,187 +0,0 @@ -package ssocreds - -import ( - "crypto/sha1" - "encoding/hex" - "encoding/json" - "io/ioutil" - "path/filepath" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/auth/bearer" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/service/sso" - "github.com/aws/aws-sdk-go/service/sso/ssoiface" -) - -// ErrCodeSSOProviderInvalidToken is the code type that is returned if loaded token has expired or is otherwise invalid. -// To refresh the SSO session run aws sso login with the corresponding profile. -const ErrCodeSSOProviderInvalidToken = "SSOProviderInvalidToken" - -const invalidTokenMessage = "the SSO session has expired or is invalid" - -func init() { - nowTime = time.Now - defaultCacheLocation = defaultCacheLocationImpl -} - -var nowTime func() time.Time - -// ProviderName is the name of the provider used to specify the source of credentials. -const ProviderName = "SSOProvider" - -var defaultCacheLocation func() string - -func defaultCacheLocationImpl() string { - return filepath.Join(getHomeDirectory(), ".aws", "sso", "cache") -} - -// Provider is an AWS credential provider that retrieves temporary AWS credentials by exchanging an SSO login token. -type Provider struct { - credentials.Expiry - - // The Client which is configured for the AWS Region where the AWS SSO user portal is located. - Client ssoiface.SSOAPI - - // The AWS account that is assigned to the user. - AccountID string - - // The role name that is assigned to the user. - RoleName string - - // The URL that points to the organization's AWS Single Sign-On (AWS SSO) user portal. - StartURL string - - // The filepath the cached token will be retrieved from. If unset Provider will - // use the startURL to determine the filepath at. - // - // ~/.aws/sso/cache/.json - // - // If custom cached token filepath is used, the Provider's startUrl - // parameter will be ignored. - CachedTokenFilepath string - - // Used by the SSOCredentialProvider if a token configuration - // profile is used in the shared config - TokenProvider bearer.TokenProvider -} - -// NewCredentials returns a new AWS Single Sign-On (AWS SSO) credential provider. The ConfigProvider is expected to be configured -// for the AWS Region where the AWS SSO user portal is located. -func NewCredentials(configProvider client.ConfigProvider, accountID, roleName, startURL string, optFns ...func(provider *Provider)) *credentials.Credentials { - return NewCredentialsWithClient(sso.New(configProvider), accountID, roleName, startURL, optFns...) -} - -// NewCredentialsWithClient returns a new AWS Single Sign-On (AWS SSO) credential provider. The provided client is expected to be configured -// for the AWS Region where the AWS SSO user portal is located. -func NewCredentialsWithClient(client ssoiface.SSOAPI, accountID, roleName, startURL string, optFns ...func(provider *Provider)) *credentials.Credentials { - p := &Provider{ - Client: client, - AccountID: accountID, - RoleName: roleName, - StartURL: startURL, - } - - for _, fn := range optFns { - fn(p) - } - - return credentials.NewCredentials(p) -} - -// Retrieve retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal -// by exchanging the accessToken present in ~/.aws/sso/cache. -func (p *Provider) Retrieve() (credentials.Value, error) { - return p.RetrieveWithContext(aws.BackgroundContext()) -} - -// RetrieveWithContext retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal -// by exchanging the accessToken present in ~/.aws/sso/cache. -func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { - var accessToken *string - if p.TokenProvider != nil { - token, err := p.TokenProvider.RetrieveBearerToken(ctx) - if err != nil { - return credentials.Value{}, err - } - accessToken = &token.Value - } else { - if p.CachedTokenFilepath == "" { - cachedTokenFilePath, err := getCachedFilePath(p.StartURL) - if err != nil { - return credentials.Value{}, err - } - p.CachedTokenFilepath = cachedTokenFilePath - } - - tokenFile, err := loadTokenFile(p.CachedTokenFilepath) - if err != nil { - return credentials.Value{}, err - } - accessToken = &tokenFile.AccessToken - } - - output, err := p.Client.GetRoleCredentialsWithContext(ctx, &sso.GetRoleCredentialsInput{ - AccessToken: accessToken, - AccountId: &p.AccountID, - RoleName: &p.RoleName, - }) - if err != nil { - return credentials.Value{}, err - } - - expireTime := time.Unix(0, aws.Int64Value(output.RoleCredentials.Expiration)*int64(time.Millisecond)).UTC() - p.SetExpiration(expireTime, 0) - - return credentials.Value{ - AccessKeyID: aws.StringValue(output.RoleCredentials.AccessKeyId), - SecretAccessKey: aws.StringValue(output.RoleCredentials.SecretAccessKey), - SessionToken: aws.StringValue(output.RoleCredentials.SessionToken), - ProviderName: ProviderName, - }, nil -} - -func getCachedFilePath(startUrl string) (string, error) { - hash := sha1.New() - _, err := hash.Write([]byte(startUrl)) - if err != nil { - return "", err - } - return filepath.Join(defaultCacheLocation(), strings.ToLower(hex.EncodeToString(hash.Sum(nil)))+".json"), nil -} - -type token struct { - AccessToken string `json:"accessToken"` - ExpiresAt rfc3339 `json:"expiresAt"` - Region string `json:"region,omitempty"` - StartURL string `json:"startUrl,omitempty"` -} - -func (t token) Expired() bool { - return nowTime().Round(0).After(time.Time(t.ExpiresAt)) -} - -func loadTokenFile(cachedTokenPath string) (t token, err error) { - fileBytes, err := ioutil.ReadFile(cachedTokenPath) - if err != nil { - return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) - } - - if err := json.Unmarshal(fileBytes, &t); err != nil { - return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) - } - - if len(t.AccessToken) == 0 { - return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, nil) - } - - if t.Expired() { - return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, nil) - } - - return t, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go deleted file mode 100644 index f6fa8845..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go +++ /dev/null @@ -1,237 +0,0 @@ -package ssocreds - -import ( - "crypto/sha1" - "encoding/hex" - "encoding/json" - "fmt" - "github.com/aws/aws-sdk-go/internal/shareddefaults" - "io/ioutil" - "os" - "path/filepath" - "strconv" - "strings" - "time" -) - -var resolvedOsUserHomeDir = shareddefaults.UserHomeDir - -// StandardCachedTokenFilepath returns the filepath for the cached SSO token file, or -// error if unable get derive the path. Key that will be used to compute a SHA1 -// value that is hex encoded. -// -// Derives the filepath using the Key as: -// -// ~/.aws/sso/cache/.json -func StandardCachedTokenFilepath(key string) (string, error) { - homeDir := resolvedOsUserHomeDir() - if len(homeDir) == 0 { - return "", fmt.Errorf("unable to get USER's home directory for cached token") - } - hash := sha1.New() - if _, err := hash.Write([]byte(key)); err != nil { - return "", fmt.Errorf("unable to compute cached token filepath key SHA1 hash, %v", err) - } - - cacheFilename := strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json" - - return filepath.Join(homeDir, ".aws", "sso", "cache", cacheFilename), nil -} - -type tokenKnownFields struct { - AccessToken string `json:"accessToken,omitempty"` - ExpiresAt *rfc3339 `json:"expiresAt,omitempty"` - - RefreshToken string `json:"refreshToken,omitempty"` - ClientID string `json:"clientId,omitempty"` - ClientSecret string `json:"clientSecret,omitempty"` -} - -type cachedToken struct { - tokenKnownFields - UnknownFields map[string]interface{} `json:"-"` -} - -// MarshalJSON provides custom marshalling because the standard library Go marshaller ignores unknown/unspecified fields -// when marshalling from a struct: https://pkg.go.dev/encoding/json#Marshal -// This function adds some extra validation to the known fields and captures unknown fields. -func (t cachedToken) MarshalJSON() ([]byte, error) { - fields := map[string]interface{}{} - - setTokenFieldString(fields, "accessToken", t.AccessToken) - setTokenFieldRFC3339(fields, "expiresAt", t.ExpiresAt) - - setTokenFieldString(fields, "refreshToken", t.RefreshToken) - setTokenFieldString(fields, "clientId", t.ClientID) - setTokenFieldString(fields, "clientSecret", t.ClientSecret) - - for k, v := range t.UnknownFields { - if _, ok := fields[k]; ok { - return nil, fmt.Errorf("unknown token field %v, duplicates known field", k) - } - fields[k] = v - } - - return json.Marshal(fields) -} - -func setTokenFieldString(fields map[string]interface{}, key, value string) { - if value == "" { - return - } - fields[key] = value -} -func setTokenFieldRFC3339(fields map[string]interface{}, key string, value *rfc3339) { - if value == nil { - return - } - fields[key] = value -} - -// UnmarshalJSON provides custom unmarshalling because the standard library Go unmarshaller ignores unknown/unspecified -// fields when unmarshalling from a struct: https://pkg.go.dev/encoding/json#Unmarshal -// This function adds some extra validation to the known fields and captures unknown fields. -func (t *cachedToken) UnmarshalJSON(b []byte) error { - var fields map[string]interface{} - if err := json.Unmarshal(b, &fields); err != nil { - return nil - } - - t.UnknownFields = map[string]interface{}{} - - for k, v := range fields { - var err error - switch k { - case "accessToken": - err = getTokenFieldString(v, &t.AccessToken) - case "expiresAt": - err = getTokenFieldRFC3339(v, &t.ExpiresAt) - case "refreshToken": - err = getTokenFieldString(v, &t.RefreshToken) - case "clientId": - err = getTokenFieldString(v, &t.ClientID) - case "clientSecret": - err = getTokenFieldString(v, &t.ClientSecret) - default: - t.UnknownFields[k] = v - } - - if err != nil { - return fmt.Errorf("field %q, %v", k, err) - } - } - - return nil -} - -func getTokenFieldString(v interface{}, value *string) error { - var ok bool - *value, ok = v.(string) - if !ok { - return fmt.Errorf("expect value to be string, got %T", v) - } - return nil -} - -func getTokenFieldRFC3339(v interface{}, value **rfc3339) error { - var stringValue string - if err := getTokenFieldString(v, &stringValue); err != nil { - return err - } - - timeValue, err := parseRFC3339(stringValue) - if err != nil { - return err - } - - *value = &timeValue - return nil -} - -func loadCachedToken(filename string) (cachedToken, error) { - fileBytes, err := ioutil.ReadFile(filename) - if err != nil { - return cachedToken{}, fmt.Errorf("failed to read cached SSO token file, %v", err) - } - - var t cachedToken - if err := json.Unmarshal(fileBytes, &t); err != nil { - return cachedToken{}, fmt.Errorf("failed to parse cached SSO token file, %v", err) - } - - if len(t.AccessToken) == 0 || t.ExpiresAt == nil || time.Time(*t.ExpiresAt).IsZero() { - return cachedToken{}, fmt.Errorf( - "cached SSO token must contain accessToken and expiresAt fields") - } - - return t, nil -} - -func storeCachedToken(filename string, t cachedToken, fileMode os.FileMode) (err error) { - tmpFilename := filename + ".tmp-" + strconv.FormatInt(nowTime().UnixNano(), 10) - if err := writeCacheFile(tmpFilename, fileMode, t); err != nil { - return err - } - - if err := os.Rename(tmpFilename, filename); err != nil { - return fmt.Errorf("failed to replace old cached SSO token file, %v", err) - } - - return nil -} - -func writeCacheFile(filename string, fileMode os.FileMode, t cachedToken) (err error) { - var f *os.File - f, err = os.OpenFile(filename, os.O_CREATE|os.O_TRUNC|os.O_RDWR, fileMode) - if err != nil { - return fmt.Errorf("failed to create cached SSO token file %v", err) - } - - defer func() { - closeErr := f.Close() - if err == nil && closeErr != nil { - err = fmt.Errorf("failed to close cached SSO token file, %v", closeErr) - } - }() - - encoder := json.NewEncoder(f) - - if err = encoder.Encode(t); err != nil { - return fmt.Errorf("failed to serialize cached SSO token, %v", err) - } - - return nil -} - -type rfc3339 time.Time - -// UnmarshalJSON decode rfc3339 from JSON format -func (r *rfc3339) UnmarshalJSON(bytes []byte) error { - var value string - var err error - - if err = json.Unmarshal(bytes, &value); err != nil { - return err - } - - *r, err = parseRFC3339(value) - return err -} - -func parseRFC3339(v string) (rfc3339, error) { - parsed, err := time.Parse(time.RFC3339, v) - if err != nil { - return rfc3339{}, fmt.Errorf("expected RFC3339 timestamp: %v", err) - } - - return rfc3339(parsed), nil -} - -// MarshalJSON encode rfc3339 to JSON format time -func (r *rfc3339) MarshalJSON() ([]byte, error) { - value := time.Time(*r).Format(time.RFC3339) - - // Use JSON unmarshal to unescape the quoted value making use of JSON's - // quoting rules. - return json.Marshal(value) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go deleted file mode 100644 index 3388b78b..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go +++ /dev/null @@ -1,148 +0,0 @@ -package ssocreds - -import ( - "fmt" - "os" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/auth/bearer" - "github.com/aws/aws-sdk-go/service/ssooidc" -) - -// CreateTokenAPIClient provides the interface for the SSOTokenProvider's API -// client for calling CreateToken operation to refresh the SSO token. -type CreateTokenAPIClient interface { - CreateToken(input *ssooidc.CreateTokenInput) (*ssooidc.CreateTokenOutput, error) -} - -// SSOTokenProviderOptions provides the options for configuring the -// SSOTokenProvider. -type SSOTokenProviderOptions struct { - // Client that can be overridden - Client CreateTokenAPIClient - - // The path the file containing the cached SSO token will be read from. - // Initialized the NewSSOTokenProvider's cachedTokenFilepath parameter. - CachedTokenFilepath string -} - -// SSOTokenProvider provides a utility for refreshing SSO AccessTokens for -// Bearer Authentication. The SSOTokenProvider can only be used to refresh -// already cached SSO Tokens. This utility cannot perform the initial SSO -// create token. -// -// The initial SSO create token should be preformed with the AWS CLI before the -// Go application using the SSOTokenProvider will need to retrieve the SSO -// token. If the AWS CLI has not created the token cache file, this provider -// will return an error when attempting to retrieve the cached token. -// -// This provider will attempt to refresh the cached SSO token periodically if -// needed when RetrieveBearerToken is called. -// -// A utility such as the AWS CLI must be used to initially create the SSO -// session and cached token file. -// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html -type SSOTokenProvider struct { - options SSOTokenProviderOptions -} - -// NewSSOTokenProvider returns an initialized SSOTokenProvider that will -// periodically refresh the SSO token cached stored in the cachedTokenFilepath. -// The cachedTokenFilepath file's content will be rewritten by the token -// provider when the token is refreshed. -// -// The client must be configured for the AWS region the SSO token was created for. -func NewSSOTokenProvider(client CreateTokenAPIClient, cachedTokenFilepath string, optFns ...func(o *SSOTokenProviderOptions)) *SSOTokenProvider { - options := SSOTokenProviderOptions{ - Client: client, - CachedTokenFilepath: cachedTokenFilepath, - } - for _, fn := range optFns { - fn(&options) - } - - provider := &SSOTokenProvider{ - options: options, - } - - return provider -} - -// RetrieveBearerToken returns the SSO token stored in the cachedTokenFilepath -// the SSOTokenProvider was created with. If the token has expired -// RetrieveBearerToken will attempt to refresh it. If the token cannot be -// refreshed or is not present an error will be returned. -// -// A utility such as the AWS CLI must be used to initially create the SSO -// session and cached token file. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html -func (p *SSOTokenProvider) RetrieveBearerToken(ctx aws.Context) (bearer.Token, error) { - cachedToken, err := loadCachedToken(p.options.CachedTokenFilepath) - if err != nil { - return bearer.Token{}, err - } - - if cachedToken.ExpiresAt != nil && nowTime().After(time.Time(*cachedToken.ExpiresAt)) { - cachedToken, err = p.refreshToken(cachedToken) - if err != nil { - return bearer.Token{}, fmt.Errorf("refresh cached SSO token failed, %v", err) - } - } - - expiresAt := toTime((*time.Time)(cachedToken.ExpiresAt)) - return bearer.Token{ - Value: cachedToken.AccessToken, - CanExpire: !expiresAt.IsZero(), - Expires: expiresAt, - }, nil -} - -func (p *SSOTokenProvider) refreshToken(token cachedToken) (cachedToken, error) { - if token.ClientSecret == "" || token.ClientID == "" || token.RefreshToken == "" { - return cachedToken{}, fmt.Errorf("cached SSO token is expired, or not present, and cannot be refreshed") - } - - createResult, err := p.options.Client.CreateToken(&ssooidc.CreateTokenInput{ - ClientId: &token.ClientID, - ClientSecret: &token.ClientSecret, - RefreshToken: &token.RefreshToken, - GrantType: aws.String("refresh_token"), - }) - if err != nil { - return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err) - } - if createResult.ExpiresIn == nil { - return cachedToken{}, fmt.Errorf("missing required field ExpiresIn") - } - if createResult.AccessToken == nil { - return cachedToken{}, fmt.Errorf("missing required field AccessToken") - } - if createResult.RefreshToken == nil { - return cachedToken{}, fmt.Errorf("missing required field RefreshToken") - } - - expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second) - - token.AccessToken = *createResult.AccessToken - token.ExpiresAt = (*rfc3339)(&expiresAt) - token.RefreshToken = *createResult.RefreshToken - - fileInfo, err := os.Stat(p.options.CachedTokenFilepath) - if err != nil { - return cachedToken{}, fmt.Errorf("failed to stat cached SSO token file %v", err) - } - - if err = storeCachedToken(p.options.CachedTokenFilepath, token, fileInfo.Mode()); err != nil { - return cachedToken{}, fmt.Errorf("unable to cache refreshed SSO token, %v", err) - } - - return token, nil -} - -func toTime(p *time.Time) (v time.Time) { - if p == nil { - return v - } - - return *p -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go deleted file mode 100644 index cbba1e3d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/static_provider.go +++ /dev/null @@ -1,57 +0,0 @@ -package credentials - -import ( - "github.com/aws/aws-sdk-go/aws/awserr" -) - -// StaticProviderName provides a name of Static provider -const StaticProviderName = "StaticProvider" - -var ( - // ErrStaticCredentialsEmpty is emitted when static credentials are empty. - ErrStaticCredentialsEmpty = awserr.New("EmptyStaticCreds", "static credentials are empty", nil) -) - -// A StaticProvider is a set of credentials which are set programmatically, -// and will never expire. -type StaticProvider struct { - Value -} - -// NewStaticCredentials returns a pointer to a new Credentials object -// wrapping a static credentials value provider. Token is only required -// for temporary security credentials retrieved via STS, otherwise an empty -// string can be passed for this parameter. -func NewStaticCredentials(id, secret, token string) *Credentials { - return NewCredentials(&StaticProvider{Value: Value{ - AccessKeyID: id, - SecretAccessKey: secret, - SessionToken: token, - }}) -} - -// NewStaticCredentialsFromCreds returns a pointer to a new Credentials object -// wrapping the static credentials value provide. Same as NewStaticCredentials -// but takes the creds Value instead of individual fields -func NewStaticCredentialsFromCreds(creds Value) *Credentials { - return NewCredentials(&StaticProvider{Value: creds}) -} - -// Retrieve returns the credentials or error if the credentials are invalid. -func (s *StaticProvider) Retrieve() (Value, error) { - if s.AccessKeyID == "" || s.SecretAccessKey == "" { - return Value{ProviderName: StaticProviderName}, ErrStaticCredentialsEmpty - } - - if len(s.Value.ProviderName) == 0 { - s.Value.ProviderName = StaticProviderName - } - return s.Value, nil -} - -// IsExpired returns if the credentials are expired. -// -// For StaticProvider, the credentials never expired. -func (s *StaticProvider) IsExpired() bool { - return false -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go deleted file mode 100644 index 86db488d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ /dev/null @@ -1,371 +0,0 @@ -/* -Package stscreds are credential Providers to retrieve STS AWS credentials. - -STS provides multiple ways to retrieve credentials which can be used when making -future AWS service API operation calls. - -The SDK will ensure that per instance of credentials.Credentials all requests -to refresh the credentials will be synchronized. But, the SDK is unable to -ensure synchronous usage of the AssumeRoleProvider if the value is shared -between multiple Credentials, Sessions or service clients. - -# Assume Role - -To assume an IAM role using STS with the SDK you can create a new Credentials -with the SDKs's stscreds package. - - // Initial credentials loaded from SDK's default credential chain. Such as - // the environment, shared credentials (~/.aws/credentials), or EC2 Instance - // Role. These credentials will be used to to make the STS Assume Role API. - sess := session.Must(session.NewSession()) - - // Create the credentials from AssumeRoleProvider to assume the role - // referenced by the "myRoleARN" ARN. - creds := stscreds.NewCredentials(sess, "myRoleArn") - - // Create service client value configured for credentials - // from assumed role. - svc := s3.New(sess, &aws.Config{Credentials: creds}) - -# Assume Role with static MFA Token - -To assume an IAM role with a MFA token you can either specify a MFA token code -directly or provide a function to prompt the user each time the credentials -need to refresh the role's credentials. Specifying the TokenCode should be used -for short lived operations that will not need to be refreshed, and when you do -not want to have direct control over the user provides their MFA token. - -With TokenCode the AssumeRoleProvider will be not be able to refresh the role's -credentials. - - // Create the credentials from AssumeRoleProvider to assume the role - // referenced by the "myRoleARN" ARN using the MFA token code provided. - creds := stscreds.NewCredentials(sess, "myRoleArn", func(p *stscreds.AssumeRoleProvider) { - p.SerialNumber = aws.String("myTokenSerialNumber") - p.TokenCode = aws.String("00000000") - }) - - // Create service client value configured for credentials - // from assumed role. - svc := s3.New(sess, &aws.Config{Credentials: creds}) - -# Assume Role with MFA Token Provider - -To assume an IAM role with MFA for longer running tasks where the credentials -may need to be refreshed setting the TokenProvider field of AssumeRoleProvider -will allow the credential provider to prompt for new MFA token code when the -role's credentials need to be refreshed. - -The StdinTokenProvider function is available to prompt on stdin to retrieve -the MFA token code from the user. You can also implement custom prompts by -satisfing the TokenProvider function signature. - -Using StdinTokenProvider with multiple AssumeRoleProviders, or Credentials will -have undesirable results as the StdinTokenProvider will not be synchronized. A -single Credentials with an AssumeRoleProvider can be shared safely. - - // Create the credentials from AssumeRoleProvider to assume the role - // referenced by the "myRoleARN" ARN. Prompting for MFA token from stdin. - creds := stscreds.NewCredentials(sess, "myRoleArn", func(p *stscreds.AssumeRoleProvider) { - p.SerialNumber = aws.String("myTokenSerialNumber") - p.TokenProvider = stscreds.StdinTokenProvider - }) - - // Create service client value configured for credentials - // from assumed role. - svc := s3.New(sess, &aws.Config{Credentials: creds}) -*/ -package stscreds - -import ( - "fmt" - "os" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/sdkrand" - "github.com/aws/aws-sdk-go/service/sts" -) - -// StdinTokenProvider will prompt on stderr and read from stdin for a string value. -// An error is returned if reading from stdin fails. -// -// Use this function to read MFA tokens from stdin. The function makes no attempt -// to make atomic prompts from stdin across multiple gorouties. -// -// Using StdinTokenProvider with multiple AssumeRoleProviders, or Credentials will -// have undesirable results as the StdinTokenProvider will not be synchronized. A -// single Credentials with an AssumeRoleProvider can be shared safely -// -// Will wait forever until something is provided on the stdin. -func StdinTokenProvider() (string, error) { - var v string - fmt.Fprintf(os.Stderr, "Assume Role MFA token code: ") - _, err := fmt.Scanln(&v) - - return v, err -} - -// ProviderName provides a name of AssumeRole provider -const ProviderName = "AssumeRoleProvider" - -// AssumeRoler represents the minimal subset of the STS client API used by this provider. -type AssumeRoler interface { - AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) -} - -type assumeRolerWithContext interface { - AssumeRoleWithContext(aws.Context, *sts.AssumeRoleInput, ...request.Option) (*sts.AssumeRoleOutput, error) -} - -// DefaultDuration is the default amount of time in minutes that the credentials -// will be valid for. -var DefaultDuration = time.Duration(15) * time.Minute - -// AssumeRoleProvider retrieves temporary credentials from the STS service, and -// keeps track of their expiration time. -// -// This credential provider will be used by the SDKs default credential change -// when shared configuration is enabled, and the shared config or shared credentials -// file configure assume role. See Session docs for how to do this. -// -// AssumeRoleProvider does not provide any synchronization and it is not safe -// to share this value across multiple Credentials, Sessions, or service clients -// without also sharing the same Credentials instance. -type AssumeRoleProvider struct { - credentials.Expiry - - // STS client to make assume role request with. - Client AssumeRoler - - // Role to be assumed. - RoleARN string - - // Session name, if you wish to reuse the credentials elsewhere. - RoleSessionName string - - // Optional, you can pass tag key-value pairs to your session. These tags are called session tags. - Tags []*sts.Tag - - // A list of keys for session tags that you want to set as transitive. - // If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain. - TransitiveTagKeys []*string - - // Expiry duration of the STS credentials. Defaults to 15 minutes if not set. - Duration time.Duration - - // Optional ExternalID to pass along, defaults to nil if not set. - ExternalID *string - - // The policy plain text must be 2048 bytes or shorter. However, an internal - // conversion compresses it into a packed binary format with a separate limit. - // The PackedPolicySize response element indicates by percentage how close to - // the upper size limit the policy is, with 100% equaling the maximum allowed - // size. - Policy *string - - // The ARNs of IAM managed policies you want to use as managed session policies. - // The policies must exist in the same account as the role. - // - // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plain text that you use for both inline and managed session - // policies can't exceed 2,048 characters. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. - // - // Passing policies to this operation returns new temporary credentials. The - // resulting session's permissions are the intersection of the role's identity-based - // policy and the session policies. You can use the role's temporary credentials - // in subsequent AWS API calls to access resources in the account that owns - // the role. You cannot use session policies to grant more permissions than - // those allowed by the identity-based policy of the role that is being assumed. - // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - PolicyArns []*sts.PolicyDescriptorType - - // The identification number of the MFA device that is associated with the user - // who is making the AssumeRole call. Specify this value if the trust policy - // of the role being assumed includes a condition that requires MFA authentication. - // The value is either the serial number for a hardware device (such as GAHT12345678) - // or an Amazon Resource Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user). - SerialNumber *string - - // The SourceIdentity which is used to identity a persistent identity through the whole session. - // For more details see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html - SourceIdentity *string - - // The value provided by the MFA device, if the trust policy of the role being - // assumed requires MFA (that is, if the policy includes a condition that tests - // for MFA). If the role being assumed requires MFA and if the TokenCode value - // is missing or expired, the AssumeRole call returns an "access denied" error. - // - // If SerialNumber is set and neither TokenCode nor TokenProvider are also - // set an error will be returned. - TokenCode *string - - // Async method of providing MFA token code for assuming an IAM role with MFA. - // The value returned by the function will be used as the TokenCode in the Retrieve - // call. See StdinTokenProvider for a provider that prompts and reads from stdin. - // - // This token provider will be called when ever the assumed role's - // credentials need to be refreshed when SerialNumber is also set and - // TokenCode is not set. - // - // If both TokenCode and TokenProvider is set, TokenProvider will be used and - // TokenCode is ignored. - TokenProvider func() (string, error) - - // ExpiryWindow will allow the credentials to trigger refreshing prior to - // the credentials actually expiring. This is beneficial so race conditions - // with expiring credentials do not cause request to fail unexpectedly - // due to ExpiredTokenException exceptions. - // - // So a ExpiryWindow of 10s would cause calls to IsExpired() to return true - // 10 seconds before the credentials are actually expired. - // - // If ExpiryWindow is 0 or less it will be ignored. - ExpiryWindow time.Duration - - // MaxJitterFrac reduces the effective Duration of each credential requested - // by a random percentage between 0 and MaxJitterFraction. MaxJitterFrac must - // have a value between 0 and 1. Any other value may lead to expected behavior. - // With a MaxJitterFrac value of 0, default) will no jitter will be used. - // - // For example, with a Duration of 30m and a MaxJitterFrac of 0.1, the - // AssumeRole call will be made with an arbitrary Duration between 27m and - // 30m. - // - // MaxJitterFrac should not be negative. - MaxJitterFrac float64 -} - -// NewCredentials returns a pointer to a new Credentials value wrapping the -// AssumeRoleProvider. The credentials will expire every 15 minutes and the -// role will be named after a nanosecond timestamp of this operation. The -// Credentials value will attempt to refresh the credentials using the provider -// when Credentials.Get is called, if the cached credentials are expiring. -// -// Takes a Config provider to create the STS client. The ConfigProvider is -// satisfied by the session.Session type. -// -// It is safe to share the returned Credentials with multiple Sessions and -// service clients. All access to the credentials and refreshing them -// will be synchronized. -func NewCredentials(c client.ConfigProvider, roleARN string, options ...func(*AssumeRoleProvider)) *credentials.Credentials { - p := &AssumeRoleProvider{ - Client: sts.New(c), - RoleARN: roleARN, - Duration: DefaultDuration, - } - - for _, option := range options { - option(p) - } - - return credentials.NewCredentials(p) -} - -// NewCredentialsWithClient returns a pointer to a new Credentials value wrapping the -// AssumeRoleProvider. The credentials will expire every 15 minutes and the -// role will be named after a nanosecond timestamp of this operation. The -// Credentials value will attempt to refresh the credentials using the provider -// when Credentials.Get is called, if the cached credentials are expiring. -// -// Takes an AssumeRoler which can be satisfied by the STS client. -// -// It is safe to share the returned Credentials with multiple Sessions and -// service clients. All access to the credentials and refreshing them -// will be synchronized. -func NewCredentialsWithClient(svc AssumeRoler, roleARN string, options ...func(*AssumeRoleProvider)) *credentials.Credentials { - p := &AssumeRoleProvider{ - Client: svc, - RoleARN: roleARN, - Duration: DefaultDuration, - } - - for _, option := range options { - option(p) - } - - return credentials.NewCredentials(p) -} - -// Retrieve generates a new set of temporary credentials using STS. -func (p *AssumeRoleProvider) Retrieve() (credentials.Value, error) { - return p.RetrieveWithContext(aws.BackgroundContext()) -} - -// RetrieveWithContext generates a new set of temporary credentials using STS. -func (p *AssumeRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { - // Apply defaults where parameters are not set. - if p.RoleSessionName == "" { - // Try to work out a role name that will hopefully end up unique. - p.RoleSessionName = fmt.Sprintf("%d", time.Now().UTC().UnixNano()) - } - if p.Duration == 0 { - // Expire as often as AWS permits. - p.Duration = DefaultDuration - } - jitter := time.Duration(sdkrand.SeededRand.Float64() * p.MaxJitterFrac * float64(p.Duration)) - input := &sts.AssumeRoleInput{ - DurationSeconds: aws.Int64(int64((p.Duration - jitter) / time.Second)), - RoleArn: aws.String(p.RoleARN), - RoleSessionName: aws.String(p.RoleSessionName), - ExternalId: p.ExternalID, - Tags: p.Tags, - PolicyArns: p.PolicyArns, - TransitiveTagKeys: p.TransitiveTagKeys, - SourceIdentity: p.SourceIdentity, - } - if p.Policy != nil { - input.Policy = p.Policy - } - if p.SerialNumber != nil { - if p.TokenCode != nil { - input.SerialNumber = p.SerialNumber - input.TokenCode = p.TokenCode - } else if p.TokenProvider != nil { - input.SerialNumber = p.SerialNumber - code, err := p.TokenProvider() - if err != nil { - return credentials.Value{ProviderName: ProviderName}, err - } - input.TokenCode = aws.String(code) - } else { - return credentials.Value{ProviderName: ProviderName}, - awserr.New("AssumeRoleTokenNotAvailable", - "assume role with MFA enabled, but neither TokenCode nor TokenProvider are set", nil) - } - } - - var roleOutput *sts.AssumeRoleOutput - var err error - - if c, ok := p.Client.(assumeRolerWithContext); ok { - roleOutput, err = c.AssumeRoleWithContext(ctx, input) - } else { - roleOutput, err = p.Client.AssumeRole(input) - } - - if err != nil { - return credentials.Value{ProviderName: ProviderName}, err - } - - // We will proactively generate new credentials before they expire. - p.SetExpiration(*roleOutput.Credentials.Expiration, p.ExpiryWindow) - - return credentials.Value{ - AccessKeyID: *roleOutput.Credentials.AccessKeyId, - SecretAccessKey: *roleOutput.Credentials.SecretAccessKey, - SessionToken: *roleOutput.Credentials.SessionToken, - ProviderName: ProviderName, - }, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go deleted file mode 100644 index 19ad619a..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go +++ /dev/null @@ -1,182 +0,0 @@ -package stscreds - -import ( - "fmt" - "io/ioutil" - "strconv" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/service/sts" - "github.com/aws/aws-sdk-go/service/sts/stsiface" -) - -const ( - // ErrCodeWebIdentity will be used as an error code when constructing - // a new error to be returned during session creation or retrieval. - ErrCodeWebIdentity = "WebIdentityErr" - - // WebIdentityProviderName is the web identity provider name - WebIdentityProviderName = "WebIdentityCredentials" -) - -// now is used to return a time.Time object representing -// the current time. This can be used to easily test and -// compare test values. -var now = time.Now - -// TokenFetcher should return WebIdentity token bytes or an error -type TokenFetcher interface { - FetchToken(credentials.Context) ([]byte, error) -} - -// FetchTokenPath is a path to a WebIdentity token file -type FetchTokenPath string - -// FetchToken returns a token by reading from the filesystem -func (f FetchTokenPath) FetchToken(ctx credentials.Context) ([]byte, error) { - data, err := ioutil.ReadFile(string(f)) - if err != nil { - errMsg := fmt.Sprintf("unable to read file at %s", f) - return nil, awserr.New(ErrCodeWebIdentity, errMsg, err) - } - return data, nil -} - -// WebIdentityRoleProvider is used to retrieve credentials using -// an OIDC token. -type WebIdentityRoleProvider struct { - credentials.Expiry - - // The policy ARNs to use with the web identity assumed role. - PolicyArns []*sts.PolicyDescriptorType - - // Duration the STS credentials will be valid for. Truncated to seconds. - // If unset, the assumed role will use AssumeRoleWithWebIdentity's default - // expiry duration. See - // https://docs.aws.amazon.com/sdk-for-go/api/service/sts/#STS.AssumeRoleWithWebIdentity - // for more information. - Duration time.Duration - - // The amount of time the credentials will be refreshed before they expire. - // This is useful refresh credentials before they expire to reduce risk of - // using credentials as they expire. If unset, will default to no expiry - // window. - ExpiryWindow time.Duration - - client stsiface.STSAPI - - tokenFetcher TokenFetcher - roleARN string - roleSessionName string -} - -// NewWebIdentityCredentials will return a new set of credentials with a given -// configuration, role arn, and token file path. -// -// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible -// functional options, and wrap with credentials.NewCredentials helper. -func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName, path string) *credentials.Credentials { - svc := sts.New(c) - p := NewWebIdentityRoleProvider(svc, roleARN, roleSessionName, path) - return credentials.NewCredentials(p) -} - -// NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the -// provided stsiface.STSAPI -// -// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible -// functional options. -func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider { - return NewWebIdentityRoleProviderWithOptions(svc, roleARN, roleSessionName, FetchTokenPath(path)) -} - -// NewWebIdentityRoleProviderWithToken will return a new WebIdentityRoleProvider with the -// provided stsiface.STSAPI and a TokenFetcher -// -// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible -// functional options. -func NewWebIdentityRoleProviderWithToken(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher) *WebIdentityRoleProvider { - return NewWebIdentityRoleProviderWithOptions(svc, roleARN, roleSessionName, tokenFetcher) -} - -// NewWebIdentityRoleProviderWithOptions will return an initialize -// WebIdentityRoleProvider with the provided stsiface.STSAPI, role ARN, and a -// TokenFetcher. Additional options can be provided as functional options. -// -// TokenFetcher is the implementation that will retrieve the JWT token from to -// assume the role with. Use the provided FetchTokenPath implementation to -// retrieve the JWT token using a file system path. -func NewWebIdentityRoleProviderWithOptions(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher, optFns ...func(*WebIdentityRoleProvider)) *WebIdentityRoleProvider { - p := WebIdentityRoleProvider{ - client: svc, - tokenFetcher: tokenFetcher, - roleARN: roleARN, - roleSessionName: roleSessionName, - } - - for _, fn := range optFns { - fn(&p) - } - - return &p -} - -// Retrieve will attempt to assume a role from a token which is located at -// 'WebIdentityTokenFilePath' specified destination and if that is empty an -// error will be returned. -func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) { - return p.RetrieveWithContext(aws.BackgroundContext()) -} - -// RetrieveWithContext will attempt to assume a role from a token which is -// located at 'WebIdentityTokenFilePath' specified destination and if that is -// empty an error will be returned. -func (p *WebIdentityRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { - b, err := p.tokenFetcher.FetchToken(ctx) - if err != nil { - return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed fetching WebIdentity token: ", err) - } - - sessionName := p.roleSessionName - if len(sessionName) == 0 { - // session name is used to uniquely identify a session. This simply - // uses unix time in nanoseconds to uniquely identify sessions. - sessionName = strconv.FormatInt(now().UnixNano(), 10) - } - - var duration *int64 - if p.Duration != 0 { - duration = aws.Int64(int64(p.Duration / time.Second)) - } - - req, resp := p.client.AssumeRoleWithWebIdentityRequest(&sts.AssumeRoleWithWebIdentityInput{ - PolicyArns: p.PolicyArns, - RoleArn: &p.roleARN, - RoleSessionName: &sessionName, - WebIdentityToken: aws.String(string(b)), - DurationSeconds: duration, - }) - - req.SetContext(ctx) - - // InvalidIdentityToken error is a temporary error that can occur - // when assuming an Role with a JWT web identity token. - req.RetryErrorCodes = append(req.RetryErrorCodes, sts.ErrCodeInvalidIdentityTokenException) - if err := req.Send(); err != nil { - return credentials.Value{}, awserr.New(ErrCodeWebIdentity, "failed to retrieve credentials", err) - } - - p.SetExpiration(aws.TimeValue(resp.Credentials.Expiration), p.ExpiryWindow) - - value := credentials.Value{ - AccessKeyID: aws.StringValue(resp.Credentials.AccessKeyId), - SecretAccessKey: aws.StringValue(resp.Credentials.SecretAccessKey), - SessionToken: aws.StringValue(resp.Credentials.SessionToken), - ProviderName: WebIdentityProviderName, - } - return value, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go deleted file mode 100644 index 25a66d1d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/doc.go +++ /dev/null @@ -1,69 +0,0 @@ -// Package csm provides the Client Side Monitoring (CSM) client which enables -// sending metrics via UDP connection to the CSM agent. This package provides -// control options, and configuration for the CSM client. The client can be -// controlled manually, or automatically via the SDK's Session configuration. -// -// Enabling CSM client via SDK's Session configuration -// -// The CSM client can be enabled automatically via SDK's Session configuration. -// The SDK's session configuration enables the CSM client if the AWS_CSM_PORT -// environment variable is set to a non-empty value. -// -// The configuration options for the CSM client via the SDK's session -// configuration are: -// -// * AWS_CSM_PORT= -// The port number the CSM agent will receive metrics on. -// -// * AWS_CSM_HOST= -// The hostname, or IP address the CSM agent will receive metrics on. -// Without port number. -// -// Manually enabling the CSM client -// -// The CSM client can be started, paused, and resumed manually. The Start -// function will enable the CSM client to publish metrics to the CSM agent. It -// is safe to call Start concurrently, but if Start is called additional times -// with different ClientID or address it will panic. -// -// r, err := csm.Start("clientID", ":31000") -// if err != nil { -// panic(fmt.Errorf("failed starting CSM: %v", err)) -// } -// -// When controlling the CSM client manually, you must also inject its request -// handlers into the SDK's Session configuration for the SDK's API clients to -// publish metrics. -// -// sess, err := session.NewSession(&aws.Config{}) -// if err != nil { -// panic(fmt.Errorf("failed loading session: %v", err)) -// } -// -// // Add CSM client's metric publishing request handlers to the SDK's -// // Session Configuration. -// r.InjectHandlers(&sess.Handlers) -// -// Controlling CSM client -// -// Once the CSM client has been enabled the Get function will return a Reporter -// value that you can use to pause and resume the metrics published to the CSM -// agent. If Get function is called before the reporter is enabled with the -// Start function or via SDK's Session configuration nil will be returned. -// -// The Pause method can be called to stop the CSM client publishing metrics to -// the CSM agent. The Continue method will resume metric publishing. -// -// // Get the CSM client Reporter. -// r := csm.Get() -// -// // Will pause monitoring -// r.Pause() -// resp, err = client.GetObject(&s3.GetObjectInput{ -// Bucket: aws.String("bucket"), -// Key: aws.String("key"), -// }) -// -// // Resume monitoring -// r.Continue() -package csm diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go deleted file mode 100644 index 4b19e280..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/enable.go +++ /dev/null @@ -1,89 +0,0 @@ -package csm - -import ( - "fmt" - "strings" - "sync" -) - -var ( - lock sync.Mutex -) - -const ( - // DefaultPort is used when no port is specified. - DefaultPort = "31000" - - // DefaultHost is the host that will be used when none is specified. - DefaultHost = "127.0.0.1" -) - -// AddressWithDefaults returns a CSM address built from the host and port -// values. If the host or port is not set, default values will be used -// instead. If host is "localhost" it will be replaced with "127.0.0.1". -func AddressWithDefaults(host, port string) string { - if len(host) == 0 || strings.EqualFold(host, "localhost") { - host = DefaultHost - } - - if len(port) == 0 { - port = DefaultPort - } - - // Only IP6 host can contain a colon - if strings.Contains(host, ":") { - return "[" + host + "]:" + port - } - - return host + ":" + port -} - -// Start will start a long running go routine to capture -// client side metrics. Calling start multiple time will only -// start the metric listener once and will panic if a different -// client ID or port is passed in. -// -// r, err := csm.Start("clientID", "127.0.0.1:31000") -// if err != nil { -// panic(fmt.Errorf("expected no error, but received %v", err)) -// } -// sess := session.NewSession() -// r.InjectHandlers(sess.Handlers) -// -// svc := s3.New(sess) -// out, err := svc.GetObject(&s3.GetObjectInput{ -// Bucket: aws.String("bucket"), -// Key: aws.String("key"), -// }) -func Start(clientID string, url string) (*Reporter, error) { - lock.Lock() - defer lock.Unlock() - - if sender == nil { - sender = newReporter(clientID, url) - } else { - if sender.clientID != clientID { - panic(fmt.Errorf("inconsistent client IDs. %q was expected, but received %q", sender.clientID, clientID)) - } - - if sender.url != url { - panic(fmt.Errorf("inconsistent URLs. %q was expected, but received %q", sender.url, url)) - } - } - - if err := connect(url); err != nil { - sender = nil - return nil, err - } - - return sender, nil -} - -// Get will return a reporter if one exists, if one does not exist, nil will -// be returned. -func Get() *Reporter { - lock.Lock() - defer lock.Unlock() - - return sender -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/metric.go deleted file mode 100644 index 5bacc791..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric.go +++ /dev/null @@ -1,109 +0,0 @@ -package csm - -import ( - "strconv" - "time" - - "github.com/aws/aws-sdk-go/aws" -) - -type metricTime time.Time - -func (t metricTime) MarshalJSON() ([]byte, error) { - ns := time.Duration(time.Time(t).UnixNano()) - return []byte(strconv.FormatInt(int64(ns/time.Millisecond), 10)), nil -} - -type metric struct { - ClientID *string `json:"ClientId,omitempty"` - API *string `json:"Api,omitempty"` - Service *string `json:"Service,omitempty"` - Timestamp *metricTime `json:"Timestamp,omitempty"` - Type *string `json:"Type,omitempty"` - Version *int `json:"Version,omitempty"` - - AttemptCount *int `json:"AttemptCount,omitempty"` - Latency *int `json:"Latency,omitempty"` - - Fqdn *string `json:"Fqdn,omitempty"` - UserAgent *string `json:"UserAgent,omitempty"` - AttemptLatency *int `json:"AttemptLatency,omitempty"` - - SessionToken *string `json:"SessionToken,omitempty"` - Region *string `json:"Region,omitempty"` - AccessKey *string `json:"AccessKey,omitempty"` - HTTPStatusCode *int `json:"HttpStatusCode,omitempty"` - XAmzID2 *string `json:"XAmzId2,omitempty"` - XAmzRequestID *string `json:"XAmznRequestId,omitempty"` - - AWSException *string `json:"AwsException,omitempty"` - AWSExceptionMessage *string `json:"AwsExceptionMessage,omitempty"` - SDKException *string `json:"SdkException,omitempty"` - SDKExceptionMessage *string `json:"SdkExceptionMessage,omitempty"` - - FinalHTTPStatusCode *int `json:"FinalHttpStatusCode,omitempty"` - FinalAWSException *string `json:"FinalAwsException,omitempty"` - FinalAWSExceptionMessage *string `json:"FinalAwsExceptionMessage,omitempty"` - FinalSDKException *string `json:"FinalSdkException,omitempty"` - FinalSDKExceptionMessage *string `json:"FinalSdkExceptionMessage,omitempty"` - - DestinationIP *string `json:"DestinationIp,omitempty"` - ConnectionReused *int `json:"ConnectionReused,omitempty"` - - AcquireConnectionLatency *int `json:"AcquireConnectionLatency,omitempty"` - ConnectLatency *int `json:"ConnectLatency,omitempty"` - RequestLatency *int `json:"RequestLatency,omitempty"` - DNSLatency *int `json:"DnsLatency,omitempty"` - TCPLatency *int `json:"TcpLatency,omitempty"` - SSLLatency *int `json:"SslLatency,omitempty"` - - MaxRetriesExceeded *int `json:"MaxRetriesExceeded,omitempty"` -} - -func (m *metric) TruncateFields() { - m.ClientID = truncateString(m.ClientID, 255) - m.UserAgent = truncateString(m.UserAgent, 256) - - m.AWSException = truncateString(m.AWSException, 128) - m.AWSExceptionMessage = truncateString(m.AWSExceptionMessage, 512) - - m.SDKException = truncateString(m.SDKException, 128) - m.SDKExceptionMessage = truncateString(m.SDKExceptionMessage, 512) - - m.FinalAWSException = truncateString(m.FinalAWSException, 128) - m.FinalAWSExceptionMessage = truncateString(m.FinalAWSExceptionMessage, 512) - - m.FinalSDKException = truncateString(m.FinalSDKException, 128) - m.FinalSDKExceptionMessage = truncateString(m.FinalSDKExceptionMessage, 512) -} - -func truncateString(v *string, l int) *string { - if v != nil && len(*v) > l { - nv := (*v)[:l] - return &nv - } - - return v -} - -func (m *metric) SetException(e metricException) { - switch te := e.(type) { - case awsException: - m.AWSException = aws.String(te.exception) - m.AWSExceptionMessage = aws.String(te.message) - case sdkException: - m.SDKException = aws.String(te.exception) - m.SDKExceptionMessage = aws.String(te.message) - } -} - -func (m *metric) SetFinalException(e metricException) { - switch te := e.(type) { - case awsException: - m.FinalAWSException = aws.String(te.exception) - m.FinalAWSExceptionMessage = aws.String(te.message) - case sdkException: - m.FinalSDKException = aws.String(te.exception) - m.FinalSDKExceptionMessage = aws.String(te.message) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go deleted file mode 100644 index 82a3e345..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_chan.go +++ /dev/null @@ -1,55 +0,0 @@ -package csm - -import ( - "sync/atomic" -) - -const ( - runningEnum = iota - pausedEnum -) - -var ( - // MetricsChannelSize of metrics to hold in the channel - MetricsChannelSize = 100 -) - -type metricChan struct { - ch chan metric - paused *int64 -} - -func newMetricChan(size int) metricChan { - return metricChan{ - ch: make(chan metric, size), - paused: new(int64), - } -} - -func (ch *metricChan) Pause() { - atomic.StoreInt64(ch.paused, pausedEnum) -} - -func (ch *metricChan) Continue() { - atomic.StoreInt64(ch.paused, runningEnum) -} - -func (ch *metricChan) IsPaused() bool { - v := atomic.LoadInt64(ch.paused) - return v == pausedEnum -} - -// Push will push metrics to the metric channel if the channel -// is not paused -func (ch *metricChan) Push(m metric) bool { - if ch.IsPaused() { - return false - } - - select { - case ch.ch <- m: - return true - default: - return false - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_exception.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_exception.go deleted file mode 100644 index 54a99280..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/metric_exception.go +++ /dev/null @@ -1,26 +0,0 @@ -package csm - -type metricException interface { - Exception() string - Message() string -} - -type requestException struct { - exception string - message string -} - -func (e requestException) Exception() string { - return e.exception -} -func (e requestException) Message() string { - return e.message -} - -type awsException struct { - requestException -} - -type sdkException struct { - requestException -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go b/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go deleted file mode 100644 index 835bcd49..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/csm/reporter.go +++ /dev/null @@ -1,264 +0,0 @@ -package csm - -import ( - "encoding/json" - "net" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" -) - -// Reporter will gather metrics of API requests made and -// send those metrics to the CSM endpoint. -type Reporter struct { - clientID string - url string - conn net.Conn - metricsCh metricChan - done chan struct{} -} - -var ( - sender *Reporter -) - -func connect(url string) error { - const network = "udp" - if err := sender.connect(network, url); err != nil { - return err - } - - if sender.done == nil { - sender.done = make(chan struct{}) - go sender.start() - } - - return nil -} - -func newReporter(clientID, url string) *Reporter { - return &Reporter{ - clientID: clientID, - url: url, - metricsCh: newMetricChan(MetricsChannelSize), - } -} - -func (rep *Reporter) sendAPICallAttemptMetric(r *request.Request) { - if rep == nil { - return - } - - now := time.Now() - creds, _ := r.Config.Credentials.Get() - - m := metric{ - ClientID: aws.String(rep.clientID), - API: aws.String(r.Operation.Name), - Service: aws.String(r.ClientInfo.ServiceID), - Timestamp: (*metricTime)(&now), - UserAgent: aws.String(r.HTTPRequest.Header.Get("User-Agent")), - Region: r.Config.Region, - Type: aws.String("ApiCallAttempt"), - Version: aws.Int(1), - - XAmzRequestID: aws.String(r.RequestID), - - AttemptLatency: aws.Int(int(now.Sub(r.AttemptTime).Nanoseconds() / int64(time.Millisecond))), - AccessKey: aws.String(creds.AccessKeyID), - } - - if r.HTTPResponse != nil { - m.HTTPStatusCode = aws.Int(r.HTTPResponse.StatusCode) - } - - if r.Error != nil { - if awserr, ok := r.Error.(awserr.Error); ok { - m.SetException(getMetricException(awserr)) - } - } - - m.TruncateFields() - rep.metricsCh.Push(m) -} - -func getMetricException(err awserr.Error) metricException { - msg := err.Error() - code := err.Code() - - switch code { - case request.ErrCodeRequestError, - request.ErrCodeSerialization, - request.CanceledErrorCode: - return sdkException{ - requestException{exception: code, message: msg}, - } - default: - return awsException{ - requestException{exception: code, message: msg}, - } - } -} - -func (rep *Reporter) sendAPICallMetric(r *request.Request) { - if rep == nil { - return - } - - now := time.Now() - m := metric{ - ClientID: aws.String(rep.clientID), - API: aws.String(r.Operation.Name), - Service: aws.String(r.ClientInfo.ServiceID), - Timestamp: (*metricTime)(&now), - UserAgent: aws.String(r.HTTPRequest.Header.Get("User-Agent")), - Type: aws.String("ApiCall"), - AttemptCount: aws.Int(r.RetryCount + 1), - Region: r.Config.Region, - Latency: aws.Int(int(time.Since(r.Time) / time.Millisecond)), - XAmzRequestID: aws.String(r.RequestID), - MaxRetriesExceeded: aws.Int(boolIntValue(r.RetryCount >= r.MaxRetries())), - } - - if r.HTTPResponse != nil { - m.FinalHTTPStatusCode = aws.Int(r.HTTPResponse.StatusCode) - } - - if r.Error != nil { - if awserr, ok := r.Error.(awserr.Error); ok { - m.SetFinalException(getMetricException(awserr)) - } - } - - m.TruncateFields() - - // TODO: Probably want to figure something out for logging dropped - // metrics - rep.metricsCh.Push(m) -} - -func (rep *Reporter) connect(network, url string) error { - if rep.conn != nil { - rep.conn.Close() - } - - conn, err := net.Dial(network, url) - if err != nil { - return awserr.New("UDPError", "Could not connect", err) - } - - rep.conn = conn - - return nil -} - -func (rep *Reporter) close() { - if rep.done != nil { - close(rep.done) - } - - rep.metricsCh.Pause() -} - -func (rep *Reporter) start() { - defer func() { - rep.metricsCh.Pause() - }() - - for { - select { - case <-rep.done: - rep.done = nil - return - case m := <-rep.metricsCh.ch: - // TODO: What to do with this error? Probably should just log - b, err := json.Marshal(m) - if err != nil { - continue - } - - rep.conn.Write(b) - } - } -} - -// Pause will pause the metric channel preventing any new metrics from being -// added. It is safe to call concurrently with other calls to Pause, but if -// called concurently with Continue can lead to unexpected state. -func (rep *Reporter) Pause() { - lock.Lock() - defer lock.Unlock() - - if rep == nil { - return - } - - rep.close() -} - -// Continue will reopen the metric channel and allow for monitoring to be -// resumed. It is safe to call concurrently with other calls to Continue, but -// if called concurently with Pause can lead to unexpected state. -func (rep *Reporter) Continue() { - lock.Lock() - defer lock.Unlock() - if rep == nil { - return - } - - if !rep.metricsCh.IsPaused() { - return - } - - rep.metricsCh.Continue() -} - -// Client side metric handler names -const ( - APICallMetricHandlerName = "awscsm.SendAPICallMetric" - APICallAttemptMetricHandlerName = "awscsm.SendAPICallAttemptMetric" -) - -// InjectHandlers will will enable client side metrics and inject the proper -// handlers to handle how metrics are sent. -// -// InjectHandlers is NOT safe to call concurrently. Calling InjectHandlers -// multiple times may lead to unexpected behavior, (e.g. duplicate metrics). -// -// // Start must be called in order to inject the correct handlers -// r, err := csm.Start("clientID", "127.0.0.1:8094") -// if err != nil { -// panic(fmt.Errorf("expected no error, but received %v", err)) -// } -// -// sess := session.NewSession() -// r.InjectHandlers(&sess.Handlers) -// -// // create a new service client with our client side metric session -// svc := s3.New(sess) -func (rep *Reporter) InjectHandlers(handlers *request.Handlers) { - if rep == nil { - return - } - - handlers.Complete.PushFrontNamed(request.NamedHandler{ - Name: APICallMetricHandlerName, - Fn: rep.sendAPICallMetric, - }) - - handlers.CompleteAttempt.PushFrontNamed(request.NamedHandler{ - Name: APICallAttemptMetricHandlerName, - Fn: rep.sendAPICallAttemptMetric, - }) -} - -// boolIntValue return 1 for true and 0 for false. -func boolIntValue(b bool) int { - if b { - return 1 - } - - return 0 -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go deleted file mode 100644 index 1ba80b57..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go +++ /dev/null @@ -1,252 +0,0 @@ -// Package defaults is a collection of helpers to retrieve the SDK's default -// configuration and handlers. -// -// Generally this package shouldn't be used directly, but session.Session -// instead. This package is useful when you need to reset the defaults -// of a session or service client to the SDK defaults before setting -// additional parameters. -package defaults - -import ( - "fmt" - "io/ioutil" - "net" - "net/http" - "net/url" - "os" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/corehandlers" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds" - "github.com/aws/aws-sdk-go/aws/credentials/endpointcreds" - "github.com/aws/aws-sdk-go/aws/ec2metadata" - "github.com/aws/aws-sdk-go/aws/endpoints" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/shareddefaults" -) - -// A Defaults provides a collection of default values for SDK clients. -type Defaults struct { - Config *aws.Config - Handlers request.Handlers -} - -// Get returns the SDK's default values with Config and handlers pre-configured. -func Get() Defaults { - cfg := Config() - handlers := Handlers() - cfg.Credentials = CredChain(cfg, handlers) - - return Defaults{ - Config: cfg, - Handlers: handlers, - } -} - -// Config returns the default configuration without credentials. -// To retrieve a config with credentials also included use -// `defaults.Get().Config` instead. -// -// Generally you shouldn't need to use this method directly, but -// is available if you need to reset the configuration of an -// existing service client or session. -func Config() *aws.Config { - return aws.NewConfig(). - WithCredentials(credentials.AnonymousCredentials). - WithRegion(os.Getenv("AWS_REGION")). - WithHTTPClient(http.DefaultClient). - WithMaxRetries(aws.UseServiceDefaultRetries). - WithLogger(aws.NewDefaultLogger()). - WithLogLevel(aws.LogOff). - WithEndpointResolver(endpoints.DefaultResolver()) -} - -// Handlers returns the default request handlers. -// -// Generally you shouldn't need to use this method directly, but -// is available if you need to reset the request handlers of an -// existing service client or session. -func Handlers() request.Handlers { - var handlers request.Handlers - - handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler) - handlers.Validate.AfterEachFn = request.HandlerListStopOnError - handlers.Build.PushBackNamed(corehandlers.SDKVersionUserAgentHandler) - handlers.Build.PushBackNamed(corehandlers.AddAwsInternal) - handlers.Build.PushBackNamed(corehandlers.AddHostExecEnvUserAgentHander) - handlers.Build.AfterEachFn = request.HandlerListStopOnError - handlers.Sign.PushBackNamed(corehandlers.BuildContentLengthHandler) - handlers.Send.PushBackNamed(corehandlers.ValidateReqSigHandler) - handlers.Send.PushBackNamed(corehandlers.SendHandler) - handlers.AfterRetry.PushBackNamed(corehandlers.AfterRetryHandler) - handlers.ValidateResponse.PushBackNamed(corehandlers.ValidateResponseHandler) - - return handlers -} - -// CredChain returns the default credential chain. -// -// Generally you shouldn't need to use this method directly, but -// is available if you need to reset the credentials of an -// existing service client or session's Config. -func CredChain(cfg *aws.Config, handlers request.Handlers) *credentials.Credentials { - return credentials.NewCredentials(&credentials.ChainProvider{ - VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors), - Providers: CredProviders(cfg, handlers), - }) -} - -// CredProviders returns the slice of providers used in -// the default credential chain. -// -// For applications that need to use some other provider (for example use -// different environment variables for legacy reasons) but still fall back -// on the default chain of providers. This allows that default chaint to be -// automatically updated -func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Provider { - return []credentials.Provider{ - &credentials.EnvProvider{}, - &credentials.SharedCredentialsProvider{Filename: "", Profile: ""}, - RemoteCredProvider(*cfg, handlers), - } -} - -const ( - httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" - httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" - httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" -) - -// direct representation of the IPv4 address for the ECS container -// "169.254.170.2" -var ecsContainerIPv4 net.IP = []byte{ - 169, 254, 170, 2, -} - -// direct representation of the IPv4 address for the EKS container -// "169.254.170.23" -var eksContainerIPv4 net.IP = []byte{ - 169, 254, 170, 23, -} - -// direct representation of the IPv6 address for the EKS container -// "fd00:ec2::23" -var eksContainerIPv6 net.IP = []byte{ - 0xFD, 0, 0xE, 0xC2, - 0, 0, 0, 0, - 0, 0, 0, 0, - 0, 0, 0, 0x23, -} - -// RemoteCredProvider returns a credentials provider for the default remote -// endpoints such as EC2 or ECS Roles. -func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider { - if u := os.Getenv(httpProviderEnvVar); len(u) > 0 { - return localHTTPCredProvider(cfg, handlers, u) - } - - if uri := os.Getenv(shareddefaults.ECSCredsProviderEnvVar); len(uri) > 0 { - u := fmt.Sprintf("%s%s", shareddefaults.ECSContainerCredentialsURI, uri) - return httpCredProvider(cfg, handlers, u) - } - - return ec2RoleProvider(cfg, handlers) -} - -var lookupHostFn = net.LookupHost - -// isAllowedHost allows host to be loopback or known ECS/EKS container IPs -// -// host can either be an IP address OR an unresolved hostname - resolution will -// be automatically performed in the latter case -func isAllowedHost(host string) (bool, error) { - if ip := net.ParseIP(host); ip != nil { - return isIPAllowed(ip), nil - } - - addrs, err := lookupHostFn(host) - if err != nil { - return false, err - } - - for _, addr := range addrs { - if ip := net.ParseIP(addr); ip == nil || !isIPAllowed(ip) { - return false, nil - } - } - - return true, nil -} - -func isIPAllowed(ip net.IP) bool { - return ip.IsLoopback() || - ip.Equal(ecsContainerIPv4) || - ip.Equal(eksContainerIPv4) || - ip.Equal(eksContainerIPv6) -} - -func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { - var errMsg string - - parsed, err := url.Parse(u) - if err != nil { - errMsg = fmt.Sprintf("invalid URL, %v", err) - } else { - host := aws.URLHostname(parsed) - if len(host) == 0 { - errMsg = "unable to parse host from local HTTP cred provider URL" - } else if parsed.Scheme == "http" { - if isAllowedHost, allowHostErr := isAllowedHost(host); allowHostErr != nil { - errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, allowHostErr) - } else if !isAllowedHost { - errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback/ecs/eks hosts are allowed.", host) - } - } - } - - if len(errMsg) > 0 { - if cfg.Logger != nil { - cfg.Logger.Log("Ignoring, HTTP credential provider", errMsg, err) - } - return credentials.ErrorProvider{ - Err: awserr.New("CredentialsEndpointError", errMsg, err), - ProviderName: endpointcreds.ProviderName, - } - } - - return httpCredProvider(cfg, handlers, u) -} - -func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { - return endpointcreds.NewProviderClient(cfg, handlers, u, - func(p *endpointcreds.Provider) { - p.ExpiryWindow = 5 * time.Minute - p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar) - if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { - p.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) { - if contents, err := ioutil.ReadFile(authFilePath); err != nil { - return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) - } else { - return string(contents), nil - } - }) - } - }, - ) -} - -func ec2RoleProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider { - resolver := cfg.EndpointResolver - if resolver == nil { - resolver = endpoints.DefaultResolver() - } - - e, _ := resolver.EndpointFor(endpoints.Ec2metadataServiceID, "") - return &ec2rolecreds.EC2RoleProvider{ - Client: ec2metadata.NewClient(cfg, handlers, e.URL, e.SigningRegion), - ExpiryWindow: 5 * time.Minute, - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/defaults/shared_config.go b/vendor/github.com/aws/aws-sdk-go/aws/defaults/shared_config.go deleted file mode 100644 index ca0ee1dc..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/defaults/shared_config.go +++ /dev/null @@ -1,27 +0,0 @@ -package defaults - -import ( - "github.com/aws/aws-sdk-go/internal/shareddefaults" -) - -// SharedCredentialsFilename returns the SDK's default file path -// for the shared credentials file. -// -// Builds the shared config file path based on the OS's platform. -// -// - Linux/Unix: $HOME/.aws/credentials -// - Windows: %USERPROFILE%\.aws\credentials -func SharedCredentialsFilename() string { - return shareddefaults.SharedCredentialsFilename() -} - -// SharedConfigFilename returns the SDK's default file path for -// the shared config file. -// -// Builds the shared config file path based on the OS's platform. -// -// - Linux/Unix: $HOME/.aws/config -// - Windows: %USERPROFILE%\.aws\config -func SharedConfigFilename() string { - return shareddefaults.SharedConfigFilename() -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/doc.go deleted file mode 100644 index 4fcb6161..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/doc.go +++ /dev/null @@ -1,56 +0,0 @@ -// Package aws provides the core SDK's utilities and shared types. Use this package's -// utilities to simplify setting and reading API operations parameters. -// -// Value and Pointer Conversion Utilities -// -// This package includes a helper conversion utility for each scalar type the SDK's -// API use. These utilities make getting a pointer of the scalar, and dereferencing -// a pointer easier. -// -// Each conversion utility comes in two forms. Value to Pointer and Pointer to Value. -// The Pointer to value will safely dereference the pointer and return its value. -// If the pointer was nil, the scalar's zero value will be returned. -// -// The value to pointer functions will be named after the scalar type. So get a -// *string from a string value use the "String" function. This makes it easy to -// to get pointer of a literal string value, because getting the address of a -// literal requires assigning the value to a variable first. -// -// var strPtr *string -// -// // Without the SDK's conversion functions -// str := "my string" -// strPtr = &str -// -// // With the SDK's conversion functions -// strPtr = aws.String("my string") -// -// // Convert *string to string value -// str = aws.StringValue(strPtr) -// -// In addition to scalars the aws package also includes conversion utilities for -// map and slice for commonly types used in API parameters. The map and slice -// conversion functions use similar naming pattern as the scalar conversion -// functions. -// -// var strPtrs []*string -// var strs []string = []string{"Go", "Gophers", "Go"} -// -// // Convert []string to []*string -// strPtrs = aws.StringSlice(strs) -// -// // Convert []*string to []string -// strs = aws.StringValueSlice(strPtrs) -// -// SDK Default HTTP Client -// -// The SDK will use the http.DefaultClient if a HTTP client is not provided to -// the SDK's Session, or service client constructor. This means that if the -// http.DefaultClient is modified by other components of your application the -// modifications will be picked up by the SDK as well. -// -// In some cases this might be intended, but it is a better practice to create -// a custom HTTP Client to share explicitly through your application. You can -// configure the SDK to use the custom HTTP Client by setting the HTTPClient -// value of the SDK's Config type when creating a Session or service client. -package aws diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go deleted file mode 100644 index 69fa63dc..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/api.go +++ /dev/null @@ -1,250 +0,0 @@ -package ec2metadata - -import ( - "encoding/json" - "fmt" - "net/http" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/sdkuri" -) - -// getToken uses the duration to return a token for EC2 metadata service, -// or an error if the request failed. -func (c *EC2Metadata) getToken(ctx aws.Context, duration time.Duration) (tokenOutput, error) { - op := &request.Operation{ - Name: "GetToken", - HTTPMethod: "PUT", - HTTPPath: "/latest/api/token", - } - - var output tokenOutput - req := c.NewRequest(op, nil, &output) - req.SetContext(ctx) - - // remove the fetch token handler from the request handlers to avoid infinite recursion - req.Handlers.Sign.RemoveByName(fetchTokenHandlerName) - - // Swap the unmarshalMetadataHandler with unmarshalTokenHandler on this request. - req.Handlers.Unmarshal.Swap(unmarshalMetadataHandlerName, unmarshalTokenHandler) - - ttl := strconv.FormatInt(int64(duration/time.Second), 10) - req.HTTPRequest.Header.Set(ttlHeader, ttl) - - err := req.Send() - - // Errors with bad request status should be returned. - if err != nil { - err = awserr.NewRequestFailure( - awserr.New(req.HTTPResponse.Status, http.StatusText(req.HTTPResponse.StatusCode), err), - req.HTTPResponse.StatusCode, req.RequestID) - } - - return output, err -} - -// GetMetadata uses the path provided to request information from the EC2 -// instance metadata service. The content will be returned as a string, or -// error if the request failed. -func (c *EC2Metadata) GetMetadata(p string) (string, error) { - return c.GetMetadataWithContext(aws.BackgroundContext(), p) -} - -// GetMetadataWithContext uses the path provided to request information from the EC2 -// instance metadata service. The content will be returned as a string, or -// error if the request failed. -func (c *EC2Metadata) GetMetadataWithContext(ctx aws.Context, p string) (string, error) { - op := &request.Operation{ - Name: "GetMetadata", - HTTPMethod: "GET", - HTTPPath: sdkuri.PathJoin("/latest/meta-data", p), - } - output := &metadataOutput{} - - req := c.NewRequest(op, nil, output) - - req.SetContext(ctx) - - err := req.Send() - return output.Content, err -} - -// GetUserData returns the userdata that was configured for the service. If -// there is no user-data setup for the EC2 instance a "NotFoundError" error -// code will be returned. -func (c *EC2Metadata) GetUserData() (string, error) { - return c.GetUserDataWithContext(aws.BackgroundContext()) -} - -// GetUserDataWithContext returns the userdata that was configured for the service. If -// there is no user-data setup for the EC2 instance a "NotFoundError" error -// code will be returned. -func (c *EC2Metadata) GetUserDataWithContext(ctx aws.Context) (string, error) { - op := &request.Operation{ - Name: "GetUserData", - HTTPMethod: "GET", - HTTPPath: "/latest/user-data", - } - - output := &metadataOutput{} - req := c.NewRequest(op, nil, output) - req.SetContext(ctx) - - err := req.Send() - return output.Content, err -} - -// GetDynamicData uses the path provided to request information from the EC2 -// instance metadata service for dynamic data. The content will be returned -// as a string, or error if the request failed. -func (c *EC2Metadata) GetDynamicData(p string) (string, error) { - return c.GetDynamicDataWithContext(aws.BackgroundContext(), p) -} - -// GetDynamicDataWithContext uses the path provided to request information from the EC2 -// instance metadata service for dynamic data. The content will be returned -// as a string, or error if the request failed. -func (c *EC2Metadata) GetDynamicDataWithContext(ctx aws.Context, p string) (string, error) { - op := &request.Operation{ - Name: "GetDynamicData", - HTTPMethod: "GET", - HTTPPath: sdkuri.PathJoin("/latest/dynamic", p), - } - - output := &metadataOutput{} - req := c.NewRequest(op, nil, output) - req.SetContext(ctx) - - err := req.Send() - return output.Content, err -} - -// GetInstanceIdentityDocument retrieves an identity document describing an -// instance. Error is returned if the request fails or is unable to parse -// the response. -func (c *EC2Metadata) GetInstanceIdentityDocument() (EC2InstanceIdentityDocument, error) { - return c.GetInstanceIdentityDocumentWithContext(aws.BackgroundContext()) -} - -// GetInstanceIdentityDocumentWithContext retrieves an identity document describing an -// instance. Error is returned if the request fails or is unable to parse -// the response. -func (c *EC2Metadata) GetInstanceIdentityDocumentWithContext(ctx aws.Context) (EC2InstanceIdentityDocument, error) { - resp, err := c.GetDynamicDataWithContext(ctx, "instance-identity/document") - if err != nil { - return EC2InstanceIdentityDocument{}, - awserr.New("EC2MetadataRequestError", - "failed to get EC2 instance identity document", err) - } - - doc := EC2InstanceIdentityDocument{} - if err := json.NewDecoder(strings.NewReader(resp)).Decode(&doc); err != nil { - return EC2InstanceIdentityDocument{}, - awserr.New(request.ErrCodeSerialization, - "failed to decode EC2 instance identity document", err) - } - - return doc, nil -} - -// IAMInfo retrieves IAM info from the metadata API -func (c *EC2Metadata) IAMInfo() (EC2IAMInfo, error) { - return c.IAMInfoWithContext(aws.BackgroundContext()) -} - -// IAMInfoWithContext retrieves IAM info from the metadata API -func (c *EC2Metadata) IAMInfoWithContext(ctx aws.Context) (EC2IAMInfo, error) { - resp, err := c.GetMetadataWithContext(ctx, "iam/info") - if err != nil { - return EC2IAMInfo{}, - awserr.New("EC2MetadataRequestError", - "failed to get EC2 IAM info", err) - } - - info := EC2IAMInfo{} - if err := json.NewDecoder(strings.NewReader(resp)).Decode(&info); err != nil { - return EC2IAMInfo{}, - awserr.New(request.ErrCodeSerialization, - "failed to decode EC2 IAM info", err) - } - - if info.Code != "Success" { - errMsg := fmt.Sprintf("failed to get EC2 IAM Info (%s)", info.Code) - return EC2IAMInfo{}, - awserr.New("EC2MetadataError", errMsg, nil) - } - - return info, nil -} - -// Region returns the region the instance is running in. -func (c *EC2Metadata) Region() (string, error) { - return c.RegionWithContext(aws.BackgroundContext()) -} - -// RegionWithContext returns the region the instance is running in. -func (c *EC2Metadata) RegionWithContext(ctx aws.Context) (string, error) { - ec2InstanceIdentityDocument, err := c.GetInstanceIdentityDocumentWithContext(ctx) - if err != nil { - return "", err - } - // extract region from the ec2InstanceIdentityDocument - region := ec2InstanceIdentityDocument.Region - if len(region) == 0 { - return "", awserr.New("EC2MetadataError", "invalid region received for ec2metadata instance", nil) - } - // returns region - return region, nil -} - -// Available returns if the application has access to the EC2 Metadata service. -// Can be used to determine if application is running within an EC2 Instance and -// the metadata service is available. -func (c *EC2Metadata) Available() bool { - return c.AvailableWithContext(aws.BackgroundContext()) -} - -// AvailableWithContext returns if the application has access to the EC2 Metadata service. -// Can be used to determine if application is running within an EC2 Instance and -// the metadata service is available. -func (c *EC2Metadata) AvailableWithContext(ctx aws.Context) bool { - if _, err := c.GetMetadataWithContext(ctx, "instance-id"); err != nil { - return false - } - - return true -} - -// An EC2IAMInfo provides the shape for unmarshaling -// an IAM info from the metadata API -type EC2IAMInfo struct { - Code string - LastUpdated time.Time - InstanceProfileArn string - InstanceProfileID string -} - -// An EC2InstanceIdentityDocument provides the shape for unmarshaling -// an instance identity document -type EC2InstanceIdentityDocument struct { - DevpayProductCodes []string `json:"devpayProductCodes"` - MarketplaceProductCodes []string `json:"marketplaceProductCodes"` - AvailabilityZone string `json:"availabilityZone"` - PrivateIP string `json:"privateIp"` - Version string `json:"version"` - Region string `json:"region"` - InstanceID string `json:"instanceId"` - BillingProducts []string `json:"billingProducts"` - InstanceType string `json:"instanceType"` - AccountID string `json:"accountId"` - PendingTime time.Time `json:"pendingTime"` - ImageID string `json:"imageId"` - KernelID string `json:"kernelId"` - RamdiskID string `json:"ramdiskId"` - Architecture string `json:"architecture"` -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go deleted file mode 100644 index f4cc8751..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ /dev/null @@ -1,245 +0,0 @@ -// Package ec2metadata provides the client for making API calls to the -// EC2 Metadata service. -// -// This package's client can be disabled completely by setting the environment -// variable "AWS_EC2_METADATA_DISABLED=true". This environment variable set to -// true instructs the SDK to disable the EC2 Metadata client. The client cannot -// be used while the environment variable is set to true, (case insensitive). -// -// The endpoint of the EC2 IMDS client can be configured via the environment -// variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a -// Session. See aws/session#Options.EC2IMDSEndpoint for more details. -package ec2metadata - -import ( - "bytes" - "io" - "net/http" - "net/url" - "os" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/corehandlers" - "github.com/aws/aws-sdk-go/aws/request" -) - -const ( - // ServiceName is the name of the service. - ServiceName = "ec2metadata" - disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED" - - // Headers for Token and TTL - ttlHeader = "x-aws-ec2-metadata-token-ttl-seconds" - tokenHeader = "x-aws-ec2-metadata-token" - - // Named Handler constants - fetchTokenHandlerName = "FetchTokenHandler" - unmarshalMetadataHandlerName = "unmarshalMetadataHandler" - unmarshalTokenHandlerName = "unmarshalTokenHandler" - enableTokenProviderHandlerName = "enableTokenProviderHandler" - - // TTL constants - defaultTTL = 21600 * time.Second - ttlExpirationWindow = 30 * time.Second -) - -// A EC2Metadata is an EC2 Metadata service Client. -type EC2Metadata struct { - *client.Client -} - -// New creates a new instance of the EC2Metadata client with a session. -// This client is safe to use across multiple goroutines. -// -// Example: -// -// // Create a EC2Metadata client from just a session. -// svc := ec2metadata.New(mySession) -// -// // Create a EC2Metadata client with additional configuration -// svc := ec2metadata.New(mySession, aws.NewConfig().WithLogLevel(aws.LogDebugHTTPBody)) -func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2Metadata { - c := p.ClientConfig(ServiceName, cfgs...) - return NewClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion) -} - -// NewClient returns a new EC2Metadata client. Should be used to create -// a client when not using a session. Generally using just New with a session -// is preferred. -// -// Will remove the URL path from the endpoint provided to ensure the EC2 IMDS -// client is able to communicate with the EC2 IMDS API. -// -// If an unmodified HTTP client is provided from the stdlib default, or no client -// the EC2RoleProvider's EC2Metadata HTTP client's timeout will be shortened. -// To disable this set Config.EC2MetadataDisableTimeoutOverride to false. Enabled by default. -func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion string, opts ...func(*client.Client)) *EC2Metadata { - if !aws.BoolValue(cfg.EC2MetadataDisableTimeoutOverride) && httpClientZero(cfg.HTTPClient) { - // If the http client is unmodified and this feature is not disabled - // set custom timeouts for EC2Metadata requests. - cfg.HTTPClient = &http.Client{ - // use a shorter timeout than default because the metadata - // service is local if it is running, and to fail faster - // if not running on an ec2 instance. - Timeout: 1 * time.Second, - } - // max number of retries on the client operation - cfg.MaxRetries = aws.Int(2) - } - - if u, err := url.Parse(endpoint); err == nil { - // Remove path from the endpoint since it will be added by requests. - // This is an artifact of the SDK adding `/latest` to the endpoint for - // EC2 IMDS, but this is now moved to the operation definition. - u.Path = "" - u.RawPath = "" - endpoint = u.String() - } - - svc := &EC2Metadata{ - Client: client.New( - cfg, - metadata.ClientInfo{ - ServiceName: ServiceName, - ServiceID: ServiceName, - Endpoint: endpoint, - APIVersion: "latest", - }, - handlers, - ), - } - - // token provider instance - tp := newTokenProvider(svc, defaultTTL) - - // NamedHandler for fetching token - svc.Handlers.Sign.PushBackNamed(request.NamedHandler{ - Name: fetchTokenHandlerName, - Fn: tp.fetchTokenHandler, - }) - // NamedHandler for enabling token provider - svc.Handlers.Complete.PushBackNamed(request.NamedHandler{ - Name: enableTokenProviderHandlerName, - Fn: tp.enableTokenProviderHandler, - }) - - svc.Handlers.Unmarshal.PushBackNamed(unmarshalHandler) - svc.Handlers.UnmarshalError.PushBack(unmarshalError) - svc.Handlers.Validate.Clear() - svc.Handlers.Validate.PushBack(validateEndpointHandler) - - // Disable the EC2 Metadata service if the environment variable is set. - // This short-circuits the service's functionality to always fail to send - // requests. - if strings.ToLower(os.Getenv(disableServiceEnvVar)) == "true" { - svc.Handlers.Send.SwapNamed(request.NamedHandler{ - Name: corehandlers.SendHandler.Name, - Fn: func(r *request.Request) { - r.HTTPResponse = &http.Response{ - Header: http.Header{}, - } - r.Error = awserr.New( - request.CanceledErrorCode, - "EC2 IMDS access disabled via "+disableServiceEnvVar+" env var", - nil) - }, - }) - } - - // Add additional options to the service config - for _, option := range opts { - option(svc.Client) - } - return svc -} - -func httpClientZero(c *http.Client) bool { - return c == nil || (c.Transport == nil && c.CheckRedirect == nil && c.Jar == nil && c.Timeout == 0) -} - -type metadataOutput struct { - Content string -} - -type tokenOutput struct { - Token string - TTL time.Duration -} - -// unmarshal token handler is used to parse the response of a getToken operation -var unmarshalTokenHandler = request.NamedHandler{ - Name: unmarshalTokenHandlerName, - Fn: func(r *request.Request) { - defer r.HTTPResponse.Body.Close() - var b bytes.Buffer - if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization, - "unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID) - return - } - - v := r.HTTPResponse.Header.Get(ttlHeader) - data, ok := r.Data.(*tokenOutput) - if !ok { - return - } - - data.Token = b.String() - // TTL is in seconds - i, err := strconv.ParseInt(v, 10, 64) - if err != nil { - r.Error = awserr.NewRequestFailure(awserr.New(request.ParamFormatErrCode, - "unable to parse EC2 token TTL response", err), r.HTTPResponse.StatusCode, r.RequestID) - return - } - t := time.Duration(i) * time.Second - data.TTL = t - }, -} - -var unmarshalHandler = request.NamedHandler{ - Name: unmarshalMetadataHandlerName, - Fn: func(r *request.Request) { - defer r.HTTPResponse.Body.Close() - var b bytes.Buffer - if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.NewRequestFailure(awserr.New(request.ErrCodeSerialization, - "unable to unmarshal EC2 metadata response", err), r.HTTPResponse.StatusCode, r.RequestID) - return - } - - if data, ok := r.Data.(*metadataOutput); ok { - data.Content = b.String() - } - }, -} - -func unmarshalError(r *request.Request) { - defer r.HTTPResponse.Body.Close() - var b bytes.Buffer - - if _, err := io.Copy(&b, r.HTTPResponse.Body); err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, "unable to unmarshal EC2 metadata error response", err), - r.HTTPResponse.StatusCode, r.RequestID) - return - } - - // Response body format is not consistent between metadata endpoints. - // Grab the error message as a string and include that as the source error - r.Error = awserr.NewRequestFailure( - awserr.New("EC2MetadataError", "failed to make EC2Metadata request\n"+b.String(), nil), - r.HTTPResponse.StatusCode, r.RequestID) -} - -func validateEndpointHandler(r *request.Request) { - if r.ClientInfo.Endpoint == "" { - r.Error = aws.ErrMissingEndpoint - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go b/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go deleted file mode 100644 index f1f9ba4e..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go +++ /dev/null @@ -1,99 +0,0 @@ -package ec2metadata - -import ( - "fmt" - "github.com/aws/aws-sdk-go/aws" - "net/http" - "sync/atomic" - "time" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" -) - -// A tokenProvider struct provides access to EC2Metadata client -// and atomic instance of a token, along with configuredTTL for it. -// tokenProvider also provides an atomic flag to disable the -// fetch token operation. -// The disabled member will use 0 as false, and 1 as true. -type tokenProvider struct { - client *EC2Metadata - token atomic.Value - configuredTTL time.Duration - disabled uint32 -} - -// A ec2Token struct helps use of token in EC2 Metadata service ops -type ec2Token struct { - token string - credentials.Expiry -} - -// newTokenProvider provides a pointer to a tokenProvider instance -func newTokenProvider(c *EC2Metadata, duration time.Duration) *tokenProvider { - return &tokenProvider{client: c, configuredTTL: duration} -} - -// check if fallback is enabled -func (t *tokenProvider) fallbackEnabled() bool { - return t.client.Config.EC2MetadataEnableFallback == nil || *t.client.Config.EC2MetadataEnableFallback -} - -// fetchTokenHandler fetches token for EC2Metadata service client by default. -func (t *tokenProvider) fetchTokenHandler(r *request.Request) { - // short-circuits to insecure data flow if tokenProvider is disabled. - if v := atomic.LoadUint32(&t.disabled); v == 1 && t.fallbackEnabled() { - return - } - - if ec2Token, ok := t.token.Load().(ec2Token); ok && !ec2Token.IsExpired() { - r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token) - return - } - - output, err := t.client.getToken(r.Context(), t.configuredTTL) - - if err != nil { - // only attempt fallback to insecure data flow if IMDSv1 is enabled - if !t.fallbackEnabled() { - r.Error = awserr.New("EC2MetadataError", "failed to get IMDSv2 token and fallback to IMDSv1 is disabled", err) - return - } - - // change the disabled flag on token provider to true and fallback - if requestFailureError, ok := err.(awserr.RequestFailure); ok { - switch requestFailureError.StatusCode() { - case http.StatusForbidden, http.StatusNotFound, http.StatusMethodNotAllowed: - atomic.StoreUint32(&t.disabled, 1) - if t.client.Config.LogLevel.Matches(aws.LogDebugWithDeprecated) { - t.client.Config.Logger.Log(fmt.Sprintf("WARN: failed to get session token, falling back to IMDSv1: %v", requestFailureError)) - } - case http.StatusBadRequest: - r.Error = requestFailureError - } - } - return - } - - newToken := ec2Token{ - token: output.Token, - } - newToken.SetExpiration(time.Now().Add(output.TTL), ttlExpirationWindow) - t.token.Store(newToken) - - // Inject token header to the request. - if ec2Token, ok := t.token.Load().(ec2Token); ok { - r.HTTPRequest.Header.Set(tokenHeader, ec2Token.token) - } -} - -// enableTokenProviderHandler enables the token provider -func (t *tokenProvider) enableTokenProviderHandler(r *request.Request) { - // If the error code status is 401, we enable the token provider - if e, ok := r.Error.(awserr.RequestFailure); ok && e != nil && - e.StatusCode() == http.StatusUnauthorized { - t.token.Store(ec2Token{}) - atomic.StoreUint32(&t.disabled, 0) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go deleted file mode 100644 index cad3b9a4..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go +++ /dev/null @@ -1,193 +0,0 @@ -package endpoints - -import ( - "encoding/json" - "fmt" - "io" - - "github.com/aws/aws-sdk-go/aws/awserr" -) - -type modelDefinition map[string]json.RawMessage - -// A DecodeModelOptions are the options for how the endpoints model definition -// are decoded. -type DecodeModelOptions struct { - SkipCustomizations bool -} - -// Set combines all of the option functions together. -func (d *DecodeModelOptions) Set(optFns ...func(*DecodeModelOptions)) { - for _, fn := range optFns { - fn(d) - } -} - -// DecodeModel unmarshals a Regions and Endpoint model definition file into -// a endpoint Resolver. If the file format is not supported, or an error occurs -// when unmarshaling the model an error will be returned. -// -// Casting the return value of this func to a EnumPartitions will -// allow you to get a list of the partitions in the order the endpoints -// will be resolved in. -// -// resolver, err := endpoints.DecodeModel(reader) -// -// partitions := resolver.(endpoints.EnumPartitions).Partitions() -// for _, p := range partitions { -// // ... inspect partitions -// } -func DecodeModel(r io.Reader, optFns ...func(*DecodeModelOptions)) (Resolver, error) { - var opts DecodeModelOptions - opts.Set(optFns...) - - // Get the version of the partition file to determine what - // unmarshaling model to use. - modelDef := modelDefinition{} - if err := json.NewDecoder(r).Decode(&modelDef); err != nil { - return nil, newDecodeModelError("failed to decode endpoints model", err) - } - - var version string - if b, ok := modelDef["version"]; ok { - version = string(b) - } else { - return nil, newDecodeModelError("endpoints version not found in model", nil) - } - - if version == "3" { - return decodeV3Endpoints(modelDef, opts) - } - - return nil, newDecodeModelError( - fmt.Sprintf("endpoints version %s, not supported", version), nil) -} - -func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resolver, error) { - b, ok := modelDef["partitions"] - if !ok { - return nil, newDecodeModelError("endpoints model missing partitions", nil) - } - - ps := partitions{} - if err := json.Unmarshal(b, &ps); err != nil { - return nil, newDecodeModelError("failed to decode endpoints model", err) - } - - if opts.SkipCustomizations { - return ps, nil - } - - // Customization - for i := 0; i < len(ps); i++ { - p := &ps[i] - custRegionalS3(p) - custRmIotDataService(p) - custFixAppAutoscalingChina(p) - custFixAppAutoscalingUsGov(p) - } - - return ps, nil -} - -func custRegionalS3(p *partition) { - if p.ID != "aws" { - return - } - - service, ok := p.Services["s3"] - if !ok { - return - } - - const awsGlobal = "aws-global" - const usEast1 = "us-east-1" - - // If global endpoint already exists no customization needed. - if _, ok := service.Endpoints[endpointKey{Region: awsGlobal}]; ok { - return - } - - service.PartitionEndpoint = awsGlobal - if _, ok := service.Endpoints[endpointKey{Region: usEast1}]; !ok { - service.Endpoints[endpointKey{Region: usEast1}] = endpoint{} - } - service.Endpoints[endpointKey{Region: awsGlobal}] = endpoint{ - Hostname: "s3.amazonaws.com", - CredentialScope: credentialScope{ - Region: usEast1, - }, - } - - p.Services["s3"] = service -} - -func custRmIotDataService(p *partition) { - delete(p.Services, "data.iot") -} - -func custFixAppAutoscalingChina(p *partition) { - if p.ID != "aws-cn" { - return - } - - const serviceName = "application-autoscaling" - s, ok := p.Services[serviceName] - if !ok { - return - } - - const expectHostname = `autoscaling.{region}.amazonaws.com` - serviceDefault := s.Defaults[defaultKey{}] - if e, a := expectHostname, serviceDefault.Hostname; e != a { - fmt.Printf("custFixAppAutoscalingChina: ignoring customization, expected %s, got %s\n", e, a) - return - } - serviceDefault.Hostname = expectHostname + ".cn" - s.Defaults[defaultKey{}] = serviceDefault - p.Services[serviceName] = s -} - -func custFixAppAutoscalingUsGov(p *partition) { - if p.ID != "aws-us-gov" { - return - } - - const serviceName = "application-autoscaling" - s, ok := p.Services[serviceName] - if !ok { - return - } - - serviceDefault := s.Defaults[defaultKey{}] - if a := serviceDefault.CredentialScope.Service; a != "" { - fmt.Printf("custFixAppAutoscalingUsGov: ignoring customization, expected empty credential scope service, got %s\n", a) - return - } - - if a := serviceDefault.Hostname; a != "" { - fmt.Printf("custFixAppAutoscalingUsGov: ignoring customization, expected empty hostname, got %s\n", a) - return - } - - serviceDefault.CredentialScope.Service = "application-autoscaling" - serviceDefault.Hostname = "autoscaling.{region}.amazonaws.com" - - if s.Defaults == nil { - s.Defaults = make(endpointDefaults) - } - - s.Defaults[defaultKey{}] = serviceDefault - - p.Services[serviceName] = s -} - -type decodeModelError struct { - awsError -} - -func newDecodeModelError(msg string, err error) decodeModelError { - return decodeModelError{ - awsError: awserr.New("DecodeEndpointsModelError", msg, err), - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go deleted file mode 100644 index c3516e01..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ /dev/null @@ -1,48609 +0,0 @@ -// Code generated by aws/endpoints/v3model_codegen.go. DO NOT EDIT. - -package endpoints - -import ( - "regexp" -) - -// Partition identifiers -const ( - AwsPartitionID = "aws" // AWS Standard partition. - AwsCnPartitionID = "aws-cn" // AWS China partition. - AwsUsGovPartitionID = "aws-us-gov" // AWS GovCloud (US) partition. - AwsIsoPartitionID = "aws-iso" // AWS ISO (US) partition. - AwsIsoBPartitionID = "aws-iso-b" // AWS ISOB (US) partition. - AwsIsoEPartitionID = "aws-iso-e" // AWS ISOE (Europe) partition. - AwsIsoFPartitionID = "aws-iso-f" // AWS ISOF partition. -) - -// AWS Standard partition's regions. -const ( - AfSouth1RegionID = "af-south-1" // Africa (Cape Town). - ApEast1RegionID = "ap-east-1" // Asia Pacific (Hong Kong). - ApNortheast1RegionID = "ap-northeast-1" // Asia Pacific (Tokyo). - ApNortheast2RegionID = "ap-northeast-2" // Asia Pacific (Seoul). - ApNortheast3RegionID = "ap-northeast-3" // Asia Pacific (Osaka). - ApSouth1RegionID = "ap-south-1" // Asia Pacific (Mumbai). - ApSouth2RegionID = "ap-south-2" // Asia Pacific (Hyderabad). - ApSoutheast1RegionID = "ap-southeast-1" // Asia Pacific (Singapore). - ApSoutheast2RegionID = "ap-southeast-2" // Asia Pacific (Sydney). - ApSoutheast3RegionID = "ap-southeast-3" // Asia Pacific (Jakarta). - ApSoutheast4RegionID = "ap-southeast-4" // Asia Pacific (Melbourne). - CaCentral1RegionID = "ca-central-1" // Canada (Central). - CaWest1RegionID = "ca-west-1" // Canada West (Calgary). - EuCentral1RegionID = "eu-central-1" // Europe (Frankfurt). - EuCentral2RegionID = "eu-central-2" // Europe (Zurich). - EuNorth1RegionID = "eu-north-1" // Europe (Stockholm). - EuSouth1RegionID = "eu-south-1" // Europe (Milan). - EuSouth2RegionID = "eu-south-2" // Europe (Spain). - EuWest1RegionID = "eu-west-1" // Europe (Ireland). - EuWest2RegionID = "eu-west-2" // Europe (London). - EuWest3RegionID = "eu-west-3" // Europe (Paris). - IlCentral1RegionID = "il-central-1" // Israel (Tel Aviv). - MeCentral1RegionID = "me-central-1" // Middle East (UAE). - MeSouth1RegionID = "me-south-1" // Middle East (Bahrain). - SaEast1RegionID = "sa-east-1" // South America (Sao Paulo). - UsEast1RegionID = "us-east-1" // US East (N. Virginia). - UsEast2RegionID = "us-east-2" // US East (Ohio). - UsWest1RegionID = "us-west-1" // US West (N. California). - UsWest2RegionID = "us-west-2" // US West (Oregon). -) - -// AWS China partition's regions. -const ( - CnNorth1RegionID = "cn-north-1" // China (Beijing). - CnNorthwest1RegionID = "cn-northwest-1" // China (Ningxia). -) - -// AWS GovCloud (US) partition's regions. -const ( - UsGovEast1RegionID = "us-gov-east-1" // AWS GovCloud (US-East). - UsGovWest1RegionID = "us-gov-west-1" // AWS GovCloud (US-West). -) - -// AWS ISO (US) partition's regions. -const ( - UsIsoEast1RegionID = "us-iso-east-1" // US ISO East. - UsIsoWest1RegionID = "us-iso-west-1" // US ISO WEST. -) - -// AWS ISOB (US) partition's regions. -const ( - UsIsobEast1RegionID = "us-isob-east-1" // US ISOB East (Ohio). -) - -// AWS ISOE (Europe) partition's regions. -const ( - EuIsoeWest1RegionID = "eu-isoe-west-1" // EU ISOE West. -) - -// AWS ISOF partition's regions. -const () - -// DefaultResolver returns an Endpoint resolver that will be able -// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), AWS ISOB (US), AWS ISOE (Europe), and AWS ISOF. -// -// Use DefaultPartitions() to get the list of the default partitions. -func DefaultResolver() Resolver { - return defaultPartitions -} - -// DefaultPartitions returns a list of the partitions the SDK is bundled -// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), AWS ISOB (US), AWS ISOE (Europe), and AWS ISOF. -// -// partitions := endpoints.DefaultPartitions -// for _, p := range partitions { -// // ... inspect partitions -// } -func DefaultPartitions() []Partition { - return defaultPartitions.Partitions() -} - -var defaultPartitions = partitions{ - awsPartition, - awscnPartition, - awsusgovPartition, - awsisoPartition, - awsisobPartition, - awsisoePartition, - awsisofPartition, -} - -// AwsPartition returns the Resolver for AWS Standard. -func AwsPartition() Partition { - return awsPartition.Partition() -} - -var awsPartition = partition{ - ID: "aws", - Name: "AWS Standard", - DNSSuffix: "amazonaws.com", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af|il)\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - Regions: regions{ - "af-south-1": region{ - Description: "Africa (Cape Town)", - }, - "ap-east-1": region{ - Description: "Asia Pacific (Hong Kong)", - }, - "ap-northeast-1": region{ - Description: "Asia Pacific (Tokyo)", - }, - "ap-northeast-2": region{ - Description: "Asia Pacific (Seoul)", - }, - "ap-northeast-3": region{ - Description: "Asia Pacific (Osaka)", - }, - "ap-south-1": region{ - Description: "Asia Pacific (Mumbai)", - }, - "ap-south-2": region{ - Description: "Asia Pacific (Hyderabad)", - }, - "ap-southeast-1": region{ - Description: "Asia Pacific (Singapore)", - }, - "ap-southeast-2": region{ - Description: "Asia Pacific (Sydney)", - }, - "ap-southeast-3": region{ - Description: "Asia Pacific (Jakarta)", - }, - "ap-southeast-4": region{ - Description: "Asia Pacific (Melbourne)", - }, - "ca-central-1": region{ - Description: "Canada (Central)", - }, - "ca-west-1": region{ - Description: "Canada West (Calgary)", - }, - "eu-central-1": region{ - Description: "Europe (Frankfurt)", - }, - "eu-central-2": region{ - Description: "Europe (Zurich)", - }, - "eu-north-1": region{ - Description: "Europe (Stockholm)", - }, - "eu-south-1": region{ - Description: "Europe (Milan)", - }, - "eu-south-2": region{ - Description: "Europe (Spain)", - }, - "eu-west-1": region{ - Description: "Europe (Ireland)", - }, - "eu-west-2": region{ - Description: "Europe (London)", - }, - "eu-west-3": region{ - Description: "Europe (Paris)", - }, - "il-central-1": region{ - Description: "Israel (Tel Aviv)", - }, - "me-central-1": region{ - Description: "Middle East (UAE)", - }, - "me-south-1": region{ - Description: "Middle East (Bahrain)", - }, - "sa-east-1": region{ - Description: "South America (Sao Paulo)", - }, - "us-east-1": region{ - Description: "US East (N. Virginia)", - }, - "us-east-2": region{ - Description: "US East (Ohio)", - }, - "us-west-1": region{ - Description: "US West (N. California)", - }, - "us-west-2": region{ - Description: "US West (Oregon)", - }, - }, - Services: services{ - "access-analyzer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "access-analyzer-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "access-analyzer-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "access-analyzer-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "access-analyzer-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "access-analyzer-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "access-analyzer-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "access-analyzer-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "access-analyzer-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "access-analyzer-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "access-analyzer-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "access-analyzer-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "access-analyzer-fips.us-west-2.amazonaws.com", - }, - }, - }, - "account": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "account.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "acm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "acm-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - Hostname: "acm-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "acm-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "acm-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "acm-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "acm-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "acm-pca": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "acm-pca-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "acm-pca-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "acm-pca-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "acm-pca-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "acm-pca-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "acm-pca-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca-fips.us-west-2.amazonaws.com", - }, - }, - }, - "agreement-marketplace": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "airflow": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "amplify": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "amplifybackend": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "amplifyuibuilder": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "aoss": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "api.detective": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.detective-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "api.detective-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.detective-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "api.detective-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.detective-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "api.detective-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.detective-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "api.detective-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.detective-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "api.detective-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "api.ecr": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "api.ecr.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "api.ecr.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "api.ecr.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "api.ecr.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "api.ecr.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "api.ecr.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "api.ecr.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "api.ecr.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "api.ecr.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "api.ecr.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "api.ecr.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "api.ecr.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "api.ecr.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "dkr-us-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-east-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-west-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "api.ecr.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "api.ecr.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "api.ecr.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "api.ecr.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "api.ecr.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "api.ecr.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "api.ecr.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "api.ecr.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "fips-dkr-us-east-1", - }: endpoint{ - Hostname: "ecr-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-dkr-us-east-2", - }: endpoint{ - Hostname: "ecr-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-dkr-us-west-1", - }: endpoint{ - Hostname: "ecr-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-dkr-us-west-2", - }: endpoint{ - Hostname: "ecr-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ecr-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ecr-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ecr-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ecr-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "api.ecr.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "api.ecr.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "api.ecr.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "api.ecr.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "api.ecr.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "api.ecr.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "api.ecr.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "api.ecr.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "api.ecr-public": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "api.ecr-public.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "api.ecr-public.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "api.elastic-inference": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "api.elastic-inference.ap-northeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "api.elastic-inference.ap-northeast-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "api.elastic-inference.eu-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "api.elastic-inference.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "api.elastic-inference.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "api.elastic-inference.us-west-2.amazonaws.com", - }, - }, - }, - "api.fleethub.iot": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.fleethub.iot-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "api.fleethub.iot-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "api.fleethub.iot-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "api.fleethub.iot-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "api.fleethub.iot-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.fleethub.iot-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.fleethub.iot-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.fleethub.iot-fips.us-west-2.amazonaws.com", - }, - }, - }, - "api.iotdeviceadvisor": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "api.iotdeviceadvisor.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "api.iotdeviceadvisor.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "api.iotdeviceadvisor.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "api.iotdeviceadvisor.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "api.iotwireless": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "api.iotwireless.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "api.iotwireless.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "api.iotwireless.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "api.iotwireless.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "api.iotwireless.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "api.iotwireless.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "api.iotwireless.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "api.mediatailor": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "api.pricing": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "pricing", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "api.sagemaker": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "api-fips.sagemaker.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api-fips.sagemaker.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "api-fips.sagemaker.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api-fips.sagemaker.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "api-fips.sagemaker.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api-fips.sagemaker.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "api-fips.sagemaker.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api-fips.sagemaker.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "api-fips.sagemaker.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "api.tunneling.iot": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-west-2.amazonaws.com", - }, - }, - }, - "apigateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apigateway-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apigateway-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "apigateway-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "apigateway-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "apigateway-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "apigateway-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "apigateway-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "apigateway-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apigateway-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apigateway-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apigateway-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apigateway-fips.us-west-2.amazonaws.com", - }, - }, - }, - "app-integrations": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "appconfig": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "appconfigdata": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "appflow": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "appflow-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "appflow-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "appflow-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "appflow-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appflow-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appflow-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appflow-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appflow-fips.us-west-2.amazonaws.com", - }, - }, - }, - "application-autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "applicationinsights": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "appmesh": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appmesh-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "appmesh-fips.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "appmesh-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.eu-west-3.api.aws", - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appmesh-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "appmesh-fips.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "appmesh-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appmesh-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "appmesh-fips.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "appmesh-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appmesh-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "appmesh-fips.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "appmesh-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appmesh-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "appmesh-fips.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "appmesh-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "apprunner": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "apprunner-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "apprunner-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "apprunner-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apprunner-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apprunner-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "apprunner-fips.us-west-2.amazonaws.com", - }, - }, - }, - "appstream2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Service: "appstream", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "appstream2-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appstream2-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "appstream2-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appstream2-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "appstream2-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "appsync": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "aps": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "arc-zonal-shift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "athena": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.eu-west-3.api.aws", - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "athena-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "athena-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "athena-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "athena-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "athena-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "athena-fips.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "athena-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "athena-fips.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "athena-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "athena-fips.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "athena-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "athena-fips.us-west-2.api.aws", - }, - }, - }, - "auditmanager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "auditmanager-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "auditmanager-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "auditmanager-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "auditmanager-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "auditmanager-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "auditmanager-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "auditmanager-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "auditmanager-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "autoscaling-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "autoscaling-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "autoscaling-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "autoscaling-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "autoscaling-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling-fips.us-west-2.amazonaws.com", - }, - }, - }, - "autoscaling-plans": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "backup": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "backup-gateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "batch": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.batch.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "fips.batch.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "fips.batch.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "fips.batch.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "fips.batch.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.batch.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.batch.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.batch.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.batch.us-west-2.amazonaws.com", - }, - }, - }, - "bedrock": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "bedrock-ap-northeast-1", - }: endpoint{ - Hostname: "bedrock.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "bedrock-ap-south-1", - }: endpoint{ - Hostname: "bedrock.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "bedrock-ap-southeast-1", - }: endpoint{ - Hostname: "bedrock.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "bedrock-ap-southeast-2", - }: endpoint{ - Hostname: "bedrock.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "bedrock-ca-central-1", - }: endpoint{ - Hostname: "bedrock.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "bedrock-eu-central-1", - }: endpoint{ - Hostname: "bedrock.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "bedrock-eu-west-1", - }: endpoint{ - Hostname: "bedrock.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "bedrock-eu-west-2", - }: endpoint{ - Hostname: "bedrock.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "bedrock-eu-west-3", - }: endpoint{ - Hostname: "bedrock.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "bedrock-fips-ca-central-1", - }: endpoint{ - Hostname: "bedrock-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "bedrock-fips-us-east-1", - }: endpoint{ - Hostname: "bedrock-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "bedrock-fips-us-west-2", - }: endpoint{ - Hostname: "bedrock-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "bedrock-runtime-ap-northeast-1", - }: endpoint{ - Hostname: "bedrock-runtime.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-ap-south-1", - }: endpoint{ - Hostname: "bedrock-runtime.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-ap-southeast-1", - }: endpoint{ - Hostname: "bedrock-runtime.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-ap-southeast-2", - }: endpoint{ - Hostname: "bedrock-runtime.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "bedrock-runtime-ca-central-1", - }: endpoint{ - Hostname: "bedrock-runtime.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-eu-central-1", - }: endpoint{ - Hostname: "bedrock-runtime.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-eu-west-1", - }: endpoint{ - Hostname: "bedrock-runtime.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-eu-west-2", - }: endpoint{ - Hostname: "bedrock-runtime.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "bedrock-runtime-eu-west-3", - }: endpoint{ - Hostname: "bedrock-runtime.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "bedrock-runtime-fips-ca-central-1", - }: endpoint{ - Hostname: "bedrock-runtime-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-fips-us-east-1", - }: endpoint{ - Hostname: "bedrock-runtime-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-fips-us-west-2", - }: endpoint{ - Hostname: "bedrock-runtime-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "bedrock-runtime-sa-east-1", - }: endpoint{ - Hostname: "bedrock-runtime.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-us-east-1", - }: endpoint{ - Hostname: "bedrock-runtime.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-us-west-2", - }: endpoint{ - Hostname: "bedrock-runtime.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "bedrock-sa-east-1", - }: endpoint{ - Hostname: "bedrock.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "bedrock-us-east-1", - }: endpoint{ - Hostname: "bedrock.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "bedrock-us-west-2", - }: endpoint{ - Hostname: "bedrock.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "billingconductor": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "billingconductor.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "braket": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "budgets": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "budgets.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "cases": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{}, - }, - }, - "cassandra": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "cassandra-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "cassandra-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cassandra-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cassandra-fips.us-west-2.amazonaws.com", - }, - }, - }, - "catalog.marketplace": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "ce": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "ce.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "chime": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "chime.us-east-1.amazonaws.com", - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "cleanrooms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "cloud9": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloud9-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloud9-fips.ca-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "cloud9-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "cloud9-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "cloud9-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "cloud9-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "cloud9-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloud9-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloud9-fips.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloud9-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloud9-fips.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloud9-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloud9-fips.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloud9-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloud9-fips.us-west-2.api.aws", - }, - }, - }, - "cloudcontrolapi": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.ca-west-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.eu-west-3.api.aws", - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "cloudcontrolapi-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "cloudcontrolapi-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-west-2.api.aws", - }, - }, - }, - "clouddirectory": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "cloudformation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudformation-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "cloudformation-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudformation-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "cloudformation-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudformation-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "cloudformation-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudformation-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "cloudformation-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "cloudfront": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "cloudfront.amazonaws.com", - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "cloudhsm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "cloudhsmv2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "cloudhsm", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "cloudsearch": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "cloudtrail": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "cloudtrail-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "cloudtrail-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "cloudtrail-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "cloudtrail-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudtrail-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudtrail-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudtrail-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudtrail-fips.us-west-2.amazonaws.com", - }, - }, - }, - "cloudtrail-data": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "codeartifact": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "codebuild": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codebuild-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "codebuild-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codebuild-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "codebuild-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codebuild-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "codebuild-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codebuild-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "codebuild-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "codecatalyst": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "codecatalyst.global.api.aws", - }, - }, - }, - "codecommit": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codecommit-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "codecommit-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "codecommit-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codecommit-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "codecommit-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codecommit-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "codecommit-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codecommit-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "codecommit-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codecommit-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "codecommit-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "codedeploy": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codedeploy-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "codedeploy-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codedeploy-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "codedeploy-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codedeploy-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "codedeploy-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codedeploy-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "codedeploy-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "codeguru-reviewer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "codepipeline": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codepipeline-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "codepipeline-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "codepipeline-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "codepipeline-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "codepipeline-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "codepipeline-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codepipeline-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codepipeline-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codepipeline-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codepipeline-fips.us-west-2.amazonaws.com", - }, - }, - }, - "codestar": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "codestar-connections": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "codestar-notifications": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "cognito-identity": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "cognito-identity-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "cognito-identity-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "cognito-identity-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "cognito-identity-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-identity-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-identity-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-identity-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-identity-fips.us-west-2.amazonaws.com", - }, - }, - }, - "cognito-idp": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "cognito-idp-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "cognito-idp-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "cognito-idp-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "cognito-idp-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-idp-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-idp-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-idp-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-idp-fips.us-west-2.amazonaws.com", - }, - }, - }, - "cognito-sync": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "comprehend": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "comprehend-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "comprehend-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "comprehend-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehend-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehend-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehend-fips.us-west-2.amazonaws.com", - }, - }, - }, - "comprehendmedical": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehendmedical-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "comprehendmedical-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "comprehendmedical-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "comprehendmedical-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "comprehendmedical-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehendmedical-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehendmedical-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehendmedical-fips.us-west-2.amazonaws.com", - }, - }, - }, - "compute-optimizer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "compute-optimizer.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "compute-optimizer.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "compute-optimizer.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "compute-optimizer.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "compute-optimizer.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "compute-optimizer.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "compute-optimizer.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "compute-optimizer.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "compute-optimizer.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "compute-optimizer.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "compute-optimizer.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "compute-optimizer.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "compute-optimizer.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "compute-optimizer.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "compute-optimizer.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "compute-optimizer.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "compute-optimizer.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "compute-optimizer.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "compute-optimizer.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "compute-optimizer.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "compute-optimizer.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "compute-optimizer.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "compute-optimizer.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "compute-optimizer.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "compute-optimizer.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "compute-optimizer.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "compute-optimizer.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "compute-optimizer.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "config": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "config-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "config-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "config-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "config-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "config-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "config-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "config-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "config-fips.us-west-2.amazonaws.com", - }, - }, - }, - "connect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "connect-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "connect-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "connect-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "connect-fips.us-west-2.amazonaws.com", - }, - }, - }, - "connect-campaigns": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "connect-campaigns-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "connect-campaigns-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "connect-campaigns-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "connect-campaigns-fips.us-west-2.amazonaws.com", - }, - }, - }, - "contact-lens": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "controltower": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "controltower-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "controltower-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "controltower-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - Hostname: "controltower-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "controltower-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "controltower-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "controltower-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "controltower-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "controltower-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "controltower-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "controltower-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "controltower-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "cost-optimization-hub": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "cost-optimization-hub.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "cur": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "data-ats.iot": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Service: "iotdata", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iot-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "data.iot-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "iotdata", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "data.iot-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "iotdata", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "data.iot-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Service: "iotdata", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "data.iot-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "iotdata", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "data.iot-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Service: "iotdata", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iot-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iot-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iot-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iot-fips.us-west-2.amazonaws.com", - }, - }, - }, - "data.jobs.iot": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.jobs.iot-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "data.jobs.iot-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-west-2.amazonaws.com", - }, - }, - }, - "data.mediastore": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "databrew": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "databrew-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "databrew-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "databrew-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "databrew-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "databrew-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "databrew-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "databrew-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "databrew-fips.us-west-2.amazonaws.com", - }, - }, - }, - "dataexchange": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "datapipeline": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "datasync": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "datasync-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "datasync-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "datasync-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "datasync-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "datasync-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "datasync-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.us-west-2.amazonaws.com", - }, - }, - }, - "datazone": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "datazone.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "datazone.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "datazone.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "datazone.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "datazone.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "datazone.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "datazone.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "datazone.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "datazone.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "datazone.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "datazone.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "datazone.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datazone-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "datazone.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "datazone.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "datazone.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "datazone.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "datazone.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "datazone.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "datazone.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "datazone.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "datazone.eu-west-3.api.aws", - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "datazone.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "datazone.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "datazone.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "datazone.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "datazone.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datazone-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "datazone.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datazone-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "datazone.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "datazone.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datazone-fips.us-west-2.amazonaws.com", - }, - }, - }, - "dax": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "devicefarm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "devops-guru": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "devops-guru-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "devops-guru-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "devops-guru-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "devops-guru-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "devops-guru-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "devops-guru-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "devops-guru-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "devops-guru-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "devops-guru-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "devops-guru-fips.us-west-2.amazonaws.com", - }, - }, - }, - "directconnect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "directconnect-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "directconnect-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "directconnect-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "directconnect-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "directconnect-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "directconnect-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "directconnect-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "directconnect-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "directconnect-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "directconnect-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "directconnect-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "directconnect-fips.us-west-2.amazonaws.com", - }, - }, - }, - "discovery": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "dlm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "dms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "dms", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dms", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dms-fips", - }: endpoint{ - Hostname: "dms-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "dms-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "dms-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "dms-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "dms-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "docdb": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "rds.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "rds.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "rds.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "rds.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "rds.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "rds.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "rds.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "rds.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "rds.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "rds.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "rds.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "rds.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "rds.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "rds.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "drs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "drs-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "drs-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "drs-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "drs-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "drs-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "drs-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "drs-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "drs-fips.us-west-2.amazonaws.com", - }, - }, - }, - "ds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ds-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "ds-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ds-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ds-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ds-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ds-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-west-2.amazonaws.com", - }, - }, - }, - "dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - Hostname: "dynamodb-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "local", - }: endpoint{ - Hostname: "localhost:8000", - Protocols: []string{"http"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "dynamodb-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "dynamodb-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "dynamodb-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "dynamodb-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "ebs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ebs-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ebs-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ebs-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "ebs-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ebs-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ebs-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ebs-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ebs-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ebs-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ebs-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ebs-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ebs-fips.us-west-2.amazonaws.com", - }, - }, - }, - "ec2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "ec2.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ec2-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ec2-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "ec2.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ec2-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "ec2-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ec2-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ec2-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ec2-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ec2-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "ec2.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "ec2.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ec2-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "ec2.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ec2-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ec2-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "ec2.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ec2-fips.us-west-2.amazonaws.com", - }, - }, - }, - "ecs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ecs-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ecs-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ecs-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ecs-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecs-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecs-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecs-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecs-fips.us-west-2.amazonaws.com", - }, - }, - }, - "edge.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "eks": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.eks.{region}.{dnsSuffix}", - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "fips.eks.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "fips.eks.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "fips.eks.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "fips.eks.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.eks.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.eks.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.eks.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.eks.us-west-2.amazonaws.com", - }, - }, - }, - "eks-auth": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "eks-auth.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "eks-auth.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "eks-auth.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "eks-auth.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "eks-auth.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "eks-auth.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "eks-auth.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "eks-auth.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "eks-auth.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "eks-auth.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "eks-auth.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "eks-auth.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "eks-auth.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "eks-auth.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "eks-auth.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "eks-auth.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "eks-auth.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "eks-auth.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "eks-auth.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "eks-auth.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "eks-auth.eu-west-3.api.aws", - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "eks-auth.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "eks-auth.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "eks-auth.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "eks-auth.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "eks-auth.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "eks-auth.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "eks-auth.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "eks-auth.us-west-2.api.aws", - }, - }, - }, - "elasticache": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "elasticache-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticache-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "elasticache-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticache-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "elasticache-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticache-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "elasticache-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticache-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "elasticache-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "elasticbeanstalk": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "elasticbeanstalk-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "elasticbeanstalk-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "elasticbeanstalk-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "elasticbeanstalk-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticbeanstalk-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticbeanstalk-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticbeanstalk-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticbeanstalk-fips.us-west-2.amazonaws.com", - }, - }, - }, - "elasticfilesystem": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.af-south-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-east-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-northeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-northeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-northeast-3.amazonaws.com", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-south-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-3.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-4.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-central-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-north-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-south-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-3.amazonaws.com", - }, - endpointKey{ - Region: "fips-af-south-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-east-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-2", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-3", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-south-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-south-2", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-2", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-3", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-4", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-central-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-central-2", - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-north-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-south-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-south-2", - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-2", - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-3", - }: endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-il-central-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-me-central-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-me-south-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-sa-east-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.il-central-1.amazonaws.com", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.me-central-1.amazonaws.com", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.me-south-1.amazonaws.com", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.sa-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-west-2.amazonaws.com", - }, - }, - }, - "elasticloadbalancing": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "elasticloadbalancing-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "elasticloadbalancing-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "elasticloadbalancing-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "elasticloadbalancing-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticloadbalancing-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticloadbalancing-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticloadbalancing-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticloadbalancing-fips.us-west-2.amazonaws.com", - }, - }, - }, - "elasticmapreduce": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SSLCommonName: "{region}.{service}.{dnsSuffix}", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - SSLCommonName: "{service}.{region}.{dnsSuffix}", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "elasticmapreduce-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "elasticmapreduce-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "elasticmapreduce-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "elasticmapreduce-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "elasticmapreduce-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - SSLCommonName: "{service}.{region}.{dnsSuffix}", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce-fips.us-east-1.amazonaws.com", - SSLCommonName: "{service}.{region}.{dnsSuffix}", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "elasticmapreduce.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce-fips.us-west-2.amazonaws.com", - }, - }, - }, - "elastictranscoder": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "email": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "email-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "email-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "email-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "email-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "email-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "email-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "email-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "email-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "email-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "email-fips.us-west-2.amazonaws.com", - }, - }, - }, - "emr-containers": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-containers-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "emr-containers-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "emr-containers-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "emr-containers-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "emr-containers-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "emr-containers-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-containers-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-containers-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-containers-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-containers-fips.us-west-2.amazonaws.com", - }, - }, - }, - "emr-serverless": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-serverless-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "emr-serverless-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "emr-serverless-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "emr-serverless-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "emr-serverless-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "emr-serverless-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-serverless-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-serverless-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-serverless-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-serverless-fips.us-west-2.amazonaws.com", - }, - }, - }, - "entitlement.marketplace": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "aws-marketplace", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "es": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.eu-west-3.api.aws", - }, - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "es-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "es-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "es-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "events": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "events-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "events-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "events-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "events-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "events-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "events-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "events-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "events-fips.us-west-2.amazonaws.com", - }, - }, - }, - "evidently": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "evidently.ap-northeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "evidently.ap-southeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "evidently.ap-southeast-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "evidently.eu-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "evidently.eu-north-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "evidently.eu-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "evidently.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "evidently.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "evidently.us-west-2.amazonaws.com", - }, - }, - }, - "finspace": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "finspace-api": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "firehose": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "firehose-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "firehose-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "firehose-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "firehose-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "firehose-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "firehose-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "firehose-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "firehose-fips.us-west-2.amazonaws.com", - }, - }, - }, - "fms": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.af-south-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.ap-east-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.ap-northeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.ap-northeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.ap-south-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.ap-southeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.ap-southeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.eu-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.eu-south-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.eu-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.eu-west-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.eu-west-3.amazonaws.com", - }, - endpointKey{ - Region: "fips-af-south-1", - }: endpoint{ - Hostname: "fms-fips.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-east-1", - }: endpoint{ - Hostname: "fms-fips.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-1", - }: endpoint{ - Hostname: "fms-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-2", - }: endpoint{ - Hostname: "fms-fips.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-south-1", - }: endpoint{ - Hostname: "fms-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-1", - }: endpoint{ - Hostname: "fms-fips.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-2", - }: endpoint{ - Hostname: "fms-fips.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "fms-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "fms-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-central-1", - }: endpoint{ - Hostname: "fms-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-south-1", - }: endpoint{ - Hostname: "fms-fips.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-1", - }: endpoint{ - Hostname: "fms-fips.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-2", - }: endpoint{ - Hostname: "fms-fips.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-3", - }: endpoint{ - Hostname: "fms-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-me-south-1", - }: endpoint{ - Hostname: "fms-fips.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-sa-east-1", - }: endpoint{ - Hostname: "fms-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "fms-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "fms-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "fms-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "fms-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.me-south-1.amazonaws.com", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.sa-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.us-west-2.amazonaws.com", - }, - }, - }, - "forecast": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "forecast-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "forecast-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "forecast-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "forecast-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "forecast-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "forecast-fips.us-west-2.amazonaws.com", - }, - }, - }, - "forecastquery": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "forecastquery-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "forecastquery-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "forecastquery-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "forecastquery-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "forecastquery-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "forecastquery-fips.us-west-2.amazonaws.com", - }, - }, - }, - "frauddetector": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "fsx": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "fsx-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "fsx-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-prod-ca-central-1", - }: endpoint{ - Hostname: "fsx-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-prod-ca-west-1", - }: endpoint{ - Hostname: "fsx-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-prod-us-east-1", - }: endpoint{ - Hostname: "fsx-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-prod-us-east-2", - }: endpoint{ - Hostname: "fsx-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-prod-us-west-1", - }: endpoint{ - Hostname: "fsx-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-prod-us-west-2", - }: endpoint{ - Hostname: "fsx-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "fsx-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "fsx-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "fsx-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "fsx-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "prod-ca-central-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-ca-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-east-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-west-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-west-2.amazonaws.com", - }, - }, - }, - "gamelift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "geo": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "glacier": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glacier-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "glacier-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "glacier-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "glacier-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "glacier-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "glacier-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glacier-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glacier-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glacier-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glacier-fips.us-west-2.amazonaws.com", - }, - }, - }, - "globalaccelerator": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "globalaccelerator-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "glue": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "glue-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "glue-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "glue-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "glue-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glue-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glue-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glue-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glue-fips.us-west-2.amazonaws.com", - }, - }, - }, - "grafana": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "grafana.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "grafana.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "grafana.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "grafana.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "grafana.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "grafana.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "grafana.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "grafana.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "grafana.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "grafana.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "greengrass": service{ - IsRegionalized: boxedTrue, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "greengrass-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "greengrass-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "greengrass-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "greengrass-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "greengrass-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "greengrass-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "greengrass-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "greengrass-fips.us-west-2.amazonaws.com", - }, - }, - }, - "groundstation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "groundstation-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "groundstation-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "groundstation-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "groundstation-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "groundstation-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "groundstation-fips.us-west-2.amazonaws.com", - }, - }, - }, - "guardduty": service{ - IsRegionalized: boxedTrue, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "guardduty-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "guardduty-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "guardduty-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "guardduty-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "guardduty-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "guardduty-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "guardduty-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "guardduty-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "health": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SSLCommonName: "health.us-east-1.amazonaws.com", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "global.health.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "health-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "health-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "healthlake": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "iam": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "iam.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "aws-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iam-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "aws-global-fips", - }: endpoint{ - Hostname: "iam-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "iam", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "iam", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iam-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "iam-fips", - }: endpoint{ - Hostname: "iam-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "identity-chime": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "identity-chime-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "identity-chime-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "identitystore": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "importexport": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "importexport.amazonaws.com", - SignatureVersions: []string{"v2", "v4"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - Service: "IngestionService", - }, - }, - }, - }, - "ingest.timestream": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "ingest-fips-us-east-1", - }: endpoint{ - Hostname: "ingest.timestream-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ingest-fips-us-east-2", - }: endpoint{ - Hostname: "ingest.timestream-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ingest-fips-us-west-2", - }: endpoint{ - Hostname: "ingest.timestream-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ingest-us-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ingest-us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ingest.timestream-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ingest-us-east-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ingest-us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ingest.timestream-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ingest-us-west-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ingest-us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ingest.timestream-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "inspector": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "inspector-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "inspector-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "inspector-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "inspector-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector-fips.us-west-2.amazonaws.com", - }, - }, - }, - "inspector2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "inspector2-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "inspector2-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "inspector2-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "inspector2-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector2-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector2-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector2-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector2-fips.us-west-2.amazonaws.com", - }, - }, - }, - "internetmonitor": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "internetmonitor.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "internetmonitor.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "internetmonitor.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "internetmonitor.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "internetmonitor.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "internetmonitor.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "internetmonitor.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "internetmonitor.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "internetmonitor.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "internetmonitor.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "internetmonitor.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "internetmonitor.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "internetmonitor-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "internetmonitor.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "internetmonitor.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "internetmonitor.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "internetmonitor.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "internetmonitor.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "internetmonitor.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "internetmonitor.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "internetmonitor.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "internetmonitor.eu-west-3.api.aws", - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "internetmonitor.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "internetmonitor.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "internetmonitor.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "internetmonitor.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "internetmonitor.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "internetmonitor-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "internetmonitor.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "internetmonitor-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "internetmonitor.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "internetmonitor-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "internetmonitor.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "internetmonitor-fips.us-west-2.amazonaws.com", - }, - }, - }, - "iot": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iot-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "iot-fips.ca-central-1.amazonaws.com", - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "iot-fips.us-east-1.amazonaws.com", - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "iot-fips.us-east-2.amazonaws.com", - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "iot-fips.us-west-1.amazonaws.com", - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "iot-fips.us-west-2.amazonaws.com", - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iot-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iot-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iot-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iot-fips.us-west-2.amazonaws.com", - }, - }, - }, - "iotanalytics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "iotevents": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotevents-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "iotevents-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "iotevents-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "iotevents-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "iotevents-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotevents-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotevents-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotevents-fips.us-west-2.amazonaws.com", - }, - }, - }, - "ioteventsdata": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "data.iotevents.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "data.iotevents.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "data.iotevents.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "data.iotevents.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "data.iotevents.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "data.iotevents.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iotevents-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "data.iotevents.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "data.iotevents.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "data.iotevents.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "data.iotevents-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "data.iotevents-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "data.iotevents-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "data.iotevents-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "data.iotevents.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iotevents-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "data.iotevents.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iotevents-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "data.iotevents.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iotevents-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "iotfleetwise": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "iotsecuredtunneling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-west-2.amazonaws.com", - }, - }, - }, - "iotsitewise": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotsitewise-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "iotsitewise-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "iotsitewise-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "iotsitewise-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "iotsitewise-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotsitewise-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotsitewise-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotsitewise-fips.us-west-2.amazonaws.com", - }, - }, - }, - "iotthingsgraph": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "iotthingsgraph", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "iottwinmaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "api-ap-northeast-1", - }: endpoint{ - Hostname: "api.iottwinmaker.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "api-ap-northeast-2", - }: endpoint{ - Hostname: "api.iottwinmaker.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "api-ap-south-1", - }: endpoint{ - Hostname: "api.iottwinmaker.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "api-ap-southeast-1", - }: endpoint{ - Hostname: "api.iottwinmaker.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "api-ap-southeast-2", - }: endpoint{ - Hostname: "api.iottwinmaker.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "api-eu-central-1", - }: endpoint{ - Hostname: "api.iottwinmaker.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "api-eu-west-1", - }: endpoint{ - Hostname: "api.iottwinmaker.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "api-us-east-1", - }: endpoint{ - Hostname: "api.iottwinmaker.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "api-us-west-2", - }: endpoint{ - Hostname: "api.iottwinmaker.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "data-ap-northeast-1", - }: endpoint{ - Hostname: "data.iottwinmaker.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "data-ap-northeast-2", - }: endpoint{ - Hostname: "data.iottwinmaker.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "data-ap-south-1", - }: endpoint{ - Hostname: "data.iottwinmaker.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "data-ap-southeast-1", - }: endpoint{ - Hostname: "data.iottwinmaker.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "data-ap-southeast-2", - }: endpoint{ - Hostname: "data.iottwinmaker.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "data-eu-central-1", - }: endpoint{ - Hostname: "data.iottwinmaker.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "data-eu-west-1", - }: endpoint{ - Hostname: "data.iottwinmaker.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "data-us-east-1", - }: endpoint{ - Hostname: "data.iottwinmaker.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "data-us-west-2", - }: endpoint{ - Hostname: "data.iottwinmaker.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "fips-api-us-east-1", - }: endpoint{ - Hostname: "api.iottwinmaker-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "fips-api-us-west-2", - }: endpoint{ - Hostname: "api.iottwinmaker-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "fips-data-us-east-1", - }: endpoint{ - Hostname: "data.iottwinmaker-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "fips-data-us-west-2", - }: endpoint{ - Hostname: "data.iottwinmaker-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "iottwinmaker-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "iottwinmaker-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iottwinmaker-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iottwinmaker-fips.us-west-2.amazonaws.com", - }, - }, - }, - "iotwireless": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "api.iotwireless.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "api.iotwireless.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "api.iotwireless.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "api.iotwireless.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "api.iotwireless.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "ivs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "ivschat": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "ivsrealtime": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "kafka": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kafka-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kafka-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "kafka-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "kafka-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "kafka-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "kafka-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "kafka-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "kafka-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kafka-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kafka-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kafka-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kafka-fips.us-west-2.amazonaws.com", - }, - }, - }, - "kafkaconnect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "kendra": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "kendra-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "kendra-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "kendra-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "kendra-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-fips.us-west-2.amazonaws.com", - }, - }, - }, - "kendra-ranking": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "kendra-ranking.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "kendra-ranking.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "kendra-ranking.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "kendra-ranking.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "kendra-ranking.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "kendra-ranking.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "kendra-ranking.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "kendra-ranking.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "kendra-ranking.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "kendra-ranking.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "kendra-ranking.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "kendra-ranking.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-ranking-fips.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "kendra-ranking.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "kendra-ranking.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "kendra-ranking.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "kendra-ranking.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "kendra-ranking.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "kendra-ranking.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "kendra-ranking.eu-west-3.api.aws", - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "kendra-ranking.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "kendra-ranking.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "kendra-ranking.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "kendra-ranking.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "kendra-ranking.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-ranking-fips.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "kendra-ranking.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-ranking-fips.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "kendra-ranking.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "kendra-ranking.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-ranking-fips.us-west-2.api.aws", - }, - }, - }, - "kinesis": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "kinesis-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "kinesis-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "kinesis-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "kinesis-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kinesis-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kinesis-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kinesis-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kinesis-fips.us-west-2.amazonaws.com", - }, - }, - }, - "kinesisanalytics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "kinesisvideo": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "kms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ProdFips", - }: endpoint{ - Hostname: "kms-fips.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.af-south-1.amazonaws.com", - }, - endpointKey{ - Region: "af-south-1-fips", - }: endpoint{ - Hostname: "kms-fips.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-east-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-east-1-fips", - }: endpoint{ - Hostname: "kms-fips.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-northeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-1-fips", - }: endpoint{ - Hostname: "kms-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-northeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-2-fips", - }: endpoint{ - Hostname: "kms-fips.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-northeast-3.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-3-fips", - }: endpoint{ - Hostname: "kms-fips.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-south-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-south-1-fips", - }: endpoint{ - Hostname: "kms-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-south-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-south-2-fips", - }: endpoint{ - Hostname: "kms-fips.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-southeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-1-fips", - }: endpoint{ - Hostname: "kms-fips.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-southeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-2-fips", - }: endpoint{ - Hostname: "kms-fips.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-southeast-3.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-3-fips", - }: endpoint{ - Hostname: "kms-fips.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ap-southeast-4.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-4-fips", - }: endpoint{ - Hostname: "kms-fips.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "kms-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - Hostname: "kms-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.eu-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1-fips", - }: endpoint{ - Hostname: "kms-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.eu-central-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-2-fips", - }: endpoint{ - Hostname: "kms-fips.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.eu-north-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-north-1-fips", - }: endpoint{ - Hostname: "kms-fips.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.eu-south-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-south-1-fips", - }: endpoint{ - Hostname: "kms-fips.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.eu-south-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-south-2-fips", - }: endpoint{ - Hostname: "kms-fips.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.eu-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-1-fips", - }: endpoint{ - Hostname: "kms-fips.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.eu-west-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-2-fips", - }: endpoint{ - Hostname: "kms-fips.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.eu-west-3.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-3-fips", - }: endpoint{ - Hostname: "kms-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.il-central-1.amazonaws.com", - }, - endpointKey{ - Region: "il-central-1-fips", - }: endpoint{ - Hostname: "kms-fips.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.me-central-1.amazonaws.com", - }, - endpointKey{ - Region: "me-central-1-fips", - }: endpoint{ - Hostname: "kms-fips.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.me-south-1.amazonaws.com", - }, - endpointKey{ - Region: "me-south-1-fips", - }: endpoint{ - Hostname: "kms-fips.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.sa-east-1.amazonaws.com", - }, - endpointKey{ - Region: "sa-east-1-fips", - }: endpoint{ - Hostname: "kms-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "kms-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "kms-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "kms-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "kms-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "lakeformation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "lakeformation-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "lakeformation-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "lakeformation-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "lakeformation-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lakeformation-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lakeformation-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lakeformation-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lakeformation-fips.us-west-2.amazonaws.com", - }, - }, - }, - "lambda": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.eu-west-3.api.aws", - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "lambda-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "lambda-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "lambda-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "lambda-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lambda-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lambda-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lambda-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lambda-fips.us-west-2.amazonaws.com", - }, - }, - }, - "license-manager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "license-manager-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "license-manager-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "license-manager-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "license-manager-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-fips.us-west-2.amazonaws.com", - }, - }, - }, - "license-manager-linux-subscriptions": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "license-manager-linux-subscriptions-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "license-manager-linux-subscriptions-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "license-manager-linux-subscriptions-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "license-manager-linux-subscriptions-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-linux-subscriptions-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-linux-subscriptions-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-linux-subscriptions-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-linux-subscriptions-fips.us-west-2.amazonaws.com", - }, - }, - }, - "license-manager-user-subscriptions": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "license-manager-user-subscriptions-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "license-manager-user-subscriptions-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "license-manager-user-subscriptions-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "license-manager-user-subscriptions-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-user-subscriptions-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-user-subscriptions-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-user-subscriptions-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-user-subscriptions-fips.us-west-2.amazonaws.com", - }, - }, - }, - "lightsail": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "logs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "logs-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.ca-west-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "logs-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.eu-west-3.api.aws", - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "logs-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "logs-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "logs-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "logs-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "logs-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "logs-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "logs-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "logs-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "logs-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "logs.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "logs-fips.us-west-2.amazonaws.com", - }, - }, - }, - "lookoutequipment": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "lookoutmetrics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "lookoutvision": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "m2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{}, - }, - }, - "machinelearning": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "macie2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "macie2-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "macie2-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "macie2-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "macie2-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie2-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie2-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie2-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie2-fips.us-west-2.amazonaws.com", - }, - }, - }, - "managedblockchain": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "managedblockchain-query": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "marketplacecommerceanalytics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "media-pipelines-chime": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "media-pipelines-chime-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "media-pipelines-chime-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "media-pipelines-chime-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "media-pipelines-chime-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "mediaconnect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "mediaconvert": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mediaconvert-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "mediaconvert-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "mediaconvert-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "mediaconvert-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "mediaconvert-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "mediaconvert-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mediaconvert-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mediaconvert-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mediaconvert-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mediaconvert-fips.us-west-2.amazonaws.com", - }, - }, - }, - "medialive": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "medialive-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "medialive-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "medialive-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "medialive-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "medialive-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "medialive-fips.us-west-2.amazonaws.com", - }, - }, - }, - "mediapackage": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "mediapackage-vod": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "mediapackagev2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "mediastore": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "meetings-chime": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "meetings-chime-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "meetings-chime-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "meetings-chime-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "meetings-chime-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "meetings-chime-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "meetings-chime-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "memory-db": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "memory-db-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "messaging-chime": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "messaging-chime-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "messaging-chime-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "metering.marketplace": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "aws-marketplace", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "metrics.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "mgh": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "mgn": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "mgn-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "mgn-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "mgn-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "mgn-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mgn-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mgn-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mgn-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mgn-fips.us-west-2.amazonaws.com", - }, - }, - }, - "migrationhub-orchestrator": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "migrationhub-strategy": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "mobileanalytics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "models-v2-lex": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "models.lex": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "lex", - }, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "models-fips.lex.{region}.{dnsSuffix}", - CredentialScope: credentialScope{ - Service: "lex", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "models-fips.lex.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "models-fips.lex.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "models-fips.lex.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "models-fips.lex.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "monitoring": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "monitoring-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "monitoring-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "monitoring-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "monitoring-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "monitoring-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "monitoring-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "monitoring-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "monitoring-fips.us-west-2.amazonaws.com", - }, - }, - }, - "mq": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "mq-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "mq-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "mq-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "mq-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mq-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mq-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mq-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mq-fips.us-west-2.amazonaws.com", - }, - }, - }, - "mturk-requester": service{ - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "sandbox", - }: endpoint{ - Hostname: "mturk-requester-sandbox.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "neptune": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "rds.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "rds.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "rds.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "rds.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "rds.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "rds.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "rds.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "rds.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "rds.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "rds.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "rds.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "rds.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "rds.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "rds.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "rds.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "rds.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "rds.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "rds.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "network-firewall": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "network-firewall-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "network-firewall-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "network-firewall-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "network-firewall-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "network-firewall-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "network-firewall-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "network-firewall-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "network-firewall-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "network-firewall-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "network-firewall-fips.us-west-2.amazonaws.com", - }, - }, - }, - "networkmanager": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "networkmanager.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "aws-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "networkmanager-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "fips-aws-global", - }: endpoint{ - Hostname: "networkmanager-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "nimble": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "oam": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "oidc": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "oidc.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "oidc.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "oidc.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "oidc.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "oidc.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "oidc.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "oidc.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "oidc.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "oidc.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "oidc.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "oidc.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "oidc.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "oidc.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "oidc.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "oidc.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "oidc.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "oidc.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "oidc.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "oidc.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "oidc.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "oidc.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "oidc.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "oidc.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "oidc.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "oidc.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "oidc.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "oidc.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "oidc.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "oidc.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "omics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "omics.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "omics.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "omics.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "omics.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "omics-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "omics-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "omics.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "omics.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "omics-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "omics.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "omics-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "opsworks": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "opsworks-cm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "organizations": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "organizations.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "aws-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "organizations-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "fips-aws-global", - }: endpoint{ - Hostname: "organizations-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "osis": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "outposts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "outposts-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "outposts-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "outposts-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "outposts-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "outposts-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "outposts-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "outposts-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "outposts-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "outposts-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "outposts-fips.us-west-2.amazonaws.com", - }, - }, - }, - "participant.connect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "participant.connect-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "participant.connect-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "participant.connect-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "participant.connect-fips.us-west-2.amazonaws.com", - }, - }, - }, - "personalize": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "pi": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.af-south-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-east-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-northeast-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-northeast-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-northeast-3.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-south-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-south-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-southeast-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-southeast-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-southeast-3.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ap-southeast-4.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ca-central-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pi-fips.ca-central-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "pi-fips.ca-central-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.ca-west-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pi-fips.ca-west-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "pi-fips.ca-west-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.eu-central-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.eu-central-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.eu-north-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.eu-south-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.eu-south-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.eu-west-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.eu-west-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.eu-west-3.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "pi-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "pi-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "pi-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "pi-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "pi-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "pi-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.il-central-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.me-central-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.me-south-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.sa-east-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.us-east-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pi-fips.us-east-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "pi-fips.us-east-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.us-east-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pi-fips.us-east-2.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "pi-fips.us-east-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.us-west-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pi-fips.us-west-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "pi-fips.us-west-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.us-west-2.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pi-fips.us-west-2.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "pi-fips.us-west-2.api.aws", - Protocols: []string{"https"}, - }, - }, - }, - "pinpoint": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "mobiletargeting", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "pinpoint.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pinpoint-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "pinpoint-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "pinpoint-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "pinpoint-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "pinpoint-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "pinpoint.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pinpoint-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "pinpoint.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pinpoint-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "pinpoint.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pinpoint-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "pipes": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "polly": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "polly-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "polly-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "polly-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "polly-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "polly-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "polly-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "polly-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "polly-fips.us-west-2.amazonaws.com", - }, - }, - }, - "portal.sso": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "portal.sso.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "portal.sso.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "portal.sso.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "portal.sso.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "portal.sso.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "portal.sso.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "portal.sso.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "portal.sso.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "portal.sso.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "portal.sso.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "portal.sso.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "portal.sso.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "portal.sso.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "portal.sso.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "portal.sso.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "portal.sso.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "portal.sso.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "portal.sso.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "portal.sso.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "portal.sso.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "portal.sso.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "portal.sso.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "portal.sso.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "portal.sso.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "portal.sso.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "portal.sso.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "portal.sso.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "portal.sso.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "portal.sso.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "private-networks": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "profile": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "profile-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "profile-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "profile-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "profile-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "profile-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "profile-fips.us-west-2.amazonaws.com", - }, - }, - }, - "projects.iot1click": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "proton": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "qbusiness": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "qbusiness.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "qbusiness.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "qbusiness.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "qbusiness.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "qbusiness.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "qbusiness.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "qbusiness.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "qbusiness.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "qbusiness.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "qbusiness.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "qbusiness.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "qbusiness.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "qbusiness.ca-west-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "qbusiness.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "qbusiness.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "qbusiness.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "qbusiness.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "qbusiness.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "qbusiness.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "qbusiness.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "qbusiness.eu-west-3.api.aws", - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "qbusiness.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "qbusiness.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "qbusiness.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "qbusiness.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "qbusiness.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "qbusiness.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "qbusiness.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "qbusiness.us-west-2.api.aws", - }, - }, - }, - "qldb": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "qldb-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "qldb-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "qldb-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "qldb-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "qldb-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "qldb-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "qldb-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "qldb-fips.us-west-2.amazonaws.com", - }, - }, - }, - "quicksight": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "api", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "ram": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ram-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ram-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ram-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "ram-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ram-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ram-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ram-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ram-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ram-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ram-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ram-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ram-fips.us-west-2.amazonaws.com", - }, - }, - }, - "rbin": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "rbin-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "rbin-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "rbin-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "rbin-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "rbin-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "rbin-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-west-2.amazonaws.com", - }, - }, - }, - "rds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "rds-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - Hostname: "rds-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "rds-fips.ca-central-1", - }: endpoint{ - Hostname: "rds-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds-fips.ca-west-1", - }: endpoint{ - Hostname: "rds-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds-fips.us-east-1", - }: endpoint{ - Hostname: "rds-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds-fips.us-east-2", - }: endpoint{ - Hostname: "rds-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds-fips.us-west-1", - }: endpoint{ - Hostname: "rds-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds-fips.us-west-2", - }: endpoint{ - Hostname: "rds-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.ca-central-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.ca-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-east-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-west-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - SSLCommonName: "{service}.{dnsSuffix}", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.us-east-1.amazonaws.com", - SSLCommonName: "{service}.{dnsSuffix}", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "rds-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "rds-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "rds-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "rds-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "rds-data": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "rds-data-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "rds-data-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "rds-data-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "rds-data-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-data-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-data-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-data-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds-data-fips.us-west-2.amazonaws.com", - }, - }, - }, - "redshift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "redshift-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "redshift-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "redshift-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "redshift-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "redshift-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "redshift-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-fips.us-west-2.amazonaws.com", - }, - }, - }, - "redshift-serverless": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-serverless-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "redshift-serverless-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "redshift-serverless-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "redshift-serverless-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "redshift-serverless-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "redshift-serverless-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-serverless-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-serverless-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-serverless-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "redshift-serverless-fips.us-west-2.amazonaws.com", - }, - }, - }, - "rekognition": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "rekognition-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "rekognition-fips.ca-central-1", - }: endpoint{ - Hostname: "rekognition-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition-fips.us-east-1", - }: endpoint{ - Hostname: "rekognition-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition-fips.us-east-2", - }: endpoint{ - Hostname: "rekognition-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition-fips.us-west-1", - }: endpoint{ - Hostname: "rekognition-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition-fips.us-west-2", - }: endpoint{ - Hostname: "rekognition-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.ca-central-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-east-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-west-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "rekognition-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "rekognition-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "rekognition-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "rekognition-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "resiliencehub": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "resource-explorer-2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "resource-groups": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "resource-groups-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "resource-groups-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "resource-groups-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "resource-groups-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "resource-groups-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "resource-groups-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "resource-groups-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "resource-groups-fips.us-west-2.amazonaws.com", - }, - }, - }, - "robomaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "rolesanywhere": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "rolesanywhere-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "rolesanywhere-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "rolesanywhere-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "rolesanywhere-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rolesanywhere-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rolesanywhere-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rolesanywhere-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rolesanywhere-fips.us-west-2.amazonaws.com", - }, - }, - }, - "route53": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "route53.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "aws-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "route53-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "fips-aws-global", - }: endpoint{ - Hostname: "route53-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "route53-recovery-control-config": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "route53-recovery-control-config.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "route53domains": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, - "route53resolver": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "rum": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "runtime-v2-lex": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "runtime.lex": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "lex", - }, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.lex.{region}.{dnsSuffix}", - CredentialScope: credentialScope{ - Service: "lex", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.lex.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "runtime-fips.lex.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.lex.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "runtime-fips.lex.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "runtime.sagemaker": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.sagemaker.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.sagemaker.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "runtime-fips.sagemaker.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.sagemaker.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "runtime-fips.sagemaker.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.sagemaker.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "runtime-fips.sagemaker.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.sagemaker.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "runtime-fips.sagemaker.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "s3": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedTrue, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - defaultKey{ - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "{service}-fips.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.af-south-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-east-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "s3.ap-northeast-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-northeast-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-northeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-northeast-3.amazonaws.com", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-south-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-south-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "s3.ap-southeast-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-southeast-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "s3.ap-southeast-2.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-southeast-2.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-southeast-3.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ap-southeast-4.amazonaws.com", - }, - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "s3.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.eu-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.eu-central-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.eu-north-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.eu-south-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.eu-south-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "s3.eu-west-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.eu-west-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.eu-west-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.eu-west-3.amazonaws.com", - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "s3-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "s3-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "s3-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "s3-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "s3-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "s3-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.il-central-1.amazonaws.com", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.me-central-1.amazonaws.com", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.me-south-1.amazonaws.com", - }, - endpointKey{ - Region: "s3-external-1", - }: endpoint{ - Hostname: "s3-external-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "s3.sa-east-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.sa-east-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "s3.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "s3.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "s3.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - }, - }, - "s3-control": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - defaultKey{ - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "{service}-fips.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "s3-control.af-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.af-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "s3-control.ap-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "s3-control.ap-northeast-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-northeast-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "s3-control.ap-northeast-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-northeast-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "s3-control.ap-northeast-3.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-northeast-3.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "s3-control.ap-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "s3-control.ap-south-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-south-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "s3-control.ap-southeast-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-southeast-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "s3-control.ap-southeast-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-southeast-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "s3-control.ap-southeast-3.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-southeast-3.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "s3-control.ap-southeast-4.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ap-southeast-4.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "s3-control.ca-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ca-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.ca-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.ca-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.ca-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "s3-control.ca-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.ca-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.ca-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.ca-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.ca-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "s3-control.eu-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.eu-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "s3-control.eu-central-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.eu-central-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "s3-control.eu-north-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.eu-north-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "s3-control.eu-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.eu-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "s3-control.eu-south-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.eu-south-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "s3-control.eu-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.eu-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "s3-control.eu-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.eu-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "s3-control.eu-west-3.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.eu-west-3.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "s3-control.il-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.il-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "s3-control.me-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.me-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "s3-control.me-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.me-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "s3-control.sa-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.sa-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "s3-control.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "s3-control.us-east-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-east-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-east-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-east-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-east-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "s3-control.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "s3-control.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "s3-outposts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - }, - }, - "sagemaker-geospatial": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "savingsplans": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "savingsplans.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "scheduler": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "schemas": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "sdb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"v2"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "sdb.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "secretsmanager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - - Deprecated: boxedTrue, - }, - }, - }, - "securityhub": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "securityhub-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "securityhub-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "securityhub-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "securityhub-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securityhub-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securityhub-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securityhub-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securityhub-fips.us-west-2.amazonaws.com", - }, - }, - }, - "securitylake": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "securitylake-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "securitylake-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "securitylake-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "securitylake-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securitylake-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securitylake-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securitylake-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securitylake-fips.us-west-2.amazonaws.com", - }, - }, - }, - "serverlessrepo": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "serverlessrepo-fips.us-east-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "serverlessrepo-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "serverlessrepo-fips.us-east-2.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "serverlessrepo-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "serverlessrepo-fips.us-west-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "serverlessrepo-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "serverlessrepo-fips.us-west-2.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "serverlessrepo-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "servicecatalog": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "servicecatalog-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "servicecatalog-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "servicecatalog-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "servicecatalog-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "servicecatalog-appregistry": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-appregistry-fips.us-west-2.amazonaws.com", - }, - }, - }, - "servicediscovery": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "af-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-east-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-northeast-1.api.aws", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-northeast-3.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-south-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-southeast-3.api.aws", - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ap-southeast-4.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.ca-west-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.ca-west-1.api.aws", - }, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.eu-central-2.api.aws", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.eu-north-1.api.aws", - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.eu-south-1.api.aws", - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.eu-south-2.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.eu-west-3.api.aws", - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.il-central-1.api.aws", - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.me-central-1.api.aws", - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.me-south-1.api.aws", - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.sa-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "servicequotas": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "session.qldb": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "session.qldb-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "session.qldb-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "session.qldb-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "session.qldb-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "session.qldb-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "session.qldb-fips.us-west-2.amazonaws.com", - }, - }, - }, - "shield": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SSLCommonName: "shield.us-east-1.amazonaws.com", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "shield.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "aws-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "shield-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "fips-aws-global", - }: endpoint{ - Hostname: "shield-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "signer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "signer-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "signer-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "signer-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "signer-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-verification-us-east-1", - }: endpoint{ - Hostname: "verification.signer-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "fips-verification-us-east-2", - }: endpoint{ - Hostname: "verification.signer-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "fips-verification-us-west-1", - }: endpoint{ - Hostname: "verification.signer-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "fips-verification-us-west-2", - }: endpoint{ - Hostname: "verification.signer-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "signer-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "signer-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "signer-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "signer-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "verification-af-south-1", - }: endpoint{ - Hostname: "verification.signer.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "verification-ap-east-1", - }: endpoint{ - Hostname: "verification.signer.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "verification-ap-northeast-1", - }: endpoint{ - Hostname: "verification.signer.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "verification-ap-northeast-2", - }: endpoint{ - Hostname: "verification.signer.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "verification-ap-south-1", - }: endpoint{ - Hostname: "verification.signer.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "verification-ap-southeast-1", - }: endpoint{ - Hostname: "verification.signer.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "verification-ap-southeast-2", - }: endpoint{ - Hostname: "verification.signer.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "verification-ca-central-1", - }: endpoint{ - Hostname: "verification.signer.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "verification-eu-central-1", - }: endpoint{ - Hostname: "verification.signer.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "verification-eu-north-1", - }: endpoint{ - Hostname: "verification.signer.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "verification-eu-south-1", - }: endpoint{ - Hostname: "verification.signer.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "verification-eu-west-1", - }: endpoint{ - Hostname: "verification.signer.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "verification-eu-west-2", - }: endpoint{ - Hostname: "verification.signer.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "verification-eu-west-3", - }: endpoint{ - Hostname: "verification.signer.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "verification-me-south-1", - }: endpoint{ - Hostname: "verification.signer.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "verification-sa-east-1", - }: endpoint{ - Hostname: "verification.signer.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "verification-us-east-1", - }: endpoint{ - Hostname: "verification.signer.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "verification-us-east-2", - }: endpoint{ - Hostname: "verification.signer.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "verification-us-west-1", - }: endpoint{ - Hostname: "verification.signer.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "verification-us-west-2", - }: endpoint{ - Hostname: "verification.signer.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "simspaceweaver": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "sms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "sms-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-fips.us-west-2.amazonaws.com", - }, - }, - }, - "sms-voice": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "sms-voice-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "sms-voice-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "sms-voice-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "sms-voice-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.us-west-2.amazonaws.com", - }, - }, - }, - "snowball": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.ap-northeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.ap-northeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.ap-northeast-3.amazonaws.com", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.ap-south-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.ap-southeast-1.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.ap-southeast-2.amazonaws.com", - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.eu-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.eu-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.eu-west-2.amazonaws.com", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.eu-west-3.amazonaws.com", - }, - endpointKey{ - Region: "fips-ap-northeast-1", - }: endpoint{ - Hostname: "snowball-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-2", - }: endpoint{ - Hostname: "snowball-fips.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-3", - }: endpoint{ - Hostname: "snowball-fips.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-south-1", - }: endpoint{ - Hostname: "snowball-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-1", - }: endpoint{ - Hostname: "snowball-fips.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-2", - }: endpoint{ - Hostname: "snowball-fips.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "snowball-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-central-1", - }: endpoint{ - Hostname: "snowball-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-1", - }: endpoint{ - Hostname: "snowball-fips.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-2", - }: endpoint{ - Hostname: "snowball-fips.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-3", - }: endpoint{ - Hostname: "snowball-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-sa-east-1", - }: endpoint{ - Hostname: "snowball-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "snowball-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "snowball-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "snowball-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "snowball-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.sa-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.us-west-2.amazonaws.com", - }, - }, - }, - "sns": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sns-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "sns-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "sns-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "sns-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "sns-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "sns-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sns-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sns-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sns-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sns-fips.us-west-2.amazonaws.com", - }, - }, - }, - "sqs": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SSLCommonName: "{region}.queue.{dnsSuffix}", - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "sqs-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "sqs-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "sqs-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "sqs-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - SSLCommonName: "queue.{dnsSuffix}", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sqs-fips.us-east-1.amazonaws.com", - SSLCommonName: "queue.{dnsSuffix}", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sqs-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sqs-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sqs-fips.us-west-2.amazonaws.com", - }, - }, - }, - "ssm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ssm-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "ssm-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ssm-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ssm-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ssm-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ssm-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-fips.us-west-2.amazonaws.com", - }, - }, - }, - "ssm-contacts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ssm-contacts-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ssm-contacts-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ssm-contacts-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ssm-contacts-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-contacts-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-contacts-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-contacts-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-contacts-fips.us-west-2.amazonaws.com", - }, - }, - }, - "ssm-incidents": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-incidents-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ssm-incidents-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ssm-incidents-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ssm-incidents-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ssm-incidents-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ssm-incidents-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-incidents-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-incidents-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-incidents-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-incidents-fips.us-west-2.amazonaws.com", - }, - }, - }, - "ssm-sap": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-sap-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ssm-sap-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ssm-sap-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ssm-sap-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ssm-sap-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ssm-sap-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-sap-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-sap-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-sap-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm-sap-fips.us-west-2.amazonaws.com", - }, - }, - }, - "sso": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "states": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "states-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "states-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "states-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "states-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "states-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "states-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "states-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "states-fips.us-west-2.amazonaws.com", - }, - }, - }, - "storagegateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "storagegateway-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1-fips", - }: endpoint{ - Hostname: "storagegateway-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "streams.dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "dynamodb", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "local", - }: endpoint{ - Hostname: "localhost:8000", - Protocols: []string{"http"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "sts": service{ - PartitionEndpoint: "aws-global", - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "sts.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sts-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "sts-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sts-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "sts-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sts-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "sts-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sts-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "sts-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "support": service{ - PartitionEndpoint: "aws-global", - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "support.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "supportapp": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "swf": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "swf-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "swf-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "swf-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "swf-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "swf-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "swf-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "swf-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "swf-fips.us-west-2.amazonaws.com", - }, - }, - }, - "synthetics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "synthetics-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "synthetics-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "synthetics-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "synthetics-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "synthetics-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "synthetics-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "synthetics-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "synthetics-fips.us-west-2.amazonaws.com", - }, - }, - }, - "tagging": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "tax": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "tax.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "textract": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.ap-northeast-2.api.aws", - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.ap-southeast-1.api.aws", - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.ap-southeast-2.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.ca-central-1.api.aws", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "textract-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "textract-fips.ca-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.eu-west-1.api.aws", - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.eu-west-2.api.aws", - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.eu-west-3.api.aws", - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "textract-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "textract-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "textract-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "textract-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "textract-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "textract-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "textract-fips.us-east-1.api.aws", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "textract-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "textract-fips.us-east-2.api.aws", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "textract-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "textract-fips.us-west-1.api.aws", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.us-west-2.api.aws", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "textract-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "textract-fips.us-west-2.api.aws", - }, - }, - }, - "thinclient": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "tnb": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "transcribe": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "fips.transcribe.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "fips.transcribe.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "fips.transcribe.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "fips.transcribe.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "fips.transcribe.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.us-west-2.amazonaws.com", - }, - }, - }, - "transcribestreaming": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "transcribestreaming-ca-central-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transcribestreaming-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-fips-ca-central-1", - }: endpoint{ - Hostname: "transcribestreaming-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-fips-us-east-1", - }: endpoint{ - Hostname: "transcribestreaming-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-fips-us-east-2", - }: endpoint{ - Hostname: "transcribestreaming-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-fips-us-west-2", - }: endpoint{ - Hostname: "transcribestreaming-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-us-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transcribestreaming-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-us-east-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transcribestreaming-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-us-west-2", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "transcribestreaming-us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transcribestreaming-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "transfer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transfer-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transfer-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "transfer-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "transfer-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "transfer-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "transfer-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "transfer-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "transfer-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transfer-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transfer-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transfer-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transfer-fips.us-west-2.amazonaws.com", - }, - }, - }, - "translate": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "translate-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "translate-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "translate-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "translate-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "translate-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "translate-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "translate-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "translate-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "verifiedpermissions": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "verifiedpermissions-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "verifiedpermissions-fips.ca-west-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "verifiedpermissions-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "verifiedpermissions-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-west-2.amazonaws.com", - }, - }, - }, - "voice-chime": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "voice-chime-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "voice-chime-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "voice-chime-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "voice-chime-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "voice-chime-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "voice-chime-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "voiceid": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "voiceid-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "voiceid-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "voiceid-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "voiceid-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "voiceid-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "voiceid-fips.us-west-2.amazonaws.com", - }, - }, - }, - "vpc-lattice": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "waf": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "aws", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "aws-fips", - }: endpoint{ - Hostname: "waf-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "aws-global", - }: endpoint{ - Hostname: "waf.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "aws-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "aws-global-fips", - }: endpoint{ - Hostname: "waf-fips.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "waf-regional": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "waf-regional.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "af-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "waf-regional.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "waf-regional.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "waf-regional.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "waf-regional.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "waf-regional.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "waf-regional.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-south-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "waf-regional.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "waf-regional.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "waf-regional.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "waf-regional.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "waf-regional.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "waf-regional.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "waf-regional.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-central-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "waf-regional.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-north-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "waf-regional.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "waf-regional.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-south-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "waf-regional.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "waf-regional.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "waf-regional.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "eu-west-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "fips-af-south-1", - }: endpoint{ - Hostname: "waf-regional-fips.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-east-1", - }: endpoint{ - Hostname: "waf-regional-fips.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-1", - }: endpoint{ - Hostname: "waf-regional-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-2", - }: endpoint{ - Hostname: "waf-regional-fips.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-3", - }: endpoint{ - Hostname: "waf-regional-fips.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-south-1", - }: endpoint{ - Hostname: "waf-regional-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-south-2", - }: endpoint{ - Hostname: "waf-regional-fips.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-1", - }: endpoint{ - Hostname: "waf-regional-fips.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-2", - }: endpoint{ - Hostname: "waf-regional-fips.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-3", - }: endpoint{ - Hostname: "waf-regional-fips.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-4", - }: endpoint{ - Hostname: "waf-regional-fips.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "waf-regional-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-central-1", - }: endpoint{ - Hostname: "waf-regional-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-central-2", - }: endpoint{ - Hostname: "waf-regional-fips.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-north-1", - }: endpoint{ - Hostname: "waf-regional-fips.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-south-1", - }: endpoint{ - Hostname: "waf-regional-fips.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-south-2", - }: endpoint{ - Hostname: "waf-regional-fips.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-1", - }: endpoint{ - Hostname: "waf-regional-fips.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-2", - }: endpoint{ - Hostname: "waf-regional-fips.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-3", - }: endpoint{ - Hostname: "waf-regional-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-il-central-1", - }: endpoint{ - Hostname: "waf-regional-fips.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-me-central-1", - }: endpoint{ - Hostname: "waf-regional-fips.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-me-south-1", - }: endpoint{ - Hostname: "waf-regional-fips.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-sa-east-1", - }: endpoint{ - Hostname: "waf-regional-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "waf-regional-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "waf-regional-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "waf-regional-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "waf-regional-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "waf-regional.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "il-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "waf-regional.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "waf-regional.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "me-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "waf-regional.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "waf-regional.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "waf-regional.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "waf-regional.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "waf-regional.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "wafv2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "wafv2.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "af-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "wafv2.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{ - Hostname: "wafv2.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{ - Hostname: "wafv2.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{ - Hostname: "wafv2.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-northeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - endpointKey{ - Region: "ap-south-1", - }: endpoint{ - Hostname: "wafv2.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "wafv2.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-south-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{ - Hostname: "wafv2.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{ - Hostname: "wafv2.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{ - Hostname: "wafv2.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{ - Hostname: "wafv2.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ap-southeast-4", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - }, - endpointKey{ - Region: "ca-central-1", - }: endpoint{ - Hostname: "wafv2.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - endpointKey{ - Region: "ca-west-1", - }: endpoint{ - Hostname: "wafv2.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "ca-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{ - Hostname: "wafv2.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "wafv2.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-central-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - }, - endpointKey{ - Region: "eu-north-1", - }: endpoint{ - Hostname: "wafv2.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-north-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - }: endpoint{ - Hostname: "wafv2.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - }, - endpointKey{ - Region: "eu-south-2", - }: endpoint{ - Hostname: "wafv2.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-south-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - }, - endpointKey{ - Region: "eu-west-1", - }: endpoint{ - Hostname: "wafv2.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - }, - endpointKey{ - Region: "eu-west-2", - }: endpoint{ - Hostname: "wafv2.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - }, - endpointKey{ - Region: "eu-west-3", - }: endpoint{ - Hostname: "wafv2.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "eu-west-3", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - endpointKey{ - Region: "fips-af-south-1", - }: endpoint{ - Hostname: "wafv2-fips.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-east-1", - }: endpoint{ - Hostname: "wafv2-fips.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-1", - }: endpoint{ - Hostname: "wafv2-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-2", - }: endpoint{ - Hostname: "wafv2-fips.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-northeast-3", - }: endpoint{ - Hostname: "wafv2-fips.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-south-1", - }: endpoint{ - Hostname: "wafv2-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-south-2", - }: endpoint{ - Hostname: "wafv2-fips.ap-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-1", - }: endpoint{ - Hostname: "wafv2-fips.ap-southeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-2", - }: endpoint{ - Hostname: "wafv2-fips.ap-southeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-3", - }: endpoint{ - Hostname: "wafv2-fips.ap-southeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ap-southeast-4", - }: endpoint{ - Hostname: "wafv2-fips.ap-southeast-4.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-southeast-4", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "wafv2-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-ca-west-1", - }: endpoint{ - Hostname: "wafv2-fips.ca-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-central-1", - }: endpoint{ - Hostname: "wafv2-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-central-2", - }: endpoint{ - Hostname: "wafv2-fips.eu-central-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-north-1", - }: endpoint{ - Hostname: "wafv2-fips.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-south-1", - }: endpoint{ - Hostname: "wafv2-fips.eu-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-south-2", - }: endpoint{ - Hostname: "wafv2-fips.eu-south-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-south-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-1", - }: endpoint{ - Hostname: "wafv2-fips.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-2", - }: endpoint{ - Hostname: "wafv2-fips.eu-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-eu-west-3", - }: endpoint{ - Hostname: "wafv2-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-il-central-1", - }: endpoint{ - Hostname: "wafv2-fips.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-me-central-1", - }: endpoint{ - Hostname: "wafv2-fips.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-me-south-1", - }: endpoint{ - Hostname: "wafv2-fips.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-sa-east-1", - }: endpoint{ - Hostname: "wafv2-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "wafv2-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "wafv2-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "wafv2-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "wafv2-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{ - Hostname: "wafv2.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "il-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.il-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "il-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{ - Hostname: "wafv2.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.me-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-central-1", - }, - }, - endpointKey{ - Region: "me-south-1", - }: endpoint{ - Hostname: "wafv2.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "me-south-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - }: endpoint{ - Hostname: "wafv2.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "sa-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{ - Hostname: "wafv2.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{ - Hostname: "wafv2.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{ - Hostname: "wafv2.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{ - Hostname: "wafv2.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - }, - }, - }, - "wellarchitected": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "wisdom": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "ui-ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ui-ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ui-ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ui-ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ui-ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ui-eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "ui-eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "ui-us-east-1", - }: endpoint{}, - endpointKey{ - Region: "ui-us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{}, - }, - }, - "workdocs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "workdocs-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "workdocs-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "workdocs-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "workdocs-fips.us-west-2.amazonaws.com", - }, - }, - }, - "workmail": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "workspaces": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "workspaces-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "workspaces-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "workspaces-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "workspaces-fips.us-west-2.amazonaws.com", - }, - }, - }, - "workspaces-web": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "xray": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-4", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "xray-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "xray-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "xray-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "xray-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "il-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "xray-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "xray-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "xray-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "xray-fips.us-west-2.amazonaws.com", - }, - }, - }, - }, -} - -// AwsCnPartition returns the Resolver for AWS China. -func AwsCnPartition() Partition { - return awscnPartition.Partition() -} - -var awscnPartition = partition{ - ID: "aws-cn", - Name: "AWS China", - DNSSuffix: "amazonaws.com.cn", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^cn\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - Regions: regions{ - "cn-north-1": region{ - Description: "China (Beijing)", - }, - "cn-northwest-1": region{ - Description: "China (Ningxia)", - }, - }, - Services: services{ - "access-analyzer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "account": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "account.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "acm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "acm-pca": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "airflow": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "api.ecr": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "api.ecr.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "api.ecr.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "api.pricing": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "pricing", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "api.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "api.tunneling.iot": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "apigateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "appconfig": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "appconfigdata": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "application-autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "applicationinsights": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "appmesh": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "appmesh.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "appsync": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "arc-zonal-shift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "athena": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "autoscaling-plans": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "backup": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "batch": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "budgets": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "budgets.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "cassandra": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "ce": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "ce.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "cloudcontrolapi": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "cloudformation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "cloudfront": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "cloudfront.cn-northwest-1.amazonaws.com.cn", - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "cloudtrail": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "codebuild": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "codecommit": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "codedeploy": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "codepipeline": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "cognito-identity": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "compute-optimizer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "compute-optimizer.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "compute-optimizer.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "config": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "cur": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "data-ats.iot": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Service: "iotdata", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "data.ats.iot.cn-north-1.amazonaws.com.cn", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "data.jobs.iot": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "databrew": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "datasync": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "datazone": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.amazonwebservices.com.cn", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "datazone.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "datazone.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "dax": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "directconnect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "dlm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "dms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "docdb": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "rds.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "ds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "ebs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "ec2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "ecs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "eks": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "eks-auth": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.amazonwebservices.com.cn", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "eks-auth.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "eks-auth.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "elasticache": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "elasticbeanstalk": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "elasticfilesystem": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.cn-north-1.amazonaws.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn", - }, - endpointKey{ - Region: "fips-cn-north-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-cn-northwest-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "elasticloadbalancing": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "elasticmapreduce": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "elasticmapreduce.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "elasticmapreduce.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "emr-containers": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "emr-serverless": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "entitlement.marketplace": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "entitlement-marketplace.cn-northwest-1.amazonaws.com.cn", - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "es": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "events": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "firehose": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "firehose.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "firehose.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "fms": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "fsx": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "gamelift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "glacier": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "glue": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "greengrass": service{ - IsRegionalized: boxedTrue, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "guardduty": service{ - IsRegionalized: boxedTrue, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "health": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SSLCommonName: "health.cn-northwest-1.amazonaws.com.cn", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "global.health.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "iam": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "iam.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - }, - }, - "identitystore": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "inspector2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "internetmonitor": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.amazonwebservices.com.cn", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "internetmonitor.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "internetmonitor.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "iot": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "iotanalytics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "iotevents": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "ioteventsdata": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "data.iotevents.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - }, - }, - "iotsecuredtunneling": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "iotsitewise": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "iottwinmaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "api-cn-north-1", - }: endpoint{ - Hostname: "api.iottwinmaker.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "data-cn-north-1", - }: endpoint{ - Hostname: "data.iottwinmaker.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - }, - }, - "kafka": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "kendra-ranking": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.amazonwebservices.com.cn", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "kendra-ranking.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "kendra-ranking.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "kinesis": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "kinesisanalytics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "kinesisvideo": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "kms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "lakeformation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "lambda": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "license-manager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "license-manager-linux-subscriptions": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "logs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "mediaconvert": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "mediaconvert.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "memory-db": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "metrics.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "monitoring": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "mq": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "neptune": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "rds.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "rds.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "network-firewall": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "oam": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "oidc": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "oidc.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "oidc.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "organizations": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "organizations.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "personalize": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "pi": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.cn-north-1.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.cn-northwest-1.api.amazonwebservices.com.cn", - Protocols: []string{"https"}, - }, - }, - }, - "pipes": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "polly": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "portal.sso": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "portal.sso.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "portal.sso.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "qbusiness": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.amazonwebservices.com.cn", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "qbusiness.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "qbusiness.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "quicksight": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "ram": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "rbin": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "rds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "redshift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "redshift-serverless": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "resource-groups": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "rolesanywhere": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "route53": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "route53.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "route53resolver": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "runtime.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "s3": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com.cn", - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.cn-north-1.amazonaws.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.cn-northwest-1.amazonaws.com.cn", - }, - }, - }, - "s3-control": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com.cn", - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "s3-control.cn-north-1.amazonaws.com.cn", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.cn-north-1.amazonaws.com.cn", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "s3-control.cn-northwest-1.amazonaws.com.cn", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.cn-northwest-1.amazonaws.com.cn", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "savingsplans": service{ - IsRegionalized: boxedTrue, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "savingsplans.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "savingsplans.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "schemas": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "secretsmanager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{}, - }, - }, - "securityhub": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "serverlessrepo": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - }, - }, - "servicecatalog": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "servicediscovery": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "servicequotas": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "signer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "verification-cn-north-1", - }: endpoint{ - Hostname: "verification.signer.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "verification-cn-northwest-1", - }: endpoint{ - Hostname: "verification.signer.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "sms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - }, - }, - "snowball": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.cn-north-1.amazonaws.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.cn-northwest-1.amazonaws.com.cn", - }, - endpointKey{ - Region: "fips-cn-north-1", - }: endpoint{ - Hostname: "snowball-fips.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-cn-northwest-1", - }: endpoint{ - Hostname: "snowball-fips.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "sns": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "sqs": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SSLCommonName: "{region}.queue.{dnsSuffix}", - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "ssm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "sso": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "states": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-north-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "states.cn-north-1.api.amazonwebservices.com.cn", - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "states.cn-northwest-1.api.amazonwebservices.com.cn", - }, - }, - }, - "storagegateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "streams.dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "dynamodb", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "sts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "support": service{ - PartitionEndpoint: "aws-cn-global", - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-cn-global", - }: endpoint{ - Hostname: "support.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - }, - }, - "swf": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "synthetics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "tagging": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "transcribe": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "cn.transcribe.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "cn.transcribe.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - }, - }, - "transcribestreaming": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "transfer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "waf-regional": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "waf-regional.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-north-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "waf-regional.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - endpointKey{ - Region: "fips-cn-north-1", - }: endpoint{ - Hostname: "waf-regional-fips.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-cn-northwest-1", - }: endpoint{ - Hostname: "waf-regional-fips.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "wafv2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{ - Hostname: "wafv2.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-north-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{ - Hostname: "wafv2.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - endpointKey{ - Region: "cn-northwest-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - }, - endpointKey{ - Region: "fips-cn-north-1", - }: endpoint{ - Hostname: "wafv2-fips.cn-north-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-north-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-cn-northwest-1", - }: endpoint{ - Hostname: "wafv2-fips.cn-northwest-1.amazonaws.com.cn", - CredentialScope: credentialScope{ - Region: "cn-northwest-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "workspaces": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - "xray": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "cn-north-1", - }: endpoint{}, - endpointKey{ - Region: "cn-northwest-1", - }: endpoint{}, - }, - }, - }, -} - -// AwsUsGovPartition returns the Resolver for AWS GovCloud (US). -func AwsUsGovPartition() Partition { - return awsusgovPartition.Partition() -} - -var awsusgovPartition = partition{ - ID: "aws-us-gov", - Name: "AWS GovCloud (US)", - DNSSuffix: "amazonaws.com", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^us\\-gov\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - Regions: regions{ - "us-gov-east-1": region{ - Description: "AWS GovCloud (US-East)", - }, - "us-gov-west-1": region{ - Description: "AWS GovCloud (US-West)", - }, - }, - Services: services{ - "access-analyzer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "acm": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "acm.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "acm.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "acm-pca": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "acm-pca.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "acm-pca.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "acm-pca.us-gov-west-1.amazonaws.com", - }, - }, - }, - "api.detective": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.detective-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "api.detective-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.detective-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "api.detective-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "api.ecr": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "dkr-us-gov-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-gov-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dkr-us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-dkr-us-gov-east-1", - }: endpoint{ - Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-dkr-us-gov-west-1", - }: endpoint{ - Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "api.ecr.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "api.ecr.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "api.sagemaker": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "api-fips.sagemaker.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api-fips.sagemaker.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "api-fips.sagemaker.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1-fips-secondary", - }: endpoint{ - Hostname: "api.sagemaker.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1-secondary", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1-secondary", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.sagemaker.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "api.tunneling.iot": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "apigateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "appconfig": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "appconfig.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "appconfig.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appconfig.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appconfig.us-gov-west-1.amazonaws.com", - }, - }, - }, - "appconfigdata": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "appconfigdata.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "appconfigdata.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appconfigdata.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appconfigdata.us-gov-west-1.amazonaws.com", - }, - }, - }, - "application-autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "application-autoscaling", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", - Protocols: []string{"http", "https"}, - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - - Deprecated: boxedTrue, - }, - }, - }, - "applicationinsights": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "applicationinsights.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "applicationinsights.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "appstream2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Service: "appstream", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appstream2-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "appstream2-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "arc-zonal-shift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "athena": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "athena-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "athena-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "athena-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "athena-fips.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "athena.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "athena-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "athena-fips.us-gov-west-1.api.aws", - }, - }, - }, - "autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - }, - "autoscaling-plans": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling-plans.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "autoscaling-plans.us-gov-east-1.amazonaws.com", - Protocols: []string{"http", "https"}, - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "autoscaling-plans.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "autoscaling-plans.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - - Deprecated: boxedTrue, - }, - }, - }, - "backup": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "backup-gateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "batch": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "batch.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "batch.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "batch.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "batch.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "batch.us-gov-west-1.amazonaws.com", - }, - }, - }, - "bedrock": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "bedrock-fips-us-gov-west-1", - }: endpoint{ - Hostname: "bedrock-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-fips-us-gov-west-1", - }: endpoint{ - Hostname: "bedrock-runtime-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "bedrock-runtime-us-gov-west-1", - }: endpoint{ - Hostname: "bedrock-runtime.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "bedrock-us-gov-west-1", - }: endpoint{ - Hostname: "bedrock.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "cassandra": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "cassandra.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cassandra.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "cassandra.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "cassandra.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cassandra.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "cassandra.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "cloudcontrolapi": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "cloudcontrolapi-fips.us-gov-west-1.api.aws", - }, - }, - }, - "clouddirectory": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "cloudformation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "cloudformation.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudformation.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "cloudformation.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "cloudformation.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudformation.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "cloudformation.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "cloudhsm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "cloudhsmv2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "cloudhsm", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "cloudtrail": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "cloudtrail.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudtrail.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", - }, - }, - }, - "codebuild": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codebuild-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "codebuild-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codebuild-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "codebuild-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "codecommit": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codecommit-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "codecommit-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "codedeploy": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codedeploy-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "codedeploy-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codedeploy-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "codedeploy-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "codepipeline": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "codepipeline-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "codepipeline-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codepipeline-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "codepipeline-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "codestar-connections": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - }, - }, - "cognito-identity": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "cognito-identity-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-identity-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "cognito-idp": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "cognito-idp-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "cognito-idp-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "comprehend": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "comprehend-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehend-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "comprehendmedical": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "comprehendmedical-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "comprehendmedical-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "compute-optimizer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "compute-optimizer-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "compute-optimizer-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "config": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "config.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "config.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "config.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "config.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "config.us-gov-west-1.amazonaws.com", - }, - }, - }, - "connect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "connect.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "connect.us-gov-west-1.amazonaws.com", - }, - }, - }, - "controltower": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "controltower-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "controltower-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "controltower-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "controltower-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "data-ats.iot": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Service: "iotdata", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "data.iot-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "iotdata", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "data.iot-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "iotdata", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iot-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iot-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "data.jobs.iot": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.jobs.iot-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "databrew": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "databrew.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "databrew.us-gov-west-1.amazonaws.com", - }, - }, - }, - "datasync": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "datasync-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "datasync-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "datazone": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "datazone.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "datazone.us-gov-west-1.api.aws", - }, - }, - }, - "directconnect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "directconnect-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "directconnect-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "directconnect-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "directconnect-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "dlm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dlm.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "dlm.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dlm.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "dlm.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "dms": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "dms", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dms", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dms-fips", - }: endpoint{ - Hostname: "dms.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "dms.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "dms.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "docdb": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "rds.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "drs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "drs-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "drs-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "drs-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "drs-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "ds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "ds-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "ds-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "dynamodb.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "dynamodb.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "ebs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "ec2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "ec2.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "ec2.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "ec2.us-gov-east-1.api.aws", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "ec2.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "ec2.us-gov-west-1.api.aws", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "ecs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "ecs-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "ecs-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecs-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ecs-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "eks": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "eks.{region}.{dnsSuffix}", - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "eks.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "eks.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "eks.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "eks.us-gov-west-1.amazonaws.com", - }, - }, - }, - "eks-auth": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "eks-auth.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "eks-auth.us-gov-west-1.api.aws", - }, - }, - }, - "elasticache": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticache.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "elasticache.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticache.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "elasticache.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "elasticbeanstalk": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "elasticfilesystem": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "elasticloadbalancing": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticloadbalancing.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "elasticloadbalancing.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "elasticloadbalancing.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticloadbalancing.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticloadbalancing.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - }, - }, - "elasticmapreduce": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "elasticmapreduce.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "elasticmapreduce.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "elasticmapreduce.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "elasticmapreduce.us-gov-west-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce.us-gov-west-1.amazonaws.com", - Protocols: []string{"https"}, - }, - }, - }, - "email": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "email-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "email-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "email-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "email-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "emr-containers": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "emr-containers.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "emr-containers.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-containers.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-containers.us-gov-west-1.amazonaws.com", - }, - }, - }, - "emr-serverless": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "emr-serverless.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "emr-serverless.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-serverless.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "emr-serverless.us-gov-west-1.amazonaws.com", - }, - }, - }, - "es": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "es-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "es-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "aos.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "es-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "events": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "events.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "events.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "events.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "events.us-gov-west-1.amazonaws.com", - }, - }, - }, - "firehose": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "firehose-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "firehose-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "firehose-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "firehose-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "fms": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "fms-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "fms-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fms-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "fsx": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-prod-us-gov-east-1", - }: endpoint{ - Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-prod-us-gov-west-1", - }: endpoint{ - Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-gov-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-gov-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "geo": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "geo-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "geo-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "glacier": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "glacier.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "glacier.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glacier.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glacier.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - }, - }, - "glue": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "glue-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "glue-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "glue.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glue-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "glue-fips.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "glue.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "glue-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "glue-fips.us-gov-west-1.api.aws", - }, - }, - }, - "greengrass": service{ - IsRegionalized: boxedTrue, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "dataplane-us-gov-east-1", - }: endpoint{ - Hostname: "greengrass-ats.iot.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "dataplane-us-gov-west-1", - }: endpoint{ - Hostname: "greengrass-ats.iot.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "greengrass.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "greengrass.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "greengrass.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "greengrass.us-gov-west-1.amazonaws.com", - }, - }, - }, - "guardduty": service{ - IsRegionalized: boxedTrue, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "guardduty.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "guardduty.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "guardduty.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "guardduty.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "guardduty.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "health": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SSLCommonName: "health.us-gov-west-1.amazonaws.com", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-us-gov-global", - }: endpoint{ - Hostname: "global.health.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "health-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "health-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "iam": service{ - PartitionEndpoint: "aws-us-gov-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-us-gov-global", - }: endpoint{ - Hostname: "iam.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "aws-us-gov-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iam.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "aws-us-gov-global-fips", - }: endpoint{ - Hostname: "iam.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "iam-govcloud", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "iam-govcloud", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iam.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "iam-govcloud-fips", - }: endpoint{ - Hostname: "iam.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "identitystore": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "identitystore.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "identitystore.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "identitystore.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "identitystore.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "identitystore.us-gov-west-1.amazonaws.com", - }, - }, - }, - "ingest.timestream": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ingest.timestream.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "ingest.timestream.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "inspector": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "inspector-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "inspector-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "inspector2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "inspector2-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "inspector2-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector2-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "inspector2-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "internetmonitor": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "internetmonitor.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "internetmonitor.us-gov-west-1.api.aws", - }, - }, - }, - "iot": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "iot-fips.us-gov-east-1.amazonaws.com", - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "iot-fips.us-gov-west-1.amazonaws.com", - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iot-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iot-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "iotevents": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "iotevents-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotevents-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "ioteventsdata": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "data.iotevents-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "data.iotevents.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "data.iotevents-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "iotsecuredtunneling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "api.tunneling.iot-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "iotsitewise": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "iotsitewise-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iotsitewise-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "iottwinmaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "api-us-gov-west-1", - }: endpoint{ - Hostname: "api.iottwinmaker.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "data-us-gov-west-1", - }: endpoint{ - Hostname: "data.iottwinmaker.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-api-us-gov-west-1", - }: endpoint{ - Hostname: "api.iottwinmaker-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-data-us-gov-west-1", - }: endpoint{ - Hostname: "data.iottwinmaker-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "iottwinmaker-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "iottwinmaker-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "kafka": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "kafka.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kafka.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "kafka.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "kafka.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kafka.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "kafka.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "kendra": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "kendra-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kendra-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "kendra-ranking": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "kendra-ranking.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "kendra-ranking.us-gov-west-1.api.aws", - }, - }, - }, - "kinesis": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "kinesis.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "kinesis.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "kinesis.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kinesis.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "kinesis.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kinesis.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "kinesisanalytics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "kinesisvideo": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "kinesisvideo-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "kinesisvideo-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "kinesisvideo-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kinesisvideo-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "kinesisvideo-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kinesisvideo-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "kms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ProdFips", - }: endpoint{ - Hostname: "kms-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "kms-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "kms-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "lakeformation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "lakeformation-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "lakeformation-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lakeformation.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lakeformation-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "lakeformation-fips.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lakeformation.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lakeformation-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "lakeformation-fips.us-gov-west-1.api.aws", - }, - }, - }, - "lambda": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "lambda-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "lambda-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lambda-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "lambda.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "lambda-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "license-manager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "license-manager-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "license-manager-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "license-manager-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "license-manager-linux-subscriptions": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "license-manager-user-subscriptions": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "logs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "logs.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "logs.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "logs.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "logs.us-gov-west-1.amazonaws.com", - }, - }, - }, - "m2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{}, - }, - }, - "managedblockchain": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "mediaconvert": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", - }, - }, - }, - "meetings-chime": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "meetings-chime-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "meetings-chime-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "meetings-chime-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "meetings-chime-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "metering.marketplace": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "aws-marketplace", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "metrics.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "mgn": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "mgn-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "mgn-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mgn-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mgn-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "models-v2-lex": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "models.lex": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "lex", - }, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "models-fips.lex.{region}.{dnsSuffix}", - CredentialScope: credentialScope{ - Service: "lex", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "models-fips.lex.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "models-fips.lex.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "monitoring": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "monitoring.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "monitoring.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "monitoring.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "monitoring.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "monitoring.us-gov-west-1.amazonaws.com", - }, - }, - }, - "mq": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "mq-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "mq-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mq-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "mq-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "neptune": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "rds.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "rds.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "network-firewall": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "network-firewall-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "network-firewall-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "network-firewall-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "network-firewall-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "networkmanager": service{ - PartitionEndpoint: "aws-us-gov-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-us-gov-global", - }: endpoint{ - Hostname: "networkmanager.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "aws-us-gov-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "networkmanager.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-aws-us-gov-global", - }: endpoint{ - Hostname: "networkmanager.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "oidc": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "oidc.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "oidc.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "organizations": service{ - PartitionEndpoint: "aws-us-gov-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-us-gov-global", - }: endpoint{ - Hostname: "organizations.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "aws-us-gov-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "organizations.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-aws-us-gov-global", - }: endpoint{ - Hostname: "organizations.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "outposts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "outposts.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "outposts.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "outposts.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "outposts.us-gov-west-1.amazonaws.com", - }, - }, - }, - "participant.connect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "participant.connect.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "participant.connect.us-gov-west-1.amazonaws.com", - }, - }, - }, - "pi": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "pi-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "pi-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.us-gov-east-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pi-fips.us-gov-east-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "pi-fips.us-gov-east-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "pi.us-gov-west-1.api.aws", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pi-fips.us-gov-west-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "pi-fips.us-gov-west-1.api.aws", - Protocols: []string{"https"}, - }, - }, - }, - "pinpoint": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "mobiletargeting", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "pinpoint-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "pinpoint.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "pinpoint-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "polly": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "polly-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "polly-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "portal.sso": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "portal.sso.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "portal.sso.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "qbusiness": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "qbusiness.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "qbusiness.us-gov-west-1.api.aws", - }, - }, - }, - "quicksight": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "api", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "ram": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "ram.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ram.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "ram.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "ram.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ram.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "ram.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "rbin": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "rbin-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "rbin-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "rds": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "rds.us-gov-east-1", - }: endpoint{ - Hostname: "rds.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-gov-west-1", - }: endpoint{ - Hostname: "rds.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "rds.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "rds.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "redshift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "redshift.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "redshift.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "rekognition": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "rekognition-fips.us-gov-west-1", - }: endpoint{ - Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-gov-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rekognition.us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "resiliencehub": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "resiliencehub-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "resiliencehub-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "resiliencehub-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "resiliencehub-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "resource-groups": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "resource-groups.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "resource-groups.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "resource-groups.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "resource-groups.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "resource-groups.us-gov-west-1.amazonaws.com", - }, - }, - }, - "robomaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "rolesanywhere": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "rolesanywhere-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "rolesanywhere-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rolesanywhere-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rolesanywhere-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "route53": service{ - PartitionEndpoint: "aws-us-gov-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-us-gov-global", - }: endpoint{ - Hostname: "route53.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "aws-us-gov-global", - Variant: fipsVariant, - }: endpoint{ - Hostname: "route53.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-aws-us-gov-global", - }: endpoint{ - Hostname: "route53.us-gov.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "route53resolver": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "route53resolver.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "route53resolver.us-gov-east-1.amazonaws.com", - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "route53resolver.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "route53resolver.us-gov-west-1.amazonaws.com", - - Deprecated: boxedTrue, - }, - }, - }, - "runtime-v2-lex": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "runtime.lex": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "lex", - }, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.lex.{region}.{dnsSuffix}", - CredentialScope: credentialScope{ - Service: "lex", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime-fips.lex.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "runtime-fips.lex.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "runtime.sagemaker": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime.sagemaker.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "runtime.sagemaker.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "runtime.sagemaker.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "s3": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SignatureVersions: []string{"s3", "s3v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - defaultKey{ - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "{service}-fips.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "s3-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "s3-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "s3.us-gov-east-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.us-gov-east-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-gov-east-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "s3.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3.dualstack.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, - }, - }, - }, - "s3-control": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - defaultKey{ - Variant: dualStackVariant, - }: endpoint{ - Hostname: "{service}.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - defaultKey{ - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "{service}-fips.dualstack.{region}.{dnsSuffix}", - DNSSuffix: "amazonaws.com", - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "s3-control.us-gov-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-gov-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-gov-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-gov-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-gov-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "s3-control.us-gov-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-gov-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-gov-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-gov-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-gov-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "s3-outposts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - }, - }, - "secretsmanager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - - Deprecated: boxedTrue, - }, - }, - }, - "securityhub": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "securityhub-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "securityhub-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securityhub-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securityhub-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "securitylake": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securitylake.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "securitylake.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "securitylake.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "securitylake.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "serverlessrepo": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "servicecatalog": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "servicecatalog-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "servicecatalog-appregistry": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicecatalog-appregistry.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "servicediscovery": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "servicediscovery", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "servicediscovery", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "servicediscovery-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "servicequotas": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicequotas.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "servicequotas.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "servicequotas.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicequotas.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicequotas.us-gov-west-1.amazonaws.com", - }, - }, - }, - "signer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "signer-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "signer-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-verification-us-gov-east-1", - }: endpoint{ - Hostname: "verification.signer-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "fips-verification-us-gov-west-1", - }: endpoint{ - Hostname: "verification.signer-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "signer-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "signer-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "verification-us-gov-east-1", - }: endpoint{ - Hostname: "verification.signer.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "verification-us-gov-west-1", - }: endpoint{ - Hostname: "verification.signer.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "simspaceweaver": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", - }, - }, - }, - "sms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "sms-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "sms-voice": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "sms-voice-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "sms-voice-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "snowball": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "snowball-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "snowball-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "snowball-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "sns": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "sns.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "sns.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sns.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sns.us-gov-west-1.amazonaws.com", - Protocols: []string{"https"}, - }, - }, - }, - "sqs": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "sqs.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "sqs.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "sqs.us-gov-west-1.amazonaws.com", - SSLCommonName: "{region}.queue.{dnsSuffix}", - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "ssm": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "ssm.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "ssm.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ssm.us-gov-west-1.amazonaws.com", - }, - }, - }, - "sso": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "sso.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sso.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "sso.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "sso.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sso.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "sso.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "states": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "states-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "states.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "states-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "states.us-gov-west-1.amazonaws.com", - }, - }, - }, - "storagegateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "streams.dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "dynamodb", - }, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "streams.dynamodb.{region}.{dnsSuffix}", - CredentialScope: credentialScope{ - Service: "dynamodb", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "streams.dynamodb.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "streams.dynamodb.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "streams.dynamodb.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "streams.dynamodb.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "sts": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "sts.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sts.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "sts.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sts.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "sts.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "support": service{ - PartitionEndpoint: "aws-us-gov-global", - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-us-gov-global", - }: endpoint{ - Hostname: "support.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "support.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "support.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "swf": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "swf.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "swf.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1-fips", - }: endpoint{ - Hostname: "swf.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "swf.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "swf.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "swf.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "synthetics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "synthetics-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "synthetics-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "synthetics-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "synthetics-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "tagging": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "textract": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "textract-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "textract-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "textract-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "textract-fips.us-gov-east-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "textract.us-gov-west-1.api.aws", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "textract-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "textract-fips.us-gov-west-1.api.aws", - }, - }, - }, - "transcribe": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "fips.transcribe.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "fips.transcribe.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fips.transcribe.us-gov-west-1.amazonaws.com", - }, - }, - }, - "transcribestreaming": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "transfer": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "transfer-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "transfer-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transfer-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "transfer-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "translate": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "translate-fips.us-gov-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1-fips", - }: endpoint{ - Hostname: "translate-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "verifiedpermissions": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "verifiedpermissions-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "waf-regional": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "waf-regional-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "waf-regional-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "waf-regional.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "waf-regional.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "waf-regional-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "wafv2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "wafv2-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "wafv2-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{ - Hostname: "wafv2.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{ - Hostname: "wafv2.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "wafv2-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - }, - }, - "wellarchitected": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - }, - }, - "workspaces": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "workspaces-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "workspaces-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "workspaces-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "workspaces-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - "xray": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-gov-east-1", - }: endpoint{ - Hostname: "xray-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-gov-west-1", - }: endpoint{ - Hostname: "xray-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-gov-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "xray-fips.us-gov-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-gov-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-gov-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "xray-fips.us-gov-west-1.amazonaws.com", - }, - }, - }, - }, -} - -// AwsIsoPartition returns the Resolver for AWS ISO (US). -func AwsIsoPartition() Partition { - return awsisoPartition.Partition() -} - -var awsisoPartition = partition{ - ID: "aws-iso", - Name: "AWS ISO (US)", - DNSSuffix: "c2s.ic.gov", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^us\\-iso\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "c2s.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - Regions: regions{ - "us-iso-east-1": region{ - Description: "US ISO East", - }, - "us-iso-west-1": region{ - Description: "US ISO WEST", - }, - }, - Services: services{ - "api.ecr": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Hostname: "api.ecr.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{ - Hostname: "api.ecr.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - }, - }, - }, - "api.pricing": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "pricing", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "api.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "apigateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "appconfig": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "appconfigdata": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "application-autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "arc-zonal-shift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "athena": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "autoscaling": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "cloudcontrolapi": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "cloudformation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "cloudtrail": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "codedeploy": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "comprehend": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "config": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "datapipeline": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "datasync": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-iso-east-1", - }: endpoint{ - Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-iso-west-1", - }: endpoint{ - Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", - }, - }, - }, - "directconnect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "dlm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "dms": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "dms", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dms", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dms-fips", - }: endpoint{ - Hostname: "dms.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.us-iso-east-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-east-1-fips", - }: endpoint{ - Hostname: "dms.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.us-iso-west-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-west-1-fips", - }: endpoint{ - Hostname: "dms.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "ds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "dynamodb": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "ebs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "ec2": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "ecs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "eks": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "elasticache": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "elasticfilesystem": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-iso-east-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-iso-west-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-iso-east-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-iso-west-1.c2s.ic.gov", - }, - }, - }, - "elasticloadbalancing": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "elasticmapreduce": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-iso-east-1", - }: endpoint{ - Hostname: "elasticmapreduce.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-iso-west-1", - }: endpoint{ - Hostname: "elasticmapreduce.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce.us-iso-east-1.c2s.ic.gov", - Protocols: []string{"https"}, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce.us-iso-west-1.c2s.ic.gov", - }, - }, - }, - "es": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "events": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "firehose": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "fsx": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-prod-us-iso-east-1", - }: endpoint{ - Hostname: "fsx-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-iso-east-1", - }: endpoint{ - Hostname: "fsx-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-iso-east-1", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "prod-us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "fsx-fips.us-iso-east-1.c2s.ic.gov", - }, - }, - }, - "glacier": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "glue": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "guardduty": service{ - IsRegionalized: boxedTrue, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "health": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "iam": service{ - PartitionEndpoint: "aws-iso-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-iso-global", - }: endpoint{ - Hostname: "iam.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - }, - }, - "kinesis": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "kms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ProdFips", - }: endpoint{ - Hostname: "kms-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-iso-east-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-east-1-fips", - }: endpoint{ - Hostname: "kms-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-iso-west-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-west-1-fips", - }: endpoint{ - Hostname: "kms-fips.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "lambda": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "license-manager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "logs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "medialive": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "mediapackage": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "metrics.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "monitoring": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "outposts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "ram": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "rbin": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-iso-east-1", - }: endpoint{ - Hostname: "rbin-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-iso-west-1", - }: endpoint{ - Hostname: "rbin-fips.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-iso-east-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-iso-west-1.c2s.ic.gov", - }, - }, - }, - "rds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "rds.us-iso-east-1", - }: endpoint{ - Hostname: "rds.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "rds.us-iso-west-1", - }: endpoint{ - Hostname: "rds.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds.us-iso-east-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-east-1-fips", - }: endpoint{ - Hostname: "rds.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds.us-iso-west-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-west-1-fips", - }: endpoint{ - Hostname: "rds.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "redshift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Hostname: "redshift.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{ - Hostname: "redshift.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - }, - }, - }, - "resource-groups": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "route53": service{ - PartitionEndpoint: "aws-iso-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-iso-global", - }: endpoint{ - Hostname: "route53.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - }, - }, - "route53resolver": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "runtime.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "s3": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-iso-east-1", - }: endpoint{ - Hostname: "s3-fips.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-iso-west-1", - }: endpoint{ - Hostname: "s3-fips.us-iso-west-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-iso-east-1.c2s.ic.gov", - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.us-iso-east-1.c2s.ic.gov", - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-iso-west-1.c2s.ic.gov", - }, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.us-iso-west-1.c2s.ic.gov", - }, - }, - }, - "s3-control": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Hostname: "s3-control.us-iso-east-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - endpointKey{ - Region: "us-iso-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-iso-east-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-iso-east-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-iso-east-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - endpointKey{ - Region: "us-iso-east-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-iso-east-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{ - Hostname: "s3-control.us-iso-west-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - }, - endpointKey{ - Region: "us-iso-west-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-iso-west-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - }, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-iso-west-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - }, - endpointKey{ - Region: "us-iso-west-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-iso-west-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - }, - endpointKey{ - Region: "us-iso-west-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-iso-west-1.c2s.ic.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-iso-west-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "s3-outposts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-iso-east-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-east-1", - Variant: fipsVariant, - }: endpoint{}, - }, - }, - "secretsmanager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "snowball": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "sns": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "sqs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{ - Protocols: []string{"http", "https"}, - }, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "ssm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "states": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "streams.dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "dynamodb", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "sts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "support": service{ - PartitionEndpoint: "aws-iso-global", - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-iso-global", - }: endpoint{ - Hostname: "support.us-iso-east-1.c2s.ic.gov", - CredentialScope: credentialScope{ - Region: "us-iso-east-1", - }, - }, - }, - }, - "swf": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "synthetics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "tagging": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - "textract": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "transcribe": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "transcribestreaming": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "translate": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - }, - }, - "workspaces": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-iso-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-iso-west-1", - }: endpoint{}, - }, - }, - }, -} - -// AwsIsoBPartition returns the Resolver for AWS ISOB (US). -func AwsIsoBPartition() Partition { - return awsisobPartition.Partition() -} - -var awsisobPartition = partition{ - ID: "aws-iso-b", - Name: "AWS ISOB (US)", - DNSSuffix: "sc2s.sgov.gov", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^us\\-isob\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "sc2s.sgov.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - Regions: regions{ - "us-isob-east-1": region{ - Description: "US ISOB East (Ohio)", - }, - }, - Services: services{ - "api.ecr": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{ - Hostname: "api.ecr.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - }, - }, - "api.pricing": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "pricing", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "api.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "apigateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "appconfig": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "appconfigdata": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "application-autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "arc-zonal-shift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "cloudcontrolapi": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "cloudformation": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "cloudtrail": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "codedeploy": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "config": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "directconnect": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "dlm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "dms": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{}, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.{region}.{dnsSuffix}", - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "dms", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dms", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "dms-fips", - }: endpoint{ - Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", - }, - endpointKey{ - Region: "us-isob-east-1-fips", - }: endpoint{ - Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "ds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "ebs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "ec2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "ecs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "eks": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "elasticache": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "elasticfilesystem": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-isob-east-1", - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticfilesystem-fips.us-isob-east-1.sc2s.sgov.gov", - }, - }, - }, - "elasticloadbalancing": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{ - Protocols: []string{"https"}, - }, - }, - }, - "elasticmapreduce": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-isob-east-1", - }: endpoint{ - Hostname: "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", - }, - }, - }, - "es": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "events": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "firehose": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "glacier": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "health": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "iam": service{ - PartitionEndpoint: "aws-iso-b-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-iso-b-global", - }: endpoint{ - Hostname: "iam.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - }, - }, - "kinesis": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "kms": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ProdFips", - }: endpoint{ - Hostname: "kms-fips.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "kms-fips.us-isob-east-1.sc2s.sgov.gov", - }, - endpointKey{ - Region: "us-isob-east-1-fips", - }: endpoint{ - Hostname: "kms-fips.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "lambda": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "license-manager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "logs": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "medialive": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "mediapackage": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "metering.marketplace": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "aws-marketplace", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "metrics.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "monitoring": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "outposts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "ram": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "rbin": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-isob-east-1", - }: endpoint{ - Hostname: "rbin-fips.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rbin-fips.us-isob-east-1.sc2s.sgov.gov", - }, - }, - }, - "rds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "rds.us-isob-east-1", - }: endpoint{ - Hostname: "rds.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "rds.us-isob-east-1.sc2s.sgov.gov", - }, - endpointKey{ - Region: "us-isob-east-1-fips", - }: endpoint{ - Hostname: "rds.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "redshift": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{ - Hostname: "redshift.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - }, - }, - "resource-groups": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "route53": service{ - PartitionEndpoint: "aws-iso-b-global", - IsRegionalized: boxedFalse, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-iso-b-global", - }: endpoint{ - Hostname: "route53.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - }, - }, - "route53resolver": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "runtime.sagemaker": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "s3": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-isob-east-1", - }: endpoint{ - Hostname: "s3-fips.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-fips.us-isob-east-1.sc2s.sgov.gov", - }, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-fips.dualstack.us-isob-east-1.sc2s.sgov.gov", - }, - }, - }, - "s3-control": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{ - Hostname: "s3-control.us-isob-east-1.sc2s.sgov.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - endpointKey{ - Region: "us-isob-east-1", - Variant: dualStackVariant, - }: endpoint{ - Hostname: "s3-control.dualstack.us-isob-east-1.sc2s.sgov.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "s3-control-fips.us-isob-east-1.sc2s.sgov.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant | dualStackVariant, - }: endpoint{ - Hostname: "s3-control-fips.dualstack.us-isob-east-1.sc2s.sgov.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - endpointKey{ - Region: "us-isob-east-1-fips", - }: endpoint{ - Hostname: "s3-control-fips.us-isob-east-1.sc2s.sgov.gov", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "s3-outposts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-isob-east-1", - }: endpoint{ - - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{}, - }, - }, - "secretsmanager": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "snowball": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "sns": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "sqs": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - SSLCommonName: "{region}.queue.{dnsSuffix}", - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "ssm": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "states": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "storagegateway": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-isob-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", - }, - endpointKey{ - Region: "us-isob-east-1-fips", - }: endpoint{ - Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - Deprecated: boxedTrue, - }, - }, - }, - "streams.dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "dynamodb", - }, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "sts": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "support": service{ - PartitionEndpoint: "aws-iso-b-global", - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "aws-iso-b-global", - }: endpoint{ - Hostname: "support.us-isob-east-1.sc2s.sgov.gov", - CredentialScope: credentialScope{ - Region: "us-isob-east-1", - }, - }, - }, - }, - "swf": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "synthetics": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "tagging": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - "workspaces": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "us-isob-east-1", - }: endpoint{}, - }, - }, - }, -} - -// AwsIsoEPartition returns the Resolver for AWS ISOE (Europe). -func AwsIsoEPartition() Partition { - return awsisoePartition.Partition() -} - -var awsisoePartition = partition{ - ID: "aws-iso-e", - Name: "AWS ISOE (Europe)", - DNSSuffix: "cloud.adc-e.uk", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^eu\\-isoe\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "cloud.adc-e.uk", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - Regions: regions{ - "eu-isoe-west-1": region{ - Description: "EU ISOE West", - }, - }, - Services: services{}, -} - -// AwsIsoFPartition returns the Resolver for AWS ISOF. -func AwsIsoFPartition() Partition { - return awsisofPartition.Partition() -} - -var awsisofPartition = partition{ - ID: "aws-iso-f", - Name: "AWS ISOF", - DNSSuffix: "csp.hci.ic.gov", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^us\\-isof\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "csp.hci.ic.gov", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - }, - Regions: regions{}, - Services: services{}, -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/dep_service_ids.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/dep_service_ids.go deleted file mode 100644 index ca8fc828..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/dep_service_ids.go +++ /dev/null @@ -1,141 +0,0 @@ -package endpoints - -// Service identifiers -// -// Deprecated: Use client package's EndpointsID value instead of these -// ServiceIDs. These IDs are not maintained, and are out of date. -const ( - A4bServiceID = "a4b" // A4b. - AcmServiceID = "acm" // Acm. - AcmPcaServiceID = "acm-pca" // AcmPca. - ApiMediatailorServiceID = "api.mediatailor" // ApiMediatailor. - ApiPricingServiceID = "api.pricing" // ApiPricing. - ApiSagemakerServiceID = "api.sagemaker" // ApiSagemaker. - ApigatewayServiceID = "apigateway" // Apigateway. - ApplicationAutoscalingServiceID = "application-autoscaling" // ApplicationAutoscaling. - Appstream2ServiceID = "appstream2" // Appstream2. - AppsyncServiceID = "appsync" // Appsync. - AthenaServiceID = "athena" // Athena. - AutoscalingServiceID = "autoscaling" // Autoscaling. - AutoscalingPlansServiceID = "autoscaling-plans" // AutoscalingPlans. - BatchServiceID = "batch" // Batch. - BudgetsServiceID = "budgets" // Budgets. - CeServiceID = "ce" // Ce. - ChimeServiceID = "chime" // Chime. - Cloud9ServiceID = "cloud9" // Cloud9. - ClouddirectoryServiceID = "clouddirectory" // Clouddirectory. - CloudformationServiceID = "cloudformation" // Cloudformation. - CloudfrontServiceID = "cloudfront" // Cloudfront. - CloudhsmServiceID = "cloudhsm" // Cloudhsm. - Cloudhsmv2ServiceID = "cloudhsmv2" // Cloudhsmv2. - CloudsearchServiceID = "cloudsearch" // Cloudsearch. - CloudtrailServiceID = "cloudtrail" // Cloudtrail. - CodebuildServiceID = "codebuild" // Codebuild. - CodecommitServiceID = "codecommit" // Codecommit. - CodedeployServiceID = "codedeploy" // Codedeploy. - CodepipelineServiceID = "codepipeline" // Codepipeline. - CodestarServiceID = "codestar" // Codestar. - CognitoIdentityServiceID = "cognito-identity" // CognitoIdentity. - CognitoIdpServiceID = "cognito-idp" // CognitoIdp. - CognitoSyncServiceID = "cognito-sync" // CognitoSync. - ComprehendServiceID = "comprehend" // Comprehend. - ConfigServiceID = "config" // Config. - CurServiceID = "cur" // Cur. - DatapipelineServiceID = "datapipeline" // Datapipeline. - DaxServiceID = "dax" // Dax. - DevicefarmServiceID = "devicefarm" // Devicefarm. - DirectconnectServiceID = "directconnect" // Directconnect. - DiscoveryServiceID = "discovery" // Discovery. - DmsServiceID = "dms" // Dms. - DsServiceID = "ds" // Ds. - DynamodbServiceID = "dynamodb" // Dynamodb. - Ec2ServiceID = "ec2" // Ec2. - Ec2metadataServiceID = "ec2metadata" // Ec2metadata. - EcrServiceID = "ecr" // Ecr. - EcsServiceID = "ecs" // Ecs. - ElasticacheServiceID = "elasticache" // Elasticache. - ElasticbeanstalkServiceID = "elasticbeanstalk" // Elasticbeanstalk. - ElasticfilesystemServiceID = "elasticfilesystem" // Elasticfilesystem. - ElasticloadbalancingServiceID = "elasticloadbalancing" // Elasticloadbalancing. - ElasticmapreduceServiceID = "elasticmapreduce" // Elasticmapreduce. - ElastictranscoderServiceID = "elastictranscoder" // Elastictranscoder. - EmailServiceID = "email" // Email. - EntitlementMarketplaceServiceID = "entitlement.marketplace" // EntitlementMarketplace. - EsServiceID = "es" // Es. - EventsServiceID = "events" // Events. - FirehoseServiceID = "firehose" // Firehose. - FmsServiceID = "fms" // Fms. - GameliftServiceID = "gamelift" // Gamelift. - GlacierServiceID = "glacier" // Glacier. - GlueServiceID = "glue" // Glue. - GreengrassServiceID = "greengrass" // Greengrass. - GuarddutyServiceID = "guardduty" // Guardduty. - HealthServiceID = "health" // Health. - IamServiceID = "iam" // Iam. - ImportexportServiceID = "importexport" // Importexport. - InspectorServiceID = "inspector" // Inspector. - IotServiceID = "iot" // Iot. - IotanalyticsServiceID = "iotanalytics" // Iotanalytics. - KinesisServiceID = "kinesis" // Kinesis. - KinesisanalyticsServiceID = "kinesisanalytics" // Kinesisanalytics. - KinesisvideoServiceID = "kinesisvideo" // Kinesisvideo. - KmsServiceID = "kms" // Kms. - LambdaServiceID = "lambda" // Lambda. - LightsailServiceID = "lightsail" // Lightsail. - LogsServiceID = "logs" // Logs. - MachinelearningServiceID = "machinelearning" // Machinelearning. - MarketplacecommerceanalyticsServiceID = "marketplacecommerceanalytics" // Marketplacecommerceanalytics. - MediaconvertServiceID = "mediaconvert" // Mediaconvert. - MedialiveServiceID = "medialive" // Medialive. - MediapackageServiceID = "mediapackage" // Mediapackage. - MediastoreServiceID = "mediastore" // Mediastore. - MeteringMarketplaceServiceID = "metering.marketplace" // MeteringMarketplace. - MghServiceID = "mgh" // Mgh. - MobileanalyticsServiceID = "mobileanalytics" // Mobileanalytics. - ModelsLexServiceID = "models.lex" // ModelsLex. - MonitoringServiceID = "monitoring" // Monitoring. - MturkRequesterServiceID = "mturk-requester" // MturkRequester. - NeptuneServiceID = "neptune" // Neptune. - OpsworksServiceID = "opsworks" // Opsworks. - OpsworksCmServiceID = "opsworks-cm" // OpsworksCm. - OrganizationsServiceID = "organizations" // Organizations. - PinpointServiceID = "pinpoint" // Pinpoint. - PollyServiceID = "polly" // Polly. - RdsServiceID = "rds" // Rds. - RedshiftServiceID = "redshift" // Redshift. - RekognitionServiceID = "rekognition" // Rekognition. - ResourceGroupsServiceID = "resource-groups" // ResourceGroups. - Route53ServiceID = "route53" // Route53. - Route53domainsServiceID = "route53domains" // Route53domains. - RuntimeLexServiceID = "runtime.lex" // RuntimeLex. - RuntimeSagemakerServiceID = "runtime.sagemaker" // RuntimeSagemaker. - S3ServiceID = "s3" // S3. - S3ControlServiceID = "s3-control" // S3Control. - SagemakerServiceID = "api.sagemaker" // Sagemaker. - SdbServiceID = "sdb" // Sdb. - SecretsmanagerServiceID = "secretsmanager" // Secretsmanager. - ServerlessrepoServiceID = "serverlessrepo" // Serverlessrepo. - ServicecatalogServiceID = "servicecatalog" // Servicecatalog. - ServicediscoveryServiceID = "servicediscovery" // Servicediscovery. - ShieldServiceID = "shield" // Shield. - SmsServiceID = "sms" // Sms. - SnowballServiceID = "snowball" // Snowball. - SnsServiceID = "sns" // Sns. - SqsServiceID = "sqs" // Sqs. - SsmServiceID = "ssm" // Ssm. - StatesServiceID = "states" // States. - StoragegatewayServiceID = "storagegateway" // Storagegateway. - StreamsDynamodbServiceID = "streams.dynamodb" // StreamsDynamodb. - StsServiceID = "sts" // Sts. - SupportServiceID = "support" // Support. - SwfServiceID = "swf" // Swf. - TaggingServiceID = "tagging" // Tagging. - TransferServiceID = "transfer" // Transfer. - TranslateServiceID = "translate" // Translate. - WafServiceID = "waf" // Waf. - WafRegionalServiceID = "waf-regional" // WafRegional. - WorkdocsServiceID = "workdocs" // Workdocs. - WorkmailServiceID = "workmail" // Workmail. - WorkspacesServiceID = "workspaces" // Workspaces. - XrayServiceID = "xray" // Xray. -) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/doc.go deleted file mode 100644 index 66dec6be..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/doc.go +++ /dev/null @@ -1,65 +0,0 @@ -// Package endpoints provides the types and functionality for defining regions -// and endpoints, as well as querying those definitions. -// -// The SDK's Regions and Endpoints metadata is code generated into the endpoints -// package, and is accessible via the DefaultResolver function. This function -// returns a endpoint Resolver will search the metadata and build an associated -// endpoint if one is found. The default resolver will search all partitions -// known by the SDK. e.g AWS Standard (aws), AWS China (aws-cn), and -// AWS GovCloud (US) (aws-us-gov). -// . -// -// # Enumerating Regions and Endpoint Metadata -// -// Casting the Resolver returned by DefaultResolver to a EnumPartitions interface -// will allow you to get access to the list of underlying Partitions with the -// Partitions method. This is helpful if you want to limit the SDK's endpoint -// resolving to a single partition, or enumerate regions, services, and endpoints -// in the partition. -// -// resolver := endpoints.DefaultResolver() -// partitions := resolver.(endpoints.EnumPartitions).Partitions() -// -// for _, p := range partitions { -// fmt.Println("Regions for", p.ID()) -// for id, _ := range p.Regions() { -// fmt.Println("*", id) -// } -// -// fmt.Println("Services for", p.ID()) -// for id, _ := range p.Services() { -// fmt.Println("*", id) -// } -// } -// -// # Using Custom Endpoints -// -// The endpoints package also gives you the ability to use your own logic how -// endpoints are resolved. This is a great way to define a custom endpoint -// for select services, without passing that logic down through your code. -// -// If a type implements the Resolver interface it can be used to resolve -// endpoints. To use this with the SDK's Session and Config set the value -// of the type to the EndpointsResolver field of aws.Config when initializing -// the session, or service client. -// -// In addition the ResolverFunc is a wrapper for a func matching the signature -// of Resolver.EndpointFor, converting it to a type that satisfies the -// Resolver interface. -// -// myCustomResolver := func(service, region string, optFns ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) { -// if service == endpoints.S3ServiceID { -// return endpoints.ResolvedEndpoint{ -// URL: "s3.custom.endpoint.com", -// SigningRegion: "custom-signing-region", -// }, nil -// } -// -// return endpoints.DefaultResolver().EndpointFor(service, region, optFns...) -// } -// -// sess := session.Must(session.NewSession(&aws.Config{ -// Region: aws.String("us-west-2"), -// EndpointResolver: endpoints.ResolverFunc(myCustomResolver), -// })) -package endpoints diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go deleted file mode 100644 index a686a48f..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go +++ /dev/null @@ -1,708 +0,0 @@ -package endpoints - -import ( - "fmt" - "regexp" - "strings" - - "github.com/aws/aws-sdk-go/aws/awserr" -) - -// A Logger is a minimalistic interface for the SDK to log messages to. -type Logger interface { - Log(...interface{}) -} - -// DualStackEndpointState is a constant to describe the dual-stack endpoint resolution -// behavior. -type DualStackEndpointState uint - -const ( - // DualStackEndpointStateUnset is the default value behavior for dual-stack endpoint - // resolution. - DualStackEndpointStateUnset DualStackEndpointState = iota - - // DualStackEndpointStateEnabled enable dual-stack endpoint resolution for endpoints. - DualStackEndpointStateEnabled - - // DualStackEndpointStateDisabled disables dual-stack endpoint resolution for endpoints. - DualStackEndpointStateDisabled -) - -// FIPSEndpointState is a constant to describe the FIPS endpoint resolution behavior. -type FIPSEndpointState uint - -const ( - // FIPSEndpointStateUnset is the default value behavior for FIPS endpoint resolution. - FIPSEndpointStateUnset FIPSEndpointState = iota - - // FIPSEndpointStateEnabled enables FIPS endpoint resolution for service endpoints. - FIPSEndpointStateEnabled - - // FIPSEndpointStateDisabled disables FIPS endpoint resolution for endpoints. - FIPSEndpointStateDisabled -) - -// Options provide the configuration needed to direct how the -// endpoints will be resolved. -type Options struct { - // DisableSSL forces the endpoint to be resolved as HTTP. - // instead of HTTPS if the service supports it. - DisableSSL bool - - // Sets the resolver to resolve the endpoint as a dualstack endpoint - // for the service. If dualstack support for a service is not known and - // StrictMatching is not enabled a dualstack endpoint for the service will - // be returned. This endpoint may not be valid. If StrictMatching is - // enabled only services that are known to support dualstack will return - // dualstack endpoints. - // - // Deprecated: This option will continue to function for S3 and S3 Control for backwards compatibility. - // UseDualStackEndpoint should be used to enable usage of a service's dual-stack endpoint for all service clients - // moving forward. For S3 and S3 Control, when UseDualStackEndpoint is set to a non-zero value it takes higher - // precedence then this option. - UseDualStack bool - - // Sets the resolver to resolve a dual-stack endpoint for the service. - UseDualStackEndpoint DualStackEndpointState - - // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. - UseFIPSEndpoint FIPSEndpointState - - // Enables strict matching of services and regions resolved endpoints. - // If the partition doesn't enumerate the exact service and region an - // error will be returned. This option will prevent returning endpoints - // that look valid, but may not resolve to any real endpoint. - StrictMatching bool - - // Enables resolving a service endpoint based on the region provided if the - // service does not exist. The service endpoint ID will be used as the service - // domain name prefix. By default the endpoint resolver requires the service - // to be known when resolving endpoints. - // - // If resolving an endpoint on the partition list the provided region will - // be used to determine which partition's domain name pattern to the service - // endpoint ID with. If both the service and region are unknown and resolving - // the endpoint on partition list an UnknownEndpointError error will be returned. - // - // If resolving and endpoint on a partition specific resolver that partition's - // domain name pattern will be used with the service endpoint ID. If both - // region and service do not exist when resolving an endpoint on a specific - // partition the partition's domain pattern will be used to combine the - // endpoint and region together. - // - // This option is ignored if StrictMatching is enabled. - ResolveUnknownService bool - - // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) - EC2MetadataEndpointMode EC2IMDSEndpointModeState - - // STS Regional Endpoint flag helps with resolving the STS endpoint - STSRegionalEndpoint STSRegionalEndpoint - - // S3 Regional Endpoint flag helps with resolving the S3 endpoint - S3UsEast1RegionalEndpoint S3UsEast1RegionalEndpoint - - // ResolvedRegion is the resolved region string. If provided (non-zero length) it takes priority - // over the region name passed to the ResolveEndpoint call. - ResolvedRegion string - - // Logger is the logger that will be used to log messages. - Logger Logger - - // Determines whether logging of deprecated endpoints usage is enabled. - LogDeprecated bool -} - -func (o Options) getEndpointVariant(service string) (v endpointVariant) { - const s3 = "s3" - const s3Control = "s3-control" - - if (o.UseDualStackEndpoint == DualStackEndpointStateEnabled) || - ((service == s3 || service == s3Control) && (o.UseDualStackEndpoint == DualStackEndpointStateUnset && o.UseDualStack)) { - v |= dualStackVariant - } - if o.UseFIPSEndpoint == FIPSEndpointStateEnabled { - v |= fipsVariant - } - return v -} - -// EC2IMDSEndpointModeState is an enum configuration variable describing the client endpoint mode. -type EC2IMDSEndpointModeState uint - -// Enumeration values for EC2IMDSEndpointModeState -const ( - EC2IMDSEndpointModeStateUnset EC2IMDSEndpointModeState = iota - EC2IMDSEndpointModeStateIPv4 - EC2IMDSEndpointModeStateIPv6 -) - -// SetFromString sets the EC2IMDSEndpointModeState based on the provided string value. Unknown values will default to EC2IMDSEndpointModeStateUnset -func (e *EC2IMDSEndpointModeState) SetFromString(v string) error { - v = strings.TrimSpace(v) - - switch { - case len(v) == 0: - *e = EC2IMDSEndpointModeStateUnset - case strings.EqualFold(v, "IPv6"): - *e = EC2IMDSEndpointModeStateIPv6 - case strings.EqualFold(v, "IPv4"): - *e = EC2IMDSEndpointModeStateIPv4 - default: - return fmt.Errorf("unknown EC2 IMDS endpoint mode, must be either IPv6 or IPv4") - } - return nil -} - -// STSRegionalEndpoint is an enum for the states of the STS Regional Endpoint -// options. -type STSRegionalEndpoint int - -func (e STSRegionalEndpoint) String() string { - switch e { - case LegacySTSEndpoint: - return "legacy" - case RegionalSTSEndpoint: - return "regional" - case UnsetSTSEndpoint: - return "" - default: - return "unknown" - } -} - -const ( - - // UnsetSTSEndpoint represents that STS Regional Endpoint flag is not specified. - UnsetSTSEndpoint STSRegionalEndpoint = iota - - // LegacySTSEndpoint represents when STS Regional Endpoint flag is specified - // to use legacy endpoints. - LegacySTSEndpoint - - // RegionalSTSEndpoint represents when STS Regional Endpoint flag is specified - // to use regional endpoints. - RegionalSTSEndpoint -) - -// GetSTSRegionalEndpoint function returns the STSRegionalEndpointFlag based -// on the input string provided in env config or shared config by the user. -// -// `legacy`, `regional` are the only case-insensitive valid strings for -// resolving the STS regional Endpoint flag. -func GetSTSRegionalEndpoint(s string) (STSRegionalEndpoint, error) { - switch { - case strings.EqualFold(s, "legacy"): - return LegacySTSEndpoint, nil - case strings.EqualFold(s, "regional"): - return RegionalSTSEndpoint, nil - default: - return UnsetSTSEndpoint, fmt.Errorf("unable to resolve the value of STSRegionalEndpoint for %v", s) - } -} - -// S3UsEast1RegionalEndpoint is an enum for the states of the S3 us-east-1 -// Regional Endpoint options. -type S3UsEast1RegionalEndpoint int - -func (e S3UsEast1RegionalEndpoint) String() string { - switch e { - case LegacyS3UsEast1Endpoint: - return "legacy" - case RegionalS3UsEast1Endpoint: - return "regional" - case UnsetS3UsEast1Endpoint: - return "" - default: - return "unknown" - } -} - -const ( - - // UnsetS3UsEast1Endpoint represents that S3 Regional Endpoint flag is not - // specified. - UnsetS3UsEast1Endpoint S3UsEast1RegionalEndpoint = iota - - // LegacyS3UsEast1Endpoint represents when S3 Regional Endpoint flag is - // specified to use legacy endpoints. - LegacyS3UsEast1Endpoint - - // RegionalS3UsEast1Endpoint represents when S3 Regional Endpoint flag is - // specified to use regional endpoints. - RegionalS3UsEast1Endpoint -) - -// GetS3UsEast1RegionalEndpoint function returns the S3UsEast1RegionalEndpointFlag based -// on the input string provided in env config or shared config by the user. -// -// `legacy`, `regional` are the only case-insensitive valid strings for -// resolving the S3 regional Endpoint flag. -func GetS3UsEast1RegionalEndpoint(s string) (S3UsEast1RegionalEndpoint, error) { - switch { - case strings.EqualFold(s, "legacy"): - return LegacyS3UsEast1Endpoint, nil - case strings.EqualFold(s, "regional"): - return RegionalS3UsEast1Endpoint, nil - default: - return UnsetS3UsEast1Endpoint, - fmt.Errorf("unable to resolve the value of S3UsEast1RegionalEndpoint for %v", s) - } -} - -// Set combines all of the option functions together. -func (o *Options) Set(optFns ...func(*Options)) { - for _, fn := range optFns { - fn(o) - } -} - -// DisableSSLOption sets the DisableSSL options. Can be used as a functional -// option when resolving endpoints. -func DisableSSLOption(o *Options) { - o.DisableSSL = true -} - -// UseDualStackOption sets the UseDualStack option. Can be used as a functional -// option when resolving endpoints. -// -// Deprecated: UseDualStackEndpointOption should be used to enable usage of a service's dual-stack endpoint. -// When DualStackEndpointState is set to a non-zero value it takes higher precedence then this option. -func UseDualStackOption(o *Options) { - o.UseDualStack = true -} - -// UseDualStackEndpointOption sets the UseDualStackEndpoint option to enabled. Can be used as a functional -// option when resolving endpoints. -func UseDualStackEndpointOption(o *Options) { - o.UseDualStackEndpoint = DualStackEndpointStateEnabled -} - -// UseFIPSEndpointOption sets the UseFIPSEndpoint option to enabled. Can be used as a functional -// option when resolving endpoints. -func UseFIPSEndpointOption(o *Options) { - o.UseFIPSEndpoint = FIPSEndpointStateEnabled -} - -// StrictMatchingOption sets the StrictMatching option. Can be used as a functional -// option when resolving endpoints. -func StrictMatchingOption(o *Options) { - o.StrictMatching = true -} - -// ResolveUnknownServiceOption sets the ResolveUnknownService option. Can be used -// as a functional option when resolving endpoints. -func ResolveUnknownServiceOption(o *Options) { - o.ResolveUnknownService = true -} - -// STSRegionalEndpointOption enables the STS endpoint resolver behavior to resolve -// STS endpoint to their regional endpoint, instead of the global endpoint. -func STSRegionalEndpointOption(o *Options) { - o.STSRegionalEndpoint = RegionalSTSEndpoint -} - -// A Resolver provides the interface for functionality to resolve endpoints. -// The build in Partition and DefaultResolver return value satisfy this interface. -type Resolver interface { - EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) -} - -// ResolverFunc is a helper utility that wraps a function so it satisfies the -// Resolver interface. This is useful when you want to add additional endpoint -// resolving logic, or stub out specific endpoints with custom values. -type ResolverFunc func(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) - -// EndpointFor wraps the ResolverFunc function to satisfy the Resolver interface. -func (fn ResolverFunc) EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) { - return fn(service, region, opts...) -} - -var schemeRE = regexp.MustCompile("^([^:]+)://") - -// AddScheme adds the HTTP or HTTPS schemes to a endpoint URL if there is no -// scheme. If disableSSL is true HTTP will set HTTP instead of the default HTTPS. -// -// If disableSSL is set, it will only set the URL's scheme if the URL does not -// contain a scheme. -func AddScheme(endpoint string, disableSSL bool) string { - if !schemeRE.MatchString(endpoint) { - scheme := "https" - if disableSSL { - scheme = "http" - } - endpoint = fmt.Sprintf("%s://%s", scheme, endpoint) - } - - return endpoint -} - -// EnumPartitions a provides a way to retrieve the underlying partitions that -// make up the SDK's default Resolver, or any resolver decoded from a model -// file. -// -// Use this interface with DefaultResolver and DecodeModels to get the list of -// Partitions. -type EnumPartitions interface { - Partitions() []Partition -} - -// RegionsForService returns a map of regions for the partition and service. -// If either the partition or service does not exist false will be returned -// as the second parameter. -// -// This example shows how to get the regions for DynamoDB in the AWS partition. -// -// rs, exists := endpoints.RegionsForService(endpoints.DefaultPartitions(), endpoints.AwsPartitionID, endpoints.DynamodbServiceID) -// -// This is equivalent to using the partition directly. -// -// rs := endpoints.AwsPartition().Services()[endpoints.DynamodbServiceID].Regions() -func RegionsForService(ps []Partition, partitionID, serviceID string) (map[string]Region, bool) { - for _, p := range ps { - if p.ID() != partitionID { - continue - } - if _, ok := p.p.Services[serviceID]; !(ok || serviceID == Ec2metadataServiceID) { - break - } - - s := Service{ - id: serviceID, - p: p.p, - } - return s.Regions(), true - } - - return map[string]Region{}, false -} - -// PartitionForRegion returns the first partition which includes the region -// passed in. This includes both known regions and regions which match -// a pattern supported by the partition which may include regions that are -// not explicitly known by the partition. Use the Regions method of the -// returned Partition if explicit support is needed. -func PartitionForRegion(ps []Partition, regionID string) (Partition, bool) { - for _, p := range ps { - if _, ok := p.p.Regions[regionID]; ok || p.p.RegionRegex.MatchString(regionID) { - return p, true - } - } - - return Partition{}, false -} - -// A Partition provides the ability to enumerate the partition's regions -// and services. -type Partition struct { - id, dnsSuffix string - p *partition -} - -// DNSSuffix returns the base domain name of the partition. -func (p Partition) DNSSuffix() string { return p.dnsSuffix } - -// ID returns the identifier of the partition. -func (p Partition) ID() string { return p.id } - -// EndpointFor attempts to resolve the endpoint based on service and region. -// See Options for information on configuring how the endpoint is resolved. -// -// If the service cannot be found in the metadata the UnknownServiceError -// error will be returned. This validation will occur regardless if -// StrictMatching is enabled. To enable resolving unknown services set the -// "ResolveUnknownService" option to true. When StrictMatching is disabled -// this option allows the partition resolver to resolve a endpoint based on -// the service endpoint ID provided. -// -// When resolving endpoints you can choose to enable StrictMatching. This will -// require the provided service and region to be known by the partition. -// If the endpoint cannot be strictly resolved an error will be returned. This -// mode is useful to ensure the endpoint resolved is valid. Without -// StrictMatching enabled the endpoint returned may look valid but may not work. -// StrictMatching requires the SDK to be updated if you want to take advantage -// of new regions and services expansions. -// -// Errors that can be returned. -// - UnknownServiceError -// - UnknownEndpointError -func (p Partition) EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) { - return p.p.EndpointFor(service, region, opts...) -} - -// Regions returns a map of Regions indexed by their ID. This is useful for -// enumerating over the regions in a partition. -func (p Partition) Regions() map[string]Region { - rs := make(map[string]Region, len(p.p.Regions)) - for id, r := range p.p.Regions { - rs[id] = Region{ - id: id, - desc: r.Description, - p: p.p, - } - } - - return rs -} - -// Services returns a map of Service indexed by their ID. This is useful for -// enumerating over the services in a partition. -func (p Partition) Services() map[string]Service { - ss := make(map[string]Service, len(p.p.Services)) - - for id := range p.p.Services { - ss[id] = Service{ - id: id, - p: p.p, - } - } - - // Since we have removed the customization that injected this into the model - // we still need to pretend that this is a modeled service. - if _, ok := ss[Ec2metadataServiceID]; !ok { - ss[Ec2metadataServiceID] = Service{ - id: Ec2metadataServiceID, - p: p.p, - } - } - - return ss -} - -// A Region provides information about a region, and ability to resolve an -// endpoint from the context of a region, given a service. -type Region struct { - id, desc string - p *partition -} - -// ID returns the region's identifier. -func (r Region) ID() string { return r.id } - -// Description returns the region's description. The region description -// is free text, it can be empty, and it may change between SDK releases. -func (r Region) Description() string { return r.desc } - -// ResolveEndpoint resolves an endpoint from the context of the region given -// a service. See Partition.EndpointFor for usage and errors that can be returned. -func (r Region) ResolveEndpoint(service string, opts ...func(*Options)) (ResolvedEndpoint, error) { - return r.p.EndpointFor(service, r.id, opts...) -} - -// Services returns a list of all services that are known to be in this region. -func (r Region) Services() map[string]Service { - ss := map[string]Service{} - for id, s := range r.p.Services { - if _, ok := s.Endpoints[endpointKey{Region: r.id}]; ok { - ss[id] = Service{ - id: id, - p: r.p, - } - } - } - - return ss -} - -// A Service provides information about a service, and ability to resolve an -// endpoint from the context of a service, given a region. -type Service struct { - id string - p *partition -} - -// ID returns the identifier for the service. -func (s Service) ID() string { return s.id } - -// ResolveEndpoint resolves an endpoint from the context of a service given -// a region. See Partition.EndpointFor for usage and errors that can be returned. -func (s Service) ResolveEndpoint(region string, opts ...func(*Options)) (ResolvedEndpoint, error) { - return s.p.EndpointFor(s.id, region, opts...) -} - -// Regions returns a map of Regions that the service is present in. -// -// A region is the AWS region the service exists in. Whereas a Endpoint is -// an URL that can be resolved to a instance of a service. -func (s Service) Regions() map[string]Region { - rs := map[string]Region{} - - service, ok := s.p.Services[s.id] - - // Since ec2metadata customization has been removed we need to check - // if it was defined in non-standard endpoints.json file. If it's not - // then we can return the empty map as there is no regional-endpoints for IMDS. - // Otherwise, we iterate need to iterate the non-standard model. - if s.id == Ec2metadataServiceID && !ok { - return rs - } - - for id := range service.Endpoints { - if id.Variant != 0 { - continue - } - if r, ok := s.p.Regions[id.Region]; ok { - rs[id.Region] = Region{ - id: id.Region, - desc: r.Description, - p: s.p, - } - } - } - - return rs -} - -// Endpoints returns a map of Endpoints indexed by their ID for all known -// endpoints for a service. -// -// A region is the AWS region the service exists in. Whereas a Endpoint is -// an URL that can be resolved to a instance of a service. -func (s Service) Endpoints() map[string]Endpoint { - es := make(map[string]Endpoint, len(s.p.Services[s.id].Endpoints)) - for id := range s.p.Services[s.id].Endpoints { - if id.Variant != 0 { - continue - } - es[id.Region] = Endpoint{ - id: id.Region, - serviceID: s.id, - p: s.p, - } - } - - return es -} - -// A Endpoint provides information about endpoints, and provides the ability -// to resolve that endpoint for the service, and the region the endpoint -// represents. -type Endpoint struct { - id string - serviceID string - p *partition -} - -// ID returns the identifier for an endpoint. -func (e Endpoint) ID() string { return e.id } - -// ServiceID returns the identifier the endpoint belongs to. -func (e Endpoint) ServiceID() string { return e.serviceID } - -// ResolveEndpoint resolves an endpoint from the context of a service and -// region the endpoint represents. See Partition.EndpointFor for usage and -// errors that can be returned. -func (e Endpoint) ResolveEndpoint(opts ...func(*Options)) (ResolvedEndpoint, error) { - return e.p.EndpointFor(e.serviceID, e.id, opts...) -} - -// A ResolvedEndpoint is an endpoint that has been resolved based on a partition -// service, and region. -type ResolvedEndpoint struct { - // The endpoint URL - URL string - - // The endpoint partition - PartitionID string - - // The region that should be used for signing requests. - SigningRegion string - - // The service name that should be used for signing requests. - SigningName string - - // States that the signing name for this endpoint was derived from metadata - // passed in, but was not explicitly modeled. - SigningNameDerived bool - - // The signing method that should be used for signing requests. - SigningMethod string -} - -// So that the Error interface type can be included as an anonymous field -// in the requestError struct and not conflict with the error.Error() method. -type awsError awserr.Error - -// A EndpointNotFoundError is returned when in StrictMatching mode, and the -// endpoint for the service and region cannot be found in any of the partitions. -type EndpointNotFoundError struct { - awsError - Partition string - Service string - Region string -} - -// A UnknownServiceError is returned when the service does not resolve to an -// endpoint. Includes a list of all known services for the partition. Returned -// when a partition does not support the service. -type UnknownServiceError struct { - awsError - Partition string - Service string - Known []string -} - -// NewUnknownServiceError builds and returns UnknownServiceError. -func NewUnknownServiceError(p, s string, known []string) UnknownServiceError { - return UnknownServiceError{ - awsError: awserr.New("UnknownServiceError", - "could not resolve endpoint for unknown service", nil), - Partition: p, - Service: s, - Known: known, - } -} - -// String returns the string representation of the error. -func (e UnknownServiceError) Error() string { - extra := fmt.Sprintf("partition: %q, service: %q", - e.Partition, e.Service) - if len(e.Known) > 0 { - extra += fmt.Sprintf(", known: %v", e.Known) - } - return awserr.SprintError(e.Code(), e.Message(), extra, e.OrigErr()) -} - -// String returns the string representation of the error. -func (e UnknownServiceError) String() string { - return e.Error() -} - -// A UnknownEndpointError is returned when in StrictMatching mode and the -// service is valid, but the region does not resolve to an endpoint. Includes -// a list of all known endpoints for the service. -type UnknownEndpointError struct { - awsError - Partition string - Service string - Region string - Known []string -} - -// NewUnknownEndpointError builds and returns UnknownEndpointError. -func NewUnknownEndpointError(p, s, r string, known []string) UnknownEndpointError { - return UnknownEndpointError{ - awsError: awserr.New("UnknownEndpointError", - "could not resolve endpoint", nil), - Partition: p, - Service: s, - Region: r, - Known: known, - } -} - -// String returns the string representation of the error. -func (e UnknownEndpointError) Error() string { - extra := fmt.Sprintf("partition: %q, service: %q, region: %q", - e.Partition, e.Service, e.Region) - if len(e.Known) > 0 { - extra += fmt.Sprintf(", known: %v", e.Known) - } - return awserr.SprintError(e.Code(), e.Message(), extra, e.OrigErr()) -} - -// String returns the string representation of the error. -func (e UnknownEndpointError) String() string { - return e.Error() -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go deleted file mode 100644 index df75e899..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/legacy_regions.go +++ /dev/null @@ -1,24 +0,0 @@ -package endpoints - -var legacyGlobalRegions = map[string]map[string]struct{}{ - "sts": { - "ap-northeast-1": {}, - "ap-south-1": {}, - "ap-southeast-1": {}, - "ap-southeast-2": {}, - "ca-central-1": {}, - "eu-central-1": {}, - "eu-north-1": {}, - "eu-west-1": {}, - "eu-west-2": {}, - "eu-west-3": {}, - "sa-east-1": {}, - "us-east-1": {}, - "us-east-2": {}, - "us-west-1": {}, - "us-west-2": {}, - }, - "s3": { - "us-east-1": {}, - }, -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go deleted file mode 100644 index 89f6627d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go +++ /dev/null @@ -1,594 +0,0 @@ -package endpoints - -import ( - "encoding/json" - "fmt" - "regexp" - "strconv" - "strings" -) - -const ( - ec2MetadataEndpointIPv6 = "http://[fd00:ec2::254]/latest" - ec2MetadataEndpointIPv4 = "http://169.254.169.254/latest" -) - -const dnsSuffixTemplateKey = "{dnsSuffix}" - -// defaultKey is a compound map key of a variant and other values. -type defaultKey struct { - Variant endpointVariant - ServiceVariant serviceVariant -} - -// endpointKey is a compound map key of a region and associated variant value. -type endpointKey struct { - Region string - Variant endpointVariant -} - -// endpointVariant is a bit field to describe the endpoints attributes. -type endpointVariant uint64 - -// serviceVariant is a bit field to describe the service endpoint attributes. -type serviceVariant uint64 - -const ( - // fipsVariant indicates that the endpoint is FIPS capable. - fipsVariant endpointVariant = 1 << (64 - 1 - iota) - - // dualStackVariant indicates that the endpoint is DualStack capable. - dualStackVariant -) - -var regionValidationRegex = regexp.MustCompile(`^[[:alnum:]]([[:alnum:]\-]*[[:alnum:]])?$`) - -type partitions []partition - -func (ps partitions) EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) { - var opt Options - opt.Set(opts...) - - if len(opt.ResolvedRegion) > 0 { - region = opt.ResolvedRegion - } - - for i := 0; i < len(ps); i++ { - if !ps[i].canResolveEndpoint(service, region, opt) { - continue - } - - return ps[i].EndpointFor(service, region, opts...) - } - - // If loose matching fallback to first partition format to use - // when resolving the endpoint. - if !opt.StrictMatching && len(ps) > 0 { - return ps[0].EndpointFor(service, region, opts...) - } - - return ResolvedEndpoint{}, NewUnknownEndpointError("all partitions", service, region, []string{}) -} - -// Partitions satisfies the EnumPartitions interface and returns a list -// of Partitions representing each partition represented in the SDK's -// endpoints model. -func (ps partitions) Partitions() []Partition { - parts := make([]Partition, 0, len(ps)) - for i := 0; i < len(ps); i++ { - parts = append(parts, ps[i].Partition()) - } - - return parts -} - -type endpointWithVariants struct { - endpoint - Variants []endpointWithTags `json:"variants"` -} - -type endpointWithTags struct { - endpoint - Tags []string `json:"tags"` -} - -type endpointDefaults map[defaultKey]endpoint - -func (p *endpointDefaults) UnmarshalJSON(data []byte) error { - if *p == nil { - *p = make(endpointDefaults) - } - - var e endpointWithVariants - if err := json.Unmarshal(data, &e); err != nil { - return err - } - - (*p)[defaultKey{Variant: 0}] = e.endpoint - - e.Hostname = "" - e.DNSSuffix = "" - - for _, variant := range e.Variants { - endpointVariant, unknown := parseVariantTags(variant.Tags) - if unknown { - continue - } - - var ve endpoint - ve.mergeIn(e.endpoint) - ve.mergeIn(variant.endpoint) - - (*p)[defaultKey{Variant: endpointVariant}] = ve - } - - return nil -} - -func parseVariantTags(tags []string) (ev endpointVariant, unknown bool) { - if len(tags) == 0 { - unknown = true - return - } - - for _, tag := range tags { - switch { - case strings.EqualFold("fips", tag): - ev |= fipsVariant - case strings.EqualFold("dualstack", tag): - ev |= dualStackVariant - default: - unknown = true - } - } - return ev, unknown -} - -type partition struct { - ID string `json:"partition"` - Name string `json:"partitionName"` - DNSSuffix string `json:"dnsSuffix"` - RegionRegex regionRegex `json:"regionRegex"` - Defaults endpointDefaults `json:"defaults"` - Regions regions `json:"regions"` - Services services `json:"services"` -} - -func (p partition) Partition() Partition { - return Partition{ - dnsSuffix: p.DNSSuffix, - id: p.ID, - p: &p, - } -} - -func (p partition) canResolveEndpoint(service, region string, options Options) bool { - s, hasService := p.Services[service] - _, hasEndpoint := s.Endpoints[endpointKey{ - Region: region, - Variant: options.getEndpointVariant(service), - }] - - if hasEndpoint && hasService { - return true - } - - if options.StrictMatching { - return false - } - - return p.RegionRegex.MatchString(region) -} - -func allowLegacyEmptyRegion(service string) bool { - legacy := map[string]struct{}{ - "budgets": {}, - "ce": {}, - "chime": {}, - "cloudfront": {}, - "ec2metadata": {}, - "iam": {}, - "importexport": {}, - "organizations": {}, - "route53": {}, - "sts": {}, - "support": {}, - "waf": {}, - } - - _, allowed := legacy[service] - return allowed -} - -func (p partition) EndpointFor(service, region string, opts ...func(*Options)) (resolved ResolvedEndpoint, err error) { - var opt Options - opt.Set(opts...) - - if len(opt.ResolvedRegion) > 0 { - region = opt.ResolvedRegion - } - - s, hasService := p.Services[service] - - if service == Ec2metadataServiceID && !hasService { - endpoint := getEC2MetadataEndpoint(p.ID, service, opt.EC2MetadataEndpointMode) - return endpoint, nil - } - - if len(service) == 0 || !(hasService || opt.ResolveUnknownService) { - // Only return error if the resolver will not fallback to creating - // endpoint based on service endpoint ID passed in. - return resolved, NewUnknownServiceError(p.ID, service, serviceList(p.Services)) - } - - if len(region) == 0 && allowLegacyEmptyRegion(service) && len(s.PartitionEndpoint) != 0 { - region = s.PartitionEndpoint - } - - if r, ok := isLegacyGlobalRegion(service, region, opt); ok { - region = r - } - - variant := opt.getEndpointVariant(service) - - endpoints := s.Endpoints - - serviceDefaults, hasServiceDefault := s.Defaults[defaultKey{Variant: variant}] - // If we searched for a variant which may have no explicit service defaults, - // then we need to inherit the standard service defaults except the hostname and dnsSuffix - if variant != 0 && !hasServiceDefault { - serviceDefaults = s.Defaults[defaultKey{}] - serviceDefaults.Hostname = "" - serviceDefaults.DNSSuffix = "" - } - - partitionDefaults, hasPartitionDefault := p.Defaults[defaultKey{Variant: variant}] - - var dnsSuffix string - if len(serviceDefaults.DNSSuffix) > 0 { - dnsSuffix = serviceDefaults.DNSSuffix - } else if variant == 0 { - // For legacy reasons the partition dnsSuffix is not in the defaults, so if we looked for - // a non-variant endpoint then we need to set the dnsSuffix. - dnsSuffix = p.DNSSuffix - } - - noDefaults := !hasServiceDefault && !hasPartitionDefault - - e, hasEndpoint := s.endpointForRegion(region, endpoints, variant) - if len(region) == 0 || (!hasEndpoint && (opt.StrictMatching || noDefaults)) { - return resolved, NewUnknownEndpointError(p.ID, service, region, endpointList(endpoints, variant)) - } - - defs := []endpoint{partitionDefaults, serviceDefaults} - - return e.resolve(service, p.ID, region, dnsSuffixTemplateKey, dnsSuffix, defs, opt) -} - -func getEC2MetadataEndpoint(partitionID, service string, mode EC2IMDSEndpointModeState) ResolvedEndpoint { - switch mode { - case EC2IMDSEndpointModeStateIPv6: - return ResolvedEndpoint{ - URL: ec2MetadataEndpointIPv6, - PartitionID: partitionID, - SigningRegion: "aws-global", - SigningName: service, - SigningNameDerived: true, - SigningMethod: "v4", - } - case EC2IMDSEndpointModeStateIPv4: - fallthrough - default: - return ResolvedEndpoint{ - URL: ec2MetadataEndpointIPv4, - PartitionID: partitionID, - SigningRegion: "aws-global", - SigningName: service, - SigningNameDerived: true, - SigningMethod: "v4", - } - } -} - -func isLegacyGlobalRegion(service string, region string, opt Options) (string, bool) { - if opt.getEndpointVariant(service) != 0 { - return "", false - } - - const ( - sts = "sts" - s3 = "s3" - awsGlobal = "aws-global" - ) - - switch { - case service == sts && opt.STSRegionalEndpoint == RegionalSTSEndpoint: - return region, false - case service == s3 && opt.S3UsEast1RegionalEndpoint == RegionalS3UsEast1Endpoint: - return region, false - default: - if _, ok := legacyGlobalRegions[service][region]; ok { - return awsGlobal, true - } - } - - return region, false -} - -func serviceList(ss services) []string { - list := make([]string, 0, len(ss)) - for k := range ss { - list = append(list, k) - } - return list -} -func endpointList(es serviceEndpoints, variant endpointVariant) []string { - list := make([]string, 0, len(es)) - for k := range es { - if k.Variant != variant { - continue - } - list = append(list, k.Region) - } - return list -} - -type regionRegex struct { - *regexp.Regexp -} - -func (rr *regionRegex) UnmarshalJSON(b []byte) (err error) { - // Strip leading and trailing quotes - regex, err := strconv.Unquote(string(b)) - if err != nil { - return fmt.Errorf("unable to strip quotes from regex, %v", err) - } - - rr.Regexp, err = regexp.Compile(regex) - if err != nil { - return fmt.Errorf("unable to unmarshal region regex, %v", err) - } - return nil -} - -type regions map[string]region - -type region struct { - Description string `json:"description"` -} - -type services map[string]service - -type service struct { - PartitionEndpoint string `json:"partitionEndpoint"` - IsRegionalized boxedBool `json:"isRegionalized,omitempty"` - Defaults endpointDefaults `json:"defaults"` - Endpoints serviceEndpoints `json:"endpoints"` -} - -func (s *service) endpointForRegion(region string, endpoints serviceEndpoints, variant endpointVariant) (endpoint, bool) { - if e, ok := endpoints[endpointKey{Region: region, Variant: variant}]; ok { - return e, true - } - - if s.IsRegionalized == boxedFalse { - return endpoints[endpointKey{Region: s.PartitionEndpoint, Variant: variant}], region == s.PartitionEndpoint - } - - // Unable to find any matching endpoint, return - // blank that will be used for generic endpoint creation. - return endpoint{}, false -} - -type serviceEndpoints map[endpointKey]endpoint - -func (s *serviceEndpoints) UnmarshalJSON(data []byte) error { - if *s == nil { - *s = make(serviceEndpoints) - } - - var regionToEndpoint map[string]endpointWithVariants - - if err := json.Unmarshal(data, ®ionToEndpoint); err != nil { - return err - } - - for region, e := range regionToEndpoint { - (*s)[endpointKey{Region: region}] = e.endpoint - - e.Hostname = "" - e.DNSSuffix = "" - - for _, variant := range e.Variants { - endpointVariant, unknown := parseVariantTags(variant.Tags) - if unknown { - continue - } - - var ve endpoint - ve.mergeIn(e.endpoint) - ve.mergeIn(variant.endpoint) - - (*s)[endpointKey{Region: region, Variant: endpointVariant}] = ve - } - } - - return nil -} - -type endpoint struct { - Hostname string `json:"hostname"` - Protocols []string `json:"protocols"` - CredentialScope credentialScope `json:"credentialScope"` - - DNSSuffix string `json:"dnsSuffix"` - - // Signature Version not used - SignatureVersions []string `json:"signatureVersions"` - - // SSLCommonName not used. - SSLCommonName string `json:"sslCommonName"` - - Deprecated boxedBool `json:"deprecated"` -} - -// isZero returns whether the endpoint structure is an empty (zero) value. -func (e endpoint) isZero() bool { - switch { - case len(e.Hostname) != 0: - return false - case len(e.Protocols) != 0: - return false - case e.CredentialScope != (credentialScope{}): - return false - case len(e.SignatureVersions) != 0: - return false - case len(e.SSLCommonName) != 0: - return false - } - return true -} - -const ( - defaultProtocol = "https" - defaultSigner = "v4" -) - -var ( - protocolPriority = []string{"https", "http"} - signerPriority = []string{"v4", "v2"} -) - -func getByPriority(s []string, p []string, def string) string { - if len(s) == 0 { - return def - } - - for i := 0; i < len(p); i++ { - for j := 0; j < len(s); j++ { - if s[j] == p[i] { - return s[j] - } - } - } - - return s[0] -} - -func (e endpoint) resolve(service, partitionID, region, dnsSuffixTemplateVariable, dnsSuffix string, defs []endpoint, opts Options) (ResolvedEndpoint, error) { - var merged endpoint - for _, def := range defs { - merged.mergeIn(def) - } - merged.mergeIn(e) - e = merged - - signingRegion := e.CredentialScope.Region - if len(signingRegion) == 0 { - signingRegion = region - } - - signingName := e.CredentialScope.Service - var signingNameDerived bool - if len(signingName) == 0 { - signingName = service - signingNameDerived = true - } - - hostname := e.Hostname - - if !validateInputRegion(region) { - return ResolvedEndpoint{}, fmt.Errorf("invalid region identifier format provided") - } - - if len(merged.DNSSuffix) > 0 { - dnsSuffix = merged.DNSSuffix - } - - u := strings.Replace(hostname, "{service}", service, 1) - u = strings.Replace(u, "{region}", region, 1) - u = strings.Replace(u, dnsSuffixTemplateVariable, dnsSuffix, 1) - - scheme := getEndpointScheme(e.Protocols, opts.DisableSSL) - u = fmt.Sprintf("%s://%s", scheme, u) - - if e.Deprecated == boxedTrue && opts.LogDeprecated && opts.Logger != nil { - opts.Logger.Log(fmt.Sprintf("endpoint identifier %q, url %q marked as deprecated", region, u)) - } - - return ResolvedEndpoint{ - URL: u, - PartitionID: partitionID, - SigningRegion: signingRegion, - SigningName: signingName, - SigningNameDerived: signingNameDerived, - SigningMethod: getByPriority(e.SignatureVersions, signerPriority, defaultSigner), - }, nil -} - -func getEndpointScheme(protocols []string, disableSSL bool) string { - if disableSSL { - return "http" - } - - return getByPriority(protocols, protocolPriority, defaultProtocol) -} - -func (e *endpoint) mergeIn(other endpoint) { - if len(other.Hostname) > 0 { - e.Hostname = other.Hostname - } - if len(other.Protocols) > 0 { - e.Protocols = other.Protocols - } - if len(other.SignatureVersions) > 0 { - e.SignatureVersions = other.SignatureVersions - } - if len(other.CredentialScope.Region) > 0 { - e.CredentialScope.Region = other.CredentialScope.Region - } - if len(other.CredentialScope.Service) > 0 { - e.CredentialScope.Service = other.CredentialScope.Service - } - if len(other.SSLCommonName) > 0 { - e.SSLCommonName = other.SSLCommonName - } - if len(other.DNSSuffix) > 0 { - e.DNSSuffix = other.DNSSuffix - } - if other.Deprecated != boxedBoolUnset { - e.Deprecated = other.Deprecated - } -} - -type credentialScope struct { - Region string `json:"region"` - Service string `json:"service"` -} - -type boxedBool int - -func (b *boxedBool) UnmarshalJSON(buf []byte) error { - v, err := strconv.ParseBool(string(buf)) - if err != nil { - return err - } - - if v { - *b = boxedTrue - } else { - *b = boxedFalse - } - - return nil -} - -const ( - boxedBoolUnset boxedBool = iota - boxedFalse - boxedTrue -) - -func validateInputRegion(region string) bool { - return regionValidationRegex.MatchString(region) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model_codegen.go b/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model_codegen.go deleted file mode 100644 index 84922bca..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model_codegen.go +++ /dev/null @@ -1,412 +0,0 @@ -//go:build codegen -// +build codegen - -package endpoints - -import ( - "fmt" - "io" - "reflect" - "strings" - "text/template" - "unicode" -) - -// A CodeGenOptions are the options for code generating the endpoints into -// Go code from the endpoints model definition. -type CodeGenOptions struct { - // Options for how the model will be decoded. - DecodeModelOptions DecodeModelOptions - - // Disables code generation of the service endpoint prefix IDs defined in - // the model. - DisableGenerateServiceIDs bool -} - -// Set combines all of the option functions together -func (d *CodeGenOptions) Set(optFns ...func(*CodeGenOptions)) { - for _, fn := range optFns { - fn(d) - } -} - -// CodeGenModel given a endpoints model file will decode it and attempt to -// generate Go code from the model definition. Error will be returned if -// the code is unable to be generated, or decoded. -func CodeGenModel(modelFile io.Reader, outFile io.Writer, optFns ...func(*CodeGenOptions)) error { - var opts CodeGenOptions - opts.Set(optFns...) - - resolver, err := DecodeModel(modelFile, func(d *DecodeModelOptions) { - *d = opts.DecodeModelOptions - }) - if err != nil { - return err - } - - v := struct { - Resolver - CodeGenOptions - }{ - Resolver: resolver, - CodeGenOptions: opts, - } - - tmpl := template.Must(template.New("tmpl").Funcs(funcMap).Parse(v3Tmpl)) - if err := tmpl.ExecuteTemplate(outFile, "defaults", v); err != nil { - return fmt.Errorf("failed to execute template, %v", err) - } - - return nil -} - -func toSymbol(v string) string { - out := []rune{} - for _, c := range strings.Title(v) { - if !(unicode.IsNumber(c) || unicode.IsLetter(c)) { - continue - } - - out = append(out, c) - } - - return string(out) -} - -func quoteString(v string) string { - return fmt.Sprintf("%q", v) -} - -func regionConstName(p, r string) string { - return toSymbol(p) + toSymbol(r) -} - -func partitionGetter(id string) string { - return fmt.Sprintf("%sPartition", toSymbol(id)) -} - -func partitionVarName(id string) string { - return fmt.Sprintf("%sPartition", strings.ToLower(toSymbol(id))) -} - -func listPartitionNames(ps partitions) string { - names := []string{} - switch len(ps) { - case 1: - return ps[0].Name - case 2: - return fmt.Sprintf("%s and %s", ps[0].Name, ps[1].Name) - default: - for i, p := range ps { - if i == len(ps)-1 { - names = append(names, "and "+p.Name) - } else { - names = append(names, p.Name) - } - } - return strings.Join(names, ", ") - } -} - -func boxedBoolIfSet(msg string, v boxedBool) string { - switch v { - case boxedTrue: - return fmt.Sprintf(msg, "boxedTrue") - case boxedFalse: - return fmt.Sprintf(msg, "boxedFalse") - default: - return "" - } -} - -func stringIfSet(msg, v string) string { - if len(v) == 0 { - return "" - } - - return fmt.Sprintf(msg, v) -} - -func stringSliceIfSet(msg string, vs []string) string { - if len(vs) == 0 { - return "" - } - - names := []string{} - for _, v := range vs { - names = append(names, `"`+v+`"`) - } - - return fmt.Sprintf(msg, strings.Join(names, ",")) -} - -func endpointIsSet(v endpoint) bool { - return !reflect.DeepEqual(v, endpoint{}) -} - -func serviceSet(ps partitions) map[string]struct{} { - set := map[string]struct{}{} - for _, p := range ps { - for id := range p.Services { - set[id] = struct{}{} - } - } - - return set -} - -func endpointVariantSetter(variant endpointVariant) (string, error) { - if variant == 0 { - return "0", nil - } - - if variant > (fipsVariant | dualStackVariant) { - return "", fmt.Errorf("unknown endpoint variant") - } - - var symbols []string - if variant&fipsVariant != 0 { - symbols = append(symbols, "fipsVariant") - } - if variant&dualStackVariant != 0 { - symbols = append(symbols, "dualStackVariant") - } - v := strings.Join(symbols, "|") - - return v, nil -} - -func endpointKeySetter(e endpointKey) (string, error) { - var sb strings.Builder - sb.WriteString("endpointKey{\n") - sb.WriteString(fmt.Sprintf("Region: %q,\n", e.Region)) - if e.Variant != 0 { - variantSetter, err := endpointVariantSetter(e.Variant) - if err != nil { - return "", err - } - sb.WriteString(fmt.Sprintf("Variant: %s,\n", variantSetter)) - } - sb.WriteString("}") - return sb.String(), nil -} - -func defaultKeySetter(e defaultKey) (string, error) { - var sb strings.Builder - sb.WriteString("defaultKey{\n") - if e.Variant != 0 { - variantSetter, err := endpointVariantSetter(e.Variant) - if err != nil { - return "", err - } - sb.WriteString(fmt.Sprintf("Variant: %s,\n", variantSetter)) - } - sb.WriteString("}") - return sb.String(), nil -} - -var funcMap = template.FuncMap{ - "ToSymbol": toSymbol, - "QuoteString": quoteString, - "RegionConst": regionConstName, - "PartitionGetter": partitionGetter, - "PartitionVarName": partitionVarName, - "ListPartitionNames": listPartitionNames, - "BoxedBoolIfSet": boxedBoolIfSet, - "StringIfSet": stringIfSet, - "StringSliceIfSet": stringSliceIfSet, - "EndpointIsSet": endpointIsSet, - "ServicesSet": serviceSet, - "EndpointVariantSetter": endpointVariantSetter, - "EndpointKeySetter": endpointKeySetter, - "DefaultKeySetter": defaultKeySetter, -} - -const v3Tmpl = ` -{{ define "defaults" -}} -// Code generated by aws/endpoints/v3model_codegen.go. DO NOT EDIT. - -package endpoints - -import ( - "regexp" -) - - {{ template "partition consts" $.Resolver }} - - {{ range $_, $partition := $.Resolver }} - {{ template "partition region consts" $partition }} - {{ end }} - - {{ if not $.DisableGenerateServiceIDs -}} - {{ template "service consts" $.Resolver }} - {{- end }} - - {{ template "endpoint resolvers" $.Resolver }} -{{- end }} - -{{ define "partition consts" }} - // Partition identifiers - const ( - {{ range $_, $p := . -}} - {{ ToSymbol $p.ID }}PartitionID = {{ QuoteString $p.ID }} // {{ $p.Name }} partition. - {{ end -}} - ) -{{- end }} - -{{ define "partition region consts" }} - // {{ .Name }} partition's regions. - const ( - {{ range $id, $region := .Regions -}} - {{ ToSymbol $id }}RegionID = {{ QuoteString $id }} // {{ $region.Description }}. - {{ end -}} - ) -{{- end }} - -{{ define "service consts" }} - // Service identifiers - const ( - {{ $serviceSet := ServicesSet . -}} - {{ range $id, $_ := $serviceSet -}} - {{ ToSymbol $id }}ServiceID = {{ QuoteString $id }} // {{ ToSymbol $id }}. - {{ end -}} - ) -{{- end }} - -{{ define "endpoint resolvers" }} - // DefaultResolver returns an Endpoint resolver that will be able - // to resolve endpoints for: {{ ListPartitionNames . }}. - // - // Use DefaultPartitions() to get the list of the default partitions. - func DefaultResolver() Resolver { - return defaultPartitions - } - - // DefaultPartitions returns a list of the partitions the SDK is bundled - // with. The available partitions are: {{ ListPartitionNames . }}. - // - // partitions := endpoints.DefaultPartitions - // for _, p := range partitions { - // // ... inspect partitions - // } - func DefaultPartitions() []Partition { - return defaultPartitions.Partitions() - } - - var defaultPartitions = partitions{ - {{ range $_, $partition := . -}} - {{ PartitionVarName $partition.ID }}, - {{ end }} - } - - {{ range $_, $partition := . -}} - {{ $name := PartitionGetter $partition.ID -}} - // {{ $name }} returns the Resolver for {{ $partition.Name }}. - func {{ $name }}() Partition { - return {{ PartitionVarName $partition.ID }}.Partition() - } - var {{ PartitionVarName $partition.ID }} = {{ template "gocode Partition" $partition }} - {{ end }} -{{ end }} - -{{ define "default partitions" }} - func DefaultPartitions() []Partition { - return []partition{ - {{ range $_, $partition := . -}} - // {{ ToSymbol $partition.ID}}Partition(), - {{ end }} - } - } -{{ end }} - -{{ define "gocode Partition" -}} -partition{ - {{ StringIfSet "ID: %q,\n" .ID -}} - {{ StringIfSet "Name: %q,\n" .Name -}} - {{ StringIfSet "DNSSuffix: %q,\n" .DNSSuffix -}} - RegionRegex: {{ template "gocode RegionRegex" .RegionRegex }}, - {{ if (gt (len .Defaults) 0) -}} - Defaults: {{ template "gocode Defaults" .Defaults -}}, - {{ end -}} - Regions: {{ template "gocode Regions" .Regions }}, - Services: {{ template "gocode Services" .Services }}, -} -{{- end }} - -{{ define "gocode RegionRegex" -}} -regionRegex{ - Regexp: func() *regexp.Regexp{ - reg, _ := regexp.Compile({{ QuoteString .Regexp.String }}) - return reg - }(), -} -{{- end }} - -{{ define "gocode Regions" -}} -regions{ - {{ range $id, $region := . -}} - "{{ $id }}": {{ template "gocode Region" $region }}, - {{ end -}} -} -{{- end }} - -{{ define "gocode Region" -}} -region{ - {{ StringIfSet "Description: %q,\n" .Description -}} -} -{{- end }} - -{{ define "gocode Services" -}} -services{ - {{ range $id, $service := . -}} - "{{ $id }}": {{ template "gocode Service" $service }}, - {{ end }} -} -{{- end }} - -{{ define "gocode Service" -}} -service{ - {{ StringIfSet "PartitionEndpoint: %q,\n" .PartitionEndpoint -}} - {{ BoxedBoolIfSet "IsRegionalized: %s,\n" .IsRegionalized -}} - {{ if (gt (len .Defaults) 0) -}} - Defaults: {{ template "gocode Defaults" .Defaults -}}, - {{ end -}} - {{ if .Endpoints -}} - Endpoints: {{ template "gocode Endpoints" .Endpoints }}, - {{- end }} -} -{{- end }} - -{{ define "gocode Defaults" -}} -endpointDefaults{ - {{ range $id, $endpoint := . -}} - {{ DefaultKeySetter $id }}: {{ template "gocode Endpoint" $endpoint }}, - {{ end }} -} -{{- end }} - -{{ define "gocode Endpoints" -}} -serviceEndpoints{ - {{ range $id, $endpoint := . -}} - {{ EndpointKeySetter $id }}: {{ template "gocode Endpoint" $endpoint }}, - {{ end }} -} -{{- end }} - -{{ define "gocode Endpoint" -}} -endpoint{ - {{ StringIfSet "Hostname: %q,\n" .Hostname -}} - {{ StringIfSet "DNSSuffix: %q,\n" .DNSSuffix -}} - {{ StringIfSet "SSLCommonName: %q,\n" .SSLCommonName -}} - {{ StringSliceIfSet "Protocols: []string{%s},\n" .Protocols -}} - {{ StringSliceIfSet "SignatureVersions: []string{%s},\n" .SignatureVersions -}} - {{ if or .CredentialScope.Region .CredentialScope.Service -}} - CredentialScope: credentialScope{ - {{ StringIfSet "Region: %q,\n" .CredentialScope.Region -}} - {{ StringIfSet "Service: %q,\n" .CredentialScope.Service -}} - }, - {{- end }} - {{ BoxedBoolIfSet "Deprecated: %s,\n" .Deprecated -}} -} -{{- end }} -` diff --git a/vendor/github.com/aws/aws-sdk-go/aws/errors.go b/vendor/github.com/aws/aws-sdk-go/aws/errors.go deleted file mode 100644 index fa06f7a8..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/errors.go +++ /dev/null @@ -1,13 +0,0 @@ -package aws - -import "github.com/aws/aws-sdk-go/aws/awserr" - -var ( - // ErrMissingRegion is an error that is returned if region configuration is - // not found. - ErrMissingRegion = awserr.New("MissingRegion", "could not find region configuration", nil) - - // ErrMissingEndpoint is an error that is returned if an endpoint cannot be - // resolved for a service. - ErrMissingEndpoint = awserr.New("MissingEndpoint", "'Endpoint' configuration is required for this service", nil) -) diff --git a/vendor/github.com/aws/aws-sdk-go/aws/jsonvalue.go b/vendor/github.com/aws/aws-sdk-go/aws/jsonvalue.go deleted file mode 100644 index 91a6f277..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/jsonvalue.go +++ /dev/null @@ -1,12 +0,0 @@ -package aws - -// JSONValue is a representation of a grab bag type that will be marshaled -// into a json string. This type can be used just like any other map. -// -// Example: -// -// values := aws.JSONValue{ -// "Foo": "Bar", -// } -// values["Baz"] = "Qux" -type JSONValue map[string]interface{} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/logger.go b/vendor/github.com/aws/aws-sdk-go/aws/logger.go deleted file mode 100644 index 49674cc7..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/logger.go +++ /dev/null @@ -1,121 +0,0 @@ -package aws - -import ( - "log" - "os" -) - -// A LogLevelType defines the level logging should be performed at. Used to instruct -// the SDK which statements should be logged. -type LogLevelType uint - -// LogLevel returns the pointer to a LogLevel. Should be used to workaround -// not being able to take the address of a non-composite literal. -func LogLevel(l LogLevelType) *LogLevelType { - return &l -} - -// Value returns the LogLevel value or the default value LogOff if the LogLevel -// is nil. Safe to use on nil value LogLevelTypes. -func (l *LogLevelType) Value() LogLevelType { - if l != nil { - return *l - } - return LogOff -} - -// Matches returns true if the v LogLevel is enabled by this LogLevel. Should be -// used with logging sub levels. Is safe to use on nil value LogLevelTypes. If -// LogLevel is nil, will default to LogOff comparison. -func (l *LogLevelType) Matches(v LogLevelType) bool { - c := l.Value() - return c&v == v -} - -// AtLeast returns true if this LogLevel is at least high enough to satisfies v. -// Is safe to use on nil value LogLevelTypes. If LogLevel is nil, will default -// to LogOff comparison. -func (l *LogLevelType) AtLeast(v LogLevelType) bool { - c := l.Value() - return c >= v -} - -const ( - // LogOff states that no logging should be performed by the SDK. This is the - // default state of the SDK, and should be use to disable all logging. - LogOff LogLevelType = iota * 0x1000 - - // LogDebug state that debug output should be logged by the SDK. This should - // be used to inspect request made and responses received. - LogDebug -) - -// Debug Logging Sub Levels -const ( - // LogDebugWithSigning states that the SDK should log request signing and - // presigning events. This should be used to log the signing details of - // requests for debugging. Will also enable LogDebug. - LogDebugWithSigning LogLevelType = LogDebug | (1 << iota) - - // LogDebugWithHTTPBody states the SDK should log HTTP request and response - // HTTP bodys in addition to the headers and path. This should be used to - // see the body content of requests and responses made while using the SDK - // Will also enable LogDebug. - LogDebugWithHTTPBody - - // LogDebugWithRequestRetries states the SDK should log when service requests will - // be retried. This should be used to log when you want to log when service - // requests are being retried. Will also enable LogDebug. - LogDebugWithRequestRetries - - // LogDebugWithRequestErrors states the SDK should log when service requests fail - // to build, send, validate, or unmarshal. - LogDebugWithRequestErrors - - // LogDebugWithEventStreamBody states the SDK should log EventStream - // request and response bodys. This should be used to log the EventStream - // wire unmarshaled message content of requests and responses made while - // using the SDK Will also enable LogDebug. - LogDebugWithEventStreamBody - - // LogDebugWithDeprecated states the SDK should log details about deprecated functionality. - LogDebugWithDeprecated -) - -// A Logger is a minimalistic interface for the SDK to log messages to. Should -// be used to provide custom logging writers for the SDK to use. -type Logger interface { - Log(...interface{}) -} - -// A LoggerFunc is a convenience type to convert a function taking a variadic -// list of arguments and wrap it so the Logger interface can be used. -// -// Example: -// s3.New(sess, &aws.Config{Logger: aws.LoggerFunc(func(args ...interface{}) { -// fmt.Fprintln(os.Stdout, args...) -// })}) -type LoggerFunc func(...interface{}) - -// Log calls the wrapped function with the arguments provided -func (f LoggerFunc) Log(args ...interface{}) { - f(args...) -} - -// NewDefaultLogger returns a Logger which will write log messages to stdout, and -// use same formatting runes as the stdlib log.Logger -func NewDefaultLogger() Logger { - return &defaultLogger{ - logger: log.New(os.Stdout, "", log.LstdFlags), - } -} - -// A defaultLogger provides a minimalistic logger satisfying the Logger interface. -type defaultLogger struct { - logger *log.Logger -} - -// Log logs the parameters to the stdlib logger. See log.Println. -func (l defaultLogger) Log(args ...interface{}) { - l.logger.Println(args...) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go b/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go deleted file mode 100644 index 2ba3c56c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/connection_reset_error.go +++ /dev/null @@ -1,19 +0,0 @@ -package request - -import ( - "strings" -) - -func isErrConnectionReset(err error) bool { - if strings.Contains(err.Error(), "read: connection reset") { - return false - } - - if strings.Contains(err.Error(), "use of closed network connection") || - strings.Contains(err.Error(), "connection reset") || - strings.Contains(err.Error(), "broken pipe") { - return true - } - - return false -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go b/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go deleted file mode 100644 index 9556332b..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go +++ /dev/null @@ -1,346 +0,0 @@ -package request - -import ( - "fmt" - "strings" -) - -// A Handlers provides a collection of request handlers for various -// stages of handling requests. -type Handlers struct { - Validate HandlerList - Build HandlerList - BuildStream HandlerList - Sign HandlerList - Send HandlerList - ValidateResponse HandlerList - Unmarshal HandlerList - UnmarshalStream HandlerList - UnmarshalMeta HandlerList - UnmarshalError HandlerList - Retry HandlerList - AfterRetry HandlerList - CompleteAttempt HandlerList - Complete HandlerList -} - -// Copy returns a copy of this handler's lists. -func (h *Handlers) Copy() Handlers { - return Handlers{ - Validate: h.Validate.copy(), - Build: h.Build.copy(), - BuildStream: h.BuildStream.copy(), - Sign: h.Sign.copy(), - Send: h.Send.copy(), - ValidateResponse: h.ValidateResponse.copy(), - Unmarshal: h.Unmarshal.copy(), - UnmarshalStream: h.UnmarshalStream.copy(), - UnmarshalError: h.UnmarshalError.copy(), - UnmarshalMeta: h.UnmarshalMeta.copy(), - Retry: h.Retry.copy(), - AfterRetry: h.AfterRetry.copy(), - CompleteAttempt: h.CompleteAttempt.copy(), - Complete: h.Complete.copy(), - } -} - -// Clear removes callback functions for all handlers. -func (h *Handlers) Clear() { - h.Validate.Clear() - h.Build.Clear() - h.BuildStream.Clear() - h.Send.Clear() - h.Sign.Clear() - h.Unmarshal.Clear() - h.UnmarshalStream.Clear() - h.UnmarshalMeta.Clear() - h.UnmarshalError.Clear() - h.ValidateResponse.Clear() - h.Retry.Clear() - h.AfterRetry.Clear() - h.CompleteAttempt.Clear() - h.Complete.Clear() -} - -// IsEmpty returns if there are no handlers in any of the handlerlists. -func (h *Handlers) IsEmpty() bool { - if h.Validate.Len() != 0 { - return false - } - if h.Build.Len() != 0 { - return false - } - if h.BuildStream.Len() != 0 { - return false - } - if h.Send.Len() != 0 { - return false - } - if h.Sign.Len() != 0 { - return false - } - if h.Unmarshal.Len() != 0 { - return false - } - if h.UnmarshalStream.Len() != 0 { - return false - } - if h.UnmarshalMeta.Len() != 0 { - return false - } - if h.UnmarshalError.Len() != 0 { - return false - } - if h.ValidateResponse.Len() != 0 { - return false - } - if h.Retry.Len() != 0 { - return false - } - if h.AfterRetry.Len() != 0 { - return false - } - if h.CompleteAttempt.Len() != 0 { - return false - } - if h.Complete.Len() != 0 { - return false - } - - return true -} - -// A HandlerListRunItem represents an entry in the HandlerList which -// is being run. -type HandlerListRunItem struct { - Index int - Handler NamedHandler - Request *Request -} - -// A HandlerList manages zero or more handlers in a list. -type HandlerList struct { - list []NamedHandler - - // Called after each request handler in the list is called. If set - // and the func returns true the HandlerList will continue to iterate - // over the request handlers. If false is returned the HandlerList - // will stop iterating. - // - // Should be used if extra logic to be performed between each handler - // in the list. This can be used to terminate a list's iteration - // based on a condition such as error like, HandlerListStopOnError. - // Or for logging like HandlerListLogItem. - AfterEachFn func(item HandlerListRunItem) bool -} - -// A NamedHandler is a struct that contains a name and function callback. -type NamedHandler struct { - Name string - Fn func(*Request) -} - -// copy creates a copy of the handler list. -func (l *HandlerList) copy() HandlerList { - n := HandlerList{ - AfterEachFn: l.AfterEachFn, - } - if len(l.list) == 0 { - return n - } - - n.list = append(make([]NamedHandler, 0, len(l.list)), l.list...) - return n -} - -// Clear clears the handler list. -func (l *HandlerList) Clear() { - l.list = l.list[0:0] -} - -// Len returns the number of handlers in the list. -func (l *HandlerList) Len() int { - return len(l.list) -} - -// PushBack pushes handler f to the back of the handler list. -func (l *HandlerList) PushBack(f func(*Request)) { - l.PushBackNamed(NamedHandler{"__anonymous", f}) -} - -// PushBackNamed pushes named handler f to the back of the handler list. -func (l *HandlerList) PushBackNamed(n NamedHandler) { - if cap(l.list) == 0 { - l.list = make([]NamedHandler, 0, 5) - } - l.list = append(l.list, n) -} - -// PushFront pushes handler f to the front of the handler list. -func (l *HandlerList) PushFront(f func(*Request)) { - l.PushFrontNamed(NamedHandler{"__anonymous", f}) -} - -// PushFrontNamed pushes named handler f to the front of the handler list. -func (l *HandlerList) PushFrontNamed(n NamedHandler) { - if cap(l.list) == len(l.list) { - // Allocating new list required - l.list = append([]NamedHandler{n}, l.list...) - } else { - // Enough room to prepend into list. - l.list = append(l.list, NamedHandler{}) - copy(l.list[1:], l.list) - l.list[0] = n - } -} - -// Remove removes a NamedHandler n -func (l *HandlerList) Remove(n NamedHandler) { - l.RemoveByName(n.Name) -} - -// RemoveByName removes a NamedHandler by name. -func (l *HandlerList) RemoveByName(name string) { - for i := 0; i < len(l.list); i++ { - m := l.list[i] - if m.Name == name { - // Shift array preventing creating new arrays - copy(l.list[i:], l.list[i+1:]) - l.list[len(l.list)-1] = NamedHandler{} - l.list = l.list[:len(l.list)-1] - - // decrement list so next check to length is correct - i-- - } - } -} - -// SwapNamed will swap out any existing handlers with the same name as the -// passed in NamedHandler returning true if handlers were swapped. False is -// returned otherwise. -func (l *HandlerList) SwapNamed(n NamedHandler) (swapped bool) { - for i := 0; i < len(l.list); i++ { - if l.list[i].Name == n.Name { - l.list[i].Fn = n.Fn - swapped = true - } - } - - return swapped -} - -// Swap will swap out all handlers matching the name passed in. The matched -// handlers will be swapped in. True is returned if the handlers were swapped. -func (l *HandlerList) Swap(name string, replace NamedHandler) bool { - var swapped bool - - for i := 0; i < len(l.list); i++ { - if l.list[i].Name == name { - l.list[i] = replace - swapped = true - } - } - - return swapped -} - -// SetBackNamed will replace the named handler if it exists in the handler list. -// If the handler does not exist the handler will be added to the end of the list. -func (l *HandlerList) SetBackNamed(n NamedHandler) { - if !l.SwapNamed(n) { - l.PushBackNamed(n) - } -} - -// SetFrontNamed will replace the named handler if it exists in the handler list. -// If the handler does not exist the handler will be added to the beginning of -// the list. -func (l *HandlerList) SetFrontNamed(n NamedHandler) { - if !l.SwapNamed(n) { - l.PushFrontNamed(n) - } -} - -// Run executes all handlers in the list with a given request object. -func (l *HandlerList) Run(r *Request) { - for i, h := range l.list { - h.Fn(r) - item := HandlerListRunItem{ - Index: i, Handler: h, Request: r, - } - if l.AfterEachFn != nil && !l.AfterEachFn(item) { - return - } - } -} - -// HandlerListLogItem logs the request handler and the state of the -// request's Error value. Always returns true to continue iterating -// request handlers in a HandlerList. -func HandlerListLogItem(item HandlerListRunItem) bool { - if item.Request.Config.Logger == nil { - return true - } - item.Request.Config.Logger.Log("DEBUG: RequestHandler", - item.Index, item.Handler.Name, item.Request.Error) - - return true -} - -// HandlerListStopOnError returns false to stop the HandlerList iterating -// over request handlers if Request.Error is not nil. True otherwise -// to continue iterating. -func HandlerListStopOnError(item HandlerListRunItem) bool { - return item.Request.Error == nil -} - -// WithAppendUserAgent will add a string to the user agent prefixed with a -// single white space. -func WithAppendUserAgent(s string) Option { - return func(r *Request) { - r.Handlers.Build.PushBack(func(r2 *Request) { - AddToUserAgent(r, s) - }) - } -} - -// MakeAddToUserAgentHandler will add the name/version pair to the User-Agent request -// header. If the extra parameters are provided they will be added as metadata to the -// name/version pair resulting in the following format. -// "name/version (extra0; extra1; ...)" -// The user agent part will be concatenated with this current request's user agent string. -func MakeAddToUserAgentHandler(name, version string, extra ...string) func(*Request) { - ua := fmt.Sprintf("%s/%s", name, version) - if len(extra) > 0 { - ua += fmt.Sprintf(" (%s)", strings.Join(extra, "; ")) - } - return func(r *Request) { - AddToUserAgent(r, ua) - } -} - -// MakeAddToUserAgentFreeFormHandler adds the input to the User-Agent request header. -// The input string will be concatenated with the current request's user agent string. -func MakeAddToUserAgentFreeFormHandler(s string) func(*Request) { - return func(r *Request) { - AddToUserAgent(r, s) - } -} - -// WithSetRequestHeaders updates the operation request's HTTP header to contain -// the header key value pairs provided. If the header key already exists in the -// request's HTTP header set, the existing value(s) will be replaced. -// -// Header keys added will be added as canonical format with title casing -// applied via http.Header.Set method. -func WithSetRequestHeaders(h map[string]string) Option { - return withRequestHeader(h).SetRequestHeaders -} - -type withRequestHeader map[string]string - -func (h withRequestHeader) SetRequestHeaders(r *Request) { - for k, v := range h { - r.HTTPRequest.Header.Set(k, v) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/http_request.go b/vendor/github.com/aws/aws-sdk-go/aws/request/http_request.go deleted file mode 100644 index 79f79602..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/http_request.go +++ /dev/null @@ -1,24 +0,0 @@ -package request - -import ( - "io" - "net/http" - "net/url" -) - -func copyHTTPRequest(r *http.Request, body io.ReadCloser) *http.Request { - req := new(http.Request) - *req = *r - req.URL = &url.URL{} - *req.URL = *r.URL - req.Body = body - - req.Header = http.Header{} - for k, v := range r.Header { - for _, vv := range v { - req.Header.Add(k, vv) - } - } - - return req -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go b/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go deleted file mode 100644 index 9370fa50..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/offset_reader.go +++ /dev/null @@ -1,65 +0,0 @@ -package request - -import ( - "io" - "sync" - - "github.com/aws/aws-sdk-go/internal/sdkio" -) - -// offsetReader is a thread-safe io.ReadCloser to prevent racing -// with retrying requests -type offsetReader struct { - buf io.ReadSeeker - lock sync.Mutex - closed bool -} - -func newOffsetReader(buf io.ReadSeeker, offset int64) (*offsetReader, error) { - reader := &offsetReader{} - _, err := buf.Seek(offset, sdkio.SeekStart) - if err != nil { - return nil, err - } - - reader.buf = buf - return reader, nil -} - -// Close will close the instance of the offset reader's access to -// the underlying io.ReadSeeker. -func (o *offsetReader) Close() error { - o.lock.Lock() - defer o.lock.Unlock() - o.closed = true - return nil -} - -// Read is a thread-safe read of the underlying io.ReadSeeker -func (o *offsetReader) Read(p []byte) (int, error) { - o.lock.Lock() - defer o.lock.Unlock() - - if o.closed { - return 0, io.EOF - } - - return o.buf.Read(p) -} - -// Seek is a thread-safe seeking operation. -func (o *offsetReader) Seek(offset int64, whence int) (int64, error) { - o.lock.Lock() - defer o.lock.Unlock() - - return o.buf.Seek(offset, whence) -} - -// CloseAndCopy will return a new offsetReader with a copy of the old buffer -// and close the old buffer. -func (o *offsetReader) CloseAndCopy(offset int64) (*offsetReader, error) { - if err := o.Close(); err != nil { - return nil, err - } - return newOffsetReader(o.buf, offset) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request.go deleted file mode 100644 index 636d9ec9..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request.go +++ /dev/null @@ -1,722 +0,0 @@ -package request - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "net/http" - "net/url" - "reflect" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/internal/sdkio" -) - -const ( - // ErrCodeSerialization is the serialization error code that is received - // during protocol unmarshaling. - ErrCodeSerialization = "SerializationError" - - // ErrCodeRead is an error that is returned during HTTP reads. - ErrCodeRead = "ReadError" - - // ErrCodeResponseTimeout is the connection timeout error that is received - // during body reads. - ErrCodeResponseTimeout = "ResponseTimeout" - - // ErrCodeInvalidPresignExpire is returned when the expire time provided to - // presign is invalid - ErrCodeInvalidPresignExpire = "InvalidPresignExpireError" - - // CanceledErrorCode is the error code that will be returned by an - // API request that was canceled. Requests given a aws.Context may - // return this error when canceled. - CanceledErrorCode = "RequestCanceled" - - // ErrCodeRequestError is an error preventing the SDK from continuing to - // process the request. - ErrCodeRequestError = "RequestError" -) - -// A Request is the service request to be made. -type Request struct { - Config aws.Config - ClientInfo metadata.ClientInfo - Handlers Handlers - - Retryer - AttemptTime time.Time - Time time.Time - Operation *Operation - HTTPRequest *http.Request - HTTPResponse *http.Response - Body io.ReadSeeker - streamingBody io.ReadCloser - BodyStart int64 // offset from beginning of Body that the request body starts - Params interface{} - Error error - Data interface{} - RequestID string - RetryCount int - Retryable *bool - RetryDelay time.Duration - NotHoist bool - SignedHeaderVals http.Header - LastSignedAt time.Time - DisableFollowRedirects bool - - // Additional API error codes that should be retried. IsErrorRetryable - // will consider these codes in addition to its built in cases. - RetryErrorCodes []string - - // Additional API error codes that should be retried with throttle backoff - // delay. IsErrorThrottle will consider these codes in addition to its - // built in cases. - ThrottleErrorCodes []string - - // A value greater than 0 instructs the request to be signed as Presigned URL - // You should not set this field directly. Instead use Request's - // Presign or PresignRequest methods. - ExpireTime time.Duration - - context aws.Context - - built bool - - // Need to persist an intermediate body between the input Body and HTTP - // request body because the HTTP Client's transport can maintain a reference - // to the HTTP request's body after the client has returned. This value is - // safe to use concurrently and wrap the input Body for each HTTP request. - safeBody *offsetReader -} - -// An Operation is the service API operation to be made. -type Operation struct { - Name string - HTTPMethod string - HTTPPath string - *Paginator - - BeforePresignFn func(r *Request) error -} - -// New returns a new Request pointer for the service API operation and -// parameters. -// -// A Retryer should be provided to direct how the request is retried. If -// Retryer is nil, a default no retry value will be used. You can use -// NoOpRetryer in the Client package to disable retry behavior directly. -// -// Params is any value of input parameters to be the request payload. -// Data is pointer value to an object which the request's response -// payload will be deserialized to. -func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers, - retryer Retryer, operation *Operation, params interface{}, data interface{}) *Request { - - if retryer == nil { - retryer = noOpRetryer{} - } - - method := operation.HTTPMethod - if method == "" { - method = "POST" - } - - httpReq, _ := http.NewRequest(method, "", nil) - - var err error - httpReq.URL, err = url.Parse(clientInfo.Endpoint) - if err != nil { - httpReq.URL = &url.URL{} - err = awserr.New("InvalidEndpointURL", "invalid endpoint uri", err) - } - - if len(operation.HTTPPath) != 0 { - opHTTPPath := operation.HTTPPath - var opQueryString string - if idx := strings.Index(opHTTPPath, "?"); idx >= 0 { - opQueryString = opHTTPPath[idx+1:] - opHTTPPath = opHTTPPath[:idx] - } - - if strings.HasSuffix(httpReq.URL.Path, "/") && strings.HasPrefix(opHTTPPath, "/") { - opHTTPPath = opHTTPPath[1:] - } - httpReq.URL.Path += opHTTPPath - httpReq.URL.RawQuery = opQueryString - } - - r := &Request{ - Config: cfg, - ClientInfo: clientInfo, - Handlers: handlers.Copy(), - - Retryer: retryer, - Time: time.Now(), - ExpireTime: 0, - Operation: operation, - HTTPRequest: httpReq, - Body: nil, - Params: params, - Error: err, - Data: data, - } - r.SetBufferBody([]byte{}) - - return r -} - -// A Option is a functional option that can augment or modify a request when -// using a WithContext API operation method. -type Option func(*Request) - -// WithGetResponseHeader builds a request Option which will retrieve a single -// header value from the HTTP Response. If there are multiple values for the -// header key use WithGetResponseHeaders instead to access the http.Header -// map directly. The passed in val pointer must be non-nil. -// -// This Option can be used multiple times with a single API operation. -// -// var id2, versionID string -// svc.PutObjectWithContext(ctx, params, -// request.WithGetResponseHeader("x-amz-id-2", &id2), -// request.WithGetResponseHeader("x-amz-version-id", &versionID), -// ) -func WithGetResponseHeader(key string, val *string) Option { - return func(r *Request) { - r.Handlers.Complete.PushBack(func(req *Request) { - *val = req.HTTPResponse.Header.Get(key) - }) - } -} - -// WithGetResponseHeaders builds a request Option which will retrieve the -// headers from the HTTP response and assign them to the passed in headers -// variable. The passed in headers pointer must be non-nil. -// -// var headers http.Header -// svc.PutObjectWithContext(ctx, params, request.WithGetResponseHeaders(&headers)) -func WithGetResponseHeaders(headers *http.Header) Option { - return func(r *Request) { - r.Handlers.Complete.PushBack(func(req *Request) { - *headers = req.HTTPResponse.Header - }) - } -} - -// WithLogLevel is a request option that will set the request to use a specific -// log level when the request is made. -// -// svc.PutObjectWithContext(ctx, params, request.WithLogLevel(aws.LogDebugWithHTTPBody) -func WithLogLevel(l aws.LogLevelType) Option { - return func(r *Request) { - r.Config.LogLevel = aws.LogLevel(l) - } -} - -// ApplyOptions will apply each option to the request calling them in the order -// the were provided. -func (r *Request) ApplyOptions(opts ...Option) { - for _, opt := range opts { - opt(r) - } -} - -// Context will always returns a non-nil context. If Request does not have a -// context aws.BackgroundContext will be returned. -func (r *Request) Context() aws.Context { - if r.context != nil { - return r.context - } - return aws.BackgroundContext() -} - -// SetContext adds a Context to the current request that can be used to cancel -// a in-flight request. The Context value must not be nil, or this method will -// panic. -// -// Unlike http.Request.WithContext, SetContext does not return a copy of the -// Request. It is not safe to use use a single Request value for multiple -// requests. A new Request should be created for each API operation request. -// -// Go 1.6 and below: -// The http.Request's Cancel field will be set to the Done() value of -// the context. This will overwrite the Cancel field's value. -// -// Go 1.7 and above: -// The http.Request.WithContext will be used to set the context on the underlying -// http.Request. This will create a shallow copy of the http.Request. The SDK -// may create sub contexts in the future for nested requests such as retries. -func (r *Request) SetContext(ctx aws.Context) { - if ctx == nil { - panic("context cannot be nil") - } - setRequestContext(r, ctx) -} - -// WillRetry returns if the request's can be retried. -func (r *Request) WillRetry() bool { - if !aws.IsReaderSeekable(r.Body) && r.HTTPRequest.Body != NoBody { - return false - } - return r.Error != nil && aws.BoolValue(r.Retryable) && r.RetryCount < r.MaxRetries() -} - -func fmtAttemptCount(retryCount, maxRetries int) string { - return fmt.Sprintf("attempt %v/%v", retryCount, maxRetries) -} - -// ParamsFilled returns if the request's parameters have been populated -// and the parameters are valid. False is returned if no parameters are -// provided or invalid. -func (r *Request) ParamsFilled() bool { - return r.Params != nil && reflect.ValueOf(r.Params).Elem().IsValid() -} - -// DataFilled returns true if the request's data for response deserialization -// target has been set and is a valid. False is returned if data is not -// set, or is invalid. -func (r *Request) DataFilled() bool { - return r.Data != nil && reflect.ValueOf(r.Data).Elem().IsValid() -} - -// SetBufferBody will set the request's body bytes that will be sent to -// the service API. -func (r *Request) SetBufferBody(buf []byte) { - r.SetReaderBody(bytes.NewReader(buf)) -} - -// SetStringBody sets the body of the request to be backed by a string. -func (r *Request) SetStringBody(s string) { - r.SetReaderBody(strings.NewReader(s)) -} - -// SetReaderBody will set the request's body reader. -func (r *Request) SetReaderBody(reader io.ReadSeeker) { - r.Body = reader - - if aws.IsReaderSeekable(reader) { - var err error - // Get the Bodies current offset so retries will start from the same - // initial position. - r.BodyStart, err = reader.Seek(0, sdkio.SeekCurrent) - if err != nil { - r.Error = awserr.New(ErrCodeSerialization, - "failed to determine start of request body", err) - return - } - } - r.ResetBody() -} - -// SetStreamingBody set the reader to be used for the request that will stream -// bytes to the server. Request's Body must not be set to any reader. -func (r *Request) SetStreamingBody(reader io.ReadCloser) { - r.streamingBody = reader - r.SetReaderBody(aws.ReadSeekCloser(reader)) -} - -// Presign returns the request's signed URL. Error will be returned -// if the signing fails. The expire parameter is only used for presigned Amazon -// S3 API requests. All other AWS services will use a fixed expiration -// time of 15 minutes. -// -// It is invalid to create a presigned URL with a expire duration 0 or less. An -// error is returned if expire duration is 0 or less. -func (r *Request) Presign(expire time.Duration) (string, error) { - r = r.copy() - - // Presign requires all headers be hoisted. There is no way to retrieve - // the signed headers not hoisted without this. Making the presigned URL - // useless. - r.NotHoist = false - - u, _, err := getPresignedURL(r, expire) - return u, err -} - -// PresignRequest behaves just like presign, with the addition of returning a -// set of headers that were signed. The expire parameter is only used for -// presigned Amazon S3 API requests. All other AWS services will use a fixed -// expiration time of 15 minutes. -// -// It is invalid to create a presigned URL with a expire duration 0 or less. An -// error is returned if expire duration is 0 or less. -// -// Returns the URL string for the API operation with signature in the query string, -// and the HTTP headers that were included in the signature. These headers must -// be included in any HTTP request made with the presigned URL. -// -// To prevent hoisting any headers to the query string set NotHoist to true on -// this Request value prior to calling PresignRequest. -func (r *Request) PresignRequest(expire time.Duration) (string, http.Header, error) { - r = r.copy() - return getPresignedURL(r, expire) -} - -// IsPresigned returns true if the request represents a presigned API url. -func (r *Request) IsPresigned() bool { - return r.ExpireTime != 0 -} - -func getPresignedURL(r *Request, expire time.Duration) (string, http.Header, error) { - if expire <= 0 { - return "", nil, awserr.New( - ErrCodeInvalidPresignExpire, - "presigned URL requires an expire duration greater than 0", - nil, - ) - } - - r.ExpireTime = expire - - if r.Operation.BeforePresignFn != nil { - if err := r.Operation.BeforePresignFn(r); err != nil { - return "", nil, err - } - } - - if err := r.Sign(); err != nil { - return "", nil, err - } - - return r.HTTPRequest.URL.String(), r.SignedHeaderVals, nil -} - -const ( - notRetrying = "not retrying" -) - -func debugLogReqError(r *Request, stage, retryStr string, err error) { - if !r.Config.LogLevel.Matches(aws.LogDebugWithRequestErrors) { - return - } - - r.Config.Logger.Log(fmt.Sprintf("DEBUG: %s %s/%s failed, %s, error %v", - stage, r.ClientInfo.ServiceName, r.Operation.Name, retryStr, err)) -} - -// Build will build the request's object so it can be signed and sent -// to the service. Build will also validate all the request's parameters. -// Any additional build Handlers set on this request will be run -// in the order they were set. -// -// The request will only be built once. Multiple calls to build will have -// no effect. -// -// If any Validate or Build errors occur the build will stop and the error -// which occurred will be returned. -func (r *Request) Build() error { - if !r.built { - r.Handlers.Validate.Run(r) - if r.Error != nil { - debugLogReqError(r, "Validate Request", notRetrying, r.Error) - return r.Error - } - r.Handlers.Build.Run(r) - if r.Error != nil { - debugLogReqError(r, "Build Request", notRetrying, r.Error) - return r.Error - } - r.built = true - } - - return r.Error -} - -// Sign will sign the request, returning error if errors are encountered. -// -// Sign will build the request prior to signing. All Sign Handlers will -// be executed in the order they were set. -func (r *Request) Sign() error { - r.Build() - if r.Error != nil { - debugLogReqError(r, "Build Request", notRetrying, r.Error) - return r.Error - } - - SanitizeHostForHeader(r.HTTPRequest) - - r.Handlers.Sign.Run(r) - return r.Error -} - -func (r *Request) getNextRequestBody() (body io.ReadCloser, err error) { - if r.streamingBody != nil { - return r.streamingBody, nil - } - - if r.safeBody != nil { - r.safeBody.Close() - } - - r.safeBody, err = newOffsetReader(r.Body, r.BodyStart) - if err != nil { - return nil, awserr.New(ErrCodeSerialization, - "failed to get next request body reader", err) - } - - // Go 1.8 tightened and clarified the rules code needs to use when building - // requests with the http package. Go 1.8 removed the automatic detection - // of if the Request.Body was empty, or actually had bytes in it. The SDK - // always sets the Request.Body even if it is empty and should not actually - // be sent. This is incorrect. - // - // Go 1.8 did add a http.NoBody value that the SDK can use to tell the http - // client that the request really should be sent without a body. The - // Request.Body cannot be set to nil, which is preferable, because the - // field is exported and could introduce nil pointer dereferences for users - // of the SDK if they used that field. - // - // Related golang/go#18257 - l, err := aws.SeekerLen(r.Body) - if err != nil { - return nil, awserr.New(ErrCodeSerialization, - "failed to compute request body size", err) - } - - if l == 0 { - body = NoBody - } else if l > 0 { - body = r.safeBody - } else { - // Hack to prevent sending bodies for methods where the body - // should be ignored by the server. Sending bodies on these - // methods without an associated ContentLength will cause the - // request to socket timeout because the server does not handle - // Transfer-Encoding: chunked bodies for these methods. - // - // This would only happen if a aws.ReaderSeekerCloser was used with - // a io.Reader that was not also an io.Seeker, or did not implement - // Len() method. - switch r.Operation.HTTPMethod { - case "GET", "HEAD", "DELETE": - body = NoBody - default: - body = r.safeBody - } - } - - return body, nil -} - -// GetBody will return an io.ReadSeeker of the Request's underlying -// input body with a concurrency safe wrapper. -func (r *Request) GetBody() io.ReadSeeker { - return r.safeBody -} - -// Send will send the request, returning error if errors are encountered. -// -// Send will sign the request prior to sending. All Send Handlers will -// be executed in the order they were set. -// -// Canceling a request is non-deterministic. If a request has been canceled, -// then the transport will choose, randomly, one of the state channels during -// reads or getting the connection. -// -// readLoop() and getConn(req *Request, cm connectMethod) -// https://github.com/golang/go/blob/master/src/net/http/transport.go -// -// Send will not close the request.Request's body. -func (r *Request) Send() error { - defer func() { - // Ensure a non-nil HTTPResponse parameter is set to ensure handlers - // checking for HTTPResponse values, don't fail. - if r.HTTPResponse == nil { - r.HTTPResponse = &http.Response{ - Header: http.Header{}, - Body: ioutil.NopCloser(&bytes.Buffer{}), - } - } - // Regardless of success or failure of the request trigger the Complete - // request handlers. - r.Handlers.Complete.Run(r) - }() - - if err := r.Error; err != nil { - return err - } - - for { - r.Error = nil - r.AttemptTime = time.Now() - - if err := r.Sign(); err != nil { - debugLogReqError(r, "Sign Request", notRetrying, err) - return err - } - - if err := r.sendRequest(); err == nil { - return nil - } - r.Handlers.Retry.Run(r) - r.Handlers.AfterRetry.Run(r) - - if r.Error != nil || !aws.BoolValue(r.Retryable) { - return r.Error - } - - if err := r.prepareRetry(); err != nil { - r.Error = err - return err - } - } -} - -func (r *Request) prepareRetry() error { - if r.Config.LogLevel.Matches(aws.LogDebugWithRequestRetries) { - r.Config.Logger.Log(fmt.Sprintf("DEBUG: Retrying Request %s/%s, attempt %d", - r.ClientInfo.ServiceName, r.Operation.Name, r.RetryCount)) - } - - // The previous http.Request will have a reference to the r.Body - // and the HTTP Client's Transport may still be reading from - // the request's body even though the Client's Do returned. - r.HTTPRequest = copyHTTPRequest(r.HTTPRequest, nil) - r.ResetBody() - if err := r.Error; err != nil { - return awserr.New(ErrCodeSerialization, - "failed to prepare body for retry", err) - - } - - // Closing response body to ensure that no response body is leaked - // between retry attempts. - if r.HTTPResponse != nil && r.HTTPResponse.Body != nil { - r.HTTPResponse.Body.Close() - } - - return nil -} - -func (r *Request) sendRequest() (sendErr error) { - defer r.Handlers.CompleteAttempt.Run(r) - - r.Retryable = nil - r.Handlers.Send.Run(r) - if r.Error != nil { - debugLogReqError(r, "Send Request", - fmtAttemptCount(r.RetryCount, r.MaxRetries()), - r.Error) - return r.Error - } - - r.Handlers.UnmarshalMeta.Run(r) - r.Handlers.ValidateResponse.Run(r) - if r.Error != nil { - r.Handlers.UnmarshalError.Run(r) - debugLogReqError(r, "Validate Response", - fmtAttemptCount(r.RetryCount, r.MaxRetries()), - r.Error) - return r.Error - } - - r.Handlers.Unmarshal.Run(r) - if r.Error != nil { - debugLogReqError(r, "Unmarshal Response", - fmtAttemptCount(r.RetryCount, r.MaxRetries()), - r.Error) - return r.Error - } - - return nil -} - -// copy will copy a request which will allow for local manipulation of the -// request. -func (r *Request) copy() *Request { - req := &Request{} - *req = *r - req.Handlers = r.Handlers.Copy() - op := *r.Operation - req.Operation = &op - return req -} - -// AddToUserAgent adds the string to the end of the request's current user agent. -func AddToUserAgent(r *Request, s string) { - curUA := r.HTTPRequest.Header.Get("User-Agent") - if len(curUA) > 0 { - s = curUA + " " + s - } - r.HTTPRequest.Header.Set("User-Agent", s) -} - -// SanitizeHostForHeader removes default port from host and updates request.Host -func SanitizeHostForHeader(r *http.Request) { - host := getHost(r) - port := portOnly(host) - if port != "" && isDefaultPort(r.URL.Scheme, port) { - r.Host = stripPort(host) - } -} - -// Returns host from request -func getHost(r *http.Request) string { - if r.Host != "" { - return r.Host - } - - if r.URL == nil { - return "" - } - - return r.URL.Host -} - -// Hostname returns u.Host, without any port number. -// -// If Host is an IPv6 literal with a port number, Hostname returns the -// IPv6 literal without the square brackets. IPv6 literals may include -// a zone identifier. -// -// Copied from the Go 1.8 standard library (net/url) -func stripPort(hostport string) string { - colon := strings.IndexByte(hostport, ':') - if colon == -1 { - return hostport - } - if i := strings.IndexByte(hostport, ']'); i != -1 { - return strings.TrimPrefix(hostport[:i], "[") - } - return hostport[:colon] -} - -// Port returns the port part of u.Host, without the leading colon. -// If u.Host doesn't contain a port, Port returns an empty string. -// -// Copied from the Go 1.8 standard library (net/url) -func portOnly(hostport string) string { - colon := strings.IndexByte(hostport, ':') - if colon == -1 { - return "" - } - if i := strings.Index(hostport, "]:"); i != -1 { - return hostport[i+len("]:"):] - } - if strings.Contains(hostport, "]") { - return "" - } - return hostport[colon+len(":"):] -} - -// Returns true if the specified URI is using the standard port -// (i.e. port 80 for HTTP URIs or 443 for HTTPS URIs) -func isDefaultPort(scheme, port string) bool { - if port == "" { - return true - } - - lowerCaseScheme := strings.ToLower(scheme) - if (lowerCaseScheme == "http" && port == "80") || (lowerCaseScheme == "https" && port == "443") { - return true - } - - return false -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_7.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_7.go deleted file mode 100644 index 5921b8ff..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_7.go +++ /dev/null @@ -1,40 +0,0 @@ -//go:build !go1.8 -// +build !go1.8 - -package request - -import "io" - -// NoBody is an io.ReadCloser with no bytes. Read always returns EOF -// and Close always returns nil. It can be used in an outgoing client -// request to explicitly signal that a request has zero bytes. -// An alternative, however, is to simply set Request.Body to nil. -// -// Copy of Go 1.8 NoBody type from net/http/http.go -type noBody struct{} - -func (noBody) Read([]byte) (int, error) { return 0, io.EOF } -func (noBody) Close() error { return nil } -func (noBody) WriteTo(io.Writer) (int64, error) { return 0, nil } - -// NoBody is an empty reader that will trigger the Go HTTP client to not include -// and body in the HTTP request. -var NoBody = noBody{} - -// ResetBody rewinds the request body back to its starting position, and -// sets the HTTP Request body reference. When the body is read prior -// to being sent in the HTTP request it will need to be rewound. -// -// ResetBody will automatically be called by the SDK's build handler, but if -// the request is being used directly ResetBody must be called before the request -// is Sent. SetStringBody, SetBufferBody, and SetReaderBody will automatically -// call ResetBody. -func (r *Request) ResetBody() { - body, err := r.getNextRequestBody() - if err != nil { - r.Error = err - return - } - - r.HTTPRequest.Body = body -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go deleted file mode 100644 index ea643c9c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go +++ /dev/null @@ -1,37 +0,0 @@ -//go:build go1.8 -// +build go1.8 - -package request - -import ( - "net/http" - - "github.com/aws/aws-sdk-go/aws/awserr" -) - -// NoBody is a http.NoBody reader instructing Go HTTP client to not include -// and body in the HTTP request. -var NoBody = http.NoBody - -// ResetBody rewinds the request body back to its starting position, and -// sets the HTTP Request body reference. When the body is read prior -// to being sent in the HTTP request it will need to be rewound. -// -// ResetBody will automatically be called by the SDK's build handler, but if -// the request is being used directly ResetBody must be called before the request -// is Sent. SetStringBody, SetBufferBody, and SetReaderBody will automatically -// call ResetBody. -// -// Will also set the Go 1.8's http.Request.GetBody member to allow retrying -// PUT/POST redirects. -func (r *Request) ResetBody() { - body, err := r.getNextRequestBody() - if err != nil { - r.Error = awserr.New(ErrCodeSerialization, - "failed to reset request body", err) - return - } - - r.HTTPRequest.Body = body - r.HTTPRequest.GetBody = r.getNextRequestBody -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_context.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_context.go deleted file mode 100644 index d8c50530..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_context.go +++ /dev/null @@ -1,15 +0,0 @@ -//go:build go1.7 -// +build go1.7 - -package request - -import "github.com/aws/aws-sdk-go/aws" - -// setContext updates the Request to use the passed in context for cancellation. -// Context will also be used for request retry delay. -// -// Creates shallow copy of the http.Request with the WithContext method. -func setRequestContext(r *Request, ctx aws.Context) { - r.context = ctx - r.HTTPRequest = r.HTTPRequest.WithContext(ctx) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_context_1_6.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_context_1_6.go deleted file mode 100644 index 49a243ef..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_context_1_6.go +++ /dev/null @@ -1,15 +0,0 @@ -//go:build !go1.7 -// +build !go1.7 - -package request - -import "github.com/aws/aws-sdk-go/aws" - -// setContext updates the Request to use the passed in context for cancellation. -// Context will also be used for request retry delay. -// -// Creates shallow copy of the http.Request with the WithContext method. -func setRequestContext(r *Request, ctx aws.Context) { - r.context = ctx - r.HTTPRequest.Cancel = ctx.Done() -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go b/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go deleted file mode 100644 index 64784e16..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/request_pagination.go +++ /dev/null @@ -1,266 +0,0 @@ -package request - -import ( - "reflect" - "sync/atomic" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awsutil" -) - -// A Pagination provides paginating of SDK API operations which are paginatable. -// Generally you should not use this type directly, but use the "Pages" API -// operations method to automatically perform pagination for you. Such as, -// "S3.ListObjectsPages", and "S3.ListObjectsPagesWithContext" methods. -// -// Pagination differs from a Paginator type in that pagination is the type that -// does the pagination between API operations, and Paginator defines the -// configuration that will be used per page request. -// -// for p.Next() { -// data := p.Page().(*s3.ListObjectsOutput) -// // process the page's data -// // ... -// // break out of loop to stop fetching additional pages -// } -// -// return p.Err() -// -// See service client API operation Pages methods for examples how the SDK will -// use the Pagination type. -type Pagination struct { - // Function to return a Request value for each pagination request. - // Any configuration or handlers that need to be applied to the request - // prior to getting the next page should be done here before the request - // returned. - // - // NewRequest should always be built from the same API operations. It is - // undefined if different API operations are returned on subsequent calls. - NewRequest func() (*Request, error) - // EndPageOnSameToken, when enabled, will allow the paginator to stop on - // token that are the same as its previous tokens. - EndPageOnSameToken bool - - started bool - prevTokens []interface{} - nextTokens []interface{} - - err error - curPage interface{} -} - -// HasNextPage will return true if Pagination is able to determine that the API -// operation has additional pages. False will be returned if there are no more -// pages remaining. -// -// Will always return true if Next has not been called yet. -func (p *Pagination) HasNextPage() bool { - if !p.started { - return true - } - - hasNextPage := len(p.nextTokens) != 0 - if p.EndPageOnSameToken { - return hasNextPage && !awsutil.DeepEqual(p.nextTokens, p.prevTokens) - } - return hasNextPage -} - -// Err returns the error Pagination encountered when retrieving the next page. -func (p *Pagination) Err() error { - return p.err -} - -// Page returns the current page. Page should only be called after a successful -// call to Next. It is undefined what Page will return if Page is called after -// Next returns false. -func (p *Pagination) Page() interface{} { - return p.curPage -} - -// Next will attempt to retrieve the next page for the API operation. When a page -// is retrieved true will be returned. If the page cannot be retrieved, or there -// are no more pages false will be returned. -// -// Use the Page method to retrieve the current page data. The data will need -// to be cast to the API operation's output type. -// -// Use the Err method to determine if an error occurred if Page returns false. -func (p *Pagination) Next() bool { - if !p.HasNextPage() { - return false - } - - req, err := p.NewRequest() - if err != nil { - p.err = err - return false - } - - if p.started { - for i, intok := range req.Operation.InputTokens { - awsutil.SetValueAtPath(req.Params, intok, p.nextTokens[i]) - } - } - p.started = true - - err = req.Send() - if err != nil { - p.err = err - return false - } - - p.prevTokens = p.nextTokens - p.nextTokens = req.nextPageTokens() - p.curPage = req.Data - - return true -} - -// A Paginator is the configuration data that defines how an API operation -// should be paginated. This type is used by the API service models to define -// the generated pagination config for service APIs. -// -// The Pagination type is what provides iterating between pages of an API. It -// is only used to store the token metadata the SDK should use for performing -// pagination. -type Paginator struct { - InputTokens []string - OutputTokens []string - LimitToken string - TruncationToken string -} - -// nextPageTokens returns the tokens to use when asking for the next page of data. -func (r *Request) nextPageTokens() []interface{} { - if r.Operation.Paginator == nil { - return nil - } - if r.Operation.TruncationToken != "" { - tr, _ := awsutil.ValuesAtPath(r.Data, r.Operation.TruncationToken) - if len(tr) == 0 { - return nil - } - - switch v := tr[0].(type) { - case *bool: - if !aws.BoolValue(v) { - return nil - } - case bool: - if !v { - return nil - } - } - } - - tokens := []interface{}{} - tokenAdded := false - for _, outToken := range r.Operation.OutputTokens { - vs, _ := awsutil.ValuesAtPath(r.Data, outToken) - if len(vs) == 0 { - tokens = append(tokens, nil) - continue - } - v := vs[0] - - switch tv := v.(type) { - case *string: - if len(aws.StringValue(tv)) == 0 { - tokens = append(tokens, nil) - continue - } - case string: - if len(tv) == 0 { - tokens = append(tokens, nil) - continue - } - } - - tokenAdded = true - tokens = append(tokens, v) - } - if !tokenAdded { - return nil - } - - return tokens -} - -// Ensure a deprecated item is only logged once instead of each time its used. -func logDeprecatedf(logger aws.Logger, flag *int32, msg string) { - if logger == nil { - return - } - if atomic.CompareAndSwapInt32(flag, 0, 1) { - logger.Log(msg) - } -} - -var ( - logDeprecatedHasNextPage int32 - logDeprecatedNextPage int32 - logDeprecatedEachPage int32 -) - -// HasNextPage returns true if this request has more pages of data available. -// -// Deprecated Use Pagination type for configurable pagination of API operations -func (r *Request) HasNextPage() bool { - logDeprecatedf(r.Config.Logger, &logDeprecatedHasNextPage, - "Request.HasNextPage deprecated. Use Pagination type for configurable pagination of API operations") - - return len(r.nextPageTokens()) > 0 -} - -// NextPage returns a new Request that can be executed to return the next -// page of result data. Call .Send() on this request to execute it. -// -// Deprecated Use Pagination type for configurable pagination of API operations -func (r *Request) NextPage() *Request { - logDeprecatedf(r.Config.Logger, &logDeprecatedNextPage, - "Request.NextPage deprecated. Use Pagination type for configurable pagination of API operations") - - tokens := r.nextPageTokens() - if len(tokens) == 0 { - return nil - } - - data := reflect.New(reflect.TypeOf(r.Data).Elem()).Interface() - nr := New(r.Config, r.ClientInfo, r.Handlers, r.Retryer, r.Operation, awsutil.CopyOf(r.Params), data) - for i, intok := range nr.Operation.InputTokens { - awsutil.SetValueAtPath(nr.Params, intok, tokens[i]) - } - return nr -} - -// EachPage iterates over each page of a paginated request object. The fn -// parameter should be a function with the following sample signature: -// -// func(page *T, lastPage bool) bool { -// return true // return false to stop iterating -// } -// -// Where "T" is the structure type matching the output structure of the given -// operation. For example, a request object generated by -// DynamoDB.ListTablesRequest() would expect to see dynamodb.ListTablesOutput -// as the structure "T". The lastPage value represents whether the page is -// the last page of data or not. The return value of this function should -// return true to keep iterating or false to stop. -// -// Deprecated Use Pagination type for configurable pagination of API operations -func (r *Request) EachPage(fn func(data interface{}, isLastPage bool) (shouldContinue bool)) error { - logDeprecatedf(r.Config.Logger, &logDeprecatedEachPage, - "Request.EachPage deprecated. Use Pagination type for configurable pagination of API operations") - - for page := r; page != nil; page = page.NextPage() { - if err := page.Send(); err != nil { - return err - } - if getNextPage := fn(page.Data, !page.HasNextPage()); !getNextPage { - return page.Error - } - } - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go b/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go deleted file mode 100644 index 3f0001f9..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go +++ /dev/null @@ -1,309 +0,0 @@ -package request - -import ( - "net" - "net/url" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" -) - -// Retryer provides the interface drive the SDK's request retry behavior. The -// Retryer implementation is responsible for implementing exponential backoff, -// and determine if a request API error should be retried. -// -// client.DefaultRetryer is the SDK's default implementation of the Retryer. It -// uses the Request.IsErrorRetryable and Request.IsErrorThrottle methods to -// determine if the request is retried. -type Retryer interface { - // RetryRules return the retry delay that should be used by the SDK before - // making another request attempt for the failed request. - RetryRules(*Request) time.Duration - - // ShouldRetry returns if the failed request is retryable. - // - // Implementations may consider request attempt count when determining if a - // request is retryable, but the SDK will use MaxRetries to limit the - // number of attempts a request are made. - ShouldRetry(*Request) bool - - // MaxRetries is the number of times a request may be retried before - // failing. - MaxRetries() int -} - -// WithRetryer sets a Retryer value to the given Config returning the Config -// value for chaining. The value must not be nil. -func WithRetryer(cfg *aws.Config, retryer Retryer) *aws.Config { - if retryer == nil { - if cfg.Logger != nil { - cfg.Logger.Log("ERROR: Request.WithRetryer called with nil retryer. Replacing with retry disabled Retryer.") - } - retryer = noOpRetryer{} - } - cfg.Retryer = retryer - return cfg - -} - -// noOpRetryer is a internal no op retryer used when a request is created -// without a retryer. -// -// Provides a retryer that performs no retries. -// It should be used when we do not want retries to be performed. -type noOpRetryer struct{} - -// MaxRetries returns the number of maximum returns the service will use to make -// an individual API; For NoOpRetryer the MaxRetries will always be zero. -func (d noOpRetryer) MaxRetries() int { - return 0 -} - -// ShouldRetry will always return false for NoOpRetryer, as it should never retry. -func (d noOpRetryer) ShouldRetry(_ *Request) bool { - return false -} - -// RetryRules returns the delay duration before retrying this request again; -// since NoOpRetryer does not retry, RetryRules always returns 0. -func (d noOpRetryer) RetryRules(_ *Request) time.Duration { - return 0 -} - -// retryableCodes is a collection of service response codes which are retry-able -// without any further action. -var retryableCodes = map[string]struct{}{ - ErrCodeRequestError: {}, - "RequestTimeout": {}, - ErrCodeResponseTimeout: {}, - "RequestTimeoutException": {}, // Glacier's flavor of RequestTimeout -} - -var throttleCodes = map[string]struct{}{ - "ProvisionedThroughputExceededException": {}, - "ThrottledException": {}, // SNS, XRay, ResourceGroupsTagging API - "Throttling": {}, - "ThrottlingException": {}, - "RequestLimitExceeded": {}, - "RequestThrottled": {}, - "RequestThrottledException": {}, - "TooManyRequestsException": {}, // Lambda functions - "PriorRequestNotComplete": {}, // Route53 - "TransactionInProgressException": {}, - "EC2ThrottledException": {}, // EC2 -} - -// credsExpiredCodes is a collection of error codes which signify the credentials -// need to be refreshed. Expired tokens require refreshing of credentials, and -// resigning before the request can be retried. -var credsExpiredCodes = map[string]struct{}{ - "ExpiredToken": {}, - "ExpiredTokenException": {}, - "RequestExpired": {}, // EC2 Only -} - -func isCodeThrottle(code string) bool { - _, ok := throttleCodes[code] - return ok -} - -func isCodeRetryable(code string) bool { - if _, ok := retryableCodes[code]; ok { - return true - } - - return isCodeExpiredCreds(code) -} - -func isCodeExpiredCreds(code string) bool { - _, ok := credsExpiredCodes[code] - return ok -} - -var validParentCodes = map[string]struct{}{ - ErrCodeSerialization: {}, - ErrCodeRead: {}, -} - -func isNestedErrorRetryable(parentErr awserr.Error) bool { - if parentErr == nil { - return false - } - - if _, ok := validParentCodes[parentErr.Code()]; !ok { - return false - } - - err := parentErr.OrigErr() - if err == nil { - return false - } - - if aerr, ok := err.(awserr.Error); ok { - return isCodeRetryable(aerr.Code()) - } - - if t, ok := err.(temporary); ok { - return t.Temporary() || isErrConnectionReset(err) - } - - return isErrConnectionReset(err) -} - -// IsErrorRetryable returns whether the error is retryable, based on its Code. -// Returns false if error is nil. -func IsErrorRetryable(err error) bool { - if err == nil { - return false - } - return shouldRetryError(err) -} - -type temporary interface { - Temporary() bool -} - -func shouldRetryError(origErr error) bool { - switch err := origErr.(type) { - case awserr.Error: - if err.Code() == CanceledErrorCode { - return false - } - if isNestedErrorRetryable(err) { - return true - } - - origErr := err.OrigErr() - var shouldRetry bool - if origErr != nil { - shouldRetry = shouldRetryError(origErr) - if err.Code() == ErrCodeRequestError && !shouldRetry { - return false - } - } - if isCodeRetryable(err.Code()) { - return true - } - return shouldRetry - - case *url.Error: - if strings.Contains(err.Error(), "connection refused") { - // Refused connections should be retried as the service may not yet - // be running on the port. Go TCP dial considers refused - // connections as not temporary. - return true - } - // *url.Error only implements Temporary after golang 1.6 but since - // url.Error only wraps the error: - return shouldRetryError(err.Err) - - case temporary: - if netErr, ok := err.(*net.OpError); ok && netErr.Op == "dial" { - return true - } - // If the error is temporary, we want to allow continuation of the - // retry process - return err.Temporary() || isErrConnectionReset(origErr) - - case nil: - // `awserr.Error.OrigErr()` can be nil, meaning there was an error but - // because we don't know the cause, it is marked as retryable. See - // TestRequest4xxUnretryable for an example. - return true - - default: - switch err.Error() { - case "net/http: request canceled", - "net/http: request canceled while waiting for connection": - // known 1.5 error case when an http request is cancelled - return false - } - // here we don't know the error; so we allow a retry. - return true - } -} - -// IsErrorThrottle returns whether the error is to be throttled based on its code. -// Returns false if error is nil. -func IsErrorThrottle(err error) bool { - if aerr, ok := err.(awserr.Error); ok && aerr != nil { - return isCodeThrottle(aerr.Code()) - } - return false -} - -// IsErrorExpiredCreds returns whether the error code is a credential expiry -// error. Returns false if error is nil. -func IsErrorExpiredCreds(err error) bool { - if aerr, ok := err.(awserr.Error); ok && aerr != nil { - return isCodeExpiredCreds(aerr.Code()) - } - return false -} - -// IsErrorRetryable returns whether the error is retryable, based on its Code. -// Returns false if the request has no Error set. -// -// Alias for the utility function IsErrorRetryable -func (r *Request) IsErrorRetryable() bool { - if isErrCode(r.Error, r.RetryErrorCodes) { - return true - } - - // HTTP response status code 501 should not be retried. - // 501 represents Not Implemented which means the request method is not - // supported by the server and cannot be handled. - if r.HTTPResponse != nil { - // HTTP response status code 500 represents internal server error and - // should be retried without any throttle. - if r.HTTPResponse.StatusCode == 500 { - return true - } - } - return IsErrorRetryable(r.Error) -} - -// IsErrorThrottle returns whether the error is to be throttled based on its -// code. Returns false if the request has no Error set. -// -// Alias for the utility function IsErrorThrottle -func (r *Request) IsErrorThrottle() bool { - if isErrCode(r.Error, r.ThrottleErrorCodes) { - return true - } - - if r.HTTPResponse != nil { - switch r.HTTPResponse.StatusCode { - case - 429, // error caused due to too many requests - 502, // Bad Gateway error should be throttled - 503, // caused when service is unavailable - 504: // error occurred due to gateway timeout - return true - } - } - - return IsErrorThrottle(r.Error) -} - -func isErrCode(err error, codes []string) bool { - if aerr, ok := err.(awserr.Error); ok && aerr != nil { - for _, code := range codes { - if code == aerr.Code() { - return true - } - } - } - - return false -} - -// IsErrorExpired returns whether the error code is a credential expiry error. -// Returns false if the request has no Error set. -// -// Alias for the utility function IsErrorExpiredCreds -func (r *Request) IsErrorExpired() bool { - return IsErrorExpiredCreds(r.Error) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/timeout_read_closer.go b/vendor/github.com/aws/aws-sdk-go/aws/request/timeout_read_closer.go deleted file mode 100644 index 09a44eb9..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/timeout_read_closer.go +++ /dev/null @@ -1,94 +0,0 @@ -package request - -import ( - "io" - "time" - - "github.com/aws/aws-sdk-go/aws/awserr" -) - -var timeoutErr = awserr.New( - ErrCodeResponseTimeout, - "read on body has reached the timeout limit", - nil, -) - -type readResult struct { - n int - err error -} - -// timeoutReadCloser will handle body reads that take too long. -// We will return a ErrReadTimeout error if a timeout occurs. -type timeoutReadCloser struct { - reader io.ReadCloser - duration time.Duration -} - -// Read will spin off a goroutine to call the reader's Read method. We will -// select on the timer's channel or the read's channel. Whoever completes first -// will be returned. -func (r *timeoutReadCloser) Read(b []byte) (int, error) { - timer := time.NewTimer(r.duration) - c := make(chan readResult, 1) - - go func() { - n, err := r.reader.Read(b) - timer.Stop() - c <- readResult{n: n, err: err} - }() - - select { - case data := <-c: - return data.n, data.err - case <-timer.C: - return 0, timeoutErr - } -} - -func (r *timeoutReadCloser) Close() error { - return r.reader.Close() -} - -const ( - // HandlerResponseTimeout is what we use to signify the name of the - // response timeout handler. - HandlerResponseTimeout = "ResponseTimeoutHandler" -) - -// adaptToResponseTimeoutError is a handler that will replace any top level error -// to a ErrCodeResponseTimeout, if its child is that. -func adaptToResponseTimeoutError(req *Request) { - if err, ok := req.Error.(awserr.Error); ok { - aerr, ok := err.OrigErr().(awserr.Error) - if ok && aerr.Code() == ErrCodeResponseTimeout { - req.Error = aerr - } - } -} - -// WithResponseReadTimeout is a request option that will wrap the body in a timeout read closer. -// This will allow for per read timeouts. If a timeout occurred, we will return the -// ErrCodeResponseTimeout. -// -// svc.PutObjectWithContext(ctx, params, request.WithTimeoutReadCloser(30 * time.Second) -func WithResponseReadTimeout(duration time.Duration) Option { - return func(r *Request) { - - var timeoutHandler = NamedHandler{ - HandlerResponseTimeout, - func(req *Request) { - req.HTTPResponse.Body = &timeoutReadCloser{ - reader: req.HTTPResponse.Body, - duration: duration, - } - }} - - // remove the handler so we are not stomping over any new durations. - r.Handlers.Send.RemoveByName(HandlerResponseTimeout) - r.Handlers.Send.PushBackNamed(timeoutHandler) - - r.Handlers.Unmarshal.PushBack(adaptToResponseTimeoutError) - r.Handlers.UnmarshalError.PushBack(adaptToResponseTimeoutError) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/validation.go b/vendor/github.com/aws/aws-sdk-go/aws/request/validation.go deleted file mode 100644 index 8630683f..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/validation.go +++ /dev/null @@ -1,286 +0,0 @@ -package request - -import ( - "bytes" - "fmt" - - "github.com/aws/aws-sdk-go/aws/awserr" -) - -const ( - // InvalidParameterErrCode is the error code for invalid parameters errors - InvalidParameterErrCode = "InvalidParameter" - // ParamRequiredErrCode is the error code for required parameter errors - ParamRequiredErrCode = "ParamRequiredError" - // ParamMinValueErrCode is the error code for fields with too low of a - // number value. - ParamMinValueErrCode = "ParamMinValueError" - // ParamMinLenErrCode is the error code for fields without enough elements. - ParamMinLenErrCode = "ParamMinLenError" - // ParamMaxLenErrCode is the error code for value being too long. - ParamMaxLenErrCode = "ParamMaxLenError" - - // ParamFormatErrCode is the error code for a field with invalid - // format or characters. - ParamFormatErrCode = "ParamFormatInvalidError" -) - -// Validator provides a way for types to perform validation logic on their -// input values that external code can use to determine if a type's values -// are valid. -type Validator interface { - Validate() error -} - -// An ErrInvalidParams provides wrapping of invalid parameter errors found when -// validating API operation input parameters. -type ErrInvalidParams struct { - // Context is the base context of the invalid parameter group. - Context string - errs []ErrInvalidParam -} - -// Add adds a new invalid parameter error to the collection of invalid -// parameters. The context of the invalid parameter will be updated to reflect -// this collection. -func (e *ErrInvalidParams) Add(err ErrInvalidParam) { - err.SetContext(e.Context) - e.errs = append(e.errs, err) -} - -// AddNested adds the invalid parameter errors from another ErrInvalidParams -// value into this collection. The nested errors will have their nested context -// updated and base context to reflect the merging. -// -// Use for nested validations errors. -func (e *ErrInvalidParams) AddNested(nestedCtx string, nested ErrInvalidParams) { - for _, err := range nested.errs { - err.SetContext(e.Context) - err.AddNestedContext(nestedCtx) - e.errs = append(e.errs, err) - } -} - -// Len returns the number of invalid parameter errors -func (e ErrInvalidParams) Len() int { - return len(e.errs) -} - -// Code returns the code of the error -func (e ErrInvalidParams) Code() string { - return InvalidParameterErrCode -} - -// Message returns the message of the error -func (e ErrInvalidParams) Message() string { - return fmt.Sprintf("%d validation error(s) found.", len(e.errs)) -} - -// Error returns the string formatted form of the invalid parameters. -func (e ErrInvalidParams) Error() string { - w := &bytes.Buffer{} - fmt.Fprintf(w, "%s: %s\n", e.Code(), e.Message()) - - for _, err := range e.errs { - fmt.Fprintf(w, "- %s\n", err.Message()) - } - - return w.String() -} - -// OrigErr returns the invalid parameters as a awserr.BatchedErrors value -func (e ErrInvalidParams) OrigErr() error { - return awserr.NewBatchError( - InvalidParameterErrCode, e.Message(), e.OrigErrs()) -} - -// OrigErrs returns a slice of the invalid parameters -func (e ErrInvalidParams) OrigErrs() []error { - errs := make([]error, len(e.errs)) - for i := 0; i < len(errs); i++ { - errs[i] = e.errs[i] - } - - return errs -} - -// An ErrInvalidParam represents an invalid parameter error type. -type ErrInvalidParam interface { - awserr.Error - - // Field name the error occurred on. - Field() string - - // SetContext updates the context of the error. - SetContext(string) - - // AddNestedContext updates the error's context to include a nested level. - AddNestedContext(string) -} - -type errInvalidParam struct { - context string - nestedContext string - field string - code string - msg string -} - -// Code returns the error code for the type of invalid parameter. -func (e *errInvalidParam) Code() string { - return e.code -} - -// Message returns the reason the parameter was invalid, and its context. -func (e *errInvalidParam) Message() string { - return fmt.Sprintf("%s, %s.", e.msg, e.Field()) -} - -// Error returns the string version of the invalid parameter error. -func (e *errInvalidParam) Error() string { - return fmt.Sprintf("%s: %s", e.code, e.Message()) -} - -// OrigErr returns nil, Implemented for awserr.Error interface. -func (e *errInvalidParam) OrigErr() error { - return nil -} - -// Field Returns the field and context the error occurred. -func (e *errInvalidParam) Field() string { - field := e.context - if len(field) > 0 { - field += "." - } - if len(e.nestedContext) > 0 { - field += fmt.Sprintf("%s.", e.nestedContext) - } - field += e.field - - return field -} - -// SetContext updates the base context of the error. -func (e *errInvalidParam) SetContext(ctx string) { - e.context = ctx -} - -// AddNestedContext prepends a context to the field's path. -func (e *errInvalidParam) AddNestedContext(ctx string) { - if len(e.nestedContext) == 0 { - e.nestedContext = ctx - } else { - e.nestedContext = fmt.Sprintf("%s.%s", ctx, e.nestedContext) - } - -} - -// An ErrParamRequired represents an required parameter error. -type ErrParamRequired struct { - errInvalidParam -} - -// NewErrParamRequired creates a new required parameter error. -func NewErrParamRequired(field string) *ErrParamRequired { - return &ErrParamRequired{ - errInvalidParam{ - code: ParamRequiredErrCode, - field: field, - msg: fmt.Sprintf("missing required field"), - }, - } -} - -// An ErrParamMinValue represents a minimum value parameter error. -type ErrParamMinValue struct { - errInvalidParam - min float64 -} - -// NewErrParamMinValue creates a new minimum value parameter error. -func NewErrParamMinValue(field string, min float64) *ErrParamMinValue { - return &ErrParamMinValue{ - errInvalidParam: errInvalidParam{ - code: ParamMinValueErrCode, - field: field, - msg: fmt.Sprintf("minimum field value of %v", min), - }, - min: min, - } -} - -// MinValue returns the field's require minimum value. -// -// float64 is returned for both int and float min values. -func (e *ErrParamMinValue) MinValue() float64 { - return e.min -} - -// An ErrParamMinLen represents a minimum length parameter error. -type ErrParamMinLen struct { - errInvalidParam - min int -} - -// NewErrParamMinLen creates a new minimum length parameter error. -func NewErrParamMinLen(field string, min int) *ErrParamMinLen { - return &ErrParamMinLen{ - errInvalidParam: errInvalidParam{ - code: ParamMinLenErrCode, - field: field, - msg: fmt.Sprintf("minimum field size of %v", min), - }, - min: min, - } -} - -// MinLen returns the field's required minimum length. -func (e *ErrParamMinLen) MinLen() int { - return e.min -} - -// An ErrParamMaxLen represents a maximum length parameter error. -type ErrParamMaxLen struct { - errInvalidParam - max int -} - -// NewErrParamMaxLen creates a new maximum length parameter error. -func NewErrParamMaxLen(field string, max int, value string) *ErrParamMaxLen { - return &ErrParamMaxLen{ - errInvalidParam: errInvalidParam{ - code: ParamMaxLenErrCode, - field: field, - msg: fmt.Sprintf("maximum size of %v, %v", max, value), - }, - max: max, - } -} - -// MaxLen returns the field's required minimum length. -func (e *ErrParamMaxLen) MaxLen() int { - return e.max -} - -// An ErrParamFormat represents a invalid format parameter error. -type ErrParamFormat struct { - errInvalidParam - format string -} - -// NewErrParamFormat creates a new invalid format parameter error. -func NewErrParamFormat(field string, format, value string) *ErrParamFormat { - return &ErrParamFormat{ - errInvalidParam: errInvalidParam{ - code: ParamFormatErrCode, - field: field, - msg: fmt.Sprintf("format %v, %v", format, value), - }, - format: format, - } -} - -// Format returns the field's required format. -func (e *ErrParamFormat) Format() string { - return e.format -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/request/waiter.go b/vendor/github.com/aws/aws-sdk-go/aws/request/waiter.go deleted file mode 100644 index 992ed046..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/request/waiter.go +++ /dev/null @@ -1,304 +0,0 @@ -package request - -import ( - "fmt" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/awsutil" -) - -// WaiterResourceNotReadyErrorCode is the error code returned by a waiter when -// the waiter's max attempts have been exhausted. -const WaiterResourceNotReadyErrorCode = "ResourceNotReady" - -// A WaiterOption is a function that will update the Waiter value's fields to -// configure the waiter. -type WaiterOption func(*Waiter) - -// WithWaiterMaxAttempts returns the maximum number of times the waiter should -// attempt to check the resource for the target state. -func WithWaiterMaxAttempts(max int) WaiterOption { - return func(w *Waiter) { - w.MaxAttempts = max - } -} - -// WaiterDelay will return a delay the waiter should pause between attempts to -// check the resource state. The passed in attempt is the number of times the -// Waiter has checked the resource state. -// -// Attempt is the number of attempts the Waiter has made checking the resource -// state. -type WaiterDelay func(attempt int) time.Duration - -// ConstantWaiterDelay returns a WaiterDelay that will always return a constant -// delay the waiter should use between attempts. It ignores the number of -// attempts made. -func ConstantWaiterDelay(delay time.Duration) WaiterDelay { - return func(attempt int) time.Duration { - return delay - } -} - -// WithWaiterDelay will set the Waiter to use the WaiterDelay passed in. -func WithWaiterDelay(delayer WaiterDelay) WaiterOption { - return func(w *Waiter) { - w.Delay = delayer - } -} - -// WithWaiterLogger returns a waiter option to set the logger a waiter -// should use to log warnings and errors to. -func WithWaiterLogger(logger aws.Logger) WaiterOption { - return func(w *Waiter) { - w.Logger = logger - } -} - -// WithWaiterRequestOptions returns a waiter option setting the request -// options for each request the waiter makes. Appends to waiter's request -// options already set. -func WithWaiterRequestOptions(opts ...Option) WaiterOption { - return func(w *Waiter) { - w.RequestOptions = append(w.RequestOptions, opts...) - } -} - -// A Waiter provides the functionality to perform a blocking call which will -// wait for a resource state to be satisfied by a service. -// -// This type should not be used directly. The API operations provided in the -// service packages prefixed with "WaitUntil" should be used instead. -type Waiter struct { - Name string - Acceptors []WaiterAcceptor - Logger aws.Logger - - MaxAttempts int - Delay WaiterDelay - - RequestOptions []Option - NewRequest func([]Option) (*Request, error) - SleepWithContext func(aws.Context, time.Duration) error -} - -// ApplyOptions updates the waiter with the list of waiter options provided. -func (w *Waiter) ApplyOptions(opts ...WaiterOption) { - for _, fn := range opts { - fn(w) - } -} - -// WaiterState are states the waiter uses based on WaiterAcceptor definitions -// to identify if the resource state the waiter is waiting on has occurred. -type WaiterState int - -// String returns the string representation of the waiter state. -func (s WaiterState) String() string { - switch s { - case SuccessWaiterState: - return "success" - case FailureWaiterState: - return "failure" - case RetryWaiterState: - return "retry" - default: - return "unknown waiter state" - } -} - -// States the waiter acceptors will use to identify target resource states. -const ( - SuccessWaiterState WaiterState = iota // waiter successful - FailureWaiterState // waiter failed - RetryWaiterState // waiter needs to be retried -) - -// WaiterMatchMode is the mode that the waiter will use to match the WaiterAcceptor -// definition's Expected attribute. -type WaiterMatchMode int - -// Modes the waiter will use when inspecting API response to identify target -// resource states. -const ( - PathAllWaiterMatch WaiterMatchMode = iota // match on all paths - PathWaiterMatch // match on specific path - PathAnyWaiterMatch // match on any path - PathListWaiterMatch // match on list of paths - StatusWaiterMatch // match on status code - ErrorWaiterMatch // match on error -) - -// String returns the string representation of the waiter match mode. -func (m WaiterMatchMode) String() string { - switch m { - case PathAllWaiterMatch: - return "pathAll" - case PathWaiterMatch: - return "path" - case PathAnyWaiterMatch: - return "pathAny" - case PathListWaiterMatch: - return "pathList" - case StatusWaiterMatch: - return "status" - case ErrorWaiterMatch: - return "error" - default: - return "unknown waiter match mode" - } -} - -// WaitWithContext will make requests for the API operation using NewRequest to -// build API requests. The request's response will be compared against the -// Waiter's Acceptors to determine the successful state of the resource the -// waiter is inspecting. -// -// The passed in context must not be nil. If it is nil a panic will occur. The -// Context will be used to cancel the waiter's pending requests and retry delays. -// Use aws.BackgroundContext if no context is available. -// -// The waiter will continue until the target state defined by the Acceptors, -// or the max attempts expires. -// -// Will return the WaiterResourceNotReadyErrorCode error code if the waiter's -// retryer ShouldRetry returns false. This normally will happen when the max -// wait attempts expires. -func (w Waiter) WaitWithContext(ctx aws.Context) error { - - for attempt := 1; ; attempt++ { - req, err := w.NewRequest(w.RequestOptions) - if err != nil { - waiterLogf(w.Logger, "unable to create request %v", err) - return err - } - req.Handlers.Build.PushBack(MakeAddToUserAgentFreeFormHandler("Waiter")) - err = req.Send() - - // See if any of the acceptors match the request's response, or error - for _, a := range w.Acceptors { - if matched, matchErr := a.match(w.Name, w.Logger, req, err); matched { - return matchErr - } - } - - // The Waiter should only check the resource state MaxAttempts times - // This is here instead of in the for loop above to prevent delaying - // unnecessary when the waiter will not retry. - if attempt == w.MaxAttempts { - break - } - - // Delay to wait before inspecting the resource again - delay := w.Delay(attempt) - if sleepFn := req.Config.SleepDelay; sleepFn != nil { - // Support SleepDelay for backwards compatibility and testing - sleepFn(delay) - } else { - sleepCtxFn := w.SleepWithContext - if sleepCtxFn == nil { - sleepCtxFn = aws.SleepWithContext - } - - if err := sleepCtxFn(ctx, delay); err != nil { - return awserr.New(CanceledErrorCode, "waiter context canceled", err) - } - } - } - - return awserr.New(WaiterResourceNotReadyErrorCode, "exceeded wait attempts", nil) -} - -// A WaiterAcceptor provides the information needed to wait for an API operation -// to complete. -type WaiterAcceptor struct { - State WaiterState - Matcher WaiterMatchMode - Argument string - Expected interface{} -} - -// match returns if the acceptor found a match with the passed in request -// or error. True is returned if the acceptor made a match, error is returned -// if there was an error attempting to perform the match. -func (a *WaiterAcceptor) match(name string, l aws.Logger, req *Request, err error) (bool, error) { - result := false - var vals []interface{} - - switch a.Matcher { - case PathAllWaiterMatch, PathWaiterMatch: - // Require all matches to be equal for result to match - vals, _ = awsutil.ValuesAtPath(req.Data, a.Argument) - if len(vals) == 0 { - break - } - result = true - for _, val := range vals { - if !awsutil.DeepEqual(val, a.Expected) { - result = false - break - } - } - case PathAnyWaiterMatch: - // Only a single match needs to equal for the result to match - vals, _ = awsutil.ValuesAtPath(req.Data, a.Argument) - for _, val := range vals { - if awsutil.DeepEqual(val, a.Expected) { - result = true - break - } - } - case PathListWaiterMatch: - // ignored matcher - case StatusWaiterMatch: - s := a.Expected.(int) - result = s == req.HTTPResponse.StatusCode - case ErrorWaiterMatch: - switch ex := a.Expected.(type) { - case string: - if aerr, ok := err.(awserr.Error); ok { - result = aerr.Code() == ex - } - case bool: - if ex { - result = err != nil - } else { - result = err == nil - } - } - default: - waiterLogf(l, "WARNING: Waiter %s encountered unexpected matcher: %s", - name, a.Matcher) - } - - if !result { - // If there was no matching result found there is nothing more to do - // for this response, retry the request. - return false, nil - } - - switch a.State { - case SuccessWaiterState: - // waiter completed - return true, nil - case FailureWaiterState: - // Waiter failure state triggered - return true, awserr.New(WaiterResourceNotReadyErrorCode, - "failed waiting for successful resource state", err) - case RetryWaiterState: - // clear the error and retry the operation - return false, nil - default: - waiterLogf(l, "WARNING: Waiter %s encountered unexpected state: %s", - name, a.State) - return false, nil - } -} - -func waiterLogf(logger aws.Logger, msg string, args ...interface{}) { - if logger != nil { - logger.Log(fmt.Sprintf(msg, args...)) - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go deleted file mode 100644 index ea8e3537..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go +++ /dev/null @@ -1,333 +0,0 @@ -package session - -import ( - "fmt" - "os" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/credentials/processcreds" - "github.com/aws/aws-sdk-go/aws/credentials/ssocreds" - "github.com/aws/aws-sdk-go/aws/credentials/stscreds" - "github.com/aws/aws-sdk-go/aws/defaults" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/shareddefaults" - "github.com/aws/aws-sdk-go/service/ssooidc" - "github.com/aws/aws-sdk-go/service/sts" -) - -// CredentialsProviderOptions specifies additional options for configuring -// credentials providers. -type CredentialsProviderOptions struct { - // WebIdentityRoleProviderOptions configures a WebIdentityRoleProvider, - // such as setting its ExpiryWindow. - WebIdentityRoleProviderOptions func(*stscreds.WebIdentityRoleProvider) - - // ProcessProviderOptions configures a ProcessProvider, - // such as setting its Timeout. - ProcessProviderOptions func(*processcreds.ProcessProvider) -} - -func resolveCredentials(cfg *aws.Config, - envCfg envConfig, sharedCfg sharedConfig, - handlers request.Handlers, - sessOpts Options, -) (*credentials.Credentials, error) { - - switch { - case len(sessOpts.Profile) != 0: - // User explicitly provided a Profile in the session's configuration - // so load that profile from shared config first. - // Github(aws/aws-sdk-go#2727) - return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) - - case envCfg.Creds.HasKeys(): - // Environment credentials - return credentials.NewStaticCredentialsFromCreds(envCfg.Creds), nil - - case len(envCfg.WebIdentityTokenFilePath) != 0: - // Web identity token from environment, RoleARN required to also be - // set. - return assumeWebIdentity(cfg, handlers, - envCfg.WebIdentityTokenFilePath, - envCfg.RoleARN, - envCfg.RoleSessionName, - sessOpts.CredentialsProviderOptions, - ) - - default: - // Fallback to the "default" credential resolution chain. - return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) - } -} - -// WebIdentityEmptyRoleARNErr will occur if 'AWS_WEB_IDENTITY_TOKEN_FILE' was set but -// 'AWS_ROLE_ARN' was not set. -var WebIdentityEmptyRoleARNErr = awserr.New(stscreds.ErrCodeWebIdentity, "role ARN is not set", nil) - -// WebIdentityEmptyTokenFilePathErr will occur if 'AWS_ROLE_ARN' was set but -// 'AWS_WEB_IDENTITY_TOKEN_FILE' was not set. -var WebIdentityEmptyTokenFilePathErr = awserr.New(stscreds.ErrCodeWebIdentity, "token file path is not set", nil) - -func assumeWebIdentity(cfg *aws.Config, handlers request.Handlers, - filepath string, - roleARN, sessionName string, - credOptions *CredentialsProviderOptions, -) (*credentials.Credentials, error) { - - if len(filepath) == 0 { - return nil, WebIdentityEmptyTokenFilePathErr - } - - if len(roleARN) == 0 { - return nil, WebIdentityEmptyRoleARNErr - } - - svc := sts.New(&Session{ - Config: cfg, - Handlers: handlers.Copy(), - }) - - var optFns []func(*stscreds.WebIdentityRoleProvider) - if credOptions != nil && credOptions.WebIdentityRoleProviderOptions != nil { - optFns = append(optFns, credOptions.WebIdentityRoleProviderOptions) - } - - p := stscreds.NewWebIdentityRoleProviderWithOptions(svc, roleARN, sessionName, stscreds.FetchTokenPath(filepath), optFns...) - return credentials.NewCredentials(p), nil -} - -func resolveCredsFromProfile(cfg *aws.Config, - envCfg envConfig, sharedCfg sharedConfig, - handlers request.Handlers, - sessOpts Options, -) (creds *credentials.Credentials, err error) { - - switch { - case sharedCfg.SourceProfile != nil: - // Assume IAM role with credentials source from a different profile. - creds, err = resolveCredsFromProfile(cfg, envCfg, - *sharedCfg.SourceProfile, handlers, sessOpts, - ) - - case sharedCfg.Creds.HasKeys(): - // Static Credentials from Shared Config/Credentials file. - creds = credentials.NewStaticCredentialsFromCreds( - sharedCfg.Creds, - ) - - case len(sharedCfg.CredentialSource) != 0: - creds, err = resolveCredsFromSource(cfg, envCfg, - sharedCfg, handlers, sessOpts, - ) - - case len(sharedCfg.WebIdentityTokenFile) != 0: - // Credentials from Assume Web Identity token require an IAM Role, and - // that roll will be assumed. May be wrapped with another assume role - // via SourceProfile. - return assumeWebIdentity(cfg, handlers, - sharedCfg.WebIdentityTokenFile, - sharedCfg.RoleARN, - sharedCfg.RoleSessionName, - sessOpts.CredentialsProviderOptions, - ) - - case sharedCfg.hasSSOConfiguration(): - creds, err = resolveSSOCredentials(cfg, sharedCfg, handlers) - - case len(sharedCfg.CredentialProcess) != 0: - // Get credentials from CredentialProcess - var optFns []func(*processcreds.ProcessProvider) - if sessOpts.CredentialsProviderOptions != nil && sessOpts.CredentialsProviderOptions.ProcessProviderOptions != nil { - optFns = append(optFns, sessOpts.CredentialsProviderOptions.ProcessProviderOptions) - } - creds = processcreds.NewCredentials(sharedCfg.CredentialProcess, optFns...) - - default: - // Fallback to default credentials provider, include mock errors for - // the credential chain so user can identify why credentials failed to - // be retrieved. - creds = credentials.NewCredentials(&credentials.ChainProvider{ - VerboseErrors: aws.BoolValue(cfg.CredentialsChainVerboseErrors), - Providers: []credentials.Provider{ - &credProviderError{ - Err: awserr.New("EnvAccessKeyNotFound", - "failed to find credentials in the environment.", nil), - }, - &credProviderError{ - Err: awserr.New("SharedCredsLoad", - fmt.Sprintf("failed to load profile, %s.", envCfg.Profile), nil), - }, - defaults.RemoteCredProvider(*cfg, handlers), - }, - }) - } - if err != nil { - return nil, err - } - - if len(sharedCfg.RoleARN) > 0 { - cfgCp := *cfg - cfgCp.Credentials = creds - return credsFromAssumeRole(cfgCp, handlers, sharedCfg, sessOpts) - } - - return creds, nil -} - -func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers request.Handlers) (*credentials.Credentials, error) { - if err := sharedCfg.validateSSOConfiguration(); err != nil { - return nil, err - } - - var optFns []func(provider *ssocreds.Provider) - cfgCopy := cfg.Copy() - - if sharedCfg.SSOSession != nil { - cfgCopy.Region = &sharedCfg.SSOSession.SSORegion - cachedPath, err := ssocreds.StandardCachedTokenFilepath(sharedCfg.SSOSession.Name) - if err != nil { - return nil, err - } - // create oidcClient with AnonymousCredentials to avoid recursively resolving credentials - mySession := Must(NewSession(&aws.Config{ - Credentials: credentials.AnonymousCredentials, - })) - oidcClient := ssooidc.New(mySession, cfgCopy) - tokenProvider := ssocreds.NewSSOTokenProvider(oidcClient, cachedPath) - optFns = append(optFns, func(p *ssocreds.Provider) { - p.TokenProvider = tokenProvider - p.CachedTokenFilepath = cachedPath - }) - } else { - cfgCopy.Region = &sharedCfg.SSORegion - } - - return ssocreds.NewCredentials( - &Session{ - Config: cfgCopy, - Handlers: handlers.Copy(), - }, - sharedCfg.SSOAccountID, - sharedCfg.SSORoleName, - sharedCfg.SSOStartURL, - optFns..., - ), nil -} - -// valid credential source values -const ( - credSourceEc2Metadata = "Ec2InstanceMetadata" - credSourceEnvironment = "Environment" - credSourceECSContainer = "EcsContainer" -) - -func resolveCredsFromSource(cfg *aws.Config, - envCfg envConfig, sharedCfg sharedConfig, - handlers request.Handlers, - sessOpts Options, -) (creds *credentials.Credentials, err error) { - - switch sharedCfg.CredentialSource { - case credSourceEc2Metadata: - p := defaults.RemoteCredProvider(*cfg, handlers) - creds = credentials.NewCredentials(p) - - case credSourceEnvironment: - creds = credentials.NewStaticCredentialsFromCreds(envCfg.Creds) - - case credSourceECSContainer: - if len(os.Getenv(shareddefaults.ECSCredsProviderEnvVar)) == 0 { - return nil, ErrSharedConfigECSContainerEnvVarEmpty - } - - p := defaults.RemoteCredProvider(*cfg, handlers) - creds = credentials.NewCredentials(p) - - default: - return nil, ErrSharedConfigInvalidCredSource - } - - return creds, nil -} - -func credsFromAssumeRole(cfg aws.Config, - handlers request.Handlers, - sharedCfg sharedConfig, - sessOpts Options, -) (*credentials.Credentials, error) { - - if len(sharedCfg.MFASerial) != 0 && sessOpts.AssumeRoleTokenProvider == nil { - // AssumeRole Token provider is required if doing Assume Role - // with MFA. - return nil, AssumeRoleTokenProviderNotSetError{} - } - - return stscreds.NewCredentials( - &Session{ - Config: &cfg, - Handlers: handlers.Copy(), - }, - sharedCfg.RoleARN, - func(opt *stscreds.AssumeRoleProvider) { - opt.RoleSessionName = sharedCfg.RoleSessionName - - if sessOpts.AssumeRoleDuration == 0 && - sharedCfg.AssumeRoleDuration != nil && - *sharedCfg.AssumeRoleDuration/time.Minute > 15 { - opt.Duration = *sharedCfg.AssumeRoleDuration - } else if sessOpts.AssumeRoleDuration != 0 { - opt.Duration = sessOpts.AssumeRoleDuration - } - - // Assume role with external ID - if len(sharedCfg.ExternalID) > 0 { - opt.ExternalID = aws.String(sharedCfg.ExternalID) - } - - // Assume role with MFA - if len(sharedCfg.MFASerial) > 0 { - opt.SerialNumber = aws.String(sharedCfg.MFASerial) - opt.TokenProvider = sessOpts.AssumeRoleTokenProvider - } - }, - ), nil -} - -// AssumeRoleTokenProviderNotSetError is an error returned when creating a -// session when the MFAToken option is not set when shared config is configured -// load assume a role with an MFA token. -type AssumeRoleTokenProviderNotSetError struct{} - -// Code is the short id of the error. -func (e AssumeRoleTokenProviderNotSetError) Code() string { - return "AssumeRoleTokenProviderNotSetError" -} - -// Message is the description of the error -func (e AssumeRoleTokenProviderNotSetError) Message() string { - return fmt.Sprintf("assume role with MFA enabled, but AssumeRoleTokenProvider session option not set.") -} - -// OrigErr is the underlying error that caused the failure. -func (e AssumeRoleTokenProviderNotSetError) OrigErr() error { - return nil -} - -// Error satisfies the error interface. -func (e AssumeRoleTokenProviderNotSetError) Error() string { - return awserr.SprintError(e.Code(), e.Message(), "", nil) -} - -type credProviderError struct { - Err error -} - -func (c credProviderError) Retrieve() (credentials.Value, error) { - return credentials.Value{}, c.Err -} -func (c credProviderError) IsExpired() bool { - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport.go b/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport.go deleted file mode 100644 index 4390ad52..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport.go +++ /dev/null @@ -1,28 +0,0 @@ -//go:build go1.13 -// +build go1.13 - -package session - -import ( - "net" - "net/http" - "time" -) - -// Transport that should be used when a custom CA bundle is specified with the -// SDK. -func getCustomTransport() *http.Transport { - return &http.Transport{ - Proxy: http.ProxyFromEnvironment, - DialContext: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - DualStack: true, - }).DialContext, - ForceAttemptHTTP2: true, - MaxIdleConns: 100, - IdleConnTimeout: 90 * time.Second, - TLSHandshakeTimeout: 10 * time.Second, - ExpectContinueTimeout: 1 * time.Second, - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.12.go b/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.12.go deleted file mode 100644 index 668565be..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.12.go +++ /dev/null @@ -1,27 +0,0 @@ -//go:build !go1.13 && go1.7 -// +build !go1.13,go1.7 - -package session - -import ( - "net" - "net/http" - "time" -) - -// Transport that should be used when a custom CA bundle is specified with the -// SDK. -func getCustomTransport() *http.Transport { - return &http.Transport{ - Proxy: http.ProxyFromEnvironment, - DialContext: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - DualStack: true, - }).DialContext, - MaxIdleConns: 100, - IdleConnTimeout: 90 * time.Second, - TLSHandshakeTimeout: 10 * time.Second, - ExpectContinueTimeout: 1 * time.Second, - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.5.go deleted file mode 100644 index e101aa6b..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.5.go +++ /dev/null @@ -1,23 +0,0 @@ -//go:build !go1.6 && go1.5 -// +build !go1.6,go1.5 - -package session - -import ( - "net" - "net/http" - "time" -) - -// Transport that should be used when a custom CA bundle is specified with the -// SDK. -func getCustomTransport() *http.Transport { - return &http.Transport{ - Proxy: http.ProxyFromEnvironment, - Dial: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - }).Dial, - TLSHandshakeTimeout: 10 * time.Second, - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.6.go b/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.6.go deleted file mode 100644 index b5fcbe0d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.6.go +++ /dev/null @@ -1,24 +0,0 @@ -//go:build !go1.7 && go1.6 -// +build !go1.7,go1.6 - -package session - -import ( - "net" - "net/http" - "time" -) - -// Transport that should be used when a custom CA bundle is specified with the -// SDK. -func getCustomTransport() *http.Transport { - return &http.Transport{ - Proxy: http.ProxyFromEnvironment, - Dial: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - }).Dial, - TLSHandshakeTimeout: 10 * time.Second, - ExpectContinueTimeout: 1 * time.Second, - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go b/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go deleted file mode 100644 index ff3cc012..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go +++ /dev/null @@ -1,367 +0,0 @@ -/* -Package session provides configuration for the SDK's service clients. Sessions -can be shared across service clients that share the same base configuration. - -Sessions are safe to use concurrently as long as the Session is not being -modified. Sessions should be cached when possible, because creating a new -Session will load all configuration values from the environment, and config -files each time the Session is created. Sharing the Session value across all of -your service clients will ensure the configuration is loaded the fewest number -of times possible. - -Sessions options from Shared Config - -By default NewSession will only load credentials from the shared credentials -file (~/.aws/credentials). If the AWS_SDK_LOAD_CONFIG environment variable is -set to a truthy value the Session will be created from the configuration -values from the shared config (~/.aws/config) and shared credentials -(~/.aws/credentials) files. Using the NewSessionWithOptions with -SharedConfigState set to SharedConfigEnable will create the session as if the -AWS_SDK_LOAD_CONFIG environment variable was set. - -Credential and config loading order - -The Session will attempt to load configuration and credentials from the -environment, configuration files, and other credential sources. The order -configuration is loaded in is: - - * Environment Variables - * Shared Credentials file - * Shared Configuration file (if SharedConfig is enabled) - * EC2 Instance Metadata (credentials only) - -The Environment variables for credentials will have precedence over shared -config even if SharedConfig is enabled. To override this behavior, and use -shared config credentials instead specify the session.Options.Profile, (e.g. -when using credential_source=Environment to assume a role). - - sess, err := session.NewSessionWithOptions(session.Options{ - Profile: "myProfile", - }) - -Creating Sessions - -Creating a Session without additional options will load credentials region, and -profile loaded from the environment and shared config automatically. See, -"Environment Variables" section for information on environment variables used -by Session. - - // Create Session - sess, err := session.NewSession() - - -When creating Sessions optional aws.Config values can be passed in that will -override the default, or loaded, config values the Session is being created -with. This allows you to provide additional, or case based, configuration -as needed. - - // Create a Session with a custom region - sess, err := session.NewSession(&aws.Config{ - Region: aws.String("us-west-2"), - }) - -Use NewSessionWithOptions to provide additional configuration driving how the -Session's configuration will be loaded. Such as, specifying shared config -profile, or override the shared config state, (AWS_SDK_LOAD_CONFIG). - - // Equivalent to session.NewSession() - sess, err := session.NewSessionWithOptions(session.Options{ - // Options - }) - - sess, err := session.NewSessionWithOptions(session.Options{ - // Specify profile to load for the session's config - Profile: "profile_name", - - // Provide SDK Config options, such as Region. - Config: aws.Config{ - Region: aws.String("us-west-2"), - }, - - // Force enable Shared Config support - SharedConfigState: session.SharedConfigEnable, - }) - -Adding Handlers - -You can add handlers to a session to decorate API operation, (e.g. adding HTTP -headers). All clients that use the Session receive a copy of the Session's -handlers. For example, the following request handler added to the Session logs -every requests made. - - // Create a session, and add additional handlers for all service - // clients created with the Session to inherit. Adds logging handler. - sess := session.Must(session.NewSession()) - - sess.Handlers.Send.PushFront(func(r *request.Request) { - // Log every request made and its payload - logger.Printf("Request: %s/%s, Params: %s", - r.ClientInfo.ServiceName, r.Operation, r.Params) - }) - -Shared Config Fields - -By default the SDK will only load the shared credentials file's -(~/.aws/credentials) credentials values, and all other config is provided by -the environment variables, SDK defaults, and user provided aws.Config values. - -If the AWS_SDK_LOAD_CONFIG environment variable is set, or SharedConfigEnable -option is used to create the Session the full shared config values will be -loaded. This includes credentials, region, and support for assume role. In -addition the Session will load its configuration from both the shared config -file (~/.aws/config) and shared credentials file (~/.aws/credentials). Both -files have the same format. - -If both config files are present the configuration from both files will be -read. The Session will be created from configuration values from the shared -credentials file (~/.aws/credentials) over those in the shared config file -(~/.aws/config). - -Credentials are the values the SDK uses to authenticating requests with AWS -Services. When specified in a file, both aws_access_key_id and -aws_secret_access_key must be provided together in the same file to be -considered valid. They will be ignored if both are not present. -aws_session_token is an optional field that can be provided in addition to the -other two fields. - - aws_access_key_id = AKID - aws_secret_access_key = SECRET - aws_session_token = TOKEN - - ; region only supported if SharedConfigEnabled. - region = us-east-1 - -Assume Role configuration - -The role_arn field allows you to configure the SDK to assume an IAM role using -a set of credentials from another source. Such as when paired with static -credentials, "profile_source", "credential_process", or "credential_source" -fields. If "role_arn" is provided, a source of credentials must also be -specified, such as "source_profile", "credential_source", or -"credential_process". - - role_arn = arn:aws:iam:::role/ - source_profile = profile_with_creds - external_id = 1234 - mfa_serial = - role_session_name = session_name - - -The SDK supports assuming a role with MFA token. If "mfa_serial" is set, you -must also set the Session Option.AssumeRoleTokenProvider. The Session will fail -to load if the AssumeRoleTokenProvider is not specified. - - sess := session.Must(session.NewSessionWithOptions(session.Options{ - AssumeRoleTokenProvider: stscreds.StdinTokenProvider, - })) - -To setup Assume Role outside of a session see the stscreds.AssumeRoleProvider -documentation. - -Environment Variables - -When a Session is created several environment variables can be set to adjust -how the SDK functions, and what configuration data it loads when creating -Sessions. All environment values are optional, but some values like credentials -require multiple of the values to set or the partial values will be ignored. -All environment variable values are strings unless otherwise noted. - -Environment configuration values. If set both Access Key ID and Secret Access -Key must be provided. Session Token and optionally also be provided, but is -not required. - - # Access Key ID - AWS_ACCESS_KEY_ID=AKID - AWS_ACCESS_KEY=AKID # only read if AWS_ACCESS_KEY_ID is not set. - - # Secret Access Key - AWS_SECRET_ACCESS_KEY=SECRET - AWS_SECRET_KEY=SECRET=SECRET # only read if AWS_SECRET_ACCESS_KEY is not set. - - # Session Token - AWS_SESSION_TOKEN=TOKEN - -Region value will instruct the SDK where to make service API requests to. If is -not provided in the environment the region must be provided before a service -client request is made. - - AWS_REGION=us-east-1 - - # AWS_DEFAULT_REGION is only read if AWS_SDK_LOAD_CONFIG is also set, - # and AWS_REGION is not also set. - AWS_DEFAULT_REGION=us-east-1 - -Profile name the SDK should load use when loading shared config from the -configuration files. If not provided "default" will be used as the profile name. - - AWS_PROFILE=my_profile - - # AWS_DEFAULT_PROFILE is only read if AWS_SDK_LOAD_CONFIG is also set, - # and AWS_PROFILE is not also set. - AWS_DEFAULT_PROFILE=my_profile - -SDK load config instructs the SDK to load the shared config in addition to -shared credentials. This also expands the configuration loaded so the shared -credentials will have parity with the shared config file. This also enables -Region and Profile support for the AWS_DEFAULT_REGION and AWS_DEFAULT_PROFILE -env values as well. - - AWS_SDK_LOAD_CONFIG=1 - -Custom Shared Config and Credential Files - -Shared credentials file path can be set to instruct the SDK to use an alternative -file for the shared credentials. If not set the file will be loaded from -$HOME/.aws/credentials on Linux/Unix based systems, and -%USERPROFILE%\.aws\credentials on Windows. - - AWS_SHARED_CREDENTIALS_FILE=$HOME/my_shared_credentials - -Shared config file path can be set to instruct the SDK to use an alternative -file for the shared config. If not set the file will be loaded from -$HOME/.aws/config on Linux/Unix based systems, and -%USERPROFILE%\.aws\config on Windows. - - AWS_CONFIG_FILE=$HOME/my_shared_config - -Custom CA Bundle - -Path to a custom Credentials Authority (CA) bundle PEM file that the SDK -will use instead of the default system's root CA bundle. Use this only -if you want to replace the CA bundle the SDK uses for TLS requests. - - AWS_CA_BUNDLE=$HOME/my_custom_ca_bundle - -Enabling this option will attempt to merge the Transport into the SDK's HTTP -client. If the client's Transport is not a http.Transport an error will be -returned. If the Transport's TLS config is set this option will cause the SDK -to overwrite the Transport's TLS config's RootCAs value. If the CA bundle file -contains multiple certificates all of them will be loaded. - -The Session option CustomCABundle is also available when creating sessions -to also enable this feature. CustomCABundle session option field has priority -over the AWS_CA_BUNDLE environment variable, and will be used if both are set. - -Setting a custom HTTPClient in the aws.Config options will override this setting. -To use this option and custom HTTP client, the HTTP client needs to be provided -when creating the session. Not the service client. - -Custom Client TLS Certificate - -The SDK supports the environment and session option being configured with -Client TLS certificates that are sent as a part of the client's TLS handshake -for client authentication. If used, both Cert and Key values are required. If -one is missing, or either fail to load the contents of the file an error will -be returned. - -HTTP Client's Transport concrete implementation must be a http.Transport -or creating the session will fail. - - AWS_SDK_GO_CLIENT_TLS_KEY=$HOME/my_client_key - AWS_SDK_GO_CLIENT_TLS_CERT=$HOME/my_client_cert - -This can also be configured via the session.Options ClientTLSCert and ClientTLSKey. - - sess, err := session.NewSessionWithOptions(session.Options{ - ClientTLSCert: myCertFile, - ClientTLSKey: myKeyFile, - }) - -Custom EC2 IMDS Endpoint - -The endpoint of the EC2 IMDS client can be configured via the environment -variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a -Session. See Options.EC2IMDSEndpoint for more details. - - AWS_EC2_METADATA_SERVICE_ENDPOINT=http://169.254.169.254 - -If using an URL with an IPv6 address literal, the IPv6 address -component must be enclosed in square brackets. - - AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] - -The custom EC2 IMDS endpoint can also be specified via the Session options. - - sess, err := session.NewSessionWithOptions(session.Options{ - EC2MetadataEndpoint: "http://[::1]", - }) - -FIPS and DualStack Endpoints - -The SDK can be configured to resolve an endpoint with certain capabilities such as FIPS and DualStack. - -You can configure a FIPS endpoint using an environment variable, shared config ($HOME/.aws/config), -or programmatically. - -To configure a FIPS endpoint set the environment variable set the AWS_USE_FIPS_ENDPOINT to true or false to enable -or disable FIPS endpoint resolution. - - AWS_USE_FIPS_ENDPOINT=true - -To configure a FIPS endpoint using shared config, set use_fips_endpoint to true or false to enable -or disable FIPS endpoint resolution. - - [profile myprofile] - region=us-west-2 - use_fips_endpoint=true - -To configure a FIPS endpoint programmatically - - // Option 1: Configure it on a session for all clients - sess, err := session.NewSessionWithOptions(session.Options{ - UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, - }) - if err != nil { - // handle error - } - - client := s3.New(sess) - - // Option 2: Configure it per client - sess, err := session.NewSession() - if err != nil { - // handle error - } - - client := s3.New(sess, &aws.Config{ - UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, - }) - -You can configure a DualStack endpoint using an environment variable, shared config ($HOME/.aws/config), -or programmatically. - -To configure a DualStack endpoint set the environment variable set the AWS_USE_DUALSTACK_ENDPOINT to true or false to -enable or disable DualStack endpoint resolution. - - AWS_USE_DUALSTACK_ENDPOINT=true - -To configure a DualStack endpoint using shared config, set use_dualstack_endpoint to true or false to enable -or disable DualStack endpoint resolution. - - [profile myprofile] - region=us-west-2 - use_dualstack_endpoint=true - -To configure a DualStack endpoint programmatically - - // Option 1: Configure it on a session for all clients - sess, err := session.NewSessionWithOptions(session.Options{ - UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, - }) - if err != nil { - // handle error - } - - client := s3.New(sess) - - // Option 2: Configure it per client - sess, err := session.NewSession() - if err != nil { - // handle error - } - - client := s3.New(sess, &aws.Config{ - UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, - }) -*/ -package session diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go deleted file mode 100644 index 93bb5de6..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go +++ /dev/null @@ -1,499 +0,0 @@ -package session - -import ( - "fmt" - "os" - "strconv" - "strings" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/defaults" - "github.com/aws/aws-sdk-go/aws/endpoints" -) - -// EnvProviderName provides a name of the provider when config is loaded from environment. -const EnvProviderName = "EnvConfigCredentials" - -// envConfig is a collection of environment values the SDK will read -// setup config from. All environment values are optional. But some values -// such as credentials require multiple values to be complete or the values -// will be ignored. -type envConfig struct { - // Environment configuration values. If set both Access Key ID and Secret Access - // Key must be provided. Session Token and optionally also be provided, but is - // not required. - // - // # Access Key ID - // AWS_ACCESS_KEY_ID=AKID - // AWS_ACCESS_KEY=AKID # only read if AWS_ACCESS_KEY_ID is not set. - // - // # Secret Access Key - // AWS_SECRET_ACCESS_KEY=SECRET - // AWS_SECRET_KEY=SECRET=SECRET # only read if AWS_SECRET_ACCESS_KEY is not set. - // - // # Session Token - // AWS_SESSION_TOKEN=TOKEN - Creds credentials.Value - - // Region value will instruct the SDK where to make service API requests to. If is - // not provided in the environment the region must be provided before a service - // client request is made. - // - // AWS_REGION=us-east-1 - // - // # AWS_DEFAULT_REGION is only read if AWS_SDK_LOAD_CONFIG is also set, - // # and AWS_REGION is not also set. - // AWS_DEFAULT_REGION=us-east-1 - Region string - - // Profile name the SDK should load use when loading shared configuration from the - // shared configuration files. If not provided "default" will be used as the - // profile name. - // - // AWS_PROFILE=my_profile - // - // # AWS_DEFAULT_PROFILE is only read if AWS_SDK_LOAD_CONFIG is also set, - // # and AWS_PROFILE is not also set. - // AWS_DEFAULT_PROFILE=my_profile - Profile string - - // SDK load config instructs the SDK to load the shared config in addition to - // shared credentials. This also expands the configuration loaded from the shared - // credentials to have parity with the shared config file. This also enables - // Region and Profile support for the AWS_DEFAULT_REGION and AWS_DEFAULT_PROFILE - // env values as well. - // - // AWS_SDK_LOAD_CONFIG=1 - EnableSharedConfig bool - - // Shared credentials file path can be set to instruct the SDK to use an alternate - // file for the shared credentials. If not set the file will be loaded from - // $HOME/.aws/credentials on Linux/Unix based systems, and - // %USERPROFILE%\.aws\credentials on Windows. - // - // AWS_SHARED_CREDENTIALS_FILE=$HOME/my_shared_credentials - SharedCredentialsFile string - - // Shared config file path can be set to instruct the SDK to use an alternate - // file for the shared config. If not set the file will be loaded from - // $HOME/.aws/config on Linux/Unix based systems, and - // %USERPROFILE%\.aws\config on Windows. - // - // AWS_CONFIG_FILE=$HOME/my_shared_config - SharedConfigFile string - - // Sets the path to a custom Credentials Authority (CA) Bundle PEM file - // that the SDK will use instead of the system's root CA bundle. - // Only use this if you want to configure the SDK to use a custom set - // of CAs. - // - // Enabling this option will attempt to merge the Transport - // into the SDK's HTTP client. If the client's Transport is - // not a http.Transport an error will be returned. If the - // Transport's TLS config is set this option will cause the - // SDK to overwrite the Transport's TLS config's RootCAs value. - // - // Setting a custom HTTPClient in the aws.Config options will override this setting. - // To use this option and custom HTTP client, the HTTP client needs to be provided - // when creating the session. Not the service client. - // - // AWS_CA_BUNDLE=$HOME/my_custom_ca_bundle - CustomCABundle string - - // Sets the TLC client certificate that should be used by the SDK's HTTP transport - // when making requests. The certificate must be paired with a TLS client key file. - // - // AWS_SDK_GO_CLIENT_TLS_CERT=$HOME/my_client_cert - ClientTLSCert string - - // Sets the TLC client key that should be used by the SDK's HTTP transport - // when making requests. The key must be paired with a TLS client certificate file. - // - // AWS_SDK_GO_CLIENT_TLS_KEY=$HOME/my_client_key - ClientTLSKey string - - csmEnabled string - CSMEnabled *bool - CSMPort string - CSMHost string - CSMClientID string - - // Enables endpoint discovery via environment variables. - // - // AWS_ENABLE_ENDPOINT_DISCOVERY=true - EnableEndpointDiscovery *bool - enableEndpointDiscovery string - - // Specifies the WebIdentity token the SDK should use to assume a role - // with. - // - // AWS_WEB_IDENTITY_TOKEN_FILE=file_path - WebIdentityTokenFilePath string - - // Specifies the IAM role arn to use when assuming an role. - // - // AWS_ROLE_ARN=role_arn - RoleARN string - - // Specifies the IAM role session name to use when assuming a role. - // - // AWS_ROLE_SESSION_NAME=session_name - RoleSessionName string - - // Specifies the STS Regional Endpoint flag for the SDK to resolve the endpoint - // for a service. - // - // AWS_STS_REGIONAL_ENDPOINTS=regional - // This can take value as `regional` or `legacy` - STSRegionalEndpoint endpoints.STSRegionalEndpoint - - // Specifies the S3 Regional Endpoint flag for the SDK to resolve the - // endpoint for a service. - // - // AWS_S3_US_EAST_1_REGIONAL_ENDPOINT=regional - // This can take value as `regional` or `legacy` - S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint - - // Specifies if the S3 service should allow ARNs to direct the region - // the client's requests are sent to. - // - // AWS_S3_USE_ARN_REGION=true - S3UseARNRegion bool - - // Specifies the EC2 Instance Metadata Service endpoint to use. If specified it overrides EC2IMDSEndpointMode. - // - // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] - EC2IMDSEndpoint string - - // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) - // - // AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6 - EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState - - // Specifies that IMDS clients should not fallback to IMDSv1 if token - // requests fail. - // - // AWS_EC2_METADATA_V1_DISABLED=true - EC2IMDSv1Disabled *bool - - // Specifies that SDK clients must resolve a dual-stack endpoint for - // services. - // - // AWS_USE_DUALSTACK_ENDPOINT=true - UseDualStackEndpoint endpoints.DualStackEndpointState - - // Specifies that SDK clients must resolve a FIPS endpoint for - // services. - // - // AWS_USE_FIPS_ENDPOINT=true - UseFIPSEndpoint endpoints.FIPSEndpointState -} - -var ( - csmEnabledEnvKey = []string{ - "AWS_CSM_ENABLED", - } - csmHostEnvKey = []string{ - "AWS_CSM_HOST", - } - csmPortEnvKey = []string{ - "AWS_CSM_PORT", - } - csmClientIDEnvKey = []string{ - "AWS_CSM_CLIENT_ID", - } - credAccessEnvKey = []string{ - "AWS_ACCESS_KEY_ID", - "AWS_ACCESS_KEY", - } - credSecretEnvKey = []string{ - "AWS_SECRET_ACCESS_KEY", - "AWS_SECRET_KEY", - } - credSessionEnvKey = []string{ - "AWS_SESSION_TOKEN", - } - - enableEndpointDiscoveryEnvKey = []string{ - "AWS_ENABLE_ENDPOINT_DISCOVERY", - } - - regionEnvKeys = []string{ - "AWS_REGION", - "AWS_DEFAULT_REGION", // Only read if AWS_SDK_LOAD_CONFIG is also set - } - profileEnvKeys = []string{ - "AWS_PROFILE", - "AWS_DEFAULT_PROFILE", // Only read if AWS_SDK_LOAD_CONFIG is also set - } - sharedCredsFileEnvKey = []string{ - "AWS_SHARED_CREDENTIALS_FILE", - } - sharedConfigFileEnvKey = []string{ - "AWS_CONFIG_FILE", - } - webIdentityTokenFilePathEnvKey = []string{ - "AWS_WEB_IDENTITY_TOKEN_FILE", - } - roleARNEnvKey = []string{ - "AWS_ROLE_ARN", - } - roleSessionNameEnvKey = []string{ - "AWS_ROLE_SESSION_NAME", - } - stsRegionalEndpointKey = []string{ - "AWS_STS_REGIONAL_ENDPOINTS", - } - s3UsEast1RegionalEndpoint = []string{ - "AWS_S3_US_EAST_1_REGIONAL_ENDPOINT", - } - s3UseARNRegionEnvKey = []string{ - "AWS_S3_USE_ARN_REGION", - } - ec2IMDSEndpointEnvKey = []string{ - "AWS_EC2_METADATA_SERVICE_ENDPOINT", - } - ec2IMDSEndpointModeEnvKey = []string{ - "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE", - } - ec2MetadataV1DisabledEnvKey = []string{ - "AWS_EC2_METADATA_V1_DISABLED", - } - useCABundleKey = []string{ - "AWS_CA_BUNDLE", - } - useClientTLSCert = []string{ - "AWS_SDK_GO_CLIENT_TLS_CERT", - } - useClientTLSKey = []string{ - "AWS_SDK_GO_CLIENT_TLS_KEY", - } - awsUseDualStackEndpoint = []string{ - "AWS_USE_DUALSTACK_ENDPOINT", - } - awsUseFIPSEndpoint = []string{ - "AWS_USE_FIPS_ENDPOINT", - } -) - -// loadEnvConfig retrieves the SDK's environment configuration. -// See `envConfig` for the values that will be retrieved. -// -// If the environment variable `AWS_SDK_LOAD_CONFIG` is set to a truthy value -// the shared SDK config will be loaded in addition to the SDK's specific -// configuration values. -func loadEnvConfig() (envConfig, error) { - enableSharedConfig, _ := strconv.ParseBool(os.Getenv("AWS_SDK_LOAD_CONFIG")) - return envConfigLoad(enableSharedConfig) -} - -// loadEnvSharedConfig retrieves the SDK's environment configuration, and the -// SDK shared config. See `envConfig` for the values that will be retrieved. -// -// Loads the shared configuration in addition to the SDK's specific configuration. -// This will load the same values as `loadEnvConfig` if the `AWS_SDK_LOAD_CONFIG` -// environment variable is set. -func loadSharedEnvConfig() (envConfig, error) { - return envConfigLoad(true) -} - -func envConfigLoad(enableSharedConfig bool) (envConfig, error) { - cfg := envConfig{} - - cfg.EnableSharedConfig = enableSharedConfig - - // Static environment credentials - var creds credentials.Value - setFromEnvVal(&creds.AccessKeyID, credAccessEnvKey) - setFromEnvVal(&creds.SecretAccessKey, credSecretEnvKey) - setFromEnvVal(&creds.SessionToken, credSessionEnvKey) - if creds.HasKeys() { - // Require logical grouping of credentials - creds.ProviderName = EnvProviderName - cfg.Creds = creds - } - - // Role Metadata - setFromEnvVal(&cfg.RoleARN, roleARNEnvKey) - setFromEnvVal(&cfg.RoleSessionName, roleSessionNameEnvKey) - - // Web identity environment variables - setFromEnvVal(&cfg.WebIdentityTokenFilePath, webIdentityTokenFilePathEnvKey) - - // CSM environment variables - setFromEnvVal(&cfg.csmEnabled, csmEnabledEnvKey) - setFromEnvVal(&cfg.CSMHost, csmHostEnvKey) - setFromEnvVal(&cfg.CSMPort, csmPortEnvKey) - setFromEnvVal(&cfg.CSMClientID, csmClientIDEnvKey) - - if len(cfg.csmEnabled) != 0 { - v, _ := strconv.ParseBool(cfg.csmEnabled) - cfg.CSMEnabled = &v - } - - regionKeys := regionEnvKeys - profileKeys := profileEnvKeys - if !cfg.EnableSharedConfig { - regionKeys = regionKeys[:1] - profileKeys = profileKeys[:1] - } - - setFromEnvVal(&cfg.Region, regionKeys) - setFromEnvVal(&cfg.Profile, profileKeys) - - // endpoint discovery is in reference to it being enabled. - setFromEnvVal(&cfg.enableEndpointDiscovery, enableEndpointDiscoveryEnvKey) - if len(cfg.enableEndpointDiscovery) > 0 { - cfg.EnableEndpointDiscovery = aws.Bool(cfg.enableEndpointDiscovery != "false") - } - - setFromEnvVal(&cfg.SharedCredentialsFile, sharedCredsFileEnvKey) - setFromEnvVal(&cfg.SharedConfigFile, sharedConfigFileEnvKey) - - if len(cfg.SharedCredentialsFile) == 0 { - cfg.SharedCredentialsFile = defaults.SharedCredentialsFilename() - } - if len(cfg.SharedConfigFile) == 0 { - cfg.SharedConfigFile = defaults.SharedConfigFilename() - } - - setFromEnvVal(&cfg.CustomCABundle, useCABundleKey) - setFromEnvVal(&cfg.ClientTLSCert, useClientTLSCert) - setFromEnvVal(&cfg.ClientTLSKey, useClientTLSKey) - - var err error - // STS Regional Endpoint variable - for _, k := range stsRegionalEndpointKey { - if v := os.Getenv(k); len(v) != 0 { - cfg.STSRegionalEndpoint, err = endpoints.GetSTSRegionalEndpoint(v) - if err != nil { - return cfg, fmt.Errorf("failed to load, %v from env config, %v", k, err) - } - } - } - - // S3 Regional Endpoint variable - for _, k := range s3UsEast1RegionalEndpoint { - if v := os.Getenv(k); len(v) != 0 { - cfg.S3UsEast1RegionalEndpoint, err = endpoints.GetS3UsEast1RegionalEndpoint(v) - if err != nil { - return cfg, fmt.Errorf("failed to load, %v from env config, %v", k, err) - } - } - } - - var s3UseARNRegion string - setFromEnvVal(&s3UseARNRegion, s3UseARNRegionEnvKey) - if len(s3UseARNRegion) != 0 { - switch { - case strings.EqualFold(s3UseARNRegion, "false"): - cfg.S3UseARNRegion = false - case strings.EqualFold(s3UseARNRegion, "true"): - cfg.S3UseARNRegion = true - default: - return envConfig{}, fmt.Errorf( - "invalid value for environment variable, %s=%s, need true or false", - s3UseARNRegionEnvKey[0], s3UseARNRegion) - } - } - - setFromEnvVal(&cfg.EC2IMDSEndpoint, ec2IMDSEndpointEnvKey) - if err := setEC2IMDSEndpointMode(&cfg.EC2IMDSEndpointMode, ec2IMDSEndpointModeEnvKey); err != nil { - return envConfig{}, err - } - setBoolPtrFromEnvVal(&cfg.EC2IMDSv1Disabled, ec2MetadataV1DisabledEnvKey) - - if err := setUseDualStackEndpointFromEnvVal(&cfg.UseDualStackEndpoint, awsUseDualStackEndpoint); err != nil { - return cfg, err - } - - if err := setUseFIPSEndpointFromEnvVal(&cfg.UseFIPSEndpoint, awsUseFIPSEndpoint); err != nil { - return cfg, err - } - - return cfg, nil -} - -func setFromEnvVal(dst *string, keys []string) { - for _, k := range keys { - if v := os.Getenv(k); len(v) != 0 { - *dst = v - break - } - } -} - -func setBoolPtrFromEnvVal(dst **bool, keys []string) { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - - switch { - case strings.EqualFold(value, "false"): - *dst = new(bool) - **dst = false - case strings.EqualFold(value, "true"): - *dst = new(bool) - **dst = true - } - } -} - -func setEC2IMDSEndpointMode(mode *endpoints.EC2IMDSEndpointModeState, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue - } - if err := mode.SetFromString(value); err != nil { - return fmt.Errorf("invalid value for environment variable, %s=%s, %v", k, value, err) - } - return nil - } - return nil -} - -func setUseDualStackEndpointFromEnvVal(dst *endpoints.DualStackEndpointState, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue // skip if empty - } - - switch { - case strings.EqualFold(value, "true"): - *dst = endpoints.DualStackEndpointStateEnabled - case strings.EqualFold(value, "false"): - *dst = endpoints.DualStackEndpointStateDisabled - default: - return fmt.Errorf( - "invalid value for environment variable, %s=%s, need true, false", - k, value) - } - } - return nil -} - -func setUseFIPSEndpointFromEnvVal(dst *endpoints.FIPSEndpointState, keys []string) error { - for _, k := range keys { - value := os.Getenv(k) - if len(value) == 0 { - continue // skip if empty - } - - switch { - case strings.EqualFold(value, "true"): - *dst = endpoints.FIPSEndpointStateEnabled - case strings.EqualFold(value, "false"): - *dst = endpoints.FIPSEndpointStateDisabled - default: - return fmt.Errorf( - "invalid value for environment variable, %s=%s, need true, false", - k, value) - } - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/vendor/github.com/aws/aws-sdk-go/aws/session/session.go deleted file mode 100644 index 3c88dee5..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ /dev/null @@ -1,1005 +0,0 @@ -package session - -import ( - "crypto/tls" - "crypto/x509" - "fmt" - "io" - "io/ioutil" - "net/http" - "os" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/corehandlers" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/csm" - "github.com/aws/aws-sdk-go/aws/defaults" - "github.com/aws/aws-sdk-go/aws/endpoints" - "github.com/aws/aws-sdk-go/aws/request" -) - -const ( - // ErrCodeSharedConfig represents an error that occurs in the shared - // configuration logic - ErrCodeSharedConfig = "SharedConfigErr" - - // ErrCodeLoadCustomCABundle error code for unable to load custom CA bundle. - ErrCodeLoadCustomCABundle = "LoadCustomCABundleError" - - // ErrCodeLoadClientTLSCert error code for unable to load client TLS - // certificate or key - ErrCodeLoadClientTLSCert = "LoadClientTLSCertError" -) - -// ErrSharedConfigSourceCollision will be returned if a section contains both -// source_profile and credential_source -var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token", nil) - -// ErrSharedConfigECSContainerEnvVarEmpty will be returned if the environment -// variables are empty and Environment was set as the credential source -var ErrSharedConfigECSContainerEnvVarEmpty = awserr.New(ErrCodeSharedConfig, "EcsContainer was specified as the credential_source, but 'AWS_CONTAINER_CREDENTIALS_RELATIVE_URI' was not set", nil) - -// ErrSharedConfigInvalidCredSource will be returned if an invalid credential source was provided -var ErrSharedConfigInvalidCredSource = awserr.New(ErrCodeSharedConfig, "credential source values must be EcsContainer, Ec2InstanceMetadata, or Environment", nil) - -// A Session provides a central location to create service clients from and -// store configurations and request handlers for those services. -// -// Sessions are safe to create service clients concurrently, but it is not safe -// to mutate the Session concurrently. -// -// The Session satisfies the service client's client.ConfigProvider. -type Session struct { - Config *aws.Config - Handlers request.Handlers - - options Options -} - -// New creates a new instance of the handlers merging in the provided configs -// on top of the SDK's default configurations. Once the Session is created it -// can be mutated to modify the Config or Handlers. The Session is safe to be -// read concurrently, but it should not be written to concurrently. -// -// If the AWS_SDK_LOAD_CONFIG environment is set to a truthy value, the New -// method could now encounter an error when loading the configuration. When -// The environment variable is set, and an error occurs, New will return a -// session that will fail all requests reporting the error that occurred while -// loading the session. Use NewSession to get the error when creating the -// session. -// -// If the AWS_SDK_LOAD_CONFIG environment variable is set to a truthy value -// the shared config file (~/.aws/config) will also be loaded, in addition to -// the shared credentials file (~/.aws/credentials). Values set in both the -// shared config, and shared credentials will be taken from the shared -// credentials file. -// -// Deprecated: Use NewSession functions to create sessions instead. NewSession -// has the same functionality as New except an error can be returned when the -// func is called instead of waiting to receive an error until a request is made. -func New(cfgs ...*aws.Config) *Session { - // load initial config from environment - envCfg, envErr := loadEnvConfig() - - if envCfg.EnableSharedConfig { - var cfg aws.Config - cfg.MergeIn(cfgs...) - s, err := NewSessionWithOptions(Options{ - Config: cfg, - SharedConfigState: SharedConfigEnable, - }) - if err != nil { - // Old session.New expected all errors to be discovered when - // a request is made, and would report the errors then. This - // needs to be replicated if an error occurs while creating - // the session. - msg := "failed to create session with AWS_SDK_LOAD_CONFIG enabled. " + - "Use session.NewSession to handle errors occurring during session creation." - - // Session creation failed, need to report the error and prevent - // any requests from succeeding. - s = &Session{Config: defaults.Config()} - s.logDeprecatedNewSessionError(msg, err, cfgs) - } - - return s - } - - s := deprecatedNewSession(envCfg, cfgs...) - if envErr != nil { - msg := "failed to load env config" - s.logDeprecatedNewSessionError(msg, envErr, cfgs) - } - - if csmCfg, err := loadCSMConfig(envCfg, []string{}); err != nil { - if l := s.Config.Logger; l != nil { - l.Log(fmt.Sprintf("ERROR: failed to load CSM configuration, %v", err)) - } - } else if csmCfg.Enabled { - err := enableCSM(&s.Handlers, csmCfg, s.Config.Logger) - if err != nil { - msg := "failed to enable CSM" - s.logDeprecatedNewSessionError(msg, err, cfgs) - } - } - - return s -} - -// NewSession returns a new Session created from SDK defaults, config files, -// environment, and user provided config files. Once the Session is created -// it can be mutated to modify the Config or Handlers. The Session is safe to -// be read concurrently, but it should not be written to concurrently. -// -// If the AWS_SDK_LOAD_CONFIG environment variable is set to a truthy value -// the shared config file (~/.aws/config) will also be loaded in addition to -// the shared credentials file (~/.aws/credentials). Values set in both the -// shared config, and shared credentials will be taken from the shared -// credentials file. Enabling the Shared Config will also allow the Session -// to be built with retrieving credentials with AssumeRole set in the config. -// -// See the NewSessionWithOptions func for information on how to override or -// control through code how the Session will be created, such as specifying the -// config profile, and controlling if shared config is enabled or not. -func NewSession(cfgs ...*aws.Config) (*Session, error) { - opts := Options{} - opts.Config.MergeIn(cfgs...) - - return NewSessionWithOptions(opts) -} - -// SharedConfigState provides the ability to optionally override the state -// of the session's creation based on the shared config being enabled or -// disabled. -type SharedConfigState int - -const ( - // SharedConfigStateFromEnv does not override any state of the - // AWS_SDK_LOAD_CONFIG env var. It is the default value of the - // SharedConfigState type. - SharedConfigStateFromEnv SharedConfigState = iota - - // SharedConfigDisable overrides the AWS_SDK_LOAD_CONFIG env var value - // and disables the shared config functionality. - SharedConfigDisable - - // SharedConfigEnable overrides the AWS_SDK_LOAD_CONFIG env var value - // and enables the shared config functionality. - SharedConfigEnable -) - -// Options provides the means to control how a Session is created and what -// configuration values will be loaded. -type Options struct { - // Provides config values for the SDK to use when creating service clients - // and making API requests to services. Any value set in with this field - // will override the associated value provided by the SDK defaults, - // environment or config files where relevant. - // - // If not set, configuration values from from SDK defaults, environment, - // config will be used. - Config aws.Config - - // Overrides the config profile the Session should be created from. If not - // set the value of the environment variable will be loaded (AWS_PROFILE, - // or AWS_DEFAULT_PROFILE if the Shared Config is enabled). - // - // If not set and environment variables are not set the "default" - // (DefaultSharedConfigProfile) will be used as the profile to load the - // session config from. - Profile string - - // Instructs how the Session will be created based on the AWS_SDK_LOAD_CONFIG - // environment variable. By default a Session will be created using the - // value provided by the AWS_SDK_LOAD_CONFIG environment variable. - // - // Setting this value to SharedConfigEnable or SharedConfigDisable - // will allow you to override the AWS_SDK_LOAD_CONFIG environment variable - // and enable or disable the shared config functionality. - SharedConfigState SharedConfigState - - // Ordered list of files the session will load configuration from. - // It will override environment variable AWS_SHARED_CREDENTIALS_FILE, AWS_CONFIG_FILE. - SharedConfigFiles []string - - // When the SDK's shared config is configured to assume a role with MFA - // this option is required in order to provide the mechanism that will - // retrieve the MFA token. There is no default value for this field. If - // it is not set an error will be returned when creating the session. - // - // This token provider will be called when ever the assumed role's - // credentials need to be refreshed. Within the context of service clients - // all sharing the same session the SDK will ensure calls to the token - // provider are atomic. When sharing a token provider across multiple - // sessions additional synchronization logic is needed to ensure the - // token providers do not introduce race conditions. It is recommend to - // share the session where possible. - // - // stscreds.StdinTokenProvider is a basic implementation that will prompt - // from stdin for the MFA token code. - // - // This field is only used if the shared configuration is enabled, and - // the config enables assume role with MFA via the mfa_serial field. - AssumeRoleTokenProvider func() (string, error) - - // When the SDK's shared config is configured to assume a role this option - // may be provided to set the expiry duration of the STS credentials. - // Defaults to 15 minutes if not set as documented in the - // stscreds.AssumeRoleProvider. - AssumeRoleDuration time.Duration - - // Reader for a custom Credentials Authority (CA) bundle in PEM format that - // the SDK will use instead of the default system's root CA bundle. Use this - // only if you want to replace the CA bundle the SDK uses for TLS requests. - // - // HTTP Client's Transport concrete implementation must be a http.Transport - // or creating the session will fail. - // - // If the Transport's TLS config is set this option will cause the SDK - // to overwrite the Transport's TLS config's RootCAs value. If the CA - // bundle reader contains multiple certificates all of them will be loaded. - // - // Can also be specified via the environment variable: - // - // AWS_CA_BUNDLE=$HOME/ca_bundle - // - // Can also be specified via the shared config field: - // - // ca_bundle = $HOME/ca_bundle - CustomCABundle io.Reader - - // Reader for the TLC client certificate that should be used by the SDK's - // HTTP transport when making requests. The certificate must be paired with - // a TLS client key file. Will be ignored if both are not provided. - // - // HTTP Client's Transport concrete implementation must be a http.Transport - // or creating the session will fail. - // - // Can also be specified via the environment variable: - // - // AWS_SDK_GO_CLIENT_TLS_CERT=$HOME/my_client_cert - ClientTLSCert io.Reader - - // Reader for the TLC client key that should be used by the SDK's HTTP - // transport when making requests. The key must be paired with a TLS client - // certificate file. Will be ignored if both are not provided. - // - // HTTP Client's Transport concrete implementation must be a http.Transport - // or creating the session will fail. - // - // Can also be specified via the environment variable: - // - // AWS_SDK_GO_CLIENT_TLS_KEY=$HOME/my_client_key - ClientTLSKey io.Reader - - // The handlers that the session and all API clients will be created with. - // This must be a complete set of handlers. Use the defaults.Handlers() - // function to initialize this value before changing the handlers to be - // used by the SDK. - Handlers request.Handlers - - // Allows specifying a custom endpoint to be used by the EC2 IMDS client - // when making requests to the EC2 IMDS API. The endpoint value should - // include the URI scheme. If the scheme is not present it will be defaulted to http. - // - // If unset, will the EC2 IMDS client will use its default endpoint. - // - // Can also be specified via the environment variable, - // AWS_EC2_METADATA_SERVICE_ENDPOINT. - // - // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://169.254.169.254 - // - // If using an URL with an IPv6 address literal, the IPv6 address - // component must be enclosed in square brackets. - // - // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] - EC2IMDSEndpoint string - - // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) - // - // AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6 - EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState - - // Specifies options for creating credential providers. - // These are only used if the aws.Config does not already - // include credentials. - CredentialsProviderOptions *CredentialsProviderOptions -} - -// NewSessionWithOptions returns a new Session created from SDK defaults, config files, -// environment, and user provided config files. This func uses the Options -// values to configure how the Session is created. -// -// If the AWS_SDK_LOAD_CONFIG environment variable is set to a truthy value -// the shared config file (~/.aws/config) will also be loaded in addition to -// the shared credentials file (~/.aws/credentials). Values set in both the -// shared config, and shared credentials will be taken from the shared -// credentials file. Enabling the Shared Config will also allow the Session -// to be built with retrieving credentials with AssumeRole set in the config. -// -// // Equivalent to session.New -// sess := session.Must(session.NewSessionWithOptions(session.Options{})) -// -// // Specify profile to load for the session's config -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// Profile: "profile_name", -// })) -// -// // Specify profile for config and region for requests -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// Config: aws.Config{Region: aws.String("us-east-1")}, -// Profile: "profile_name", -// })) -// -// // Force enable Shared Config support -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// SharedConfigState: session.SharedConfigEnable, -// })) -func NewSessionWithOptions(opts Options) (*Session, error) { - var envCfg envConfig - var err error - if opts.SharedConfigState == SharedConfigEnable { - envCfg, err = loadSharedEnvConfig() - if err != nil { - return nil, fmt.Errorf("failed to load shared config, %v", err) - } - } else { - envCfg, err = loadEnvConfig() - if err != nil { - return nil, fmt.Errorf("failed to load environment config, %v", err) - } - } - - if len(opts.Profile) != 0 { - envCfg.Profile = opts.Profile - } - - switch opts.SharedConfigState { - case SharedConfigDisable: - envCfg.EnableSharedConfig = false - case SharedConfigEnable: - envCfg.EnableSharedConfig = true - } - - return newSession(opts, envCfg, &opts.Config) -} - -// Must is a helper function to ensure the Session is valid and there was no -// error when calling a NewSession function. -// -// This helper is intended to be used in variable initialization to load the -// Session and configuration at startup. Such as: -// -// var sess = session.Must(session.NewSession()) -func Must(sess *Session, err error) *Session { - if err != nil { - panic(err) - } - - return sess -} - -// Wraps the endpoint resolver with a resolver that will return a custom -// endpoint for EC2 IMDS. -func wrapEC2IMDSEndpoint(resolver endpoints.Resolver, endpoint string, mode endpoints.EC2IMDSEndpointModeState) endpoints.Resolver { - return endpoints.ResolverFunc( - func(service, region string, opts ...func(*endpoints.Options)) ( - endpoints.ResolvedEndpoint, error, - ) { - if service == ec2MetadataServiceID && len(endpoint) > 0 { - return endpoints.ResolvedEndpoint{ - URL: endpoint, - SigningName: ec2MetadataServiceID, - SigningRegion: region, - }, nil - } else if service == ec2MetadataServiceID { - opts = append(opts, func(o *endpoints.Options) { - o.EC2MetadataEndpointMode = mode - }) - } - return resolver.EndpointFor(service, region, opts...) - }) -} - -func deprecatedNewSession(envCfg envConfig, cfgs ...*aws.Config) *Session { - cfg := defaults.Config() - handlers := defaults.Handlers() - - // Apply the passed in configs so the configuration can be applied to the - // default credential chain - cfg.MergeIn(cfgs...) - if cfg.EndpointResolver == nil { - // An endpoint resolver is required for a session to be able to provide - // endpoints for service client configurations. - cfg.EndpointResolver = endpoints.DefaultResolver() - } - - if !(len(envCfg.EC2IMDSEndpoint) == 0 && envCfg.EC2IMDSEndpointMode == endpoints.EC2IMDSEndpointModeStateUnset) { - cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, envCfg.EC2IMDSEndpoint, envCfg.EC2IMDSEndpointMode) - } - - cfg.Credentials = defaults.CredChain(cfg, handlers) - - // Reapply any passed in configs to override credentials if set - cfg.MergeIn(cfgs...) - - s := &Session{ - Config: cfg, - Handlers: handlers, - options: Options{ - EC2IMDSEndpoint: envCfg.EC2IMDSEndpoint, - }, - } - - initHandlers(s) - return s -} - -func enableCSM(handlers *request.Handlers, cfg csmConfig, logger aws.Logger) error { - if logger != nil { - logger.Log("Enabling CSM") - } - - r, err := csm.Start(cfg.ClientID, csm.AddressWithDefaults(cfg.Host, cfg.Port)) - if err != nil { - return err - } - r.InjectHandlers(handlers) - - return nil -} - -func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, error) { - cfg := defaults.Config() - - handlers := opts.Handlers - if handlers.IsEmpty() { - handlers = defaults.Handlers() - } - - // Get a merged version of the user provided config to determine if - // credentials were. - userCfg := &aws.Config{} - userCfg.MergeIn(cfgs...) - cfg.MergeIn(userCfg) - - // Ordered config files will be loaded in with later files overwriting - // previous config file values. - var cfgFiles []string - if opts.SharedConfigFiles != nil { - cfgFiles = opts.SharedConfigFiles - } else { - cfgFiles = []string{envCfg.SharedConfigFile, envCfg.SharedCredentialsFile} - if !envCfg.EnableSharedConfig { - // The shared config file (~/.aws/config) is only loaded if instructed - // to load via the envConfig.EnableSharedConfig (AWS_SDK_LOAD_CONFIG). - cfgFiles = cfgFiles[1:] - } - } - - // Load additional config from file(s) - sharedCfg, err := loadSharedConfig(envCfg.Profile, cfgFiles, envCfg.EnableSharedConfig) - if err != nil { - if len(envCfg.Profile) == 0 && !envCfg.EnableSharedConfig && (envCfg.Creds.HasKeys() || userCfg.Credentials != nil) { - // Special case where the user has not explicitly specified an AWS_PROFILE, - // or session.Options.profile, shared config is not enabled, and the - // environment has credentials, allow the shared config file to fail to - // load since the user has already provided credentials, and nothing else - // is required to be read file. Github(aws/aws-sdk-go#2455) - } else if _, ok := err.(SharedConfigProfileNotExistsError); !ok { - return nil, err - } - } - - if err := mergeConfigSrcs(cfg, userCfg, envCfg, sharedCfg, handlers, opts); err != nil { - return nil, err - } - - if err := setTLSOptions(&opts, cfg, envCfg, sharedCfg); err != nil { - return nil, err - } - - s := &Session{ - Config: cfg, - Handlers: handlers, - options: opts, - } - - initHandlers(s) - - if csmCfg, err := loadCSMConfig(envCfg, cfgFiles); err != nil { - if l := s.Config.Logger; l != nil { - l.Log(fmt.Sprintf("ERROR: failed to load CSM configuration, %v", err)) - } - } else if csmCfg.Enabled { - err = enableCSM(&s.Handlers, csmCfg, s.Config.Logger) - if err != nil { - return nil, err - } - } - - return s, nil -} - -type csmConfig struct { - Enabled bool - Host string - Port string - ClientID string -} - -var csmProfileName = "aws_csm" - -func loadCSMConfig(envCfg envConfig, cfgFiles []string) (csmConfig, error) { - if envCfg.CSMEnabled != nil { - if *envCfg.CSMEnabled { - return csmConfig{ - Enabled: true, - ClientID: envCfg.CSMClientID, - Host: envCfg.CSMHost, - Port: envCfg.CSMPort, - }, nil - } - return csmConfig{}, nil - } - - sharedCfg, err := loadSharedConfig(csmProfileName, cfgFiles, false) - if err != nil { - if _, ok := err.(SharedConfigProfileNotExistsError); !ok { - return csmConfig{}, err - } - } - if sharedCfg.CSMEnabled != nil && *sharedCfg.CSMEnabled == true { - return csmConfig{ - Enabled: true, - ClientID: sharedCfg.CSMClientID, - Host: sharedCfg.CSMHost, - Port: sharedCfg.CSMPort, - }, nil - } - - return csmConfig{}, nil -} - -func setTLSOptions(opts *Options, cfg *aws.Config, envCfg envConfig, sharedCfg sharedConfig) error { - // CA Bundle can be specified in both environment variable shared config file. - var caBundleFilename = envCfg.CustomCABundle - if len(caBundleFilename) == 0 { - caBundleFilename = sharedCfg.CustomCABundle - } - - // Only use environment value if session option is not provided. - customTLSOptions := map[string]struct { - filename string - field *io.Reader - errCode string - }{ - "custom CA bundle PEM": {filename: caBundleFilename, field: &opts.CustomCABundle, errCode: ErrCodeLoadCustomCABundle}, - "custom client TLS cert": {filename: envCfg.ClientTLSCert, field: &opts.ClientTLSCert, errCode: ErrCodeLoadClientTLSCert}, - "custom client TLS key": {filename: envCfg.ClientTLSKey, field: &opts.ClientTLSKey, errCode: ErrCodeLoadClientTLSCert}, - } - for name, v := range customTLSOptions { - if len(v.filename) != 0 && *v.field == nil { - f, err := os.Open(v.filename) - if err != nil { - return awserr.New(v.errCode, fmt.Sprintf("failed to open %s file", name), err) - } - defer f.Close() - *v.field = f - } - } - - // Setup HTTP client with custom cert bundle if enabled - if opts.CustomCABundle != nil { - if err := loadCustomCABundle(cfg.HTTPClient, opts.CustomCABundle); err != nil { - return err - } - } - - // Setup HTTP client TLS certificate and key for client TLS authentication. - if opts.ClientTLSCert != nil && opts.ClientTLSKey != nil { - if err := loadClientTLSCert(cfg.HTTPClient, opts.ClientTLSCert, opts.ClientTLSKey); err != nil { - return err - } - } else if opts.ClientTLSCert == nil && opts.ClientTLSKey == nil { - // Do nothing if neither values are available. - - } else { - return awserr.New(ErrCodeLoadClientTLSCert, - fmt.Sprintf("client TLS cert(%t) and key(%t) must both be provided", - opts.ClientTLSCert != nil, opts.ClientTLSKey != nil), nil) - } - - return nil -} - -func getHTTPTransport(client *http.Client) (*http.Transport, error) { - var t *http.Transport - switch v := client.Transport.(type) { - case *http.Transport: - t = v - default: - if client.Transport != nil { - return nil, fmt.Errorf("unsupported transport, %T", client.Transport) - } - } - if t == nil { - // Nil transport implies `http.DefaultTransport` should be used. Since - // the SDK cannot modify, nor copy the `DefaultTransport` specifying - // the values the next closest behavior. - t = getCustomTransport() - } - - return t, nil -} - -func loadCustomCABundle(client *http.Client, bundle io.Reader) error { - t, err := getHTTPTransport(client) - if err != nil { - return awserr.New(ErrCodeLoadCustomCABundle, - "unable to load custom CA bundle, HTTPClient's transport unsupported type", err) - } - - p, err := loadCertPool(bundle) - if err != nil { - return err - } - if t.TLSClientConfig == nil { - t.TLSClientConfig = &tls.Config{} - } - t.TLSClientConfig.RootCAs = p - - client.Transport = t - - return nil -} - -func loadCertPool(r io.Reader) (*x509.CertPool, error) { - b, err := ioutil.ReadAll(r) - if err != nil { - return nil, awserr.New(ErrCodeLoadCustomCABundle, - "failed to read custom CA bundle PEM file", err) - } - - p := x509.NewCertPool() - if !p.AppendCertsFromPEM(b) { - return nil, awserr.New(ErrCodeLoadCustomCABundle, - "failed to load custom CA bundle PEM file", err) - } - - return p, nil -} - -func loadClientTLSCert(client *http.Client, certFile, keyFile io.Reader) error { - t, err := getHTTPTransport(client) - if err != nil { - return awserr.New(ErrCodeLoadClientTLSCert, - "unable to get usable HTTP transport from client", err) - } - - cert, err := ioutil.ReadAll(certFile) - if err != nil { - return awserr.New(ErrCodeLoadClientTLSCert, - "unable to get read client TLS cert file", err) - } - - key, err := ioutil.ReadAll(keyFile) - if err != nil { - return awserr.New(ErrCodeLoadClientTLSCert, - "unable to get read client TLS key file", err) - } - - clientCert, err := tls.X509KeyPair(cert, key) - if err != nil { - return awserr.New(ErrCodeLoadClientTLSCert, - "unable to load x509 key pair from client cert", err) - } - - tlsCfg := t.TLSClientConfig - if tlsCfg == nil { - tlsCfg = &tls.Config{} - } - - tlsCfg.Certificates = append(tlsCfg.Certificates, clientCert) - - t.TLSClientConfig = tlsCfg - client.Transport = t - - return nil -} - -func mergeConfigSrcs(cfg, userCfg *aws.Config, - envCfg envConfig, sharedCfg sharedConfig, - handlers request.Handlers, - sessOpts Options, -) error { - - // Region if not already set by user - if len(aws.StringValue(cfg.Region)) == 0 { - if len(envCfg.Region) > 0 { - cfg.WithRegion(envCfg.Region) - } else if envCfg.EnableSharedConfig && len(sharedCfg.Region) > 0 { - cfg.WithRegion(sharedCfg.Region) - } - } - - if cfg.EnableEndpointDiscovery == nil { - if envCfg.EnableEndpointDiscovery != nil { - cfg.WithEndpointDiscovery(*envCfg.EnableEndpointDiscovery) - } else if envCfg.EnableSharedConfig && sharedCfg.EnableEndpointDiscovery != nil { - cfg.WithEndpointDiscovery(*sharedCfg.EnableEndpointDiscovery) - } - } - - // Regional Endpoint flag for STS endpoint resolving - mergeSTSRegionalEndpointConfig(cfg, []endpoints.STSRegionalEndpoint{ - userCfg.STSRegionalEndpoint, - envCfg.STSRegionalEndpoint, - sharedCfg.STSRegionalEndpoint, - endpoints.LegacySTSEndpoint, - }) - - // Regional Endpoint flag for S3 endpoint resolving - mergeS3UsEast1RegionalEndpointConfig(cfg, []endpoints.S3UsEast1RegionalEndpoint{ - userCfg.S3UsEast1RegionalEndpoint, - envCfg.S3UsEast1RegionalEndpoint, - sharedCfg.S3UsEast1RegionalEndpoint, - endpoints.LegacyS3UsEast1Endpoint, - }) - - var ec2IMDSEndpoint string - for _, v := range []string{ - sessOpts.EC2IMDSEndpoint, - envCfg.EC2IMDSEndpoint, - sharedCfg.EC2IMDSEndpoint, - } { - if len(v) != 0 { - ec2IMDSEndpoint = v - break - } - } - - var endpointMode endpoints.EC2IMDSEndpointModeState - for _, v := range []endpoints.EC2IMDSEndpointModeState{ - sessOpts.EC2IMDSEndpointMode, - envCfg.EC2IMDSEndpointMode, - sharedCfg.EC2IMDSEndpointMode, - } { - if v != endpoints.EC2IMDSEndpointModeStateUnset { - endpointMode = v - break - } - } - - if len(ec2IMDSEndpoint) != 0 || endpointMode != endpoints.EC2IMDSEndpointModeStateUnset { - cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint, endpointMode) - } - - cfg.EC2MetadataEnableFallback = userCfg.EC2MetadataEnableFallback - if cfg.EC2MetadataEnableFallback == nil && envCfg.EC2IMDSv1Disabled != nil { - cfg.EC2MetadataEnableFallback = aws.Bool(!*envCfg.EC2IMDSv1Disabled) - } - if cfg.EC2MetadataEnableFallback == nil && sharedCfg.EC2IMDSv1Disabled != nil { - cfg.EC2MetadataEnableFallback = aws.Bool(!*sharedCfg.EC2IMDSv1Disabled) - } - - cfg.S3UseARNRegion = userCfg.S3UseARNRegion - if cfg.S3UseARNRegion == nil { - cfg.S3UseARNRegion = &envCfg.S3UseARNRegion - } - if cfg.S3UseARNRegion == nil { - cfg.S3UseARNRegion = &sharedCfg.S3UseARNRegion - } - - for _, v := range []endpoints.DualStackEndpointState{userCfg.UseDualStackEndpoint, envCfg.UseDualStackEndpoint, sharedCfg.UseDualStackEndpoint} { - if v != endpoints.DualStackEndpointStateUnset { - cfg.UseDualStackEndpoint = v - break - } - } - - for _, v := range []endpoints.FIPSEndpointState{userCfg.UseFIPSEndpoint, envCfg.UseFIPSEndpoint, sharedCfg.UseFIPSEndpoint} { - if v != endpoints.FIPSEndpointStateUnset { - cfg.UseFIPSEndpoint = v - break - } - } - - // Configure credentials if not already set by the user when creating the Session. - // Credentials are resolved last such that all _resolved_ config values are propagated to credential providers. - // ticket: P83606045 - if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { - creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) - if err != nil { - return err - } - cfg.Credentials = creds - } - - return nil -} - -func mergeSTSRegionalEndpointConfig(cfg *aws.Config, values []endpoints.STSRegionalEndpoint) { - for _, v := range values { - if v != endpoints.UnsetSTSEndpoint { - cfg.STSRegionalEndpoint = v - break - } - } -} - -func mergeS3UsEast1RegionalEndpointConfig(cfg *aws.Config, values []endpoints.S3UsEast1RegionalEndpoint) { - for _, v := range values { - if v != endpoints.UnsetS3UsEast1Endpoint { - cfg.S3UsEast1RegionalEndpoint = v - break - } - } -} - -func initHandlers(s *Session) { - // Add the Validate parameter handler if it is not disabled. - s.Handlers.Validate.Remove(corehandlers.ValidateParametersHandler) - if !aws.BoolValue(s.Config.DisableParamValidation) { - s.Handlers.Validate.PushBackNamed(corehandlers.ValidateParametersHandler) - } -} - -// Copy creates and returns a copy of the current Session, copying the config -// and handlers. If any additional configs are provided they will be merged -// on top of the Session's copied config. -// -// // Create a copy of the current Session, configured for the us-west-2 region. -// sess.Copy(&aws.Config{Region: aws.String("us-west-2")}) -func (s *Session) Copy(cfgs ...*aws.Config) *Session { - newSession := &Session{ - Config: s.Config.Copy(cfgs...), - Handlers: s.Handlers.Copy(), - options: s.options, - } - - initHandlers(newSession) - - return newSession -} - -// ClientConfig satisfies the client.ConfigProvider interface and is used to -// configure the service client instances. Passing the Session to the service -// client's constructor (New) will use this method to configure the client. -func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Config { - s = s.Copy(cfgs...) - - resolvedRegion := normalizeRegion(s.Config) - - region := aws.StringValue(s.Config.Region) - resolved, err := s.resolveEndpoint(service, region, resolvedRegion, s.Config) - if err != nil { - s.Handlers.Validate.PushBack(func(r *request.Request) { - if len(r.ClientInfo.Endpoint) != 0 { - // Error occurred while resolving endpoint, but the request - // being invoked has had an endpoint specified after the client - // was created. - return - } - r.Error = err - }) - } - - return client.Config{ - Config: s.Config, - Handlers: s.Handlers, - PartitionID: resolved.PartitionID, - Endpoint: resolved.URL, - SigningRegion: resolved.SigningRegion, - SigningNameDerived: resolved.SigningNameDerived, - SigningName: resolved.SigningName, - ResolvedRegion: resolvedRegion, - } -} - -const ec2MetadataServiceID = "ec2metadata" - -func (s *Session) resolveEndpoint(service, region, resolvedRegion string, cfg *aws.Config) (endpoints.ResolvedEndpoint, error) { - - if ep := aws.StringValue(cfg.Endpoint); len(ep) != 0 { - return endpoints.ResolvedEndpoint{ - URL: endpoints.AddScheme(ep, aws.BoolValue(cfg.DisableSSL)), - SigningRegion: region, - }, nil - } - - resolved, err := cfg.EndpointResolver.EndpointFor(service, region, - func(opt *endpoints.Options) { - opt.DisableSSL = aws.BoolValue(cfg.DisableSSL) - - opt.UseDualStack = aws.BoolValue(cfg.UseDualStack) - opt.UseDualStackEndpoint = cfg.UseDualStackEndpoint - - opt.UseFIPSEndpoint = cfg.UseFIPSEndpoint - - // Support for STSRegionalEndpoint where the STSRegionalEndpoint is - // provided in envConfig or sharedConfig with envConfig getting - // precedence. - opt.STSRegionalEndpoint = cfg.STSRegionalEndpoint - - // Support for S3UsEast1RegionalEndpoint where the S3UsEast1RegionalEndpoint is - // provided in envConfig or sharedConfig with envConfig getting - // precedence. - opt.S3UsEast1RegionalEndpoint = cfg.S3UsEast1RegionalEndpoint - - // Support the condition where the service is modeled but its - // endpoint metadata is not available. - opt.ResolveUnknownService = true - - opt.ResolvedRegion = resolvedRegion - - opt.Logger = cfg.Logger - opt.LogDeprecated = cfg.LogLevel.Matches(aws.LogDebugWithDeprecated) - }, - ) - if err != nil { - return endpoints.ResolvedEndpoint{}, err - } - - return resolved, nil -} - -// ClientConfigNoResolveEndpoint is the same as ClientConfig with the exception -// that the EndpointResolver will not be used to resolve the endpoint. The only -// endpoint set must come from the aws.Config.Endpoint field. -func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Config { - s = s.Copy(cfgs...) - - resolvedRegion := normalizeRegion(s.Config) - - var resolved endpoints.ResolvedEndpoint - if ep := aws.StringValue(s.Config.Endpoint); len(ep) > 0 { - resolved.URL = endpoints.AddScheme(ep, aws.BoolValue(s.Config.DisableSSL)) - resolved.SigningRegion = aws.StringValue(s.Config.Region) - } - - return client.Config{ - Config: s.Config, - Handlers: s.Handlers, - Endpoint: resolved.URL, - SigningRegion: resolved.SigningRegion, - SigningNameDerived: resolved.SigningNameDerived, - SigningName: resolved.SigningName, - ResolvedRegion: resolvedRegion, - } -} - -// logDeprecatedNewSessionError function enables error handling for session -func (s *Session) logDeprecatedNewSessionError(msg string, err error, cfgs []*aws.Config) { - // Session creation failed, need to report the error and prevent - // any requests from succeeding. - s.Config.MergeIn(cfgs...) - s.Config.Logger.Log("ERROR:", msg, "Error:", err) - s.Handlers.Validate.PushBack(func(r *request.Request) { - r.Error = err - }) -} - -// normalizeRegion resolves / normalizes the configured region (converts pseudo fips regions), and modifies the provided -// config to have the equivalent options for resolution and returns the resolved region name. -func normalizeRegion(cfg *aws.Config) (resolved string) { - const fipsInfix = "-fips-" - const fipsPrefix = "-fips" - const fipsSuffix = "fips-" - - region := aws.StringValue(cfg.Region) - - if strings.Contains(region, fipsInfix) || - strings.Contains(region, fipsPrefix) || - strings.Contains(region, fipsSuffix) { - resolved = strings.Replace(strings.Replace(strings.Replace( - region, fipsInfix, "-", -1), fipsPrefix, "", -1), fipsSuffix, "", -1) - cfg.UseFIPSEndpoint = endpoints.FIPSEndpointStateEnabled - } - - return resolved -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go deleted file mode 100644 index 2945185b..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ /dev/null @@ -1,856 +0,0 @@ -package session - -import ( - "fmt" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/endpoints" - "github.com/aws/aws-sdk-go/internal/ini" -) - -const ( - // Static Credentials group - accessKeyIDKey = `aws_access_key_id` // group required - secretAccessKey = `aws_secret_access_key` // group required - sessionTokenKey = `aws_session_token` // optional - - // Assume Role Credentials group - roleArnKey = `role_arn` // group required - sourceProfileKey = `source_profile` // group required (or credential_source) - credentialSourceKey = `credential_source` // group required (or source_profile) - externalIDKey = `external_id` // optional - mfaSerialKey = `mfa_serial` // optional - roleSessionNameKey = `role_session_name` // optional - roleDurationSecondsKey = "duration_seconds" // optional - - // Prefix to be used for SSO sections. These are supposed to only exist in - // the shared config file, not the credentials file. - ssoSectionPrefix = `sso-session ` - - // AWS Single Sign-On (AWS SSO) group - ssoSessionNameKey = "sso_session" - - // AWS Single Sign-On (AWS SSO) group - ssoAccountIDKey = "sso_account_id" - ssoRegionKey = "sso_region" - ssoRoleNameKey = "sso_role_name" - ssoStartURL = "sso_start_url" - - // CSM options - csmEnabledKey = `csm_enabled` - csmHostKey = `csm_host` - csmPortKey = `csm_port` - csmClientIDKey = `csm_client_id` - - // Additional Config fields - regionKey = `region` - - // custom CA Bundle filename - customCABundleKey = `ca_bundle` - - // endpoint discovery group - enableEndpointDiscoveryKey = `endpoint_discovery_enabled` // optional - - // External Credential Process - credentialProcessKey = `credential_process` // optional - - // Web Identity Token File - webIdentityTokenFileKey = `web_identity_token_file` // optional - - // Additional config fields for regional or legacy endpoints - stsRegionalEndpointSharedKey = `sts_regional_endpoints` - - // Additional config fields for regional or legacy endpoints - s3UsEast1RegionalSharedKey = `s3_us_east_1_regional_endpoint` - - // DefaultSharedConfigProfile is the default profile to be used when - // loading configuration from the config files if another profile name - // is not provided. - DefaultSharedConfigProfile = `default` - - // S3 ARN Region Usage - s3UseARNRegionKey = "s3_use_arn_region" - - // EC2 IMDS Endpoint Mode - ec2MetadataServiceEndpointModeKey = "ec2_metadata_service_endpoint_mode" - - // EC2 IMDS Endpoint - ec2MetadataServiceEndpointKey = "ec2_metadata_service_endpoint" - - // ECS IMDSv1 disable fallback - ec2MetadataV1DisabledKey = "ec2_metadata_v1_disabled" - - // Use DualStack Endpoint Resolution - useDualStackEndpoint = "use_dualstack_endpoint" - - // Use FIPS Endpoint Resolution - useFIPSEndpointKey = "use_fips_endpoint" -) - -// sharedConfig represents the configuration fields of the SDK config files. -type sharedConfig struct { - Profile string - - // Credentials values from the config file. Both aws_access_key_id and - // aws_secret_access_key must be provided together in the same file to be - // considered valid. The values will be ignored if not a complete group. - // aws_session_token is an optional field that can be provided if both of - // the other two fields are also provided. - // - // aws_access_key_id - // aws_secret_access_key - // aws_session_token - Creds credentials.Value - - CredentialSource string - CredentialProcess string - WebIdentityTokenFile string - - // SSO session options - SSOSessionName string - SSOSession *ssoSession - - SSOAccountID string - SSORegion string - SSORoleName string - SSOStartURL string - - RoleARN string - RoleSessionName string - ExternalID string - MFASerial string - AssumeRoleDuration *time.Duration - - SourceProfileName string - SourceProfile *sharedConfig - - // Region is the region the SDK should use for looking up AWS service - // endpoints and signing requests. - // - // region - Region string - - // CustomCABundle is the file path to a PEM file the SDK will read and - // use to configure the HTTP transport with additional CA certs that are - // not present in the platforms default CA store. - // - // This value will be ignored if the file does not exist. - // - // ca_bundle - CustomCABundle string - - // EnableEndpointDiscovery can be enabled in the shared config by setting - // endpoint_discovery_enabled to true - // - // endpoint_discovery_enabled = true - EnableEndpointDiscovery *bool - - // CSM Options - CSMEnabled *bool - CSMHost string - CSMPort string - CSMClientID string - - // Specifies the Regional Endpoint flag for the SDK to resolve the endpoint for a service - // - // sts_regional_endpoints = regional - // This can take value as `LegacySTSEndpoint` or `RegionalSTSEndpoint` - STSRegionalEndpoint endpoints.STSRegionalEndpoint - - // Specifies the Regional Endpoint flag for the SDK to resolve the endpoint for a service - // - // s3_us_east_1_regional_endpoint = regional - // This can take value as `LegacyS3UsEast1Endpoint` or `RegionalS3UsEast1Endpoint` - S3UsEast1RegionalEndpoint endpoints.S3UsEast1RegionalEndpoint - - // Specifies if the S3 service should allow ARNs to direct the region - // the client's requests are sent to. - // - // s3_use_arn_region=true - S3UseARNRegion bool - - // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) - // - // ec2_metadata_service_endpoint_mode=IPv6 - EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState - - // Specifies the EC2 Instance Metadata Service endpoint to use. If specified it overrides EC2IMDSEndpointMode. - // - // ec2_metadata_service_endpoint=http://fd00:ec2::254 - EC2IMDSEndpoint string - - // Specifies that IMDS clients should not fallback to IMDSv1 if token - // requests fail. - // - // ec2_metadata_v1_disabled=true - EC2IMDSv1Disabled *bool - - // Specifies that SDK clients must resolve a dual-stack endpoint for - // services. - // - // use_dualstack_endpoint=true - UseDualStackEndpoint endpoints.DualStackEndpointState - - // Specifies that SDK clients must resolve a FIPS endpoint for - // services. - // - // use_fips_endpoint=true - UseFIPSEndpoint endpoints.FIPSEndpointState -} - -type sharedConfigFile struct { - Filename string - IniData ini.Sections -} - -// SSOSession provides the shared configuration parameters of the sso-session -// section. -type ssoSession struct { - Name string - SSORegion string - SSOStartURL string -} - -func (s *ssoSession) setFromIniSection(section ini.Section) { - updateString(&s.Name, section, ssoSessionNameKey) - updateString(&s.SSORegion, section, ssoRegionKey) - updateString(&s.SSOStartURL, section, ssoStartURL) -} - -// loadSharedConfig retrieves the configuration from the list of files using -// the profile provided. The order the files are listed will determine -// precedence. Values in subsequent files will overwrite values defined in -// earlier files. -// -// For example, given two files A and B. Both define credentials. If the order -// of the files are A then B, B's credential values will be used instead of -// A's. -// -// See sharedConfig.setFromFile for information how the config files -// will be loaded. -func loadSharedConfig(profile string, filenames []string, exOpts bool) (sharedConfig, error) { - if len(profile) == 0 { - profile = DefaultSharedConfigProfile - } - - files, err := loadSharedConfigIniFiles(filenames) - if err != nil { - return sharedConfig{}, err - } - - cfg := sharedConfig{} - profiles := map[string]struct{}{} - if err = cfg.setFromIniFiles(profiles, profile, files, exOpts); err != nil { - return sharedConfig{}, err - } - - return cfg, nil -} - -func loadSharedConfigIniFiles(filenames []string) ([]sharedConfigFile, error) { - files := make([]sharedConfigFile, 0, len(filenames)) - - for _, filename := range filenames { - sections, err := ini.OpenFile(filename) - if aerr, ok := err.(awserr.Error); ok && aerr.Code() == ini.ErrCodeUnableToReadFile { - // Skip files which can't be opened and read for whatever reason - continue - } else if err != nil { - return nil, SharedConfigLoadError{Filename: filename, Err: err} - } - - files = append(files, sharedConfigFile{ - Filename: filename, IniData: sections, - }) - } - - return files, nil -} - -func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile string, files []sharedConfigFile, exOpts bool) error { - cfg.Profile = profile - - // Trim files from the list that don't exist. - var skippedFiles int - var profileNotFoundErr error - for _, f := range files { - if err := cfg.setFromIniFile(profile, f, exOpts); err != nil { - if _, ok := err.(SharedConfigProfileNotExistsError); ok { - // Ignore profiles not defined in individual files. - profileNotFoundErr = err - skippedFiles++ - continue - } - return err - } - } - if skippedFiles == len(files) { - // If all files were skipped because the profile is not found, return - // the original profile not found error. - return profileNotFoundErr - } - - if _, ok := profiles[profile]; ok { - // if this is the second instance of the profile the Assume Role - // options must be cleared because they are only valid for the - // first reference of a profile. The self linked instance of the - // profile only have credential provider options. - cfg.clearAssumeRoleOptions() - } else { - // First time a profile has been seen. Assert if the credential type - // requires a role ARN, the ARN is also set - if err := cfg.validateCredentialsConfig(profile); err != nil { - return err - } - } - - profiles[profile] = struct{}{} - - if err := cfg.validateCredentialType(); err != nil { - return err - } - - // Link source profiles for assume roles - if len(cfg.SourceProfileName) != 0 { - // Linked profile via source_profile ignore credential provider - // options, the source profile must provide the credentials. - cfg.clearCredentialOptions() - - srcCfg := &sharedConfig{} - err := srcCfg.setFromIniFiles(profiles, cfg.SourceProfileName, files, exOpts) - if err != nil { - // SourceProfile that doesn't exist is an error in configuration. - if _, ok := err.(SharedConfigProfileNotExistsError); ok { - err = SharedConfigAssumeRoleError{ - RoleARN: cfg.RoleARN, - SourceProfile: cfg.SourceProfileName, - } - } - return err - } - - if !srcCfg.hasCredentials() { - return SharedConfigAssumeRoleError{ - RoleARN: cfg.RoleARN, - SourceProfile: cfg.SourceProfileName, - } - } - - cfg.SourceProfile = srcCfg - } - - // If the profile contains an SSO session parameter, the session MUST exist - // as a section in the config file. Load the SSO session using the name - // provided. If the session section is not found or incomplete an error - // will be returned. - if cfg.hasSSOTokenProviderConfiguration() { - skippedFiles = 0 - for _, f := range files { - section, ok := f.IniData.GetSection(ssoSectionPrefix + strings.TrimSpace(cfg.SSOSessionName)) - if ok { - var ssoSession ssoSession - ssoSession.setFromIniSection(section) - ssoSession.Name = cfg.SSOSessionName - cfg.SSOSession = &ssoSession - break - } - skippedFiles++ - } - if skippedFiles == len(files) { - // If all files were skipped because the sso session section is not found, return - // the sso section not found error. - return fmt.Errorf("failed to find SSO session section, %v", cfg.SSOSessionName) - } - } - - return nil -} - -// setFromFile loads the configuration from the file using the profile -// provided. A sharedConfig pointer type value is used so that multiple config -// file loadings can be chained. -// -// Only loads complete logically grouped values, and will not set fields in cfg -// for incomplete grouped values in the config. Such as credentials. For -// example if a config file only includes aws_access_key_id but no -// aws_secret_access_key the aws_access_key_id will be ignored. -func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, exOpts bool) error { - section, ok := file.IniData.GetSection(profile) - if !ok { - // Fallback to to alternate profile name: profile - section, ok = file.IniData.GetSection(fmt.Sprintf("profile %s", profile)) - if !ok { - return SharedConfigProfileNotExistsError{Profile: profile, Err: nil} - } - } - - if exOpts { - // Assume Role Parameters - updateString(&cfg.RoleARN, section, roleArnKey) - updateString(&cfg.ExternalID, section, externalIDKey) - updateString(&cfg.MFASerial, section, mfaSerialKey) - updateString(&cfg.RoleSessionName, section, roleSessionNameKey) - updateString(&cfg.SourceProfileName, section, sourceProfileKey) - updateString(&cfg.CredentialSource, section, credentialSourceKey) - updateString(&cfg.Region, section, regionKey) - updateString(&cfg.CustomCABundle, section, customCABundleKey) - - // we're retaining a behavioral quirk with this field that existed before - // the removal of literal parsing for (aws-sdk-go-v2/#2276): - // - if the key is missing, the config field will not be set - // - if the key is set to a non-numeric, the config field will be set to 0 - if section.Has(roleDurationSecondsKey) { - var d time.Duration - if v, ok := section.Int(roleDurationSecondsKey); ok { - d = time.Duration(v) * time.Second - } - cfg.AssumeRoleDuration = &d - } - - if v := section.String(stsRegionalEndpointSharedKey); len(v) != 0 { - sre, err := endpoints.GetSTSRegionalEndpoint(v) - if err != nil { - return fmt.Errorf("failed to load %s from shared config, %s, %v", - stsRegionalEndpointSharedKey, file.Filename, err) - } - cfg.STSRegionalEndpoint = sre - } - - if v := section.String(s3UsEast1RegionalSharedKey); len(v) != 0 { - sre, err := endpoints.GetS3UsEast1RegionalEndpoint(v) - if err != nil { - return fmt.Errorf("failed to load %s from shared config, %s, %v", - s3UsEast1RegionalSharedKey, file.Filename, err) - } - cfg.S3UsEast1RegionalEndpoint = sre - } - - // AWS Single Sign-On (AWS SSO) - // SSO session options - updateString(&cfg.SSOSessionName, section, ssoSessionNameKey) - - // AWS Single Sign-On (AWS SSO) - updateString(&cfg.SSOAccountID, section, ssoAccountIDKey) - updateString(&cfg.SSORegion, section, ssoRegionKey) - updateString(&cfg.SSORoleName, section, ssoRoleNameKey) - updateString(&cfg.SSOStartURL, section, ssoStartURL) - - if err := updateEC2MetadataServiceEndpointMode(&cfg.EC2IMDSEndpointMode, section, ec2MetadataServiceEndpointModeKey); err != nil { - return fmt.Errorf("failed to load %s from shared config, %s, %v", - ec2MetadataServiceEndpointModeKey, file.Filename, err) - } - updateString(&cfg.EC2IMDSEndpoint, section, ec2MetadataServiceEndpointKey) - updateBoolPtr(&cfg.EC2IMDSv1Disabled, section, ec2MetadataV1DisabledKey) - - updateUseDualStackEndpoint(&cfg.UseDualStackEndpoint, section, useDualStackEndpoint) - - updateUseFIPSEndpoint(&cfg.UseFIPSEndpoint, section, useFIPSEndpointKey) - } - - updateString(&cfg.CredentialProcess, section, credentialProcessKey) - updateString(&cfg.WebIdentityTokenFile, section, webIdentityTokenFileKey) - - // Shared Credentials - creds := credentials.Value{ - AccessKeyID: section.String(accessKeyIDKey), - SecretAccessKey: section.String(secretAccessKey), - SessionToken: section.String(sessionTokenKey), - ProviderName: fmt.Sprintf("SharedConfigCredentials: %s", file.Filename), - } - if creds.HasKeys() { - cfg.Creds = creds - } - - // Endpoint discovery - updateBoolPtr(&cfg.EnableEndpointDiscovery, section, enableEndpointDiscoveryKey) - - // CSM options - updateBoolPtr(&cfg.CSMEnabled, section, csmEnabledKey) - updateString(&cfg.CSMHost, section, csmHostKey) - updateString(&cfg.CSMPort, section, csmPortKey) - updateString(&cfg.CSMClientID, section, csmClientIDKey) - - updateBool(&cfg.S3UseARNRegion, section, s3UseARNRegionKey) - - return nil -} - -func updateEC2MetadataServiceEndpointMode(endpointMode *endpoints.EC2IMDSEndpointModeState, section ini.Section, key string) error { - if !section.Has(key) { - return nil - } - value := section.String(key) - return endpointMode.SetFromString(value) -} - -func (cfg *sharedConfig) validateCredentialsConfig(profile string) error { - if err := cfg.validateCredentialsRequireARN(profile); err != nil { - return err - } - - return nil -} - -func (cfg *sharedConfig) validateCredentialsRequireARN(profile string) error { - var credSource string - - switch { - case len(cfg.SourceProfileName) != 0: - credSource = sourceProfileKey - case len(cfg.CredentialSource) != 0: - credSource = credentialSourceKey - case len(cfg.WebIdentityTokenFile) != 0: - credSource = webIdentityTokenFileKey - } - - if len(credSource) != 0 && len(cfg.RoleARN) == 0 { - return CredentialRequiresARNError{ - Type: credSource, - Profile: profile, - } - } - - return nil -} - -func (cfg *sharedConfig) validateCredentialType() error { - // Only one or no credential type can be defined. - if !oneOrNone( - len(cfg.SourceProfileName) != 0, - len(cfg.CredentialSource) != 0, - len(cfg.CredentialProcess) != 0, - len(cfg.WebIdentityTokenFile) != 0, - ) { - return ErrSharedConfigSourceCollision - } - - return nil -} - -func (cfg *sharedConfig) validateSSOConfiguration() error { - if cfg.hasSSOTokenProviderConfiguration() { - err := cfg.validateSSOTokenProviderConfiguration() - if err != nil { - return err - } - return nil - } - - if cfg.hasLegacySSOConfiguration() { - err := cfg.validateLegacySSOConfiguration() - if err != nil { - return err - } - } - return nil -} - -func (cfg *sharedConfig) hasCredentials() bool { - switch { - case len(cfg.SourceProfileName) != 0: - case len(cfg.CredentialSource) != 0: - case len(cfg.CredentialProcess) != 0: - case len(cfg.WebIdentityTokenFile) != 0: - case cfg.hasSSOConfiguration(): - case cfg.Creds.HasKeys(): - default: - return false - } - - return true -} - -func (cfg *sharedConfig) clearCredentialOptions() { - cfg.CredentialSource = "" - cfg.CredentialProcess = "" - cfg.WebIdentityTokenFile = "" - cfg.Creds = credentials.Value{} - cfg.SSOAccountID = "" - cfg.SSORegion = "" - cfg.SSORoleName = "" - cfg.SSOStartURL = "" -} - -func (cfg *sharedConfig) clearAssumeRoleOptions() { - cfg.RoleARN = "" - cfg.ExternalID = "" - cfg.MFASerial = "" - cfg.RoleSessionName = "" - cfg.SourceProfileName = "" -} - -func (cfg *sharedConfig) hasSSOConfiguration() bool { - return cfg.hasSSOTokenProviderConfiguration() || cfg.hasLegacySSOConfiguration() -} - -func (c *sharedConfig) hasSSOTokenProviderConfiguration() bool { - return len(c.SSOSessionName) > 0 -} - -func (c *sharedConfig) hasLegacySSOConfiguration() bool { - return len(c.SSORegion) > 0 || len(c.SSOAccountID) > 0 || len(c.SSOStartURL) > 0 || len(c.SSORoleName) > 0 -} - -func (c *sharedConfig) validateSSOTokenProviderConfiguration() error { - var missing []string - - if len(c.SSOSessionName) == 0 { - missing = append(missing, ssoSessionNameKey) - } - - if c.SSOSession == nil { - missing = append(missing, ssoSectionPrefix) - } else { - if len(c.SSOSession.SSORegion) == 0 { - missing = append(missing, ssoRegionKey) - } - - if len(c.SSOSession.SSOStartURL) == 0 { - missing = append(missing, ssoStartURL) - } - } - - if len(missing) > 0 { - return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", - c.Profile, strings.Join(missing, ", ")) - } - - if len(c.SSORegion) > 0 && c.SSORegion != c.SSOSession.SSORegion { - return fmt.Errorf("%s in profile %q must match %s in %s", ssoRegionKey, c.Profile, ssoRegionKey, ssoSectionPrefix) - } - - if len(c.SSOStartURL) > 0 && c.SSOStartURL != c.SSOSession.SSOStartURL { - return fmt.Errorf("%s in profile %q must match %s in %s", ssoStartURL, c.Profile, ssoStartURL, ssoSectionPrefix) - } - - return nil -} - -func (c *sharedConfig) validateLegacySSOConfiguration() error { - var missing []string - - if len(c.SSORegion) == 0 { - missing = append(missing, ssoRegionKey) - } - - if len(c.SSOStartURL) == 0 { - missing = append(missing, ssoStartURL) - } - - if len(c.SSOAccountID) == 0 { - missing = append(missing, ssoAccountIDKey) - } - - if len(c.SSORoleName) == 0 { - missing = append(missing, ssoRoleNameKey) - } - - if len(missing) > 0 { - return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", - c.Profile, strings.Join(missing, ", ")) - } - return nil -} - -func oneOrNone(bs ...bool) bool { - var count int - - for _, b := range bs { - if b { - count++ - if count > 1 { - return false - } - } - } - - return true -} - -// updateString will only update the dst with the value in the section key, key -// is present in the section. -func updateString(dst *string, section ini.Section, key string) { - if !section.Has(key) { - return - } - *dst = section.String(key) -} - -// updateBool will only update the dst with the value in the section key, key -// is present in the section. -func updateBool(dst *bool, section ini.Section, key string) { - if !section.Has(key) { - return - } - - // retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false - v, _ := section.Bool(key) - *dst = v -} - -// updateBoolPtr will only update the dst with the value in the section key, -// key is present in the section. -func updateBoolPtr(dst **bool, section ini.Section, key string) { - if !section.Has(key) { - return - } - - // retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false - v, _ := section.Bool(key) - *dst = new(bool) - **dst = v -} - -// SharedConfigLoadError is an error for the shared config file failed to load. -type SharedConfigLoadError struct { - Filename string - Err error -} - -// Code is the short id of the error. -func (e SharedConfigLoadError) Code() string { - return "SharedConfigLoadError" -} - -// Message is the description of the error -func (e SharedConfigLoadError) Message() string { - return fmt.Sprintf("failed to load config file, %s", e.Filename) -} - -// OrigErr is the underlying error that caused the failure. -func (e SharedConfigLoadError) OrigErr() error { - return e.Err -} - -// Error satisfies the error interface. -func (e SharedConfigLoadError) Error() string { - return awserr.SprintError(e.Code(), e.Message(), "", e.Err) -} - -// SharedConfigProfileNotExistsError is an error for the shared config when -// the profile was not find in the config file. -type SharedConfigProfileNotExistsError struct { - Profile string - Err error -} - -// Code is the short id of the error. -func (e SharedConfigProfileNotExistsError) Code() string { - return "SharedConfigProfileNotExistsError" -} - -// Message is the description of the error -func (e SharedConfigProfileNotExistsError) Message() string { - return fmt.Sprintf("failed to get profile, %s", e.Profile) -} - -// OrigErr is the underlying error that caused the failure. -func (e SharedConfigProfileNotExistsError) OrigErr() error { - return e.Err -} - -// Error satisfies the error interface. -func (e SharedConfigProfileNotExistsError) Error() string { - return awserr.SprintError(e.Code(), e.Message(), "", e.Err) -} - -// SharedConfigAssumeRoleError is an error for the shared config when the -// profile contains assume role information, but that information is invalid -// or not complete. -type SharedConfigAssumeRoleError struct { - RoleARN string - SourceProfile string -} - -// Code is the short id of the error. -func (e SharedConfigAssumeRoleError) Code() string { - return "SharedConfigAssumeRoleError" -} - -// Message is the description of the error -func (e SharedConfigAssumeRoleError) Message() string { - return fmt.Sprintf( - "failed to load assume role for %s, source profile %s has no shared credentials", - e.RoleARN, e.SourceProfile, - ) -} - -// OrigErr is the underlying error that caused the failure. -func (e SharedConfigAssumeRoleError) OrigErr() error { - return nil -} - -// Error satisfies the error interface. -func (e SharedConfigAssumeRoleError) Error() string { - return awserr.SprintError(e.Code(), e.Message(), "", nil) -} - -// CredentialRequiresARNError provides the error for shared config credentials -// that are incorrectly configured in the shared config or credentials file. -type CredentialRequiresARNError struct { - // type of credentials that were configured. - Type string - - // Profile name the credentials were in. - Profile string -} - -// Code is the short id of the error. -func (e CredentialRequiresARNError) Code() string { - return "CredentialRequiresARNError" -} - -// Message is the description of the error -func (e CredentialRequiresARNError) Message() string { - return fmt.Sprintf( - "credential type %s requires role_arn, profile %s", - e.Type, e.Profile, - ) -} - -// OrigErr is the underlying error that caused the failure. -func (e CredentialRequiresARNError) OrigErr() error { - return nil -} - -// Error satisfies the error interface. -func (e CredentialRequiresARNError) Error() string { - return awserr.SprintError(e.Code(), e.Message(), "", nil) -} - -// updateEndpointDiscoveryType will only update the dst with the value in the section, if -// a valid key and corresponding EndpointDiscoveryType is found. -func updateUseDualStackEndpoint(dst *endpoints.DualStackEndpointState, section ini.Section, key string) { - if !section.Has(key) { - return - } - - // retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false - if v, _ := section.Bool(key); v { - *dst = endpoints.DualStackEndpointStateEnabled - } else { - *dst = endpoints.DualStackEndpointStateDisabled - } - - return -} - -// updateEndpointDiscoveryType will only update the dst with the value in the section, if -// a valid key and corresponding EndpointDiscoveryType is found. -func updateUseFIPSEndpoint(dst *endpoints.FIPSEndpointState, section ini.Section, key string) { - if !section.Has(key) { - return - } - - // retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false - if v, _ := section.Bool(key); v { - *dst = endpoints.FIPSEndpointStateEnabled - } else { - *dst = endpoints.FIPSEndpointStateDisabled - } - - return -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go deleted file mode 100644 index 99375383..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go +++ /dev/null @@ -1,81 +0,0 @@ -package v4 - -import ( - "github.com/aws/aws-sdk-go/internal/strings" -) - -// validator houses a set of rule needed for validation of a -// string value -type rules []rule - -// rule interface allows for more flexible rules and just simply -// checks whether or not a value adheres to that rule -type rule interface { - IsValid(value string) bool -} - -// IsValid will iterate through all rules and see if any rules -// apply to the value and supports nested rules -func (r rules) IsValid(value string) bool { - for _, rule := range r { - if rule.IsValid(value) { - return true - } - } - return false -} - -// mapRule generic rule for maps -type mapRule map[string]struct{} - -// IsValid for the map rule satisfies whether it exists in the map -func (m mapRule) IsValid(value string) bool { - _, ok := m[value] - return ok -} - -// allowList is a generic rule for allow listing -type allowList struct { - rule -} - -// IsValid for allow list checks if the value is within the allow list -func (w allowList) IsValid(value string) bool { - return w.rule.IsValid(value) -} - -// excludeList is a generic rule for exclude listing -type excludeList struct { - rule -} - -// IsValid for exclude list checks if the value is within the exclude list -func (b excludeList) IsValid(value string) bool { - return !b.rule.IsValid(value) -} - -type patterns []string - -// IsValid for patterns checks each pattern and returns if a match has -// been found -func (p patterns) IsValid(value string) bool { - for _, pattern := range p { - if strings.HasPrefixFold(value, pattern) { - return true - } - } - return false -} - -// inclusiveRules rules allow for rules to depend on one another -type inclusiveRules []rule - -// IsValid will return true if all rules are true -func (r inclusiveRules) IsValid(value string) bool { - for _, rule := range r { - if !rule.IsValid(value) { - return false - } - } - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/options.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/options.go deleted file mode 100644 index 6aa2ed24..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/options.go +++ /dev/null @@ -1,7 +0,0 @@ -package v4 - -// WithUnsignedPayload will enable and set the UnsignedPayload field to -// true of the signer. -func WithUnsignedPayload(v4 *Signer) { - v4.UnsignedPayload = true -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go deleted file mode 100644 index cf672b6a..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go +++ /dev/null @@ -1,14 +0,0 @@ -//go:build !go1.7 -// +build !go1.7 - -package v4 - -import ( - "net/http" - - "github.com/aws/aws-sdk-go/aws" -) - -func requestContext(r *http.Request) aws.Context { - return aws.BackgroundContext() -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go deleted file mode 100644 index 21fe74e6..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go +++ /dev/null @@ -1,14 +0,0 @@ -//go:build go1.7 -// +build go1.7 - -package v4 - -import ( - "net/http" - - "github.com/aws/aws-sdk-go/aws" -) - -func requestContext(r *http.Request) aws.Context { - return r.Context() -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go deleted file mode 100644 index 02cbd97e..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/stream.go +++ /dev/null @@ -1,63 +0,0 @@ -package v4 - -import ( - "encoding/hex" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws/credentials" -) - -type credentialValueProvider interface { - Get() (credentials.Value, error) -} - -// StreamSigner implements signing of event stream encoded payloads -type StreamSigner struct { - region string - service string - - credentials credentialValueProvider - - prevSig []byte -} - -// NewStreamSigner creates a SigV4 signer used to sign Event Stream encoded messages -func NewStreamSigner(region, service string, seedSignature []byte, credentials *credentials.Credentials) *StreamSigner { - return &StreamSigner{ - region: region, - service: service, - credentials: credentials, - prevSig: seedSignature, - } -} - -// GetSignature takes an event stream encoded headers and payload and returns a signature -func (s *StreamSigner) GetSignature(headers, payload []byte, date time.Time) ([]byte, error) { - credValue, err := s.credentials.Get() - if err != nil { - return nil, err - } - - sigKey := deriveSigningKey(s.region, s.service, credValue.SecretAccessKey, date) - - keyPath := buildSigningScope(s.region, s.service, date) - - stringToSign := buildEventStreamStringToSign(headers, payload, s.prevSig, keyPath, date) - - signature := hmacSHA256(sigKey, []byte(stringToSign)) - s.prevSig = signature - - return signature, nil -} - -func buildEventStreamStringToSign(headers, payload, prevSig []byte, scope string, date time.Time) string { - return strings.Join([]string{ - "AWS4-HMAC-SHA256-PAYLOAD", - formatTime(date), - scope, - hex.EncodeToString(prevSig), - hex.EncodeToString(hashSHA256(headers)), - hex.EncodeToString(hashSHA256(payload)), - }, "\n") -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path.go deleted file mode 100644 index 7711ec73..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path.go +++ /dev/null @@ -1,25 +0,0 @@ -//go:build go1.5 -// +build go1.5 - -package v4 - -import ( - "net/url" - "strings" -) - -func getURIPath(u *url.URL) string { - var uri string - - if len(u.Opaque) > 0 { - uri = "/" + strings.Join(strings.Split(u.Opaque, "/")[3:], "/") - } else { - uri = u.EscapedPath() - } - - if len(uri) == 0 { - uri = "/" - } - - return uri -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go deleted file mode 100644 index b542df93..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ /dev/null @@ -1,857 +0,0 @@ -// Package v4 implements signing for AWS V4 signer -// -// Provides request signing for request that need to be signed with -// AWS V4 Signatures. -// -// # Standalone Signer -// -// Generally using the signer outside of the SDK should not require any additional -// logic when using Go v1.5 or higher. The signer does this by taking advantage -// of the URL.EscapedPath method. If your request URI requires additional escaping -// you may need to use the URL.Opaque to define what the raw URI should be sent -// to the service as. -// -// The signer will first check the URL.Opaque field, and use its value if set. -// The signer does require the URL.Opaque field to be set in the form of: -// -// "///" -// -// // e.g. -// "//example.com/some/path" -// -// The leading "//" and hostname are required or the URL.Opaque escaping will -// not work correctly. -// -// If URL.Opaque is not set the signer will fallback to the URL.EscapedPath() -// method and using the returned value. If you're using Go v1.4 you must set -// URL.Opaque if the URI path needs escaping. If URL.Opaque is not set with -// Go v1.5 the signer will fallback to URL.Path. -// -// AWS v4 signature validation requires that the canonical string's URI path -// element must be the URI escaped form of the HTTP request's path. -// http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html -// -// The Go HTTP client will perform escaping automatically on the request. Some -// of these escaping may cause signature validation errors because the HTTP -// request differs from the URI path or query that the signature was generated. -// https://golang.org/pkg/net/url/#URL.EscapedPath -// -// Because of this, it is recommended that when using the signer outside of the -// SDK that explicitly escaping the request prior to being signed is preferable, -// and will help prevent signature validation errors. This can be done by setting -// the URL.Opaque or URL.RawPath. The SDK will use URL.Opaque first and then -// call URL.EscapedPath() if Opaque is not set. -// -// If signing a request intended for HTTP2 server, and you're using Go 1.6.2 -// through 1.7.4 you should use the URL.RawPath as the pre-escaped form of the -// request URL. https://github.com/golang/go/issues/16847 points to a bug in -// Go pre 1.8 that fails to make HTTP2 requests using absolute URL in the HTTP -// message. URL.Opaque generally will force Go to make requests with absolute URL. -// URL.RawPath does not do this, but RawPath must be a valid escaping of Path -// or url.EscapedPath will ignore the RawPath escaping. -// -// Test `TestStandaloneSign` provides a complete example of using the signer -// outside of the SDK and pre-escaping the URI path. -package v4 - -import ( - "crypto/hmac" - "crypto/sha256" - "encoding/hex" - "fmt" - "io" - "io/ioutil" - "net/http" - "net/url" - "sort" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/internal/sdkio" - "github.com/aws/aws-sdk-go/private/protocol/rest" -) - -const ( - authorizationHeader = "Authorization" - authHeaderSignatureElem = "Signature=" - signatureQueryKey = "X-Amz-Signature" - - authHeaderPrefix = "AWS4-HMAC-SHA256" - timeFormat = "20060102T150405Z" - shortTimeFormat = "20060102" - awsV4Request = "aws4_request" - - // emptyStringSHA256 is a SHA256 of an empty string - emptyStringSHA256 = `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` -) - -var ignoredHeaders = rules{ - excludeList{ - mapRule{ - authorizationHeader: struct{}{}, - "User-Agent": struct{}{}, - "X-Amzn-Trace-Id": struct{}{}, - }, - }, -} - -// requiredSignedHeaders is a allow list for build canonical headers. -var requiredSignedHeaders = rules{ - allowList{ - mapRule{ - "Cache-Control": struct{}{}, - "Content-Disposition": struct{}{}, - "Content-Encoding": struct{}{}, - "Content-Language": struct{}{}, - "Content-Md5": struct{}{}, - "Content-Type": struct{}{}, - "Expires": struct{}{}, - "If-Match": struct{}{}, - "If-Modified-Since": struct{}{}, - "If-None-Match": struct{}{}, - "If-Unmodified-Since": struct{}{}, - "Range": struct{}{}, - "X-Amz-Acl": struct{}{}, - "X-Amz-Copy-Source": struct{}{}, - "X-Amz-Copy-Source-If-Match": struct{}{}, - "X-Amz-Copy-Source-If-Modified-Since": struct{}{}, - "X-Amz-Copy-Source-If-None-Match": struct{}{}, - "X-Amz-Copy-Source-If-Unmodified-Since": struct{}{}, - "X-Amz-Copy-Source-Range": struct{}{}, - "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm": struct{}{}, - "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key": struct{}{}, - "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, - "X-Amz-Expected-Bucket-Owner": struct{}{}, - "X-Amz-Grant-Full-control": struct{}{}, - "X-Amz-Grant-Read": struct{}{}, - "X-Amz-Grant-Read-Acp": struct{}{}, - "X-Amz-Grant-Write": struct{}{}, - "X-Amz-Grant-Write-Acp": struct{}{}, - "X-Amz-Metadata-Directive": struct{}{}, - "X-Amz-Mfa": struct{}{}, - "X-Amz-Request-Payer": struct{}{}, - "X-Amz-Server-Side-Encryption": struct{}{}, - "X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": struct{}{}, - "X-Amz-Server-Side-Encryption-Context": struct{}{}, - "X-Amz-Server-Side-Encryption-Customer-Algorithm": struct{}{}, - "X-Amz-Server-Side-Encryption-Customer-Key": struct{}{}, - "X-Amz-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, - "X-Amz-Storage-Class": struct{}{}, - "X-Amz-Tagging": struct{}{}, - "X-Amz-Website-Redirect-Location": struct{}{}, - "X-Amz-Content-Sha256": struct{}{}, - }, - }, - patterns{"X-Amz-Meta-"}, - patterns{"X-Amz-Object-Lock-"}, -} - -// allowedHoisting is a allow list for build query headers. The boolean value -// represents whether or not it is a pattern. -var allowedQueryHoisting = inclusiveRules{ - excludeList{requiredSignedHeaders}, - patterns{"X-Amz-"}, -} - -// Signer applies AWS v4 signing to given request. Use this to sign requests -// that need to be signed with AWS V4 Signatures. -type Signer struct { - // The authentication credentials the request will be signed against. - // This value must be set to sign requests. - Credentials *credentials.Credentials - - // Sets the log level the signer should use when reporting information to - // the logger. If the logger is nil nothing will be logged. See - // aws.LogLevelType for more information on available logging levels - // - // By default nothing will be logged. - Debug aws.LogLevelType - - // The logger loging information will be written to. If there the logger - // is nil, nothing will be logged. - Logger aws.Logger - - // Disables the Signer's moving HTTP header key/value pairs from the HTTP - // request header to the request's query string. This is most commonly used - // with pre-signed requests preventing headers from being added to the - // request's query string. - DisableHeaderHoisting bool - - // Disables the automatic escaping of the URI path of the request for the - // siganture's canonical string's path. For services that do not need additional - // escaping then use this to disable the signer escaping the path. - // - // S3 is an example of a service that does not need additional escaping. - // - // http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html - DisableURIPathEscaping bool - - // Disables the automatical setting of the HTTP request's Body field with the - // io.ReadSeeker passed in to the signer. This is useful if you're using a - // custom wrapper around the body for the io.ReadSeeker and want to preserve - // the Body value on the Request.Body. - // - // This does run the risk of signing a request with a body that will not be - // sent in the request. Need to ensure that the underlying data of the Body - // values are the same. - DisableRequestBodyOverwrite bool - - // currentTimeFn returns the time value which represents the current time. - // This value should only be used for testing. If it is nil the default - // time.Now will be used. - currentTimeFn func() time.Time - - // UnsignedPayload will prevent signing of the payload. This will only - // work for services that have support for this. - UnsignedPayload bool -} - -// NewSigner returns a Signer pointer configured with the credentials and optional -// option values provided. If not options are provided the Signer will use its -// default configuration. -func NewSigner(credentials *credentials.Credentials, options ...func(*Signer)) *Signer { - v4 := &Signer{ - Credentials: credentials, - } - - for _, option := range options { - option(v4) - } - - return v4 -} - -type signingCtx struct { - ServiceName string - Region string - Request *http.Request - Body io.ReadSeeker - Query url.Values - Time time.Time - ExpireTime time.Duration - SignedHeaderVals http.Header - - DisableURIPathEscaping bool - - credValues credentials.Value - isPresign bool - unsignedPayload bool - - bodyDigest string - signedHeaders string - canonicalHeaders string - canonicalString string - credentialString string - stringToSign string - signature string - authorization string -} - -// Sign signs AWS v4 requests with the provided body, service name, region the -// request is made to, and time the request is signed at. The signTime allows -// you to specify that a request is signed for the future, and cannot be -// used until then. -// -// Returns a list of HTTP headers that were included in the signature or an -// error if signing the request failed. Generally for signed requests this value -// is not needed as the full request context will be captured by the http.Request -// value. It is included for reference though. -// -// Sign will set the request's Body to be the `body` parameter passed in. If -// the body is not already an io.ReadCloser, it will be wrapped within one. If -// a `nil` body parameter passed to Sign, the request's Body field will be -// also set to nil. Its important to note that this functionality will not -// change the request's ContentLength of the request. -// -// Sign differs from Presign in that it will sign the request using HTTP -// header values. This type of signing is intended for http.Request values that -// will not be shared, or are shared in a way the header values on the request -// will not be lost. -// -// The requests body is an io.ReadSeeker so the SHA256 of the body can be -// generated. To bypass the signer computing the hash you can set the -// "X-Amz-Content-Sha256" header with a precomputed value. The signer will -// only compute the hash if the request header value is empty. -func (v4 Signer) Sign(r *http.Request, body io.ReadSeeker, service, region string, signTime time.Time) (http.Header, error) { - return v4.signWithBody(r, body, service, region, 0, false, signTime) -} - -// Presign signs AWS v4 requests with the provided body, service name, region -// the request is made to, and time the request is signed at. The signTime -// allows you to specify that a request is signed for the future, and cannot -// be used until then. -// -// Returns a list of HTTP headers that were included in the signature or an -// error if signing the request failed. For presigned requests these headers -// and their values must be included on the HTTP request when it is made. This -// is helpful to know what header values need to be shared with the party the -// presigned request will be distributed to. -// -// Presign differs from Sign in that it will sign the request using query string -// instead of header values. This allows you to share the Presigned Request's -// URL with third parties, or distribute it throughout your system with minimal -// dependencies. -// -// Presign also takes an exp value which is the duration the -// signed request will be valid after the signing time. This is allows you to -// set when the request will expire. -// -// The requests body is an io.ReadSeeker so the SHA256 of the body can be -// generated. To bypass the signer computing the hash you can set the -// "X-Amz-Content-Sha256" header with a precomputed value. The signer will -// only compute the hash if the request header value is empty. -// -// Presigning a S3 request will not compute the body's SHA256 hash by default. -// This is done due to the general use case for S3 presigned URLs is to share -// PUT/GET capabilities. If you would like to include the body's SHA256 in the -// presigned request's signature you can set the "X-Amz-Content-Sha256" -// HTTP header and that will be included in the request's signature. -func (v4 Signer) Presign(r *http.Request, body io.ReadSeeker, service, region string, exp time.Duration, signTime time.Time) (http.Header, error) { - return v4.signWithBody(r, body, service, region, exp, true, signTime) -} - -func (v4 Signer) signWithBody(r *http.Request, body io.ReadSeeker, service, region string, exp time.Duration, isPresign bool, signTime time.Time) (http.Header, error) { - currentTimeFn := v4.currentTimeFn - if currentTimeFn == nil { - currentTimeFn = time.Now - } - - ctx := &signingCtx{ - Request: r, - Body: body, - Query: r.URL.Query(), - Time: signTime, - ExpireTime: exp, - isPresign: isPresign, - ServiceName: service, - Region: region, - DisableURIPathEscaping: v4.DisableURIPathEscaping, - unsignedPayload: v4.UnsignedPayload, - } - - for key := range ctx.Query { - sort.Strings(ctx.Query[key]) - } - - if ctx.isRequestSigned() { - ctx.Time = currentTimeFn() - ctx.handlePresignRemoval() - } - - var err error - ctx.credValues, err = v4.Credentials.GetWithContext(requestContext(r)) - if err != nil { - return http.Header{}, err - } - - ctx.sanitizeHostForHeader() - ctx.assignAmzQueryValues() - if err := ctx.build(v4.DisableHeaderHoisting); err != nil { - return nil, err - } - - // If the request is not presigned the body should be attached to it. This - // prevents the confusion of wanting to send a signed request without - // the body the request was signed for attached. - if !(v4.DisableRequestBodyOverwrite || ctx.isPresign) { - var reader io.ReadCloser - if body != nil { - var ok bool - if reader, ok = body.(io.ReadCloser); !ok { - reader = ioutil.NopCloser(body) - } - } - r.Body = reader - } - - if v4.Debug.Matches(aws.LogDebugWithSigning) { - v4.logSigningInfo(ctx) - } - - return ctx.SignedHeaderVals, nil -} - -func (ctx *signingCtx) sanitizeHostForHeader() { - request.SanitizeHostForHeader(ctx.Request) -} - -func (ctx *signingCtx) handlePresignRemoval() { - if !ctx.isPresign { - return - } - - // The credentials have expired for this request. The current signing - // is invalid, and needs to be request because the request will fail. - ctx.removePresign() - - // Update the request's query string to ensure the values stays in - // sync in the case retrieving the new credentials fails. - ctx.Request.URL.RawQuery = ctx.Query.Encode() -} - -func (ctx *signingCtx) assignAmzQueryValues() { - if ctx.isPresign { - ctx.Query.Set("X-Amz-Algorithm", authHeaderPrefix) - if ctx.credValues.SessionToken != "" { - ctx.Query.Set("X-Amz-Security-Token", ctx.credValues.SessionToken) - } else { - ctx.Query.Del("X-Amz-Security-Token") - } - - return - } - - if ctx.credValues.SessionToken != "" { - ctx.Request.Header.Set("X-Amz-Security-Token", ctx.credValues.SessionToken) - } -} - -// SignRequestHandler is a named request handler the SDK will use to sign -// service client request with using the V4 signature. -var SignRequestHandler = request.NamedHandler{ - Name: "v4.SignRequestHandler", Fn: SignSDKRequest, -} - -// SignSDKRequest signs an AWS request with the V4 signature. This -// request handler should only be used with the SDK's built in service client's -// API operation requests. -// -// This function should not be used on its own, but in conjunction with -// an AWS service client's API operation call. To sign a standalone request -// not created by a service client's API operation method use the "Sign" or -// "Presign" functions of the "Signer" type. -// -// If the credentials of the request's config are set to -// credentials.AnonymousCredentials the request will not be signed. -func SignSDKRequest(req *request.Request) { - SignSDKRequestWithCurrentTime(req, time.Now) -} - -// BuildNamedHandler will build a generic handler for signing. -func BuildNamedHandler(name string, opts ...func(*Signer)) request.NamedHandler { - return request.NamedHandler{ - Name: name, - Fn: func(req *request.Request) { - SignSDKRequestWithCurrentTime(req, time.Now, opts...) - }, - } -} - -// SignSDKRequestWithCurrentTime will sign the SDK's request using the time -// function passed in. Behaves the same as SignSDKRequest with the exception -// the request is signed with the value returned by the current time function. -func SignSDKRequestWithCurrentTime(req *request.Request, curTimeFn func() time.Time, opts ...func(*Signer)) { - // If the request does not need to be signed ignore the signing of the - // request if the AnonymousCredentials object is used. - if req.Config.Credentials == credentials.AnonymousCredentials { - return - } - - region := req.ClientInfo.SigningRegion - if region == "" { - region = aws.StringValue(req.Config.Region) - } - - name := req.ClientInfo.SigningName - if name == "" { - name = req.ClientInfo.ServiceName - } - - v4 := NewSigner(req.Config.Credentials, func(v4 *Signer) { - v4.Debug = req.Config.LogLevel.Value() - v4.Logger = req.Config.Logger - v4.DisableHeaderHoisting = req.NotHoist - v4.currentTimeFn = curTimeFn - if name == "s3" { - // S3 service should not have any escaping applied - v4.DisableURIPathEscaping = true - } - // Prevents setting the HTTPRequest's Body. Since the Body could be - // wrapped in a custom io.Closer that we do not want to be stompped - // on top of by the signer. - v4.DisableRequestBodyOverwrite = true - }) - - for _, opt := range opts { - opt(v4) - } - - curTime := curTimeFn() - signedHeaders, err := v4.signWithBody(req.HTTPRequest, req.GetBody(), - name, region, req.ExpireTime, req.ExpireTime > 0, curTime, - ) - if err != nil { - req.Error = err - req.SignedHeaderVals = nil - return - } - - req.SignedHeaderVals = signedHeaders - req.LastSignedAt = curTime -} - -const logSignInfoMsg = `DEBUG: Request Signature: ----[ CANONICAL STRING ]----------------------------- -%s ----[ STRING TO SIGN ]-------------------------------- -%s%s ------------------------------------------------------` -const logSignedURLMsg = ` ----[ SIGNED URL ]------------------------------------ -%s` - -func (v4 *Signer) logSigningInfo(ctx *signingCtx) { - signedURLMsg := "" - if ctx.isPresign { - signedURLMsg = fmt.Sprintf(logSignedURLMsg, ctx.Request.URL.String()) - } - msg := fmt.Sprintf(logSignInfoMsg, ctx.canonicalString, ctx.stringToSign, signedURLMsg) - v4.Logger.Log(msg) -} - -func (ctx *signingCtx) build(disableHeaderHoisting bool) error { - ctx.buildTime() // no depends - ctx.buildCredentialString() // no depends - - if err := ctx.buildBodyDigest(); err != nil { - return err - } - - unsignedHeaders := ctx.Request.Header - if ctx.isPresign { - if !disableHeaderHoisting { - urlValues := url.Values{} - urlValues, unsignedHeaders = buildQuery(allowedQueryHoisting, unsignedHeaders) // no depends - for k := range urlValues { - ctx.Query[k] = urlValues[k] - } - } - } - - ctx.buildCanonicalHeaders(ignoredHeaders, unsignedHeaders) - ctx.buildCanonicalString() // depends on canon headers / signed headers - ctx.buildStringToSign() // depends on canon string - ctx.buildSignature() // depends on string to sign - - if ctx.isPresign { - ctx.Request.URL.RawQuery += "&" + signatureQueryKey + "=" + ctx.signature - } else { - parts := []string{ - authHeaderPrefix + " Credential=" + ctx.credValues.AccessKeyID + "/" + ctx.credentialString, - "SignedHeaders=" + ctx.signedHeaders, - authHeaderSignatureElem + ctx.signature, - } - ctx.Request.Header.Set(authorizationHeader, strings.Join(parts, ", ")) - } - - return nil -} - -// GetSignedRequestSignature attempts to extract the signature of the request. -// Returning an error if the request is unsigned, or unable to extract the -// signature. -func GetSignedRequestSignature(r *http.Request) ([]byte, error) { - - if auth := r.Header.Get(authorizationHeader); len(auth) != 0 { - ps := strings.Split(auth, ", ") - for _, p := range ps { - if idx := strings.Index(p, authHeaderSignatureElem); idx >= 0 { - sig := p[len(authHeaderSignatureElem):] - if len(sig) == 0 { - return nil, fmt.Errorf("invalid request signature authorization header") - } - return hex.DecodeString(sig) - } - } - } - - if sig := r.URL.Query().Get("X-Amz-Signature"); len(sig) != 0 { - return hex.DecodeString(sig) - } - - return nil, fmt.Errorf("request not signed") -} - -func (ctx *signingCtx) buildTime() { - if ctx.isPresign { - duration := int64(ctx.ExpireTime / time.Second) - ctx.Query.Set("X-Amz-Date", formatTime(ctx.Time)) - ctx.Query.Set("X-Amz-Expires", strconv.FormatInt(duration, 10)) - } else { - ctx.Request.Header.Set("X-Amz-Date", formatTime(ctx.Time)) - } -} - -func (ctx *signingCtx) buildCredentialString() { - ctx.credentialString = buildSigningScope(ctx.Region, ctx.ServiceName, ctx.Time) - - if ctx.isPresign { - ctx.Query.Set("X-Amz-Credential", ctx.credValues.AccessKeyID+"/"+ctx.credentialString) - } -} - -func buildQuery(r rule, header http.Header) (url.Values, http.Header) { - query := url.Values{} - unsignedHeaders := http.Header{} - for k, h := range header { - if r.IsValid(k) { - query[k] = h - } else { - unsignedHeaders[k] = h - } - } - - return query, unsignedHeaders -} -func (ctx *signingCtx) buildCanonicalHeaders(r rule, header http.Header) { - var headers []string - headers = append(headers, "host") - for k, v := range header { - if !r.IsValid(k) { - continue // ignored header - } - if ctx.SignedHeaderVals == nil { - ctx.SignedHeaderVals = make(http.Header) - } - - lowerCaseKey := strings.ToLower(k) - if _, ok := ctx.SignedHeaderVals[lowerCaseKey]; ok { - // include additional values - ctx.SignedHeaderVals[lowerCaseKey] = append(ctx.SignedHeaderVals[lowerCaseKey], v...) - continue - } - - headers = append(headers, lowerCaseKey) - ctx.SignedHeaderVals[lowerCaseKey] = v - } - sort.Strings(headers) - - ctx.signedHeaders = strings.Join(headers, ";") - - if ctx.isPresign { - ctx.Query.Set("X-Amz-SignedHeaders", ctx.signedHeaders) - } - - headerItems := make([]string, len(headers)) - for i, k := range headers { - if k == "host" { - if ctx.Request.Host != "" { - headerItems[i] = "host:" + ctx.Request.Host - } else { - headerItems[i] = "host:" + ctx.Request.URL.Host - } - } else { - headerValues := make([]string, len(ctx.SignedHeaderVals[k])) - for i, v := range ctx.SignedHeaderVals[k] { - headerValues[i] = strings.TrimSpace(v) - } - headerItems[i] = k + ":" + - strings.Join(headerValues, ",") - } - } - stripExcessSpaces(headerItems) - ctx.canonicalHeaders = strings.Join(headerItems, "\n") -} - -func (ctx *signingCtx) buildCanonicalString() { - ctx.Request.URL.RawQuery = strings.Replace(ctx.Query.Encode(), "+", "%20", -1) - - uri := getURIPath(ctx.Request.URL) - - if !ctx.DisableURIPathEscaping { - uri = rest.EscapePath(uri, false) - } - - ctx.canonicalString = strings.Join([]string{ - ctx.Request.Method, - uri, - ctx.Request.URL.RawQuery, - ctx.canonicalHeaders + "\n", - ctx.signedHeaders, - ctx.bodyDigest, - }, "\n") -} - -func (ctx *signingCtx) buildStringToSign() { - ctx.stringToSign = strings.Join([]string{ - authHeaderPrefix, - formatTime(ctx.Time), - ctx.credentialString, - hex.EncodeToString(hashSHA256([]byte(ctx.canonicalString))), - }, "\n") -} - -func (ctx *signingCtx) buildSignature() { - creds := deriveSigningKey(ctx.Region, ctx.ServiceName, ctx.credValues.SecretAccessKey, ctx.Time) - signature := hmacSHA256(creds, []byte(ctx.stringToSign)) - ctx.signature = hex.EncodeToString(signature) -} - -func (ctx *signingCtx) buildBodyDigest() error { - hash := ctx.Request.Header.Get("X-Amz-Content-Sha256") - if hash == "" { - includeSHA256Header := ctx.unsignedPayload || - ctx.ServiceName == "s3" || - ctx.ServiceName == "s3-object-lambda" || - ctx.ServiceName == "glacier" || - ctx.ServiceName == "s3-outposts" - - s3Presign := ctx.isPresign && - (ctx.ServiceName == "s3" || - ctx.ServiceName == "s3-object-lambda") - - if ctx.unsignedPayload || s3Presign { - hash = "UNSIGNED-PAYLOAD" - includeSHA256Header = !s3Presign - } else if ctx.Body == nil { - hash = emptyStringSHA256 - } else { - if !aws.IsReaderSeekable(ctx.Body) { - return fmt.Errorf("cannot use unseekable request body %T, for signed request with body", ctx.Body) - } - hashBytes, err := makeSha256Reader(ctx.Body) - if err != nil { - return err - } - hash = hex.EncodeToString(hashBytes) - } - - if includeSHA256Header { - ctx.Request.Header.Set("X-Amz-Content-Sha256", hash) - } - } - ctx.bodyDigest = hash - - return nil -} - -// isRequestSigned returns if the request is currently signed or presigned -func (ctx *signingCtx) isRequestSigned() bool { - if ctx.isPresign && ctx.Query.Get("X-Amz-Signature") != "" { - return true - } - if ctx.Request.Header.Get("Authorization") != "" { - return true - } - - return false -} - -// unsign removes signing flags for both signed and presigned requests. -func (ctx *signingCtx) removePresign() { - ctx.Query.Del("X-Amz-Algorithm") - ctx.Query.Del("X-Amz-Signature") - ctx.Query.Del("X-Amz-Security-Token") - ctx.Query.Del("X-Amz-Date") - ctx.Query.Del("X-Amz-Expires") - ctx.Query.Del("X-Amz-Credential") - ctx.Query.Del("X-Amz-SignedHeaders") -} - -func hmacSHA256(key []byte, data []byte) []byte { - hash := hmac.New(sha256.New, key) - hash.Write(data) - return hash.Sum(nil) -} - -func hashSHA256(data []byte) []byte { - hash := sha256.New() - hash.Write(data) - return hash.Sum(nil) -} - -func makeSha256Reader(reader io.ReadSeeker) (hashBytes []byte, err error) { - hash := sha256.New() - start, err := reader.Seek(0, sdkio.SeekCurrent) - if err != nil { - return nil, err - } - defer func() { - // ensure error is return if unable to seek back to start of payload. - _, err = reader.Seek(start, sdkio.SeekStart) - }() - - // Use CopyN to avoid allocating the 32KB buffer in io.Copy for bodies - // smaller than 32KB. Fall back to io.Copy if we fail to determine the size. - size, err := aws.SeekerLen(reader) - if err != nil { - io.Copy(hash, reader) - } else { - io.CopyN(hash, reader, size) - } - - return hash.Sum(nil), nil -} - -const doubleSpace = " " - -// stripExcessSpaces will rewrite the passed in slice's string values to not -// contain multiple side-by-side spaces. -func stripExcessSpaces(vals []string) { - var j, k, l, m, spaces int - for i, str := range vals { - // Trim trailing spaces - for j = len(str) - 1; j >= 0 && str[j] == ' '; j-- { - } - - // Trim leading spaces - for k = 0; k < j && str[k] == ' '; k++ { - } - str = str[k : j+1] - - // Strip multiple spaces. - j = strings.Index(str, doubleSpace) - if j < 0 { - vals[i] = str - continue - } - - buf := []byte(str) - for k, m, l = j, j, len(buf); k < l; k++ { - if buf[k] == ' ' { - if spaces == 0 { - // First space. - buf[m] = buf[k] - m++ - } - spaces++ - } else { - // End of multiple spaces. - spaces = 0 - buf[m] = buf[k] - m++ - } - } - - vals[i] = string(buf[:m]) - } -} - -func buildSigningScope(region, service string, dt time.Time) string { - return strings.Join([]string{ - formatShortTime(dt), - region, - service, - awsV4Request, - }, "/") -} - -func deriveSigningKey(region, service, secretKey string, dt time.Time) []byte { - kDate := hmacSHA256([]byte("AWS4"+secretKey), []byte(formatShortTime(dt))) - kRegion := hmacSHA256(kDate, []byte(region)) - kService := hmacSHA256(kRegion, []byte(service)) - signingKey := hmacSHA256(kService, []byte(awsV4Request)) - return signingKey -} - -func formatShortTime(dt time.Time) string { - return dt.UTC().Format(shortTimeFormat) -} - -func formatTime(dt time.Time) string { - return dt.UTC().Format(timeFormat) -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/types.go b/vendor/github.com/aws/aws-sdk-go/aws/types.go deleted file mode 100644 index 98751ee8..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/types.go +++ /dev/null @@ -1,264 +0,0 @@ -package aws - -import ( - "io" - "strings" - "sync" - - "github.com/aws/aws-sdk-go/internal/sdkio" -) - -// ReadSeekCloser wraps a io.Reader returning a ReaderSeekerCloser. Allows the -// SDK to accept an io.Reader that is not also an io.Seeker for unsigned -// streaming payload API operations. -// -// A ReadSeekCloser wrapping an nonseekable io.Reader used in an API -// operation's input will prevent that operation being retried in the case of -// network errors, and cause operation requests to fail if the operation -// requires payload signing. -// -// Note: If using With S3 PutObject to stream an object upload The SDK's S3 -// Upload manager (s3manager.Uploader) provides support for streaming with the -// ability to retry network errors. -func ReadSeekCloser(r io.Reader) ReaderSeekerCloser { - return ReaderSeekerCloser{r} -} - -// ReaderSeekerCloser represents a reader that can also delegate io.Seeker and -// io.Closer interfaces to the underlying object if they are available. -type ReaderSeekerCloser struct { - r io.Reader -} - -// IsReaderSeekable returns if the underlying reader type can be seeked. A -// io.Reader might not actually be seekable if it is the ReaderSeekerCloser -// type. -func IsReaderSeekable(r io.Reader) bool { - switch v := r.(type) { - case ReaderSeekerCloser: - return v.IsSeeker() - case *ReaderSeekerCloser: - return v.IsSeeker() - case io.ReadSeeker: - return true - default: - return false - } -} - -// Read reads from the reader up to size of p. The number of bytes read, and -// error if it occurred will be returned. -// -// If the reader is not an io.Reader zero bytes read, and nil error will be -// returned. -// -// Performs the same functionality as io.Reader Read -func (r ReaderSeekerCloser) Read(p []byte) (int, error) { - switch t := r.r.(type) { - case io.Reader: - return t.Read(p) - } - return 0, nil -} - -// Seek sets the offset for the next Read to offset, interpreted according to -// whence: 0 means relative to the origin of the file, 1 means relative to the -// current offset, and 2 means relative to the end. Seek returns the new offset -// and an error, if any. -// -// If the ReaderSeekerCloser is not an io.Seeker nothing will be done. -func (r ReaderSeekerCloser) Seek(offset int64, whence int) (int64, error) { - switch t := r.r.(type) { - case io.Seeker: - return t.Seek(offset, whence) - } - return int64(0), nil -} - -// IsSeeker returns if the underlying reader is also a seeker. -func (r ReaderSeekerCloser) IsSeeker() bool { - _, ok := r.r.(io.Seeker) - return ok -} - -// HasLen returns the length of the underlying reader if the value implements -// the Len() int method. -func (r ReaderSeekerCloser) HasLen() (int, bool) { - type lenner interface { - Len() int - } - - if lr, ok := r.r.(lenner); ok { - return lr.Len(), true - } - - return 0, false -} - -// GetLen returns the length of the bytes remaining in the underlying reader. -// Checks first for Len(), then io.Seeker to determine the size of the -// underlying reader. -// -// Will return -1 if the length cannot be determined. -func (r ReaderSeekerCloser) GetLen() (int64, error) { - if l, ok := r.HasLen(); ok { - return int64(l), nil - } - - if s, ok := r.r.(io.Seeker); ok { - return seekerLen(s) - } - - return -1, nil -} - -// SeekerLen attempts to get the number of bytes remaining at the seeker's -// current position. Returns the number of bytes remaining or error. -func SeekerLen(s io.Seeker) (int64, error) { - // Determine if the seeker is actually seekable. ReaderSeekerCloser - // hides the fact that a io.Readers might not actually be seekable. - switch v := s.(type) { - case ReaderSeekerCloser: - return v.GetLen() - case *ReaderSeekerCloser: - return v.GetLen() - } - - return seekerLen(s) -} - -func seekerLen(s io.Seeker) (int64, error) { - curOffset, err := s.Seek(0, sdkio.SeekCurrent) - if err != nil { - return 0, err - } - - endOffset, err := s.Seek(0, sdkio.SeekEnd) - if err != nil { - return 0, err - } - - _, err = s.Seek(curOffset, sdkio.SeekStart) - if err != nil { - return 0, err - } - - return endOffset - curOffset, nil -} - -// Close closes the ReaderSeekerCloser. -// -// If the ReaderSeekerCloser is not an io.Closer nothing will be done. -func (r ReaderSeekerCloser) Close() error { - switch t := r.r.(type) { - case io.Closer: - return t.Close() - } - return nil -} - -// A WriteAtBuffer provides a in memory buffer supporting the io.WriterAt interface -// Can be used with the s3manager.Downloader to download content to a buffer -// in memory. Safe to use concurrently. -type WriteAtBuffer struct { - buf []byte - m sync.Mutex - - // GrowthCoeff defines the growth rate of the internal buffer. By - // default, the growth rate is 1, where expanding the internal - // buffer will allocate only enough capacity to fit the new expected - // length. - GrowthCoeff float64 -} - -// NewWriteAtBuffer creates a WriteAtBuffer with an internal buffer -// provided by buf. -func NewWriteAtBuffer(buf []byte) *WriteAtBuffer { - return &WriteAtBuffer{buf: buf} -} - -// WriteAt writes a slice of bytes to a buffer starting at the position provided -// The number of bytes written will be returned, or error. Can overwrite previous -// written slices if the write ats overlap. -func (b *WriteAtBuffer) WriteAt(p []byte, pos int64) (n int, err error) { - pLen := len(p) - expLen := pos + int64(pLen) - b.m.Lock() - defer b.m.Unlock() - if int64(len(b.buf)) < expLen { - if int64(cap(b.buf)) < expLen { - if b.GrowthCoeff < 1 { - b.GrowthCoeff = 1 - } - newBuf := make([]byte, expLen, int64(b.GrowthCoeff*float64(expLen))) - copy(newBuf, b.buf) - b.buf = newBuf - } - b.buf = b.buf[:expLen] - } - copy(b.buf[pos:], p) - return pLen, nil -} - -// Bytes returns a slice of bytes written to the buffer. -func (b *WriteAtBuffer) Bytes() []byte { - b.m.Lock() - defer b.m.Unlock() - return b.buf -} - -// MultiCloser is a utility to close multiple io.Closers within a single -// statement. -type MultiCloser []io.Closer - -// Close closes all of the io.Closers making up the MultiClosers. Any -// errors that occur while closing will be returned in the order they -// occur. -func (m MultiCloser) Close() error { - var errs errors - for _, c := range m { - err := c.Close() - if err != nil { - errs = append(errs, err) - } - } - if len(errs) != 0 { - return errs - } - - return nil -} - -type errors []error - -func (es errors) Error() string { - var parts []string - for _, e := range es { - parts = append(parts, e.Error()) - } - - return strings.Join(parts, "\n") -} - -// CopySeekableBody copies the seekable body to an io.Writer -func CopySeekableBody(dst io.Writer, src io.ReadSeeker) (int64, error) { - curPos, err := src.Seek(0, sdkio.SeekCurrent) - if err != nil { - return 0, err - } - - // copy errors may be assumed to be from the body. - n, err := io.Copy(dst, src) - if err != nil { - return n, err - } - - // seek back to the first position after reading to reset - // the body for transmission. - _, err = src.Seek(curPos, sdkio.SeekStart) - if err != nil { - return n, err - } - - return n, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/url.go b/vendor/github.com/aws/aws-sdk-go/aws/url.go deleted file mode 100644 index fed561bd..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/url.go +++ /dev/null @@ -1,13 +0,0 @@ -//go:build go1.8 -// +build go1.8 - -package aws - -import "net/url" - -// URLHostname will extract the Hostname without port from the URL value. -// -// Wrapper of net/url#URL.Hostname for backwards Go version compatibility. -func URLHostname(url *url.URL) string { - return url.Hostname() -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/url_1_7.go b/vendor/github.com/aws/aws-sdk-go/aws/url_1_7.go deleted file mode 100644 index 95282db0..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/url_1_7.go +++ /dev/null @@ -1,30 +0,0 @@ -//go:build !go1.8 -// +build !go1.8 - -package aws - -import ( - "net/url" - "strings" -) - -// URLHostname will extract the Hostname without port from the URL value. -// -// Copy of Go 1.8's net/url#URL.Hostname functionality. -func URLHostname(url *url.URL) string { - return stripPort(url.Host) - -} - -// stripPort is copy of Go 1.8 url#URL.Hostname functionality. -// https://golang.org/src/net/url/url.go -func stripPort(hostport string) string { - colon := strings.IndexByte(hostport, ':') - if colon == -1 { - return hostport - } - if i := strings.IndexByte(hostport, ']'); i != -1 { - return strings.TrimPrefix(hostport[:i], "[") - } - return hostport[:colon] -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/version.go b/vendor/github.com/aws/aws-sdk-go/aws/version.go deleted file mode 100644 index 7ab65bae..00000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ /dev/null @@ -1,8 +0,0 @@ -// Package aws provides core functionality for making requests to AWS services. -package aws - -// SDKName is the name of this AWS SDK -const SDKName = "aws-sdk-go" - -// SDKVersion is the version of this SDK -const SDKVersion = "1.55.6" diff --git a/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go b/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go deleted file mode 100644 index 36534535..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go +++ /dev/null @@ -1,41 +0,0 @@ -//go:build !go1.7 -// +build !go1.7 - -package context - -import "time" - -// An emptyCtx is a copy of the Go 1.7 context.emptyCtx type. This is copied to -// provide a 1.6 and 1.5 safe version of context that is compatible with Go -// 1.7's Context. -// -// An emptyCtx is never canceled, has no values, and has no deadline. It is not -// struct{}, since vars of this type must have distinct addresses. -type emptyCtx int - -func (*emptyCtx) Deadline() (deadline time.Time, ok bool) { - return -} - -func (*emptyCtx) Done() <-chan struct{} { - return nil -} - -func (*emptyCtx) Err() error { - return nil -} - -func (*emptyCtx) Value(key interface{}) interface{} { - return nil -} - -func (e *emptyCtx) String() string { - switch e { - case BackgroundCtx: - return "aws.BackgroundContext" - } - return "unknown empty Context" -} - -// BackgroundCtx is the common base context. -var BackgroundCtx = new(emptyCtx) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/ast.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/ast.go deleted file mode 100644 index e83a9988..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/ast.go +++ /dev/null @@ -1,120 +0,0 @@ -package ini - -// ASTKind represents different states in the parse table -// and the type of AST that is being constructed -type ASTKind int - -// ASTKind* is used in the parse table to transition between -// the different states -const ( - ASTKindNone = ASTKind(iota) - ASTKindStart - ASTKindExpr - ASTKindEqualExpr - ASTKindStatement - ASTKindSkipStatement - ASTKindExprStatement - ASTKindSectionStatement - ASTKindNestedSectionStatement - ASTKindCompletedNestedSectionStatement - ASTKindCommentStatement - ASTKindCompletedSectionStatement -) - -func (k ASTKind) String() string { - switch k { - case ASTKindNone: - return "none" - case ASTKindStart: - return "start" - case ASTKindExpr: - return "expr" - case ASTKindStatement: - return "stmt" - case ASTKindSectionStatement: - return "section_stmt" - case ASTKindExprStatement: - return "expr_stmt" - case ASTKindCommentStatement: - return "comment" - case ASTKindNestedSectionStatement: - return "nested_section_stmt" - case ASTKindCompletedSectionStatement: - return "completed_stmt" - case ASTKindSkipStatement: - return "skip" - default: - return "" - } -} - -// AST interface allows us to determine what kind of node we -// are on and casting may not need to be necessary. -// -// The root is always the first node in Children -type AST struct { - Kind ASTKind - Root Token - RootToken bool - Children []AST -} - -func newAST(kind ASTKind, root AST, children ...AST) AST { - return AST{ - Kind: kind, - Children: append([]AST{root}, children...), - } -} - -func newASTWithRootToken(kind ASTKind, root Token, children ...AST) AST { - return AST{ - Kind: kind, - Root: root, - RootToken: true, - Children: children, - } -} - -// AppendChild will append to the list of children an AST has. -func (a *AST) AppendChild(child AST) { - a.Children = append(a.Children, child) -} - -// GetRoot will return the root AST which can be the first entry -// in the children list or a token. -func (a *AST) GetRoot() AST { - if a.RootToken { - return *a - } - - if len(a.Children) == 0 { - return AST{} - } - - return a.Children[0] -} - -// GetChildren will return the current AST's list of children -func (a *AST) GetChildren() []AST { - if len(a.Children) == 0 { - return []AST{} - } - - if a.RootToken { - return a.Children - } - - return a.Children[1:] -} - -// SetChildren will set and override all children of the AST. -func (a *AST) SetChildren(children []AST) { - if a.RootToken { - a.Children = children - } else { - a.Children = append(a.Children[:1], children...) - } -} - -// Start is used to indicate the starting state of the parse table. -var Start = newAST(ASTKindStart, AST{}) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/comma_token.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/comma_token.go deleted file mode 100644 index 0895d53c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/comma_token.go +++ /dev/null @@ -1,11 +0,0 @@ -package ini - -var commaRunes = []rune(",") - -func isComma(b rune) bool { - return b == ',' -} - -func newCommaToken() Token { - return newToken(TokenComma, commaRunes, NoneType) -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/comment_token.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/comment_token.go deleted file mode 100644 index 0b76999b..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/comment_token.go +++ /dev/null @@ -1,35 +0,0 @@ -package ini - -// isComment will return whether or not the next byte(s) is a -// comment. -func isComment(b []rune) bool { - if len(b) == 0 { - return false - } - - switch b[0] { - case ';': - return true - case '#': - return true - } - - return false -} - -// newCommentToken will create a comment token and -// return how many bytes were read. -func newCommentToken(b []rune) (Token, int, error) { - i := 0 - for ; i < len(b); i++ { - if b[i] == '\n' { - break - } - - if len(b)-i > 2 && b[i] == '\r' && b[i+1] == '\n' { - break - } - } - - return newToken(TokenComment, b[:i], NoneType), i, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/doc.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/doc.go deleted file mode 100644 index 1e55bbd0..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/doc.go +++ /dev/null @@ -1,42 +0,0 @@ -// Package ini is an LL(1) parser for configuration files. -// -// Example: -// sections, err := ini.OpenFile("/path/to/file") -// if err != nil { -// panic(err) -// } -// -// profile := "foo" -// section, ok := sections.GetSection(profile) -// if !ok { -// fmt.Printf("section %q could not be found", profile) -// } -// -// Below is the BNF that describes this parser -// Grammar: -// stmt -> section | stmt' -// stmt' -> epsilon | expr -// expr -> value (stmt)* | equal_expr (stmt)* -// equal_expr -> value ( ':' | '=' ) equal_expr' -// equal_expr' -> number | string | quoted_string -// quoted_string -> " quoted_string' -// quoted_string' -> string quoted_string_end -// quoted_string_end -> " -// -// section -> [ section' -// section' -> section_value section_close -// section_value -> number | string_subset | boolean | quoted_string_subset -// quoted_string_subset -> " quoted_string_subset' -// quoted_string_subset' -> string_subset quoted_string_end -// quoted_string_subset -> " -// section_close -> ] -// -// value -> number | string_subset | boolean -// string -> ? UTF-8 Code-Points except '\n' (U+000A) and '\r\n' (U+000D U+000A) ? -// string_subset -> ? Code-points excepted by grammar except ':' (U+003A), '=' (U+003D), '[' (U+005B), and ']' (U+005D) ? -// -// SkipState will skip (NL WS)+ -// -// comment -> # comment' | ; comment' -// comment' -> epsilon | value -package ini diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/empty_token.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/empty_token.go deleted file mode 100644 index 04345a54..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/empty_token.go +++ /dev/null @@ -1,4 +0,0 @@ -package ini - -// emptyToken is used to satisfy the Token interface -var emptyToken = newToken(TokenNone, []rune{}, NoneType) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/expression.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/expression.go deleted file mode 100644 index 91ba2a59..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/expression.go +++ /dev/null @@ -1,24 +0,0 @@ -package ini - -// newExpression will return an expression AST. -// Expr represents an expression -// -// grammar: -// expr -> string | number -func newExpression(tok Token) AST { - return newASTWithRootToken(ASTKindExpr, tok) -} - -func newEqualExpr(left AST, tok Token) AST { - return newASTWithRootToken(ASTKindEqualExpr, tok, left) -} - -// EqualExprKey will return a LHS value in the equal expr -func EqualExprKey(ast AST) string { - children := ast.GetChildren() - if len(children) == 0 || ast.Kind != ASTKindEqualExpr { - return "" - } - - return string(children[0].Root.Raw()) -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/fuzz.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/fuzz.go deleted file mode 100644 index 6e545b63..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/fuzz.go +++ /dev/null @@ -1,18 +0,0 @@ -//go:build gofuzz -// +build gofuzz - -package ini - -import ( - "bytes" -) - -func Fuzz(data []byte) int { - b := bytes.NewReader(data) - - if _, err := Parse(b); err != nil { - return 0 - } - - return 1 -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini.go deleted file mode 100644 index 3b0ca7af..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini.go +++ /dev/null @@ -1,51 +0,0 @@ -package ini - -import ( - "io" - "os" - - "github.com/aws/aws-sdk-go/aws/awserr" -) - -// OpenFile takes a path to a given file, and will open and parse -// that file. -func OpenFile(path string) (Sections, error) { - f, err := os.Open(path) - if err != nil { - return Sections{}, awserr.New(ErrCodeUnableToReadFile, "unable to open file", err) - } - defer f.Close() - - return Parse(f) -} - -// Parse will parse the given file using the shared config -// visitor. -func Parse(f io.Reader) (Sections, error) { - tree, err := ParseAST(f) - if err != nil { - return Sections{}, err - } - - v := NewDefaultVisitor() - if err = Walk(tree, v); err != nil { - return Sections{}, err - } - - return v.Sections, nil -} - -// ParseBytes will parse the given bytes and return the parsed sections. -func ParseBytes(b []byte) (Sections, error) { - tree, err := ParseASTBytes(b) - if err != nil { - return Sections{}, err - } - - v := NewDefaultVisitor() - if err = Walk(tree, v); err != nil { - return Sections{}, err - } - - return v.Sections, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_lexer.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_lexer.go deleted file mode 100644 index 582c024a..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_lexer.go +++ /dev/null @@ -1,165 +0,0 @@ -package ini - -import ( - "bytes" - "io" - "io/ioutil" - - "github.com/aws/aws-sdk-go/aws/awserr" -) - -const ( - // ErrCodeUnableToReadFile is used when a file is failed to be - // opened or read from. - ErrCodeUnableToReadFile = "FailedRead" -) - -// TokenType represents the various different tokens types -type TokenType int - -func (t TokenType) String() string { - switch t { - case TokenNone: - return "none" - case TokenLit: - return "literal" - case TokenSep: - return "sep" - case TokenOp: - return "op" - case TokenWS: - return "ws" - case TokenNL: - return "newline" - case TokenComment: - return "comment" - case TokenComma: - return "comma" - default: - return "" - } -} - -// TokenType enums -const ( - TokenNone = TokenType(iota) - TokenLit - TokenSep - TokenComma - TokenOp - TokenWS - TokenNL - TokenComment -) - -type iniLexer struct{} - -// Tokenize will return a list of tokens during lexical analysis of the -// io.Reader. -func (l *iniLexer) Tokenize(r io.Reader) ([]Token, error) { - b, err := ioutil.ReadAll(r) - if err != nil { - return nil, awserr.New(ErrCodeUnableToReadFile, "unable to read file", err) - } - - return l.tokenize(b) -} - -func (l *iniLexer) tokenize(b []byte) ([]Token, error) { - runes := bytes.Runes(b) - var err error - n := 0 - tokenAmount := countTokens(runes) - tokens := make([]Token, tokenAmount) - count := 0 - - for len(runes) > 0 && count < tokenAmount { - switch { - case isWhitespace(runes[0]): - tokens[count], n, err = newWSToken(runes) - case isComma(runes[0]): - tokens[count], n = newCommaToken(), 1 - case isComment(runes): - tokens[count], n, err = newCommentToken(runes) - case isNewline(runes): - tokens[count], n, err = newNewlineToken(runes) - case isSep(runes): - tokens[count], n, err = newSepToken(runes) - case isOp(runes): - tokens[count], n, err = newOpToken(runes) - default: - tokens[count], n, err = newLitToken(runes) - } - - if err != nil { - return nil, err - } - - count++ - - runes = runes[n:] - } - - return tokens[:count], nil -} - -func countTokens(runes []rune) int { - count, n := 0, 0 - var err error - - for len(runes) > 0 { - switch { - case isWhitespace(runes[0]): - _, n, err = newWSToken(runes) - case isComma(runes[0]): - _, n = newCommaToken(), 1 - case isComment(runes): - _, n, err = newCommentToken(runes) - case isNewline(runes): - _, n, err = newNewlineToken(runes) - case isSep(runes): - _, n, err = newSepToken(runes) - case isOp(runes): - _, n, err = newOpToken(runes) - default: - _, n, err = newLitToken(runes) - } - - if err != nil { - return 0 - } - - count++ - runes = runes[n:] - } - - return count + 1 -} - -// Token indicates a metadata about a given value. -type Token struct { - t TokenType - ValueType ValueType - base int - raw []rune -} - -var emptyValue = Value{} - -func newToken(t TokenType, raw []rune, v ValueType) Token { - return Token{ - t: t, - raw: raw, - ValueType: v, - } -} - -// Raw return the raw runes that were consumed -func (tok Token) Raw() []rune { - return tok.raw -} - -// Type returns the token type -func (tok Token) Type() TokenType { - return tok.t -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go deleted file mode 100644 index 0ba31949..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go +++ /dev/null @@ -1,350 +0,0 @@ -package ini - -import ( - "fmt" - "io" -) - -// ParseState represents the current state of the parser. -type ParseState uint - -// State enums for the parse table -const ( - InvalidState ParseState = iota - // stmt -> value stmt' - StatementState - // stmt' -> MarkComplete | op stmt - StatementPrimeState - // value -> number | string | boolean | quoted_string - ValueState - // section -> [ section' - OpenScopeState - // section' -> value section_close - SectionState - // section_close -> ] - CloseScopeState - // SkipState will skip (NL WS)+ - SkipState - // SkipTokenState will skip any token and push the previous - // state onto the stack. - SkipTokenState - // comment -> # comment' | ; comment' - // comment' -> MarkComplete | value - CommentState - // MarkComplete state will complete statements and move that - // to the completed AST list - MarkCompleteState - // TerminalState signifies that the tokens have been fully parsed - TerminalState -) - -// parseTable is a state machine to dictate the grammar above. -var parseTable = map[ASTKind]map[TokenType]ParseState{ - ASTKindStart: { - TokenLit: StatementState, - TokenSep: OpenScopeState, - TokenWS: SkipTokenState, - TokenNL: SkipTokenState, - TokenComment: CommentState, - TokenNone: TerminalState, - }, - ASTKindCommentStatement: { - TokenLit: StatementState, - TokenSep: OpenScopeState, - TokenWS: SkipTokenState, - TokenNL: SkipTokenState, - TokenComment: CommentState, - TokenNone: MarkCompleteState, - }, - ASTKindExpr: { - TokenOp: StatementPrimeState, - TokenLit: ValueState, - TokenSep: OpenScopeState, - TokenWS: ValueState, - TokenNL: SkipState, - TokenComment: CommentState, - TokenNone: MarkCompleteState, - }, - ASTKindEqualExpr: { - TokenLit: ValueState, - TokenSep: ValueState, - TokenOp: ValueState, - TokenWS: SkipTokenState, - TokenNL: SkipState, - TokenNone: SkipState, - }, - ASTKindStatement: { - TokenLit: SectionState, - TokenSep: CloseScopeState, - TokenWS: SkipTokenState, - TokenNL: SkipTokenState, - TokenComment: CommentState, - TokenNone: MarkCompleteState, - }, - ASTKindExprStatement: { - TokenLit: ValueState, - TokenSep: ValueState, - TokenOp: ValueState, - TokenWS: ValueState, - TokenNL: MarkCompleteState, - TokenComment: CommentState, - TokenNone: TerminalState, - TokenComma: SkipState, - }, - ASTKindSectionStatement: { - TokenLit: SectionState, - TokenOp: SectionState, - TokenSep: CloseScopeState, - TokenWS: SectionState, - TokenNL: SkipTokenState, - }, - ASTKindCompletedSectionStatement: { - TokenWS: SkipTokenState, - TokenNL: SkipTokenState, - TokenLit: StatementState, - TokenSep: OpenScopeState, - TokenComment: CommentState, - TokenNone: MarkCompleteState, - }, - ASTKindSkipStatement: { - TokenLit: StatementState, - TokenSep: OpenScopeState, - TokenWS: SkipTokenState, - TokenNL: SkipTokenState, - TokenComment: CommentState, - TokenNone: TerminalState, - }, -} - -// ParseAST will parse input from an io.Reader using -// an LL(1) parser. -func ParseAST(r io.Reader) ([]AST, error) { - lexer := iniLexer{} - tokens, err := lexer.Tokenize(r) - if err != nil { - return []AST{}, err - } - - return parse(tokens) -} - -// ParseASTBytes will parse input from a byte slice using -// an LL(1) parser. -func ParseASTBytes(b []byte) ([]AST, error) { - lexer := iniLexer{} - tokens, err := lexer.tokenize(b) - if err != nil { - return []AST{}, err - } - - return parse(tokens) -} - -func parse(tokens []Token) ([]AST, error) { - start := Start - stack := newParseStack(3, len(tokens)) - - stack.Push(start) - s := newSkipper() - -loop: - for stack.Len() > 0 { - k := stack.Pop() - - var tok Token - if len(tokens) == 0 { - // this occurs when all the tokens have been processed - // but reduction of what's left on the stack needs to - // occur. - tok = emptyToken - } else { - tok = tokens[0] - } - - step := parseTable[k.Kind][tok.Type()] - if s.ShouldSkip(tok) { - // being in a skip state with no tokens will break out of - // the parse loop since there is nothing left to process. - if len(tokens) == 0 { - break loop - } - // if should skip is true, we skip the tokens until should skip is set to false. - step = SkipTokenState - } - - switch step { - case TerminalState: - // Finished parsing. Push what should be the last - // statement to the stack. If there is anything left - // on the stack, an error in parsing has occurred. - if k.Kind != ASTKindStart { - stack.MarkComplete(k) - } - break loop - case SkipTokenState: - // When skipping a token, the previous state was popped off the stack. - // To maintain the correct state, the previous state will be pushed - // onto the stack. - stack.Push(k) - case StatementState: - if k.Kind != ASTKindStart { - stack.MarkComplete(k) - } - expr := newExpression(tok) - stack.Push(expr) - case StatementPrimeState: - if tok.Type() != TokenOp { - stack.MarkComplete(k) - continue - } - - if k.Kind != ASTKindExpr { - return nil, NewParseError( - fmt.Sprintf("invalid expression: expected Expr type, but found %T type", k), - ) - } - - k = trimSpaces(k) - expr := newEqualExpr(k, tok) - stack.Push(expr) - case ValueState: - // ValueState requires the previous state to either be an equal expression - // or an expression statement. - switch k.Kind { - case ASTKindEqualExpr: - // assigning a value to some key - k.AppendChild(newExpression(tok)) - stack.Push(newExprStatement(k)) - case ASTKindExpr: - k.Root.raw = append(k.Root.raw, tok.Raw()...) - stack.Push(k) - case ASTKindExprStatement: - root := k.GetRoot() - children := root.GetChildren() - if len(children) == 0 { - return nil, NewParseError( - fmt.Sprintf("invalid expression: AST contains no children %s", k.Kind), - ) - } - - rhs := children[len(children)-1] - - if rhs.Root.ValueType != QuotedStringType { - rhs.Root.ValueType = StringType - rhs.Root.raw = append(rhs.Root.raw, tok.Raw()...) - - } - - children[len(children)-1] = rhs - root.SetChildren(children) - - stack.Push(k) - } - case OpenScopeState: - if !runeCompare(tok.Raw(), openBrace) { - return nil, NewParseError("expected '['") - } - // If OpenScopeState is not at the start, we must mark the previous ast as complete - // - // for example: if previous ast was a skip statement; - // we should mark it as complete before we create a new statement - if k.Kind != ASTKindStart { - stack.MarkComplete(k) - } - - stmt := newStatement() - stack.Push(stmt) - case CloseScopeState: - if !runeCompare(tok.Raw(), closeBrace) { - return nil, NewParseError("expected ']'") - } - - k = trimSpaces(k) - stack.Push(newCompletedSectionStatement(k)) - case SectionState: - var stmt AST - - switch k.Kind { - case ASTKindStatement: - // If there are multiple literals inside of a scope declaration, - // then the current token's raw value will be appended to the Name. - // - // This handles cases like [ profile default ] - // - // k will represent a SectionStatement with the children representing - // the label of the section - stmt = newSectionStatement(tok) - case ASTKindSectionStatement: - k.Root.raw = append(k.Root.raw, tok.Raw()...) - stmt = k - default: - return nil, NewParseError( - fmt.Sprintf("invalid statement: expected statement: %v", k.Kind), - ) - } - - stack.Push(stmt) - case MarkCompleteState: - if k.Kind != ASTKindStart { - stack.MarkComplete(k) - } - - if stack.Len() == 0 { - stack.Push(start) - } - case SkipState: - stack.Push(newSkipStatement(k)) - s.Skip() - case CommentState: - if k.Kind == ASTKindStart { - stack.Push(k) - } else { - stack.MarkComplete(k) - } - - stmt := newCommentStatement(tok) - stack.Push(stmt) - default: - return nil, NewParseError( - fmt.Sprintf("invalid state with ASTKind %v and TokenType %v", - k, tok.Type())) - } - - if len(tokens) > 0 { - tokens = tokens[1:] - } - } - - // this occurs when a statement has not been completed - if stack.top > 1 { - return nil, NewParseError(fmt.Sprintf("incomplete ini expression")) - } - - // returns a sublist which excludes the start symbol - return stack.List(), nil -} - -// trimSpaces will trim spaces on the left and right hand side of -// the literal. -func trimSpaces(k AST) AST { - // trim left hand side of spaces - for i := 0; i < len(k.Root.raw); i++ { - if !isWhitespace(k.Root.raw[i]) { - break - } - - k.Root.raw = k.Root.raw[1:] - i-- - } - - // trim right hand side of spaces - for i := len(k.Root.raw) - 1; i >= 0; i-- { - if !isWhitespace(k.Root.raw[i]) { - break - } - - k.Root.raw = k.Root.raw[:len(k.Root.raw)-1] - } - - return k -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go deleted file mode 100644 index b1b68608..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go +++ /dev/null @@ -1,337 +0,0 @@ -package ini - -import ( - "fmt" - "strconv" - "strings" - "unicode" -) - -var ( - runesTrue = []rune("true") - runesFalse = []rune("false") -) - -var literalValues = [][]rune{ - runesTrue, - runesFalse, -} - -func isBoolValue(b []rune) bool { - for _, lv := range literalValues { - if isCaselessLitValue(lv, b) { - return true - } - } - return false -} - -func isLitValue(want, have []rune) bool { - if len(have) < len(want) { - return false - } - - for i := 0; i < len(want); i++ { - if want[i] != have[i] { - return false - } - } - - return true -} - -// isCaselessLitValue is a caseless value comparison, assumes want is already lower-cased for efficiency. -func isCaselessLitValue(want, have []rune) bool { - if len(have) < len(want) { - return false - } - - for i := 0; i < len(want); i++ { - if want[i] != unicode.ToLower(have[i]) { - return false - } - } - - return true -} - -// isNumberValue will return whether not the leading characters in -// a byte slice is a number. A number is delimited by whitespace or -// the newline token. -// -// A number is defined to be in a binary, octal, decimal (int | float), hex format, -// or in scientific notation. -func isNumberValue(b []rune) bool { - negativeIndex := 0 - helper := numberHelper{} - needDigit := false - - for i := 0; i < len(b); i++ { - negativeIndex++ - - switch b[i] { - case '-': - if helper.IsNegative() || negativeIndex != 1 { - return false - } - helper.Determine(b[i]) - needDigit = true - continue - case 'e', 'E': - if err := helper.Determine(b[i]); err != nil { - return false - } - negativeIndex = 0 - needDigit = true - continue - case 'b': - if helper.numberFormat == hex { - break - } - fallthrough - case 'o', 'x': - needDigit = true - if i == 0 { - return false - } - - fallthrough - case '.': - if err := helper.Determine(b[i]); err != nil { - return false - } - needDigit = true - continue - } - - if i > 0 && (isNewline(b[i:]) || isWhitespace(b[i])) { - return !needDigit - } - - if !helper.CorrectByte(b[i]) { - return false - } - needDigit = false - } - - return !needDigit -} - -func isValid(b []rune) (bool, int, error) { - if len(b) == 0 { - // TODO: should probably return an error - return false, 0, nil - } - - return isValidRune(b[0]), 1, nil -} - -func isValidRune(r rune) bool { - return r != ':' && r != '=' && r != '[' && r != ']' && r != ' ' && r != '\n' -} - -// ValueType is an enum that will signify what type -// the Value is -type ValueType int - -func (v ValueType) String() string { - switch v { - case NoneType: - return "NONE" - case DecimalType: - return "FLOAT" - case IntegerType: - return "INT" - case StringType: - return "STRING" - case BoolType: - return "BOOL" - } - - return "" -} - -// ValueType enums -const ( - NoneType = ValueType(iota) - DecimalType // deprecated - IntegerType // deprecated - StringType - QuotedStringType - BoolType // deprecated -) - -// Value is a union container -type Value struct { - Type ValueType - raw []rune - - integer int64 // deprecated - decimal float64 // deprecated - boolean bool // deprecated - str string -} - -func newValue(t ValueType, base int, raw []rune) (Value, error) { - v := Value{ - Type: t, - raw: raw, - } - var err error - - switch t { - case DecimalType: - v.decimal, err = strconv.ParseFloat(string(raw), 64) - case IntegerType: - if base != 10 { - raw = raw[2:] - } - - v.integer, err = strconv.ParseInt(string(raw), base, 64) - case StringType: - v.str = string(raw) - case QuotedStringType: - v.str = string(raw[1 : len(raw)-1]) - case BoolType: - v.boolean = isCaselessLitValue(runesTrue, v.raw) - } - - // issue 2253 - // - // if the value trying to be parsed is too large, then we will use - // the 'StringType' and raw value instead. - if nerr, ok := err.(*strconv.NumError); ok && nerr.Err == strconv.ErrRange { - v.Type = StringType - v.str = string(raw) - err = nil - } - - return v, err -} - -// Append will append values and change the type to a string -// type. -func (v *Value) Append(tok Token) { - r := tok.Raw() - if v.Type != QuotedStringType { - v.Type = StringType - r = tok.raw[1 : len(tok.raw)-1] - } - if tok.Type() != TokenLit { - v.raw = append(v.raw, tok.Raw()...) - } else { - v.raw = append(v.raw, r...) - } -} - -func (v Value) String() string { - switch v.Type { - case DecimalType: - return fmt.Sprintf("decimal: %f", v.decimal) - case IntegerType: - return fmt.Sprintf("integer: %d", v.integer) - case StringType: - return fmt.Sprintf("string: %s", string(v.raw)) - case QuotedStringType: - return fmt.Sprintf("quoted string: %s", string(v.raw)) - case BoolType: - return fmt.Sprintf("bool: %t", v.boolean) - default: - return "union not set" - } -} - -func newLitToken(b []rune) (Token, int, error) { - n := 0 - var err error - - token := Token{} - if b[0] == '"' { - n, err = getStringValue(b) - if err != nil { - return token, n, err - } - - token = newToken(TokenLit, b[:n], QuotedStringType) - } else { - n, err = getValue(b) - token = newToken(TokenLit, b[:n], StringType) - } - - return token, n, err -} - -// IntValue returns an integer value -func (v Value) IntValue() (int64, bool) { - i, err := strconv.ParseInt(string(v.raw), 0, 64) - if err != nil { - return 0, false - } - return i, true -} - -// FloatValue returns a float value -func (v Value) FloatValue() (float64, bool) { - f, err := strconv.ParseFloat(string(v.raw), 64) - if err != nil { - return 0, false - } - return f, true -} - -// BoolValue returns a bool value -func (v Value) BoolValue() (bool, bool) { - // we don't use ParseBool as it recognizes more than what we've - // historically supported - if isCaselessLitValue(runesTrue, v.raw) { - return true, true - } else if isCaselessLitValue(runesFalse, v.raw) { - return false, true - } - return false, false -} - -func isTrimmable(r rune) bool { - switch r { - case '\n', ' ': - return true - } - return false -} - -// StringValue returns the string value -func (v Value) StringValue() string { - switch v.Type { - case StringType: - return strings.TrimFunc(string(v.raw), isTrimmable) - case QuotedStringType: - // preserve all characters in the quotes - return string(removeEscapedCharacters(v.raw[1 : len(v.raw)-1])) - default: - return strings.TrimFunc(string(v.raw), isTrimmable) - } -} - -func contains(runes []rune, c rune) bool { - for i := 0; i < len(runes); i++ { - if runes[i] == c { - return true - } - } - - return false -} - -func runeCompare(v1 []rune, v2 []rune) bool { - if len(v1) != len(v2) { - return false - } - - for i := 0; i < len(v1); i++ { - if v1[i] != v2[i] { - return false - } - } - - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/newline_token.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/newline_token.go deleted file mode 100644 index e52ac399..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/newline_token.go +++ /dev/null @@ -1,30 +0,0 @@ -package ini - -func isNewline(b []rune) bool { - if len(b) == 0 { - return false - } - - if b[0] == '\n' { - return true - } - - if len(b) < 2 { - return false - } - - return b[0] == '\r' && b[1] == '\n' -} - -func newNewlineToken(b []rune) (Token, int, error) { - i := 1 - if b[0] == '\r' && isNewline(b[1:]) { - i++ - } - - if !isNewline([]rune(b[:i])) { - return emptyToken, 0, NewParseError("invalid new line token") - } - - return newToken(TokenNL, b[:i], NoneType), i, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/number_helper.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/number_helper.go deleted file mode 100644 index a45c0bc5..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/number_helper.go +++ /dev/null @@ -1,152 +0,0 @@ -package ini - -import ( - "bytes" - "fmt" - "strconv" -) - -const ( - none = numberFormat(iota) - binary - octal - decimal - hex - exponent -) - -type numberFormat int - -// numberHelper is used to dictate what format a number is in -// and what to do for negative values. Since -1e-4 is a valid -// number, we cannot just simply check for duplicate negatives. -type numberHelper struct { - numberFormat numberFormat - - negative bool - negativeExponent bool -} - -func (b numberHelper) Exists() bool { - return b.numberFormat != none -} - -func (b numberHelper) IsNegative() bool { - return b.negative || b.negativeExponent -} - -func (b *numberHelper) Determine(c rune) error { - if b.Exists() { - return NewParseError(fmt.Sprintf("multiple number formats: 0%v", string(c))) - } - - switch c { - case 'b': - b.numberFormat = binary - case 'o': - b.numberFormat = octal - case 'x': - b.numberFormat = hex - case 'e', 'E': - b.numberFormat = exponent - case '-': - if b.numberFormat != exponent { - b.negative = true - } else { - b.negativeExponent = true - } - case '.': - b.numberFormat = decimal - default: - return NewParseError(fmt.Sprintf("invalid number character: %v", string(c))) - } - - return nil -} - -func (b numberHelper) CorrectByte(c rune) bool { - switch { - case b.numberFormat == binary: - if !isBinaryByte(c) { - return false - } - case b.numberFormat == octal: - if !isOctalByte(c) { - return false - } - case b.numberFormat == hex: - if !isHexByte(c) { - return false - } - case b.numberFormat == decimal: - if !isDigit(c) { - return false - } - case b.numberFormat == exponent: - if !isDigit(c) { - return false - } - case b.negativeExponent: - if !isDigit(c) { - return false - } - case b.negative: - if !isDigit(c) { - return false - } - default: - if !isDigit(c) { - return false - } - } - - return true -} - -func (b numberHelper) Base() int { - switch b.numberFormat { - case binary: - return 2 - case octal: - return 8 - case hex: - return 16 - default: - return 10 - } -} - -func (b numberHelper) String() string { - buf := bytes.Buffer{} - i := 0 - - switch b.numberFormat { - case binary: - i++ - buf.WriteString(strconv.Itoa(i) + ": binary format\n") - case octal: - i++ - buf.WriteString(strconv.Itoa(i) + ": octal format\n") - case hex: - i++ - buf.WriteString(strconv.Itoa(i) + ": hex format\n") - case exponent: - i++ - buf.WriteString(strconv.Itoa(i) + ": exponent format\n") - default: - i++ - buf.WriteString(strconv.Itoa(i) + ": integer format\n") - } - - if b.negative { - i++ - buf.WriteString(strconv.Itoa(i) + ": negative format\n") - } - - if b.negativeExponent { - i++ - buf.WriteString(strconv.Itoa(i) + ": negative exponent format\n") - } - - return buf.String() -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/op_tokens.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/op_tokens.go deleted file mode 100644 index 8a84c7cb..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/op_tokens.go +++ /dev/null @@ -1,39 +0,0 @@ -package ini - -import ( - "fmt" -) - -var ( - equalOp = []rune("=") - equalColonOp = []rune(":") -) - -func isOp(b []rune) bool { - if len(b) == 0 { - return false - } - - switch b[0] { - case '=': - return true - case ':': - return true - default: - return false - } -} - -func newOpToken(b []rune) (Token, int, error) { - tok := Token{} - - switch b[0] { - case '=': - tok = newToken(TokenOp, equalOp, NoneType) - case ':': - tok = newToken(TokenOp, equalColonOp, NoneType) - default: - return tok, 0, NewParseError(fmt.Sprintf("unexpected op type, %v", b[0])) - } - return tok, 1, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/parse_error.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/parse_error.go deleted file mode 100644 index 45728701..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/parse_error.go +++ /dev/null @@ -1,43 +0,0 @@ -package ini - -import "fmt" - -const ( - // ErrCodeParseError is returned when a parsing error - // has occurred. - ErrCodeParseError = "INIParseError" -) - -// ParseError is an error which is returned during any part of -// the parsing process. -type ParseError struct { - msg string -} - -// NewParseError will return a new ParseError where message -// is the description of the error. -func NewParseError(message string) *ParseError { - return &ParseError{ - msg: message, - } -} - -// Code will return the ErrCodeParseError -func (err *ParseError) Code() string { - return ErrCodeParseError -} - -// Message returns the error's message -func (err *ParseError) Message() string { - return err.msg -} - -// OrigError return nothing since there will never be any -// original error. -func (err *ParseError) OrigError() error { - return nil -} - -func (err *ParseError) Error() string { - return fmt.Sprintf("%s: %s", err.Code(), err.Message()) -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/parse_stack.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/parse_stack.go deleted file mode 100644 index 7f01cf7c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/parse_stack.go +++ /dev/null @@ -1,60 +0,0 @@ -package ini - -import ( - "bytes" - "fmt" -) - -// ParseStack is a stack that contains a container, the stack portion, -// and the list which is the list of ASTs that have been successfully -// parsed. -type ParseStack struct { - top int - container []AST - list []AST - index int -} - -func newParseStack(sizeContainer, sizeList int) ParseStack { - return ParseStack{ - container: make([]AST, sizeContainer), - list: make([]AST, sizeList), - } -} - -// Pop will return and truncate the last container element. -func (s *ParseStack) Pop() AST { - s.top-- - return s.container[s.top] -} - -// Push will add the new AST to the container -func (s *ParseStack) Push(ast AST) { - s.container[s.top] = ast - s.top++ -} - -// MarkComplete will append the AST to the list of completed statements -func (s *ParseStack) MarkComplete(ast AST) { - s.list[s.index] = ast - s.index++ -} - -// List will return the completed statements -func (s ParseStack) List() []AST { - return s.list[:s.index] -} - -// Len will return the length of the container -func (s *ParseStack) Len() int { - return s.top -} - -func (s ParseStack) String() string { - buf := bytes.Buffer{} - for i, node := range s.list { - buf.WriteString(fmt.Sprintf("%d: %v\n", i+1, node)) - } - - return buf.String() -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/sep_tokens.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/sep_tokens.go deleted file mode 100644 index f82095ba..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/sep_tokens.go +++ /dev/null @@ -1,41 +0,0 @@ -package ini - -import ( - "fmt" -) - -var ( - emptyRunes = []rune{} -) - -func isSep(b []rune) bool { - if len(b) == 0 { - return false - } - - switch b[0] { - case '[', ']': - return true - default: - return false - } -} - -var ( - openBrace = []rune("[") - closeBrace = []rune("]") -) - -func newSepToken(b []rune) (Token, int, error) { - tok := Token{} - - switch b[0] { - case '[': - tok = newToken(TokenSep, openBrace, NoneType) - case ']': - tok = newToken(TokenSep, closeBrace, NoneType) - default: - return tok, 0, NewParseError(fmt.Sprintf("unexpected sep type, %v", b[0])) - } - return tok, 1, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go deleted file mode 100644 index da7a4049..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/skipper.go +++ /dev/null @@ -1,45 +0,0 @@ -package ini - -// skipper is used to skip certain blocks of an ini file. -// Currently skipper is used to skip nested blocks of ini -// files. See example below -// -// [ foo ] -// nested = ; this section will be skipped -// a=b -// c=d -// bar=baz ; this will be included -type skipper struct { - shouldSkip bool - TokenSet bool - prevTok Token -} - -func newSkipper() skipper { - return skipper{ - prevTok: emptyToken, - } -} - -func (s *skipper) ShouldSkip(tok Token) bool { - // should skip state will be modified only if previous token was new line (NL); - // and the current token is not WhiteSpace (WS). - if s.shouldSkip && - s.prevTok.Type() == TokenNL && - tok.Type() != TokenWS { - s.Continue() - return false - } - s.prevTok = tok - return s.shouldSkip -} - -func (s *skipper) Skip() { - s.shouldSkip = true -} - -func (s *skipper) Continue() { - s.shouldSkip = false - // empty token is assigned as we return to default state, when should skip is false - s.prevTok = emptyToken -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/statement.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/statement.go deleted file mode 100644 index 18f3fe89..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/statement.go +++ /dev/null @@ -1,35 +0,0 @@ -package ini - -// Statement is an empty AST mostly used for transitioning states. -func newStatement() AST { - return newAST(ASTKindStatement, AST{}) -} - -// SectionStatement represents a section AST -func newSectionStatement(tok Token) AST { - return newASTWithRootToken(ASTKindSectionStatement, tok) -} - -// ExprStatement represents a completed expression AST -func newExprStatement(ast AST) AST { - return newAST(ASTKindExprStatement, ast) -} - -// CommentStatement represents a comment in the ini definition. -// -// grammar: -// comment -> #comment' | ;comment' -// comment' -> epsilon | value -func newCommentStatement(tok Token) AST { - return newAST(ASTKindCommentStatement, newExpression(tok)) -} - -// CompletedSectionStatement represents a completed section -func newCompletedSectionStatement(ast AST) AST { - return newAST(ASTKindCompletedSectionStatement, ast) -} - -// SkipStatement is used to skip whole statements -func newSkipStatement(ast AST) AST { - return newAST(ASTKindSkipStatement, ast) -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/value_util.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/value_util.go deleted file mode 100644 index b5480fde..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/value_util.go +++ /dev/null @@ -1,284 +0,0 @@ -package ini - -import ( - "fmt" -) - -// getStringValue will return a quoted string and the amount -// of bytes read -// -// an error will be returned if the string is not properly formatted -func getStringValue(b []rune) (int, error) { - if b[0] != '"' { - return 0, NewParseError("strings must start with '\"'") - } - - endQuote := false - i := 1 - - for ; i < len(b) && !endQuote; i++ { - if escaped := isEscaped(b[:i], b[i]); b[i] == '"' && !escaped { - endQuote = true - break - } else if escaped { - /*c, err := getEscapedByte(b[i]) - if err != nil { - return 0, err - } - - b[i-1] = c - b = append(b[:i], b[i+1:]...) - i--*/ - - continue - } - } - - if !endQuote { - return 0, NewParseError("missing '\"' in string value") - } - - return i + 1, nil -} - -// getBoolValue will return a boolean and the amount -// of bytes read -// -// an error will be returned if the boolean is not of a correct -// value -func getBoolValue(b []rune) (int, error) { - if len(b) < 4 { - return 0, NewParseError("invalid boolean value") - } - - n := 0 - for _, lv := range literalValues { - if len(lv) > len(b) { - continue - } - - if isCaselessLitValue(lv, b) { - n = len(lv) - } - } - - if n == 0 { - return 0, NewParseError("invalid boolean value") - } - - return n, nil -} - -// getNumericalValue will return a numerical string, the amount -// of bytes read, and the base of the number -// -// an error will be returned if the number is not of a correct -// value -func getNumericalValue(b []rune) (int, int, error) { - if !isDigit(b[0]) { - return 0, 0, NewParseError("invalid digit value") - } - - i := 0 - helper := numberHelper{} - -loop: - for negativeIndex := 0; i < len(b); i++ { - negativeIndex++ - - if !isDigit(b[i]) { - switch b[i] { - case '-': - if helper.IsNegative() || negativeIndex != 1 { - return 0, 0, NewParseError("parse error '-'") - } - - n := getNegativeNumber(b[i:]) - i += (n - 1) - helper.Determine(b[i]) - continue - case '.': - if err := helper.Determine(b[i]); err != nil { - return 0, 0, err - } - case 'e', 'E': - if err := helper.Determine(b[i]); err != nil { - return 0, 0, err - } - - negativeIndex = 0 - case 'b': - if helper.numberFormat == hex { - break - } - fallthrough - case 'o', 'x': - if i == 0 && b[i] != '0' { - return 0, 0, NewParseError("incorrect base format, expected leading '0'") - } - - if i != 1 { - return 0, 0, NewParseError(fmt.Sprintf("incorrect base format found %s at %d index", string(b[i]), i)) - } - - if err := helper.Determine(b[i]); err != nil { - return 0, 0, err - } - default: - if isWhitespace(b[i]) { - break loop - } - - if isNewline(b[i:]) { - break loop - } - - if !(helper.numberFormat == hex && isHexByte(b[i])) { - if i+2 < len(b) && !isNewline(b[i:i+2]) { - return 0, 0, NewParseError("invalid numerical character") - } else if !isNewline([]rune{b[i]}) { - return 0, 0, NewParseError("invalid numerical character") - } - - break loop - } - } - } - } - - return helper.Base(), i, nil -} - -// isDigit will return whether or not something is an integer -func isDigit(b rune) bool { - return b >= '0' && b <= '9' -} - -func hasExponent(v []rune) bool { - return contains(v, 'e') || contains(v, 'E') -} - -func isBinaryByte(b rune) bool { - switch b { - case '0', '1': - return true - default: - return false - } -} - -func isOctalByte(b rune) bool { - switch b { - case '0', '1', '2', '3', '4', '5', '6', '7': - return true - default: - return false - } -} - -func isHexByte(b rune) bool { - if isDigit(b) { - return true - } - return (b >= 'A' && b <= 'F') || - (b >= 'a' && b <= 'f') -} - -func getValue(b []rune) (int, error) { - i := 0 - - for i < len(b) { - if isNewline(b[i:]) { - break - } - - if isOp(b[i:]) { - break - } - - valid, n, err := isValid(b[i:]) - if err != nil { - return 0, err - } - - if !valid { - break - } - - i += n - } - - return i, nil -} - -// getNegativeNumber will return a negative number from a -// byte slice. This will iterate through all characters until -// a non-digit has been found. -func getNegativeNumber(b []rune) int { - if b[0] != '-' { - return 0 - } - - i := 1 - for ; i < len(b); i++ { - if !isDigit(b[i]) { - return i - } - } - - return i -} - -// isEscaped will return whether or not the character is an escaped -// character. -func isEscaped(value []rune, b rune) bool { - if len(value) == 0 { - return false - } - - switch b { - case '\'': // single quote - case '"': // quote - case 'n': // newline - case 't': // tab - case '\\': // backslash - default: - return false - } - - return value[len(value)-1] == '\\' -} - -func getEscapedByte(b rune) (rune, error) { - switch b { - case '\'': // single quote - return '\'', nil - case '"': // quote - return '"', nil - case 'n': // newline - return '\n', nil - case 't': // table - return '\t', nil - case '\\': // backslash - return '\\', nil - default: - return b, NewParseError(fmt.Sprintf("invalid escaped character %c", b)) - } -} - -func removeEscapedCharacters(b []rune) []rune { - for i := 0; i < len(b); i++ { - if isEscaped(b[:i], b[i]) { - c, err := getEscapedByte(b[i]) - if err != nil { - return b - } - - b[i-1] = c - b = append(b[:i], b[i+1:]...) - i-- - } - } - - return b -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go deleted file mode 100644 index 1d08e138..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go +++ /dev/null @@ -1,169 +0,0 @@ -package ini - -import ( - "fmt" - "sort" -) - -// Visitor is an interface used by walkers that will -// traverse an array of ASTs. -type Visitor interface { - VisitExpr(AST) error - VisitStatement(AST) error -} - -// DefaultVisitor is used to visit statements and expressions -// and ensure that they are both of the correct format. -// In addition, upon visiting this will build sections and populate -// the Sections field which can be used to retrieve profile -// configuration. -type DefaultVisitor struct { - scope string - Sections Sections -} - -// NewDefaultVisitor return a DefaultVisitor -func NewDefaultVisitor() *DefaultVisitor { - return &DefaultVisitor{ - Sections: Sections{ - container: map[string]Section{}, - }, - } -} - -// VisitExpr visits expressions... -func (v *DefaultVisitor) VisitExpr(expr AST) error { - t := v.Sections.container[v.scope] - if t.values == nil { - t.values = values{} - } - - switch expr.Kind { - case ASTKindExprStatement: - opExpr := expr.GetRoot() - switch opExpr.Kind { - case ASTKindEqualExpr: - children := opExpr.GetChildren() - if len(children) <= 1 { - return NewParseError("unexpected token type") - } - - rhs := children[1] - - // The right-hand value side the equality expression is allowed to contain '[', ']', ':', '=' in the values. - // If the token is not either a literal or one of the token types that identifies those four additional - // tokens then error. - if !(rhs.Root.Type() == TokenLit || rhs.Root.Type() == TokenOp || rhs.Root.Type() == TokenSep) { - return NewParseError("unexpected token type") - } - - key := EqualExprKey(opExpr) - v, err := newValue(rhs.Root.ValueType, rhs.Root.base, rhs.Root.Raw()) - if err != nil { - return err - } - - t.values[key] = v - default: - return NewParseError(fmt.Sprintf("unsupported expression %v", expr)) - } - default: - return NewParseError(fmt.Sprintf("unsupported expression %v", expr)) - } - - v.Sections.container[v.scope] = t - return nil -} - -// VisitStatement visits statements... -func (v *DefaultVisitor) VisitStatement(stmt AST) error { - switch stmt.Kind { - case ASTKindCompletedSectionStatement: - child := stmt.GetRoot() - if child.Kind != ASTKindSectionStatement { - return NewParseError(fmt.Sprintf("unsupported child statement: %T", child)) - } - - name := string(child.Root.Raw()) - v.Sections.container[name] = Section{} - v.scope = name - default: - return NewParseError(fmt.Sprintf("unsupported statement: %s", stmt.Kind)) - } - - return nil -} - -// Sections is a map of Section structures that represent -// a configuration. -type Sections struct { - container map[string]Section -} - -// GetSection will return section p. If section p does not exist, -// false will be returned in the second parameter. -func (t Sections) GetSection(p string) (Section, bool) { - v, ok := t.container[p] - return v, ok -} - -// values represents a map of union values. -type values map[string]Value - -// List will return a list of all sections that were successfully -// parsed. -func (t Sections) List() []string { - keys := make([]string, len(t.container)) - i := 0 - for k := range t.container { - keys[i] = k - i++ - } - - sort.Strings(keys) - return keys -} - -// Section contains a name and values. This represent -// a sectioned entry in a configuration file. -type Section struct { - Name string - values values -} - -// Has will return whether or not an entry exists in a given section -func (t Section) Has(k string) bool { - _, ok := t.values[k] - return ok -} - -// ValueType will returned what type the union is set to. If -// k was not found, the NoneType will be returned. -func (t Section) ValueType(k string) (ValueType, bool) { - v, ok := t.values[k] - return v.Type, ok -} - -// Bool returns a bool value at k -func (t Section) Bool(k string) (bool, bool) { - return t.values[k].BoolValue() -} - -// Int returns an integer value at k -func (t Section) Int(k string) (int64, bool) { - return t.values[k].IntValue() -} - -// Float64 returns a float value at k -func (t Section) Float64(k string) (float64, bool) { - return t.values[k].FloatValue() -} - -// String returns the string value at k -func (t Section) String(k string) string { - _, ok := t.values[k] - if !ok { - return "" - } - return t.values[k].StringValue() -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/walker.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/walker.go deleted file mode 100644 index 99915f7f..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/walker.go +++ /dev/null @@ -1,25 +0,0 @@ -package ini - -// Walk will traverse the AST using the v, the Visitor. -func Walk(tree []AST, v Visitor) error { - for _, node := range tree { - switch node.Kind { - case ASTKindExpr, - ASTKindExprStatement: - - if err := v.VisitExpr(node); err != nil { - return err - } - case ASTKindStatement, - ASTKindCompletedSectionStatement, - ASTKindNestedSectionStatement, - ASTKindCompletedNestedSectionStatement: - - if err := v.VisitStatement(node); err != nil { - return err - } - } - } - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/ini/ws_token.go b/vendor/github.com/aws/aws-sdk-go/internal/ini/ws_token.go deleted file mode 100644 index 7ffb4ae0..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/ini/ws_token.go +++ /dev/null @@ -1,24 +0,0 @@ -package ini - -import ( - "unicode" -) - -// isWhitespace will return whether or not the character is -// a whitespace character. -// -// Whitespace is defined as a space or tab. -func isWhitespace(c rune) bool { - return unicode.IsSpace(c) && c != '\n' && c != '\r' -} - -func newWSToken(b []rune) (Token, int, error) { - i := 0 - for ; i < len(b); i++ { - if !isWhitespace(b[i]) { - break - } - } - - return newToken(TokenWS, b[:i], NoneType), i, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go deleted file mode 100644 index 6c443988..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/byte.go +++ /dev/null @@ -1,12 +0,0 @@ -package sdkio - -const ( - // Byte is 8 bits - Byte int64 = 1 - // KibiByte (KiB) is 1024 Bytes - KibiByte = Byte * 1024 - // MebiByte (MiB) is 1024 KiB - MebiByte = KibiByte * 1024 - // GibiByte (GiB) is 1024 MiB - GibiByte = MebiByte * 1024 -) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.6.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.6.go deleted file mode 100644 index 037a998c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.6.go +++ /dev/null @@ -1,11 +0,0 @@ -//go:build !go1.7 -// +build !go1.7 - -package sdkio - -// Copy of Go 1.7 io package's Seeker constants. -const ( - SeekStart = 0 // seek relative to the origin of the file - SeekCurrent = 1 // seek relative to the current offset - SeekEnd = 2 // seek relative to the end -) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.7.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.7.go deleted file mode 100644 index 65e7c60c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.7.go +++ /dev/null @@ -1,13 +0,0 @@ -//go:build go1.7 -// +build go1.7 - -package sdkio - -import "io" - -// Alias for Go 1.7 io package Seeker constants -const ( - SeekStart = io.SeekStart // seek relative to the origin of the file - SeekCurrent = io.SeekCurrent // seek relative to the current offset - SeekEnd = io.SeekEnd // seek relative to the end -) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go deleted file mode 100644 index a8452878..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go +++ /dev/null @@ -1,16 +0,0 @@ -//go:build go1.10 -// +build go1.10 - -package sdkmath - -import "math" - -// Round returns the nearest integer, rounding half away from zero. -// -// Special cases are: -// Round(±0) = ±0 -// Round(±Inf) = ±Inf -// Round(NaN) = NaN -func Round(x float64) float64 { - return math.Round(x) -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go deleted file mode 100644 index a3ae3e5d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go +++ /dev/null @@ -1,57 +0,0 @@ -//go:build !go1.10 -// +build !go1.10 - -package sdkmath - -import "math" - -// Copied from the Go standard library's (Go 1.12) math/floor.go for use in -// Go version prior to Go 1.10. -const ( - uvone = 0x3FF0000000000000 - mask = 0x7FF - shift = 64 - 11 - 1 - bias = 1023 - signMask = 1 << 63 - fracMask = 1<= 0.5 { - // return t + Copysign(1, x) - // } - // return t - // } - bits := math.Float64bits(x) - e := uint(bits>>shift) & mask - if e < bias { - // Round abs(x) < 1 including denormals. - bits &= signMask // +-0 - if e == bias-1 { - bits |= uvone // +-1 - } - } else if e < bias+shift { - // Round any abs(x) >= 1 containing a fractional component [0,1). - // - // Numbers with larger exponents are returned unchanged since they - // must be either an integer, infinity, or NaN. - const half = 1 << (shift - 1) - e -= bias - bits += half >> e - bits &^= fracMask >> e - } - return math.Float64frombits(bits) -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/locked_source.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/locked_source.go deleted file mode 100644 index 0c9802d8..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/locked_source.go +++ /dev/null @@ -1,29 +0,0 @@ -package sdkrand - -import ( - "math/rand" - "sync" - "time" -) - -// lockedSource is a thread-safe implementation of rand.Source -type lockedSource struct { - lk sync.Mutex - src rand.Source -} - -func (r *lockedSource) Int63() (n int64) { - r.lk.Lock() - n = r.src.Int63() - r.lk.Unlock() - return -} - -func (r *lockedSource) Seed(seed int64) { - r.lk.Lock() - r.src.Seed(seed) - r.lk.Unlock() -} - -// SeededRand is a new RNG using a thread safe implementation of rand.Source -var SeededRand = rand.New(&lockedSource{src: rand.NewSource(time.Now().UnixNano())}) diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go deleted file mode 100644 index 4bae66ce..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go +++ /dev/null @@ -1,12 +0,0 @@ -//go:build go1.6 -// +build go1.6 - -package sdkrand - -import "math/rand" - -// Read provides the stub for math.Rand.Read method support for go version's -// 1.6 and greater. -func Read(r *rand.Rand, p []byte) (int, error) { - return r.Read(p) -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go deleted file mode 100644 index 3a6ab882..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go +++ /dev/null @@ -1,25 +0,0 @@ -//go:build !go1.6 -// +build !go1.6 - -package sdkrand - -import "math/rand" - -// Read backfills Go 1.6's math.Rand.Reader for Go 1.5 -func Read(r *rand.Rand, p []byte) (n int, err error) { - // Copy of Go standard libraries math package's read function not added to - // standard library until Go 1.6. - var pos int8 - var val int64 - for n = 0; n < len(p); n++ { - if pos == 0 { - val = r.Int63() - pos = 7 - } - p[n] = byte(val) - val >>= 8 - pos-- - } - - return n, err -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sdkuri/path.go b/vendor/github.com/aws/aws-sdk-go/internal/sdkuri/path.go deleted file mode 100644 index 38ea61af..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sdkuri/path.go +++ /dev/null @@ -1,23 +0,0 @@ -package sdkuri - -import ( - "path" - "strings" -) - -// PathJoin will join the elements of the path delimited by the "/" -// character. Similar to path.Join with the exception the trailing "/" -// character is preserved if present. -func PathJoin(elems ...string) string { - if len(elems) == 0 { - return "" - } - - hasTrailing := strings.HasSuffix(elems[len(elems)-1], "/") - str := path.Join(elems...) - if hasTrailing && str != "/" { - str += "/" - } - - return str -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/ecs_container.go b/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/ecs_container.go deleted file mode 100644 index 7da8a49c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/ecs_container.go +++ /dev/null @@ -1,12 +0,0 @@ -package shareddefaults - -const ( - // ECSCredsProviderEnvVar is an environmental variable key used to - // determine which path needs to be hit. - ECSCredsProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI" -) - -// ECSContainerCredentialsURI is the endpoint to retrieve container -// credentials. This can be overridden to test to ensure the credential process -// is behaving correctly. -var ECSContainerCredentialsURI = "http://169.254.170.2" diff --git a/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go b/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go deleted file mode 100644 index 34fea49c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go +++ /dev/null @@ -1,46 +0,0 @@ -package shareddefaults - -import ( - "os/user" - "path/filepath" -) - -// SharedCredentialsFilename returns the SDK's default file path -// for the shared credentials file. -// -// Builds the shared config file path based on the OS's platform. -// -// - Linux/Unix: $HOME/.aws/credentials -// - Windows: %USERPROFILE%\.aws\credentials -func SharedCredentialsFilename() string { - return filepath.Join(UserHomeDir(), ".aws", "credentials") -} - -// SharedConfigFilename returns the SDK's default file path for -// the shared config file. -// -// Builds the shared config file path based on the OS's platform. -// -// - Linux/Unix: $HOME/.aws/config -// - Windows: %USERPROFILE%\.aws\config -func SharedConfigFilename() string { - return filepath.Join(UserHomeDir(), ".aws", "config") -} - -// UserHomeDir returns the home directory for the user the process is -// running under. -func UserHomeDir() string { - var home string - - home = userHomeDir() - if len(home) > 0 { - return home - } - - currUser, _ := user.Current() - if currUser != nil { - home = currUser.HomeDir - } - - return home -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home.go b/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home.go deleted file mode 100644 index eb298ae0..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home.go +++ /dev/null @@ -1,18 +0,0 @@ -//go:build !go1.12 -// +build !go1.12 - -package shareddefaults - -import ( - "os" - "runtime" -) - -func userHomeDir() string { - if runtime.GOOS == "windows" { // Windows - return os.Getenv("USERPROFILE") - } - - // *nix - return os.Getenv("HOME") -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home_go1.12.go b/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home_go1.12.go deleted file mode 100644 index 51541b50..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home_go1.12.go +++ /dev/null @@ -1,13 +0,0 @@ -//go:build go1.12 -// +build go1.12 - -package shareddefaults - -import ( - "os" -) - -func userHomeDir() string { - home, _ := os.UserHomeDir() - return home -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go b/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go deleted file mode 100644 index d008ae27..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/strings/strings.go +++ /dev/null @@ -1,11 +0,0 @@ -package strings - -import ( - "strings" -) - -// HasPrefixFold tests whether the string s begins with prefix, interpreted as UTF-8 strings, -// under Unicode case-folding. -func HasPrefixFold(s, prefix string) bool { - return len(s) >= len(prefix) && strings.EqualFold(s[0:len(prefix)], prefix) -} diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE deleted file mode 100644 index 6a66aea5..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go b/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go deleted file mode 100644 index 14ad0c58..00000000 --- a/vendor/github.com/aws/aws-sdk-go/internal/sync/singleflight/singleflight.go +++ /dev/null @@ -1,120 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package singleflight provides a duplicate function call suppression -// mechanism. -package singleflight - -import "sync" - -// call is an in-flight or completed singleflight.Do call -type call struct { - wg sync.WaitGroup - - // These fields are written once before the WaitGroup is done - // and are only read after the WaitGroup is done. - val interface{} - err error - - // forgotten indicates whether Forget was called with this call's key - // while the call was still in flight. - forgotten bool - - // These fields are read and written with the singleflight - // mutex held before the WaitGroup is done, and are read but - // not written after the WaitGroup is done. - dups int - chans []chan<- Result -} - -// Group represents a class of work and forms a namespace in -// which units of work can be executed with duplicate suppression. -type Group struct { - mu sync.Mutex // protects m - m map[string]*call // lazily initialized -} - -// Result holds the results of Do, so they can be passed -// on a channel. -type Result struct { - Val interface{} - Err error - Shared bool -} - -// Do executes and returns the results of the given function, making -// sure that only one execution is in-flight for a given key at a -// time. If a duplicate comes in, the duplicate caller waits for the -// original to complete and receives the same results. -// The return value shared indicates whether v was given to multiple callers. -func (g *Group) Do(key string, fn func() (interface{}, error)) (v interface{}, err error, shared bool) { - g.mu.Lock() - if g.m == nil { - g.m = make(map[string]*call) - } - if c, ok := g.m[key]; ok { - c.dups++ - g.mu.Unlock() - c.wg.Wait() - return c.val, c.err, true - } - c := new(call) - c.wg.Add(1) - g.m[key] = c - g.mu.Unlock() - - g.doCall(c, key, fn) - return c.val, c.err, c.dups > 0 -} - -// DoChan is like Do but returns a channel that will receive the -// results when they are ready. -func (g *Group) DoChan(key string, fn func() (interface{}, error)) <-chan Result { - ch := make(chan Result, 1) - g.mu.Lock() - if g.m == nil { - g.m = make(map[string]*call) - } - if c, ok := g.m[key]; ok { - c.dups++ - c.chans = append(c.chans, ch) - g.mu.Unlock() - return ch - } - c := &call{chans: []chan<- Result{ch}} - c.wg.Add(1) - g.m[key] = c - g.mu.Unlock() - - go g.doCall(c, key, fn) - - return ch -} - -// doCall handles the single call for a key. -func (g *Group) doCall(c *call, key string, fn func() (interface{}, error)) { - c.val, c.err = fn() - c.wg.Done() - - g.mu.Lock() - if !c.forgotten { - delete(g.m, key) - } - for _, ch := range c.chans { - ch <- Result{c.val, c.err, c.dups > 0} - } - g.mu.Unlock() -} - -// Forget tells the singleflight to forget about a key. Future calls -// to Do for this key will call the function rather than waiting for -// an earlier call to complete. -func (g *Group) Forget(key string) { - g.mu.Lock() - if c, ok := g.m[key]; ok { - c.forgotten = true - } - delete(g.m, key) - g.mu.Unlock() -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go deleted file mode 100644 index 1f1d27ae..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go +++ /dev/null @@ -1,104 +0,0 @@ -package protocol - -import ( - "github.com/aws/aws-sdk-go/aws/request" - "net" - "strconv" - "strings" -) - -// ValidateEndpointHostHandler is a request handler that will validate the -// request endpoint's hosts is a valid RFC 3986 host. -var ValidateEndpointHostHandler = request.NamedHandler{ - Name: "awssdk.protocol.ValidateEndpointHostHandler", - Fn: func(r *request.Request) { - err := ValidateEndpointHost(r.Operation.Name, r.HTTPRequest.URL.Host) - if err != nil { - r.Error = err - } - }, -} - -// ValidateEndpointHost validates that the host string passed in is a valid RFC -// 3986 host. Returns error if the host is not valid. -func ValidateEndpointHost(opName, host string) error { - paramErrs := request.ErrInvalidParams{Context: opName} - - var hostname string - var port string - var err error - - if strings.Contains(host, ":") { - hostname, port, err = net.SplitHostPort(host) - - if err != nil { - paramErrs.Add(request.NewErrParamFormat("endpoint", err.Error(), host)) - } - - if !ValidPortNumber(port) { - paramErrs.Add(request.NewErrParamFormat("endpoint port number", "[0-65535]", port)) - } - } else { - hostname = host - } - - labels := strings.Split(hostname, ".") - for i, label := range labels { - if i == len(labels)-1 && len(label) == 0 { - // Allow trailing dot for FQDN hosts. - continue - } - - if !ValidHostLabel(label) { - paramErrs.Add(request.NewErrParamFormat( - "endpoint host label", "[a-zA-Z0-9-]{1,63}", label)) - } - } - - if len(hostname) == 0 { - paramErrs.Add(request.NewErrParamMinLen("endpoint host", 1)) - } - - if len(hostname) > 255 { - paramErrs.Add(request.NewErrParamMaxLen( - "endpoint host", 255, host, - )) - } - - if paramErrs.Len() > 0 { - return paramErrs - } - return nil -} - -// ValidHostLabel returns if the label is a valid RFC 3986 host label. -func ValidHostLabel(label string) bool { - if l := len(label); l == 0 || l > 63 { - return false - } - for _, r := range label { - switch { - case r >= '0' && r <= '9': - case r >= 'A' && r <= 'Z': - case r >= 'a' && r <= 'z': - case r == '-': - default: - return false - } - } - - return true -} - -// ValidPortNumber return if the port is valid RFC 3986 port -func ValidPortNumber(port string) bool { - i, err := strconv.Atoi(port) - if err != nil { - return false - } - - if i < 0 || i > 65535 { - return false - } - return true -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/host_prefix.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/host_prefix.go deleted file mode 100644 index 915b0fca..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/host_prefix.go +++ /dev/null @@ -1,54 +0,0 @@ -package protocol - -import ( - "strings" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" -) - -// HostPrefixHandlerName is the handler name for the host prefix request -// handler. -const HostPrefixHandlerName = "awssdk.endpoint.HostPrefixHandler" - -// NewHostPrefixHandler constructs a build handler -func NewHostPrefixHandler(prefix string, labelsFn func() map[string]string) request.NamedHandler { - builder := HostPrefixBuilder{ - Prefix: prefix, - LabelsFn: labelsFn, - } - - return request.NamedHandler{ - Name: HostPrefixHandlerName, - Fn: builder.Build, - } -} - -// HostPrefixBuilder provides the request handler to expand and prepend -// the host prefix into the operation's request endpoint host. -type HostPrefixBuilder struct { - Prefix string - LabelsFn func() map[string]string -} - -// Build updates the passed in Request with the HostPrefix template expanded. -func (h HostPrefixBuilder) Build(r *request.Request) { - if aws.BoolValue(r.Config.DisableEndpointHostPrefix) { - return - } - - var labels map[string]string - if h.LabelsFn != nil { - labels = h.LabelsFn() - } - - prefix := h.Prefix - for name, value := range labels { - prefix = strings.Replace(prefix, "{"+name+"}", value, -1) - } - - r.HTTPRequest.URL.Host = prefix + r.HTTPRequest.URL.Host - if len(r.HTTPRequest.Host) > 0 { - r.HTTPRequest.Host = prefix + r.HTTPRequest.Host - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/idempotency.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/idempotency.go deleted file mode 100644 index 53831dff..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/idempotency.go +++ /dev/null @@ -1,75 +0,0 @@ -package protocol - -import ( - "crypto/rand" - "fmt" - "reflect" -) - -// RandReader is the random reader the protocol package will use to read -// random bytes from. This is exported for testing, and should not be used. -var RandReader = rand.Reader - -const idempotencyTokenFillTag = `idempotencyToken` - -// CanSetIdempotencyToken returns true if the struct field should be -// automatically populated with a Idempotency token. -// -// Only *string and string type fields that are tagged with idempotencyToken -// which are not already set can be auto filled. -func CanSetIdempotencyToken(v reflect.Value, f reflect.StructField) bool { - switch u := v.Interface().(type) { - // To auto fill an Idempotency token the field must be a string, - // tagged for auto fill, and have a zero value. - case *string: - return u == nil && len(f.Tag.Get(idempotencyTokenFillTag)) != 0 - case string: - return len(u) == 0 && len(f.Tag.Get(idempotencyTokenFillTag)) != 0 - } - - return false -} - -// GetIdempotencyToken returns a randomly generated idempotency token. -func GetIdempotencyToken() string { - b := make([]byte, 16) - RandReader.Read(b) - - return UUIDVersion4(b) -} - -// SetIdempotencyToken will set the value provided with a Idempotency Token. -// Given that the value can be set. Will panic if value is not setable. -func SetIdempotencyToken(v reflect.Value) { - if v.Kind() == reflect.Ptr { - if v.IsNil() && v.CanSet() { - v.Set(reflect.New(v.Type().Elem())) - } - v = v.Elem() - } - v = reflect.Indirect(v) - - if !v.CanSet() { - panic(fmt.Sprintf("unable to set idempotnecy token %v", v)) - } - - b := make([]byte, 16) - _, err := rand.Read(b) - if err != nil { - // TODO handle error - return - } - - v.Set(reflect.ValueOf(UUIDVersion4(b))) -} - -// UUIDVersion4 returns a Version 4 random UUID from the byte slice provided -func UUIDVersion4(u []byte) string { - // https://en.wikipedia.org/wiki/Universally_unique_identifier#Version_4_.28random.29 - // 13th character is "4" - u[6] = (u[6] | 0x40) & 0x4F - // 17th character is "8", "9", "a", or "b" - u[8] = (u[8] | 0x80) & 0xBF - - return fmt.Sprintf(`%X-%X-%X-%X-%X`, u[0:4], u[4:6], u[6:8], u[8:10], u[10:]) -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go deleted file mode 100644 index 12e814dd..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go +++ /dev/null @@ -1,309 +0,0 @@ -// Package jsonutil provides JSON serialization of AWS requests and responses. -package jsonutil - -import ( - "bytes" - "encoding/base64" - "fmt" - "math" - "reflect" - "sort" - "strconv" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/private/protocol" -) - -const ( - floatNaN = "NaN" - floatInf = "Infinity" - floatNegInf = "-Infinity" -) - -var timeType = reflect.ValueOf(time.Time{}).Type() -var byteSliceType = reflect.ValueOf([]byte{}).Type() - -// BuildJSON builds a JSON string for a given object v. -func BuildJSON(v interface{}) ([]byte, error) { - var buf bytes.Buffer - - err := buildAny(reflect.ValueOf(v), &buf, "") - return buf.Bytes(), err -} - -func buildAny(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error { - origVal := value - value = reflect.Indirect(value) - if !value.IsValid() { - return nil - } - - vtype := value.Type() - - t := tag.Get("type") - if t == "" { - switch vtype.Kind() { - case reflect.Struct: - // also it can't be a time object - if value.Type() != timeType { - t = "structure" - } - case reflect.Slice: - // also it can't be a byte slice - if _, ok := value.Interface().([]byte); !ok { - t = "list" - } - case reflect.Map: - // cannot be a JSONValue map - if _, ok := value.Interface().(aws.JSONValue); !ok { - t = "map" - } - } - } - - switch t { - case "structure": - if field, ok := vtype.FieldByName("_"); ok { - tag = field.Tag - } - return buildStruct(value, buf, tag) - case "list": - return buildList(value, buf, tag) - case "map": - return buildMap(value, buf, tag) - default: - return buildScalar(origVal, buf, tag) - } -} - -func buildStruct(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error { - if !value.IsValid() { - return nil - } - - // unwrap payloads - if payload := tag.Get("payload"); payload != "" { - field, _ := value.Type().FieldByName(payload) - tag = field.Tag - value = elemOf(value.FieldByName(payload)) - if !value.IsValid() && tag.Get("type") != "structure" { - return nil - } - } - - buf.WriteByte('{') - defer buf.WriteString("}") - - if !value.IsValid() { - return nil - } - - t := value.Type() - first := true - for i := 0; i < t.NumField(); i++ { - member := value.Field(i) - - // This allocates the most memory. - // Additionally, we cannot skip nil fields due to - // idempotency auto filling. - field := t.Field(i) - - if field.PkgPath != "" { - continue // ignore unexported fields - } - if field.Tag.Get("json") == "-" { - continue - } - if field.Tag.Get("location") != "" { - continue // ignore non-body elements - } - if field.Tag.Get("ignore") != "" { - continue - } - - if protocol.CanSetIdempotencyToken(member, field) { - token := protocol.GetIdempotencyToken() - member = reflect.ValueOf(&token) - } - - if (member.Kind() == reflect.Ptr || member.Kind() == reflect.Slice || member.Kind() == reflect.Map) && member.IsNil() { - continue // ignore unset fields - } - - if first { - first = false - } else { - buf.WriteByte(',') - } - - // figure out what this field is called - name := field.Name - if locName := field.Tag.Get("locationName"); locName != "" { - name = locName - } - - writeString(name, buf) - buf.WriteString(`:`) - - err := buildAny(member, buf, field.Tag) - if err != nil { - return err - } - - } - - return nil -} - -func buildList(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error { - buf.WriteString("[") - - for i := 0; i < value.Len(); i++ { - buildAny(value.Index(i), buf, "") - - if i < value.Len()-1 { - buf.WriteString(",") - } - } - - buf.WriteString("]") - - return nil -} - -type sortedValues []reflect.Value - -func (sv sortedValues) Len() int { return len(sv) } -func (sv sortedValues) Swap(i, j int) { sv[i], sv[j] = sv[j], sv[i] } -func (sv sortedValues) Less(i, j int) bool { return sv[i].String() < sv[j].String() } - -func buildMap(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error { - buf.WriteString("{") - - sv := sortedValues(value.MapKeys()) - sort.Sort(sv) - - for i, k := range sv { - if i > 0 { - buf.WriteByte(',') - } - - writeString(k.String(), buf) - buf.WriteString(`:`) - - buildAny(value.MapIndex(k), buf, "") - } - - buf.WriteString("}") - - return nil -} - -func buildScalar(v reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) error { - // prevents allocation on the heap. - scratch := [64]byte{} - switch value := reflect.Indirect(v); value.Kind() { - case reflect.String: - writeString(value.String(), buf) - case reflect.Bool: - if value.Bool() { - buf.WriteString("true") - } else { - buf.WriteString("false") - } - case reflect.Int64: - buf.Write(strconv.AppendInt(scratch[:0], value.Int(), 10)) - case reflect.Float64: - f := value.Float() - switch { - case math.IsNaN(f): - writeString(floatNaN, buf) - case math.IsInf(f, 1): - writeString(floatInf, buf) - case math.IsInf(f, -1): - writeString(floatNegInf, buf) - default: - buf.Write(strconv.AppendFloat(scratch[:0], f, 'f', -1, 64)) - } - default: - switch converted := value.Interface().(type) { - case time.Time: - format := tag.Get("timestampFormat") - if len(format) == 0 { - format = protocol.UnixTimeFormatName - } - - ts := protocol.FormatTime(format, converted) - if format != protocol.UnixTimeFormatName { - ts = `"` + ts + `"` - } - - buf.WriteString(ts) - case []byte: - if !value.IsNil() { - buf.WriteByte('"') - if len(converted) < 1024 { - // for small buffers, using Encode directly is much faster. - dst := make([]byte, base64.StdEncoding.EncodedLen(len(converted))) - base64.StdEncoding.Encode(dst, converted) - buf.Write(dst) - } else { - // for large buffers, avoid unnecessary extra temporary - // buffer space. - enc := base64.NewEncoder(base64.StdEncoding, buf) - enc.Write(converted) - enc.Close() - } - buf.WriteByte('"') - } - case aws.JSONValue: - str, err := protocol.EncodeJSONValue(converted, protocol.QuotedEscape) - if err != nil { - return fmt.Errorf("unable to encode JSONValue, %v", err) - } - buf.WriteString(str) - default: - return fmt.Errorf("unsupported JSON value %v (%s)", value.Interface(), value.Type()) - } - } - return nil -} - -var hex = "0123456789abcdef" - -func writeString(s string, buf *bytes.Buffer) { - buf.WriteByte('"') - for i := 0; i < len(s); i++ { - if s[i] == '"' { - buf.WriteString(`\"`) - } else if s[i] == '\\' { - buf.WriteString(`\\`) - } else if s[i] == '\b' { - buf.WriteString(`\b`) - } else if s[i] == '\f' { - buf.WriteString(`\f`) - } else if s[i] == '\r' { - buf.WriteString(`\r`) - } else if s[i] == '\t' { - buf.WriteString(`\t`) - } else if s[i] == '\n' { - buf.WriteString(`\n`) - } else if s[i] < 32 { - buf.WriteString("\\u00") - buf.WriteByte(hex[s[i]>>4]) - buf.WriteByte(hex[s[i]&0xF]) - } else { - buf.WriteByte(s[i]) - } - } - buf.WriteByte('"') -} - -// Returns the reflection element of a value, if it is a pointer. -func elemOf(value reflect.Value) reflect.Value { - for value.Kind() == reflect.Ptr { - value = value.Elem() - } - return value -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go deleted file mode 100644 index f9334879..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go +++ /dev/null @@ -1,317 +0,0 @@ -package jsonutil - -import ( - "bytes" - "encoding/base64" - "encoding/json" - "fmt" - "io" - "math" - "math/big" - "reflect" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/private/protocol" -) - -var millisecondsFloat = new(big.Float).SetInt64(1e3) - -// UnmarshalJSONError unmarshal's the reader's JSON document into the passed in -// type. The value to unmarshal the json document into must be a pointer to the -// type. -func UnmarshalJSONError(v interface{}, stream io.Reader) error { - var errBuf bytes.Buffer - body := io.TeeReader(stream, &errBuf) - - err := json.NewDecoder(body).Decode(v) - if err != nil { - msg := "failed decoding error message" - if err == io.EOF { - msg = "error message missing" - err = nil - } - return awserr.NewUnmarshalError(err, msg, errBuf.Bytes()) - } - - return nil -} - -// UnmarshalJSON reads a stream and unmarshals the results in object v. -func UnmarshalJSON(v interface{}, stream io.Reader) error { - var out interface{} - - decoder := json.NewDecoder(stream) - decoder.UseNumber() - err := decoder.Decode(&out) - if err == io.EOF { - return nil - } else if err != nil { - return err - } - - return unmarshaler{}.unmarshalAny(reflect.ValueOf(v), out, "") -} - -// UnmarshalJSONCaseInsensitive reads a stream and unmarshals the result into the -// object v. Ignores casing for structure members. -func UnmarshalJSONCaseInsensitive(v interface{}, stream io.Reader) error { - var out interface{} - - decoder := json.NewDecoder(stream) - decoder.UseNumber() - err := decoder.Decode(&out) - if err == io.EOF { - return nil - } else if err != nil { - return err - } - - return unmarshaler{ - caseInsensitive: true, - }.unmarshalAny(reflect.ValueOf(v), out, "") -} - -type unmarshaler struct { - caseInsensitive bool -} - -func (u unmarshaler) unmarshalAny(value reflect.Value, data interface{}, tag reflect.StructTag) error { - vtype := value.Type() - if vtype.Kind() == reflect.Ptr { - vtype = vtype.Elem() // check kind of actual element type - } - - t := tag.Get("type") - if t == "" { - switch vtype.Kind() { - case reflect.Struct: - // also it can't be a time object - if _, ok := value.Interface().(*time.Time); !ok { - t = "structure" - } - case reflect.Slice: - // also it can't be a byte slice - if _, ok := value.Interface().([]byte); !ok { - t = "list" - } - case reflect.Map: - // cannot be a JSONValue map - if _, ok := value.Interface().(aws.JSONValue); !ok { - t = "map" - } - } - } - - switch t { - case "structure": - if field, ok := vtype.FieldByName("_"); ok { - tag = field.Tag - } - return u.unmarshalStruct(value, data, tag) - case "list": - return u.unmarshalList(value, data, tag) - case "map": - return u.unmarshalMap(value, data, tag) - default: - return u.unmarshalScalar(value, data, tag) - } -} - -func (u unmarshaler) unmarshalStruct(value reflect.Value, data interface{}, tag reflect.StructTag) error { - if data == nil { - return nil - } - mapData, ok := data.(map[string]interface{}) - if !ok { - return fmt.Errorf("JSON value is not a structure (%#v)", data) - } - - t := value.Type() - if value.Kind() == reflect.Ptr { - if value.IsNil() { // create the structure if it's nil - s := reflect.New(value.Type().Elem()) - value.Set(s) - value = s - } - - value = value.Elem() - t = t.Elem() - } - - // unwrap any payloads - if payload := tag.Get("payload"); payload != "" { - field, _ := t.FieldByName(payload) - return u.unmarshalAny(value.FieldByName(payload), data, field.Tag) - } - - for i := 0; i < t.NumField(); i++ { - field := t.Field(i) - if field.PkgPath != "" { - continue // ignore unexported fields - } - - // figure out what this field is called - name := field.Name - if locName := field.Tag.Get("locationName"); locName != "" { - name = locName - } - if u.caseInsensitive { - if _, ok := mapData[name]; !ok { - // Fallback to uncased name search if the exact name didn't match. - for kn, v := range mapData { - if strings.EqualFold(kn, name) { - mapData[name] = v - } - } - } - } - - member := value.FieldByIndex(field.Index) - err := u.unmarshalAny(member, mapData[name], field.Tag) - if err != nil { - return err - } - } - return nil -} - -func (u unmarshaler) unmarshalList(value reflect.Value, data interface{}, tag reflect.StructTag) error { - if data == nil { - return nil - } - listData, ok := data.([]interface{}) - if !ok { - return fmt.Errorf("JSON value is not a list (%#v)", data) - } - - if value.IsNil() { - l := len(listData) - value.Set(reflect.MakeSlice(value.Type(), l, l)) - } - - for i, c := range listData { - err := u.unmarshalAny(value.Index(i), c, "") - if err != nil { - return err - } - } - - return nil -} - -func (u unmarshaler) unmarshalMap(value reflect.Value, data interface{}, tag reflect.StructTag) error { - if data == nil { - return nil - } - mapData, ok := data.(map[string]interface{}) - if !ok { - return fmt.Errorf("JSON value is not a map (%#v)", data) - } - - if value.IsNil() { - value.Set(reflect.MakeMap(value.Type())) - } - - for k, v := range mapData { - kvalue := reflect.ValueOf(k) - vvalue := reflect.New(value.Type().Elem()).Elem() - - u.unmarshalAny(vvalue, v, "") - value.SetMapIndex(kvalue, vvalue) - } - - return nil -} - -func (u unmarshaler) unmarshalScalar(value reflect.Value, data interface{}, tag reflect.StructTag) error { - - switch d := data.(type) { - case nil: - return nil // nothing to do here - case string: - switch value.Interface().(type) { - case *string: - value.Set(reflect.ValueOf(&d)) - case []byte: - b, err := base64.StdEncoding.DecodeString(d) - if err != nil { - return err - } - value.Set(reflect.ValueOf(b)) - case *time.Time: - format := tag.Get("timestampFormat") - if len(format) == 0 { - format = protocol.ISO8601TimeFormatName - } - - t, err := protocol.ParseTime(format, d) - if err != nil { - return err - } - value.Set(reflect.ValueOf(&t)) - case aws.JSONValue: - // No need to use escaping as the value is a non-quoted string. - v, err := protocol.DecodeJSONValue(d, protocol.NoEscape) - if err != nil { - return err - } - value.Set(reflect.ValueOf(v)) - case *float64: - // These are regular strings when parsed by encoding/json's unmarshaler. - switch { - case strings.EqualFold(d, floatNaN): - value.Set(reflect.ValueOf(aws.Float64(math.NaN()))) - case strings.EqualFold(d, floatInf): - value.Set(reflect.ValueOf(aws.Float64(math.Inf(1)))) - case strings.EqualFold(d, floatNegInf): - value.Set(reflect.ValueOf(aws.Float64(math.Inf(-1)))) - default: - return fmt.Errorf("unknown JSON number value: %s", d) - } - default: - return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type()) - } - case json.Number: - switch value.Interface().(type) { - case *int64: - // Retain the old behavior where we would just truncate the float64 - // calling d.Int64() here could cause an invalid syntax error due to the usage of strconv.ParseInt - f, err := d.Float64() - if err != nil { - return err - } - di := int64(f) - value.Set(reflect.ValueOf(&di)) - case *float64: - f, err := d.Float64() - if err != nil { - return err - } - value.Set(reflect.ValueOf(&f)) - case *time.Time: - float, ok := new(big.Float).SetString(d.String()) - if !ok { - return fmt.Errorf("unsupported float time representation: %v", d.String()) - } - float = float.Mul(float, millisecondsFloat) - ms, _ := float.Int64() - t := time.Unix(0, ms*1e6).UTC() - value.Set(reflect.ValueOf(&t)) - default: - return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type()) - } - case bool: - switch value.Interface().(type) { - case *bool: - value.Set(reflect.ValueOf(&d)) - default: - return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type()) - } - default: - return fmt.Errorf("unsupported JSON value (%v)", data) - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go deleted file mode 100644 index d9aa2711..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go +++ /dev/null @@ -1,87 +0,0 @@ -// Package jsonrpc provides JSON RPC utilities for serialization of AWS -// requests and responses. -package jsonrpc - -//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/json.json build_test.go -//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/json.json unmarshal_test.go - -import ( - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" - "github.com/aws/aws-sdk-go/private/protocol/rest" -) - -var emptyJSON = []byte("{}") - -// BuildHandler is a named request handler for building jsonrpc protocol -// requests -var BuildHandler = request.NamedHandler{ - Name: "awssdk.jsonrpc.Build", - Fn: Build, -} - -// UnmarshalHandler is a named request handler for unmarshaling jsonrpc -// protocol requests -var UnmarshalHandler = request.NamedHandler{ - Name: "awssdk.jsonrpc.Unmarshal", - Fn: Unmarshal, -} - -// UnmarshalMetaHandler is a named request handler for unmarshaling jsonrpc -// protocol request metadata -var UnmarshalMetaHandler = request.NamedHandler{ - Name: "awssdk.jsonrpc.UnmarshalMeta", - Fn: UnmarshalMeta, -} - -// Build builds a JSON payload for a JSON RPC request. -func Build(req *request.Request) { - var buf []byte - var err error - if req.ParamsFilled() { - buf, err = jsonutil.BuildJSON(req.Params) - if err != nil { - req.Error = awserr.New(request.ErrCodeSerialization, "failed encoding JSON RPC request", err) - return - } - } else { - buf = emptyJSON - } - - // Always serialize the body, don't suppress it. - req.SetBufferBody(buf) - - if req.ClientInfo.TargetPrefix != "" { - target := req.ClientInfo.TargetPrefix + "." + req.Operation.Name - req.HTTPRequest.Header.Add("X-Amz-Target", target) - } - - // Only set the content type if one is not already specified and an - // JSONVersion is specified. - if ct, v := req.HTTPRequest.Header.Get("Content-Type"), req.ClientInfo.JSONVersion; len(ct) == 0 && len(v) != 0 { - jsonVersion := req.ClientInfo.JSONVersion - req.HTTPRequest.Header.Set("Content-Type", "application/x-amz-json-"+jsonVersion) - } -} - -// Unmarshal unmarshals a response for a JSON RPC service. -func Unmarshal(req *request.Request) { - defer req.HTTPResponse.Body.Close() - if req.DataFilled() { - err := jsonutil.UnmarshalJSON(req.Data, req.HTTPResponse.Body) - if err != nil { - req.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, "failed decoding JSON RPC response", err), - req.HTTPResponse.StatusCode, - req.RequestID, - ) - } - } - return -} - -// UnmarshalMeta unmarshals headers from a response for a JSON RPC service. -func UnmarshalMeta(req *request.Request) { - rest.UnmarshalMeta(req) -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go deleted file mode 100644 index 9c1ccde5..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go +++ /dev/null @@ -1,160 +0,0 @@ -package jsonrpc - -import ( - "bytes" - "io" - "io/ioutil" - "net/http" - "strings" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol" - "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" -) - -const ( - awsQueryError = "x-amzn-query-error" - // A valid header example - "x-amzn-query-error": ";" - awsQueryErrorPartsCount = 2 -) - -// UnmarshalTypedError provides unmarshaling errors API response errors -// for both typed and untyped errors. -type UnmarshalTypedError struct { - exceptions map[string]func(protocol.ResponseMetadata) error - queryExceptions map[string]func(protocol.ResponseMetadata, string) error -} - -// NewUnmarshalTypedError returns an UnmarshalTypedError initialized for the -// set of exception names to the error unmarshalers -func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError { - return &UnmarshalTypedError{ - exceptions: exceptions, - queryExceptions: map[string]func(protocol.ResponseMetadata, string) error{}, - } -} - -// NewUnmarshalTypedErrorWithOptions works similar to NewUnmarshalTypedError applying options to the UnmarshalTypedError -// before returning it -func NewUnmarshalTypedErrorWithOptions(exceptions map[string]func(protocol.ResponseMetadata) error, optFns ...func(*UnmarshalTypedError)) *UnmarshalTypedError { - unmarshaledError := NewUnmarshalTypedError(exceptions) - for _, fn := range optFns { - fn(unmarshaledError) - } - return unmarshaledError -} - -// WithQueryCompatibility is a helper function to construct a functional option for use with NewUnmarshalTypedErrorWithOptions. -// The queryExceptions given act as an override for unmarshalling errors when query compatible error codes are found. -// See also [awsQueryCompatible trait] -// -// [awsQueryCompatible trait]: https://smithy.io/2.0/aws/protocols/aws-query-protocol.html#aws-protocols-awsquerycompatible-trait -func WithQueryCompatibility(queryExceptions map[string]func(protocol.ResponseMetadata, string) error) func(*UnmarshalTypedError) { - return func(typedError *UnmarshalTypedError) { - typedError.queryExceptions = queryExceptions - } -} - -// UnmarshalError attempts to unmarshal the HTTP response error as a known -// error type. If unable to unmarshal the error type, the generic SDK error -// type will be used. -func (u *UnmarshalTypedError) UnmarshalError( - resp *http.Response, - respMeta protocol.ResponseMetadata, -) (error, error) { - - var buf bytes.Buffer - var jsonErr jsonErrorResponse - teeReader := io.TeeReader(resp.Body, &buf) - err := jsonutil.UnmarshalJSONError(&jsonErr, teeReader) - if err != nil { - return nil, err - } - body := ioutil.NopCloser(&buf) - - // Code may be separated by hash(#), with the last element being the code - // used by the SDK. - codeParts := strings.SplitN(jsonErr.Code, "#", 2) - code := codeParts[len(codeParts)-1] - msg := jsonErr.Message - - queryCodeParts := queryCodeParts(resp, u) - - if fn, ok := u.exceptions[code]; ok { - // If query-compatible exceptions are found and query-error-header is found, - // then use associated constructor to get exception with query error code. - // - // If exception code is known, use associated constructor to get a value - // for the exception that the JSON body can be unmarshaled into. - var v error - queryErrFn, queryExceptionsFound := u.queryExceptions[code] - if len(queryCodeParts) == awsQueryErrorPartsCount && queryExceptionsFound { - v = queryErrFn(respMeta, queryCodeParts[0]) - } else { - v = fn(respMeta) - } - err := jsonutil.UnmarshalJSONCaseInsensitive(v, body) - if err != nil { - return nil, err - } - return v, nil - } - - if len(queryCodeParts) == awsQueryErrorPartsCount && len(u.queryExceptions) > 0 { - code = queryCodeParts[0] - } - - // fallback to unmodeled generic exceptions - return awserr.NewRequestFailure( - awserr.New(code, msg, nil), - respMeta.StatusCode, - respMeta.RequestID, - ), nil -} - -// A valid header example - "x-amzn-query-error": ";" -func queryCodeParts(resp *http.Response, u *UnmarshalTypedError) []string { - queryCodeHeader := resp.Header.Get(awsQueryError) - var queryCodeParts []string - if queryCodeHeader != "" && len(u.queryExceptions) > 0 { - queryCodeParts = strings.Split(queryCodeHeader, ";") - } - return queryCodeParts -} - -// UnmarshalErrorHandler is a named request handler for unmarshaling jsonrpc -// protocol request errors -var UnmarshalErrorHandler = request.NamedHandler{ - Name: "awssdk.jsonrpc.UnmarshalError", - Fn: UnmarshalError, -} - -// UnmarshalError unmarshals an error response for a JSON RPC service. -func UnmarshalError(req *request.Request) { - defer req.HTTPResponse.Body.Close() - - var jsonErr jsonErrorResponse - err := jsonutil.UnmarshalJSONError(&jsonErr, req.HTTPResponse.Body) - if err != nil { - req.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to unmarshal error message", err), - req.HTTPResponse.StatusCode, - req.RequestID, - ) - return - } - - codes := strings.SplitN(jsonErr.Code, "#", 2) - req.Error = awserr.NewRequestFailure( - awserr.New(codes[len(codes)-1], jsonErr.Message, nil), - req.HTTPResponse.StatusCode, - req.RequestID, - ) -} - -type jsonErrorResponse struct { - Code string `json:"__type"` - Message string `json:"message"` -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonvalue.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonvalue.go deleted file mode 100644 index 776d1101..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonvalue.go +++ /dev/null @@ -1,76 +0,0 @@ -package protocol - -import ( - "encoding/base64" - "encoding/json" - "fmt" - "strconv" - - "github.com/aws/aws-sdk-go/aws" -) - -// EscapeMode is the mode that should be use for escaping a value -type EscapeMode uint - -// The modes for escaping a value before it is marshaled, and unmarshaled. -const ( - NoEscape EscapeMode = iota - Base64Escape - QuotedEscape -) - -// EncodeJSONValue marshals the value into a JSON string, and optionally base64 -// encodes the string before returning it. -// -// Will panic if the escape mode is unknown. -func EncodeJSONValue(v aws.JSONValue, escape EscapeMode) (string, error) { - b, err := json.Marshal(v) - if err != nil { - return "", err - } - - switch escape { - case NoEscape: - return string(b), nil - case Base64Escape: - return base64.StdEncoding.EncodeToString(b), nil - case QuotedEscape: - return strconv.Quote(string(b)), nil - } - - panic(fmt.Sprintf("EncodeJSONValue called with unknown EscapeMode, %v", escape)) -} - -// DecodeJSONValue will attempt to decode the string input as a JSONValue. -// Optionally decoding base64 the value first before JSON unmarshaling. -// -// Will panic if the escape mode is unknown. -func DecodeJSONValue(v string, escape EscapeMode) (aws.JSONValue, error) { - var b []byte - var err error - - switch escape { - case NoEscape: - b = []byte(v) - case Base64Escape: - b, err = base64.StdEncoding.DecodeString(v) - case QuotedEscape: - var u string - u, err = strconv.Unquote(v) - b = []byte(u) - default: - panic(fmt.Sprintf("DecodeJSONValue called with unknown EscapeMode, %v", escape)) - } - - if err != nil { - return nil, err - } - - m := aws.JSONValue{} - err = json.Unmarshal(b, &m) - if err != nil { - return nil, err - } - - return m, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go deleted file mode 100644 index 0ea0647a..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/payload.go +++ /dev/null @@ -1,81 +0,0 @@ -package protocol - -import ( - "io" - "io/ioutil" - "net/http" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/request" -) - -// PayloadUnmarshaler provides the interface for unmarshaling a payload's -// reader into a SDK shape. -type PayloadUnmarshaler interface { - UnmarshalPayload(io.Reader, interface{}) error -} - -// HandlerPayloadUnmarshal implements the PayloadUnmarshaler from a -// HandlerList. This provides the support for unmarshaling a payload reader to -// a shape without needing a SDK request first. -type HandlerPayloadUnmarshal struct { - Unmarshalers request.HandlerList -} - -// UnmarshalPayload unmarshals the io.Reader payload into the SDK shape using -// the Unmarshalers HandlerList provided. Returns an error if unable -// unmarshaling fails. -func (h HandlerPayloadUnmarshal) UnmarshalPayload(r io.Reader, v interface{}) error { - req := &request.Request{ - HTTPRequest: &http.Request{}, - HTTPResponse: &http.Response{ - StatusCode: 200, - Header: http.Header{}, - Body: ioutil.NopCloser(r), - }, - Data: v, - } - - h.Unmarshalers.Run(req) - - return req.Error -} - -// PayloadMarshaler provides the interface for marshaling a SDK shape into and -// io.Writer. -type PayloadMarshaler interface { - MarshalPayload(io.Writer, interface{}) error -} - -// HandlerPayloadMarshal implements the PayloadMarshaler from a HandlerList. -// This provides support for marshaling a SDK shape into an io.Writer without -// needing a SDK request first. -type HandlerPayloadMarshal struct { - Marshalers request.HandlerList -} - -// MarshalPayload marshals the SDK shape into the io.Writer using the -// Marshalers HandlerList provided. Returns an error if unable if marshal -// fails. -func (h HandlerPayloadMarshal) MarshalPayload(w io.Writer, v interface{}) error { - req := request.New( - aws.Config{}, - metadata.ClientInfo{}, - request.Handlers{}, - nil, - &request.Operation{HTTPMethod: "PUT"}, - v, - nil, - ) - - h.Marshalers.Run(req) - - if req.Error != nil { - return req.Error - } - - io.Copy(w, req.GetBody()) - - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go deleted file mode 100644 index 9d521dcb..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/protocol.go +++ /dev/null @@ -1,49 +0,0 @@ -package protocol - -import ( - "fmt" - "strings" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" -) - -// RequireHTTPMinProtocol request handler is used to enforce that -// the target endpoint supports the given major and minor HTTP protocol version. -type RequireHTTPMinProtocol struct { - Major, Minor int -} - -// Handler will mark the request.Request with an error if the -// target endpoint did not connect with the required HTTP protocol -// major and minor version. -func (p RequireHTTPMinProtocol) Handler(r *request.Request) { - if r.Error != nil || r.HTTPResponse == nil { - return - } - - if !strings.HasPrefix(r.HTTPResponse.Proto, "HTTP") { - r.Error = newMinHTTPProtoError(p.Major, p.Minor, r) - } - - if r.HTTPResponse.ProtoMajor < p.Major || r.HTTPResponse.ProtoMinor < p.Minor { - r.Error = newMinHTTPProtoError(p.Major, p.Minor, r) - } -} - -// ErrCodeMinimumHTTPProtocolError error code is returned when the target endpoint -// did not match the required HTTP major and minor protocol version. -const ErrCodeMinimumHTTPProtocolError = "MinimumHTTPProtocolError" - -func newMinHTTPProtoError(major, minor int, r *request.Request) error { - return awserr.NewRequestFailure( - awserr.New("MinimumHTTPProtocolError", - fmt.Sprintf( - "operation requires minimum HTTP protocol of HTTP/%d.%d, but was %s", - major, minor, r.HTTPResponse.Proto, - ), - nil, - ), - r.HTTPResponse.StatusCode, r.RequestID, - ) -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go deleted file mode 100644 index d40346a7..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/build.go +++ /dev/null @@ -1,36 +0,0 @@ -// Package query provides serialization of AWS query requests, and responses. -package query - -//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/query.json build_test.go - -import ( - "net/url" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/query/queryutil" -) - -// BuildHandler is a named request handler for building query protocol requests -var BuildHandler = request.NamedHandler{Name: "awssdk.query.Build", Fn: Build} - -// Build builds a request for an AWS Query service. -func Build(r *request.Request) { - body := url.Values{ - "Action": {r.Operation.Name}, - "Version": {r.ClientInfo.APIVersion}, - } - if err := queryutil.Parse(body, r.Params, false); err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "failed encoding Query request", err) - return - } - - if !r.IsPresigned() { - r.HTTPRequest.Method = "POST" - r.HTTPRequest.Header.Set("Content-Type", "application/x-www-form-urlencoded; charset=utf-8") - r.SetBufferBody([]byte(body.Encode())) - } else { // This is a pre-signed request - r.HTTPRequest.Method = "GET" - r.HTTPRequest.URL.RawQuery = body.Encode() - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/queryutil/queryutil.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/queryutil/queryutil.go deleted file mode 100644 index 2ca0b19d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/queryutil/queryutil.go +++ /dev/null @@ -1,276 +0,0 @@ -package queryutil - -import ( - "encoding/base64" - "fmt" - "math" - "net/url" - "reflect" - "sort" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/private/protocol" -) - -const ( - floatNaN = "NaN" - floatInf = "Infinity" - floatNegInf = "-Infinity" -) - -// Parse parses an object i and fills a url.Values object. The isEC2 flag -// indicates if this is the EC2 Query sub-protocol. -func Parse(body url.Values, i interface{}, isEC2 bool) error { - q := queryParser{isEC2: isEC2} - return q.parseValue(body, reflect.ValueOf(i), "", "") -} - -func elemOf(value reflect.Value) reflect.Value { - for value.Kind() == reflect.Ptr { - value = value.Elem() - } - return value -} - -type queryParser struct { - isEC2 bool -} - -func (q *queryParser) parseValue(v url.Values, value reflect.Value, prefix string, tag reflect.StructTag) error { - value = elemOf(value) - - // no need to handle zero values - if !value.IsValid() { - return nil - } - - t := tag.Get("type") - if t == "" { - switch value.Kind() { - case reflect.Struct: - t = "structure" - case reflect.Slice: - t = "list" - case reflect.Map: - t = "map" - } - } - - switch t { - case "structure": - return q.parseStruct(v, value, prefix) - case "list": - return q.parseList(v, value, prefix, tag) - case "map": - return q.parseMap(v, value, prefix, tag) - default: - return q.parseScalar(v, value, prefix, tag) - } -} - -func (q *queryParser) parseStruct(v url.Values, value reflect.Value, prefix string) error { - if !value.IsValid() { - return nil - } - - t := value.Type() - for i := 0; i < value.NumField(); i++ { - elemValue := elemOf(value.Field(i)) - field := t.Field(i) - - if field.PkgPath != "" { - continue // ignore unexported fields - } - if field.Tag.Get("ignore") != "" { - continue - } - - if protocol.CanSetIdempotencyToken(value.Field(i), field) { - token := protocol.GetIdempotencyToken() - elemValue = reflect.ValueOf(token) - } - - var name string - if q.isEC2 { - name = field.Tag.Get("queryName") - } - if name == "" { - if field.Tag.Get("flattened") != "" && field.Tag.Get("locationNameList") != "" { - name = field.Tag.Get("locationNameList") - } else if locName := field.Tag.Get("locationName"); locName != "" { - name = locName - } - if name != "" && q.isEC2 { - name = strings.ToUpper(name[0:1]) + name[1:] - } - } - if name == "" { - name = field.Name - } - - if prefix != "" { - name = prefix + "." + name - } - - if err := q.parseValue(v, elemValue, name, field.Tag); err != nil { - return err - } - } - return nil -} - -func (q *queryParser) parseList(v url.Values, value reflect.Value, prefix string, tag reflect.StructTag) error { - // If it's empty, and not ec2, generate an empty value - if !value.IsNil() && value.Len() == 0 && !q.isEC2 { - v.Set(prefix, "") - return nil - } - - if _, ok := value.Interface().([]byte); ok { - return q.parseScalar(v, value, prefix, tag) - } - - // check for unflattened list member - if !q.isEC2 && tag.Get("flattened") == "" { - if listName := tag.Get("locationNameList"); listName == "" { - prefix += ".member" - } else { - prefix += "." + listName - } - } - - for i := 0; i < value.Len(); i++ { - slicePrefix := prefix - if slicePrefix == "" { - slicePrefix = strconv.Itoa(i + 1) - } else { - slicePrefix = slicePrefix + "." + strconv.Itoa(i+1) - } - if err := q.parseValue(v, value.Index(i), slicePrefix, ""); err != nil { - return err - } - } - return nil -} - -func (q *queryParser) parseMap(v url.Values, value reflect.Value, prefix string, tag reflect.StructTag) error { - // If it's empty, generate an empty value - if !value.IsNil() && value.Len() == 0 { - v.Set(prefix, "") - return nil - } - - // check for unflattened list member - if !q.isEC2 && tag.Get("flattened") == "" { - prefix += ".entry" - } - - // sort keys for improved serialization consistency. - // this is not strictly necessary for protocol support. - mapKeyValues := value.MapKeys() - mapKeys := map[string]reflect.Value{} - mapKeyNames := make([]string, len(mapKeyValues)) - for i, mapKey := range mapKeyValues { - name := mapKey.String() - mapKeys[name] = mapKey - mapKeyNames[i] = name - } - sort.Strings(mapKeyNames) - - for i, mapKeyName := range mapKeyNames { - mapKey := mapKeys[mapKeyName] - mapValue := value.MapIndex(mapKey) - - kname := tag.Get("locationNameKey") - if kname == "" { - kname = "key" - } - vname := tag.Get("locationNameValue") - if vname == "" { - vname = "value" - } - - // serialize key - var keyName string - if prefix == "" { - keyName = strconv.Itoa(i+1) + "." + kname - } else { - keyName = prefix + "." + strconv.Itoa(i+1) + "." + kname - } - - if err := q.parseValue(v, mapKey, keyName, ""); err != nil { - return err - } - - // serialize value - var valueName string - if prefix == "" { - valueName = strconv.Itoa(i+1) + "." + vname - } else { - valueName = prefix + "." + strconv.Itoa(i+1) + "." + vname - } - - if err := q.parseValue(v, mapValue, valueName, ""); err != nil { - return err - } - } - - return nil -} - -func (q *queryParser) parseScalar(v url.Values, r reflect.Value, name string, tag reflect.StructTag) error { - switch value := r.Interface().(type) { - case string: - v.Set(name, value) - case []byte: - if !r.IsNil() { - v.Set(name, base64.StdEncoding.EncodeToString(value)) - } - case bool: - v.Set(name, strconv.FormatBool(value)) - case int64: - v.Set(name, strconv.FormatInt(value, 10)) - case int: - v.Set(name, strconv.Itoa(value)) - case float64: - var str string - switch { - case math.IsNaN(value): - str = floatNaN - case math.IsInf(value, 1): - str = floatInf - case math.IsInf(value, -1): - str = floatNegInf - default: - str = strconv.FormatFloat(value, 'f', -1, 64) - } - v.Set(name, str) - case float32: - asFloat64 := float64(value) - var str string - switch { - case math.IsNaN(asFloat64): - str = floatNaN - case math.IsInf(asFloat64, 1): - str = floatInf - case math.IsInf(asFloat64, -1): - str = floatNegInf - default: - str = strconv.FormatFloat(asFloat64, 'f', -1, 32) - } - v.Set(name, str) - case time.Time: - const ISO8601UTC = "2006-01-02T15:04:05Z" - format := tag.Get("timestampFormat") - if len(format) == 0 { - format = protocol.ISO8601TimeFormatName - } - - v.Set(name, protocol.FormatTime(format, value)) - default: - return fmt.Errorf("unsupported value for param %s: %v (%s)", name, r.Interface(), r.Type().Name()) - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go deleted file mode 100644 index 9231e95d..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal.go +++ /dev/null @@ -1,39 +0,0 @@ -package query - -//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/query.json unmarshal_test.go - -import ( - "encoding/xml" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil" -) - -// UnmarshalHandler is a named request handler for unmarshaling query protocol requests -var UnmarshalHandler = request.NamedHandler{Name: "awssdk.query.Unmarshal", Fn: Unmarshal} - -// UnmarshalMetaHandler is a named request handler for unmarshaling query protocol request metadata -var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.query.UnmarshalMeta", Fn: UnmarshalMeta} - -// Unmarshal unmarshals a response for an AWS Query service. -func Unmarshal(r *request.Request) { - defer r.HTTPResponse.Body.Close() - if r.DataFilled() { - decoder := xml.NewDecoder(r.HTTPResponse.Body) - err := xmlutil.UnmarshalXML(r.Data, decoder, r.Operation.Name+"Result") - if err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, "failed decoding Query response", err), - r.HTTPResponse.StatusCode, - r.RequestID, - ) - return - } - } -} - -// UnmarshalMeta unmarshals header response values for an AWS Query service. -func UnmarshalMeta(r *request.Request) { - r.RequestID = r.HTTPResponse.Header.Get("X-Amzn-Requestid") -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go deleted file mode 100644 index 2c0cbba9..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go +++ /dev/null @@ -1,70 +0,0 @@ -package query - -import ( - "encoding/xml" - "fmt" - "strings" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil" -) - -// UnmarshalErrorHandler is a name request handler to unmarshal request errors -var UnmarshalErrorHandler = request.NamedHandler{Name: "awssdk.query.UnmarshalError", Fn: UnmarshalError} - -type xmlErrorResponse struct { - Code string `xml:"Error>Code"` - Message string `xml:"Error>Message"` - RequestID string `xml:"RequestId"` -} - -type xmlResponseError struct { - xmlErrorResponse -} - -func (e *xmlResponseError) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error { - const svcUnavailableTagName = "ServiceUnavailableException" - const errorResponseTagName = "ErrorResponse" - - switch start.Name.Local { - case svcUnavailableTagName: - e.Code = svcUnavailableTagName - e.Message = "service is unavailable" - return d.Skip() - - case errorResponseTagName: - return d.DecodeElement(&e.xmlErrorResponse, &start) - - default: - return fmt.Errorf("unknown error response tag, %v", start) - } -} - -// UnmarshalError unmarshals an error response for an AWS Query service. -func UnmarshalError(r *request.Request) { - defer r.HTTPResponse.Body.Close() - - var respErr xmlResponseError - err := xmlutil.UnmarshalXMLError(&respErr, r.HTTPResponse.Body) - if err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to unmarshal error message", err), - r.HTTPResponse.StatusCode, - r.RequestID, - ) - return - } - - reqID := respErr.RequestID - if len(reqID) == 0 { - reqID = r.RequestID - } - - r.Error = awserr.NewRequestFailure( - awserr.New(strings.TrimSpace(respErr.Code), strings.TrimSpace(respErr.Message), nil), - r.HTTPResponse.StatusCode, - reqID, - ) -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go deleted file mode 100644 index ecc521f8..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go +++ /dev/null @@ -1,353 +0,0 @@ -// Package rest provides RESTful serialization of AWS requests and responses. -package rest - -import ( - "bytes" - "encoding/base64" - "fmt" - "io" - "math" - "net/http" - "net/url" - "path" - "reflect" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol" -) - -const ( - floatNaN = "NaN" - floatInf = "Infinity" - floatNegInf = "-Infinity" -) - -// Whether the byte value can be sent without escaping in AWS URLs -var noEscape [256]bool - -var errValueNotSet = fmt.Errorf("value not set") - -var byteSliceType = reflect.TypeOf([]byte{}) - -func init() { - for i := 0; i < len(noEscape); i++ { - // AWS expects every character except these to be escaped - noEscape[i] = (i >= 'A' && i <= 'Z') || - (i >= 'a' && i <= 'z') || - (i >= '0' && i <= '9') || - i == '-' || - i == '.' || - i == '_' || - i == '~' - } -} - -// BuildHandler is a named request handler for building rest protocol requests -var BuildHandler = request.NamedHandler{Name: "awssdk.rest.Build", Fn: Build} - -// Build builds the REST component of a service request. -func Build(r *request.Request) { - if r.ParamsFilled() { - v := reflect.ValueOf(r.Params).Elem() - buildLocationElements(r, v, false) - buildBody(r, v) - } -} - -// BuildAsGET builds the REST component of a service request with the ability to hoist -// data from the body. -func BuildAsGET(r *request.Request) { - if r.ParamsFilled() { - v := reflect.ValueOf(r.Params).Elem() - buildLocationElements(r, v, true) - buildBody(r, v) - } -} - -func buildLocationElements(r *request.Request, v reflect.Value, buildGETQuery bool) { - query := r.HTTPRequest.URL.Query() - - // Setup the raw path to match the base path pattern. This is needed - // so that when the path is mutated a custom escaped version can be - // stored in RawPath that will be used by the Go client. - r.HTTPRequest.URL.RawPath = r.HTTPRequest.URL.Path - - for i := 0; i < v.NumField(); i++ { - m := v.Field(i) - if n := v.Type().Field(i).Name; n[0:1] == strings.ToLower(n[0:1]) { - continue - } - - if m.IsValid() { - field := v.Type().Field(i) - name := field.Tag.Get("locationName") - if name == "" { - name = field.Name - } - if kind := m.Kind(); kind == reflect.Ptr { - m = m.Elem() - } else if kind == reflect.Interface { - if !m.Elem().IsValid() { - continue - } - } - if !m.IsValid() { - continue - } - if field.Tag.Get("ignore") != "" { - continue - } - - // Support the ability to customize values to be marshaled as a - // blob even though they were modeled as a string. Required for S3 - // API operations like SSECustomerKey is modeled as string but - // required to be base64 encoded in request. - if field.Tag.Get("marshal-as") == "blob" { - m = m.Convert(byteSliceType) - } - - var err error - switch field.Tag.Get("location") { - case "headers": // header maps - err = buildHeaderMap(&r.HTTPRequest.Header, m, field.Tag) - case "header": - err = buildHeader(&r.HTTPRequest.Header, m, name, field.Tag) - case "uri": - err = buildURI(r.HTTPRequest.URL, m, name, field.Tag) - case "querystring": - err = buildQueryString(query, m, name, field.Tag) - default: - if buildGETQuery { - err = buildQueryString(query, m, name, field.Tag) - } - } - r.Error = err - } - if r.Error != nil { - return - } - } - - r.HTTPRequest.URL.RawQuery = query.Encode() - if !aws.BoolValue(r.Config.DisableRestProtocolURICleaning) { - cleanPath(r.HTTPRequest.URL) - } -} - -func buildBody(r *request.Request, v reflect.Value) { - if field, ok := v.Type().FieldByName("_"); ok { - if payloadName := field.Tag.Get("payload"); payloadName != "" { - pfield, _ := v.Type().FieldByName(payloadName) - if ptag := pfield.Tag.Get("type"); ptag != "" && ptag != "structure" { - payload := reflect.Indirect(v.FieldByName(payloadName)) - if payload.IsValid() && payload.Interface() != nil { - switch reader := payload.Interface().(type) { - case io.ReadSeeker: - r.SetReaderBody(reader) - case []byte: - r.SetBufferBody(reader) - case string: - r.SetStringBody(reader) - default: - r.Error = awserr.New(request.ErrCodeSerialization, - "failed to encode REST request", - fmt.Errorf("unknown payload type %s", payload.Type())) - } - } - } - } - } -} - -func buildHeader(header *http.Header, v reflect.Value, name string, tag reflect.StructTag) error { - str, err := convertType(v, tag) - if err == errValueNotSet { - return nil - } else if err != nil { - return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err) - } - - name = strings.TrimSpace(name) - str = strings.TrimSpace(str) - - header.Add(name, str) - - return nil -} - -func buildHeaderMap(header *http.Header, v reflect.Value, tag reflect.StructTag) error { - prefix := tag.Get("locationName") - for _, key := range v.MapKeys() { - str, err := convertType(v.MapIndex(key), tag) - if err == errValueNotSet { - continue - } else if err != nil { - return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err) - - } - keyStr := strings.TrimSpace(key.String()) - str = strings.TrimSpace(str) - - header.Add(prefix+keyStr, str) - } - return nil -} - -func buildURI(u *url.URL, v reflect.Value, name string, tag reflect.StructTag) error { - value, err := convertType(v, tag) - if err == errValueNotSet { - return nil - } else if err != nil { - return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err) - } - - u.Path = strings.Replace(u.Path, "{"+name+"}", value, -1) - u.Path = strings.Replace(u.Path, "{"+name+"+}", value, -1) - - u.RawPath = strings.Replace(u.RawPath, "{"+name+"}", EscapePath(value, true), -1) - u.RawPath = strings.Replace(u.RawPath, "{"+name+"+}", EscapePath(value, false), -1) - - return nil -} - -func buildQueryString(query url.Values, v reflect.Value, name string, tag reflect.StructTag) error { - switch value := v.Interface().(type) { - case []*string: - for _, item := range value { - query.Add(name, *item) - } - case map[string]*string: - for key, item := range value { - query.Add(key, *item) - } - case map[string][]*string: - for key, items := range value { - for _, item := range items { - query.Add(key, *item) - } - } - default: - str, err := convertType(v, tag) - if err == errValueNotSet { - return nil - } else if err != nil { - return awserr.New(request.ErrCodeSerialization, "failed to encode REST request", err) - } - query.Set(name, str) - } - - return nil -} - -func cleanPath(u *url.URL) { - hasSlash := strings.HasSuffix(u.Path, "/") - - // clean up path, removing duplicate `/` - u.Path = path.Clean(u.Path) - u.RawPath = path.Clean(u.RawPath) - - if hasSlash && !strings.HasSuffix(u.Path, "/") { - u.Path += "/" - u.RawPath += "/" - } -} - -// EscapePath escapes part of a URL path in Amazon style -func EscapePath(path string, encodeSep bool) string { - var buf bytes.Buffer - for i := 0; i < len(path); i++ { - c := path[i] - if noEscape[c] || (c == '/' && !encodeSep) { - buf.WriteByte(c) - } else { - fmt.Fprintf(&buf, "%%%02X", c) - } - } - return buf.String() -} - -func convertType(v reflect.Value, tag reflect.StructTag) (str string, err error) { - v = reflect.Indirect(v) - if !v.IsValid() { - return "", errValueNotSet - } - - switch value := v.Interface().(type) { - case string: - if tag.Get("suppressedJSONValue") == "true" && tag.Get("location") == "header" { - value = base64.StdEncoding.EncodeToString([]byte(value)) - } - str = value - case []*string: - if tag.Get("location") != "header" || tag.Get("enum") == "" { - return "", fmt.Errorf("%T is only supported with location header and enum shapes", value) - } - if len(value) == 0 { - return "", errValueNotSet - } - - buff := &bytes.Buffer{} - for i, sv := range value { - if sv == nil || len(*sv) == 0 { - continue - } - if i != 0 { - buff.WriteRune(',') - } - item := *sv - if strings.Index(item, `,`) != -1 || strings.Index(item, `"`) != -1 { - item = strconv.Quote(item) - } - buff.WriteString(item) - } - str = string(buff.Bytes()) - case []byte: - str = base64.StdEncoding.EncodeToString(value) - case bool: - str = strconv.FormatBool(value) - case int64: - str = strconv.FormatInt(value, 10) - case float64: - switch { - case math.IsNaN(value): - str = floatNaN - case math.IsInf(value, 1): - str = floatInf - case math.IsInf(value, -1): - str = floatNegInf - default: - str = strconv.FormatFloat(value, 'f', -1, 64) - } - case time.Time: - format := tag.Get("timestampFormat") - if len(format) == 0 { - format = protocol.RFC822TimeFormatName - if tag.Get("location") == "querystring" { - format = protocol.ISO8601TimeFormatName - } - } - str = protocol.FormatTime(format, value) - case aws.JSONValue: - if len(value) == 0 { - return "", errValueNotSet - } - escaping := protocol.NoEscape - if tag.Get("location") == "header" { - escaping = protocol.Base64Escape - } - str, err = protocol.EncodeJSONValue(value, escaping) - if err != nil { - return "", fmt.Errorf("unable to encode JSONValue, %v", err) - } - default: - err := fmt.Errorf("unsupported value for param %v (%s)", v.Interface(), v.Type()) - return "", err - } - - return str, nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/payload.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/payload.go deleted file mode 100644 index b54c99ed..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/payload.go +++ /dev/null @@ -1,54 +0,0 @@ -package rest - -import "reflect" - -// PayloadMember returns the payload field member of i if there is one, or nil. -func PayloadMember(i interface{}) interface{} { - if i == nil { - return nil - } - - v := reflect.ValueOf(i).Elem() - if !v.IsValid() { - return nil - } - if field, ok := v.Type().FieldByName("_"); ok { - if payloadName := field.Tag.Get("payload"); payloadName != "" { - field, _ := v.Type().FieldByName(payloadName) - if field.Tag.Get("type") != "structure" { - return nil - } - - payload := v.FieldByName(payloadName) - if payload.IsValid() || (payload.Kind() == reflect.Ptr && !payload.IsNil()) { - return payload.Interface() - } - } - } - return nil -} - -const nopayloadPayloadType = "nopayload" - -// PayloadType returns the type of a payload field member of i if there is one, -// or "". -func PayloadType(i interface{}) string { - v := reflect.Indirect(reflect.ValueOf(i)) - if !v.IsValid() { - return "" - } - - if field, ok := v.Type().FieldByName("_"); ok { - if noPayload := field.Tag.Get(nopayloadPayloadType); noPayload != "" { - return nopayloadPayloadType - } - - if payloadName := field.Tag.Get("payload"); payloadName != "" { - if member, ok := v.Type().FieldByName(payloadName); ok { - return member.Tag.Get("type") - } - } - } - - return "" -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go deleted file mode 100644 index 79fcf169..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go +++ /dev/null @@ -1,276 +0,0 @@ -package rest - -import ( - "bytes" - "encoding/base64" - "fmt" - "io" - "io/ioutil" - "math" - "net/http" - "reflect" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - awsStrings "github.com/aws/aws-sdk-go/internal/strings" - "github.com/aws/aws-sdk-go/private/protocol" -) - -// UnmarshalHandler is a named request handler for unmarshaling rest protocol requests -var UnmarshalHandler = request.NamedHandler{Name: "awssdk.rest.Unmarshal", Fn: Unmarshal} - -// UnmarshalMetaHandler is a named request handler for unmarshaling rest protocol request metadata -var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.rest.UnmarshalMeta", Fn: UnmarshalMeta} - -// Unmarshal unmarshals the REST component of a response in a REST service. -func Unmarshal(r *request.Request) { - if r.DataFilled() { - v := reflect.Indirect(reflect.ValueOf(r.Data)) - if err := unmarshalBody(r, v); err != nil { - r.Error = err - } - } -} - -// UnmarshalMeta unmarshals the REST metadata of a response in a REST service -func UnmarshalMeta(r *request.Request) { - r.RequestID = r.HTTPResponse.Header.Get("X-Amzn-Requestid") - if r.RequestID == "" { - // Alternative version of request id in the header - r.RequestID = r.HTTPResponse.Header.Get("X-Amz-Request-Id") - } - if r.DataFilled() { - if err := UnmarshalResponse(r.HTTPResponse, r.Data, aws.BoolValue(r.Config.LowerCaseHeaderMaps)); err != nil { - r.Error = err - } - } -} - -// UnmarshalResponse attempts to unmarshal the REST response headers to -// the data type passed in. The type must be a pointer. An error is returned -// with any error unmarshaling the response into the target datatype. -func UnmarshalResponse(resp *http.Response, data interface{}, lowerCaseHeaderMaps bool) error { - v := reflect.Indirect(reflect.ValueOf(data)) - return unmarshalLocationElements(resp, v, lowerCaseHeaderMaps) -} - -func unmarshalBody(r *request.Request, v reflect.Value) error { - if field, ok := v.Type().FieldByName("_"); ok { - if payloadName := field.Tag.Get("payload"); payloadName != "" { - pfield, _ := v.Type().FieldByName(payloadName) - if ptag := pfield.Tag.Get("type"); ptag != "" && ptag != "structure" { - payload := v.FieldByName(payloadName) - if payload.IsValid() { - switch payload.Interface().(type) { - case []byte: - defer r.HTTPResponse.Body.Close() - b, err := ioutil.ReadAll(r.HTTPResponse.Body) - if err != nil { - return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) - } - - payload.Set(reflect.ValueOf(b)) - - case *string: - defer r.HTTPResponse.Body.Close() - b, err := ioutil.ReadAll(r.HTTPResponse.Body) - if err != nil { - return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) - } - - str := string(b) - payload.Set(reflect.ValueOf(&str)) - - default: - switch payload.Type().String() { - case "io.ReadCloser": - payload.Set(reflect.ValueOf(r.HTTPResponse.Body)) - - case "io.ReadSeeker": - b, err := ioutil.ReadAll(r.HTTPResponse.Body) - if err != nil { - return awserr.New(request.ErrCodeSerialization, - "failed to read response body", err) - } - payload.Set(reflect.ValueOf(ioutil.NopCloser(bytes.NewReader(b)))) - - default: - io.Copy(ioutil.Discard, r.HTTPResponse.Body) - r.HTTPResponse.Body.Close() - return awserr.New(request.ErrCodeSerialization, - "failed to decode REST response", - fmt.Errorf("unknown payload type %s", payload.Type())) - } - } - } - } - } - } - - return nil -} - -func unmarshalLocationElements(resp *http.Response, v reflect.Value, lowerCaseHeaderMaps bool) error { - for i := 0; i < v.NumField(); i++ { - m, field := v.Field(i), v.Type().Field(i) - if n := field.Name; n[0:1] == strings.ToLower(n[0:1]) { - continue - } - - if m.IsValid() { - name := field.Tag.Get("locationName") - if name == "" { - name = field.Name - } - - switch field.Tag.Get("location") { - case "statusCode": - unmarshalStatusCode(m, resp.StatusCode) - - case "header": - err := unmarshalHeader(m, resp.Header.Get(name), field.Tag) - if err != nil { - return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) - } - - case "headers": - prefix := field.Tag.Get("locationName") - err := unmarshalHeaderMap(m, resp.Header, prefix, lowerCaseHeaderMaps) - if err != nil { - return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) - } - } - } - } - - return nil -} - -func unmarshalStatusCode(v reflect.Value, statusCode int) { - if !v.IsValid() { - return - } - - switch v.Interface().(type) { - case *int64: - s := int64(statusCode) - v.Set(reflect.ValueOf(&s)) - } -} - -func unmarshalHeaderMap(r reflect.Value, headers http.Header, prefix string, normalize bool) error { - if len(headers) == 0 { - return nil - } - switch r.Interface().(type) { - case map[string]*string: // we only support string map value types - out := map[string]*string{} - for k, v := range headers { - if awsStrings.HasPrefixFold(k, prefix) { - if normalize == true { - k = strings.ToLower(k) - } else { - k = http.CanonicalHeaderKey(k) - } - out[k[len(prefix):]] = &v[0] - } - } - if len(out) != 0 { - r.Set(reflect.ValueOf(out)) - } - - } - return nil -} - -func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) error { - switch tag.Get("type") { - case "jsonvalue": - if len(header) == 0 { - return nil - } - case "blob": - if len(header) == 0 { - return nil - } - default: - if !v.IsValid() || (header == "" && v.Elem().Kind() != reflect.String) { - return nil - } - } - - switch v.Interface().(type) { - case *string: - if tag.Get("suppressedJSONValue") == "true" && tag.Get("location") == "header" { - b, err := base64.StdEncoding.DecodeString(header) - if err != nil { - return fmt.Errorf("failed to decode JSONValue, %v", err) - } - header = string(b) - } - v.Set(reflect.ValueOf(&header)) - case []byte: - b, err := base64.StdEncoding.DecodeString(header) - if err != nil { - return err - } - v.Set(reflect.ValueOf(b)) - case *bool: - b, err := strconv.ParseBool(header) - if err != nil { - return err - } - v.Set(reflect.ValueOf(&b)) - case *int64: - i, err := strconv.ParseInt(header, 10, 64) - if err != nil { - return err - } - v.Set(reflect.ValueOf(&i)) - case *float64: - var f float64 - switch { - case strings.EqualFold(header, floatNaN): - f = math.NaN() - case strings.EqualFold(header, floatInf): - f = math.Inf(1) - case strings.EqualFold(header, floatNegInf): - f = math.Inf(-1) - default: - var err error - f, err = strconv.ParseFloat(header, 64) - if err != nil { - return err - } - } - v.Set(reflect.ValueOf(&f)) - case *time.Time: - format := tag.Get("timestampFormat") - if len(format) == 0 { - format = protocol.RFC822TimeFormatName - } - t, err := protocol.ParseTime(format, header) - if err != nil { - return err - } - v.Set(reflect.ValueOf(&t)) - case aws.JSONValue: - escaping := protocol.NoEscape - if tag.Get("location") == "header" { - escaping = protocol.Base64Escape - } - m, err := protocol.DecodeJSONValue(header, escaping) - if err != nil { - return err - } - v.Set(reflect.ValueOf(m)) - default: - err := fmt.Errorf("Unsupported value for param %v (%s)", v.Interface(), v.Type()) - return err - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go deleted file mode 100644 index 2e0e205a..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go +++ /dev/null @@ -1,59 +0,0 @@ -// Package restjson provides RESTful JSON serialization of AWS -// requests and responses. -package restjson - -//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/rest-json.json build_test.go -//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/rest-json.json unmarshal_test.go - -import ( - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" - "github.com/aws/aws-sdk-go/private/protocol/rest" -) - -// BuildHandler is a named request handler for building restjson protocol -// requests -var BuildHandler = request.NamedHandler{ - Name: "awssdk.restjson.Build", - Fn: Build, -} - -// UnmarshalHandler is a named request handler for unmarshaling restjson -// protocol requests -var UnmarshalHandler = request.NamedHandler{ - Name: "awssdk.restjson.Unmarshal", - Fn: Unmarshal, -} - -// UnmarshalMetaHandler is a named request handler for unmarshaling restjson -// protocol request metadata -var UnmarshalMetaHandler = request.NamedHandler{ - Name: "awssdk.restjson.UnmarshalMeta", - Fn: UnmarshalMeta, -} - -// Build builds a request for the REST JSON protocol. -func Build(r *request.Request) { - rest.Build(r) - - if t := rest.PayloadType(r.Params); t == "structure" || t == "" { - if v := r.HTTPRequest.Header.Get("Content-Type"); len(v) == 0 { - r.HTTPRequest.Header.Set("Content-Type", "application/json") - } - jsonrpc.Build(r) - } -} - -// Unmarshal unmarshals a response body for the REST JSON protocol. -func Unmarshal(r *request.Request) { - if t := rest.PayloadType(r.Data); t == "structure" || t == "" { - jsonrpc.Unmarshal(r) - } else { - rest.Unmarshal(r) - } -} - -// UnmarshalMeta unmarshals response headers for the REST JSON protocol. -func UnmarshalMeta(r *request.Request) { - rest.UnmarshalMeta(r) -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go deleted file mode 100644 index 5366a646..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go +++ /dev/null @@ -1,157 +0,0 @@ -package restjson - -import ( - "bytes" - "encoding/json" - "io" - "io/ioutil" - "net/http" - "strings" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol" - "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" - "github.com/aws/aws-sdk-go/private/protocol/rest" -) - -const ( - errorTypeHeader = "X-Amzn-Errortype" - errorMessageHeader = "X-Amzn-Errormessage" -) - -// UnmarshalTypedError provides unmarshaling errors API response errors -// for both typed and untyped errors. -type UnmarshalTypedError struct { - exceptions map[string]func(protocol.ResponseMetadata) error -} - -// NewUnmarshalTypedError returns an UnmarshalTypedError initialized for the -// set of exception names to the error unmarshalers -func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError { - return &UnmarshalTypedError{ - exceptions: exceptions, - } -} - -// UnmarshalError attempts to unmarshal the HTTP response error as a known -// error type. If unable to unmarshal the error type, the generic SDK error -// type will be used. -func (u *UnmarshalTypedError) UnmarshalError( - resp *http.Response, - respMeta protocol.ResponseMetadata, -) (error, error) { - code, msg, err := unmarshalErrorInfo(resp) - if err != nil { - return nil, err - } - - fn, ok := u.exceptions[code] - if !ok { - return awserr.NewRequestFailure( - awserr.New(code, msg, nil), - respMeta.StatusCode, - respMeta.RequestID, - ), nil - } - - v := fn(respMeta) - if err := jsonutil.UnmarshalJSONCaseInsensitive(v, resp.Body); err != nil { - return nil, err - } - - if err := rest.UnmarshalResponse(resp, v, true); err != nil { - return nil, err - } - - return v, nil -} - -// UnmarshalErrorHandler is a named request handler for unmarshaling restjson -// protocol request errors -var UnmarshalErrorHandler = request.NamedHandler{ - Name: "awssdk.restjson.UnmarshalError", - Fn: UnmarshalError, -} - -// UnmarshalError unmarshals a response error for the REST JSON protocol. -func UnmarshalError(r *request.Request) { - defer r.HTTPResponse.Body.Close() - - code, msg, err := unmarshalErrorInfo(r.HTTPResponse) - if err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, "failed to unmarshal response error", err), - r.HTTPResponse.StatusCode, - r.RequestID, - ) - return - } - - r.Error = awserr.NewRequestFailure( - awserr.New(code, msg, nil), - r.HTTPResponse.StatusCode, - r.RequestID, - ) -} - -type jsonErrorResponse struct { - Type string `json:"__type"` - Code string `json:"code"` - Message string `json:"message"` -} - -func (j *jsonErrorResponse) SanitizedCode() string { - code := j.Code - if len(j.Type) > 0 { - code = j.Type - } - return sanitizeCode(code) -} - -// Remove superfluous components from a restJson error code. -// - If a : character is present, then take only the contents before the -// first : character in the value. -// - If a # character is present, then take only the contents after the first -// # character in the value. -// -// All of the following error values resolve to FooError: -// - FooError -// - FooError:http://internal.amazon.com/coral/com.amazon.coral.validate/ -// - aws.protocoltests.restjson#FooError -// - aws.protocoltests.restjson#FooError:http://internal.amazon.com/coral/com.amazon.coral.validate/ -func sanitizeCode(code string) string { - noColon := strings.SplitN(code, ":", 2)[0] - hashSplit := strings.SplitN(noColon, "#", 2) - return hashSplit[len(hashSplit)-1] -} - -// attempt to garner error details from the response, preferring header values -// when present -func unmarshalErrorInfo(resp *http.Response) (code string, msg string, err error) { - code = sanitizeCode(resp.Header.Get(errorTypeHeader)) - msg = resp.Header.Get(errorMessageHeader) - if len(code) > 0 && len(msg) > 0 { - return - } - - // a modeled error will have to be re-deserialized later, so the body must - // be preserved - var buf bytes.Buffer - tee := io.TeeReader(resp.Body, &buf) - defer func() { resp.Body = ioutil.NopCloser(&buf) }() - - var jsonErr jsonErrorResponse - if decodeErr := json.NewDecoder(tee).Decode(&jsonErr); decodeErr != nil && decodeErr != io.EOF { - err = awserr.NewUnmarshalError(decodeErr, "failed to decode response body", buf.Bytes()) - return - } - - if len(code) == 0 { - code = jsonErr.SanitizedCode() - } - if len(msg) == 0 { - msg = jsonErr.Message - } - return -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/restxml/restxml.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/restxml/restxml.go deleted file mode 100644 index b1ae3648..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/restxml/restxml.go +++ /dev/null @@ -1,79 +0,0 @@ -// Package restxml provides RESTful XML serialization of AWS -// requests and responses. -package restxml - -//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/rest-xml.json build_test.go -//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/rest-xml.json unmarshal_test.go - -import ( - "bytes" - "encoding/xml" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/query" - "github.com/aws/aws-sdk-go/private/protocol/rest" - "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil" -) - -// BuildHandler is a named request handler for building restxml protocol requests -var BuildHandler = request.NamedHandler{Name: "awssdk.restxml.Build", Fn: Build} - -// UnmarshalHandler is a named request handler for unmarshaling restxml protocol requests -var UnmarshalHandler = request.NamedHandler{Name: "awssdk.restxml.Unmarshal", Fn: Unmarshal} - -// UnmarshalMetaHandler is a named request handler for unmarshaling restxml protocol request metadata -var UnmarshalMetaHandler = request.NamedHandler{Name: "awssdk.restxml.UnmarshalMeta", Fn: UnmarshalMeta} - -// UnmarshalErrorHandler is a named request handler for unmarshaling restxml protocol request errors -var UnmarshalErrorHandler = request.NamedHandler{Name: "awssdk.restxml.UnmarshalError", Fn: UnmarshalError} - -// Build builds a request payload for the REST XML protocol. -func Build(r *request.Request) { - rest.Build(r) - - if t := rest.PayloadType(r.Params); t == "structure" || t == "" { - var buf bytes.Buffer - err := xmlutil.BuildXML(r.Params, xml.NewEncoder(&buf)) - if err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to encode rest XML request", err), - 0, - r.RequestID, - ) - return - } - r.SetBufferBody(buf.Bytes()) - } -} - -// Unmarshal unmarshals a payload response for the REST XML protocol. -func Unmarshal(r *request.Request) { - if t := rest.PayloadType(r.Data); t == "structure" || t == "" { - defer r.HTTPResponse.Body.Close() - decoder := xml.NewDecoder(r.HTTPResponse.Body) - err := xmlutil.UnmarshalXML(r.Data, decoder, "") - if err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to decode REST XML response", err), - r.HTTPResponse.StatusCode, - r.RequestID, - ) - return - } - } else { - rest.Unmarshal(r) - } -} - -// UnmarshalMeta unmarshals response headers for the REST XML protocol. -func UnmarshalMeta(r *request.Request) { - rest.UnmarshalMeta(r) -} - -// UnmarshalError unmarshals a response error for the REST XML protocol. -func UnmarshalError(r *request.Request) { - query.UnmarshalError(r) -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go deleted file mode 100644 index d9a4e764..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go +++ /dev/null @@ -1,134 +0,0 @@ -package protocol - -import ( - "bytes" - "fmt" - "math" - "strconv" - "time" - - "github.com/aws/aws-sdk-go/internal/sdkmath" -) - -// Names of time formats supported by the SDK -const ( - RFC822TimeFormatName = "rfc822" - ISO8601TimeFormatName = "iso8601" - UnixTimeFormatName = "unixTimestamp" -) - -// Time formats supported by the SDK -// Output time is intended to not contain decimals -const ( - // RFC 7231#section-7.1.1.1 timetamp format. e.g Tue, 29 Apr 2014 18:30:38 GMT - RFC822TimeFormat = "Mon, 2 Jan 2006 15:04:05 GMT" - rfc822TimeFormatSingleDigitDay = "Mon, _2 Jan 2006 15:04:05 GMT" - rfc822TimeFormatSingleDigitDayTwoDigitYear = "Mon, _2 Jan 06 15:04:05 GMT" - - // This format is used for output time without seconds precision - RFC822OutputTimeFormat = "Mon, 02 Jan 2006 15:04:05 GMT" - - // RFC3339 a subset of the ISO8601 timestamp format. e.g 2014-04-29T18:30:38Z - ISO8601TimeFormat = "2006-01-02T15:04:05.999999999Z" - iso8601TimeFormatNoZ = "2006-01-02T15:04:05.999999999" - - // This format is used for output time with fractional second precision up to milliseconds - ISO8601OutputTimeFormat = "2006-01-02T15:04:05.999999999Z" -) - -// IsKnownTimestampFormat returns if the timestamp format name -// is know to the SDK's protocols. -func IsKnownTimestampFormat(name string) bool { - switch name { - case RFC822TimeFormatName: - fallthrough - case ISO8601TimeFormatName: - fallthrough - case UnixTimeFormatName: - return true - default: - return false - } -} - -// FormatTime returns a string value of the time. -func FormatTime(name string, t time.Time) string { - t = t.UTC().Truncate(time.Millisecond) - - switch name { - case RFC822TimeFormatName: - return t.Format(RFC822OutputTimeFormat) - case ISO8601TimeFormatName: - return t.Format(ISO8601OutputTimeFormat) - case UnixTimeFormatName: - ms := t.UnixNano() / int64(time.Millisecond) - return strconv.FormatFloat(float64(ms)/1e3, 'f', -1, 64) - default: - panic("unknown timestamp format name, " + name) - } -} - -// ParseTime attempts to parse the time given the format. Returns -// the time if it was able to be parsed, and fails otherwise. -func ParseTime(formatName, value string) (time.Time, error) { - switch formatName { - case RFC822TimeFormatName: // Smithy HTTPDate format - return tryParse(value, - RFC822TimeFormat, - rfc822TimeFormatSingleDigitDay, - rfc822TimeFormatSingleDigitDayTwoDigitYear, - time.RFC850, - time.ANSIC, - ) - case ISO8601TimeFormatName: // Smithy DateTime format - return tryParse(value, - ISO8601TimeFormat, - iso8601TimeFormatNoZ, - time.RFC3339Nano, - time.RFC3339, - ) - case UnixTimeFormatName: - v, err := strconv.ParseFloat(value, 64) - _, dec := math.Modf(v) - dec = sdkmath.Round(dec*1e3) / 1e3 //Rounds 0.1229999 to 0.123 - if err != nil { - return time.Time{}, err - } - return time.Unix(int64(v), int64(dec*(1e9))), nil - default: - panic("unknown timestamp format name, " + formatName) - } -} - -func tryParse(v string, formats ...string) (time.Time, error) { - var errs parseErrors - for _, f := range formats { - t, err := time.Parse(f, v) - if err != nil { - errs = append(errs, parseError{ - Format: f, - Err: err, - }) - continue - } - return t, nil - } - - return time.Time{}, fmt.Errorf("unable to parse time string, %v", errs) -} - -type parseErrors []parseError - -func (es parseErrors) Error() string { - var s bytes.Buffer - for _, e := range es { - fmt.Fprintf(&s, "\n * %q: %v", e.Format, e.Err) - } - - return "parse errors:" + s.String() -} - -type parseError struct { - Format string - Err error -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go deleted file mode 100644 index f614ef89..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal.go +++ /dev/null @@ -1,27 +0,0 @@ -package protocol - -import ( - "io" - "io/ioutil" - - "github.com/aws/aws-sdk-go/aws/request" -) - -// UnmarshalDiscardBodyHandler is a named request handler to empty and close a response's body -var UnmarshalDiscardBodyHandler = request.NamedHandler{Name: "awssdk.shared.UnmarshalDiscardBody", Fn: UnmarshalDiscardBody} - -// UnmarshalDiscardBody is a request handler to empty a response's body and closing it. -func UnmarshalDiscardBody(r *request.Request) { - if r.HTTPResponse == nil || r.HTTPResponse.Body == nil { - return - } - - io.Copy(ioutil.Discard, r.HTTPResponse.Body) - r.HTTPResponse.Body.Close() -} - -// ResponseMetadata provides the SDK response metadata attributes. -type ResponseMetadata struct { - StatusCode int - RequestID string -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go deleted file mode 100644 index cc857f13..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/unmarshal_error.go +++ /dev/null @@ -1,65 +0,0 @@ -package protocol - -import ( - "net/http" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" -) - -// UnmarshalErrorHandler provides unmarshaling errors API response errors for -// both typed and untyped errors. -type UnmarshalErrorHandler struct { - unmarshaler ErrorUnmarshaler -} - -// ErrorUnmarshaler is an abstract interface for concrete implementations to -// unmarshal protocol specific response errors. -type ErrorUnmarshaler interface { - UnmarshalError(*http.Response, ResponseMetadata) (error, error) -} - -// NewUnmarshalErrorHandler returns an UnmarshalErrorHandler -// initialized for the set of exception names to the error unmarshalers -func NewUnmarshalErrorHandler(unmarshaler ErrorUnmarshaler) *UnmarshalErrorHandler { - return &UnmarshalErrorHandler{ - unmarshaler: unmarshaler, - } -} - -// UnmarshalErrorHandlerName is the name of the named handler. -const UnmarshalErrorHandlerName = "awssdk.protocol.UnmarshalError" - -// NamedHandler returns a NamedHandler for the unmarshaler using the set of -// errors the unmarshaler was initialized for. -func (u *UnmarshalErrorHandler) NamedHandler() request.NamedHandler { - return request.NamedHandler{ - Name: UnmarshalErrorHandlerName, - Fn: u.UnmarshalError, - } -} - -// UnmarshalError will attempt to unmarshal the API response's error message -// into either a generic SDK error type, or a typed error corresponding to the -// errors exception name. -func (u *UnmarshalErrorHandler) UnmarshalError(r *request.Request) { - defer r.HTTPResponse.Body.Close() - - respMeta := ResponseMetadata{ - StatusCode: r.HTTPResponse.StatusCode, - RequestID: r.RequestID, - } - - v, err := u.unmarshaler.UnmarshalError(r.HTTPResponse, respMeta) - if err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to unmarshal response error", err), - respMeta.StatusCode, - respMeta.RequestID, - ) - return - } - - r.Error = v -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go deleted file mode 100644 index 58c12bd8..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go +++ /dev/null @@ -1,345 +0,0 @@ -// Package xmlutil provides XML serialization of AWS requests and responses. -package xmlutil - -import ( - "encoding/base64" - "encoding/xml" - "fmt" - "math" - "reflect" - "sort" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/private/protocol" -) - -const ( - floatNaN = "NaN" - floatInf = "Infinity" - floatNegInf = "-Infinity" -) - -// BuildXML will serialize params into an xml.Encoder. Error will be returned -// if the serialization of any of the params or nested values fails. -func BuildXML(params interface{}, e *xml.Encoder) error { - return buildXML(params, e, false) -} - -func buildXML(params interface{}, e *xml.Encoder, sorted bool) error { - b := xmlBuilder{encoder: e, namespaces: map[string]string{}} - root := NewXMLElement(xml.Name{}) - if err := b.buildValue(reflect.ValueOf(params), root, ""); err != nil { - return err - } - for _, c := range root.Children { - for _, v := range c { - return StructToXML(e, v, sorted) - } - } - return nil -} - -// Returns the reflection element of a value, if it is a pointer. -func elemOf(value reflect.Value) reflect.Value { - for value.Kind() == reflect.Ptr { - value = value.Elem() - } - return value -} - -// A xmlBuilder serializes values from Go code to XML -type xmlBuilder struct { - encoder *xml.Encoder - namespaces map[string]string -} - -// buildValue generic XMLNode builder for any type. Will build value for their specific type -// struct, list, map, scalar. -// -// Also takes a "type" tag value to set what type a value should be converted to XMLNode as. If -// type is not provided reflect will be used to determine the value's type. -func (b *xmlBuilder) buildValue(value reflect.Value, current *XMLNode, tag reflect.StructTag) error { - value = elemOf(value) - if !value.IsValid() { // no need to handle zero values - return nil - } else if tag.Get("location") != "" { // don't handle non-body location values - return nil - } - - xml := tag.Get("xml") - if len(xml) != 0 { - name := strings.SplitAfterN(xml, ",", 2)[0] - if name == "-" { - return nil - } - } - - t := tag.Get("type") - if t == "" { - switch value.Kind() { - case reflect.Struct: - t = "structure" - case reflect.Slice: - t = "list" - case reflect.Map: - t = "map" - } - } - - switch t { - case "structure": - if field, ok := value.Type().FieldByName("_"); ok { - tag = tag + reflect.StructTag(" ") + field.Tag - } - return b.buildStruct(value, current, tag) - case "list": - return b.buildList(value, current, tag) - case "map": - return b.buildMap(value, current, tag) - default: - return b.buildScalar(value, current, tag) - } -} - -// buildStruct adds a struct and its fields to the current XMLNode. All fields and any nested -// types are converted to XMLNodes also. -func (b *xmlBuilder) buildStruct(value reflect.Value, current *XMLNode, tag reflect.StructTag) error { - if !value.IsValid() { - return nil - } - - // unwrap payloads - if payload := tag.Get("payload"); payload != "" { - field, _ := value.Type().FieldByName(payload) - tag = field.Tag - value = elemOf(value.FieldByName(payload)) - - if !value.IsValid() { - return nil - } - } - - child := NewXMLElement(xml.Name{Local: tag.Get("locationName")}) - - // there is an xmlNamespace associated with this struct - if prefix, uri := tag.Get("xmlPrefix"), tag.Get("xmlURI"); uri != "" { - ns := xml.Attr{ - Name: xml.Name{Local: "xmlns"}, - Value: uri, - } - if prefix != "" { - b.namespaces[prefix] = uri // register the namespace - ns.Name.Local = "xmlns:" + prefix - } - - child.Attr = append(child.Attr, ns) - } - - var payloadFields, nonPayloadFields int - - t := value.Type() - for i := 0; i < value.NumField(); i++ { - member := elemOf(value.Field(i)) - field := t.Field(i) - - if field.PkgPath != "" { - continue // ignore unexported fields - } - if field.Tag.Get("ignore") != "" { - continue - } - - mTag := field.Tag - if mTag.Get("location") != "" { // skip non-body members - nonPayloadFields++ - continue - } - payloadFields++ - - if protocol.CanSetIdempotencyToken(value.Field(i), field) { - token := protocol.GetIdempotencyToken() - member = reflect.ValueOf(token) - } - - memberName := mTag.Get("locationName") - if memberName == "" { - memberName = field.Name - mTag = reflect.StructTag(string(mTag) + ` locationName:"` + memberName + `"`) - } - if err := b.buildValue(member, child, mTag); err != nil { - return err - } - } - - // Only case where the child shape is not added is if the shape only contains - // non-payload fields, e.g headers/query. - if !(payloadFields == 0 && nonPayloadFields > 0) { - current.AddChild(child) - } - - return nil -} - -// buildList adds the value's list items to the current XMLNode as children nodes. All -// nested values in the list are converted to XMLNodes also. -func (b *xmlBuilder) buildList(value reflect.Value, current *XMLNode, tag reflect.StructTag) error { - if value.IsNil() { // don't build omitted lists - return nil - } - - // check for unflattened list member - flattened := tag.Get("flattened") != "" - - xname := xml.Name{Local: tag.Get("locationName")} - if flattened { - for i := 0; i < value.Len(); i++ { - child := NewXMLElement(xname) - current.AddChild(child) - if err := b.buildValue(value.Index(i), child, ""); err != nil { - return err - } - } - } else { - list := NewXMLElement(xname) - current.AddChild(list) - - for i := 0; i < value.Len(); i++ { - iname := tag.Get("locationNameList") - if iname == "" { - iname = "member" - } - - child := NewXMLElement(xml.Name{Local: iname}) - list.AddChild(child) - if err := b.buildValue(value.Index(i), child, ""); err != nil { - return err - } - } - } - - return nil -} - -// buildMap adds the value's key/value pairs to the current XMLNode as children nodes. All -// nested values in the map are converted to XMLNodes also. -// -// Error will be returned if it is unable to build the map's values into XMLNodes -func (b *xmlBuilder) buildMap(value reflect.Value, current *XMLNode, tag reflect.StructTag) error { - if value.IsNil() { // don't build omitted maps - return nil - } - - maproot := NewXMLElement(xml.Name{Local: tag.Get("locationName")}) - current.AddChild(maproot) - current = maproot - - kname, vname := "key", "value" - if n := tag.Get("locationNameKey"); n != "" { - kname = n - } - if n := tag.Get("locationNameValue"); n != "" { - vname = n - } - - // sorting is not required for compliance, but it makes testing easier - keys := make([]string, value.Len()) - for i, k := range value.MapKeys() { - keys[i] = k.String() - } - sort.Strings(keys) - - for _, k := range keys { - v := value.MapIndex(reflect.ValueOf(k)) - - mapcur := current - if tag.Get("flattened") == "" { // add "entry" tag to non-flat maps - child := NewXMLElement(xml.Name{Local: "entry"}) - mapcur.AddChild(child) - mapcur = child - } - - kchild := NewXMLElement(xml.Name{Local: kname}) - kchild.Text = k - vchild := NewXMLElement(xml.Name{Local: vname}) - mapcur.AddChild(kchild) - mapcur.AddChild(vchild) - - if err := b.buildValue(v, vchild, ""); err != nil { - return err - } - } - - return nil -} - -// buildScalar will convert the value into a string and append it as a attribute or child -// of the current XMLNode. -// -// The value will be added as an attribute if tag contains a "xmlAttribute" attribute value. -// -// Error will be returned if the value type is unsupported. -func (b *xmlBuilder) buildScalar(value reflect.Value, current *XMLNode, tag reflect.StructTag) error { - var str string - - switch converted := value.Interface().(type) { - case string: - str = converted - case []byte: - if !value.IsNil() { - str = base64.StdEncoding.EncodeToString(converted) - } - case bool: - str = strconv.FormatBool(converted) - case int64: - str = strconv.FormatInt(converted, 10) - case int: - str = strconv.Itoa(converted) - case float64: - switch { - case math.IsNaN(converted): - str = floatNaN - case math.IsInf(converted, 1): - str = floatInf - case math.IsInf(converted, -1): - str = floatNegInf - default: - str = strconv.FormatFloat(converted, 'f', -1, 64) - } - case float32: - // The SDK doesn't render float32 values in types, only float64. This case would never be hit currently. - asFloat64 := float64(converted) - switch { - case math.IsNaN(asFloat64): - str = floatNaN - case math.IsInf(asFloat64, 1): - str = floatInf - case math.IsInf(asFloat64, -1): - str = floatNegInf - default: - str = strconv.FormatFloat(asFloat64, 'f', -1, 32) - } - case time.Time: - format := tag.Get("timestampFormat") - if len(format) == 0 { - format = protocol.ISO8601TimeFormatName - } - - str = protocol.FormatTime(format, converted) - default: - return fmt.Errorf("unsupported value for param %s: %v (%s)", - tag.Get("locationName"), value.Interface(), value.Type().Name()) - } - - xname := xml.Name{Local: tag.Get("locationName")} - if tag.Get("xmlAttribute") != "" { // put into current node's attribute list - attr := xml.Attr{Name: xname, Value: str} - current.Attr = append(current.Attr, attr) - } else if len(xname.Local) == 0 { - current.Text = str - } else { // regular text node - current.AddChild(&XMLNode{Name: xname, Text: str}) - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go deleted file mode 100644 index c1a51185..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/sort.go +++ /dev/null @@ -1,32 +0,0 @@ -package xmlutil - -import ( - "encoding/xml" - "strings" -) - -type xmlAttrSlice []xml.Attr - -func (x xmlAttrSlice) Len() int { - return len(x) -} - -func (x xmlAttrSlice) Less(i, j int) bool { - spaceI, spaceJ := x[i].Name.Space, x[j].Name.Space - localI, localJ := x[i].Name.Local, x[j].Name.Local - valueI, valueJ := x[i].Value, x[j].Value - - spaceCmp := strings.Compare(spaceI, spaceJ) - localCmp := strings.Compare(localI, localJ) - valueCmp := strings.Compare(valueI, valueJ) - - if spaceCmp == -1 || (spaceCmp == 0 && (localCmp == -1 || (localCmp == 0 && valueCmp == -1))) { - return true - } - - return false -} - -func (x xmlAttrSlice) Swap(i, j int) { - x[i], x[j] = x[j], x[i] -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go deleted file mode 100644 index 44a580a9..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go +++ /dev/null @@ -1,311 +0,0 @@ -package xmlutil - -import ( - "bytes" - "encoding/base64" - "encoding/xml" - "fmt" - "io" - "math" - "reflect" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/private/protocol" -) - -// UnmarshalXMLError unmarshals the XML error from the stream into the value -// type specified. The value must be a pointer. If the message fails to -// unmarshal, the message content will be included in the returned error as a -// awserr.UnmarshalError. -func UnmarshalXMLError(v interface{}, stream io.Reader) error { - var errBuf bytes.Buffer - body := io.TeeReader(stream, &errBuf) - - err := xml.NewDecoder(body).Decode(v) - if err != nil && err != io.EOF { - return awserr.NewUnmarshalError(err, - "failed to unmarshal error message", errBuf.Bytes()) - } - - return nil -} - -// UnmarshalXML deserializes an xml.Decoder into the container v. V -// needs to match the shape of the XML expected to be decoded. -// If the shape doesn't match unmarshaling will fail. -func UnmarshalXML(v interface{}, d *xml.Decoder, wrapper string) error { - n, err := XMLToStruct(d, nil) - if err != nil { - return err - } - if n.Children != nil { - for _, root := range n.Children { - for _, c := range root { - if wrappedChild, ok := c.Children[wrapper]; ok { - c = wrappedChild[0] // pull out wrapped element - } - - err = parse(reflect.ValueOf(v), c, "") - if err != nil { - if err == io.EOF { - return nil - } - return err - } - } - } - return nil - } - return nil -} - -// parse deserializes any value from the XMLNode. The type tag is used to infer the type, or reflect -// will be used to determine the type from r. -func parse(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { - xml := tag.Get("xml") - if len(xml) != 0 { - name := strings.SplitAfterN(xml, ",", 2)[0] - if name == "-" { - return nil - } - } - - rtype := r.Type() - if rtype.Kind() == reflect.Ptr { - rtype = rtype.Elem() // check kind of actual element type - } - - t := tag.Get("type") - if t == "" { - switch rtype.Kind() { - case reflect.Struct: - // also it can't be a time object - if _, ok := r.Interface().(*time.Time); !ok { - t = "structure" - } - case reflect.Slice: - // also it can't be a byte slice - if _, ok := r.Interface().([]byte); !ok { - t = "list" - } - case reflect.Map: - t = "map" - } - } - - switch t { - case "structure": - if field, ok := rtype.FieldByName("_"); ok { - tag = field.Tag - } - return parseStruct(r, node, tag) - case "list": - return parseList(r, node, tag) - case "map": - return parseMap(r, node, tag) - default: - return parseScalar(r, node, tag) - } -} - -// parseStruct deserializes a structure and its fields from an XMLNode. Any nested -// types in the structure will also be deserialized. -func parseStruct(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { - t := r.Type() - if r.Kind() == reflect.Ptr { - if r.IsNil() { // create the structure if it's nil - s := reflect.New(r.Type().Elem()) - r.Set(s) - r = s - } - - r = r.Elem() - t = t.Elem() - } - - // unwrap any payloads - if payload := tag.Get("payload"); payload != "" { - field, _ := t.FieldByName(payload) - return parseStruct(r.FieldByName(payload), node, field.Tag) - } - - for i := 0; i < t.NumField(); i++ { - field := t.Field(i) - if c := field.Name[0:1]; strings.ToLower(c) == c { - continue // ignore unexported fields - } - - // figure out what this field is called - name := field.Name - if field.Tag.Get("flattened") != "" && field.Tag.Get("locationNameList") != "" { - name = field.Tag.Get("locationNameList") - } else if locName := field.Tag.Get("locationName"); locName != "" { - name = locName - } - - // try to find the field by name in elements - elems := node.Children[name] - - if elems == nil { // try to find the field in attributes - if val, ok := node.findElem(name); ok { - elems = []*XMLNode{{Text: val}} - } - } - - member := r.FieldByName(field.Name) - for _, elem := range elems { - err := parse(member, elem, field.Tag) - if err != nil { - return err - } - } - } - return nil -} - -// parseList deserializes a list of values from an XML node. Each list entry -// will also be deserialized. -func parseList(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { - t := r.Type() - - if tag.Get("flattened") == "" { // look at all item entries - mname := "member" - if name := tag.Get("locationNameList"); name != "" { - mname = name - } - - if Children, ok := node.Children[mname]; ok { - if r.IsNil() { - r.Set(reflect.MakeSlice(t, len(Children), len(Children))) - } - - for i, c := range Children { - err := parse(r.Index(i), c, "") - if err != nil { - return err - } - } - } - } else { // flattened list means this is a single element - if r.IsNil() { - r.Set(reflect.MakeSlice(t, 0, 0)) - } - - childR := reflect.Zero(t.Elem()) - r.Set(reflect.Append(r, childR)) - err := parse(r.Index(r.Len()-1), node, "") - if err != nil { - return err - } - } - - return nil -} - -// parseMap deserializes a map from an XMLNode. The direct children of the XMLNode -// will also be deserialized as map entries. -func parseMap(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { - if r.IsNil() { - r.Set(reflect.MakeMap(r.Type())) - } - - if tag.Get("flattened") == "" { // look at all child entries - for _, entry := range node.Children["entry"] { - parseMapEntry(r, entry, tag) - } - } else { // this element is itself an entry - parseMapEntry(r, node, tag) - } - - return nil -} - -// parseMapEntry deserializes a map entry from a XML node. -func parseMapEntry(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { - kname, vname := "key", "value" - if n := tag.Get("locationNameKey"); n != "" { - kname = n - } - if n := tag.Get("locationNameValue"); n != "" { - vname = n - } - - keys, ok := node.Children[kname] - values := node.Children[vname] - if ok { - for i, key := range keys { - keyR := reflect.ValueOf(key.Text) - value := values[i] - valueR := reflect.New(r.Type().Elem()).Elem() - - parse(valueR, value, "") - r.SetMapIndex(keyR, valueR) - } - } - return nil -} - -// parseScaller deserializes an XMLNode value into a concrete type based on the -// interface type of r. -// -// Error is returned if the deserialization fails due to invalid type conversion, -// or unsupported interface type. -func parseScalar(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { - switch r.Interface().(type) { - case *string: - r.Set(reflect.ValueOf(&node.Text)) - return nil - case []byte: - b, err := base64.StdEncoding.DecodeString(node.Text) - if err != nil { - return err - } - r.Set(reflect.ValueOf(b)) - case *bool: - v, err := strconv.ParseBool(node.Text) - if err != nil { - return err - } - r.Set(reflect.ValueOf(&v)) - case *int64: - v, err := strconv.ParseInt(node.Text, 10, 64) - if err != nil { - return err - } - r.Set(reflect.ValueOf(&v)) - case *float64: - var v float64 - switch { - case strings.EqualFold(node.Text, floatNaN): - v = math.NaN() - case strings.EqualFold(node.Text, floatInf): - v = math.Inf(1) - case strings.EqualFold(node.Text, floatNegInf): - v = math.Inf(-1) - default: - var err error - v, err = strconv.ParseFloat(node.Text, 64) - if err != nil { - return err - } - } - r.Set(reflect.ValueOf(&v)) - case *time.Time: - format := tag.Get("timestampFormat") - if len(format) == 0 { - format = protocol.ISO8601TimeFormatName - } - - t, err := protocol.ParseTime(format, node.Text) - if err != nil { - return err - } - r.Set(reflect.ValueOf(&t)) - default: - return fmt.Errorf("unsupported value: %v (%s)", r.Interface(), r.Type()) - } - return nil -} diff --git a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go b/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go deleted file mode 100644 index c85b79fd..00000000 --- a/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go +++ /dev/null @@ -1,173 +0,0 @@ -package xmlutil - -import ( - "encoding/xml" - "fmt" - "io" - "sort" -) - -// A XMLNode contains the values to be encoded or decoded. -type XMLNode struct { - Name xml.Name `json:",omitempty"` - Children map[string][]*XMLNode `json:",omitempty"` - Text string `json:",omitempty"` - Attr []xml.Attr `json:",omitempty"` - - namespaces map[string]string - parent *XMLNode -} - -// textEncoder is a string type alias that implemnts the TextMarshaler interface. -// This alias type is used to ensure that the line feed (\n) (U+000A) is escaped. -type textEncoder string - -func (t textEncoder) MarshalText() ([]byte, error) { - return []byte(t), nil -} - -// NewXMLElement returns a pointer to a new XMLNode initialized to default values. -func NewXMLElement(name xml.Name) *XMLNode { - return &XMLNode{ - Name: name, - Children: map[string][]*XMLNode{}, - Attr: []xml.Attr{}, - } -} - -// AddChild adds child to the XMLNode. -func (n *XMLNode) AddChild(child *XMLNode) { - child.parent = n - if _, ok := n.Children[child.Name.Local]; !ok { - n.Children[child.Name.Local] = []*XMLNode{} - } - n.Children[child.Name.Local] = append(n.Children[child.Name.Local], child) -} - -// XMLToStruct converts a xml.Decoder stream to XMLNode with nested values. -func XMLToStruct(d *xml.Decoder, s *xml.StartElement) (*XMLNode, error) { - out := &XMLNode{} - for { - tok, err := d.Token() - if err != nil { - if err == io.EOF { - break - } else { - return out, err - } - } - - if tok == nil { - break - } - - switch typed := tok.(type) { - case xml.CharData: - out.Text = string(typed.Copy()) - case xml.StartElement: - el := typed.Copy() - out.Attr = el.Attr - if out.Children == nil { - out.Children = map[string][]*XMLNode{} - } - - name := typed.Name.Local - slice := out.Children[name] - if slice == nil { - slice = []*XMLNode{} - } - node, e := XMLToStruct(d, &el) - out.findNamespaces() - if e != nil { - return out, e - } - node.Name = typed.Name - node.findNamespaces() - tempOut := *out - // Save into a temp variable, simply because out gets squashed during - // loop iterations - node.parent = &tempOut - slice = append(slice, node) - out.Children[name] = slice - case xml.EndElement: - if s != nil && s.Name.Local == typed.Name.Local { // matching end token - return out, nil - } - out = &XMLNode{} - } - } - return out, nil -} - -func (n *XMLNode) findNamespaces() { - ns := map[string]string{} - for _, a := range n.Attr { - if a.Name.Space == "xmlns" { - ns[a.Value] = a.Name.Local - } - } - - n.namespaces = ns -} - -func (n *XMLNode) findElem(name string) (string, bool) { - for node := n; node != nil; node = node.parent { - for _, a := range node.Attr { - namespace := a.Name.Space - if v, ok := node.namespaces[namespace]; ok { - namespace = v - } - if name == fmt.Sprintf("%s:%s", namespace, a.Name.Local) { - return a.Value, true - } - } - } - return "", false -} - -// StructToXML writes an XMLNode to a xml.Encoder as tokens. -func StructToXML(e *xml.Encoder, node *XMLNode, sorted bool) error { - // Sort Attributes - attrs := node.Attr - if sorted { - sortedAttrs := make([]xml.Attr, len(attrs)) - for _, k := range node.Attr { - sortedAttrs = append(sortedAttrs, k) - } - sort.Sort(xmlAttrSlice(sortedAttrs)) - attrs = sortedAttrs - } - - startElement := xml.StartElement{Name: node.Name, Attr: attrs} - - if node.Text != "" { - e.EncodeElement(textEncoder(node.Text), startElement) - return e.Flush() - } - - e.EncodeToken(startElement) - - if sorted { - sortedNames := []string{} - for k := range node.Children { - sortedNames = append(sortedNames, k) - } - sort.Strings(sortedNames) - - for _, k := range sortedNames { - for _, v := range node.Children[k] { - StructToXML(e, v, sorted) - } - } - } else { - for _, c := range node.Children { - for _, v := range c { - StructToXML(e, v, sorted) - } - } - } - - e.EncodeToken(startElement.End()) - - return e.Flush() -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/api.go b/vendor/github.com/aws/aws-sdk-go/service/route53/api.go deleted file mode 100644 index 9a4904fe..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/api.go +++ /dev/null @@ -1,21300 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package route53 - -import ( - "fmt" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awsutil" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol" - "github.com/aws/aws-sdk-go/private/protocol/restxml" -) - -const opActivateKeySigningKey = "ActivateKeySigningKey" - -// ActivateKeySigningKeyRequest generates a "aws/request.Request" representing the -// client's request for the ActivateKeySigningKey operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ActivateKeySigningKey for more information on using the ActivateKeySigningKey -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ActivateKeySigningKeyRequest method. -// req, resp := client.ActivateKeySigningKeyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ActivateKeySigningKey -func (c *Route53) ActivateKeySigningKeyRequest(input *ActivateKeySigningKeyInput) (req *request.Request, output *ActivateKeySigningKeyOutput) { - op := &request.Operation{ - Name: opActivateKeySigningKey, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/keysigningkey/{HostedZoneId}/{Name}/activate", - } - - if input == nil { - input = &ActivateKeySigningKeyInput{} - } - - output = &ActivateKeySigningKeyOutput{} - req = c.newRequest(op, input, output) - return -} - -// ActivateKeySigningKey API operation for Amazon Route 53. -// -// Activates a key-signing key (KSK) so that it can be used for signing by DNSSEC. -// This operation changes the KSK status to ACTIVE. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ActivateKeySigningKey for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeNoSuchKeySigningKey "NoSuchKeySigningKey" -// The specified key-signing key (KSK) doesn't exist. -// -// - ErrCodeInvalidKeySigningKeyStatus "InvalidKeySigningKeyStatus" -// The key-signing key (KSK) status isn't valid or another KSK has the status -// INTERNAL_FAILURE. -// -// - ErrCodeInvalidSigningStatus "InvalidSigningStatus" -// Your hosted zone status isn't valid for this operation. In the hosted zone, -// change the status to enable DNSSEC or disable DNSSEC. -// -// - ErrCodeInvalidKMSArn "InvalidKMSArn" -// The KeyManagementServiceArn that you specified isn't valid to use with DNSSEC -// signing. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ActivateKeySigningKey -func (c *Route53) ActivateKeySigningKey(input *ActivateKeySigningKeyInput) (*ActivateKeySigningKeyOutput, error) { - req, out := c.ActivateKeySigningKeyRequest(input) - return out, req.Send() -} - -// ActivateKeySigningKeyWithContext is the same as ActivateKeySigningKey with the addition of -// the ability to pass a context and additional request options. -// -// See ActivateKeySigningKey for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ActivateKeySigningKeyWithContext(ctx aws.Context, input *ActivateKeySigningKeyInput, opts ...request.Option) (*ActivateKeySigningKeyOutput, error) { - req, out := c.ActivateKeySigningKeyRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opAssociateVPCWithHostedZone = "AssociateVPCWithHostedZone" - -// AssociateVPCWithHostedZoneRequest generates a "aws/request.Request" representing the -// client's request for the AssociateVPCWithHostedZone operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See AssociateVPCWithHostedZone for more information on using the AssociateVPCWithHostedZone -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the AssociateVPCWithHostedZoneRequest method. -// req, resp := client.AssociateVPCWithHostedZoneRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/AssociateVPCWithHostedZone -func (c *Route53) AssociateVPCWithHostedZoneRequest(input *AssociateVPCWithHostedZoneInput) (req *request.Request, output *AssociateVPCWithHostedZoneOutput) { - op := &request.Operation{ - Name: opAssociateVPCWithHostedZone, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone/{Id}/associatevpc", - } - - if input == nil { - input = &AssociateVPCWithHostedZoneInput{} - } - - output = &AssociateVPCWithHostedZoneOutput{} - req = c.newRequest(op, input, output) - return -} - -// AssociateVPCWithHostedZone API operation for Amazon Route 53. -// -// Associates an Amazon VPC with a private hosted zone. -// -// To perform the association, the VPC and the private hosted zone must already -// exist. You can't convert a public hosted zone into a private hosted zone. -// -// If you want to associate a VPC that was created by using one Amazon Web Services -// account with a private hosted zone that was created by using a different -// account, the Amazon Web Services account that created the private hosted -// zone must first submit a CreateVPCAssociationAuthorization request. Then -// the account that created the VPC must submit an AssociateVPCWithHostedZone -// request. -// -// When granting access, the hosted zone and the Amazon VPC must belong to the -// same partition. A partition is a group of Amazon Web Services Regions. Each -// Amazon Web Services account is scoped to one partition. -// -// The following are the supported partitions: -// -// - aws - Amazon Web Services Regions -// -// - aws-cn - China Regions -// -// - aws-us-gov - Amazon Web Services GovCloud (US) Region -// -// For more information, see Access Management (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) -// in the Amazon Web Services General Reference. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation AssociateVPCWithHostedZone for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeNotAuthorizedException "NotAuthorizedException" -// Associating the specified VPC with the specified hosted zone has not been -// authorized. -// -// - ErrCodeInvalidVPCId "InvalidVPCId" -// The VPC ID that you specified either isn't a valid ID or the current account -// is not authorized to access this VPC. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodePublicZoneVPCAssociation "PublicZoneVPCAssociation" -// You're trying to associate a VPC with a public hosted zone. Amazon Route -// 53 doesn't support associating a VPC with a public hosted zone. -// -// - ErrCodeConflictingDomainExists "ConflictingDomainExists" -// The cause of this error depends on the operation that you're performing: -// -// - Create a public hosted zone: Two hosted zones that have the same name -// or that have a parent/child relationship (example.com and test.example.com) -// can't have any common name servers. You tried to create a hosted zone -// that has the same name as an existing hosted zone or that's the parent -// or child of an existing hosted zone, and you specified a delegation set -// that shares one or more name servers with the existing hosted zone. For -// more information, see CreateReusableDelegationSet (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html). -// -// - Create a private hosted zone: A hosted zone with the specified name -// already exists and is already associated with the Amazon VPC that you -// specified. -// -// - Associate VPCs with a private hosted zone: The VPC that you specified -// is already associated with another hosted zone that has the same name. -// -// - ErrCodeLimitsExceeded "LimitsExceeded" -// This operation can't be completed because the current account has reached -// the limit on the resource you are trying to create. To request a higher limit, -// create a case (http://aws.amazon.com/route53-request) with the Amazon Web -// Services Support Center. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/AssociateVPCWithHostedZone -func (c *Route53) AssociateVPCWithHostedZone(input *AssociateVPCWithHostedZoneInput) (*AssociateVPCWithHostedZoneOutput, error) { - req, out := c.AssociateVPCWithHostedZoneRequest(input) - return out, req.Send() -} - -// AssociateVPCWithHostedZoneWithContext is the same as AssociateVPCWithHostedZone with the addition of -// the ability to pass a context and additional request options. -// -// See AssociateVPCWithHostedZone for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) AssociateVPCWithHostedZoneWithContext(ctx aws.Context, input *AssociateVPCWithHostedZoneInput, opts ...request.Option) (*AssociateVPCWithHostedZoneOutput, error) { - req, out := c.AssociateVPCWithHostedZoneRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opChangeCidrCollection = "ChangeCidrCollection" - -// ChangeCidrCollectionRequest generates a "aws/request.Request" representing the -// client's request for the ChangeCidrCollection operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ChangeCidrCollection for more information on using the ChangeCidrCollection -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ChangeCidrCollectionRequest method. -// req, resp := client.ChangeCidrCollectionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ChangeCidrCollection -func (c *Route53) ChangeCidrCollectionRequest(input *ChangeCidrCollectionInput) (req *request.Request, output *ChangeCidrCollectionOutput) { - op := &request.Operation{ - Name: opChangeCidrCollection, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/cidrcollection/{CidrCollectionId}", - } - - if input == nil { - input = &ChangeCidrCollectionInput{} - } - - output = &ChangeCidrCollectionOutput{} - req = c.newRequest(op, input, output) - return -} - -// ChangeCidrCollection API operation for Amazon Route 53. -// -// Creates, changes, or deletes CIDR blocks within a collection. Contains authoritative -// IP information mapping blocks to one or multiple locations. -// -// A change request can update multiple locations in a collection at a time, -// which is helpful if you want to move one or more CIDR blocks from one location -// to another in one transaction, without downtime. -// -// # Limits -// -// The max number of CIDR blocks included in the request is 1000. As a result, -// big updates require multiple API calls. -// -// PUT and DELETE_IF_EXISTS -// -// Use ChangeCidrCollection to perform the following actions: -// -// - PUT: Create a CIDR block within the specified collection. -// -// - DELETE_IF_EXISTS: Delete an existing CIDR block from the collection. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ChangeCidrCollection for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchCidrCollectionException "NoSuchCidrCollectionException" -// The CIDR collection you specified, doesn't exist. -// -// - ErrCodeCidrCollectionVersionMismatchException "CidrCollectionVersionMismatchException" -// The CIDR collection version you provided, doesn't match the one in the ListCidrCollections -// operation. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeCidrBlockInUseException "CidrBlockInUseException" -// This CIDR block is already in use. -// -// - ErrCodeLimitsExceeded "LimitsExceeded" -// This operation can't be completed because the current account has reached -// the limit on the resource you are trying to create. To request a higher limit, -// create a case (http://aws.amazon.com/route53-request) with the Amazon Web -// Services Support Center. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ChangeCidrCollection -func (c *Route53) ChangeCidrCollection(input *ChangeCidrCollectionInput) (*ChangeCidrCollectionOutput, error) { - req, out := c.ChangeCidrCollectionRequest(input) - return out, req.Send() -} - -// ChangeCidrCollectionWithContext is the same as ChangeCidrCollection with the addition of -// the ability to pass a context and additional request options. -// -// See ChangeCidrCollection for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ChangeCidrCollectionWithContext(ctx aws.Context, input *ChangeCidrCollectionInput, opts ...request.Option) (*ChangeCidrCollectionOutput, error) { - req, out := c.ChangeCidrCollectionRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opChangeResourceRecordSets = "ChangeResourceRecordSets" - -// ChangeResourceRecordSetsRequest generates a "aws/request.Request" representing the -// client's request for the ChangeResourceRecordSets operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ChangeResourceRecordSets for more information on using the ChangeResourceRecordSets -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ChangeResourceRecordSetsRequest method. -// req, resp := client.ChangeResourceRecordSetsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ChangeResourceRecordSets -func (c *Route53) ChangeResourceRecordSetsRequest(input *ChangeResourceRecordSetsInput) (req *request.Request, output *ChangeResourceRecordSetsOutput) { - op := &request.Operation{ - Name: opChangeResourceRecordSets, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone/{Id}/rrset/", - } - - if input == nil { - input = &ChangeResourceRecordSetsInput{} - } - - output = &ChangeResourceRecordSetsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ChangeResourceRecordSets API operation for Amazon Route 53. -// -// Creates, changes, or deletes a resource record set, which contains authoritative -// DNS information for a specified domain name or subdomain name. For example, -// you can use ChangeResourceRecordSets to create a resource record set that -// routes traffic for test.example.com to a web server that has an IP address -// of 192.0.2.44. -// -// # Deleting Resource Record Sets -// -// To delete a resource record set, you must specify all the same values that -// you specified when you created it. -// -// # Change Batches and Transactional Changes -// -// The request body must include a document with a ChangeResourceRecordSetsRequest -// element. The request body contains a list of change items, known as a change -// batch. Change batches are considered transactional changes. Route 53 validates -// the changes in the request and then either makes all or none of the changes -// in the change batch request. This ensures that DNS routing isn't adversely -// affected by partial changes to the resource record sets in a hosted zone. -// -// For example, suppose a change batch request contains two changes: it deletes -// the CNAME resource record set for www.example.com and creates an alias resource -// record set for www.example.com. If validation for both records succeeds, -// Route 53 deletes the first resource record set and creates the second resource -// record set in a single operation. If validation for either the DELETE or -// the CREATE action fails, then the request is canceled, and the original CNAME -// record continues to exist. -// -// If you try to delete the same resource record set more than once in a single -// change batch, Route 53 returns an InvalidChangeBatch error. -// -// # Traffic Flow -// -// To create resource record sets for complex routing configurations, use either -// the traffic flow visual editor in the Route 53 console or the API actions -// for traffic policies and traffic policy instances. Save the configuration -// as a traffic policy, then associate the traffic policy with one or more domain -// names (such as example.com) or subdomain names (such as www.example.com), -// in the same hosted zone or in multiple hosted zones. You can roll back the -// updates if the new configuration isn't performing as expected. For more information, -// see Using Traffic Flow to Route DNS Traffic (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/traffic-flow.html) -// in the Amazon Route 53 Developer Guide. -// -// # Create, Delete, and Upsert -// -// Use ChangeResourceRecordsSetsRequest to perform the following actions: -// -// - CREATE: Creates a resource record set that has the specified values. -// -// - DELETE: Deletes an existing resource record set that has the specified -// values. -// -// - UPSERT: If a resource set doesn't exist, Route 53 creates it. If a resource -// set exists Route 53 updates it with the values in the request. -// -// # Syntaxes for Creating, Updating, and Deleting Resource Record Sets -// -// The syntax for a request depends on the type of resource record set that -// you want to create, delete, or update, such as weighted, alias, or failover. -// The XML elements in your request must appear in the order listed in the syntax. -// -// For an example for each type of resource record set, see "Examples." -// -// Don't refer to the syntax in the "Parameter Syntax" section, which includes -// all of the elements for every kind of resource record set that you can create, -// delete, or update by using ChangeResourceRecordSets. -// -// # Change Propagation to Route 53 DNS Servers -// -// When you submit a ChangeResourceRecordSets request, Route 53 propagates your -// changes to all of the Route 53 authoritative DNS servers managing the hosted -// zone. While your changes are propagating, GetChange returns a status of PENDING. -// When propagation is complete, GetChange returns a status of INSYNC. Changes -// generally propagate to all Route 53 name servers managing the hosted zone -// within 60 seconds. For more information, see GetChange (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetChange.html). -// -// # Limits on ChangeResourceRecordSets Requests -// -// For information about the limits on a ChangeResourceRecordSets request, see -// Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) -// in the Amazon Route 53 Developer Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ChangeResourceRecordSets for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeInvalidChangeBatch "InvalidChangeBatch" -// This exception contains a list of messages that might contain one or more -// error messages. Each error message indicates one error in the change batch. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ChangeResourceRecordSets -func (c *Route53) ChangeResourceRecordSets(input *ChangeResourceRecordSetsInput) (*ChangeResourceRecordSetsOutput, error) { - req, out := c.ChangeResourceRecordSetsRequest(input) - return out, req.Send() -} - -// ChangeResourceRecordSetsWithContext is the same as ChangeResourceRecordSets with the addition of -// the ability to pass a context and additional request options. -// -// See ChangeResourceRecordSets for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ChangeResourceRecordSetsWithContext(ctx aws.Context, input *ChangeResourceRecordSetsInput, opts ...request.Option) (*ChangeResourceRecordSetsOutput, error) { - req, out := c.ChangeResourceRecordSetsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opChangeTagsForResource = "ChangeTagsForResource" - -// ChangeTagsForResourceRequest generates a "aws/request.Request" representing the -// client's request for the ChangeTagsForResource operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ChangeTagsForResource for more information on using the ChangeTagsForResource -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ChangeTagsForResourceRequest method. -// req, resp := client.ChangeTagsForResourceRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ChangeTagsForResource -func (c *Route53) ChangeTagsForResourceRequest(input *ChangeTagsForResourceInput) (req *request.Request, output *ChangeTagsForResourceOutput) { - op := &request.Operation{ - Name: opChangeTagsForResource, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/tags/{ResourceType}/{ResourceId}", - } - - if input == nil { - input = &ChangeTagsForResourceInput{} - } - - output = &ChangeTagsForResourceOutput{} - req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// ChangeTagsForResource API operation for Amazon Route 53. -// -// Adds, edits, or deletes tags for a health check or a hosted zone. -// -// For information about using tags for cost allocation, see Using Cost Allocation -// Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) -// in the Billing and Cost Management User Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ChangeTagsForResource for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// - ErrCodeThrottlingException "ThrottlingException" -// The limit on the number of requests per second was exceeded. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ChangeTagsForResource -func (c *Route53) ChangeTagsForResource(input *ChangeTagsForResourceInput) (*ChangeTagsForResourceOutput, error) { - req, out := c.ChangeTagsForResourceRequest(input) - return out, req.Send() -} - -// ChangeTagsForResourceWithContext is the same as ChangeTagsForResource with the addition of -// the ability to pass a context and additional request options. -// -// See ChangeTagsForResource for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ChangeTagsForResourceWithContext(ctx aws.Context, input *ChangeTagsForResourceInput, opts ...request.Option) (*ChangeTagsForResourceOutput, error) { - req, out := c.ChangeTagsForResourceRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateCidrCollection = "CreateCidrCollection" - -// CreateCidrCollectionRequest generates a "aws/request.Request" representing the -// client's request for the CreateCidrCollection operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateCidrCollection for more information on using the CreateCidrCollection -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateCidrCollectionRequest method. -// req, resp := client.CreateCidrCollectionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateCidrCollection -func (c *Route53) CreateCidrCollectionRequest(input *CreateCidrCollectionInput) (req *request.Request, output *CreateCidrCollectionOutput) { - op := &request.Operation{ - Name: opCreateCidrCollection, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/cidrcollection", - } - - if input == nil { - input = &CreateCidrCollectionInput{} - } - - output = &CreateCidrCollectionOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateCidrCollection API operation for Amazon Route 53. -// -// Creates a CIDR collection in the current Amazon Web Services account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateCidrCollection for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeLimitsExceeded "LimitsExceeded" -// This operation can't be completed because the current account has reached -// the limit on the resource you are trying to create. To request a higher limit, -// create a case (http://aws.amazon.com/route53-request) with the Amazon Web -// Services Support Center. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeCidrCollectionAlreadyExistsException "CidrCollectionAlreadyExistsException" -// A CIDR collection with this name and a different caller reference already -// exists in this account. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateCidrCollection -func (c *Route53) CreateCidrCollection(input *CreateCidrCollectionInput) (*CreateCidrCollectionOutput, error) { - req, out := c.CreateCidrCollectionRequest(input) - return out, req.Send() -} - -// CreateCidrCollectionWithContext is the same as CreateCidrCollection with the addition of -// the ability to pass a context and additional request options. -// -// See CreateCidrCollection for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateCidrCollectionWithContext(ctx aws.Context, input *CreateCidrCollectionInput, opts ...request.Option) (*CreateCidrCollectionOutput, error) { - req, out := c.CreateCidrCollectionRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateHealthCheck = "CreateHealthCheck" - -// CreateHealthCheckRequest generates a "aws/request.Request" representing the -// client's request for the CreateHealthCheck operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateHealthCheck for more information on using the CreateHealthCheck -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateHealthCheckRequest method. -// req, resp := client.CreateHealthCheckRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateHealthCheck -func (c *Route53) CreateHealthCheckRequest(input *CreateHealthCheckInput) (req *request.Request, output *CreateHealthCheckOutput) { - op := &request.Operation{ - Name: opCreateHealthCheck, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/healthcheck", - } - - if input == nil { - input = &CreateHealthCheckInput{} - } - - output = &CreateHealthCheckOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateHealthCheck API operation for Amazon Route 53. -// -// Creates a new health check. -// -// For information about adding health checks to resource record sets, see HealthCheckId -// (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ResourceRecordSet.html#Route53-Type-ResourceRecordSet-HealthCheckId) -// in ChangeResourceRecordSets (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ChangeResourceRecordSets.html). -// -// # ELB Load Balancers -// -// If you're registering EC2 instances with an Elastic Load Balancing (ELB) -// load balancer, do not create Amazon Route 53 health checks for the EC2 instances. -// When you register an EC2 instance with a load balancer, you configure settings -// for an ELB health check, which performs a similar function to a Route 53 -// health check. -// -// # Private Hosted Zones -// -// You can associate health checks with failover resource record sets in a private -// hosted zone. Note the following: -// -// - Route 53 health checkers are outside the VPC. To check the health of -// an endpoint within a VPC by IP address, you must assign a public IP address -// to the instance in the VPC. -// -// - You can configure a health checker to check the health of an external -// resource that the instance relies on, such as a database server. -// -// - You can create a CloudWatch metric, associate an alarm with the metric, -// and then create a health check that is based on the state of the alarm. -// For example, you might create a CloudWatch metric that checks the status -// of the Amazon EC2 StatusCheckFailed metric, add an alarm to the metric, -// and then create a health check that is based on the state of the alarm. -// For information about creating CloudWatch metrics and alarms by using -// the CloudWatch console, see the Amazon CloudWatch User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/WhatIsCloudWatch.html). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateHealthCheck for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeTooManyHealthChecks "TooManyHealthChecks" -// This health check can't be created because the current account has reached -// the limit on the number of active health checks. -// -// For information about default limits, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) -// in the Amazon Route 53 Developer Guide. -// -// For information about how to get the current limit for an account, see GetAccountLimit -// (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html). -// To request a higher limit, create a case (http://aws.amazon.com/route53-request) -// with the Amazon Web Services Support Center. -// -// You have reached the maximum number of active health checks for an Amazon -// Web Services account. To request a higher limit, create a case (http://aws.amazon.com/route53-request) -// with the Amazon Web Services Support Center. -// -// - ErrCodeHealthCheckAlreadyExists "HealthCheckAlreadyExists" -// The health check you're attempting to create already exists. Amazon Route -// 53 returns this error when you submit a request that has the following values: -// -// - The same value for CallerReference as an existing health check, and -// one or more values that differ from the existing health check that has -// the same caller reference. -// -// - The same value for CallerReference as a health check that you created -// and later deleted, regardless of the other settings in the request. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateHealthCheck -func (c *Route53) CreateHealthCheck(input *CreateHealthCheckInput) (*CreateHealthCheckOutput, error) { - req, out := c.CreateHealthCheckRequest(input) - return out, req.Send() -} - -// CreateHealthCheckWithContext is the same as CreateHealthCheck with the addition of -// the ability to pass a context and additional request options. -// -// See CreateHealthCheck for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateHealthCheckWithContext(ctx aws.Context, input *CreateHealthCheckInput, opts ...request.Option) (*CreateHealthCheckOutput, error) { - req, out := c.CreateHealthCheckRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateHostedZone = "CreateHostedZone" - -// CreateHostedZoneRequest generates a "aws/request.Request" representing the -// client's request for the CreateHostedZone operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateHostedZone for more information on using the CreateHostedZone -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateHostedZoneRequest method. -// req, resp := client.CreateHostedZoneRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateHostedZone -func (c *Route53) CreateHostedZoneRequest(input *CreateHostedZoneInput) (req *request.Request, output *CreateHostedZoneOutput) { - op := &request.Operation{ - Name: opCreateHostedZone, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone", - } - - if input == nil { - input = &CreateHostedZoneInput{} - } - - output = &CreateHostedZoneOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateHostedZone API operation for Amazon Route 53. -// -// Creates a new public or private hosted zone. You create records in a public -// hosted zone to define how you want to route traffic on the internet for a -// domain, such as example.com, and its subdomains (apex.example.com, acme.example.com). -// You create records in a private hosted zone to define how you want to route -// traffic for a domain and its subdomains within one or more Amazon Virtual -// Private Clouds (Amazon VPCs). -// -// You can't convert a public hosted zone to a private hosted zone or vice versa. -// Instead, you must create a new hosted zone with the same name and create -// new resource record sets. -// -// For more information about charges for hosted zones, see Amazon Route 53 -// Pricing (http://aws.amazon.com/route53/pricing/). -// -// Note the following: -// -// - You can't create a hosted zone for a top-level domain (TLD) such as -// .com. -// -// - For public hosted zones, Route 53 automatically creates a default SOA -// record and four NS records for the zone. For more information about SOA -// and NS records, see NS and SOA Records that Route 53 Creates for a Hosted -// Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/SOA-NSrecords.html) -// in the Amazon Route 53 Developer Guide. If you want to use the same name -// servers for multiple public hosted zones, you can optionally associate -// a reusable delegation set with the hosted zone. See the DelegationSetId -// element. -// -// - If your domain is registered with a registrar other than Route 53, you -// must update the name servers with your registrar to make Route 53 the -// DNS service for the domain. For more information, see Migrating DNS Service -// for an Existing Domain to Amazon Route 53 (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/MigratingDNS.html) -// in the Amazon Route 53 Developer Guide. -// -// When you submit a CreateHostedZone request, the initial status of the hosted -// zone is PENDING. For public hosted zones, this means that the NS and SOA -// records are not yet available on all Route 53 DNS servers. When the NS and -// SOA records are available, the status of the zone changes to INSYNC. -// -// The CreateHostedZone request requires the caller to have an ec2:DescribeVpcs -// permission. -// -// When creating private hosted zones, the Amazon VPC must belong to the same -// partition where the hosted zone is created. A partition is a group of Amazon -// Web Services Regions. Each Amazon Web Services account is scoped to one partition. -// -// The following are the supported partitions: -// -// - aws - Amazon Web Services Regions -// -// - aws-cn - China Regions -// -// - aws-us-gov - Amazon Web Services GovCloud (US) Region -// -// For more information, see Access Management (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) -// in the Amazon Web Services General Reference. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateHostedZone for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidDomainName "InvalidDomainName" -// The specified domain name is not valid. -// -// - ErrCodeHostedZoneAlreadyExists "HostedZoneAlreadyExists" -// The hosted zone you're trying to create already exists. Amazon Route 53 returns -// this error when a hosted zone has already been created with the specified -// CallerReference. -// -// - ErrCodeTooManyHostedZones "TooManyHostedZones" -// This operation can't be completed either because the current account has -// reached the limit on the number of hosted zones or because you've reached -// the limit on the number of hosted zones that can be associated with a reusable -// delegation set. -// -// For information about default limits, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) -// in the Amazon Route 53 Developer Guide. -// -// To get the current limit on hosted zones that can be created by an account, -// see GetAccountLimit (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html). -// -// To get the current limit on hosted zones that can be associated with a reusable -// delegation set, see GetReusableDelegationSetLimit (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetReusableDelegationSetLimit.html). -// -// To request a higher limit, create a case (http://aws.amazon.com/route53-request) -// with the Amazon Web Services Support Center. -// -// - ErrCodeInvalidVPCId "InvalidVPCId" -// The VPC ID that you specified either isn't a valid ID or the current account -// is not authorized to access this VPC. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeDelegationSetNotAvailable "DelegationSetNotAvailable" -// You can create a hosted zone that has the same name as an existing hosted -// zone (example.com is common), but there is a limit to the number of hosted -// zones that have the same name. If you get this error, Amazon Route 53 has -// reached that limit. If you own the domain name and Route 53 generates this -// error, contact Customer Support. -// -// - ErrCodeConflictingDomainExists "ConflictingDomainExists" -// The cause of this error depends on the operation that you're performing: -// -// - Create a public hosted zone: Two hosted zones that have the same name -// or that have a parent/child relationship (example.com and test.example.com) -// can't have any common name servers. You tried to create a hosted zone -// that has the same name as an existing hosted zone or that's the parent -// or child of an existing hosted zone, and you specified a delegation set -// that shares one or more name servers with the existing hosted zone. For -// more information, see CreateReusableDelegationSet (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html). -// -// - Create a private hosted zone: A hosted zone with the specified name -// already exists and is already associated with the Amazon VPC that you -// specified. -// -// - Associate VPCs with a private hosted zone: The VPC that you specified -// is already associated with another hosted zone that has the same name. -// -// - ErrCodeNoSuchDelegationSet "NoSuchDelegationSet" -// A reusable delegation set with the specified ID does not exist. -// -// - ErrCodeDelegationSetNotReusable "DelegationSetNotReusable" -// A reusable delegation set with the specified ID does not exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateHostedZone -func (c *Route53) CreateHostedZone(input *CreateHostedZoneInput) (*CreateHostedZoneOutput, error) { - req, out := c.CreateHostedZoneRequest(input) - return out, req.Send() -} - -// CreateHostedZoneWithContext is the same as CreateHostedZone with the addition of -// the ability to pass a context and additional request options. -// -// See CreateHostedZone for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateHostedZoneWithContext(ctx aws.Context, input *CreateHostedZoneInput, opts ...request.Option) (*CreateHostedZoneOutput, error) { - req, out := c.CreateHostedZoneRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateKeySigningKey = "CreateKeySigningKey" - -// CreateKeySigningKeyRequest generates a "aws/request.Request" representing the -// client's request for the CreateKeySigningKey operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateKeySigningKey for more information on using the CreateKeySigningKey -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateKeySigningKeyRequest method. -// req, resp := client.CreateKeySigningKeyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateKeySigningKey -func (c *Route53) CreateKeySigningKeyRequest(input *CreateKeySigningKeyInput) (req *request.Request, output *CreateKeySigningKeyOutput) { - op := &request.Operation{ - Name: opCreateKeySigningKey, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/keysigningkey", - } - - if input == nil { - input = &CreateKeySigningKeyInput{} - } - - output = &CreateKeySigningKeyOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateKeySigningKey API operation for Amazon Route 53. -// -// Creates a new key-signing key (KSK) associated with a hosted zone. You can -// only have two KSKs per hosted zone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateKeySigningKey for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidArgument "InvalidArgument" -// Parameter name is not valid. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeInvalidKMSArn "InvalidKMSArn" -// The KeyManagementServiceArn that you specified isn't valid to use with DNSSEC -// signing. -// -// - ErrCodeInvalidKeySigningKeyStatus "InvalidKeySigningKeyStatus" -// The key-signing key (KSK) status isn't valid or another KSK has the status -// INTERNAL_FAILURE. -// -// - ErrCodeInvalidSigningStatus "InvalidSigningStatus" -// Your hosted zone status isn't valid for this operation. In the hosted zone, -// change the status to enable DNSSEC or disable DNSSEC. -// -// - ErrCodeInvalidKeySigningKeyName "InvalidKeySigningKeyName" -// The key-signing key (KSK) name that you specified isn't a valid name. -// -// - ErrCodeKeySigningKeyAlreadyExists "KeySigningKeyAlreadyExists" -// You've already created a key-signing key (KSK) with this name or with the -// same customer managed key ARN. -// -// - ErrCodeTooManyKeySigningKeys "TooManyKeySigningKeys" -// You've reached the limit for the number of key-signing keys (KSKs). Remove -// at least one KSK, and then try again. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateKeySigningKey -func (c *Route53) CreateKeySigningKey(input *CreateKeySigningKeyInput) (*CreateKeySigningKeyOutput, error) { - req, out := c.CreateKeySigningKeyRequest(input) - return out, req.Send() -} - -// CreateKeySigningKeyWithContext is the same as CreateKeySigningKey with the addition of -// the ability to pass a context and additional request options. -// -// See CreateKeySigningKey for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateKeySigningKeyWithContext(ctx aws.Context, input *CreateKeySigningKeyInput, opts ...request.Option) (*CreateKeySigningKeyOutput, error) { - req, out := c.CreateKeySigningKeyRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateQueryLoggingConfig = "CreateQueryLoggingConfig" - -// CreateQueryLoggingConfigRequest generates a "aws/request.Request" representing the -// client's request for the CreateQueryLoggingConfig operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateQueryLoggingConfig for more information on using the CreateQueryLoggingConfig -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateQueryLoggingConfigRequest method. -// req, resp := client.CreateQueryLoggingConfigRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateQueryLoggingConfig -func (c *Route53) CreateQueryLoggingConfigRequest(input *CreateQueryLoggingConfigInput) (req *request.Request, output *CreateQueryLoggingConfigOutput) { - op := &request.Operation{ - Name: opCreateQueryLoggingConfig, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/queryloggingconfig", - } - - if input == nil { - input = &CreateQueryLoggingConfigInput{} - } - - output = &CreateQueryLoggingConfigOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateQueryLoggingConfig API operation for Amazon Route 53. -// -// Creates a configuration for DNS query logging. After you create a query logging -// configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch -// Logs log group. -// -// DNS query logs contain information about the queries that Route 53 receives -// for a specified public hosted zone, such as the following: -// -// - Route 53 edge location that responded to the DNS query -// -// - Domain or subdomain that was requested -// -// - DNS record type, such as A or AAAA -// -// - DNS response code, such as NoError or ServFail -// -// # Log Group and Resource Policy -// -// Before you create a query logging configuration, perform the following operations. -// -// If you create a query logging configuration using the Route 53 console, Route -// 53 performs these operations automatically. -// -// Create a CloudWatch Logs log group, and make note of the ARN, which you specify -// when you create a query logging configuration. Note the following: -// -// - You must create the log group in the us-east-1 region. -// -// - You must use the same Amazon Web Services account to create the log -// group and the hosted zone that you want to configure query logging for. -// -// - When you create log groups for query logging, we recommend that you -// use a consistent prefix, for example: /aws/route53/hosted zone name In -// the next step, you'll create a resource policy, which controls access -// to one or more log groups and the associated Amazon Web Services resources, -// such as Route 53 hosted zones. There's a limit on the number of resource -// policies that you can create, so we recommend that you use a consistent -// prefix so you can use the same resource policy for all the log groups -// that you create for query logging. -// -// Create a CloudWatch Logs resource policy, and give it the permissions that -// Route 53 needs to create log streams and to send query logs to log streams. -// For the value of Resource, specify the ARN for the log group that you created -// in the previous step. To use the same resource policy for all the CloudWatch -// Logs log groups that you created for query logging configurations, replace -// the hosted zone name with *, for example: -// -// arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/* -// -// To avoid the confused deputy problem, a security issue where an entity without -// a permission for an action can coerce a more-privileged entity to perform -// it, you can optionally limit the permissions that a service has to a resource -// in a resource-based policy by supplying the following values: -// -// - For aws:SourceArn, supply the hosted zone ARN used in creating the query -// logging configuration. For example, aws:SourceArn: arn:aws:route53:::hostedzone/hosted -// zone ID. -// -// - For aws:SourceAccount, supply the account ID for the account that creates -// the query logging configuration. For example, aws:SourceAccount:111111111111. -// -// For more information, see The confused deputy problem (https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) -// in the Amazon Web Services IAM User Guide. -// -// You can't use the CloudWatch console to create or edit a resource policy. -// You must use the CloudWatch API, one of the Amazon Web Services SDKs, or -// the CLI. -// -// # Log Streams and Edge Locations -// -// When Route 53 finishes creating the configuration for DNS query logging, -// it does the following: -// -// - Creates a log stream for an edge location the first time that the edge -// location responds to DNS queries for the specified hosted zone. That log -// stream is used to log all queries that Route 53 responds to for that edge -// location. -// -// - Begins to send query logs to the applicable log stream. -// -// The name of each log stream is in the following format: -// -// hosted zone ID/edge location code -// -// The edge location code is a three-letter code and an arbitrarily assigned -// number, for example, DFW3. The three-letter code typically corresponds with -// the International Air Transport Association airport code for an airport near -// the edge location. (These abbreviations might change in the future.) For -// a list of edge locations, see "The Route 53 Global Network" on the Route -// 53 Product Details (http://aws.amazon.com/route53/details/) page. -// -// # Queries That Are Logged -// -// Query logs contain only the queries that DNS resolvers forward to Route 53. -// If a DNS resolver has already cached the response to a query (such as the -// IP address for a load balancer for example.com), the resolver will continue -// to return the cached response. It doesn't forward another query to Route -// 53 until the TTL for the corresponding resource record set expires. Depending -// on how many DNS queries are submitted for a resource record set, and depending -// on the TTL for that resource record set, query logs might contain information -// about only one query out of every several thousand queries that are submitted -// to DNS. For more information about how DNS works, see Routing Internet Traffic -// to Your Website or Web Application (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) -// in the Amazon Route 53 Developer Guide. -// -// # Log File Format -// -// For a list of the values in each query log and the format of each value, -// see Logging DNS Queries (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) -// in the Amazon Route 53 Developer Guide. -// -// # Pricing -// -// For information about charges for query logs, see Amazon CloudWatch Pricing -// (http://aws.amazon.com/cloudwatch/pricing/). -// -// # How to Stop Logging -// -// If you want Route 53 to stop sending query logs to CloudWatch Logs, delete -// the query logging configuration. For more information, see DeleteQueryLoggingConfig -// (https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateQueryLoggingConfig for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeNoSuchCloudWatchLogsLogGroup "NoSuchCloudWatchLogsLogGroup" -// There is no CloudWatch Logs log group with the specified ARN. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeQueryLoggingConfigAlreadyExists "QueryLoggingConfigAlreadyExists" -// You can create only one query logging configuration for a hosted zone, and -// a query logging configuration already exists for this hosted zone. -// -// - ErrCodeInsufficientCloudWatchLogsResourcePolicy "InsufficientCloudWatchLogsResourcePolicy" -// Amazon Route 53 doesn't have the permissions required to create log streams -// and send query logs to log streams. Possible causes include the following: -// -// - There is no resource policy that specifies the log group ARN in the -// value for Resource. -// -// - The resource policy that includes the log group ARN in the value for -// Resource doesn't have the necessary permissions. -// -// - The resource policy hasn't finished propagating yet. -// -// - The Key management service (KMS) key you specified doesn’t exist or -// it can’t be used with the log group associated with query log. Update -// or provide a resource policy to grant permissions for the KMS key. -// -// - The Key management service (KMS) key you specified is marked as disabled -// for the log group associated with query log. Update or provide a resource -// policy to grant permissions for the KMS key. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateQueryLoggingConfig -func (c *Route53) CreateQueryLoggingConfig(input *CreateQueryLoggingConfigInput) (*CreateQueryLoggingConfigOutput, error) { - req, out := c.CreateQueryLoggingConfigRequest(input) - return out, req.Send() -} - -// CreateQueryLoggingConfigWithContext is the same as CreateQueryLoggingConfig with the addition of -// the ability to pass a context and additional request options. -// -// See CreateQueryLoggingConfig for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateQueryLoggingConfigWithContext(ctx aws.Context, input *CreateQueryLoggingConfigInput, opts ...request.Option) (*CreateQueryLoggingConfigOutput, error) { - req, out := c.CreateQueryLoggingConfigRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateReusableDelegationSet = "CreateReusableDelegationSet" - -// CreateReusableDelegationSetRequest generates a "aws/request.Request" representing the -// client's request for the CreateReusableDelegationSet operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateReusableDelegationSet for more information on using the CreateReusableDelegationSet -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateReusableDelegationSetRequest method. -// req, resp := client.CreateReusableDelegationSetRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateReusableDelegationSet -func (c *Route53) CreateReusableDelegationSetRequest(input *CreateReusableDelegationSetInput) (req *request.Request, output *CreateReusableDelegationSetOutput) { - op := &request.Operation{ - Name: opCreateReusableDelegationSet, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/delegationset", - } - - if input == nil { - input = &CreateReusableDelegationSetInput{} - } - - output = &CreateReusableDelegationSetOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateReusableDelegationSet API operation for Amazon Route 53. -// -// Creates a delegation set (a group of four name servers) that can be reused -// by multiple hosted zones that were created by the same Amazon Web Services -// account. -// -// You can also create a reusable delegation set that uses the four name servers -// that are associated with an existing hosted zone. Specify the hosted zone -// ID in the CreateReusableDelegationSet request. -// -// You can't associate a reusable delegation set with a private hosted zone. -// -// For information about using a reusable delegation set to configure white -// label name servers, see Configuring White Label Name Servers (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/white-label-name-servers.html). -// -// The process for migrating existing hosted zones to use a reusable delegation -// set is comparable to the process for configuring white label name servers. -// You need to perform the following steps: -// -// Create a reusable delegation set. -// -// Recreate hosted zones, and reduce the TTL to 60 seconds or less. -// -// Recreate resource record sets in the new hosted zones. -// -// Change the registrar's name servers to use the name servers for the new hosted -// zones. -// -// Monitor traffic for the website or application. -// -// Change TTLs back to their original values. -// -// If you want to migrate existing hosted zones to use a reusable delegation -// set, the existing hosted zones can't use any of the name servers that are -// assigned to the reusable delegation set. If one or more hosted zones do use -// one or more name servers that are assigned to the reusable delegation set, -// you can do one of the following: -// -// - For small numbers of hosted zones—up to a few hundred—it's relatively -// easy to create reusable delegation sets until you get one that has four -// name servers that don't overlap with any of the name servers in your hosted -// zones. -// -// - For larger numbers of hosted zones, the easiest solution is to use more -// than one reusable delegation set. -// -// - For larger numbers of hosted zones, you can also migrate hosted zones -// that have overlapping name servers to hosted zones that don't have overlapping -// name servers, then migrate the hosted zones again to use the reusable -// delegation set. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateReusableDelegationSet for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeDelegationSetAlreadyCreated "DelegationSetAlreadyCreated" -// A delegation set with the same owner and caller reference combination has -// already been created. -// -// - ErrCodeLimitsExceeded "LimitsExceeded" -// This operation can't be completed because the current account has reached -// the limit on the resource you are trying to create. To request a higher limit, -// create a case (http://aws.amazon.com/route53-request) with the Amazon Web -// Services Support Center. -// -// - ErrCodeHostedZoneNotFound "HostedZoneNotFound" -// The specified HostedZone can't be found. -// -// - ErrCodeInvalidArgument "InvalidArgument" -// Parameter name is not valid. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeDelegationSetNotAvailable "DelegationSetNotAvailable" -// You can create a hosted zone that has the same name as an existing hosted -// zone (example.com is common), but there is a limit to the number of hosted -// zones that have the same name. If you get this error, Amazon Route 53 has -// reached that limit. If you own the domain name and Route 53 generates this -// error, contact Customer Support. -// -// - ErrCodeDelegationSetAlreadyReusable "DelegationSetAlreadyReusable" -// The specified delegation set has already been marked as reusable. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateReusableDelegationSet -func (c *Route53) CreateReusableDelegationSet(input *CreateReusableDelegationSetInput) (*CreateReusableDelegationSetOutput, error) { - req, out := c.CreateReusableDelegationSetRequest(input) - return out, req.Send() -} - -// CreateReusableDelegationSetWithContext is the same as CreateReusableDelegationSet with the addition of -// the ability to pass a context and additional request options. -// -// See CreateReusableDelegationSet for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateReusableDelegationSetWithContext(ctx aws.Context, input *CreateReusableDelegationSetInput, opts ...request.Option) (*CreateReusableDelegationSetOutput, error) { - req, out := c.CreateReusableDelegationSetRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateTrafficPolicy = "CreateTrafficPolicy" - -// CreateTrafficPolicyRequest generates a "aws/request.Request" representing the -// client's request for the CreateTrafficPolicy operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateTrafficPolicy for more information on using the CreateTrafficPolicy -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateTrafficPolicyRequest method. -// req, resp := client.CreateTrafficPolicyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateTrafficPolicy -func (c *Route53) CreateTrafficPolicyRequest(input *CreateTrafficPolicyInput) (req *request.Request, output *CreateTrafficPolicyOutput) { - op := &request.Operation{ - Name: opCreateTrafficPolicy, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/trafficpolicy", - } - - if input == nil { - input = &CreateTrafficPolicyInput{} - } - - output = &CreateTrafficPolicyOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateTrafficPolicy API operation for Amazon Route 53. -// -// Creates a traffic policy, which you use to create multiple DNS resource record -// sets for one domain name (such as example.com) or one subdomain name (such -// as www.example.com). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateTrafficPolicy for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeTooManyTrafficPolicies "TooManyTrafficPolicies" -// This traffic policy can't be created because the current account has reached -// the limit on the number of traffic policies. -// -// For information about default limits, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) -// in the Amazon Route 53 Developer Guide. -// -// To get the current limit for an account, see GetAccountLimit (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html). -// -// To request a higher limit, create a case (http://aws.amazon.com/route53-request) -// with the Amazon Web Services Support Center. -// -// - ErrCodeTrafficPolicyAlreadyExists "TrafficPolicyAlreadyExists" -// A traffic policy that has the same value for Name already exists. -// -// - ErrCodeInvalidTrafficPolicyDocument "InvalidTrafficPolicyDocument" -// The format of the traffic policy document that you specified in the Document -// element is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateTrafficPolicy -func (c *Route53) CreateTrafficPolicy(input *CreateTrafficPolicyInput) (*CreateTrafficPolicyOutput, error) { - req, out := c.CreateTrafficPolicyRequest(input) - return out, req.Send() -} - -// CreateTrafficPolicyWithContext is the same as CreateTrafficPolicy with the addition of -// the ability to pass a context and additional request options. -// -// See CreateTrafficPolicy for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateTrafficPolicyWithContext(ctx aws.Context, input *CreateTrafficPolicyInput, opts ...request.Option) (*CreateTrafficPolicyOutput, error) { - req, out := c.CreateTrafficPolicyRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateTrafficPolicyInstance = "CreateTrafficPolicyInstance" - -// CreateTrafficPolicyInstanceRequest generates a "aws/request.Request" representing the -// client's request for the CreateTrafficPolicyInstance operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateTrafficPolicyInstance for more information on using the CreateTrafficPolicyInstance -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateTrafficPolicyInstanceRequest method. -// req, resp := client.CreateTrafficPolicyInstanceRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateTrafficPolicyInstance -func (c *Route53) CreateTrafficPolicyInstanceRequest(input *CreateTrafficPolicyInstanceInput) (req *request.Request, output *CreateTrafficPolicyInstanceOutput) { - op := &request.Operation{ - Name: opCreateTrafficPolicyInstance, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/trafficpolicyinstance", - } - - if input == nil { - input = &CreateTrafficPolicyInstanceInput{} - } - - output = &CreateTrafficPolicyInstanceOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateTrafficPolicyInstance API operation for Amazon Route 53. -// -// Creates resource record sets in a specified hosted zone based on the settings -// in a specified traffic policy version. In addition, CreateTrafficPolicyInstance -// associates the resource record sets with a specified domain name (such as -// example.com) or subdomain name (such as www.example.com). Amazon Route 53 -// responds to DNS queries for the domain or subdomain name by using the resource -// record sets that CreateTrafficPolicyInstance created. -// -// After you submit an CreateTrafficPolicyInstance request, there's a brief -// delay while Amazon Route 53 creates the resource record sets that are specified -// in the traffic policy definition. Use GetTrafficPolicyInstance with the id -// of new traffic policy instance to confirm that the CreateTrafficPolicyInstance -// request completed successfully. For more information, see the State response -// element. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateTrafficPolicyInstance for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeTooManyTrafficPolicyInstances "TooManyTrafficPolicyInstances" -// This traffic policy instance can't be created because the current account -// has reached the limit on the number of traffic policy instances. -// -// For information about default limits, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) -// in the Amazon Route 53 Developer Guide. -// -// For information about how to get the current limit for an account, see GetAccountLimit -// (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html). -// -// To request a higher limit, create a case (http://aws.amazon.com/route53-request) -// with the Amazon Web Services Support Center. -// -// - ErrCodeNoSuchTrafficPolicy "NoSuchTrafficPolicy" -// No traffic policy exists with the specified ID. -// -// - ErrCodeTrafficPolicyInstanceAlreadyExists "TrafficPolicyInstanceAlreadyExists" -// There is already a traffic policy instance with the specified ID. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateTrafficPolicyInstance -func (c *Route53) CreateTrafficPolicyInstance(input *CreateTrafficPolicyInstanceInput) (*CreateTrafficPolicyInstanceOutput, error) { - req, out := c.CreateTrafficPolicyInstanceRequest(input) - return out, req.Send() -} - -// CreateTrafficPolicyInstanceWithContext is the same as CreateTrafficPolicyInstance with the addition of -// the ability to pass a context and additional request options. -// -// See CreateTrafficPolicyInstance for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateTrafficPolicyInstanceWithContext(ctx aws.Context, input *CreateTrafficPolicyInstanceInput, opts ...request.Option) (*CreateTrafficPolicyInstanceOutput, error) { - req, out := c.CreateTrafficPolicyInstanceRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateTrafficPolicyVersion = "CreateTrafficPolicyVersion" - -// CreateTrafficPolicyVersionRequest generates a "aws/request.Request" representing the -// client's request for the CreateTrafficPolicyVersion operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateTrafficPolicyVersion for more information on using the CreateTrafficPolicyVersion -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateTrafficPolicyVersionRequest method. -// req, resp := client.CreateTrafficPolicyVersionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateTrafficPolicyVersion -func (c *Route53) CreateTrafficPolicyVersionRequest(input *CreateTrafficPolicyVersionInput) (req *request.Request, output *CreateTrafficPolicyVersionOutput) { - op := &request.Operation{ - Name: opCreateTrafficPolicyVersion, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/trafficpolicy/{Id}", - } - - if input == nil { - input = &CreateTrafficPolicyVersionInput{} - } - - output = &CreateTrafficPolicyVersionOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateTrafficPolicyVersion API operation for Amazon Route 53. -// -// Creates a new version of an existing traffic policy. When you create a new -// version of a traffic policy, you specify the ID of the traffic policy that -// you want to update and a JSON-formatted document that describes the new version. -// You use traffic policies to create multiple DNS resource record sets for -// one domain name (such as example.com) or one subdomain name (such as www.example.com). -// You can create a maximum of 1000 versions of a traffic policy. If you reach -// the limit and need to create another version, you'll need to start a new -// traffic policy. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateTrafficPolicyVersion for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchTrafficPolicy "NoSuchTrafficPolicy" -// No traffic policy exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeTooManyTrafficPolicyVersionsForCurrentPolicy "TooManyTrafficPolicyVersionsForCurrentPolicy" -// This traffic policy version can't be created because you've reached the limit -// of 1000 on the number of versions that you can create for the current traffic -// policy. -// -// To create more traffic policy versions, you can use GetTrafficPolicy (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicy.html) -// to get the traffic policy document for a specified traffic policy version, -// and then use CreateTrafficPolicy (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicy.html) -// to create a new traffic policy using the traffic policy document. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeInvalidTrafficPolicyDocument "InvalidTrafficPolicyDocument" -// The format of the traffic policy document that you specified in the Document -// element is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateTrafficPolicyVersion -func (c *Route53) CreateTrafficPolicyVersion(input *CreateTrafficPolicyVersionInput) (*CreateTrafficPolicyVersionOutput, error) { - req, out := c.CreateTrafficPolicyVersionRequest(input) - return out, req.Send() -} - -// CreateTrafficPolicyVersionWithContext is the same as CreateTrafficPolicyVersion with the addition of -// the ability to pass a context and additional request options. -// -// See CreateTrafficPolicyVersion for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateTrafficPolicyVersionWithContext(ctx aws.Context, input *CreateTrafficPolicyVersionInput, opts ...request.Option) (*CreateTrafficPolicyVersionOutput, error) { - req, out := c.CreateTrafficPolicyVersionRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateVPCAssociationAuthorization = "CreateVPCAssociationAuthorization" - -// CreateVPCAssociationAuthorizationRequest generates a "aws/request.Request" representing the -// client's request for the CreateVPCAssociationAuthorization operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateVPCAssociationAuthorization for more information on using the CreateVPCAssociationAuthorization -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateVPCAssociationAuthorizationRequest method. -// req, resp := client.CreateVPCAssociationAuthorizationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateVPCAssociationAuthorization -func (c *Route53) CreateVPCAssociationAuthorizationRequest(input *CreateVPCAssociationAuthorizationInput) (req *request.Request, output *CreateVPCAssociationAuthorizationOutput) { - op := &request.Operation{ - Name: opCreateVPCAssociationAuthorization, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone/{Id}/authorizevpcassociation", - } - - if input == nil { - input = &CreateVPCAssociationAuthorizationInput{} - } - - output = &CreateVPCAssociationAuthorizationOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateVPCAssociationAuthorization API operation for Amazon Route 53. -// -// Authorizes the Amazon Web Services account that created a specified VPC to -// submit an AssociateVPCWithHostedZone request to associate the VPC with a -// specified hosted zone that was created by a different account. To submit -// a CreateVPCAssociationAuthorization request, you must use the account that -// created the hosted zone. After you authorize the association, use the account -// that created the VPC to submit an AssociateVPCWithHostedZone request. -// -// If you want to associate multiple VPCs that you created by using one account -// with a hosted zone that you created by using a different account, you must -// submit one authorization request for each VPC. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation CreateVPCAssociationAuthorization for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeTooManyVPCAssociationAuthorizations "TooManyVPCAssociationAuthorizations" -// You've created the maximum number of authorizations that can be created for -// the specified hosted zone. To authorize another VPC to be associated with -// the hosted zone, submit a DeleteVPCAssociationAuthorization request to remove -// an existing authorization. To get a list of existing authorizations, submit -// a ListVPCAssociationAuthorizations request. -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidVPCId "InvalidVPCId" -// The VPC ID that you specified either isn't a valid ID or the current account -// is not authorized to access this VPC. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/CreateVPCAssociationAuthorization -func (c *Route53) CreateVPCAssociationAuthorization(input *CreateVPCAssociationAuthorizationInput) (*CreateVPCAssociationAuthorizationOutput, error) { - req, out := c.CreateVPCAssociationAuthorizationRequest(input) - return out, req.Send() -} - -// CreateVPCAssociationAuthorizationWithContext is the same as CreateVPCAssociationAuthorization with the addition of -// the ability to pass a context and additional request options. -// -// See CreateVPCAssociationAuthorization for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) CreateVPCAssociationAuthorizationWithContext(ctx aws.Context, input *CreateVPCAssociationAuthorizationInput, opts ...request.Option) (*CreateVPCAssociationAuthorizationOutput, error) { - req, out := c.CreateVPCAssociationAuthorizationRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeactivateKeySigningKey = "DeactivateKeySigningKey" - -// DeactivateKeySigningKeyRequest generates a "aws/request.Request" representing the -// client's request for the DeactivateKeySigningKey operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeactivateKeySigningKey for more information on using the DeactivateKeySigningKey -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeactivateKeySigningKeyRequest method. -// req, resp := client.DeactivateKeySigningKeyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeactivateKeySigningKey -func (c *Route53) DeactivateKeySigningKeyRequest(input *DeactivateKeySigningKeyInput) (req *request.Request, output *DeactivateKeySigningKeyOutput) { - op := &request.Operation{ - Name: opDeactivateKeySigningKey, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/keysigningkey/{HostedZoneId}/{Name}/deactivate", - } - - if input == nil { - input = &DeactivateKeySigningKeyInput{} - } - - output = &DeactivateKeySigningKeyOutput{} - req = c.newRequest(op, input, output) - return -} - -// DeactivateKeySigningKey API operation for Amazon Route 53. -// -// Deactivates a key-signing key (KSK) so that it will not be used for signing -// by DNSSEC. This operation changes the KSK status to INACTIVE. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeactivateKeySigningKey for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeNoSuchKeySigningKey "NoSuchKeySigningKey" -// The specified key-signing key (KSK) doesn't exist. -// -// - ErrCodeInvalidKeySigningKeyStatus "InvalidKeySigningKeyStatus" -// The key-signing key (KSK) status isn't valid or another KSK has the status -// INTERNAL_FAILURE. -// -// - ErrCodeInvalidSigningStatus "InvalidSigningStatus" -// Your hosted zone status isn't valid for this operation. In the hosted zone, -// change the status to enable DNSSEC or disable DNSSEC. -// -// - ErrCodeKeySigningKeyInUse "KeySigningKeyInUse" -// The key-signing key (KSK) that you specified can't be deactivated because -// it's the only KSK for a currently-enabled DNSSEC. Disable DNSSEC signing, -// or add or enable another KSK. -// -// - ErrCodeKeySigningKeyInParentDSRecord "KeySigningKeyInParentDSRecord" -// The key-signing key (KSK) is specified in a parent DS record. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeactivateKeySigningKey -func (c *Route53) DeactivateKeySigningKey(input *DeactivateKeySigningKeyInput) (*DeactivateKeySigningKeyOutput, error) { - req, out := c.DeactivateKeySigningKeyRequest(input) - return out, req.Send() -} - -// DeactivateKeySigningKeyWithContext is the same as DeactivateKeySigningKey with the addition of -// the ability to pass a context and additional request options. -// -// See DeactivateKeySigningKey for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeactivateKeySigningKeyWithContext(ctx aws.Context, input *DeactivateKeySigningKeyInput, opts ...request.Option) (*DeactivateKeySigningKeyOutput, error) { - req, out := c.DeactivateKeySigningKeyRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteCidrCollection = "DeleteCidrCollection" - -// DeleteCidrCollectionRequest generates a "aws/request.Request" representing the -// client's request for the DeleteCidrCollection operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteCidrCollection for more information on using the DeleteCidrCollection -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteCidrCollectionRequest method. -// req, resp := client.DeleteCidrCollectionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteCidrCollection -func (c *Route53) DeleteCidrCollectionRequest(input *DeleteCidrCollectionInput) (req *request.Request, output *DeleteCidrCollectionOutput) { - op := &request.Operation{ - Name: opDeleteCidrCollection, - HTTPMethod: "DELETE", - HTTPPath: "/2013-04-01/cidrcollection/{CidrCollectionId}", - } - - if input == nil { - input = &DeleteCidrCollectionInput{} - } - - output = &DeleteCidrCollectionOutput{} - req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// DeleteCidrCollection API operation for Amazon Route 53. -// -// Deletes a CIDR collection in the current Amazon Web Services account. The -// collection must be empty before it can be deleted. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteCidrCollection for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchCidrCollectionException "NoSuchCidrCollectionException" -// The CIDR collection you specified, doesn't exist. -// -// - ErrCodeCidrCollectionInUseException "CidrCollectionInUseException" -// This CIDR collection is in use, and isn't empty. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteCidrCollection -func (c *Route53) DeleteCidrCollection(input *DeleteCidrCollectionInput) (*DeleteCidrCollectionOutput, error) { - req, out := c.DeleteCidrCollectionRequest(input) - return out, req.Send() -} - -// DeleteCidrCollectionWithContext is the same as DeleteCidrCollection with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteCidrCollection for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteCidrCollectionWithContext(ctx aws.Context, input *DeleteCidrCollectionInput, opts ...request.Option) (*DeleteCidrCollectionOutput, error) { - req, out := c.DeleteCidrCollectionRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteHealthCheck = "DeleteHealthCheck" - -// DeleteHealthCheckRequest generates a "aws/request.Request" representing the -// client's request for the DeleteHealthCheck operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteHealthCheck for more information on using the DeleteHealthCheck -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteHealthCheckRequest method. -// req, resp := client.DeleteHealthCheckRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteHealthCheck -func (c *Route53) DeleteHealthCheckRequest(input *DeleteHealthCheckInput) (req *request.Request, output *DeleteHealthCheckOutput) { - op := &request.Operation{ - Name: opDeleteHealthCheck, - HTTPMethod: "DELETE", - HTTPPath: "/2013-04-01/healthcheck/{HealthCheckId}", - } - - if input == nil { - input = &DeleteHealthCheckInput{} - } - - output = &DeleteHealthCheckOutput{} - req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// DeleteHealthCheck API operation for Amazon Route 53. -// -// Deletes a health check. -// -// Amazon Route 53 does not prevent you from deleting a health check even if -// the health check is associated with one or more resource record sets. If -// you delete a health check and you don't update the associated resource record -// sets, the future status of the health check can't be predicted and may change. -// This will affect the routing of DNS queries for your DNS failover configuration. -// For more information, see Replacing and Deleting Health Checks (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/health-checks-creating-deleting.html#health-checks-deleting.html) -// in the Amazon Route 53 Developer Guide. -// -// If you're using Cloud Map and you configured Cloud Map to create a Route -// 53 health check when you register an instance, you can't use the Route 53 -// DeleteHealthCheck command to delete the health check. The health check is -// deleted automatically when you deregister the instance; there can be a delay -// of several hours before the health check is deleted from Route 53. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteHealthCheck for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeHealthCheckInUse "HealthCheckInUse" -// This error code is not in use. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteHealthCheck -func (c *Route53) DeleteHealthCheck(input *DeleteHealthCheckInput) (*DeleteHealthCheckOutput, error) { - req, out := c.DeleteHealthCheckRequest(input) - return out, req.Send() -} - -// DeleteHealthCheckWithContext is the same as DeleteHealthCheck with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteHealthCheck for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteHealthCheckWithContext(ctx aws.Context, input *DeleteHealthCheckInput, opts ...request.Option) (*DeleteHealthCheckOutput, error) { - req, out := c.DeleteHealthCheckRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteHostedZone = "DeleteHostedZone" - -// DeleteHostedZoneRequest generates a "aws/request.Request" representing the -// client's request for the DeleteHostedZone operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteHostedZone for more information on using the DeleteHostedZone -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteHostedZoneRequest method. -// req, resp := client.DeleteHostedZoneRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteHostedZone -func (c *Route53) DeleteHostedZoneRequest(input *DeleteHostedZoneInput) (req *request.Request, output *DeleteHostedZoneOutput) { - op := &request.Operation{ - Name: opDeleteHostedZone, - HTTPMethod: "DELETE", - HTTPPath: "/2013-04-01/hostedzone/{Id}", - } - - if input == nil { - input = &DeleteHostedZoneInput{} - } - - output = &DeleteHostedZoneOutput{} - req = c.newRequest(op, input, output) - return -} - -// DeleteHostedZone API operation for Amazon Route 53. -// -// Deletes a hosted zone. -// -// If the hosted zone was created by another service, such as Cloud Map, see -// Deleting Public Hosted Zones That Were Created by Another Service (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DeleteHostedZone.html#delete-public-hosted-zone-created-by-another-service) -// in the Amazon Route 53 Developer Guide for information about how to delete -// it. (The process is the same for public and private hosted zones that were -// created by another service.) -// -// If you want to keep your domain registration but you want to stop routing -// internet traffic to your website or web application, we recommend that you -// delete resource record sets in the hosted zone instead of deleting the hosted -// zone. -// -// If you delete a hosted zone, you can't undelete it. You must create a new -// hosted zone and update the name servers for your domain registration, which -// can require up to 48 hours to take effect. (If you delegated responsibility -// for a subdomain to a hosted zone and you delete the child hosted zone, you -// must update the name servers in the parent hosted zone.) In addition, if -// you delete a hosted zone, someone could hijack the domain and route traffic -// to their own resources using your domain name. -// -// If you want to avoid the monthly charge for the hosted zone, you can transfer -// DNS service for the domain to a free DNS service. When you transfer DNS service, -// you have to update the name servers for the domain registration. If the domain -// is registered with Route 53, see UpdateDomainNameservers (https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_UpdateDomainNameservers.html) -// for information about how to replace Route 53 name servers with name servers -// for the new DNS service. If the domain is registered with another registrar, -// use the method provided by the registrar to update name servers for the domain -// registration. For more information, perform an internet search on "free DNS -// service." -// -// You can delete a hosted zone only if it contains only the default SOA record -// and NS resource record sets. If the hosted zone contains other resource record -// sets, you must delete them before you can delete the hosted zone. If you -// try to delete a hosted zone that contains other resource record sets, the -// request fails, and Route 53 returns a HostedZoneNotEmpty error. For information -// about deleting records from your hosted zone, see ChangeResourceRecordSets -// (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ChangeResourceRecordSets.html). -// -// To verify that the hosted zone has been deleted, do one of the following: -// -// - Use the GetHostedZone action to request information about the hosted -// zone. -// -// - Use the ListHostedZones action to get a list of the hosted zones associated -// with the current Amazon Web Services account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteHostedZone for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeHostedZoneNotEmpty "HostedZoneNotEmpty" -// The hosted zone contains resource records that are not SOA or NS records. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeInvalidDomainName "InvalidDomainName" -// The specified domain name is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteHostedZone -func (c *Route53) DeleteHostedZone(input *DeleteHostedZoneInput) (*DeleteHostedZoneOutput, error) { - req, out := c.DeleteHostedZoneRequest(input) - return out, req.Send() -} - -// DeleteHostedZoneWithContext is the same as DeleteHostedZone with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteHostedZone for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteHostedZoneWithContext(ctx aws.Context, input *DeleteHostedZoneInput, opts ...request.Option) (*DeleteHostedZoneOutput, error) { - req, out := c.DeleteHostedZoneRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteKeySigningKey = "DeleteKeySigningKey" - -// DeleteKeySigningKeyRequest generates a "aws/request.Request" representing the -// client's request for the DeleteKeySigningKey operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteKeySigningKey for more information on using the DeleteKeySigningKey -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteKeySigningKeyRequest method. -// req, resp := client.DeleteKeySigningKeyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteKeySigningKey -func (c *Route53) DeleteKeySigningKeyRequest(input *DeleteKeySigningKeyInput) (req *request.Request, output *DeleteKeySigningKeyOutput) { - op := &request.Operation{ - Name: opDeleteKeySigningKey, - HTTPMethod: "DELETE", - HTTPPath: "/2013-04-01/keysigningkey/{HostedZoneId}/{Name}", - } - - if input == nil { - input = &DeleteKeySigningKeyInput{} - } - - output = &DeleteKeySigningKeyOutput{} - req = c.newRequest(op, input, output) - return -} - -// DeleteKeySigningKey API operation for Amazon Route 53. -// -// Deletes a key-signing key (KSK). Before you can delete a KSK, you must deactivate -// it. The KSK must be deactivated before you can delete it regardless of whether -// the hosted zone is enabled for DNSSEC signing. -// -// You can use DeactivateKeySigningKey (https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeactivateKeySigningKey.html) -// to deactivate the key before you delete it. -// -// Use GetDNSSEC (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetDNSSEC.html) -// to verify that the KSK is in an INACTIVE status. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteKeySigningKey for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeNoSuchKeySigningKey "NoSuchKeySigningKey" -// The specified key-signing key (KSK) doesn't exist. -// -// - ErrCodeInvalidKeySigningKeyStatus "InvalidKeySigningKeyStatus" -// The key-signing key (KSK) status isn't valid or another KSK has the status -// INTERNAL_FAILURE. -// -// - ErrCodeInvalidSigningStatus "InvalidSigningStatus" -// Your hosted zone status isn't valid for this operation. In the hosted zone, -// change the status to enable DNSSEC or disable DNSSEC. -// -// - ErrCodeInvalidKMSArn "InvalidKMSArn" -// The KeyManagementServiceArn that you specified isn't valid to use with DNSSEC -// signing. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteKeySigningKey -func (c *Route53) DeleteKeySigningKey(input *DeleteKeySigningKeyInput) (*DeleteKeySigningKeyOutput, error) { - req, out := c.DeleteKeySigningKeyRequest(input) - return out, req.Send() -} - -// DeleteKeySigningKeyWithContext is the same as DeleteKeySigningKey with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteKeySigningKey for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteKeySigningKeyWithContext(ctx aws.Context, input *DeleteKeySigningKeyInput, opts ...request.Option) (*DeleteKeySigningKeyOutput, error) { - req, out := c.DeleteKeySigningKeyRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteQueryLoggingConfig = "DeleteQueryLoggingConfig" - -// DeleteQueryLoggingConfigRequest generates a "aws/request.Request" representing the -// client's request for the DeleteQueryLoggingConfig operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteQueryLoggingConfig for more information on using the DeleteQueryLoggingConfig -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteQueryLoggingConfigRequest method. -// req, resp := client.DeleteQueryLoggingConfigRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteQueryLoggingConfig -func (c *Route53) DeleteQueryLoggingConfigRequest(input *DeleteQueryLoggingConfigInput) (req *request.Request, output *DeleteQueryLoggingConfigOutput) { - op := &request.Operation{ - Name: opDeleteQueryLoggingConfig, - HTTPMethod: "DELETE", - HTTPPath: "/2013-04-01/queryloggingconfig/{Id}", - } - - if input == nil { - input = &DeleteQueryLoggingConfigInput{} - } - - output = &DeleteQueryLoggingConfigOutput{} - req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// DeleteQueryLoggingConfig API operation for Amazon Route 53. -// -// Deletes a configuration for DNS query logging. If you delete a configuration, -// Amazon Route 53 stops sending query logs to CloudWatch Logs. Route 53 doesn't -// delete any logs that are already in CloudWatch Logs. -// -// For more information about DNS query logs, see CreateQueryLoggingConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateQueryLoggingConfig.html). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteQueryLoggingConfig for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeNoSuchQueryLoggingConfig "NoSuchQueryLoggingConfig" -// There is no DNS query logging configuration with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteQueryLoggingConfig -func (c *Route53) DeleteQueryLoggingConfig(input *DeleteQueryLoggingConfigInput) (*DeleteQueryLoggingConfigOutput, error) { - req, out := c.DeleteQueryLoggingConfigRequest(input) - return out, req.Send() -} - -// DeleteQueryLoggingConfigWithContext is the same as DeleteQueryLoggingConfig with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteQueryLoggingConfig for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteQueryLoggingConfigWithContext(ctx aws.Context, input *DeleteQueryLoggingConfigInput, opts ...request.Option) (*DeleteQueryLoggingConfigOutput, error) { - req, out := c.DeleteQueryLoggingConfigRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteReusableDelegationSet = "DeleteReusableDelegationSet" - -// DeleteReusableDelegationSetRequest generates a "aws/request.Request" representing the -// client's request for the DeleteReusableDelegationSet operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteReusableDelegationSet for more information on using the DeleteReusableDelegationSet -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteReusableDelegationSetRequest method. -// req, resp := client.DeleteReusableDelegationSetRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteReusableDelegationSet -func (c *Route53) DeleteReusableDelegationSetRequest(input *DeleteReusableDelegationSetInput) (req *request.Request, output *DeleteReusableDelegationSetOutput) { - op := &request.Operation{ - Name: opDeleteReusableDelegationSet, - HTTPMethod: "DELETE", - HTTPPath: "/2013-04-01/delegationset/{Id}", - } - - if input == nil { - input = &DeleteReusableDelegationSetInput{} - } - - output = &DeleteReusableDelegationSetOutput{} - req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// DeleteReusableDelegationSet API operation for Amazon Route 53. -// -// Deletes a reusable delegation set. -// -// You can delete a reusable delegation set only if it isn't associated with -// any hosted zones. -// -// To verify that the reusable delegation set is not associated with any hosted -// zones, submit a GetReusableDelegationSet (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetReusableDelegationSet.html) -// request and specify the ID of the reusable delegation set that you want to -// delete. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteReusableDelegationSet for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchDelegationSet "NoSuchDelegationSet" -// A reusable delegation set with the specified ID does not exist. -// -// - ErrCodeDelegationSetInUse "DelegationSetInUse" -// The specified delegation contains associated hosted zones which must be deleted -// before the reusable delegation set can be deleted. -// -// - ErrCodeDelegationSetNotReusable "DelegationSetNotReusable" -// A reusable delegation set with the specified ID does not exist. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteReusableDelegationSet -func (c *Route53) DeleteReusableDelegationSet(input *DeleteReusableDelegationSetInput) (*DeleteReusableDelegationSetOutput, error) { - req, out := c.DeleteReusableDelegationSetRequest(input) - return out, req.Send() -} - -// DeleteReusableDelegationSetWithContext is the same as DeleteReusableDelegationSet with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteReusableDelegationSet for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteReusableDelegationSetWithContext(ctx aws.Context, input *DeleteReusableDelegationSetInput, opts ...request.Option) (*DeleteReusableDelegationSetOutput, error) { - req, out := c.DeleteReusableDelegationSetRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteTrafficPolicy = "DeleteTrafficPolicy" - -// DeleteTrafficPolicyRequest generates a "aws/request.Request" representing the -// client's request for the DeleteTrafficPolicy operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteTrafficPolicy for more information on using the DeleteTrafficPolicy -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteTrafficPolicyRequest method. -// req, resp := client.DeleteTrafficPolicyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteTrafficPolicy -func (c *Route53) DeleteTrafficPolicyRequest(input *DeleteTrafficPolicyInput) (req *request.Request, output *DeleteTrafficPolicyOutput) { - op := &request.Operation{ - Name: opDeleteTrafficPolicy, - HTTPMethod: "DELETE", - HTTPPath: "/2013-04-01/trafficpolicy/{Id}/{Version}", - } - - if input == nil { - input = &DeleteTrafficPolicyInput{} - } - - output = &DeleteTrafficPolicyOutput{} - req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// DeleteTrafficPolicy API operation for Amazon Route 53. -// -// Deletes a traffic policy. -// -// When you delete a traffic policy, Route 53 sets a flag on the policy to indicate -// that it has been deleted. However, Route 53 never fully deletes the traffic -// policy. Note the following: -// -// - Deleted traffic policies aren't listed if you run ListTrafficPolicies -// (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListTrafficPolicies.html). -// -// - There's no way to get a list of deleted policies. -// -// - If you retain the ID of the policy, you can get information about the -// policy, including the traffic policy document, by running GetTrafficPolicy -// (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicy.html). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteTrafficPolicy for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchTrafficPolicy "NoSuchTrafficPolicy" -// No traffic policy exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeTrafficPolicyInUse "TrafficPolicyInUse" -// One or more traffic policy instances were created by using the specified -// traffic policy. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteTrafficPolicy -func (c *Route53) DeleteTrafficPolicy(input *DeleteTrafficPolicyInput) (*DeleteTrafficPolicyOutput, error) { - req, out := c.DeleteTrafficPolicyRequest(input) - return out, req.Send() -} - -// DeleteTrafficPolicyWithContext is the same as DeleteTrafficPolicy with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteTrafficPolicy for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteTrafficPolicyWithContext(ctx aws.Context, input *DeleteTrafficPolicyInput, opts ...request.Option) (*DeleteTrafficPolicyOutput, error) { - req, out := c.DeleteTrafficPolicyRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteTrafficPolicyInstance = "DeleteTrafficPolicyInstance" - -// DeleteTrafficPolicyInstanceRequest generates a "aws/request.Request" representing the -// client's request for the DeleteTrafficPolicyInstance operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteTrafficPolicyInstance for more information on using the DeleteTrafficPolicyInstance -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteTrafficPolicyInstanceRequest method. -// req, resp := client.DeleteTrafficPolicyInstanceRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteTrafficPolicyInstance -func (c *Route53) DeleteTrafficPolicyInstanceRequest(input *DeleteTrafficPolicyInstanceInput) (req *request.Request, output *DeleteTrafficPolicyInstanceOutput) { - op := &request.Operation{ - Name: opDeleteTrafficPolicyInstance, - HTTPMethod: "DELETE", - HTTPPath: "/2013-04-01/trafficpolicyinstance/{Id}", - } - - if input == nil { - input = &DeleteTrafficPolicyInstanceInput{} - } - - output = &DeleteTrafficPolicyInstanceOutput{} - req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// DeleteTrafficPolicyInstance API operation for Amazon Route 53. -// -// Deletes a traffic policy instance and all of the resource record sets that -// Amazon Route 53 created when you created the instance. -// -// In the Route 53 console, traffic policy instances are known as policy records. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteTrafficPolicyInstance for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchTrafficPolicyInstance "NoSuchTrafficPolicyInstance" -// No traffic policy instance exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteTrafficPolicyInstance -func (c *Route53) DeleteTrafficPolicyInstance(input *DeleteTrafficPolicyInstanceInput) (*DeleteTrafficPolicyInstanceOutput, error) { - req, out := c.DeleteTrafficPolicyInstanceRequest(input) - return out, req.Send() -} - -// DeleteTrafficPolicyInstanceWithContext is the same as DeleteTrafficPolicyInstance with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteTrafficPolicyInstance for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteTrafficPolicyInstanceWithContext(ctx aws.Context, input *DeleteTrafficPolicyInstanceInput, opts ...request.Option) (*DeleteTrafficPolicyInstanceOutput, error) { - req, out := c.DeleteTrafficPolicyInstanceRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDeleteVPCAssociationAuthorization = "DeleteVPCAssociationAuthorization" - -// DeleteVPCAssociationAuthorizationRequest generates a "aws/request.Request" representing the -// client's request for the DeleteVPCAssociationAuthorization operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DeleteVPCAssociationAuthorization for more information on using the DeleteVPCAssociationAuthorization -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DeleteVPCAssociationAuthorizationRequest method. -// req, resp := client.DeleteVPCAssociationAuthorizationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteVPCAssociationAuthorization -func (c *Route53) DeleteVPCAssociationAuthorizationRequest(input *DeleteVPCAssociationAuthorizationInput) (req *request.Request, output *DeleteVPCAssociationAuthorizationOutput) { - op := &request.Operation{ - Name: opDeleteVPCAssociationAuthorization, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone/{Id}/deauthorizevpcassociation", - } - - if input == nil { - input = &DeleteVPCAssociationAuthorizationInput{} - } - - output = &DeleteVPCAssociationAuthorizationOutput{} - req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// DeleteVPCAssociationAuthorization API operation for Amazon Route 53. -// -// Removes authorization to submit an AssociateVPCWithHostedZone request to -// associate a specified VPC with a hosted zone that was created by a different -// account. You must use the account that created the hosted zone to submit -// a DeleteVPCAssociationAuthorization request. -// -// Sending this request only prevents the Amazon Web Services account that created -// the VPC from associating the VPC with the Amazon Route 53 hosted zone in -// the future. If the VPC is already associated with the hosted zone, DeleteVPCAssociationAuthorization -// won't disassociate the VPC from the hosted zone. If you want to delete an -// existing association, use DisassociateVPCFromHostedZone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DeleteVPCAssociationAuthorization for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeVPCAssociationAuthorizationNotFound "VPCAssociationAuthorizationNotFound" -// The VPC that you specified is not authorized to be associated with the hosted -// zone. -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidVPCId "InvalidVPCId" -// The VPC ID that you specified either isn't a valid ID or the current account -// is not authorized to access this VPC. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DeleteVPCAssociationAuthorization -func (c *Route53) DeleteVPCAssociationAuthorization(input *DeleteVPCAssociationAuthorizationInput) (*DeleteVPCAssociationAuthorizationOutput, error) { - req, out := c.DeleteVPCAssociationAuthorizationRequest(input) - return out, req.Send() -} - -// DeleteVPCAssociationAuthorizationWithContext is the same as DeleteVPCAssociationAuthorization with the addition of -// the ability to pass a context and additional request options. -// -// See DeleteVPCAssociationAuthorization for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DeleteVPCAssociationAuthorizationWithContext(ctx aws.Context, input *DeleteVPCAssociationAuthorizationInput, opts ...request.Option) (*DeleteVPCAssociationAuthorizationOutput, error) { - req, out := c.DeleteVPCAssociationAuthorizationRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDisableHostedZoneDNSSEC = "DisableHostedZoneDNSSEC" - -// DisableHostedZoneDNSSECRequest generates a "aws/request.Request" representing the -// client's request for the DisableHostedZoneDNSSEC operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DisableHostedZoneDNSSEC for more information on using the DisableHostedZoneDNSSEC -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DisableHostedZoneDNSSECRequest method. -// req, resp := client.DisableHostedZoneDNSSECRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DisableHostedZoneDNSSEC -func (c *Route53) DisableHostedZoneDNSSECRequest(input *DisableHostedZoneDNSSECInput) (req *request.Request, output *DisableHostedZoneDNSSECOutput) { - op := &request.Operation{ - Name: opDisableHostedZoneDNSSEC, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone/{Id}/disable-dnssec", - } - - if input == nil { - input = &DisableHostedZoneDNSSECInput{} - } - - output = &DisableHostedZoneDNSSECOutput{} - req = c.newRequest(op, input, output) - return -} - -// DisableHostedZoneDNSSEC API operation for Amazon Route 53. -// -// Disables DNSSEC signing in a specific hosted zone. This action does not deactivate -// any key-signing keys (KSKs) that are active in the hosted zone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DisableHostedZoneDNSSEC for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidArgument "InvalidArgument" -// Parameter name is not valid. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeKeySigningKeyInParentDSRecord "KeySigningKeyInParentDSRecord" -// The key-signing key (KSK) is specified in a parent DS record. -// -// - ErrCodeDNSSECNotFound "DNSSECNotFound" -// The hosted zone doesn't have any DNSSEC resources. -// -// - ErrCodeInvalidKeySigningKeyStatus "InvalidKeySigningKeyStatus" -// The key-signing key (KSK) status isn't valid or another KSK has the status -// INTERNAL_FAILURE. -// -// - ErrCodeInvalidKMSArn "InvalidKMSArn" -// The KeyManagementServiceArn that you specified isn't valid to use with DNSSEC -// signing. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DisableHostedZoneDNSSEC -func (c *Route53) DisableHostedZoneDNSSEC(input *DisableHostedZoneDNSSECInput) (*DisableHostedZoneDNSSECOutput, error) { - req, out := c.DisableHostedZoneDNSSECRequest(input) - return out, req.Send() -} - -// DisableHostedZoneDNSSECWithContext is the same as DisableHostedZoneDNSSEC with the addition of -// the ability to pass a context and additional request options. -// -// See DisableHostedZoneDNSSEC for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DisableHostedZoneDNSSECWithContext(ctx aws.Context, input *DisableHostedZoneDNSSECInput, opts ...request.Option) (*DisableHostedZoneDNSSECOutput, error) { - req, out := c.DisableHostedZoneDNSSECRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDisassociateVPCFromHostedZone = "DisassociateVPCFromHostedZone" - -// DisassociateVPCFromHostedZoneRequest generates a "aws/request.Request" representing the -// client's request for the DisassociateVPCFromHostedZone operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DisassociateVPCFromHostedZone for more information on using the DisassociateVPCFromHostedZone -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DisassociateVPCFromHostedZoneRequest method. -// req, resp := client.DisassociateVPCFromHostedZoneRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DisassociateVPCFromHostedZone -func (c *Route53) DisassociateVPCFromHostedZoneRequest(input *DisassociateVPCFromHostedZoneInput) (req *request.Request, output *DisassociateVPCFromHostedZoneOutput) { - op := &request.Operation{ - Name: opDisassociateVPCFromHostedZone, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone/{Id}/disassociatevpc", - } - - if input == nil { - input = &DisassociateVPCFromHostedZoneInput{} - } - - output = &DisassociateVPCFromHostedZoneOutput{} - req = c.newRequest(op, input, output) - return -} - -// DisassociateVPCFromHostedZone API operation for Amazon Route 53. -// -// Disassociates an Amazon Virtual Private Cloud (Amazon VPC) from an Amazon -// Route 53 private hosted zone. Note the following: -// -// - You can't disassociate the last Amazon VPC from a private hosted zone. -// -// - You can't convert a private hosted zone into a public hosted zone. -// -// - You can submit a DisassociateVPCFromHostedZone request using either -// the account that created the hosted zone or the account that created the -// Amazon VPC. -// -// - Some services, such as Cloud Map and Amazon Elastic File System (Amazon -// EFS) automatically create hosted zones and associate VPCs with the hosted -// zones. A service can create a hosted zone using your account or using -// its own account. You can disassociate a VPC from a hosted zone only if -// the service created the hosted zone using your account. When you run DisassociateVPCFromHostedZone -// (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListHostedZonesByVPC.html), -// if the hosted zone has a value for OwningAccount, you can use DisassociateVPCFromHostedZone. -// If the hosted zone has a value for OwningService, you can't use DisassociateVPCFromHostedZone. -// -// When revoking access, the hosted zone and the Amazon VPC must belong to the -// same partition. A partition is a group of Amazon Web Services Regions. Each -// Amazon Web Services account is scoped to one partition. -// -// The following are the supported partitions: -// -// - aws - Amazon Web Services Regions -// -// - aws-cn - China Regions -// -// - aws-us-gov - Amazon Web Services GovCloud (US) Region -// -// For more information, see Access Management (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) -// in the Amazon Web Services General Reference. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation DisassociateVPCFromHostedZone for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidVPCId "InvalidVPCId" -// The VPC ID that you specified either isn't a valid ID or the current account -// is not authorized to access this VPC. -// -// - ErrCodeVPCAssociationNotFound "VPCAssociationNotFound" -// The specified VPC and hosted zone are not currently associated. -// -// - ErrCodeLastVPCAssociation "LastVPCAssociation" -// The VPC that you're trying to disassociate from the private hosted zone is -// the last VPC that is associated with the hosted zone. Amazon Route 53 doesn't -// support disassociating the last VPC from a hosted zone. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/DisassociateVPCFromHostedZone -func (c *Route53) DisassociateVPCFromHostedZone(input *DisassociateVPCFromHostedZoneInput) (*DisassociateVPCFromHostedZoneOutput, error) { - req, out := c.DisassociateVPCFromHostedZoneRequest(input) - return out, req.Send() -} - -// DisassociateVPCFromHostedZoneWithContext is the same as DisassociateVPCFromHostedZone with the addition of -// the ability to pass a context and additional request options. -// -// See DisassociateVPCFromHostedZone for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) DisassociateVPCFromHostedZoneWithContext(ctx aws.Context, input *DisassociateVPCFromHostedZoneInput, opts ...request.Option) (*DisassociateVPCFromHostedZoneOutput, error) { - req, out := c.DisassociateVPCFromHostedZoneRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opEnableHostedZoneDNSSEC = "EnableHostedZoneDNSSEC" - -// EnableHostedZoneDNSSECRequest generates a "aws/request.Request" representing the -// client's request for the EnableHostedZoneDNSSEC operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See EnableHostedZoneDNSSEC for more information on using the EnableHostedZoneDNSSEC -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the EnableHostedZoneDNSSECRequest method. -// req, resp := client.EnableHostedZoneDNSSECRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/EnableHostedZoneDNSSEC -func (c *Route53) EnableHostedZoneDNSSECRequest(input *EnableHostedZoneDNSSECInput) (req *request.Request, output *EnableHostedZoneDNSSECOutput) { - op := &request.Operation{ - Name: opEnableHostedZoneDNSSEC, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone/{Id}/enable-dnssec", - } - - if input == nil { - input = &EnableHostedZoneDNSSECInput{} - } - - output = &EnableHostedZoneDNSSECOutput{} - req = c.newRequest(op, input, output) - return -} - -// EnableHostedZoneDNSSEC API operation for Amazon Route 53. -// -// Enables DNSSEC signing in a specific hosted zone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation EnableHostedZoneDNSSEC for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidArgument "InvalidArgument" -// Parameter name is not valid. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// - ErrCodeKeySigningKeyWithActiveStatusNotFound "KeySigningKeyWithActiveStatusNotFound" -// A key-signing key (KSK) with ACTIVE status wasn't found. -// -// - ErrCodeInvalidKMSArn "InvalidKMSArn" -// The KeyManagementServiceArn that you specified isn't valid to use with DNSSEC -// signing. -// -// - ErrCodeHostedZonePartiallyDelegated "HostedZonePartiallyDelegated" -// The hosted zone nameservers don't match the parent nameservers. The hosted -// zone and parent must have the same nameservers. -// -// - ErrCodeDNSSECNotFound "DNSSECNotFound" -// The hosted zone doesn't have any DNSSEC resources. -// -// - ErrCodeInvalidKeySigningKeyStatus "InvalidKeySigningKeyStatus" -// The key-signing key (KSK) status isn't valid or another KSK has the status -// INTERNAL_FAILURE. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/EnableHostedZoneDNSSEC -func (c *Route53) EnableHostedZoneDNSSEC(input *EnableHostedZoneDNSSECInput) (*EnableHostedZoneDNSSECOutput, error) { - req, out := c.EnableHostedZoneDNSSECRequest(input) - return out, req.Send() -} - -// EnableHostedZoneDNSSECWithContext is the same as EnableHostedZoneDNSSEC with the addition of -// the ability to pass a context and additional request options. -// -// See EnableHostedZoneDNSSEC for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) EnableHostedZoneDNSSECWithContext(ctx aws.Context, input *EnableHostedZoneDNSSECInput, opts ...request.Option) (*EnableHostedZoneDNSSECOutput, error) { - req, out := c.EnableHostedZoneDNSSECRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetAccountLimit = "GetAccountLimit" - -// GetAccountLimitRequest generates a "aws/request.Request" representing the -// client's request for the GetAccountLimit operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetAccountLimit for more information on using the GetAccountLimit -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetAccountLimitRequest method. -// req, resp := client.GetAccountLimitRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetAccountLimit -func (c *Route53) GetAccountLimitRequest(input *GetAccountLimitInput) (req *request.Request, output *GetAccountLimitOutput) { - op := &request.Operation{ - Name: opGetAccountLimit, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/accountlimit/{Type}", - } - - if input == nil { - input = &GetAccountLimitInput{} - } - - output = &GetAccountLimitOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetAccountLimit API operation for Amazon Route 53. -// -// Gets the specified limit for the current account, for example, the maximum -// number of health checks that you can create using the account. -// -// For the default limit, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) -// in the Amazon Route 53 Developer Guide. To request a higher limit, open a -// case (https://console.aws.amazon.com/support/home#/case/create?issueType=service-limit-increase&limitType=service-code-route53). -// -// You can also view account limits in Amazon Web Services Trusted Advisor. -// Sign in to the Amazon Web Services Management Console and open the Trusted -// Advisor console at https://console.aws.amazon.com/trustedadvisor/ (https://console.aws.amazon.com/trustedadvisor). -// Then choose Service limits in the navigation pane. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetAccountLimit for usage and error information. -// -// Returned Error Codes: -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetAccountLimit -func (c *Route53) GetAccountLimit(input *GetAccountLimitInput) (*GetAccountLimitOutput, error) { - req, out := c.GetAccountLimitRequest(input) - return out, req.Send() -} - -// GetAccountLimitWithContext is the same as GetAccountLimit with the addition of -// the ability to pass a context and additional request options. -// -// See GetAccountLimit for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetAccountLimitWithContext(ctx aws.Context, input *GetAccountLimitInput, opts ...request.Option) (*GetAccountLimitOutput, error) { - req, out := c.GetAccountLimitRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetChange = "GetChange" - -// GetChangeRequest generates a "aws/request.Request" representing the -// client's request for the GetChange operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetChange for more information on using the GetChange -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetChangeRequest method. -// req, resp := client.GetChangeRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetChange -func (c *Route53) GetChangeRequest(input *GetChangeInput) (req *request.Request, output *GetChangeOutput) { - op := &request.Operation{ - Name: opGetChange, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/change/{Id}", - } - - if input == nil { - input = &GetChangeInput{} - } - - output = &GetChangeOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetChange API operation for Amazon Route 53. -// -// Returns the current status of a change batch request. The status is one of -// the following values: -// -// - PENDING indicates that the changes in this request have not propagated -// to all Amazon Route 53 DNS servers managing the hosted zone. This is the -// initial status of all change batch requests. -// -// - INSYNC indicates that the changes have propagated to all Route 53 DNS -// servers managing the hosted zone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetChange for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchChange "NoSuchChange" -// A change with the specified change ID does not exist. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetChange -func (c *Route53) GetChange(input *GetChangeInput) (*GetChangeOutput, error) { - req, out := c.GetChangeRequest(input) - return out, req.Send() -} - -// GetChangeWithContext is the same as GetChange with the addition of -// the ability to pass a context and additional request options. -// -// See GetChange for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetChangeWithContext(ctx aws.Context, input *GetChangeInput, opts ...request.Option) (*GetChangeOutput, error) { - req, out := c.GetChangeRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetCheckerIpRanges = "GetCheckerIpRanges" - -// GetCheckerIpRangesRequest generates a "aws/request.Request" representing the -// client's request for the GetCheckerIpRanges operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetCheckerIpRanges for more information on using the GetCheckerIpRanges -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetCheckerIpRangesRequest method. -// req, resp := client.GetCheckerIpRangesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetCheckerIpRanges -func (c *Route53) GetCheckerIpRangesRequest(input *GetCheckerIpRangesInput) (req *request.Request, output *GetCheckerIpRangesOutput) { - op := &request.Operation{ - Name: opGetCheckerIpRanges, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/checkeripranges", - } - - if input == nil { - input = &GetCheckerIpRangesInput{} - } - - output = &GetCheckerIpRangesOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetCheckerIpRanges API operation for Amazon Route 53. -// -// Route 53 does not perform authorization for this API because it retrieves -// information that is already available to the public. -// -// GetCheckerIpRanges still works, but we recommend that you download ip-ranges.json, -// which includes IP address ranges for all Amazon Web Services services. For -// more information, see IP Address Ranges of Amazon Route 53 Servers (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/route-53-ip-addresses.html) -// in the Amazon Route 53 Developer Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetCheckerIpRanges for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetCheckerIpRanges -func (c *Route53) GetCheckerIpRanges(input *GetCheckerIpRangesInput) (*GetCheckerIpRangesOutput, error) { - req, out := c.GetCheckerIpRangesRequest(input) - return out, req.Send() -} - -// GetCheckerIpRangesWithContext is the same as GetCheckerIpRanges with the addition of -// the ability to pass a context and additional request options. -// -// See GetCheckerIpRanges for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetCheckerIpRangesWithContext(ctx aws.Context, input *GetCheckerIpRangesInput, opts ...request.Option) (*GetCheckerIpRangesOutput, error) { - req, out := c.GetCheckerIpRangesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetDNSSEC = "GetDNSSEC" - -// GetDNSSECRequest generates a "aws/request.Request" representing the -// client's request for the GetDNSSEC operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetDNSSEC for more information on using the GetDNSSEC -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetDNSSECRequest method. -// req, resp := client.GetDNSSECRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetDNSSEC -func (c *Route53) GetDNSSECRequest(input *GetDNSSECInput) (req *request.Request, output *GetDNSSECOutput) { - op := &request.Operation{ - Name: opGetDNSSEC, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzone/{Id}/dnssec", - } - - if input == nil { - input = &GetDNSSECInput{} - } - - output = &GetDNSSECOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetDNSSEC API operation for Amazon Route 53. -// -// Returns information about DNSSEC for a specific hosted zone, including the -// key-signing keys (KSKs) in the hosted zone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetDNSSEC for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidArgument "InvalidArgument" -// Parameter name is not valid. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetDNSSEC -func (c *Route53) GetDNSSEC(input *GetDNSSECInput) (*GetDNSSECOutput, error) { - req, out := c.GetDNSSECRequest(input) - return out, req.Send() -} - -// GetDNSSECWithContext is the same as GetDNSSEC with the addition of -// the ability to pass a context and additional request options. -// -// See GetDNSSEC for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetDNSSECWithContext(ctx aws.Context, input *GetDNSSECInput, opts ...request.Option) (*GetDNSSECOutput, error) { - req, out := c.GetDNSSECRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetGeoLocation = "GetGeoLocation" - -// GetGeoLocationRequest generates a "aws/request.Request" representing the -// client's request for the GetGeoLocation operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetGeoLocation for more information on using the GetGeoLocation -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetGeoLocationRequest method. -// req, resp := client.GetGeoLocationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetGeoLocation -func (c *Route53) GetGeoLocationRequest(input *GetGeoLocationInput) (req *request.Request, output *GetGeoLocationOutput) { - op := &request.Operation{ - Name: opGetGeoLocation, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/geolocation", - } - - if input == nil { - input = &GetGeoLocationInput{} - } - - output = &GetGeoLocationOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetGeoLocation API operation for Amazon Route 53. -// -// Gets information about whether a specified geographic location is supported -// for Amazon Route 53 geolocation resource record sets. -// -// Route 53 does not perform authorization for this API because it retrieves -// information that is already available to the public. -// -// Use the following syntax to determine whether a continent is supported for -// geolocation: -// -// GET /2013-04-01/geolocation?continentcode=two-letter abbreviation for a continent -// -// Use the following syntax to determine whether a country is supported for -// geolocation: -// -// GET /2013-04-01/geolocation?countrycode=two-character country code -// -// Use the following syntax to determine whether a subdivision of a country -// is supported for geolocation: -// -// GET /2013-04-01/geolocation?countrycode=two-character country code&subdivisioncode=subdivision -// code -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetGeoLocation for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchGeoLocation "NoSuchGeoLocation" -// Amazon Route 53 doesn't support the specified geographic location. For a -// list of supported geolocation codes, see the GeoLocation (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GeoLocation.html) -// data type. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetGeoLocation -func (c *Route53) GetGeoLocation(input *GetGeoLocationInput) (*GetGeoLocationOutput, error) { - req, out := c.GetGeoLocationRequest(input) - return out, req.Send() -} - -// GetGeoLocationWithContext is the same as GetGeoLocation with the addition of -// the ability to pass a context and additional request options. -// -// See GetGeoLocation for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetGeoLocationWithContext(ctx aws.Context, input *GetGeoLocationInput, opts ...request.Option) (*GetGeoLocationOutput, error) { - req, out := c.GetGeoLocationRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetHealthCheck = "GetHealthCheck" - -// GetHealthCheckRequest generates a "aws/request.Request" representing the -// client's request for the GetHealthCheck operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetHealthCheck for more information on using the GetHealthCheck -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetHealthCheckRequest method. -// req, resp := client.GetHealthCheckRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHealthCheck -func (c *Route53) GetHealthCheckRequest(input *GetHealthCheckInput) (req *request.Request, output *GetHealthCheckOutput) { - op := &request.Operation{ - Name: opGetHealthCheck, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/healthcheck/{HealthCheckId}", - } - - if input == nil { - input = &GetHealthCheckInput{} - } - - output = &GetHealthCheckOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetHealthCheck API operation for Amazon Route 53. -// -// Gets information about a specified health check. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetHealthCheck for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeIncompatibleVersion "IncompatibleVersion" -// The resource you're trying to access is unsupported on this Amazon Route -// 53 endpoint. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHealthCheck -func (c *Route53) GetHealthCheck(input *GetHealthCheckInput) (*GetHealthCheckOutput, error) { - req, out := c.GetHealthCheckRequest(input) - return out, req.Send() -} - -// GetHealthCheckWithContext is the same as GetHealthCheck with the addition of -// the ability to pass a context and additional request options. -// -// See GetHealthCheck for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetHealthCheckWithContext(ctx aws.Context, input *GetHealthCheckInput, opts ...request.Option) (*GetHealthCheckOutput, error) { - req, out := c.GetHealthCheckRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetHealthCheckCount = "GetHealthCheckCount" - -// GetHealthCheckCountRequest generates a "aws/request.Request" representing the -// client's request for the GetHealthCheckCount operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetHealthCheckCount for more information on using the GetHealthCheckCount -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetHealthCheckCountRequest method. -// req, resp := client.GetHealthCheckCountRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHealthCheckCount -func (c *Route53) GetHealthCheckCountRequest(input *GetHealthCheckCountInput) (req *request.Request, output *GetHealthCheckCountOutput) { - op := &request.Operation{ - Name: opGetHealthCheckCount, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/healthcheckcount", - } - - if input == nil { - input = &GetHealthCheckCountInput{} - } - - output = &GetHealthCheckCountOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetHealthCheckCount API operation for Amazon Route 53. -// -// Retrieves the number of health checks that are associated with the current -// Amazon Web Services account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetHealthCheckCount for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHealthCheckCount -func (c *Route53) GetHealthCheckCount(input *GetHealthCheckCountInput) (*GetHealthCheckCountOutput, error) { - req, out := c.GetHealthCheckCountRequest(input) - return out, req.Send() -} - -// GetHealthCheckCountWithContext is the same as GetHealthCheckCount with the addition of -// the ability to pass a context and additional request options. -// -// See GetHealthCheckCount for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetHealthCheckCountWithContext(ctx aws.Context, input *GetHealthCheckCountInput, opts ...request.Option) (*GetHealthCheckCountOutput, error) { - req, out := c.GetHealthCheckCountRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetHealthCheckLastFailureReason = "GetHealthCheckLastFailureReason" - -// GetHealthCheckLastFailureReasonRequest generates a "aws/request.Request" representing the -// client's request for the GetHealthCheckLastFailureReason operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetHealthCheckLastFailureReason for more information on using the GetHealthCheckLastFailureReason -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetHealthCheckLastFailureReasonRequest method. -// req, resp := client.GetHealthCheckLastFailureReasonRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHealthCheckLastFailureReason -func (c *Route53) GetHealthCheckLastFailureReasonRequest(input *GetHealthCheckLastFailureReasonInput) (req *request.Request, output *GetHealthCheckLastFailureReasonOutput) { - op := &request.Operation{ - Name: opGetHealthCheckLastFailureReason, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/healthcheck/{HealthCheckId}/lastfailurereason", - } - - if input == nil { - input = &GetHealthCheckLastFailureReasonInput{} - } - - output = &GetHealthCheckLastFailureReasonOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetHealthCheckLastFailureReason API operation for Amazon Route 53. -// -// Gets the reason that a specified health check failed most recently. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetHealthCheckLastFailureReason for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHealthCheckLastFailureReason -func (c *Route53) GetHealthCheckLastFailureReason(input *GetHealthCheckLastFailureReasonInput) (*GetHealthCheckLastFailureReasonOutput, error) { - req, out := c.GetHealthCheckLastFailureReasonRequest(input) - return out, req.Send() -} - -// GetHealthCheckLastFailureReasonWithContext is the same as GetHealthCheckLastFailureReason with the addition of -// the ability to pass a context and additional request options. -// -// See GetHealthCheckLastFailureReason for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetHealthCheckLastFailureReasonWithContext(ctx aws.Context, input *GetHealthCheckLastFailureReasonInput, opts ...request.Option) (*GetHealthCheckLastFailureReasonOutput, error) { - req, out := c.GetHealthCheckLastFailureReasonRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetHealthCheckStatus = "GetHealthCheckStatus" - -// GetHealthCheckStatusRequest generates a "aws/request.Request" representing the -// client's request for the GetHealthCheckStatus operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetHealthCheckStatus for more information on using the GetHealthCheckStatus -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetHealthCheckStatusRequest method. -// req, resp := client.GetHealthCheckStatusRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHealthCheckStatus -func (c *Route53) GetHealthCheckStatusRequest(input *GetHealthCheckStatusInput) (req *request.Request, output *GetHealthCheckStatusOutput) { - op := &request.Operation{ - Name: opGetHealthCheckStatus, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/healthcheck/{HealthCheckId}/status", - } - - if input == nil { - input = &GetHealthCheckStatusInput{} - } - - output = &GetHealthCheckStatusOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetHealthCheckStatus API operation for Amazon Route 53. -// -// Gets status of a specified health check. -// -// This API is intended for use during development to diagnose behavior. It -// doesn’t support production use-cases with high query rates that require -// immediate and actionable responses. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetHealthCheckStatus for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHealthCheckStatus -func (c *Route53) GetHealthCheckStatus(input *GetHealthCheckStatusInput) (*GetHealthCheckStatusOutput, error) { - req, out := c.GetHealthCheckStatusRequest(input) - return out, req.Send() -} - -// GetHealthCheckStatusWithContext is the same as GetHealthCheckStatus with the addition of -// the ability to pass a context and additional request options. -// -// See GetHealthCheckStatus for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetHealthCheckStatusWithContext(ctx aws.Context, input *GetHealthCheckStatusInput, opts ...request.Option) (*GetHealthCheckStatusOutput, error) { - req, out := c.GetHealthCheckStatusRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetHostedZone = "GetHostedZone" - -// GetHostedZoneRequest generates a "aws/request.Request" representing the -// client's request for the GetHostedZone operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetHostedZone for more information on using the GetHostedZone -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetHostedZoneRequest method. -// req, resp := client.GetHostedZoneRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHostedZone -func (c *Route53) GetHostedZoneRequest(input *GetHostedZoneInput) (req *request.Request, output *GetHostedZoneOutput) { - op := &request.Operation{ - Name: opGetHostedZone, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzone/{Id}", - } - - if input == nil { - input = &GetHostedZoneInput{} - } - - output = &GetHostedZoneOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetHostedZone API operation for Amazon Route 53. -// -// Gets information about a specified hosted zone including the four name servers -// assigned to the hosted zone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetHostedZone for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHostedZone -func (c *Route53) GetHostedZone(input *GetHostedZoneInput) (*GetHostedZoneOutput, error) { - req, out := c.GetHostedZoneRequest(input) - return out, req.Send() -} - -// GetHostedZoneWithContext is the same as GetHostedZone with the addition of -// the ability to pass a context and additional request options. -// -// See GetHostedZone for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetHostedZoneWithContext(ctx aws.Context, input *GetHostedZoneInput, opts ...request.Option) (*GetHostedZoneOutput, error) { - req, out := c.GetHostedZoneRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetHostedZoneCount = "GetHostedZoneCount" - -// GetHostedZoneCountRequest generates a "aws/request.Request" representing the -// client's request for the GetHostedZoneCount operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetHostedZoneCount for more information on using the GetHostedZoneCount -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetHostedZoneCountRequest method. -// req, resp := client.GetHostedZoneCountRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHostedZoneCount -func (c *Route53) GetHostedZoneCountRequest(input *GetHostedZoneCountInput) (req *request.Request, output *GetHostedZoneCountOutput) { - op := &request.Operation{ - Name: opGetHostedZoneCount, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzonecount", - } - - if input == nil { - input = &GetHostedZoneCountInput{} - } - - output = &GetHostedZoneCountOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetHostedZoneCount API operation for Amazon Route 53. -// -// Retrieves the number of hosted zones that are associated with the current -// Amazon Web Services account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetHostedZoneCount for usage and error information. -// -// Returned Error Codes: -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHostedZoneCount -func (c *Route53) GetHostedZoneCount(input *GetHostedZoneCountInput) (*GetHostedZoneCountOutput, error) { - req, out := c.GetHostedZoneCountRequest(input) - return out, req.Send() -} - -// GetHostedZoneCountWithContext is the same as GetHostedZoneCount with the addition of -// the ability to pass a context and additional request options. -// -// See GetHostedZoneCount for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetHostedZoneCountWithContext(ctx aws.Context, input *GetHostedZoneCountInput, opts ...request.Option) (*GetHostedZoneCountOutput, error) { - req, out := c.GetHostedZoneCountRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetHostedZoneLimit = "GetHostedZoneLimit" - -// GetHostedZoneLimitRequest generates a "aws/request.Request" representing the -// client's request for the GetHostedZoneLimit operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetHostedZoneLimit for more information on using the GetHostedZoneLimit -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetHostedZoneLimitRequest method. -// req, resp := client.GetHostedZoneLimitRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHostedZoneLimit -func (c *Route53) GetHostedZoneLimitRequest(input *GetHostedZoneLimitInput) (req *request.Request, output *GetHostedZoneLimitOutput) { - op := &request.Operation{ - Name: opGetHostedZoneLimit, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzonelimit/{Id}/{Type}", - } - - if input == nil { - input = &GetHostedZoneLimitInput{} - } - - output = &GetHostedZoneLimitOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetHostedZoneLimit API operation for Amazon Route 53. -// -// Gets the specified limit for a specified hosted zone, for example, the maximum -// number of records that you can create in the hosted zone. -// -// For the default limit, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) -// in the Amazon Route 53 Developer Guide. To request a higher limit, open a -// case (https://console.aws.amazon.com/support/home#/case/create?issueType=service-limit-increase&limitType=service-code-route53). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetHostedZoneLimit for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeHostedZoneNotPrivate "HostedZoneNotPrivate" -// The specified hosted zone is a public hosted zone, not a private hosted zone. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetHostedZoneLimit -func (c *Route53) GetHostedZoneLimit(input *GetHostedZoneLimitInput) (*GetHostedZoneLimitOutput, error) { - req, out := c.GetHostedZoneLimitRequest(input) - return out, req.Send() -} - -// GetHostedZoneLimitWithContext is the same as GetHostedZoneLimit with the addition of -// the ability to pass a context and additional request options. -// -// See GetHostedZoneLimit for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetHostedZoneLimitWithContext(ctx aws.Context, input *GetHostedZoneLimitInput, opts ...request.Option) (*GetHostedZoneLimitOutput, error) { - req, out := c.GetHostedZoneLimitRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetQueryLoggingConfig = "GetQueryLoggingConfig" - -// GetQueryLoggingConfigRequest generates a "aws/request.Request" representing the -// client's request for the GetQueryLoggingConfig operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetQueryLoggingConfig for more information on using the GetQueryLoggingConfig -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetQueryLoggingConfigRequest method. -// req, resp := client.GetQueryLoggingConfigRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetQueryLoggingConfig -func (c *Route53) GetQueryLoggingConfigRequest(input *GetQueryLoggingConfigInput) (req *request.Request, output *GetQueryLoggingConfigOutput) { - op := &request.Operation{ - Name: opGetQueryLoggingConfig, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/queryloggingconfig/{Id}", - } - - if input == nil { - input = &GetQueryLoggingConfigInput{} - } - - output = &GetQueryLoggingConfigOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetQueryLoggingConfig API operation for Amazon Route 53. -// -// Gets information about a specified configuration for DNS query logging. -// -// For more information about DNS query logs, see CreateQueryLoggingConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateQueryLoggingConfig.html) -// and Logging DNS Queries (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetQueryLoggingConfig for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchQueryLoggingConfig "NoSuchQueryLoggingConfig" -// There is no DNS query logging configuration with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetQueryLoggingConfig -func (c *Route53) GetQueryLoggingConfig(input *GetQueryLoggingConfigInput) (*GetQueryLoggingConfigOutput, error) { - req, out := c.GetQueryLoggingConfigRequest(input) - return out, req.Send() -} - -// GetQueryLoggingConfigWithContext is the same as GetQueryLoggingConfig with the addition of -// the ability to pass a context and additional request options. -// -// See GetQueryLoggingConfig for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetQueryLoggingConfigWithContext(ctx aws.Context, input *GetQueryLoggingConfigInput, opts ...request.Option) (*GetQueryLoggingConfigOutput, error) { - req, out := c.GetQueryLoggingConfigRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetReusableDelegationSet = "GetReusableDelegationSet" - -// GetReusableDelegationSetRequest generates a "aws/request.Request" representing the -// client's request for the GetReusableDelegationSet operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetReusableDelegationSet for more information on using the GetReusableDelegationSet -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetReusableDelegationSetRequest method. -// req, resp := client.GetReusableDelegationSetRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetReusableDelegationSet -func (c *Route53) GetReusableDelegationSetRequest(input *GetReusableDelegationSetInput) (req *request.Request, output *GetReusableDelegationSetOutput) { - op := &request.Operation{ - Name: opGetReusableDelegationSet, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/delegationset/{Id}", - } - - if input == nil { - input = &GetReusableDelegationSetInput{} - } - - output = &GetReusableDelegationSetOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetReusableDelegationSet API operation for Amazon Route 53. -// -// Retrieves information about a specified reusable delegation set, including -// the four name servers that are assigned to the delegation set. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetReusableDelegationSet for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchDelegationSet "NoSuchDelegationSet" -// A reusable delegation set with the specified ID does not exist. -// -// - ErrCodeDelegationSetNotReusable "DelegationSetNotReusable" -// A reusable delegation set with the specified ID does not exist. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetReusableDelegationSet -func (c *Route53) GetReusableDelegationSet(input *GetReusableDelegationSetInput) (*GetReusableDelegationSetOutput, error) { - req, out := c.GetReusableDelegationSetRequest(input) - return out, req.Send() -} - -// GetReusableDelegationSetWithContext is the same as GetReusableDelegationSet with the addition of -// the ability to pass a context and additional request options. -// -// See GetReusableDelegationSet for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetReusableDelegationSetWithContext(ctx aws.Context, input *GetReusableDelegationSetInput, opts ...request.Option) (*GetReusableDelegationSetOutput, error) { - req, out := c.GetReusableDelegationSetRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetReusableDelegationSetLimit = "GetReusableDelegationSetLimit" - -// GetReusableDelegationSetLimitRequest generates a "aws/request.Request" representing the -// client's request for the GetReusableDelegationSetLimit operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetReusableDelegationSetLimit for more information on using the GetReusableDelegationSetLimit -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetReusableDelegationSetLimitRequest method. -// req, resp := client.GetReusableDelegationSetLimitRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetReusableDelegationSetLimit -func (c *Route53) GetReusableDelegationSetLimitRequest(input *GetReusableDelegationSetLimitInput) (req *request.Request, output *GetReusableDelegationSetLimitOutput) { - op := &request.Operation{ - Name: opGetReusableDelegationSetLimit, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/reusabledelegationsetlimit/{Id}/{Type}", - } - - if input == nil { - input = &GetReusableDelegationSetLimitInput{} - } - - output = &GetReusableDelegationSetLimitOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetReusableDelegationSetLimit API operation for Amazon Route 53. -// -// Gets the maximum number of hosted zones that you can associate with the specified -// reusable delegation set. -// -// For the default limit, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) -// in the Amazon Route 53 Developer Guide. To request a higher limit, open a -// case (https://console.aws.amazon.com/support/home#/case/create?issueType=service-limit-increase&limitType=service-code-route53). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetReusableDelegationSetLimit for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchDelegationSet "NoSuchDelegationSet" -// A reusable delegation set with the specified ID does not exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetReusableDelegationSetLimit -func (c *Route53) GetReusableDelegationSetLimit(input *GetReusableDelegationSetLimitInput) (*GetReusableDelegationSetLimitOutput, error) { - req, out := c.GetReusableDelegationSetLimitRequest(input) - return out, req.Send() -} - -// GetReusableDelegationSetLimitWithContext is the same as GetReusableDelegationSetLimit with the addition of -// the ability to pass a context and additional request options. -// -// See GetReusableDelegationSetLimit for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetReusableDelegationSetLimitWithContext(ctx aws.Context, input *GetReusableDelegationSetLimitInput, opts ...request.Option) (*GetReusableDelegationSetLimitOutput, error) { - req, out := c.GetReusableDelegationSetLimitRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetTrafficPolicy = "GetTrafficPolicy" - -// GetTrafficPolicyRequest generates a "aws/request.Request" representing the -// client's request for the GetTrafficPolicy operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetTrafficPolicy for more information on using the GetTrafficPolicy -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetTrafficPolicyRequest method. -// req, resp := client.GetTrafficPolicyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetTrafficPolicy -func (c *Route53) GetTrafficPolicyRequest(input *GetTrafficPolicyInput) (req *request.Request, output *GetTrafficPolicyOutput) { - op := &request.Operation{ - Name: opGetTrafficPolicy, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/trafficpolicy/{Id}/{Version}", - } - - if input == nil { - input = &GetTrafficPolicyInput{} - } - - output = &GetTrafficPolicyOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetTrafficPolicy API operation for Amazon Route 53. -// -// Gets information about a specific traffic policy version. -// -// For information about how of deleting a traffic policy affects the response -// from GetTrafficPolicy, see DeleteTrafficPolicy (https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicy.html). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetTrafficPolicy for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchTrafficPolicy "NoSuchTrafficPolicy" -// No traffic policy exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetTrafficPolicy -func (c *Route53) GetTrafficPolicy(input *GetTrafficPolicyInput) (*GetTrafficPolicyOutput, error) { - req, out := c.GetTrafficPolicyRequest(input) - return out, req.Send() -} - -// GetTrafficPolicyWithContext is the same as GetTrafficPolicy with the addition of -// the ability to pass a context and additional request options. -// -// See GetTrafficPolicy for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetTrafficPolicyWithContext(ctx aws.Context, input *GetTrafficPolicyInput, opts ...request.Option) (*GetTrafficPolicyOutput, error) { - req, out := c.GetTrafficPolicyRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetTrafficPolicyInstance = "GetTrafficPolicyInstance" - -// GetTrafficPolicyInstanceRequest generates a "aws/request.Request" representing the -// client's request for the GetTrafficPolicyInstance operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetTrafficPolicyInstance for more information on using the GetTrafficPolicyInstance -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetTrafficPolicyInstanceRequest method. -// req, resp := client.GetTrafficPolicyInstanceRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetTrafficPolicyInstance -func (c *Route53) GetTrafficPolicyInstanceRequest(input *GetTrafficPolicyInstanceInput) (req *request.Request, output *GetTrafficPolicyInstanceOutput) { - op := &request.Operation{ - Name: opGetTrafficPolicyInstance, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/trafficpolicyinstance/{Id}", - } - - if input == nil { - input = &GetTrafficPolicyInstanceInput{} - } - - output = &GetTrafficPolicyInstanceOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetTrafficPolicyInstance API operation for Amazon Route 53. -// -// Gets information about a specified traffic policy instance. -// -// Use GetTrafficPolicyInstance with the id of new traffic policy instance to -// confirm that the CreateTrafficPolicyInstance or an UpdateTrafficPolicyInstance -// request completed successfully. For more information, see the State response -// element. -// -// In the Route 53 console, traffic policy instances are known as policy records. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetTrafficPolicyInstance for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchTrafficPolicyInstance "NoSuchTrafficPolicyInstance" -// No traffic policy instance exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetTrafficPolicyInstance -func (c *Route53) GetTrafficPolicyInstance(input *GetTrafficPolicyInstanceInput) (*GetTrafficPolicyInstanceOutput, error) { - req, out := c.GetTrafficPolicyInstanceRequest(input) - return out, req.Send() -} - -// GetTrafficPolicyInstanceWithContext is the same as GetTrafficPolicyInstance with the addition of -// the ability to pass a context and additional request options. -// -// See GetTrafficPolicyInstance for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetTrafficPolicyInstanceWithContext(ctx aws.Context, input *GetTrafficPolicyInstanceInput, opts ...request.Option) (*GetTrafficPolicyInstanceOutput, error) { - req, out := c.GetTrafficPolicyInstanceRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetTrafficPolicyInstanceCount = "GetTrafficPolicyInstanceCount" - -// GetTrafficPolicyInstanceCountRequest generates a "aws/request.Request" representing the -// client's request for the GetTrafficPolicyInstanceCount operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetTrafficPolicyInstanceCount for more information on using the GetTrafficPolicyInstanceCount -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetTrafficPolicyInstanceCountRequest method. -// req, resp := client.GetTrafficPolicyInstanceCountRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetTrafficPolicyInstanceCount -func (c *Route53) GetTrafficPolicyInstanceCountRequest(input *GetTrafficPolicyInstanceCountInput) (req *request.Request, output *GetTrafficPolicyInstanceCountOutput) { - op := &request.Operation{ - Name: opGetTrafficPolicyInstanceCount, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/trafficpolicyinstancecount", - } - - if input == nil { - input = &GetTrafficPolicyInstanceCountInput{} - } - - output = &GetTrafficPolicyInstanceCountOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetTrafficPolicyInstanceCount API operation for Amazon Route 53. -// -// Gets the number of traffic policy instances that are associated with the -// current Amazon Web Services account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation GetTrafficPolicyInstanceCount for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/GetTrafficPolicyInstanceCount -func (c *Route53) GetTrafficPolicyInstanceCount(input *GetTrafficPolicyInstanceCountInput) (*GetTrafficPolicyInstanceCountOutput, error) { - req, out := c.GetTrafficPolicyInstanceCountRequest(input) - return out, req.Send() -} - -// GetTrafficPolicyInstanceCountWithContext is the same as GetTrafficPolicyInstanceCount with the addition of -// the ability to pass a context and additional request options. -// -// See GetTrafficPolicyInstanceCount for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) GetTrafficPolicyInstanceCountWithContext(ctx aws.Context, input *GetTrafficPolicyInstanceCountInput, opts ...request.Option) (*GetTrafficPolicyInstanceCountOutput, error) { - req, out := c.GetTrafficPolicyInstanceCountRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListCidrBlocks = "ListCidrBlocks" - -// ListCidrBlocksRequest generates a "aws/request.Request" representing the -// client's request for the ListCidrBlocks operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListCidrBlocks for more information on using the ListCidrBlocks -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListCidrBlocksRequest method. -// req, resp := client.ListCidrBlocksRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListCidrBlocks -func (c *Route53) ListCidrBlocksRequest(input *ListCidrBlocksInput) (req *request.Request, output *ListCidrBlocksOutput) { - op := &request.Operation{ - Name: opListCidrBlocks, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/cidrcollection/{CidrCollectionId}/cidrblocks", - Paginator: &request.Paginator{ - InputTokens: []string{"NextToken"}, - OutputTokens: []string{"NextToken"}, - LimitToken: "MaxResults", - TruncationToken: "", - }, - } - - if input == nil { - input = &ListCidrBlocksInput{} - } - - output = &ListCidrBlocksOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListCidrBlocks API operation for Amazon Route 53. -// -// Returns a paginated list of location objects and their CIDR blocks. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListCidrBlocks for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchCidrCollectionException "NoSuchCidrCollectionException" -// The CIDR collection you specified, doesn't exist. -// -// - ErrCodeNoSuchCidrLocationException "NoSuchCidrLocationException" -// The CIDR collection location doesn't match any locations in your account. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListCidrBlocks -func (c *Route53) ListCidrBlocks(input *ListCidrBlocksInput) (*ListCidrBlocksOutput, error) { - req, out := c.ListCidrBlocksRequest(input) - return out, req.Send() -} - -// ListCidrBlocksWithContext is the same as ListCidrBlocks with the addition of -// the ability to pass a context and additional request options. -// -// See ListCidrBlocks for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListCidrBlocksWithContext(ctx aws.Context, input *ListCidrBlocksInput, opts ...request.Option) (*ListCidrBlocksOutput, error) { - req, out := c.ListCidrBlocksRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListCidrBlocksPages iterates over the pages of a ListCidrBlocks operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListCidrBlocks method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListCidrBlocks operation. -// pageNum := 0 -// err := client.ListCidrBlocksPages(params, -// func(page *route53.ListCidrBlocksOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *Route53) ListCidrBlocksPages(input *ListCidrBlocksInput, fn func(*ListCidrBlocksOutput, bool) bool) error { - return c.ListCidrBlocksPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListCidrBlocksPagesWithContext same as ListCidrBlocksPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListCidrBlocksPagesWithContext(ctx aws.Context, input *ListCidrBlocksInput, fn func(*ListCidrBlocksOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListCidrBlocksInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListCidrBlocksRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListCidrBlocksOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListCidrCollections = "ListCidrCollections" - -// ListCidrCollectionsRequest generates a "aws/request.Request" representing the -// client's request for the ListCidrCollections operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListCidrCollections for more information on using the ListCidrCollections -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListCidrCollectionsRequest method. -// req, resp := client.ListCidrCollectionsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListCidrCollections -func (c *Route53) ListCidrCollectionsRequest(input *ListCidrCollectionsInput) (req *request.Request, output *ListCidrCollectionsOutput) { - op := &request.Operation{ - Name: opListCidrCollections, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/cidrcollection", - Paginator: &request.Paginator{ - InputTokens: []string{"NextToken"}, - OutputTokens: []string{"NextToken"}, - LimitToken: "MaxResults", - TruncationToken: "", - }, - } - - if input == nil { - input = &ListCidrCollectionsInput{} - } - - output = &ListCidrCollectionsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListCidrCollections API operation for Amazon Route 53. -// -// Returns a paginated list of CIDR collections in the Amazon Web Services account -// (metadata only). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListCidrCollections for usage and error information. -// -// Returned Error Codes: -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListCidrCollections -func (c *Route53) ListCidrCollections(input *ListCidrCollectionsInput) (*ListCidrCollectionsOutput, error) { - req, out := c.ListCidrCollectionsRequest(input) - return out, req.Send() -} - -// ListCidrCollectionsWithContext is the same as ListCidrCollections with the addition of -// the ability to pass a context and additional request options. -// -// See ListCidrCollections for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListCidrCollectionsWithContext(ctx aws.Context, input *ListCidrCollectionsInput, opts ...request.Option) (*ListCidrCollectionsOutput, error) { - req, out := c.ListCidrCollectionsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListCidrCollectionsPages iterates over the pages of a ListCidrCollections operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListCidrCollections method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListCidrCollections operation. -// pageNum := 0 -// err := client.ListCidrCollectionsPages(params, -// func(page *route53.ListCidrCollectionsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *Route53) ListCidrCollectionsPages(input *ListCidrCollectionsInput, fn func(*ListCidrCollectionsOutput, bool) bool) error { - return c.ListCidrCollectionsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListCidrCollectionsPagesWithContext same as ListCidrCollectionsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListCidrCollectionsPagesWithContext(ctx aws.Context, input *ListCidrCollectionsInput, fn func(*ListCidrCollectionsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListCidrCollectionsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListCidrCollectionsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListCidrCollectionsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListCidrLocations = "ListCidrLocations" - -// ListCidrLocationsRequest generates a "aws/request.Request" representing the -// client's request for the ListCidrLocations operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListCidrLocations for more information on using the ListCidrLocations -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListCidrLocationsRequest method. -// req, resp := client.ListCidrLocationsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListCidrLocations -func (c *Route53) ListCidrLocationsRequest(input *ListCidrLocationsInput) (req *request.Request, output *ListCidrLocationsOutput) { - op := &request.Operation{ - Name: opListCidrLocations, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/cidrcollection/{CidrCollectionId}", - Paginator: &request.Paginator{ - InputTokens: []string{"NextToken"}, - OutputTokens: []string{"NextToken"}, - LimitToken: "MaxResults", - TruncationToken: "", - }, - } - - if input == nil { - input = &ListCidrLocationsInput{} - } - - output = &ListCidrLocationsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListCidrLocations API operation for Amazon Route 53. -// -// Returns a paginated list of CIDR locations for the given collection (metadata -// only, does not include CIDR blocks). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListCidrLocations for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchCidrCollectionException "NoSuchCidrCollectionException" -// The CIDR collection you specified, doesn't exist. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListCidrLocations -func (c *Route53) ListCidrLocations(input *ListCidrLocationsInput) (*ListCidrLocationsOutput, error) { - req, out := c.ListCidrLocationsRequest(input) - return out, req.Send() -} - -// ListCidrLocationsWithContext is the same as ListCidrLocations with the addition of -// the ability to pass a context and additional request options. -// -// See ListCidrLocations for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListCidrLocationsWithContext(ctx aws.Context, input *ListCidrLocationsInput, opts ...request.Option) (*ListCidrLocationsOutput, error) { - req, out := c.ListCidrLocationsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListCidrLocationsPages iterates over the pages of a ListCidrLocations operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListCidrLocations method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListCidrLocations operation. -// pageNum := 0 -// err := client.ListCidrLocationsPages(params, -// func(page *route53.ListCidrLocationsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *Route53) ListCidrLocationsPages(input *ListCidrLocationsInput, fn func(*ListCidrLocationsOutput, bool) bool) error { - return c.ListCidrLocationsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListCidrLocationsPagesWithContext same as ListCidrLocationsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListCidrLocationsPagesWithContext(ctx aws.Context, input *ListCidrLocationsInput, fn func(*ListCidrLocationsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListCidrLocationsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListCidrLocationsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListCidrLocationsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListGeoLocations = "ListGeoLocations" - -// ListGeoLocationsRequest generates a "aws/request.Request" representing the -// client's request for the ListGeoLocations operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListGeoLocations for more information on using the ListGeoLocations -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListGeoLocationsRequest method. -// req, resp := client.ListGeoLocationsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListGeoLocations -func (c *Route53) ListGeoLocationsRequest(input *ListGeoLocationsInput) (req *request.Request, output *ListGeoLocationsOutput) { - op := &request.Operation{ - Name: opListGeoLocations, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/geolocations", - } - - if input == nil { - input = &ListGeoLocationsInput{} - } - - output = &ListGeoLocationsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListGeoLocations API operation for Amazon Route 53. -// -// Retrieves a list of supported geographic locations. -// -// Countries are listed first, and continents are listed last. If Amazon Route -// 53 supports subdivisions for a country (for example, states or provinces), -// the subdivisions for that country are listed in alphabetical order immediately -// after the corresponding country. -// -// Route 53 does not perform authorization for this API because it retrieves -// information that is already available to the public. -// -// For a list of supported geolocation codes, see the GeoLocation (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GeoLocation.html) -// data type. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListGeoLocations for usage and error information. -// -// Returned Error Codes: -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListGeoLocations -func (c *Route53) ListGeoLocations(input *ListGeoLocationsInput) (*ListGeoLocationsOutput, error) { - req, out := c.ListGeoLocationsRequest(input) - return out, req.Send() -} - -// ListGeoLocationsWithContext is the same as ListGeoLocations with the addition of -// the ability to pass a context and additional request options. -// -// See ListGeoLocations for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListGeoLocationsWithContext(ctx aws.Context, input *ListGeoLocationsInput, opts ...request.Option) (*ListGeoLocationsOutput, error) { - req, out := c.ListGeoLocationsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListHealthChecks = "ListHealthChecks" - -// ListHealthChecksRequest generates a "aws/request.Request" representing the -// client's request for the ListHealthChecks operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListHealthChecks for more information on using the ListHealthChecks -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListHealthChecksRequest method. -// req, resp := client.ListHealthChecksRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListHealthChecks -func (c *Route53) ListHealthChecksRequest(input *ListHealthChecksInput) (req *request.Request, output *ListHealthChecksOutput) { - op := &request.Operation{ - Name: opListHealthChecks, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/healthcheck", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"NextMarker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListHealthChecksInput{} - } - - output = &ListHealthChecksOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListHealthChecks API operation for Amazon Route 53. -// -// Retrieve a list of the health checks that are associated with the current -// Amazon Web Services account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListHealthChecks for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeIncompatibleVersion "IncompatibleVersion" -// The resource you're trying to access is unsupported on this Amazon Route -// 53 endpoint. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListHealthChecks -func (c *Route53) ListHealthChecks(input *ListHealthChecksInput) (*ListHealthChecksOutput, error) { - req, out := c.ListHealthChecksRequest(input) - return out, req.Send() -} - -// ListHealthChecksWithContext is the same as ListHealthChecks with the addition of -// the ability to pass a context and additional request options. -// -// See ListHealthChecks for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListHealthChecksWithContext(ctx aws.Context, input *ListHealthChecksInput, opts ...request.Option) (*ListHealthChecksOutput, error) { - req, out := c.ListHealthChecksRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListHealthChecksPages iterates over the pages of a ListHealthChecks operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListHealthChecks method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListHealthChecks operation. -// pageNum := 0 -// err := client.ListHealthChecksPages(params, -// func(page *route53.ListHealthChecksOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *Route53) ListHealthChecksPages(input *ListHealthChecksInput, fn func(*ListHealthChecksOutput, bool) bool) error { - return c.ListHealthChecksPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListHealthChecksPagesWithContext same as ListHealthChecksPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListHealthChecksPagesWithContext(ctx aws.Context, input *ListHealthChecksInput, fn func(*ListHealthChecksOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListHealthChecksInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListHealthChecksRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListHealthChecksOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListHostedZones = "ListHostedZones" - -// ListHostedZonesRequest generates a "aws/request.Request" representing the -// client's request for the ListHostedZones operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListHostedZones for more information on using the ListHostedZones -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListHostedZonesRequest method. -// req, resp := client.ListHostedZonesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListHostedZones -func (c *Route53) ListHostedZonesRequest(input *ListHostedZonesInput) (req *request.Request, output *ListHostedZonesOutput) { - op := &request.Operation{ - Name: opListHostedZones, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzone", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"NextMarker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListHostedZonesInput{} - } - - output = &ListHostedZonesOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListHostedZones API operation for Amazon Route 53. -// -// Retrieves a list of the public and private hosted zones that are associated -// with the current Amazon Web Services account. The response includes a HostedZones -// child element for each hosted zone. -// -// Amazon Route 53 returns a maximum of 100 items in each response. If you have -// a lot of hosted zones, you can use the maxitems parameter to list them in -// groups of up to 100. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListHostedZones for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchDelegationSet "NoSuchDelegationSet" -// A reusable delegation set with the specified ID does not exist. -// -// - ErrCodeDelegationSetNotReusable "DelegationSetNotReusable" -// A reusable delegation set with the specified ID does not exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListHostedZones -func (c *Route53) ListHostedZones(input *ListHostedZonesInput) (*ListHostedZonesOutput, error) { - req, out := c.ListHostedZonesRequest(input) - return out, req.Send() -} - -// ListHostedZonesWithContext is the same as ListHostedZones with the addition of -// the ability to pass a context and additional request options. -// -// See ListHostedZones for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListHostedZonesWithContext(ctx aws.Context, input *ListHostedZonesInput, opts ...request.Option) (*ListHostedZonesOutput, error) { - req, out := c.ListHostedZonesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListHostedZonesPages iterates over the pages of a ListHostedZones operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListHostedZones method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListHostedZones operation. -// pageNum := 0 -// err := client.ListHostedZonesPages(params, -// func(page *route53.ListHostedZonesOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *Route53) ListHostedZonesPages(input *ListHostedZonesInput, fn func(*ListHostedZonesOutput, bool) bool) error { - return c.ListHostedZonesPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListHostedZonesPagesWithContext same as ListHostedZonesPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListHostedZonesPagesWithContext(ctx aws.Context, input *ListHostedZonesInput, fn func(*ListHostedZonesOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListHostedZonesInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListHostedZonesRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListHostedZonesOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListHostedZonesByName = "ListHostedZonesByName" - -// ListHostedZonesByNameRequest generates a "aws/request.Request" representing the -// client's request for the ListHostedZonesByName operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListHostedZonesByName for more information on using the ListHostedZonesByName -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListHostedZonesByNameRequest method. -// req, resp := client.ListHostedZonesByNameRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListHostedZonesByName -func (c *Route53) ListHostedZonesByNameRequest(input *ListHostedZonesByNameInput) (req *request.Request, output *ListHostedZonesByNameOutput) { - op := &request.Operation{ - Name: opListHostedZonesByName, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzonesbyname", - } - - if input == nil { - input = &ListHostedZonesByNameInput{} - } - - output = &ListHostedZonesByNameOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListHostedZonesByName API operation for Amazon Route 53. -// -// Retrieves a list of your hosted zones in lexicographic order. The response -// includes a HostedZones child element for each hosted zone created by the -// current Amazon Web Services account. -// -// ListHostedZonesByName sorts hosted zones by name with the labels reversed. -// For example: -// -// com.example.www. -// -// Note the trailing dot, which can change the sort order in some circumstances. -// -// If the domain name includes escape characters or Punycode, ListHostedZonesByName -// alphabetizes the domain name using the escaped or Punycoded value, which -// is the format that Amazon Route 53 saves in its database. For example, to -// create a hosted zone for exämple.com, you specify ex\344mple.com for the -// domain name. ListHostedZonesByName alphabetizes it as: -// -// com.ex\344mple. -// -// The labels are reversed and alphabetized using the escaped value. For more -// information about valid domain name formats, including internationalized -// domain names, see DNS Domain Name Format (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) -// in the Amazon Route 53 Developer Guide. -// -// Route 53 returns up to 100 items in each response. If you have a lot of hosted -// zones, use the MaxItems parameter to list them in groups of up to 100. The -// response includes values that help navigate from one group of MaxItems hosted -// zones to the next: -// -// - The DNSName and HostedZoneId elements in the response contain the values, -// if any, specified for the dnsname and hostedzoneid parameters in the request -// that produced the current response. -// -// - The MaxItems element in the response contains the value, if any, that -// you specified for the maxitems parameter in the request that produced -// the current response. -// -// - If the value of IsTruncated in the response is true, there are more -// hosted zones associated with the current Amazon Web Services account. -// If IsTruncated is false, this response includes the last hosted zone that -// is associated with the current account. The NextDNSName element and NextHostedZoneId -// elements are omitted from the response. -// -// - The NextDNSName and NextHostedZoneId elements in the response contain -// the domain name and the hosted zone ID of the next hosted zone that is -// associated with the current Amazon Web Services account. If you want to -// list more hosted zones, make another call to ListHostedZonesByName, and -// specify the value of NextDNSName and NextHostedZoneId in the dnsname and -// hostedzoneid parameters, respectively. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListHostedZonesByName for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeInvalidDomainName "InvalidDomainName" -// The specified domain name is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListHostedZonesByName -func (c *Route53) ListHostedZonesByName(input *ListHostedZonesByNameInput) (*ListHostedZonesByNameOutput, error) { - req, out := c.ListHostedZonesByNameRequest(input) - return out, req.Send() -} - -// ListHostedZonesByNameWithContext is the same as ListHostedZonesByName with the addition of -// the ability to pass a context and additional request options. -// -// See ListHostedZonesByName for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListHostedZonesByNameWithContext(ctx aws.Context, input *ListHostedZonesByNameInput, opts ...request.Option) (*ListHostedZonesByNameOutput, error) { - req, out := c.ListHostedZonesByNameRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListHostedZonesByVPC = "ListHostedZonesByVPC" - -// ListHostedZonesByVPCRequest generates a "aws/request.Request" representing the -// client's request for the ListHostedZonesByVPC operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListHostedZonesByVPC for more information on using the ListHostedZonesByVPC -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListHostedZonesByVPCRequest method. -// req, resp := client.ListHostedZonesByVPCRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListHostedZonesByVPC -func (c *Route53) ListHostedZonesByVPCRequest(input *ListHostedZonesByVPCInput) (req *request.Request, output *ListHostedZonesByVPCOutput) { - op := &request.Operation{ - Name: opListHostedZonesByVPC, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzonesbyvpc", - } - - if input == nil { - input = &ListHostedZonesByVPCInput{} - } - - output = &ListHostedZonesByVPCOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListHostedZonesByVPC API operation for Amazon Route 53. -// -// Lists all the private hosted zones that a specified VPC is associated with, -// regardless of which Amazon Web Services account or Amazon Web Services service -// owns the hosted zones. The HostedZoneOwner structure in the response contains -// one of the following values: -// -// - An OwningAccount element, which contains the account number of either -// the current Amazon Web Services account or another Amazon Web Services -// account. Some services, such as Cloud Map, create hosted zones using the -// current account. -// -// - An OwningService element, which identifies the Amazon Web Services service -// that created and owns the hosted zone. For example, if a hosted zone was -// created by Amazon Elastic File System (Amazon EFS), the value of Owner -// is efs.amazonaws.com. -// -// When listing private hosted zones, the hosted zone and the Amazon VPC must -// belong to the same partition where the hosted zones were created. A partition -// is a group of Amazon Web Services Regions. Each Amazon Web Services account -// is scoped to one partition. -// -// The following are the supported partitions: -// -// - aws - Amazon Web Services Regions -// -// - aws-cn - China Regions -// -// - aws-us-gov - Amazon Web Services GovCloud (US) Region -// -// For more information, see Access Management (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) -// in the Amazon Web Services General Reference. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListHostedZonesByVPC for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeInvalidPaginationToken "InvalidPaginationToken" -// The value that you specified to get the second or subsequent page of results -// is invalid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListHostedZonesByVPC -func (c *Route53) ListHostedZonesByVPC(input *ListHostedZonesByVPCInput) (*ListHostedZonesByVPCOutput, error) { - req, out := c.ListHostedZonesByVPCRequest(input) - return out, req.Send() -} - -// ListHostedZonesByVPCWithContext is the same as ListHostedZonesByVPC with the addition of -// the ability to pass a context and additional request options. -// -// See ListHostedZonesByVPC for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListHostedZonesByVPCWithContext(ctx aws.Context, input *ListHostedZonesByVPCInput, opts ...request.Option) (*ListHostedZonesByVPCOutput, error) { - req, out := c.ListHostedZonesByVPCRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListQueryLoggingConfigs = "ListQueryLoggingConfigs" - -// ListQueryLoggingConfigsRequest generates a "aws/request.Request" representing the -// client's request for the ListQueryLoggingConfigs operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListQueryLoggingConfigs for more information on using the ListQueryLoggingConfigs -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListQueryLoggingConfigsRequest method. -// req, resp := client.ListQueryLoggingConfigsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListQueryLoggingConfigs -func (c *Route53) ListQueryLoggingConfigsRequest(input *ListQueryLoggingConfigsInput) (req *request.Request, output *ListQueryLoggingConfigsOutput) { - op := &request.Operation{ - Name: opListQueryLoggingConfigs, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/queryloggingconfig", - Paginator: &request.Paginator{ - InputTokens: []string{"NextToken"}, - OutputTokens: []string{"NextToken"}, - LimitToken: "MaxResults", - TruncationToken: "", - }, - } - - if input == nil { - input = &ListQueryLoggingConfigsInput{} - } - - output = &ListQueryLoggingConfigsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListQueryLoggingConfigs API operation for Amazon Route 53. -// -// Lists the configurations for DNS query logging that are associated with the -// current Amazon Web Services account or the configuration that is associated -// with a specified hosted zone. -// -// For more information about DNS query logs, see CreateQueryLoggingConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateQueryLoggingConfig.html). -// Additional information, including the format of DNS query logs, appears in -// Logging DNS Queries (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) -// in the Amazon Route 53 Developer Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListQueryLoggingConfigs for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeInvalidPaginationToken "InvalidPaginationToken" -// The value that you specified to get the second or subsequent page of results -// is invalid. -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListQueryLoggingConfigs -func (c *Route53) ListQueryLoggingConfigs(input *ListQueryLoggingConfigsInput) (*ListQueryLoggingConfigsOutput, error) { - req, out := c.ListQueryLoggingConfigsRequest(input) - return out, req.Send() -} - -// ListQueryLoggingConfigsWithContext is the same as ListQueryLoggingConfigs with the addition of -// the ability to pass a context and additional request options. -// -// See ListQueryLoggingConfigs for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListQueryLoggingConfigsWithContext(ctx aws.Context, input *ListQueryLoggingConfigsInput, opts ...request.Option) (*ListQueryLoggingConfigsOutput, error) { - req, out := c.ListQueryLoggingConfigsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListQueryLoggingConfigsPages iterates over the pages of a ListQueryLoggingConfigs operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListQueryLoggingConfigs method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListQueryLoggingConfigs operation. -// pageNum := 0 -// err := client.ListQueryLoggingConfigsPages(params, -// func(page *route53.ListQueryLoggingConfigsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *Route53) ListQueryLoggingConfigsPages(input *ListQueryLoggingConfigsInput, fn func(*ListQueryLoggingConfigsOutput, bool) bool) error { - return c.ListQueryLoggingConfigsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListQueryLoggingConfigsPagesWithContext same as ListQueryLoggingConfigsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListQueryLoggingConfigsPagesWithContext(ctx aws.Context, input *ListQueryLoggingConfigsInput, fn func(*ListQueryLoggingConfigsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListQueryLoggingConfigsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListQueryLoggingConfigsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListQueryLoggingConfigsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListResourceRecordSets = "ListResourceRecordSets" - -// ListResourceRecordSetsRequest generates a "aws/request.Request" representing the -// client's request for the ListResourceRecordSets operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListResourceRecordSets for more information on using the ListResourceRecordSets -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListResourceRecordSetsRequest method. -// req, resp := client.ListResourceRecordSetsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListResourceRecordSets -func (c *Route53) ListResourceRecordSetsRequest(input *ListResourceRecordSetsInput) (req *request.Request, output *ListResourceRecordSetsOutput) { - op := &request.Operation{ - Name: opListResourceRecordSets, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzone/{Id}/rrset", - Paginator: &request.Paginator{ - InputTokens: []string{"StartRecordName", "StartRecordType", "StartRecordIdentifier"}, - OutputTokens: []string{"NextRecordName", "NextRecordType", "NextRecordIdentifier"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListResourceRecordSetsInput{} - } - - output = &ListResourceRecordSetsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListResourceRecordSets API operation for Amazon Route 53. -// -// Lists the resource record sets in a specified hosted zone. -// -// ListResourceRecordSets returns up to 300 resource record sets at a time in -// ASCII order, beginning at a position specified by the name and type elements. -// -// # Sort order -// -// ListResourceRecordSets sorts results first by DNS name with the labels reversed, -// for example: -// -// com.example.www. -// -// Note the trailing dot, which can change the sort order when the record name -// contains characters that appear before . (decimal 46) in the ASCII table. -// These characters include the following: ! " # $ % & ' ( ) * + , - -// -// When multiple records have the same DNS name, ListResourceRecordSets sorts -// results by the record type. -// -// # Specifying where to start listing records -// -// You can use the name and type elements to specify the resource record set -// that the list begins with: -// -// # If you do not specify Name or Type -// -// The results begin with the first resource record set that the hosted zone -// contains. -// -// # If you specify Name but not Type -// -// The results begin with the first resource record set in the list whose name -// is greater than or equal to Name. -// -// # If you specify Type but not Name -// -// Amazon Route 53 returns the InvalidInput error. -// -// # If you specify both Name and Type -// -// The results begin with the first resource record set in the list whose name -// is greater than or equal to Name, and whose type is greater than or equal -// to Type. -// -// # Resource record sets that are PENDING -// -// This action returns the most current version of the records. This includes -// records that are PENDING, and that are not yet available on all Route 53 -// DNS servers. -// -// # Changing resource record sets -// -// To ensure that you get an accurate listing of the resource record sets for -// a hosted zone at a point in time, do not submit a ChangeResourceRecordSets -// request while you're paging through the results of a ListResourceRecordSets -// request. If you do, some pages may display results without the latest changes -// while other pages display results with the latest changes. -// -// # Displaying the next page of results -// -// If a ListResourceRecordSets command returns more than one page of results, -// the value of IsTruncated is true. To display the next page of results, get -// the values of NextRecordName, NextRecordType, and NextRecordIdentifier (if -// any) from the response. Then submit another ListResourceRecordSets request, -// and specify those values for StartRecordName, StartRecordType, and StartRecordIdentifier. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListResourceRecordSets for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListResourceRecordSets -func (c *Route53) ListResourceRecordSets(input *ListResourceRecordSetsInput) (*ListResourceRecordSetsOutput, error) { - req, out := c.ListResourceRecordSetsRequest(input) - return out, req.Send() -} - -// ListResourceRecordSetsWithContext is the same as ListResourceRecordSets with the addition of -// the ability to pass a context and additional request options. -// -// See ListResourceRecordSets for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListResourceRecordSetsWithContext(ctx aws.Context, input *ListResourceRecordSetsInput, opts ...request.Option) (*ListResourceRecordSetsOutput, error) { - req, out := c.ListResourceRecordSetsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListResourceRecordSetsPages iterates over the pages of a ListResourceRecordSets operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListResourceRecordSets method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListResourceRecordSets operation. -// pageNum := 0 -// err := client.ListResourceRecordSetsPages(params, -// func(page *route53.ListResourceRecordSetsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *Route53) ListResourceRecordSetsPages(input *ListResourceRecordSetsInput, fn func(*ListResourceRecordSetsOutput, bool) bool) error { - return c.ListResourceRecordSetsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListResourceRecordSetsPagesWithContext same as ListResourceRecordSetsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListResourceRecordSetsPagesWithContext(ctx aws.Context, input *ListResourceRecordSetsInput, fn func(*ListResourceRecordSetsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListResourceRecordSetsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListResourceRecordSetsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListResourceRecordSetsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListReusableDelegationSets = "ListReusableDelegationSets" - -// ListReusableDelegationSetsRequest generates a "aws/request.Request" representing the -// client's request for the ListReusableDelegationSets operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListReusableDelegationSets for more information on using the ListReusableDelegationSets -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListReusableDelegationSetsRequest method. -// req, resp := client.ListReusableDelegationSetsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListReusableDelegationSets -func (c *Route53) ListReusableDelegationSetsRequest(input *ListReusableDelegationSetsInput) (req *request.Request, output *ListReusableDelegationSetsOutput) { - op := &request.Operation{ - Name: opListReusableDelegationSets, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/delegationset", - } - - if input == nil { - input = &ListReusableDelegationSetsInput{} - } - - output = &ListReusableDelegationSetsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListReusableDelegationSets API operation for Amazon Route 53. -// -// Retrieves a list of the reusable delegation sets that are associated with -// the current Amazon Web Services account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListReusableDelegationSets for usage and error information. -// -// Returned Error Codes: -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListReusableDelegationSets -func (c *Route53) ListReusableDelegationSets(input *ListReusableDelegationSetsInput) (*ListReusableDelegationSetsOutput, error) { - req, out := c.ListReusableDelegationSetsRequest(input) - return out, req.Send() -} - -// ListReusableDelegationSetsWithContext is the same as ListReusableDelegationSets with the addition of -// the ability to pass a context and additional request options. -// -// See ListReusableDelegationSets for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListReusableDelegationSetsWithContext(ctx aws.Context, input *ListReusableDelegationSetsInput, opts ...request.Option) (*ListReusableDelegationSetsOutput, error) { - req, out := c.ListReusableDelegationSetsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListTagsForResource = "ListTagsForResource" - -// ListTagsForResourceRequest generates a "aws/request.Request" representing the -// client's request for the ListTagsForResource operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListTagsForResource for more information on using the ListTagsForResource -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListTagsForResourceRequest method. -// req, resp := client.ListTagsForResourceRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTagsForResource -func (c *Route53) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { - op := &request.Operation{ - Name: opListTagsForResource, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/tags/{ResourceType}/{ResourceId}", - } - - if input == nil { - input = &ListTagsForResourceInput{} - } - - output = &ListTagsForResourceOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListTagsForResource API operation for Amazon Route 53. -// -// Lists tags for one health check or hosted zone. -// -// For information about using tags for cost allocation, see Using Cost Allocation -// Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) -// in the Billing and Cost Management User Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListTagsForResource for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// - ErrCodeThrottlingException "ThrottlingException" -// The limit on the number of requests per second was exceeded. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTagsForResource -func (c *Route53) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) - return out, req.Send() -} - -// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of -// the ability to pass a context and additional request options. -// -// See ListTagsForResource for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListTagsForResources = "ListTagsForResources" - -// ListTagsForResourcesRequest generates a "aws/request.Request" representing the -// client's request for the ListTagsForResources operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListTagsForResources for more information on using the ListTagsForResources -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListTagsForResourcesRequest method. -// req, resp := client.ListTagsForResourcesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTagsForResources -func (c *Route53) ListTagsForResourcesRequest(input *ListTagsForResourcesInput) (req *request.Request, output *ListTagsForResourcesOutput) { - op := &request.Operation{ - Name: opListTagsForResources, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/tags/{ResourceType}", - } - - if input == nil { - input = &ListTagsForResourcesInput{} - } - - output = &ListTagsForResourcesOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListTagsForResources API operation for Amazon Route 53. -// -// Lists tags for up to 10 health checks or hosted zones. -// -// For information about using tags for cost allocation, see Using Cost Allocation -// Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) -// in the Billing and Cost Management User Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListTagsForResources for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// - ErrCodeThrottlingException "ThrottlingException" -// The limit on the number of requests per second was exceeded. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTagsForResources -func (c *Route53) ListTagsForResources(input *ListTagsForResourcesInput) (*ListTagsForResourcesOutput, error) { - req, out := c.ListTagsForResourcesRequest(input) - return out, req.Send() -} - -// ListTagsForResourcesWithContext is the same as ListTagsForResources with the addition of -// the ability to pass a context and additional request options. -// -// See ListTagsForResources for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListTagsForResourcesWithContext(ctx aws.Context, input *ListTagsForResourcesInput, opts ...request.Option) (*ListTagsForResourcesOutput, error) { - req, out := c.ListTagsForResourcesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListTrafficPolicies = "ListTrafficPolicies" - -// ListTrafficPoliciesRequest generates a "aws/request.Request" representing the -// client's request for the ListTrafficPolicies operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListTrafficPolicies for more information on using the ListTrafficPolicies -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListTrafficPoliciesRequest method. -// req, resp := client.ListTrafficPoliciesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicies -func (c *Route53) ListTrafficPoliciesRequest(input *ListTrafficPoliciesInput) (req *request.Request, output *ListTrafficPoliciesOutput) { - op := &request.Operation{ - Name: opListTrafficPolicies, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/trafficpolicies", - } - - if input == nil { - input = &ListTrafficPoliciesInput{} - } - - output = &ListTrafficPoliciesOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListTrafficPolicies API operation for Amazon Route 53. -// -// Gets information about the latest version for every traffic policy that is -// associated with the current Amazon Web Services account. Policies are listed -// in the order that they were created in. -// -// For information about how of deleting a traffic policy affects the response -// from ListTrafficPolicies, see DeleteTrafficPolicy (https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicy.html). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListTrafficPolicies for usage and error information. -// -// Returned Error Codes: -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicies -func (c *Route53) ListTrafficPolicies(input *ListTrafficPoliciesInput) (*ListTrafficPoliciesOutput, error) { - req, out := c.ListTrafficPoliciesRequest(input) - return out, req.Send() -} - -// ListTrafficPoliciesWithContext is the same as ListTrafficPolicies with the addition of -// the ability to pass a context and additional request options. -// -// See ListTrafficPolicies for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListTrafficPoliciesWithContext(ctx aws.Context, input *ListTrafficPoliciesInput, opts ...request.Option) (*ListTrafficPoliciesOutput, error) { - req, out := c.ListTrafficPoliciesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListTrafficPolicyInstances = "ListTrafficPolicyInstances" - -// ListTrafficPolicyInstancesRequest generates a "aws/request.Request" representing the -// client's request for the ListTrafficPolicyInstances operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListTrafficPolicyInstances for more information on using the ListTrafficPolicyInstances -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListTrafficPolicyInstancesRequest method. -// req, resp := client.ListTrafficPolicyInstancesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicyInstances -func (c *Route53) ListTrafficPolicyInstancesRequest(input *ListTrafficPolicyInstancesInput) (req *request.Request, output *ListTrafficPolicyInstancesOutput) { - op := &request.Operation{ - Name: opListTrafficPolicyInstances, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/trafficpolicyinstances", - } - - if input == nil { - input = &ListTrafficPolicyInstancesInput{} - } - - output = &ListTrafficPolicyInstancesOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListTrafficPolicyInstances API operation for Amazon Route 53. -// -// Gets information about the traffic policy instances that you created by using -// the current Amazon Web Services account. -// -// After you submit an UpdateTrafficPolicyInstance request, there's a brief -// delay while Amazon Route 53 creates the resource record sets that are specified -// in the traffic policy definition. For more information, see the State response -// element. -// -// Route 53 returns a maximum of 100 items in each response. If you have a lot -// of traffic policy instances, you can use the MaxItems parameter to list them -// in groups of up to 100. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListTrafficPolicyInstances for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchTrafficPolicyInstance "NoSuchTrafficPolicyInstance" -// No traffic policy instance exists with the specified ID. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicyInstances -func (c *Route53) ListTrafficPolicyInstances(input *ListTrafficPolicyInstancesInput) (*ListTrafficPolicyInstancesOutput, error) { - req, out := c.ListTrafficPolicyInstancesRequest(input) - return out, req.Send() -} - -// ListTrafficPolicyInstancesWithContext is the same as ListTrafficPolicyInstances with the addition of -// the ability to pass a context and additional request options. -// -// See ListTrafficPolicyInstances for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListTrafficPolicyInstancesWithContext(ctx aws.Context, input *ListTrafficPolicyInstancesInput, opts ...request.Option) (*ListTrafficPolicyInstancesOutput, error) { - req, out := c.ListTrafficPolicyInstancesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListTrafficPolicyInstancesByHostedZone = "ListTrafficPolicyInstancesByHostedZone" - -// ListTrafficPolicyInstancesByHostedZoneRequest generates a "aws/request.Request" representing the -// client's request for the ListTrafficPolicyInstancesByHostedZone operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListTrafficPolicyInstancesByHostedZone for more information on using the ListTrafficPolicyInstancesByHostedZone -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListTrafficPolicyInstancesByHostedZoneRequest method. -// req, resp := client.ListTrafficPolicyInstancesByHostedZoneRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicyInstancesByHostedZone -func (c *Route53) ListTrafficPolicyInstancesByHostedZoneRequest(input *ListTrafficPolicyInstancesByHostedZoneInput) (req *request.Request, output *ListTrafficPolicyInstancesByHostedZoneOutput) { - op := &request.Operation{ - Name: opListTrafficPolicyInstancesByHostedZone, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/trafficpolicyinstances/hostedzone", - } - - if input == nil { - input = &ListTrafficPolicyInstancesByHostedZoneInput{} - } - - output = &ListTrafficPolicyInstancesByHostedZoneOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListTrafficPolicyInstancesByHostedZone API operation for Amazon Route 53. -// -// Gets information about the traffic policy instances that you created in a -// specified hosted zone. -// -// After you submit a CreateTrafficPolicyInstance or an UpdateTrafficPolicyInstance -// request, there's a brief delay while Amazon Route 53 creates the resource -// record sets that are specified in the traffic policy definition. For more -// information, see the State response element. -// -// Route 53 returns a maximum of 100 items in each response. If you have a lot -// of traffic policy instances, you can use the MaxItems parameter to list them -// in groups of up to 100. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListTrafficPolicyInstancesByHostedZone for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchTrafficPolicyInstance "NoSuchTrafficPolicyInstance" -// No traffic policy instance exists with the specified ID. -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicyInstancesByHostedZone -func (c *Route53) ListTrafficPolicyInstancesByHostedZone(input *ListTrafficPolicyInstancesByHostedZoneInput) (*ListTrafficPolicyInstancesByHostedZoneOutput, error) { - req, out := c.ListTrafficPolicyInstancesByHostedZoneRequest(input) - return out, req.Send() -} - -// ListTrafficPolicyInstancesByHostedZoneWithContext is the same as ListTrafficPolicyInstancesByHostedZone with the addition of -// the ability to pass a context and additional request options. -// -// See ListTrafficPolicyInstancesByHostedZone for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListTrafficPolicyInstancesByHostedZoneWithContext(ctx aws.Context, input *ListTrafficPolicyInstancesByHostedZoneInput, opts ...request.Option) (*ListTrafficPolicyInstancesByHostedZoneOutput, error) { - req, out := c.ListTrafficPolicyInstancesByHostedZoneRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListTrafficPolicyInstancesByPolicy = "ListTrafficPolicyInstancesByPolicy" - -// ListTrafficPolicyInstancesByPolicyRequest generates a "aws/request.Request" representing the -// client's request for the ListTrafficPolicyInstancesByPolicy operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListTrafficPolicyInstancesByPolicy for more information on using the ListTrafficPolicyInstancesByPolicy -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListTrafficPolicyInstancesByPolicyRequest method. -// req, resp := client.ListTrafficPolicyInstancesByPolicyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicyInstancesByPolicy -func (c *Route53) ListTrafficPolicyInstancesByPolicyRequest(input *ListTrafficPolicyInstancesByPolicyInput) (req *request.Request, output *ListTrafficPolicyInstancesByPolicyOutput) { - op := &request.Operation{ - Name: opListTrafficPolicyInstancesByPolicy, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/trafficpolicyinstances/trafficpolicy", - } - - if input == nil { - input = &ListTrafficPolicyInstancesByPolicyInput{} - } - - output = &ListTrafficPolicyInstancesByPolicyOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListTrafficPolicyInstancesByPolicy API operation for Amazon Route 53. -// -// Gets information about the traffic policy instances that you created by using -// a specify traffic policy version. -// -// After you submit a CreateTrafficPolicyInstance or an UpdateTrafficPolicyInstance -// request, there's a brief delay while Amazon Route 53 creates the resource -// record sets that are specified in the traffic policy definition. For more -// information, see the State response element. -// -// Route 53 returns a maximum of 100 items in each response. If you have a lot -// of traffic policy instances, you can use the MaxItems parameter to list them -// in groups of up to 100. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListTrafficPolicyInstancesByPolicy for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchTrafficPolicyInstance "NoSuchTrafficPolicyInstance" -// No traffic policy instance exists with the specified ID. -// -// - ErrCodeNoSuchTrafficPolicy "NoSuchTrafficPolicy" -// No traffic policy exists with the specified ID. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicyInstancesByPolicy -func (c *Route53) ListTrafficPolicyInstancesByPolicy(input *ListTrafficPolicyInstancesByPolicyInput) (*ListTrafficPolicyInstancesByPolicyOutput, error) { - req, out := c.ListTrafficPolicyInstancesByPolicyRequest(input) - return out, req.Send() -} - -// ListTrafficPolicyInstancesByPolicyWithContext is the same as ListTrafficPolicyInstancesByPolicy with the addition of -// the ability to pass a context and additional request options. -// -// See ListTrafficPolicyInstancesByPolicy for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListTrafficPolicyInstancesByPolicyWithContext(ctx aws.Context, input *ListTrafficPolicyInstancesByPolicyInput, opts ...request.Option) (*ListTrafficPolicyInstancesByPolicyOutput, error) { - req, out := c.ListTrafficPolicyInstancesByPolicyRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListTrafficPolicyVersions = "ListTrafficPolicyVersions" - -// ListTrafficPolicyVersionsRequest generates a "aws/request.Request" representing the -// client's request for the ListTrafficPolicyVersions operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListTrafficPolicyVersions for more information on using the ListTrafficPolicyVersions -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListTrafficPolicyVersionsRequest method. -// req, resp := client.ListTrafficPolicyVersionsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicyVersions -func (c *Route53) ListTrafficPolicyVersionsRequest(input *ListTrafficPolicyVersionsInput) (req *request.Request, output *ListTrafficPolicyVersionsOutput) { - op := &request.Operation{ - Name: opListTrafficPolicyVersions, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/trafficpolicies/{Id}/versions", - } - - if input == nil { - input = &ListTrafficPolicyVersionsInput{} - } - - output = &ListTrafficPolicyVersionsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListTrafficPolicyVersions API operation for Amazon Route 53. -// -// Gets information about all of the versions for a specified traffic policy. -// -// Traffic policy versions are listed in numerical order by VersionNumber. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListTrafficPolicyVersions for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchTrafficPolicy "NoSuchTrafficPolicy" -// No traffic policy exists with the specified ID. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListTrafficPolicyVersions -func (c *Route53) ListTrafficPolicyVersions(input *ListTrafficPolicyVersionsInput) (*ListTrafficPolicyVersionsOutput, error) { - req, out := c.ListTrafficPolicyVersionsRequest(input) - return out, req.Send() -} - -// ListTrafficPolicyVersionsWithContext is the same as ListTrafficPolicyVersions with the addition of -// the ability to pass a context and additional request options. -// -// See ListTrafficPolicyVersions for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListTrafficPolicyVersionsWithContext(ctx aws.Context, input *ListTrafficPolicyVersionsInput, opts ...request.Option) (*ListTrafficPolicyVersionsOutput, error) { - req, out := c.ListTrafficPolicyVersionsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListVPCAssociationAuthorizations = "ListVPCAssociationAuthorizations" - -// ListVPCAssociationAuthorizationsRequest generates a "aws/request.Request" representing the -// client's request for the ListVPCAssociationAuthorizations operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListVPCAssociationAuthorizations for more information on using the ListVPCAssociationAuthorizations -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListVPCAssociationAuthorizationsRequest method. -// req, resp := client.ListVPCAssociationAuthorizationsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListVPCAssociationAuthorizations -func (c *Route53) ListVPCAssociationAuthorizationsRequest(input *ListVPCAssociationAuthorizationsInput) (req *request.Request, output *ListVPCAssociationAuthorizationsOutput) { - op := &request.Operation{ - Name: opListVPCAssociationAuthorizations, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/hostedzone/{Id}/authorizevpcassociation", - } - - if input == nil { - input = &ListVPCAssociationAuthorizationsInput{} - } - - output = &ListVPCAssociationAuthorizationsOutput{} - req = c.newRequest(op, input, output) - return -} - -// ListVPCAssociationAuthorizations API operation for Amazon Route 53. -// -// Gets a list of the VPCs that were created by other accounts and that can -// be associated with a specified hosted zone because you've submitted one or -// more CreateVPCAssociationAuthorization requests. -// -// The response includes a VPCs element with a VPC child element for each VPC -// that can be associated with the hosted zone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation ListVPCAssociationAuthorizations for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeInvalidPaginationToken "InvalidPaginationToken" -// The value that you specified to get the second or subsequent page of results -// is invalid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/ListVPCAssociationAuthorizations -func (c *Route53) ListVPCAssociationAuthorizations(input *ListVPCAssociationAuthorizationsInput) (*ListVPCAssociationAuthorizationsOutput, error) { - req, out := c.ListVPCAssociationAuthorizationsRequest(input) - return out, req.Send() -} - -// ListVPCAssociationAuthorizationsWithContext is the same as ListVPCAssociationAuthorizations with the addition of -// the ability to pass a context and additional request options. -// -// See ListVPCAssociationAuthorizations for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) ListVPCAssociationAuthorizationsWithContext(ctx aws.Context, input *ListVPCAssociationAuthorizationsInput, opts ...request.Option) (*ListVPCAssociationAuthorizationsOutput, error) { - req, out := c.ListVPCAssociationAuthorizationsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opTestDNSAnswer = "TestDNSAnswer" - -// TestDNSAnswerRequest generates a "aws/request.Request" representing the -// client's request for the TestDNSAnswer operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See TestDNSAnswer for more information on using the TestDNSAnswer -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the TestDNSAnswerRequest method. -// req, resp := client.TestDNSAnswerRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/TestDNSAnswer -func (c *Route53) TestDNSAnswerRequest(input *TestDNSAnswerInput) (req *request.Request, output *TestDNSAnswerOutput) { - op := &request.Operation{ - Name: opTestDNSAnswer, - HTTPMethod: "GET", - HTTPPath: "/2013-04-01/testdnsanswer", - } - - if input == nil { - input = &TestDNSAnswerInput{} - } - - output = &TestDNSAnswerOutput{} - req = c.newRequest(op, input, output) - return -} - -// TestDNSAnswer API operation for Amazon Route 53. -// -// Gets the value that Amazon Route 53 returns in response to a DNS request -// for a specified record name and type. You can optionally specify the IP address -// of a DNS resolver, an EDNS0 client subnet IP address, and a subnet mask. -// -// This call only supports querying public hosted zones. -// -// The TestDnsAnswer returns information similar to what you would expect from -// the answer section of the dig command. Therefore, if you query for the name -// servers of a subdomain that point to the parent name servers, those will -// not be returned. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation TestDNSAnswer for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/TestDNSAnswer -func (c *Route53) TestDNSAnswer(input *TestDNSAnswerInput) (*TestDNSAnswerOutput, error) { - req, out := c.TestDNSAnswerRequest(input) - return out, req.Send() -} - -// TestDNSAnswerWithContext is the same as TestDNSAnswer with the addition of -// the ability to pass a context and additional request options. -// -// See TestDNSAnswer for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) TestDNSAnswerWithContext(ctx aws.Context, input *TestDNSAnswerInput, opts ...request.Option) (*TestDNSAnswerOutput, error) { - req, out := c.TestDNSAnswerRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opUpdateHealthCheck = "UpdateHealthCheck" - -// UpdateHealthCheckRequest generates a "aws/request.Request" representing the -// client's request for the UpdateHealthCheck operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See UpdateHealthCheck for more information on using the UpdateHealthCheck -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the UpdateHealthCheckRequest method. -// req, resp := client.UpdateHealthCheckRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateHealthCheck -func (c *Route53) UpdateHealthCheckRequest(input *UpdateHealthCheckInput) (req *request.Request, output *UpdateHealthCheckOutput) { - op := &request.Operation{ - Name: opUpdateHealthCheck, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/healthcheck/{HealthCheckId}", - } - - if input == nil { - input = &UpdateHealthCheckInput{} - } - - output = &UpdateHealthCheckOutput{} - req = c.newRequest(op, input, output) - return -} - -// UpdateHealthCheck API operation for Amazon Route 53. -// -// Updates an existing health check. Note that some values can't be updated. -// -// For more information about updating health checks, see Creating, Updating, -// and Deleting Health Checks (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/health-checks-creating-deleting.html) -// in the Amazon Route 53 Developer Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation UpdateHealthCheck for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHealthCheck "NoSuchHealthCheck" -// No health check exists with the specified ID. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeHealthCheckVersionMismatch "HealthCheckVersionMismatch" -// The value of HealthCheckVersion in the request doesn't match the value of -// HealthCheckVersion in the health check. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateHealthCheck -func (c *Route53) UpdateHealthCheck(input *UpdateHealthCheckInput) (*UpdateHealthCheckOutput, error) { - req, out := c.UpdateHealthCheckRequest(input) - return out, req.Send() -} - -// UpdateHealthCheckWithContext is the same as UpdateHealthCheck with the addition of -// the ability to pass a context and additional request options. -// -// See UpdateHealthCheck for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) UpdateHealthCheckWithContext(ctx aws.Context, input *UpdateHealthCheckInput, opts ...request.Option) (*UpdateHealthCheckOutput, error) { - req, out := c.UpdateHealthCheckRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opUpdateHostedZoneComment = "UpdateHostedZoneComment" - -// UpdateHostedZoneCommentRequest generates a "aws/request.Request" representing the -// client's request for the UpdateHostedZoneComment operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See UpdateHostedZoneComment for more information on using the UpdateHostedZoneComment -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the UpdateHostedZoneCommentRequest method. -// req, resp := client.UpdateHostedZoneCommentRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateHostedZoneComment -func (c *Route53) UpdateHostedZoneCommentRequest(input *UpdateHostedZoneCommentInput) (req *request.Request, output *UpdateHostedZoneCommentOutput) { - op := &request.Operation{ - Name: opUpdateHostedZoneComment, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/hostedzone/{Id}", - } - - if input == nil { - input = &UpdateHostedZoneCommentInput{} - } - - output = &UpdateHostedZoneCommentOutput{} - req = c.newRequest(op, input, output) - return -} - -// UpdateHostedZoneComment API operation for Amazon Route 53. -// -// Updates the comment for a specified hosted zone. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation UpdateHostedZoneComment for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeNoSuchHostedZone "NoSuchHostedZone" -// No hosted zone exists with the ID that you specified. -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateHostedZoneComment -func (c *Route53) UpdateHostedZoneComment(input *UpdateHostedZoneCommentInput) (*UpdateHostedZoneCommentOutput, error) { - req, out := c.UpdateHostedZoneCommentRequest(input) - return out, req.Send() -} - -// UpdateHostedZoneCommentWithContext is the same as UpdateHostedZoneComment with the addition of -// the ability to pass a context and additional request options. -// -// See UpdateHostedZoneComment for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) UpdateHostedZoneCommentWithContext(ctx aws.Context, input *UpdateHostedZoneCommentInput, opts ...request.Option) (*UpdateHostedZoneCommentOutput, error) { - req, out := c.UpdateHostedZoneCommentRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opUpdateTrafficPolicyComment = "UpdateTrafficPolicyComment" - -// UpdateTrafficPolicyCommentRequest generates a "aws/request.Request" representing the -// client's request for the UpdateTrafficPolicyComment operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See UpdateTrafficPolicyComment for more information on using the UpdateTrafficPolicyComment -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the UpdateTrafficPolicyCommentRequest method. -// req, resp := client.UpdateTrafficPolicyCommentRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateTrafficPolicyComment -func (c *Route53) UpdateTrafficPolicyCommentRequest(input *UpdateTrafficPolicyCommentInput) (req *request.Request, output *UpdateTrafficPolicyCommentOutput) { - op := &request.Operation{ - Name: opUpdateTrafficPolicyComment, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/trafficpolicy/{Id}/{Version}", - } - - if input == nil { - input = &UpdateTrafficPolicyCommentInput{} - } - - output = &UpdateTrafficPolicyCommentOutput{} - req = c.newRequest(op, input, output) - return -} - -// UpdateTrafficPolicyComment API operation for Amazon Route 53. -// -// Updates the comment for a specified traffic policy version. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation UpdateTrafficPolicyComment for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchTrafficPolicy "NoSuchTrafficPolicy" -// No traffic policy exists with the specified ID. -// -// - ErrCodeConcurrentModification "ConcurrentModification" -// Another user submitted a request to create, update, or delete the object -// at the same time that you did. Retry the request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateTrafficPolicyComment -func (c *Route53) UpdateTrafficPolicyComment(input *UpdateTrafficPolicyCommentInput) (*UpdateTrafficPolicyCommentOutput, error) { - req, out := c.UpdateTrafficPolicyCommentRequest(input) - return out, req.Send() -} - -// UpdateTrafficPolicyCommentWithContext is the same as UpdateTrafficPolicyComment with the addition of -// the ability to pass a context and additional request options. -// -// See UpdateTrafficPolicyComment for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) UpdateTrafficPolicyCommentWithContext(ctx aws.Context, input *UpdateTrafficPolicyCommentInput, opts ...request.Option) (*UpdateTrafficPolicyCommentOutput, error) { - req, out := c.UpdateTrafficPolicyCommentRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opUpdateTrafficPolicyInstance = "UpdateTrafficPolicyInstance" - -// UpdateTrafficPolicyInstanceRequest generates a "aws/request.Request" representing the -// client's request for the UpdateTrafficPolicyInstance operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See UpdateTrafficPolicyInstance for more information on using the UpdateTrafficPolicyInstance -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the UpdateTrafficPolicyInstanceRequest method. -// req, resp := client.UpdateTrafficPolicyInstanceRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateTrafficPolicyInstance -func (c *Route53) UpdateTrafficPolicyInstanceRequest(input *UpdateTrafficPolicyInstanceInput) (req *request.Request, output *UpdateTrafficPolicyInstanceOutput) { - op := &request.Operation{ - Name: opUpdateTrafficPolicyInstance, - HTTPMethod: "POST", - HTTPPath: "/2013-04-01/trafficpolicyinstance/{Id}", - } - - if input == nil { - input = &UpdateTrafficPolicyInstanceInput{} - } - - output = &UpdateTrafficPolicyInstanceOutput{} - req = c.newRequest(op, input, output) - return -} - -// UpdateTrafficPolicyInstance API operation for Amazon Route 53. -// -// After you submit a UpdateTrafficPolicyInstance request, there's a brief delay -// while Route 53 creates the resource record sets that are specified in the -// traffic policy definition. Use GetTrafficPolicyInstance with the id of updated -// traffic policy instance confirm that the UpdateTrafficPolicyInstance request -// completed successfully. For more information, see the State response element. -// -// Updates the resource record sets in a specified hosted zone that were created -// based on the settings in a specified traffic policy version. -// -// When you update a traffic policy instance, Amazon Route 53 continues to respond -// to DNS queries for the root resource record set name (such as example.com) -// while it replaces one group of resource record sets with another. Route 53 -// performs the following operations: -// -// Route 53 creates a new group of resource record sets based on the specified -// traffic policy. This is true regardless of how significant the differences -// are between the existing resource record sets and the new resource record -// sets. -// -// When all of the new resource record sets have been created, Route 53 starts -// to respond to DNS queries for the root resource record set name (such as -// example.com) by using the new resource record sets. -// -// Route 53 deletes the old group of resource record sets that are associated -// with the root resource record set name. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon Route 53's -// API operation UpdateTrafficPolicyInstance for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeInvalidInput "InvalidInput" -// The input is not valid. -// -// - ErrCodeNoSuchTrafficPolicy "NoSuchTrafficPolicy" -// No traffic policy exists with the specified ID. -// -// - ErrCodeNoSuchTrafficPolicyInstance "NoSuchTrafficPolicyInstance" -// No traffic policy instance exists with the specified ID. -// -// - ErrCodePriorRequestNotComplete "PriorRequestNotComplete" -// If Amazon Route 53 can't process a request before the next request arrives, -// it will reject subsequent requests for the same hosted zone and return an -// HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for -// the same request, we recommend that you wait, in intervals of increasing -// duration, before you try the request again. -// -// - ErrCodeConflictingTypes "ConflictingTypes" -// You tried to update a traffic policy instance by using a traffic policy version -// that has a different DNS type than the current type for the instance. You -// specified the type in the JSON document in the CreateTrafficPolicy or CreateTrafficPolicyVersionrequest. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01/UpdateTrafficPolicyInstance -func (c *Route53) UpdateTrafficPolicyInstance(input *UpdateTrafficPolicyInstanceInput) (*UpdateTrafficPolicyInstanceOutput, error) { - req, out := c.UpdateTrafficPolicyInstanceRequest(input) - return out, req.Send() -} - -// UpdateTrafficPolicyInstanceWithContext is the same as UpdateTrafficPolicyInstance with the addition of -// the ability to pass a context and additional request options. -// -// See UpdateTrafficPolicyInstance for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) UpdateTrafficPolicyInstanceWithContext(ctx aws.Context, input *UpdateTrafficPolicyInstanceInput, opts ...request.Option) (*UpdateTrafficPolicyInstanceOutput, error) { - req, out := c.UpdateTrafficPolicyInstanceRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// A complex type that contains the type of limit that you specified in the -// request and the current value for that limit. -type AccountLimit struct { - _ struct{} `type:"structure"` - - // The limit that you requested. Valid values include the following: - // - // * MAX_HEALTH_CHECKS_BY_OWNER: The maximum number of health checks that - // you can create using the current account. - // - // * MAX_HOSTED_ZONES_BY_OWNER: The maximum number of hosted zones that you - // can create using the current account. - // - // * MAX_REUSABLE_DELEGATION_SETS_BY_OWNER: The maximum number of reusable - // delegation sets that you can create using the current account. - // - // * MAX_TRAFFIC_POLICIES_BY_OWNER: The maximum number of traffic policies - // that you can create using the current account. - // - // * MAX_TRAFFIC_POLICY_INSTANCES_BY_OWNER: The maximum number of traffic - // policy instances that you can create using the current account. (Traffic - // policy instances are referred to as traffic flow policy records in the - // Amazon Route 53 console.) - // - // Type is a required field - Type *string `type:"string" required:"true" enum:"AccountLimitType"` - - // The current value for the limit that is specified by Type (https://docs.aws.amazon.com/Route53/latest/APIReference/API_AccountLimit.html#Route53-Type-AccountLimit-Type). - // - // Value is a required field - Value *int64 `min:"1" type:"long" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccountLimit) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccountLimit) GoString() string { - return s.String() -} - -// SetType sets the Type field's value. -func (s *AccountLimit) SetType(v string) *AccountLimit { - s.Type = &v - return s -} - -// SetValue sets the Value field's value. -func (s *AccountLimit) SetValue(v int64) *AccountLimit { - s.Value = &v - return s -} - -type ActivateKeySigningKeyInput struct { - _ struct{} `locationName:"ActivateKeySigningKeyRequest" type:"structure"` - - // A unique string used to identify a hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"HostedZoneId" type:"string" required:"true"` - - // A string used to identify a key-signing key (KSK). Name can include numbers, - // letters, and underscores (_). Name must be unique for each key-signing key - // in the same hosted zone. - // - // Name is a required field - Name *string `location:"uri" locationName:"Name" min:"3" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ActivateKeySigningKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ActivateKeySigningKeyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ActivateKeySigningKeyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ActivateKeySigningKeyInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Name != nil && len(*s.Name) < 3 { - invalidParams.Add(request.NewErrParamMinLen("Name", 3)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ActivateKeySigningKeyInput) SetHostedZoneId(v string) *ActivateKeySigningKeyInput { - s.HostedZoneId = &v - return s -} - -// SetName sets the Name field's value. -func (s *ActivateKeySigningKeyInput) SetName(v string) *ActivateKeySigningKeyInput { - s.Name = &v - return s -} - -type ActivateKeySigningKeyOutput struct { - _ struct{} `type:"structure"` - - // A complex type that describes change information about changes made to your - // hosted zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ActivateKeySigningKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ActivateKeySigningKeyOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *ActivateKeySigningKeyOutput) SetChangeInfo(v *ChangeInfo) *ActivateKeySigningKeyOutput { - s.ChangeInfo = v - return s -} - -// A complex type that identifies the CloudWatch alarm that you want Amazon -// Route 53 health checkers to use to determine whether the specified health -// check is healthy. -type AlarmIdentifier struct { - _ struct{} `type:"structure"` - - // The name of the CloudWatch alarm that you want Amazon Route 53 health checkers - // to use to determine whether this health check is healthy. - // - // Route 53 supports CloudWatch alarms with the following features: - // - // * Standard-resolution metrics. High-resolution metrics aren't supported. - // For more information, see High-Resolution Metrics (https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) - // in the Amazon CloudWatch User Guide. - // - // * Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended - // statistics aren't supported. - // - // Name is a required field - Name *string `min:"1" type:"string" required:"true"` - - // For the CloudWatch alarm that you want Route 53 health checkers to use to - // determine whether this health check is healthy, the region that the alarm - // was created in. - // - // For the current list of CloudWatch regions, see Amazon CloudWatch endpoints - // and quotas (https://docs.aws.amazon.com/general/latest/gr/cw_region.html) - // in the Amazon Web Services General Reference. - // - // Region is a required field - Region *string `min:"1" type:"string" required:"true" enum:"CloudWatchRegion"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AlarmIdentifier) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AlarmIdentifier) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *AlarmIdentifier) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AlarmIdentifier"} - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Name != nil && len(*s.Name) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Name", 1)) - } - if s.Region == nil { - invalidParams.Add(request.NewErrParamRequired("Region")) - } - if s.Region != nil && len(*s.Region) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Region", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetName sets the Name field's value. -func (s *AlarmIdentifier) SetName(v string) *AlarmIdentifier { - s.Name = &v - return s -} - -// SetRegion sets the Region field's value. -func (s *AlarmIdentifier) SetRegion(v string) *AlarmIdentifier { - s.Region = &v - return s -} - -// Alias resource record sets only: Information about the Amazon Web Services -// resource, such as a CloudFront distribution or an Amazon S3 bucket, that -// you want to route traffic to. -// -// When creating resource record sets for a private hosted zone, note the following: -// -// - For information about creating failover resource record sets in a private -// hosted zone, see Configuring Failover in a Private Hosted Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html). -type AliasTarget struct { - _ struct{} `type:"structure"` - - // Alias resource record sets only: The value that you specify depends on where - // you want to route queries: - // - // Amazon API Gateway custom regional APIs and edge-optimized APIs - // - // Specify the applicable domain name for your API. You can get the applicable - // value using the CLI command get-domain-names (https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html): - // - // * For regional APIs, specify the value of regionalDomainName. - // - // * For edge-optimized APIs, specify the value of distributionDomainName. - // This is the name of the associated CloudFront distribution, such as da1b2c3d4e5.cloudfront.net. - // - // The name of the record that you're creating must match a custom domain name - // for your API, such as api.example.com. - // - // Amazon Virtual Private Cloud interface VPC endpoint - // - // Enter the API endpoint for the interface endpoint, such as vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com. - // For edge-optimized APIs, this is the domain name for the corresponding CloudFront - // distribution. You can get the value of DnsName using the CLI command describe-vpc-endpoints - // (https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html). - // - // CloudFront distribution - // - // Specify the domain name that CloudFront assigned when you created your distribution. - // - // Your CloudFront distribution must include an alternate domain name that matches - // the name of the resource record set. For example, if the name of the resource - // record set is acme.example.com, your CloudFront distribution must include - // acme.example.com as one of the alternate domain names. For more information, - // see Using Alternate Domain Names (CNAMEs) (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) - // in the Amazon CloudFront Developer Guide. - // - // You can't create a resource record set in a private hosted zone to route - // traffic to a CloudFront distribution. - // - // For failover alias records, you can't specify a CloudFront distribution for - // both the primary and secondary records. A distribution must include an alternate - // domain name that matches the name of the record. However, the primary and - // secondary records have the same name, and you can't include the same alternate - // domain name in more than one distribution. - // - // Elastic Beanstalk environment - // - // If the domain name for your Elastic Beanstalk environment includes the region - // that you deployed the environment in, you can create an alias record that - // routes traffic to the environment. For example, the domain name my-environment.us-west-2.elasticbeanstalk.com - // is a regionalized domain name. - // - // For environments that were created before early 2016, the domain name doesn't - // include the region. To route traffic to these environments, you must create - // a CNAME record instead of an alias record. Note that you can't create a CNAME - // record for the root domain name. For example, if your domain name is example.com, - // you can create a record that routes traffic for acme.example.com to your - // Elastic Beanstalk environment, but you can't create a record that routes - // traffic for example.com to your Elastic Beanstalk environment. - // - // For Elastic Beanstalk environments that have regionalized subdomains, specify - // the CNAME attribute for the environment. You can use the following methods - // to get the value of the CNAME attribute: - // - // * Amazon Web Services Management Console: For information about how to - // get the value by using the console, see Using Custom Domains with Elastic - // Beanstalk (https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) - // in the Elastic Beanstalk Developer Guide. - // - // * Elastic Beanstalk API: Use the DescribeEnvironments action to get the - // value of the CNAME attribute. For more information, see DescribeEnvironments - // (https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) - // in the Elastic Beanstalk API Reference. - // - // * CLI: Use the describe-environments command to get the value of the CNAME - // attribute. For more information, see describe-environments (https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) - // in the CLI Command Reference. - // - // ELB load balancer - // - // Specify the DNS name that is associated with the load balancer. Get the DNS - // name by using the Amazon Web Services Management Console, the ELB API, or - // the CLI. - // - // * Amazon Web Services Management Console: Go to the EC2 page, choose Load - // Balancers in the navigation pane, choose the load balancer, choose the - // Description tab, and get the value of the DNS name field. If you're routing - // traffic to a Classic Load Balancer, get the value that begins with dualstack. - // If you're routing traffic to another type of load balancer, get the value - // that applies to the record type, A or AAAA. - // - // * Elastic Load Balancing API: Use DescribeLoadBalancers to get the value - // of DNSName. For more information, see the applicable guide: Classic Load - // Balancers: DescribeLoadBalancers (https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) - // Application and Network Load Balancers: DescribeLoadBalancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) - // - // * CLI: Use describe-load-balancers to get the value of DNSName. For more - // information, see the applicable guide: Classic Load Balancers: describe-load-balancers - // (http://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) - // Application and Network Load Balancers: describe-load-balancers (http://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) - // - // Global Accelerator accelerator - // - // Specify the DNS name for your accelerator: - // - // * Global Accelerator API: To get the DNS name, use DescribeAccelerator - // (https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html). - // - // * CLI: To get the DNS name, use describe-accelerator (https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html). - // - // Amazon S3 bucket that is configured as a static website - // - // Specify the domain name of the Amazon S3 website endpoint that you created - // the bucket in, for example, s3-website.us-east-2.amazonaws.com. For more - // information about valid values, see the table Amazon S3 Website Endpoints - // (https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) - // in the Amazon Web Services General Reference. For more information about - // using S3 buckets for websites, see Getting Started with Amazon Route 53 (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) - // in the Amazon Route 53 Developer Guide. - // - // Another Route 53 resource record set - // - // Specify the value of the Name element for a resource record set in the current - // hosted zone. - // - // If you're creating an alias record that has the same name as the hosted zone - // (known as the zone apex), you can't specify the domain name for a record - // for which the value of Type is CNAME. This is because the alias record must - // have the same type as the record that you're routing traffic to, and creating - // a CNAME record for the zone apex isn't supported even for an alias record. - // - // DNSName is a required field - DNSName *string `type:"string" required:"true"` - - // Applies only to alias, failover alias, geolocation alias, latency alias, - // and weighted alias resource record sets: When EvaluateTargetHealth is true, - // an alias resource record set inherits the health of the referenced Amazon - // Web Services resource, such as an ELB load balancer or another resource record - // set in the hosted zone. - // - // Note the following: - // - // CloudFront distributions - // - // You can't set EvaluateTargetHealth to true when the alias target is a CloudFront - // distribution. - // - // Elastic Beanstalk environments that have regionalized subdomains - // - // If you specify an Elastic Beanstalk environment in DNSName and the environment - // contains an ELB load balancer, Elastic Load Balancing routes queries only - // to the healthy Amazon EC2 instances that are registered with the load balancer. - // (An environment automatically contains an ELB load balancer if it includes - // more than one Amazon EC2 instance.) If you set EvaluateTargetHealth to true - // and either no Amazon EC2 instances are healthy or the load balancer itself - // is unhealthy, Route 53 routes queries to other available resources that are - // healthy, if any. - // - // If the environment contains a single Amazon EC2 instance, there are no special - // requirements. - // - // ELB load balancers - // - // Health checking behavior depends on the type of load balancer: - // - // * Classic Load Balancers: If you specify an ELB Classic Load Balancer - // in DNSName, Elastic Load Balancing routes queries only to the healthy - // Amazon EC2 instances that are registered with the load balancer. If you - // set EvaluateTargetHealth to true and either no EC2 instances are healthy - // or the load balancer itself is unhealthy, Route 53 routes queries to other - // resources. - // - // * Application and Network Load Balancers: If you specify an ELB Application - // or Network Load Balancer and you set EvaluateTargetHealth to true, Route - // 53 routes queries to the load balancer based on the health of the target - // groups that are associated with the load balancer: For an Application - // or Network Load Balancer to be considered healthy, every target group - // that contains targets must contain at least one healthy target. If any - // target group contains only unhealthy targets, the load balancer is considered - // unhealthy, and Route 53 routes queries to other resources. A target group - // that has no registered targets is considered unhealthy. - // - // When you create a load balancer, you configure settings for Elastic Load - // Balancing health checks; they're not Route 53 health checks, but they perform - // a similar function. Do not create Route 53 health checks for the EC2 instances - // that you register with an ELB load balancer. - // - // S3 buckets - // - // There are no special requirements for setting EvaluateTargetHealth to true - // when the alias target is an S3 bucket. - // - // Other records in the same hosted zone - // - // If the Amazon Web Services resource that you specify in DNSName is a record - // or a group of records (for example, a group of weighted records) but is not - // another alias record, we recommend that you associate a health check with - // all of the records in the alias target. For more information, see What Happens - // When You Omit Health Checks? (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) - // in the Amazon Route 53 Developer Guide. - // - // For more information and examples, see Amazon Route 53 Health Checks and - // DNS Failover (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) - // in the Amazon Route 53 Developer Guide. - // - // EvaluateTargetHealth is a required field - EvaluateTargetHealth *bool `type:"boolean" required:"true"` - - // Alias resource records sets only: The value used depends on where you want - // to route traffic: - // - // Amazon API Gateway custom regional APIs and edge-optimized APIs - // - // Specify the hosted zone ID for your API. You can get the applicable value - // using the CLI command get-domain-names (https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html): - // - // * For regional APIs, specify the value of regionalHostedZoneId. - // - // * For edge-optimized APIs, specify the value of distributionHostedZoneId. - // - // Amazon Virtual Private Cloud interface VPC endpoint - // - // Specify the hosted zone ID for your interface endpoint. You can get the value - // of HostedZoneId using the CLI command describe-vpc-endpoints (https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html). - // - // CloudFront distribution - // - // Specify Z2FDTNDATAQYW2. - // - // Alias resource record sets for CloudFront can't be created in a private zone. - // - // Elastic Beanstalk environment - // - // Specify the hosted zone ID for the region that you created the environment - // in. The environment must have a regionalized subdomain. For a list of regions - // and the corresponding hosted zone IDs, see Elastic Beanstalk endpoints and - // quotas (https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) - // in the Amazon Web Services General Reference. - // - // ELB load balancer - // - // Specify the value of the hosted zone ID for the load balancer. Use the following - // methods to get the hosted zone ID: - // - // * Elastic Load Balancing endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/elb.html) - // topic in the Amazon Web Services General Reference: Use the value that - // corresponds with the region that you created your load balancer in. Note - // that there are separate columns for Application and Classic Load Balancers - // and for Network Load Balancers. - // - // * Amazon Web Services Management Console: Go to the Amazon EC2 page, choose - // Load Balancers in the navigation pane, select the load balancer, and get - // the value of the Hosted zone field on the Description tab. - // - // * Elastic Load Balancing API: Use DescribeLoadBalancers to get the applicable - // value. For more information, see the applicable guide: Classic Load Balancers: - // Use DescribeLoadBalancers (https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) - // to get the value of CanonicalHostedZoneNameId. Application and Network - // Load Balancers: Use DescribeLoadBalancers (https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) - // to get the value of CanonicalHostedZoneId. - // - // * CLI: Use describe-load-balancers to get the applicable value. For more - // information, see the applicable guide: Classic Load Balancers: Use describe-load-balancers - // (http://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) - // to get the value of CanonicalHostedZoneNameId. Application and Network - // Load Balancers: Use describe-load-balancers (http://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) - // to get the value of CanonicalHostedZoneId. - // - // Global Accelerator accelerator - // - // Specify Z2BJ6XQ5FK7U4H. - // - // An Amazon S3 bucket configured as a static website - // - // Specify the hosted zone ID for the region that you created the bucket in. - // For more information about valid values, see the table Amazon S3 Website - // Endpoints (https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) - // in the Amazon Web Services General Reference. - // - // Another Route 53 resource record set in your hosted zone - // - // Specify the hosted zone ID of your hosted zone. (An alias resource record - // set can't reference a resource record set in a different hosted zone.) - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AliasTarget) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AliasTarget) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *AliasTarget) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AliasTarget"} - if s.DNSName == nil { - invalidParams.Add(request.NewErrParamRequired("DNSName")) - } - if s.EvaluateTargetHealth == nil { - invalidParams.Add(request.NewErrParamRequired("EvaluateTargetHealth")) - } - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetDNSName sets the DNSName field's value. -func (s *AliasTarget) SetDNSName(v string) *AliasTarget { - s.DNSName = &v - return s -} - -// SetEvaluateTargetHealth sets the EvaluateTargetHealth field's value. -func (s *AliasTarget) SetEvaluateTargetHealth(v bool) *AliasTarget { - s.EvaluateTargetHealth = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *AliasTarget) SetHostedZoneId(v string) *AliasTarget { - s.HostedZoneId = &v - return s -} - -// A complex type that contains information about the request to associate a -// VPC with a private hosted zone. -type AssociateVPCWithHostedZoneInput struct { - _ struct{} `locationName:"AssociateVPCWithHostedZoneRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // Optional: A comment about the association request. - Comment *string `type:"string"` - - // The ID of the private hosted zone that you want to associate an Amazon VPC - // with. - // - // Note that you can't associate a VPC with a hosted zone that doesn't have - // an existing VPC association. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` - - // A complex type that contains information about the VPC that you want to associate - // with a private hosted zone. - // - // VPC is a required field - VPC *VPC `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateVPCWithHostedZoneInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateVPCWithHostedZoneInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *AssociateVPCWithHostedZoneInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AssociateVPCWithHostedZoneInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.VPC == nil { - invalidParams.Add(request.NewErrParamRequired("VPC")) - } - if s.VPC != nil { - if err := s.VPC.Validate(); err != nil { - invalidParams.AddNested("VPC", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetComment sets the Comment field's value. -func (s *AssociateVPCWithHostedZoneInput) SetComment(v string) *AssociateVPCWithHostedZoneInput { - s.Comment = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *AssociateVPCWithHostedZoneInput) SetHostedZoneId(v string) *AssociateVPCWithHostedZoneInput { - s.HostedZoneId = &v - return s -} - -// SetVPC sets the VPC field's value. -func (s *AssociateVPCWithHostedZoneInput) SetVPC(v *VPC) *AssociateVPCWithHostedZoneInput { - s.VPC = v - return s -} - -// A complex type that contains the response information for the AssociateVPCWithHostedZone -// request. -type AssociateVPCWithHostedZoneOutput struct { - _ struct{} `type:"structure"` - - // A complex type that describes the changes made to your hosted zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateVPCWithHostedZoneOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateVPCWithHostedZoneOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *AssociateVPCWithHostedZoneOutput) SetChangeInfo(v *ChangeInfo) *AssociateVPCWithHostedZoneOutput { - s.ChangeInfo = v - return s -} - -// The information for each resource record set that you want to change. -type Change struct { - _ struct{} `type:"structure"` - - // The action to perform: - // - // * CREATE: Creates a resource record set that has the specified values. - // - // * DELETE: Deletes a existing resource record set. To delete the resource - // record set that is associated with a traffic policy instance, use DeleteTrafficPolicyInstance - // (https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteTrafficPolicyInstance.html). - // Amazon Route 53 will delete the resource record set automatically. If - // you delete the resource record set by using ChangeResourceRecordSets, - // Route 53 doesn't automatically delete the traffic policy instance, and - // you'll continue to be charged for it even though it's no longer in use. - // - // * UPSERT: If a resource record set doesn't already exist, Route 53 creates - // it. If a resource record set does exist, Route 53 updates it with the - // values in the request. - // - // Action is a required field - Action *string `type:"string" required:"true" enum:"ChangeAction"` - - // Information about the resource record set to create, delete, or update. - // - // ResourceRecordSet is a required field - ResourceRecordSet *ResourceRecordSet `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Change) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Change) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *Change) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "Change"} - if s.Action == nil { - invalidParams.Add(request.NewErrParamRequired("Action")) - } - if s.ResourceRecordSet == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceRecordSet")) - } - if s.ResourceRecordSet != nil { - if err := s.ResourceRecordSet.Validate(); err != nil { - invalidParams.AddNested("ResourceRecordSet", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAction sets the Action field's value. -func (s *Change) SetAction(v string) *Change { - s.Action = &v - return s -} - -// SetResourceRecordSet sets the ResourceRecordSet field's value. -func (s *Change) SetResourceRecordSet(v *ResourceRecordSet) *Change { - s.ResourceRecordSet = v - return s -} - -// The information for a change request. -type ChangeBatch struct { - _ struct{} `type:"structure"` - - // Information about the changes to make to the record sets. - // - // Changes is a required field - Changes []*Change `locationNameList:"Change" min:"1" type:"list" required:"true"` - - // Optional: Any comments you want to include about a change batch request. - Comment *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeBatch) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeBatch) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ChangeBatch) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ChangeBatch"} - if s.Changes == nil { - invalidParams.Add(request.NewErrParamRequired("Changes")) - } - if s.Changes != nil && len(s.Changes) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Changes", 1)) - } - if s.Changes != nil { - for i, v := range s.Changes { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Changes", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetChanges sets the Changes field's value. -func (s *ChangeBatch) SetChanges(v []*Change) *ChangeBatch { - s.Changes = v - return s -} - -// SetComment sets the Comment field's value. -func (s *ChangeBatch) SetComment(v string) *ChangeBatch { - s.Comment = &v - return s -} - -type ChangeCidrCollectionInput struct { - _ struct{} `locationName:"ChangeCidrCollectionRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // Information about changes to a CIDR collection. - // - // Changes is a required field - Changes []*CidrCollectionChange `min:"1" type:"list" required:"true"` - - // A sequential counter that Amazon Route 53 sets to 1 when you create a collection - // and increments it by 1 each time you update the collection. - // - // We recommend that you use ListCidrCollection to get the current value of - // CollectionVersion for the collection that you want to update, and then include - // that value with the change request. This prevents Route 53 from overwriting - // an intervening update: - // - // * If the value in the request matches the value of CollectionVersion in - // the collection, Route 53 updates the collection. - // - // * If the value of CollectionVersion in the collection is greater than - // the value in the request, the collection was changed after you got the - // version number. Route 53 does not update the collection, and it returns - // a CidrCollectionVersionMismatch error. - CollectionVersion *int64 `min:"1" type:"long"` - - // The UUID of the CIDR collection to update. - // - // Id is a required field - Id *string `location:"uri" locationName:"CidrCollectionId" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeCidrCollectionInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeCidrCollectionInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ChangeCidrCollectionInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ChangeCidrCollectionInput"} - if s.Changes == nil { - invalidParams.Add(request.NewErrParamRequired("Changes")) - } - if s.Changes != nil && len(s.Changes) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Changes", 1)) - } - if s.CollectionVersion != nil && *s.CollectionVersion < 1 { - invalidParams.Add(request.NewErrParamMinValue("CollectionVersion", 1)) - } - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - if s.Changes != nil { - for i, v := range s.Changes { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Changes", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetChanges sets the Changes field's value. -func (s *ChangeCidrCollectionInput) SetChanges(v []*CidrCollectionChange) *ChangeCidrCollectionInput { - s.Changes = v - return s -} - -// SetCollectionVersion sets the CollectionVersion field's value. -func (s *ChangeCidrCollectionInput) SetCollectionVersion(v int64) *ChangeCidrCollectionInput { - s.CollectionVersion = &v - return s -} - -// SetId sets the Id field's value. -func (s *ChangeCidrCollectionInput) SetId(v string) *ChangeCidrCollectionInput { - s.Id = &v - return s -} - -type ChangeCidrCollectionOutput struct { - _ struct{} `type:"structure"` - - // The ID that is returned by ChangeCidrCollection. You can use it as input - // to GetChange to see if a CIDR collection change has propagated or not. - // - // Id is a required field - Id *string `min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeCidrCollectionOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeCidrCollectionOutput) GoString() string { - return s.String() -} - -// SetId sets the Id field's value. -func (s *ChangeCidrCollectionOutput) SetId(v string) *ChangeCidrCollectionOutput { - s.Id = &v - return s -} - -// A complex type that describes change information about changes made to your -// hosted zone. -type ChangeInfo struct { - _ struct{} `type:"structure"` - - // A comment you can provide. - Comment *string `type:"string"` - - // This element contains an ID that you use when performing a GetChange (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetChange.html) - // action to get detailed information about the change. - // - // Id is a required field - Id *string `type:"string" required:"true"` - - // The current state of the request. PENDING indicates that this request has - // not yet been applied to all Amazon Route 53 DNS servers. - // - // Status is a required field - Status *string `type:"string" required:"true" enum:"ChangeStatus"` - - // The date and time that the change request was submitted in ISO 8601 format - // (https://en.wikipedia.org/wiki/ISO_8601) and Coordinated Universal Time (UTC). - // For example, the value 2017-03-27T17:48:16.751Z represents March 27, 2017 - // at 17:48:16.751 UTC. - // - // SubmittedAt is a required field - SubmittedAt *time.Time `type:"timestamp" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeInfo) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeInfo) GoString() string { - return s.String() -} - -// SetComment sets the Comment field's value. -func (s *ChangeInfo) SetComment(v string) *ChangeInfo { - s.Comment = &v - return s -} - -// SetId sets the Id field's value. -func (s *ChangeInfo) SetId(v string) *ChangeInfo { - s.Id = &v - return s -} - -// SetStatus sets the Status field's value. -func (s *ChangeInfo) SetStatus(v string) *ChangeInfo { - s.Status = &v - return s -} - -// SetSubmittedAt sets the SubmittedAt field's value. -func (s *ChangeInfo) SetSubmittedAt(v time.Time) *ChangeInfo { - s.SubmittedAt = &v - return s -} - -// A complex type that contains change information for the resource record set. -type ChangeResourceRecordSetsInput struct { - _ struct{} `locationName:"ChangeResourceRecordSetsRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A complex type that contains an optional comment and the Changes element. - // - // ChangeBatch is a required field - ChangeBatch *ChangeBatch `type:"structure" required:"true"` - - // The ID of the hosted zone that contains the resource record sets that you - // want to change. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeResourceRecordSetsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeResourceRecordSetsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ChangeResourceRecordSetsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ChangeResourceRecordSetsInput"} - if s.ChangeBatch == nil { - invalidParams.Add(request.NewErrParamRequired("ChangeBatch")) - } - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.ChangeBatch != nil { - if err := s.ChangeBatch.Validate(); err != nil { - invalidParams.AddNested("ChangeBatch", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetChangeBatch sets the ChangeBatch field's value. -func (s *ChangeResourceRecordSetsInput) SetChangeBatch(v *ChangeBatch) *ChangeResourceRecordSetsInput { - s.ChangeBatch = v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ChangeResourceRecordSetsInput) SetHostedZoneId(v string) *ChangeResourceRecordSetsInput { - s.HostedZoneId = &v - return s -} - -// A complex type containing the response for the request. -type ChangeResourceRecordSetsOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about changes made to your hosted - // zone. - // - // This element contains an ID that you use when performing a GetChange (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetChange.html) - // action to get detailed information about the change. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeResourceRecordSetsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeResourceRecordSetsOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *ChangeResourceRecordSetsOutput) SetChangeInfo(v *ChangeInfo) *ChangeResourceRecordSetsOutput { - s.ChangeInfo = v - return s -} - -// A complex type that contains information about the tags that you want to -// add, edit, or delete. -type ChangeTagsForResourceInput struct { - _ struct{} `locationName:"ChangeTagsForResourceRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A complex type that contains a list of the tags that you want to add to the - // specified health check or hosted zone and/or the tags that you want to edit - // Value for. - // - // You can add a maximum of 10 tags to a health check or a hosted zone. - AddTags []*Tag `locationNameList:"Tag" min:"1" type:"list"` - - // A complex type that contains a list of the tags that you want to delete from - // the specified health check or hosted zone. You can specify up to 10 keys. - RemoveTagKeys []*string `locationNameList:"Key" min:"1" type:"list"` - - // The ID of the resource for which you want to add, change, or delete tags. - // - // ResourceId is a required field - ResourceId *string `location:"uri" locationName:"ResourceId" type:"string" required:"true"` - - // The type of the resource. - // - // * The resource type for health checks is healthcheck. - // - // * The resource type for hosted zones is hostedzone. - // - // ResourceType is a required field - ResourceType *string `location:"uri" locationName:"ResourceType" type:"string" required:"true" enum:"TagResourceType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeTagsForResourceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeTagsForResourceInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ChangeTagsForResourceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ChangeTagsForResourceInput"} - if s.AddTags != nil && len(s.AddTags) < 1 { - invalidParams.Add(request.NewErrParamMinLen("AddTags", 1)) - } - if s.RemoveTagKeys != nil && len(s.RemoveTagKeys) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RemoveTagKeys", 1)) - } - if s.ResourceId == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceId")) - } - if s.ResourceId != nil && len(*s.ResourceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceId", 1)) - } - if s.ResourceType == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceType")) - } - if s.ResourceType != nil && len(*s.ResourceType) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAddTags sets the AddTags field's value. -func (s *ChangeTagsForResourceInput) SetAddTags(v []*Tag) *ChangeTagsForResourceInput { - s.AddTags = v - return s -} - -// SetRemoveTagKeys sets the RemoveTagKeys field's value. -func (s *ChangeTagsForResourceInput) SetRemoveTagKeys(v []*string) *ChangeTagsForResourceInput { - s.RemoveTagKeys = v - return s -} - -// SetResourceId sets the ResourceId field's value. -func (s *ChangeTagsForResourceInput) SetResourceId(v string) *ChangeTagsForResourceInput { - s.ResourceId = &v - return s -} - -// SetResourceType sets the ResourceType field's value. -func (s *ChangeTagsForResourceInput) SetResourceType(v string) *ChangeTagsForResourceInput { - s.ResourceType = &v - return s -} - -// Empty response for the request. -type ChangeTagsForResourceOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeTagsForResourceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ChangeTagsForResourceOutput) GoString() string { - return s.String() -} - -// A complex type that lists the CIDR blocks. -type CidrBlockSummary struct { - _ struct{} `type:"structure"` - - // Value for the CIDR block. - CidrBlock *string `min:"1" type:"string"` - - // The location name of the CIDR block. - LocationName *string `min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CidrBlockSummary) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CidrBlockSummary) GoString() string { - return s.String() -} - -// SetCidrBlock sets the CidrBlock field's value. -func (s *CidrBlockSummary) SetCidrBlock(v string) *CidrBlockSummary { - s.CidrBlock = &v - return s -} - -// SetLocationName sets the LocationName field's value. -func (s *CidrBlockSummary) SetLocationName(v string) *CidrBlockSummary { - s.LocationName = &v - return s -} - -// A complex type that identifies a CIDR collection. -type CidrCollection struct { - _ struct{} `type:"structure"` - - // The ARN of the collection. Can be used to reference the collection in IAM - // policy or in another Amazon Web Services account. - Arn *string `min:"20" type:"string"` - - // The unique ID of the CIDR collection. - Id *string `type:"string"` - - // The name of a CIDR collection. - Name *string `min:"1" type:"string"` - - // A sequential counter that Route 53 sets to 1 when you create a CIDR collection - // and increments by 1 each time you update settings for the CIDR collection. - Version *int64 `min:"1" type:"long"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CidrCollection) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CidrCollection) GoString() string { - return s.String() -} - -// SetArn sets the Arn field's value. -func (s *CidrCollection) SetArn(v string) *CidrCollection { - s.Arn = &v - return s -} - -// SetId sets the Id field's value. -func (s *CidrCollection) SetId(v string) *CidrCollection { - s.Id = &v - return s -} - -// SetName sets the Name field's value. -func (s *CidrCollection) SetName(v string) *CidrCollection { - s.Name = &v - return s -} - -// SetVersion sets the Version field's value. -func (s *CidrCollection) SetVersion(v int64) *CidrCollection { - s.Version = &v - return s -} - -// A complex type that contains information about the CIDR collection change. -type CidrCollectionChange struct { - _ struct{} `type:"structure"` - - // CIDR collection change action. - // - // Action is a required field - Action *string `type:"string" required:"true" enum:"CidrCollectionChangeAction"` - - // List of CIDR blocks. - // - // CidrList is a required field - CidrList []*string `locationNameList:"Cidr" min:"1" type:"list" required:"true"` - - // Name of the location that is associated with the CIDR collection. - // - // LocationName is a required field - LocationName *string `min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CidrCollectionChange) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CidrCollectionChange) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CidrCollectionChange) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CidrCollectionChange"} - if s.Action == nil { - invalidParams.Add(request.NewErrParamRequired("Action")) - } - if s.CidrList == nil { - invalidParams.Add(request.NewErrParamRequired("CidrList")) - } - if s.CidrList != nil && len(s.CidrList) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CidrList", 1)) - } - if s.LocationName == nil { - invalidParams.Add(request.NewErrParamRequired("LocationName")) - } - if s.LocationName != nil && len(*s.LocationName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LocationName", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAction sets the Action field's value. -func (s *CidrCollectionChange) SetAction(v string) *CidrCollectionChange { - s.Action = &v - return s -} - -// SetCidrList sets the CidrList field's value. -func (s *CidrCollectionChange) SetCidrList(v []*string) *CidrCollectionChange { - s.CidrList = v - return s -} - -// SetLocationName sets the LocationName field's value. -func (s *CidrCollectionChange) SetLocationName(v string) *CidrCollectionChange { - s.LocationName = &v - return s -} - -// The object that is specified in resource record set object when you are linking -// a resource record set to a CIDR location. -// -// A LocationName with an asterisk “*” can be used to create a default CIDR -// record. CollectionId is still required for default record. -type CidrRoutingConfig struct { - _ struct{} `type:"structure"` - - // The CIDR collection ID. - // - // CollectionId is a required field - CollectionId *string `type:"string" required:"true"` - - // The CIDR collection location name. - // - // LocationName is a required field - LocationName *string `min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CidrRoutingConfig) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CidrRoutingConfig) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CidrRoutingConfig) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CidrRoutingConfig"} - if s.CollectionId == nil { - invalidParams.Add(request.NewErrParamRequired("CollectionId")) - } - if s.LocationName == nil { - invalidParams.Add(request.NewErrParamRequired("LocationName")) - } - if s.LocationName != nil && len(*s.LocationName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LocationName", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCollectionId sets the CollectionId field's value. -func (s *CidrRoutingConfig) SetCollectionId(v string) *CidrRoutingConfig { - s.CollectionId = &v - return s -} - -// SetLocationName sets the LocationName field's value. -func (s *CidrRoutingConfig) SetLocationName(v string) *CidrRoutingConfig { - s.LocationName = &v - return s -} - -// A complex type that contains information about the CloudWatch alarm that -// Amazon Route 53 is monitoring for this health check. -type CloudWatchAlarmConfiguration struct { - _ struct{} `type:"structure"` - - // For the metric that the CloudWatch alarm is associated with, the arithmetic - // operation that is used for the comparison. - // - // ComparisonOperator is a required field - ComparisonOperator *string `type:"string" required:"true" enum:"ComparisonOperator"` - - // For the metric that the CloudWatch alarm is associated with, a complex type - // that contains information about the dimensions for the metric. For information, - // see Amazon CloudWatch Namespaces, Dimensions, and Metrics Reference (https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html) - // in the Amazon CloudWatch User Guide. - Dimensions []*Dimension `locationNameList:"Dimension" type:"list"` - - // For the metric that the CloudWatch alarm is associated with, the number of - // periods that the metric is compared to the threshold. - // - // EvaluationPeriods is a required field - EvaluationPeriods *int64 `min:"1" type:"integer" required:"true"` - - // The name of the CloudWatch metric that the alarm is associated with. - // - // MetricName is a required field - MetricName *string `min:"1" type:"string" required:"true"` - - // The namespace of the metric that the alarm is associated with. For more information, - // see Amazon CloudWatch Namespaces, Dimensions, and Metrics Reference (https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html) - // in the Amazon CloudWatch User Guide. - // - // Namespace is a required field - Namespace *string `min:"1" type:"string" required:"true"` - - // For the metric that the CloudWatch alarm is associated with, the duration - // of one evaluation period in seconds. - // - // Period is a required field - Period *int64 `min:"60" type:"integer" required:"true"` - - // For the metric that the CloudWatch alarm is associated with, the statistic - // that is applied to the metric. - // - // Statistic is a required field - Statistic *string `type:"string" required:"true" enum:"Statistic"` - - // For the metric that the CloudWatch alarm is associated with, the value the - // metric is compared with. - // - // Threshold is a required field - Threshold *float64 `type:"double" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CloudWatchAlarmConfiguration) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CloudWatchAlarmConfiguration) GoString() string { - return s.String() -} - -// SetComparisonOperator sets the ComparisonOperator field's value. -func (s *CloudWatchAlarmConfiguration) SetComparisonOperator(v string) *CloudWatchAlarmConfiguration { - s.ComparisonOperator = &v - return s -} - -// SetDimensions sets the Dimensions field's value. -func (s *CloudWatchAlarmConfiguration) SetDimensions(v []*Dimension) *CloudWatchAlarmConfiguration { - s.Dimensions = v - return s -} - -// SetEvaluationPeriods sets the EvaluationPeriods field's value. -func (s *CloudWatchAlarmConfiguration) SetEvaluationPeriods(v int64) *CloudWatchAlarmConfiguration { - s.EvaluationPeriods = &v - return s -} - -// SetMetricName sets the MetricName field's value. -func (s *CloudWatchAlarmConfiguration) SetMetricName(v string) *CloudWatchAlarmConfiguration { - s.MetricName = &v - return s -} - -// SetNamespace sets the Namespace field's value. -func (s *CloudWatchAlarmConfiguration) SetNamespace(v string) *CloudWatchAlarmConfiguration { - s.Namespace = &v - return s -} - -// SetPeriod sets the Period field's value. -func (s *CloudWatchAlarmConfiguration) SetPeriod(v int64) *CloudWatchAlarmConfiguration { - s.Period = &v - return s -} - -// SetStatistic sets the Statistic field's value. -func (s *CloudWatchAlarmConfiguration) SetStatistic(v string) *CloudWatchAlarmConfiguration { - s.Statistic = &v - return s -} - -// SetThreshold sets the Threshold field's value. -func (s *CloudWatchAlarmConfiguration) SetThreshold(v float64) *CloudWatchAlarmConfiguration { - s.Threshold = &v - return s -} - -// A complex type that is an entry in an CidrCollection (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CidrCollection.html) -// array. -type CollectionSummary struct { - _ struct{} `type:"structure"` - - // The ARN of the collection summary. Can be used to reference the collection - // in IAM policy or cross-account. - Arn *string `min:"20" type:"string"` - - // Unique ID for the CIDR collection. - Id *string `type:"string"` - - // The name of a CIDR collection. - Name *string `min:"1" type:"string"` - - // A sequential counter that Route 53 sets to 1 when you create a CIDR collection - // and increments by 1 each time you update settings for the CIDR collection. - Version *int64 `min:"1" type:"long"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CollectionSummary) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CollectionSummary) GoString() string { - return s.String() -} - -// SetArn sets the Arn field's value. -func (s *CollectionSummary) SetArn(v string) *CollectionSummary { - s.Arn = &v - return s -} - -// SetId sets the Id field's value. -func (s *CollectionSummary) SetId(v string) *CollectionSummary { - s.Id = &v - return s -} - -// SetName sets the Name field's value. -func (s *CollectionSummary) SetName(v string) *CollectionSummary { - s.Name = &v - return s -} - -// SetVersion sets the Version field's value. -func (s *CollectionSummary) SetVersion(v int64) *CollectionSummary { - s.Version = &v - return s -} - -// A complex type that lists the coordinates for a geoproximity resource record. -type Coordinates struct { - _ struct{} `type:"structure"` - - // Specifies a coordinate of the north–south position of a geographic point - // on the surface of the Earth (-90 - 90). - // - // Latitude is a required field - Latitude *string `min:"1" type:"string" required:"true"` - - // Specifies a coordinate of the east–west position of a geographic point - // on the surface of the Earth (-180 - 180). - // - // Longitude is a required field - Longitude *string `min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Coordinates) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Coordinates) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *Coordinates) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "Coordinates"} - if s.Latitude == nil { - invalidParams.Add(request.NewErrParamRequired("Latitude")) - } - if s.Latitude != nil && len(*s.Latitude) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Latitude", 1)) - } - if s.Longitude == nil { - invalidParams.Add(request.NewErrParamRequired("Longitude")) - } - if s.Longitude != nil && len(*s.Longitude) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Longitude", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetLatitude sets the Latitude field's value. -func (s *Coordinates) SetLatitude(v string) *Coordinates { - s.Latitude = &v - return s -} - -// SetLongitude sets the Longitude field's value. -func (s *Coordinates) SetLongitude(v string) *Coordinates { - s.Longitude = &v - return s -} - -type CreateCidrCollectionInput struct { - _ struct{} `locationName:"CreateCidrCollectionRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A client-specific token that allows requests to be securely retried so that - // the intended outcome will only occur once, retries receive a similar response, - // and there are no additional edge cases to handle. - // - // CallerReference is a required field - CallerReference *string `min:"1" type:"string" required:"true"` - - // A unique identifier for the account that can be used to reference the collection - // from other API calls. - // - // Name is a required field - Name *string `min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateCidrCollectionInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateCidrCollectionInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateCidrCollectionInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateCidrCollectionInput"} - if s.CallerReference == nil { - invalidParams.Add(request.NewErrParamRequired("CallerReference")) - } - if s.CallerReference != nil && len(*s.CallerReference) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CallerReference", 1)) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Name != nil && len(*s.Name) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Name", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCallerReference sets the CallerReference field's value. -func (s *CreateCidrCollectionInput) SetCallerReference(v string) *CreateCidrCollectionInput { - s.CallerReference = &v - return s -} - -// SetName sets the Name field's value. -func (s *CreateCidrCollectionInput) SetName(v string) *CreateCidrCollectionInput { - s.Name = &v - return s -} - -type CreateCidrCollectionOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about the CIDR collection. - Collection *CidrCollection `type:"structure"` - - // A unique URL that represents the location for the CIDR collection. - Location *string `location:"header" locationName:"Location" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateCidrCollectionOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateCidrCollectionOutput) GoString() string { - return s.String() -} - -// SetCollection sets the Collection field's value. -func (s *CreateCidrCollectionOutput) SetCollection(v *CidrCollection) *CreateCidrCollectionOutput { - s.Collection = v - return s -} - -// SetLocation sets the Location field's value. -func (s *CreateCidrCollectionOutput) SetLocation(v string) *CreateCidrCollectionOutput { - s.Location = &v - return s -} - -// A complex type that contains the health check request information. -type CreateHealthCheckInput struct { - _ struct{} `locationName:"CreateHealthCheckRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A unique string that identifies the request and that allows you to retry - // a failed CreateHealthCheck request without the risk of creating two identical - // health checks: - // - // * If you send a CreateHealthCheck request with the same CallerReference - // and settings as a previous request, and if the health check doesn't exist, - // Amazon Route 53 creates the health check. If the health check does exist, - // Route 53 returns the settings for the existing health check. - // - // * If you send a CreateHealthCheck request with the same CallerReference - // as a deleted health check, regardless of the settings, Route 53 returns - // a HealthCheckAlreadyExists error. - // - // * If you send a CreateHealthCheck request with the same CallerReference - // as an existing health check but with different settings, Route 53 returns - // a HealthCheckAlreadyExists error. - // - // * If you send a CreateHealthCheck request with a unique CallerReference - // but settings identical to an existing health check, Route 53 creates the - // health check. - // - // Route 53 does not store the CallerReference for a deleted health check indefinitely. - // The CallerReference for a deleted health check will be deleted after a number - // of days. - // - // CallerReference is a required field - CallerReference *string `min:"1" type:"string" required:"true"` - - // A complex type that contains settings for a new health check. - // - // HealthCheckConfig is a required field - HealthCheckConfig *HealthCheckConfig `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateHealthCheckInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateHealthCheckInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateHealthCheckInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateHealthCheckInput"} - if s.CallerReference == nil { - invalidParams.Add(request.NewErrParamRequired("CallerReference")) - } - if s.CallerReference != nil && len(*s.CallerReference) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CallerReference", 1)) - } - if s.HealthCheckConfig == nil { - invalidParams.Add(request.NewErrParamRequired("HealthCheckConfig")) - } - if s.HealthCheckConfig != nil { - if err := s.HealthCheckConfig.Validate(); err != nil { - invalidParams.AddNested("HealthCheckConfig", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCallerReference sets the CallerReference field's value. -func (s *CreateHealthCheckInput) SetCallerReference(v string) *CreateHealthCheckInput { - s.CallerReference = &v - return s -} - -// SetHealthCheckConfig sets the HealthCheckConfig field's value. -func (s *CreateHealthCheckInput) SetHealthCheckConfig(v *HealthCheckConfig) *CreateHealthCheckInput { - s.HealthCheckConfig = v - return s -} - -// A complex type containing the response information for the new health check. -type CreateHealthCheckOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains identifying information about the health check. - // - // HealthCheck is a required field - HealthCheck *HealthCheck `type:"structure" required:"true"` - - // The unique URL representing the new health check. - // - // Location is a required field - Location *string `location:"header" locationName:"Location" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateHealthCheckOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateHealthCheckOutput) GoString() string { - return s.String() -} - -// SetHealthCheck sets the HealthCheck field's value. -func (s *CreateHealthCheckOutput) SetHealthCheck(v *HealthCheck) *CreateHealthCheckOutput { - s.HealthCheck = v - return s -} - -// SetLocation sets the Location field's value. -func (s *CreateHealthCheckOutput) SetLocation(v string) *CreateHealthCheckOutput { - s.Location = &v - return s -} - -// A complex type that contains information about the request to create a public -// or private hosted zone. -type CreateHostedZoneInput struct { - _ struct{} `locationName:"CreateHostedZoneRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A unique string that identifies the request and that allows failed CreateHostedZone - // requests to be retried without the risk of executing the operation twice. - // You must use a unique CallerReference string every time you submit a CreateHostedZone - // request. CallerReference can be any unique string, for example, a date/time - // stamp. - // - // CallerReference is a required field - CallerReference *string `min:"1" type:"string" required:"true"` - - // If you want to associate a reusable delegation set with this hosted zone, - // the ID that Amazon Route 53 assigned to the reusable delegation set when - // you created it. For more information about reusable delegation sets, see - // CreateReusableDelegationSet (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html). - // - // If you are using a reusable delegation set to create a public hosted zone - // for a subdomain, make sure that the parent hosted zone doesn't use one or - // more of the same name servers. If you have overlapping nameservers, the operation - // will cause a ConflictingDomainsExist error. - DelegationSetId *string `type:"string"` - - // (Optional) A complex type that contains the following optional values: - // - // * For public and private hosted zones, an optional comment - // - // * For private hosted zones, an optional PrivateZone element - // - // If you don't specify a comment or the PrivateZone element, omit HostedZoneConfig - // and the other elements. - HostedZoneConfig *HostedZoneConfig `type:"structure"` - - // The name of the domain. Specify a fully qualified domain name, for example, - // www.example.com. The trailing dot is optional; Amazon Route 53 assumes that - // the domain name is fully qualified. This means that Route 53 treats www.example.com - // (without a trailing dot) and www.example.com. (with a trailing dot) as identical. - // - // If you're creating a public hosted zone, this is the name you have registered - // with your DNS registrar. If your domain name is registered with a registrar - // other than Route 53, change the name servers for your domain to the set of - // NameServers that CreateHostedZone returns in DelegationSet. - // - // Name is a required field - Name *string `type:"string" required:"true"` - - // (Private hosted zones only) A complex type that contains information about - // the Amazon VPC that you're associating with this hosted zone. - // - // You can specify only one Amazon VPC when you create a private hosted zone. - // If you are associating a VPC with a hosted zone with this request, the paramaters - // VPCId and VPCRegion are also required. - // - // To associate additional Amazon VPCs with the hosted zone, use AssociateVPCWithHostedZone - // (https://docs.aws.amazon.com/Route53/latest/APIReference/API_AssociateVPCWithHostedZone.html) - // after you create a hosted zone. - VPC *VPC `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateHostedZoneInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateHostedZoneInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateHostedZoneInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateHostedZoneInput"} - if s.CallerReference == nil { - invalidParams.Add(request.NewErrParamRequired("CallerReference")) - } - if s.CallerReference != nil && len(*s.CallerReference) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CallerReference", 1)) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.VPC != nil { - if err := s.VPC.Validate(); err != nil { - invalidParams.AddNested("VPC", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCallerReference sets the CallerReference field's value. -func (s *CreateHostedZoneInput) SetCallerReference(v string) *CreateHostedZoneInput { - s.CallerReference = &v - return s -} - -// SetDelegationSetId sets the DelegationSetId field's value. -func (s *CreateHostedZoneInput) SetDelegationSetId(v string) *CreateHostedZoneInput { - s.DelegationSetId = &v - return s -} - -// SetHostedZoneConfig sets the HostedZoneConfig field's value. -func (s *CreateHostedZoneInput) SetHostedZoneConfig(v *HostedZoneConfig) *CreateHostedZoneInput { - s.HostedZoneConfig = v - return s -} - -// SetName sets the Name field's value. -func (s *CreateHostedZoneInput) SetName(v string) *CreateHostedZoneInput { - s.Name = &v - return s -} - -// SetVPC sets the VPC field's value. -func (s *CreateHostedZoneInput) SetVPC(v *VPC) *CreateHostedZoneInput { - s.VPC = v - return s -} - -// A complex type containing the response information for the hosted zone. -type CreateHostedZoneOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about the CreateHostedZone request. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` - - // A complex type that describes the name servers for this hosted zone. - // - // DelegationSet is a required field - DelegationSet *DelegationSet `type:"structure" required:"true"` - - // A complex type that contains general information about the hosted zone. - // - // HostedZone is a required field - HostedZone *HostedZone `type:"structure" required:"true"` - - // The unique URL representing the new hosted zone. - // - // Location is a required field - Location *string `location:"header" locationName:"Location" type:"string" required:"true"` - - // A complex type that contains information about an Amazon VPC that you associated - // with this hosted zone. - VPC *VPC `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateHostedZoneOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateHostedZoneOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *CreateHostedZoneOutput) SetChangeInfo(v *ChangeInfo) *CreateHostedZoneOutput { - s.ChangeInfo = v - return s -} - -// SetDelegationSet sets the DelegationSet field's value. -func (s *CreateHostedZoneOutput) SetDelegationSet(v *DelegationSet) *CreateHostedZoneOutput { - s.DelegationSet = v - return s -} - -// SetHostedZone sets the HostedZone field's value. -func (s *CreateHostedZoneOutput) SetHostedZone(v *HostedZone) *CreateHostedZoneOutput { - s.HostedZone = v - return s -} - -// SetLocation sets the Location field's value. -func (s *CreateHostedZoneOutput) SetLocation(v string) *CreateHostedZoneOutput { - s.Location = &v - return s -} - -// SetVPC sets the VPC field's value. -func (s *CreateHostedZoneOutput) SetVPC(v *VPC) *CreateHostedZoneOutput { - s.VPC = v - return s -} - -type CreateKeySigningKeyInput struct { - _ struct{} `locationName:"CreateKeySigningKeyRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A unique string that identifies the request. - // - // CallerReference is a required field - CallerReference *string `min:"1" type:"string" required:"true"` - - // The unique string (ID) used to identify a hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` - - // The Amazon resource name (ARN) for a customer managed key in Key Management - // Service (KMS). The KeyManagementServiceArn must be unique for each key-signing - // key (KSK) in a single hosted zone. To see an example of KeyManagementServiceArn - // that grants the correct permissions for DNSSEC, scroll down to Example. - // - // You must configure the customer managed customer managed key as follows: - // - // Status - // - // Enabled - // - // Key spec - // - // ECC_NIST_P256 - // - // Key usage - // - // Sign and verify - // - // Key policy - // - // The key policy must give permission for the following actions: - // - // * DescribeKey - // - // * GetPublicKey - // - // * Sign - // - // The key policy must also include the Amazon Route 53 service in the principal - // for your account. Specify the following: - // - // * "Service": "dnssec-route53.amazonaws.com" - // - // For more information about working with a customer managed key in KMS, see - // Key Management Service concepts (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html). - // - // KeyManagementServiceArn is a required field - KeyManagementServiceArn *string `type:"string" required:"true"` - - // A string used to identify a key-signing key (KSK). Name can include numbers, - // letters, and underscores (_). Name must be unique for each key-signing key - // in the same hosted zone. - // - // Name is a required field - Name *string `min:"3" type:"string" required:"true"` - - // A string specifying the initial status of the key-signing key (KSK). You - // can set the value to ACTIVE or INACTIVE. - // - // Status is a required field - Status *string `min:"5" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateKeySigningKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateKeySigningKeyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateKeySigningKeyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateKeySigningKeyInput"} - if s.CallerReference == nil { - invalidParams.Add(request.NewErrParamRequired("CallerReference")) - } - if s.CallerReference != nil && len(*s.CallerReference) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CallerReference", 1)) - } - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.KeyManagementServiceArn == nil { - invalidParams.Add(request.NewErrParamRequired("KeyManagementServiceArn")) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Name != nil && len(*s.Name) < 3 { - invalidParams.Add(request.NewErrParamMinLen("Name", 3)) - } - if s.Status == nil { - invalidParams.Add(request.NewErrParamRequired("Status")) - } - if s.Status != nil && len(*s.Status) < 5 { - invalidParams.Add(request.NewErrParamMinLen("Status", 5)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCallerReference sets the CallerReference field's value. -func (s *CreateKeySigningKeyInput) SetCallerReference(v string) *CreateKeySigningKeyInput { - s.CallerReference = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *CreateKeySigningKeyInput) SetHostedZoneId(v string) *CreateKeySigningKeyInput { - s.HostedZoneId = &v - return s -} - -// SetKeyManagementServiceArn sets the KeyManagementServiceArn field's value. -func (s *CreateKeySigningKeyInput) SetKeyManagementServiceArn(v string) *CreateKeySigningKeyInput { - s.KeyManagementServiceArn = &v - return s -} - -// SetName sets the Name field's value. -func (s *CreateKeySigningKeyInput) SetName(v string) *CreateKeySigningKeyInput { - s.Name = &v - return s -} - -// SetStatus sets the Status field's value. -func (s *CreateKeySigningKeyInput) SetStatus(v string) *CreateKeySigningKeyInput { - s.Status = &v - return s -} - -type CreateKeySigningKeyOutput struct { - _ struct{} `type:"structure"` - - // A complex type that describes change information about changes made to your - // hosted zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` - - // The key-signing key (KSK) that the request creates. - // - // KeySigningKey is a required field - KeySigningKey *KeySigningKey `type:"structure" required:"true"` - - // The unique URL representing the new key-signing key (KSK). - // - // Location is a required field - Location *string `location:"header" locationName:"Location" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateKeySigningKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateKeySigningKeyOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *CreateKeySigningKeyOutput) SetChangeInfo(v *ChangeInfo) *CreateKeySigningKeyOutput { - s.ChangeInfo = v - return s -} - -// SetKeySigningKey sets the KeySigningKey field's value. -func (s *CreateKeySigningKeyOutput) SetKeySigningKey(v *KeySigningKey) *CreateKeySigningKeyOutput { - s.KeySigningKey = v - return s -} - -// SetLocation sets the Location field's value. -func (s *CreateKeySigningKeyOutput) SetLocation(v string) *CreateKeySigningKeyOutput { - s.Location = &v - return s -} - -type CreateQueryLoggingConfigInput struct { - _ struct{} `locationName:"CreateQueryLoggingConfigRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // The Amazon Resource Name (ARN) for the log group that you want to Amazon - // Route 53 to send query logs to. This is the format of the ARN: - // - // arn:aws:logs:region:account-id:log-group:log_group_name - // - // To get the ARN for a log group, you can use the CloudWatch console, the DescribeLogGroups - // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeLogGroups.html) - // API action, the describe-log-groups (https://docs.aws.amazon.com/cli/latest/reference/logs/describe-log-groups.html) - // command, or the applicable command in one of the Amazon Web Services SDKs. - // - // CloudWatchLogsLogGroupArn is a required field - CloudWatchLogsLogGroupArn *string `type:"string" required:"true"` - - // The ID of the hosted zone that you want to log queries for. You can log queries - // only for public hosted zones. - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateQueryLoggingConfigInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateQueryLoggingConfigInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateQueryLoggingConfigInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateQueryLoggingConfigInput"} - if s.CloudWatchLogsLogGroupArn == nil { - invalidParams.Add(request.NewErrParamRequired("CloudWatchLogsLogGroupArn")) - } - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCloudWatchLogsLogGroupArn sets the CloudWatchLogsLogGroupArn field's value. -func (s *CreateQueryLoggingConfigInput) SetCloudWatchLogsLogGroupArn(v string) *CreateQueryLoggingConfigInput { - s.CloudWatchLogsLogGroupArn = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *CreateQueryLoggingConfigInput) SetHostedZoneId(v string) *CreateQueryLoggingConfigInput { - s.HostedZoneId = &v - return s -} - -type CreateQueryLoggingConfigOutput struct { - _ struct{} `type:"structure"` - - // The unique URL representing the new query logging configuration. - // - // Location is a required field - Location *string `location:"header" locationName:"Location" type:"string" required:"true"` - - // A complex type that contains the ID for a query logging configuration, the - // ID of the hosted zone that you want to log queries for, and the ARN for the - // log group that you want Amazon Route 53 to send query logs to. - // - // QueryLoggingConfig is a required field - QueryLoggingConfig *QueryLoggingConfig `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateQueryLoggingConfigOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateQueryLoggingConfigOutput) GoString() string { - return s.String() -} - -// SetLocation sets the Location field's value. -func (s *CreateQueryLoggingConfigOutput) SetLocation(v string) *CreateQueryLoggingConfigOutput { - s.Location = &v - return s -} - -// SetQueryLoggingConfig sets the QueryLoggingConfig field's value. -func (s *CreateQueryLoggingConfigOutput) SetQueryLoggingConfig(v *QueryLoggingConfig) *CreateQueryLoggingConfigOutput { - s.QueryLoggingConfig = v - return s -} - -type CreateReusableDelegationSetInput struct { - _ struct{} `locationName:"CreateReusableDelegationSetRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A unique string that identifies the request, and that allows you to retry - // failed CreateReusableDelegationSet requests without the risk of executing - // the operation twice. You must use a unique CallerReference string every time - // you submit a CreateReusableDelegationSet request. CallerReference can be - // any unique string, for example a date/time stamp. - // - // CallerReference is a required field - CallerReference *string `min:"1" type:"string" required:"true"` - - // If you want to mark the delegation set for an existing hosted zone as reusable, - // the ID for that hosted zone. - HostedZoneId *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateReusableDelegationSetInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateReusableDelegationSetInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateReusableDelegationSetInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateReusableDelegationSetInput"} - if s.CallerReference == nil { - invalidParams.Add(request.NewErrParamRequired("CallerReference")) - } - if s.CallerReference != nil && len(*s.CallerReference) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CallerReference", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCallerReference sets the CallerReference field's value. -func (s *CreateReusableDelegationSetInput) SetCallerReference(v string) *CreateReusableDelegationSetInput { - s.CallerReference = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *CreateReusableDelegationSetInput) SetHostedZoneId(v string) *CreateReusableDelegationSetInput { - s.HostedZoneId = &v - return s -} - -type CreateReusableDelegationSetOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains name server information. - // - // DelegationSet is a required field - DelegationSet *DelegationSet `type:"structure" required:"true"` - - // The unique URL representing the new reusable delegation set. - // - // Location is a required field - Location *string `location:"header" locationName:"Location" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateReusableDelegationSetOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateReusableDelegationSetOutput) GoString() string { - return s.String() -} - -// SetDelegationSet sets the DelegationSet field's value. -func (s *CreateReusableDelegationSetOutput) SetDelegationSet(v *DelegationSet) *CreateReusableDelegationSetOutput { - s.DelegationSet = v - return s -} - -// SetLocation sets the Location field's value. -func (s *CreateReusableDelegationSetOutput) SetLocation(v string) *CreateReusableDelegationSetOutput { - s.Location = &v - return s -} - -// A complex type that contains information about the traffic policy that you -// want to create. -type CreateTrafficPolicyInput struct { - _ struct{} `locationName:"CreateTrafficPolicyRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // (Optional) Any comments that you want to include about the traffic policy. - Comment *string `type:"string"` - - // The definition of this traffic policy in JSON format. For more information, - // see Traffic Policy Document Format (https://docs.aws.amazon.com/Route53/latest/APIReference/api-policies-traffic-policy-document-format.html). - // - // Document is a required field - Document *string `type:"string" required:"true"` - - // The name of the traffic policy. - // - // Name is a required field - Name *string `type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateTrafficPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateTrafficPolicyInput"} - if s.Document == nil { - invalidParams.Add(request.NewErrParamRequired("Document")) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetComment sets the Comment field's value. -func (s *CreateTrafficPolicyInput) SetComment(v string) *CreateTrafficPolicyInput { - s.Comment = &v - return s -} - -// SetDocument sets the Document field's value. -func (s *CreateTrafficPolicyInput) SetDocument(v string) *CreateTrafficPolicyInput { - s.Document = &v - return s -} - -// SetName sets the Name field's value. -func (s *CreateTrafficPolicyInput) SetName(v string) *CreateTrafficPolicyInput { - s.Name = &v - return s -} - -// A complex type that contains information about the resource record sets that -// you want to create based on a specified traffic policy. -type CreateTrafficPolicyInstanceInput struct { - _ struct{} `locationName:"CreateTrafficPolicyInstanceRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // The ID of the hosted zone that you want Amazon Route 53 to create resource - // record sets in by using the configuration in a traffic policy. - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` - - // The domain name (such as example.com) or subdomain name (such as www.example.com) - // for which Amazon Route 53 responds to DNS queries by using the resource record - // sets that Route 53 creates for this traffic policy instance. - // - // Name is a required field - Name *string `type:"string" required:"true"` - - // (Optional) The TTL that you want Amazon Route 53 to assign to all of the - // resource record sets that it creates in the specified hosted zone. - // - // TTL is a required field - TTL *int64 `type:"long" required:"true"` - - // The ID of the traffic policy that you want to use to create resource record - // sets in the specified hosted zone. - // - // TrafficPolicyId is a required field - TrafficPolicyId *string `min:"1" type:"string" required:"true"` - - // The version of the traffic policy that you want to use to create resource - // record sets in the specified hosted zone. - // - // TrafficPolicyVersion is a required field - TrafficPolicyVersion *int64 `min:"1" type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyInstanceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyInstanceInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateTrafficPolicyInstanceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateTrafficPolicyInstanceInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.TTL == nil { - invalidParams.Add(request.NewErrParamRequired("TTL")) - } - if s.TrafficPolicyId == nil { - invalidParams.Add(request.NewErrParamRequired("TrafficPolicyId")) - } - if s.TrafficPolicyId != nil && len(*s.TrafficPolicyId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TrafficPolicyId", 1)) - } - if s.TrafficPolicyVersion == nil { - invalidParams.Add(request.NewErrParamRequired("TrafficPolicyVersion")) - } - if s.TrafficPolicyVersion != nil && *s.TrafficPolicyVersion < 1 { - invalidParams.Add(request.NewErrParamMinValue("TrafficPolicyVersion", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *CreateTrafficPolicyInstanceInput) SetHostedZoneId(v string) *CreateTrafficPolicyInstanceInput { - s.HostedZoneId = &v - return s -} - -// SetName sets the Name field's value. -func (s *CreateTrafficPolicyInstanceInput) SetName(v string) *CreateTrafficPolicyInstanceInput { - s.Name = &v - return s -} - -// SetTTL sets the TTL field's value. -func (s *CreateTrafficPolicyInstanceInput) SetTTL(v int64) *CreateTrafficPolicyInstanceInput { - s.TTL = &v - return s -} - -// SetTrafficPolicyId sets the TrafficPolicyId field's value. -func (s *CreateTrafficPolicyInstanceInput) SetTrafficPolicyId(v string) *CreateTrafficPolicyInstanceInput { - s.TrafficPolicyId = &v - return s -} - -// SetTrafficPolicyVersion sets the TrafficPolicyVersion field's value. -func (s *CreateTrafficPolicyInstanceInput) SetTrafficPolicyVersion(v int64) *CreateTrafficPolicyInstanceInput { - s.TrafficPolicyVersion = &v - return s -} - -// A complex type that contains the response information for the CreateTrafficPolicyInstance -// request. -type CreateTrafficPolicyInstanceOutput struct { - _ struct{} `type:"structure"` - - // A unique URL that represents a new traffic policy instance. - // - // Location is a required field - Location *string `location:"header" locationName:"Location" type:"string" required:"true"` - - // A complex type that contains settings for the new traffic policy instance. - // - // TrafficPolicyInstance is a required field - TrafficPolicyInstance *TrafficPolicyInstance `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyInstanceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyInstanceOutput) GoString() string { - return s.String() -} - -// SetLocation sets the Location field's value. -func (s *CreateTrafficPolicyInstanceOutput) SetLocation(v string) *CreateTrafficPolicyInstanceOutput { - s.Location = &v - return s -} - -// SetTrafficPolicyInstance sets the TrafficPolicyInstance field's value. -func (s *CreateTrafficPolicyInstanceOutput) SetTrafficPolicyInstance(v *TrafficPolicyInstance) *CreateTrafficPolicyInstanceOutput { - s.TrafficPolicyInstance = v - return s -} - -// A complex type that contains the response information for the CreateTrafficPolicy -// request. -type CreateTrafficPolicyOutput struct { - _ struct{} `type:"structure"` - - // A unique URL that represents a new traffic policy. - // - // Location is a required field - Location *string `location:"header" locationName:"Location" type:"string" required:"true"` - - // A complex type that contains settings for the new traffic policy. - // - // TrafficPolicy is a required field - TrafficPolicy *TrafficPolicy `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyOutput) GoString() string { - return s.String() -} - -// SetLocation sets the Location field's value. -func (s *CreateTrafficPolicyOutput) SetLocation(v string) *CreateTrafficPolicyOutput { - s.Location = &v - return s -} - -// SetTrafficPolicy sets the TrafficPolicy field's value. -func (s *CreateTrafficPolicyOutput) SetTrafficPolicy(v *TrafficPolicy) *CreateTrafficPolicyOutput { - s.TrafficPolicy = v - return s -} - -// A complex type that contains information about the traffic policy that you -// want to create a new version for. -type CreateTrafficPolicyVersionInput struct { - _ struct{} `locationName:"CreateTrafficPolicyVersionRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // The comment that you specified in the CreateTrafficPolicyVersion request, - // if any. - Comment *string `type:"string"` - - // The definition of this version of the traffic policy, in JSON format. You - // specified the JSON in the CreateTrafficPolicyVersion request. For more information - // about the JSON format, see CreateTrafficPolicy (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicy.html). - // - // Document is a required field - Document *string `type:"string" required:"true"` - - // The ID of the traffic policy for which you want to create a new version. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyVersionInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyVersionInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateTrafficPolicyVersionInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateTrafficPolicyVersionInput"} - if s.Document == nil { - invalidParams.Add(request.NewErrParamRequired("Document")) - } - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetComment sets the Comment field's value. -func (s *CreateTrafficPolicyVersionInput) SetComment(v string) *CreateTrafficPolicyVersionInput { - s.Comment = &v - return s -} - -// SetDocument sets the Document field's value. -func (s *CreateTrafficPolicyVersionInput) SetDocument(v string) *CreateTrafficPolicyVersionInput { - s.Document = &v - return s -} - -// SetId sets the Id field's value. -func (s *CreateTrafficPolicyVersionInput) SetId(v string) *CreateTrafficPolicyVersionInput { - s.Id = &v - return s -} - -// A complex type that contains the response information for the CreateTrafficPolicyVersion -// request. -type CreateTrafficPolicyVersionOutput struct { - _ struct{} `type:"structure"` - - // A unique URL that represents a new traffic policy version. - // - // Location is a required field - Location *string `location:"header" locationName:"Location" type:"string" required:"true"` - - // A complex type that contains settings for the new version of the traffic - // policy. - // - // TrafficPolicy is a required field - TrafficPolicy *TrafficPolicy `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyVersionOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTrafficPolicyVersionOutput) GoString() string { - return s.String() -} - -// SetLocation sets the Location field's value. -func (s *CreateTrafficPolicyVersionOutput) SetLocation(v string) *CreateTrafficPolicyVersionOutput { - s.Location = &v - return s -} - -// SetTrafficPolicy sets the TrafficPolicy field's value. -func (s *CreateTrafficPolicyVersionOutput) SetTrafficPolicy(v *TrafficPolicy) *CreateTrafficPolicyVersionOutput { - s.TrafficPolicy = v - return s -} - -// A complex type that contains information about the request to authorize associating -// a VPC with your private hosted zone. Authorization is only required when -// a private hosted zone and a VPC were created by using different accounts. -type CreateVPCAssociationAuthorizationInput struct { - _ struct{} `locationName:"CreateVPCAssociationAuthorizationRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // The ID of the private hosted zone that you want to authorize associating - // a VPC with. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` - - // A complex type that contains the VPC ID and region for the VPC that you want - // to authorize associating with your hosted zone. - // - // VPC is a required field - VPC *VPC `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateVPCAssociationAuthorizationInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateVPCAssociationAuthorizationInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateVPCAssociationAuthorizationInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateVPCAssociationAuthorizationInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.VPC == nil { - invalidParams.Add(request.NewErrParamRequired("VPC")) - } - if s.VPC != nil { - if err := s.VPC.Validate(); err != nil { - invalidParams.AddNested("VPC", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *CreateVPCAssociationAuthorizationInput) SetHostedZoneId(v string) *CreateVPCAssociationAuthorizationInput { - s.HostedZoneId = &v - return s -} - -// SetVPC sets the VPC field's value. -func (s *CreateVPCAssociationAuthorizationInput) SetVPC(v *VPC) *CreateVPCAssociationAuthorizationInput { - s.VPC = v - return s -} - -// A complex type that contains the response information from a CreateVPCAssociationAuthorization -// request. -type CreateVPCAssociationAuthorizationOutput struct { - _ struct{} `type:"structure"` - - // The ID of the hosted zone that you authorized associating a VPC with. - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` - - // The VPC that you authorized associating with a hosted zone. - // - // VPC is a required field - VPC *VPC `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateVPCAssociationAuthorizationOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateVPCAssociationAuthorizationOutput) GoString() string { - return s.String() -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *CreateVPCAssociationAuthorizationOutput) SetHostedZoneId(v string) *CreateVPCAssociationAuthorizationOutput { - s.HostedZoneId = &v - return s -} - -// SetVPC sets the VPC field's value. -func (s *CreateVPCAssociationAuthorizationOutput) SetVPC(v *VPC) *CreateVPCAssociationAuthorizationOutput { - s.VPC = v - return s -} - -// A string representing the status of DNSSEC signing. -type DNSSECStatus struct { - _ struct{} `type:"structure"` - - // A string that represents the current hosted zone signing status. - // - // Status can have one of the following values: - // - // SIGNING - // - // DNSSEC signing is enabled for the hosted zone. - // - // NOT_SIGNING - // - // DNSSEC signing is not enabled for the hosted zone. - // - // DELETING - // - // DNSSEC signing is in the process of being removed for the hosted zone. - // - // ACTION_NEEDED - // - // There is a problem with signing in the hosted zone that requires you to take - // action to resolve. For example, the customer managed key might have been - // deleted, or the permissions for the customer managed key might have been - // changed. - // - // INTERNAL_FAILURE - // - // There was an error during a request. Before you can continue to work with - // DNSSEC signing, including with key-signing keys (KSKs), you must correct - // the problem by enabling or disabling DNSSEC signing for the hosted zone. - ServeSignature *string `min:"1" type:"string"` - - // The status message provided for the following DNSSEC signing status: INTERNAL_FAILURE. - // The status message includes information about what the problem might be and - // steps that you can take to correct the issue. - StatusMessage *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DNSSECStatus) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DNSSECStatus) GoString() string { - return s.String() -} - -// SetServeSignature sets the ServeSignature field's value. -func (s *DNSSECStatus) SetServeSignature(v string) *DNSSECStatus { - s.ServeSignature = &v - return s -} - -// SetStatusMessage sets the StatusMessage field's value. -func (s *DNSSECStatus) SetStatusMessage(v string) *DNSSECStatus { - s.StatusMessage = &v - return s -} - -type DeactivateKeySigningKeyInput struct { - _ struct{} `locationName:"DeactivateKeySigningKeyRequest" type:"structure"` - - // A unique string used to identify a hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"HostedZoneId" type:"string" required:"true"` - - // A string used to identify a key-signing key (KSK). - // - // Name is a required field - Name *string `location:"uri" locationName:"Name" min:"3" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeactivateKeySigningKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeactivateKeySigningKeyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeactivateKeySigningKeyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeactivateKeySigningKeyInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Name != nil && len(*s.Name) < 3 { - invalidParams.Add(request.NewErrParamMinLen("Name", 3)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *DeactivateKeySigningKeyInput) SetHostedZoneId(v string) *DeactivateKeySigningKeyInput { - s.HostedZoneId = &v - return s -} - -// SetName sets the Name field's value. -func (s *DeactivateKeySigningKeyInput) SetName(v string) *DeactivateKeySigningKeyInput { - s.Name = &v - return s -} - -type DeactivateKeySigningKeyOutput struct { - _ struct{} `type:"structure"` - - // A complex type that describes change information about changes made to your - // hosted zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeactivateKeySigningKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeactivateKeySigningKeyOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *DeactivateKeySigningKeyOutput) SetChangeInfo(v *ChangeInfo) *DeactivateKeySigningKeyOutput { - s.ChangeInfo = v - return s -} - -// A complex type that lists the name servers in a delegation set, as well as -// the CallerReference and the ID for the delegation set. -type DelegationSet struct { - _ struct{} `type:"structure"` - - // The value that you specified for CallerReference when you created the reusable - // delegation set. - CallerReference *string `min:"1" type:"string"` - - // The ID that Amazon Route 53 assigns to a reusable delegation set. - Id *string `type:"string"` - - // A complex type that contains a list of the authoritative name servers for - // a hosted zone or for a reusable delegation set. - // - // NameServers is a required field - NameServers []*string `locationNameList:"NameServer" min:"1" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DelegationSet) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DelegationSet) GoString() string { - return s.String() -} - -// SetCallerReference sets the CallerReference field's value. -func (s *DelegationSet) SetCallerReference(v string) *DelegationSet { - s.CallerReference = &v - return s -} - -// SetId sets the Id field's value. -func (s *DelegationSet) SetId(v string) *DelegationSet { - s.Id = &v - return s -} - -// SetNameServers sets the NameServers field's value. -func (s *DelegationSet) SetNameServers(v []*string) *DelegationSet { - s.NameServers = v - return s -} - -type DeleteCidrCollectionInput struct { - _ struct{} `locationName:"DeleteCidrCollectionRequest" type:"structure"` - - // The UUID of the collection to delete. - // - // Id is a required field - Id *string `location:"uri" locationName:"CidrCollectionId" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteCidrCollectionInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteCidrCollectionInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteCidrCollectionInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteCidrCollectionInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *DeleteCidrCollectionInput) SetId(v string) *DeleteCidrCollectionInput { - s.Id = &v - return s -} - -type DeleteCidrCollectionOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteCidrCollectionOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteCidrCollectionOutput) GoString() string { - return s.String() -} - -// This action deletes a health check. -type DeleteHealthCheckInput struct { - _ struct{} `locationName:"DeleteHealthCheckRequest" type:"structure"` - - // The ID of the health check that you want to delete. - // - // HealthCheckId is a required field - HealthCheckId *string `location:"uri" locationName:"HealthCheckId" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteHealthCheckInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteHealthCheckInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteHealthCheckInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteHealthCheckInput"} - if s.HealthCheckId == nil { - invalidParams.Add(request.NewErrParamRequired("HealthCheckId")) - } - if s.HealthCheckId != nil && len(*s.HealthCheckId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HealthCheckId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHealthCheckId sets the HealthCheckId field's value. -func (s *DeleteHealthCheckInput) SetHealthCheckId(v string) *DeleteHealthCheckInput { - s.HealthCheckId = &v - return s -} - -// An empty element. -type DeleteHealthCheckOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteHealthCheckOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteHealthCheckOutput) GoString() string { - return s.String() -} - -// A request to delete a hosted zone. -type DeleteHostedZoneInput struct { - _ struct{} `locationName:"DeleteHostedZoneRequest" type:"structure"` - - // The ID of the hosted zone you want to delete. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteHostedZoneInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteHostedZoneInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteHostedZoneInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteHostedZoneInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *DeleteHostedZoneInput) SetId(v string) *DeleteHostedZoneInput { - s.Id = &v - return s -} - -// A complex type that contains the response to a DeleteHostedZone request. -type DeleteHostedZoneOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains the ID, the status, and the date and time of - // a request to delete a hosted zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteHostedZoneOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteHostedZoneOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *DeleteHostedZoneOutput) SetChangeInfo(v *ChangeInfo) *DeleteHostedZoneOutput { - s.ChangeInfo = v - return s -} - -type DeleteKeySigningKeyInput struct { - _ struct{} `locationName:"DeleteKeySigningKeyRequest" type:"structure"` - - // A unique string used to identify a hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"HostedZoneId" type:"string" required:"true"` - - // A string used to identify a key-signing key (KSK). - // - // Name is a required field - Name *string `location:"uri" locationName:"Name" min:"3" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteKeySigningKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteKeySigningKeyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteKeySigningKeyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteKeySigningKeyInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Name != nil && len(*s.Name) < 3 { - invalidParams.Add(request.NewErrParamMinLen("Name", 3)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *DeleteKeySigningKeyInput) SetHostedZoneId(v string) *DeleteKeySigningKeyInput { - s.HostedZoneId = &v - return s -} - -// SetName sets the Name field's value. -func (s *DeleteKeySigningKeyInput) SetName(v string) *DeleteKeySigningKeyInput { - s.Name = &v - return s -} - -type DeleteKeySigningKeyOutput struct { - _ struct{} `type:"structure"` - - // A complex type that describes change information about changes made to your - // hosted zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteKeySigningKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteKeySigningKeyOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *DeleteKeySigningKeyOutput) SetChangeInfo(v *ChangeInfo) *DeleteKeySigningKeyOutput { - s.ChangeInfo = v - return s -} - -type DeleteQueryLoggingConfigInput struct { - _ struct{} `locationName:"DeleteQueryLoggingConfigRequest" type:"structure"` - - // The ID of the configuration that you want to delete. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteQueryLoggingConfigInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteQueryLoggingConfigInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteQueryLoggingConfigInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteQueryLoggingConfigInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *DeleteQueryLoggingConfigInput) SetId(v string) *DeleteQueryLoggingConfigInput { - s.Id = &v - return s -} - -type DeleteQueryLoggingConfigOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteQueryLoggingConfigOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteQueryLoggingConfigOutput) GoString() string { - return s.String() -} - -// A request to delete a reusable delegation set. -type DeleteReusableDelegationSetInput struct { - _ struct{} `locationName:"DeleteReusableDelegationSetRequest" type:"structure"` - - // The ID of the reusable delegation set that you want to delete. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteReusableDelegationSetInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteReusableDelegationSetInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteReusableDelegationSetInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteReusableDelegationSetInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *DeleteReusableDelegationSetInput) SetId(v string) *DeleteReusableDelegationSetInput { - s.Id = &v - return s -} - -// An empty element. -type DeleteReusableDelegationSetOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteReusableDelegationSetOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteReusableDelegationSetOutput) GoString() string { - return s.String() -} - -// A request to delete a specified traffic policy version. -type DeleteTrafficPolicyInput struct { - _ struct{} `locationName:"DeleteTrafficPolicyRequest" type:"structure"` - - // The ID of the traffic policy that you want to delete. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` - - // The version number of the traffic policy that you want to delete. - // - // Version is a required field - Version *int64 `location:"uri" locationName:"Version" min:"1" type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteTrafficPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteTrafficPolicyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteTrafficPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficPolicyInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - if s.Version == nil { - invalidParams.Add(request.NewErrParamRequired("Version")) - } - if s.Version != nil && *s.Version < 1 { - invalidParams.Add(request.NewErrParamMinValue("Version", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *DeleteTrafficPolicyInput) SetId(v string) *DeleteTrafficPolicyInput { - s.Id = &v - return s -} - -// SetVersion sets the Version field's value. -func (s *DeleteTrafficPolicyInput) SetVersion(v int64) *DeleteTrafficPolicyInput { - s.Version = &v - return s -} - -// A request to delete a specified traffic policy instance. -type DeleteTrafficPolicyInstanceInput struct { - _ struct{} `locationName:"DeleteTrafficPolicyInstanceRequest" type:"structure"` - - // The ID of the traffic policy instance that you want to delete. - // - // When you delete a traffic policy instance, Amazon Route 53 also deletes all - // of the resource record sets that were created when you created the traffic - // policy instance. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteTrafficPolicyInstanceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteTrafficPolicyInstanceInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteTrafficPolicyInstanceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteTrafficPolicyInstanceInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *DeleteTrafficPolicyInstanceInput) SetId(v string) *DeleteTrafficPolicyInstanceInput { - s.Id = &v - return s -} - -// An empty element. -type DeleteTrafficPolicyInstanceOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteTrafficPolicyInstanceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteTrafficPolicyInstanceOutput) GoString() string { - return s.String() -} - -// An empty element. -type DeleteTrafficPolicyOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteTrafficPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteTrafficPolicyOutput) GoString() string { - return s.String() -} - -// A complex type that contains information about the request to remove authorization -// to associate a VPC that was created by one Amazon Web Services account with -// a hosted zone that was created with a different Amazon Web Services account. -type DeleteVPCAssociationAuthorizationInput struct { - _ struct{} `locationName:"DeleteVPCAssociationAuthorizationRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // When removing authorization to associate a VPC that was created by one Amazon - // Web Services account with a hosted zone that was created with a different - // Amazon Web Services account, the ID of the hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` - - // When removing authorization to associate a VPC that was created by one Amazon - // Web Services account with a hosted zone that was created with a different - // Amazon Web Services account, a complex type that includes the ID and region - // of the VPC. - // - // VPC is a required field - VPC *VPC `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteVPCAssociationAuthorizationInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteVPCAssociationAuthorizationInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteVPCAssociationAuthorizationInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteVPCAssociationAuthorizationInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.VPC == nil { - invalidParams.Add(request.NewErrParamRequired("VPC")) - } - if s.VPC != nil { - if err := s.VPC.Validate(); err != nil { - invalidParams.AddNested("VPC", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *DeleteVPCAssociationAuthorizationInput) SetHostedZoneId(v string) *DeleteVPCAssociationAuthorizationInput { - s.HostedZoneId = &v - return s -} - -// SetVPC sets the VPC field's value. -func (s *DeleteVPCAssociationAuthorizationInput) SetVPC(v *VPC) *DeleteVPCAssociationAuthorizationInput { - s.VPC = v - return s -} - -// Empty response for the request. -type DeleteVPCAssociationAuthorizationOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteVPCAssociationAuthorizationOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteVPCAssociationAuthorizationOutput) GoString() string { - return s.String() -} - -// For the metric that the CloudWatch alarm is associated with, a complex type -// that contains information about one dimension. -type Dimension struct { - _ struct{} `type:"structure"` - - // For the metric that the CloudWatch alarm is associated with, the name of - // one dimension. - // - // Name is a required field - Name *string `min:"1" type:"string" required:"true"` - - // For the metric that the CloudWatch alarm is associated with, the value of - // one dimension. - // - // Value is a required field - Value *string `min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Dimension) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Dimension) GoString() string { - return s.String() -} - -// SetName sets the Name field's value. -func (s *Dimension) SetName(v string) *Dimension { - s.Name = &v - return s -} - -// SetValue sets the Value field's value. -func (s *Dimension) SetValue(v string) *Dimension { - s.Value = &v - return s -} - -type DisableHostedZoneDNSSECInput struct { - _ struct{} `locationName:"DisableHostedZoneDNSSECRequest" type:"structure"` - - // A unique string used to identify a hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisableHostedZoneDNSSECInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisableHostedZoneDNSSECInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DisableHostedZoneDNSSECInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DisableHostedZoneDNSSECInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *DisableHostedZoneDNSSECInput) SetHostedZoneId(v string) *DisableHostedZoneDNSSECInput { - s.HostedZoneId = &v - return s -} - -type DisableHostedZoneDNSSECOutput struct { - _ struct{} `type:"structure"` - - // A complex type that describes change information about changes made to your - // hosted zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisableHostedZoneDNSSECOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisableHostedZoneDNSSECOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *DisableHostedZoneDNSSECOutput) SetChangeInfo(v *ChangeInfo) *DisableHostedZoneDNSSECOutput { - s.ChangeInfo = v - return s -} - -// A complex type that contains information about the VPC that you want to disassociate -// from a specified private hosted zone. -type DisassociateVPCFromHostedZoneInput struct { - _ struct{} `locationName:"DisassociateVPCFromHostedZoneRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // Optional: A comment about the disassociation request. - Comment *string `type:"string"` - - // The ID of the private hosted zone that you want to disassociate a VPC from. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` - - // A complex type that contains information about the VPC that you're disassociating - // from the specified hosted zone. - // - // VPC is a required field - VPC *VPC `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisassociateVPCFromHostedZoneInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisassociateVPCFromHostedZoneInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DisassociateVPCFromHostedZoneInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DisassociateVPCFromHostedZoneInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.VPC == nil { - invalidParams.Add(request.NewErrParamRequired("VPC")) - } - if s.VPC != nil { - if err := s.VPC.Validate(); err != nil { - invalidParams.AddNested("VPC", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetComment sets the Comment field's value. -func (s *DisassociateVPCFromHostedZoneInput) SetComment(v string) *DisassociateVPCFromHostedZoneInput { - s.Comment = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *DisassociateVPCFromHostedZoneInput) SetHostedZoneId(v string) *DisassociateVPCFromHostedZoneInput { - s.HostedZoneId = &v - return s -} - -// SetVPC sets the VPC field's value. -func (s *DisassociateVPCFromHostedZoneInput) SetVPC(v *VPC) *DisassociateVPCFromHostedZoneInput { - s.VPC = v - return s -} - -// A complex type that contains the response information for the disassociate -// request. -type DisassociateVPCFromHostedZoneOutput struct { - _ struct{} `type:"structure"` - - // A complex type that describes the changes made to the specified private hosted - // zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisassociateVPCFromHostedZoneOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisassociateVPCFromHostedZoneOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *DisassociateVPCFromHostedZoneOutput) SetChangeInfo(v *ChangeInfo) *DisassociateVPCFromHostedZoneOutput { - s.ChangeInfo = v - return s -} - -type EnableHostedZoneDNSSECInput struct { - _ struct{} `locationName:"EnableHostedZoneDNSSECRequest" type:"structure"` - - // A unique string used to identify a hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s EnableHostedZoneDNSSECInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s EnableHostedZoneDNSSECInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *EnableHostedZoneDNSSECInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "EnableHostedZoneDNSSECInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *EnableHostedZoneDNSSECInput) SetHostedZoneId(v string) *EnableHostedZoneDNSSECInput { - s.HostedZoneId = &v - return s -} - -type EnableHostedZoneDNSSECOutput struct { - _ struct{} `type:"structure"` - - // A complex type that describes change information about changes made to your - // hosted zone. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s EnableHostedZoneDNSSECOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s EnableHostedZoneDNSSECOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *EnableHostedZoneDNSSECOutput) SetChangeInfo(v *ChangeInfo) *EnableHostedZoneDNSSECOutput { - s.ChangeInfo = v - return s -} - -// A complex type that contains information about a geographic location. -type GeoLocation struct { - _ struct{} `type:"structure"` - - // The two-letter code for the continent. - // - // Amazon Route 53 supports the following continent codes: - // - // * AF: Africa - // - // * AN: Antarctica - // - // * AS: Asia - // - // * EU: Europe - // - // * OC: Oceania - // - // * NA: North America - // - // * SA: South America - // - // Constraint: Specifying ContinentCode with either CountryCode or SubdivisionCode - // returns an InvalidInput error. - ContinentCode *string `min:"2" type:"string"` - - // For geolocation resource record sets, the two-letter code for a country. - // - // Amazon Route 53 uses the two-letter country codes that are specified in ISO - // standard 3166-1 alpha-2 (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2). - // - // Route 53 also supports the country code UA for Ukraine. - CountryCode *string `min:"1" type:"string"` - - // For geolocation resource record sets, the two-letter code for a state of - // the United States. Route 53 doesn't support any other values for SubdivisionCode. - // For a list of state abbreviations, see Appendix B: Two–Letter State and - // Possession Abbreviations (https://pe.usps.com/text/pub28/28apb.htm) on the - // United States Postal Service website. - // - // If you specify subdivisioncode, you must also specify US for CountryCode. - SubdivisionCode *string `min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GeoLocation) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GeoLocation) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GeoLocation) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GeoLocation"} - if s.ContinentCode != nil && len(*s.ContinentCode) < 2 { - invalidParams.Add(request.NewErrParamMinLen("ContinentCode", 2)) - } - if s.CountryCode != nil && len(*s.CountryCode) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CountryCode", 1)) - } - if s.SubdivisionCode != nil && len(*s.SubdivisionCode) < 1 { - invalidParams.Add(request.NewErrParamMinLen("SubdivisionCode", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetContinentCode sets the ContinentCode field's value. -func (s *GeoLocation) SetContinentCode(v string) *GeoLocation { - s.ContinentCode = &v - return s -} - -// SetCountryCode sets the CountryCode field's value. -func (s *GeoLocation) SetCountryCode(v string) *GeoLocation { - s.CountryCode = &v - return s -} - -// SetSubdivisionCode sets the SubdivisionCode field's value. -func (s *GeoLocation) SetSubdivisionCode(v string) *GeoLocation { - s.SubdivisionCode = &v - return s -} - -// A complex type that contains the codes and full continent, country, and subdivision -// names for the specified geolocation code. -type GeoLocationDetails struct { - _ struct{} `type:"structure"` - - // The two-letter code for the continent. - ContinentCode *string `min:"2" type:"string"` - - // The full name of the continent. - ContinentName *string `min:"1" type:"string"` - - // The two-letter code for the country. - CountryCode *string `min:"1" type:"string"` - - // The name of the country. - CountryName *string `min:"1" type:"string"` - - // The code for the subdivision, such as a particular state within the United - // States. For a list of US state abbreviations, see Appendix B: Two–Letter - // State and Possession Abbreviations (https://pe.usps.com/text/pub28/28apb.htm) - // on the United States Postal Service website. For a list of all supported - // subdivision codes, use the ListGeoLocations (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListGeoLocations.html) - // API. - SubdivisionCode *string `min:"1" type:"string"` - - // The full name of the subdivision. Route 53 currently supports only states - // in the United States. - SubdivisionName *string `min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GeoLocationDetails) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GeoLocationDetails) GoString() string { - return s.String() -} - -// SetContinentCode sets the ContinentCode field's value. -func (s *GeoLocationDetails) SetContinentCode(v string) *GeoLocationDetails { - s.ContinentCode = &v - return s -} - -// SetContinentName sets the ContinentName field's value. -func (s *GeoLocationDetails) SetContinentName(v string) *GeoLocationDetails { - s.ContinentName = &v - return s -} - -// SetCountryCode sets the CountryCode field's value. -func (s *GeoLocationDetails) SetCountryCode(v string) *GeoLocationDetails { - s.CountryCode = &v - return s -} - -// SetCountryName sets the CountryName field's value. -func (s *GeoLocationDetails) SetCountryName(v string) *GeoLocationDetails { - s.CountryName = &v - return s -} - -// SetSubdivisionCode sets the SubdivisionCode field's value. -func (s *GeoLocationDetails) SetSubdivisionCode(v string) *GeoLocationDetails { - s.SubdivisionCode = &v - return s -} - -// SetSubdivisionName sets the SubdivisionName field's value. -func (s *GeoLocationDetails) SetSubdivisionName(v string) *GeoLocationDetails { - s.SubdivisionName = &v - return s -} - -// (Resource record sets only): A complex type that lets you specify where your -// resources are located. Only one of LocalZoneGroup, Coordinates, or Amazon -// Web ServicesRegion is allowed per request at a time. -// -// For more information about geoproximity routing, see Geoproximity routing -// (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy-geoproximity.html) -// in the Amazon Route 53 Developer Guide. -type GeoProximityLocation struct { - _ struct{} `type:"structure"` - - // The Amazon Web Services Region the resource you are directing DNS traffic - // to, is in. - AWSRegion *string `min:"1" type:"string"` - - // The bias increases or decreases the size of the geographic region from which - // Route 53 routes traffic to a resource. - // - // To use Bias to change the size of the geographic region, specify the applicable - // value for the bias: - // - // * To expand the size of the geographic region from which Route 53 routes - // traffic to a resource, specify a positive integer from 1 to 99 for the - // bias. Route 53 shrinks the size of adjacent regions. - // - // * To shrink the size of the geographic region from which Route 53 routes - // traffic to a resource, specify a negative bias of -1 to -99. Route 53 - // expands the size of adjacent regions. - Bias *int64 `type:"integer"` - - // Contains the longitude and latitude for a geographic region. - Coordinates *Coordinates `type:"structure"` - - // Specifies an Amazon Web Services Local Zone Group. - // - // A local Zone Group is usually the Local Zone code without the ending character. - // For example, if the Local Zone is us-east-1-bue-1a the Local Zone Group is - // us-east-1-bue-1. - // - // You can identify the Local Zones Group for a specific Local Zone by using - // the describe-availability-zones (https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) - // CLI command: - // - // This command returns: "GroupName": "us-west-2-den-1", specifying that the - // Local Zone us-west-2-den-1a belongs to the Local Zone Group us-west-2-den-1. - LocalZoneGroup *string `min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GeoProximityLocation) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GeoProximityLocation) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GeoProximityLocation) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GeoProximityLocation"} - if s.AWSRegion != nil && len(*s.AWSRegion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("AWSRegion", 1)) - } - if s.Bias != nil && *s.Bias < -99 { - invalidParams.Add(request.NewErrParamMinValue("Bias", -99)) - } - if s.LocalZoneGroup != nil && len(*s.LocalZoneGroup) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LocalZoneGroup", 1)) - } - if s.Coordinates != nil { - if err := s.Coordinates.Validate(); err != nil { - invalidParams.AddNested("Coordinates", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAWSRegion sets the AWSRegion field's value. -func (s *GeoProximityLocation) SetAWSRegion(v string) *GeoProximityLocation { - s.AWSRegion = &v - return s -} - -// SetBias sets the Bias field's value. -func (s *GeoProximityLocation) SetBias(v int64) *GeoProximityLocation { - s.Bias = &v - return s -} - -// SetCoordinates sets the Coordinates field's value. -func (s *GeoProximityLocation) SetCoordinates(v *Coordinates) *GeoProximityLocation { - s.Coordinates = v - return s -} - -// SetLocalZoneGroup sets the LocalZoneGroup field's value. -func (s *GeoProximityLocation) SetLocalZoneGroup(v string) *GeoProximityLocation { - s.LocalZoneGroup = &v - return s -} - -// A complex type that contains information about the request to create a hosted -// zone. -type GetAccountLimitInput struct { - _ struct{} `locationName:"GetAccountLimitRequest" type:"structure"` - - // The limit that you want to get. Valid values include the following: - // - // * MAX_HEALTH_CHECKS_BY_OWNER: The maximum number of health checks that - // you can create using the current account. - // - // * MAX_HOSTED_ZONES_BY_OWNER: The maximum number of hosted zones that you - // can create using the current account. - // - // * MAX_REUSABLE_DELEGATION_SETS_BY_OWNER: The maximum number of reusable - // delegation sets that you can create using the current account. - // - // * MAX_TRAFFIC_POLICIES_BY_OWNER: The maximum number of traffic policies - // that you can create using the current account. - // - // * MAX_TRAFFIC_POLICY_INSTANCES_BY_OWNER: The maximum number of traffic - // policy instances that you can create using the current account. (Traffic - // policy instances are referred to as traffic flow policy records in the - // Amazon Route 53 console.) - // - // Type is a required field - Type *string `location:"uri" locationName:"Type" type:"string" required:"true" enum:"AccountLimitType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetAccountLimitInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetAccountLimitInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetAccountLimitInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetAccountLimitInput"} - if s.Type == nil { - invalidParams.Add(request.NewErrParamRequired("Type")) - } - if s.Type != nil && len(*s.Type) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Type", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetType sets the Type field's value. -func (s *GetAccountLimitInput) SetType(v string) *GetAccountLimitInput { - s.Type = &v - return s -} - -// A complex type that contains the requested limit. -type GetAccountLimitOutput struct { - _ struct{} `type:"structure"` - - // The current number of entities that you have created of the specified type. - // For example, if you specified MAX_HEALTH_CHECKS_BY_OWNER for the value of - // Type in the request, the value of Count is the current number of health checks - // that you have created using the current account. - // - // Count is a required field - Count *int64 `type:"long" required:"true"` - - // The current setting for the specified limit. For example, if you specified - // MAX_HEALTH_CHECKS_BY_OWNER for the value of Type in the request, the value - // of Limit is the maximum number of health checks that you can create using - // the current account. - // - // Limit is a required field - Limit *AccountLimit `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetAccountLimitOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetAccountLimitOutput) GoString() string { - return s.String() -} - -// SetCount sets the Count field's value. -func (s *GetAccountLimitOutput) SetCount(v int64) *GetAccountLimitOutput { - s.Count = &v - return s -} - -// SetLimit sets the Limit field's value. -func (s *GetAccountLimitOutput) SetLimit(v *AccountLimit) *GetAccountLimitOutput { - s.Limit = v - return s -} - -// The input for a GetChange request. -type GetChangeInput struct { - _ struct{} `locationName:"GetChangeRequest" type:"structure"` - - // The ID of the change batch request. The value that you specify here is the - // value that ChangeResourceRecordSets returned in the Id element when you submitted - // the request. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetChangeInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetChangeInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetChangeInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetChangeInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *GetChangeInput) SetId(v string) *GetChangeInput { - s.Id = &v - return s -} - -// A complex type that contains the ChangeInfo element. -type GetChangeOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about the specified change batch. - // - // ChangeInfo is a required field - ChangeInfo *ChangeInfo `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetChangeOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetChangeOutput) GoString() string { - return s.String() -} - -// SetChangeInfo sets the ChangeInfo field's value. -func (s *GetChangeOutput) SetChangeInfo(v *ChangeInfo) *GetChangeOutput { - s.ChangeInfo = v - return s -} - -// Empty request. -type GetCheckerIpRangesInput struct { - _ struct{} `locationName:"GetCheckerIpRangesRequest" type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetCheckerIpRangesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetCheckerIpRangesInput) GoString() string { - return s.String() -} - -// A complex type that contains the CheckerIpRanges element. -type GetCheckerIpRangesOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains sorted list of IP ranges in CIDR format for - // Amazon Route 53 health checkers. - // - // CheckerIpRanges is a required field - CheckerIpRanges []*string `type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetCheckerIpRangesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetCheckerIpRangesOutput) GoString() string { - return s.String() -} - -// SetCheckerIpRanges sets the CheckerIpRanges field's value. -func (s *GetCheckerIpRangesOutput) SetCheckerIpRanges(v []*string) *GetCheckerIpRangesOutput { - s.CheckerIpRanges = v - return s -} - -type GetDNSSECInput struct { - _ struct{} `locationName:"GetDNSSECRequest" type:"structure"` - - // A unique string used to identify a hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetDNSSECInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetDNSSECInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetDNSSECInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetDNSSECInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *GetDNSSECInput) SetHostedZoneId(v string) *GetDNSSECInput { - s.HostedZoneId = &v - return s -} - -type GetDNSSECOutput struct { - _ struct{} `type:"structure"` - - // The key-signing keys (KSKs) in your account. - // - // KeySigningKeys is a required field - KeySigningKeys []*KeySigningKey `type:"list" required:"true"` - - // A string representing the status of DNSSEC. - // - // Status is a required field - Status *DNSSECStatus `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetDNSSECOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetDNSSECOutput) GoString() string { - return s.String() -} - -// SetKeySigningKeys sets the KeySigningKeys field's value. -func (s *GetDNSSECOutput) SetKeySigningKeys(v []*KeySigningKey) *GetDNSSECOutput { - s.KeySigningKeys = v - return s -} - -// SetStatus sets the Status field's value. -func (s *GetDNSSECOutput) SetStatus(v *DNSSECStatus) *GetDNSSECOutput { - s.Status = v - return s -} - -// A request for information about whether a specified geographic location is -// supported for Amazon Route 53 geolocation resource record sets. -type GetGeoLocationInput struct { - _ struct{} `locationName:"GetGeoLocationRequest" type:"structure"` - - // For geolocation resource record sets, a two-letter abbreviation that identifies - // a continent. Amazon Route 53 supports the following continent codes: - // - // * AF: Africa - // - // * AN: Antarctica - // - // * AS: Asia - // - // * EU: Europe - // - // * OC: Oceania - // - // * NA: North America - // - // * SA: South America - ContinentCode *string `location:"querystring" locationName:"continentcode" min:"2" type:"string"` - - // Amazon Route 53 uses the two-letter country codes that are specified in ISO - // standard 3166-1 alpha-2 (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2). - // - // Route 53 also supports the country code UA for Ukraine. - CountryCode *string `location:"querystring" locationName:"countrycode" min:"1" type:"string"` - - // The code for the subdivision, such as a particular state within the United - // States. For a list of US state abbreviations, see Appendix B: Two–Letter - // State and Possession Abbreviations (https://pe.usps.com/text/pub28/28apb.htm) - // on the United States Postal Service website. For a list of all supported - // subdivision codes, use the ListGeoLocations (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListGeoLocations.html) - // API. - SubdivisionCode *string `location:"querystring" locationName:"subdivisioncode" min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetGeoLocationInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetGeoLocationInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetGeoLocationInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetGeoLocationInput"} - if s.ContinentCode != nil && len(*s.ContinentCode) < 2 { - invalidParams.Add(request.NewErrParamMinLen("ContinentCode", 2)) - } - if s.CountryCode != nil && len(*s.CountryCode) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CountryCode", 1)) - } - if s.SubdivisionCode != nil && len(*s.SubdivisionCode) < 1 { - invalidParams.Add(request.NewErrParamMinLen("SubdivisionCode", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetContinentCode sets the ContinentCode field's value. -func (s *GetGeoLocationInput) SetContinentCode(v string) *GetGeoLocationInput { - s.ContinentCode = &v - return s -} - -// SetCountryCode sets the CountryCode field's value. -func (s *GetGeoLocationInput) SetCountryCode(v string) *GetGeoLocationInput { - s.CountryCode = &v - return s -} - -// SetSubdivisionCode sets the SubdivisionCode field's value. -func (s *GetGeoLocationInput) SetSubdivisionCode(v string) *GetGeoLocationInput { - s.SubdivisionCode = &v - return s -} - -// A complex type that contains the response information for the specified geolocation -// code. -type GetGeoLocationOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains the codes and full continent, country, and subdivision - // names for the specified geolocation code. - // - // GeoLocationDetails is a required field - GeoLocationDetails *GeoLocationDetails `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetGeoLocationOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetGeoLocationOutput) GoString() string { - return s.String() -} - -// SetGeoLocationDetails sets the GeoLocationDetails field's value. -func (s *GetGeoLocationOutput) SetGeoLocationDetails(v *GeoLocationDetails) *GetGeoLocationOutput { - s.GeoLocationDetails = v - return s -} - -// A request for the number of health checks that are associated with the current -// Amazon Web Services account. -type GetHealthCheckCountInput struct { - _ struct{} `locationName:"GetHealthCheckCountRequest" type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckCountInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckCountInput) GoString() string { - return s.String() -} - -// A complex type that contains the response to a GetHealthCheckCount request. -type GetHealthCheckCountOutput struct { - _ struct{} `type:"structure"` - - // The number of health checks associated with the current Amazon Web Services - // account. - // - // HealthCheckCount is a required field - HealthCheckCount *int64 `type:"long" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckCountOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckCountOutput) GoString() string { - return s.String() -} - -// SetHealthCheckCount sets the HealthCheckCount field's value. -func (s *GetHealthCheckCountOutput) SetHealthCheckCount(v int64) *GetHealthCheckCountOutput { - s.HealthCheckCount = &v - return s -} - -// A request to get information about a specified health check. -type GetHealthCheckInput struct { - _ struct{} `locationName:"GetHealthCheckRequest" type:"structure"` - - // The identifier that Amazon Route 53 assigned to the health check when you - // created it. When you add or update a resource record set, you use this value - // to specify which health check to use. The value can be up to 64 characters - // long. - // - // HealthCheckId is a required field - HealthCheckId *string `location:"uri" locationName:"HealthCheckId" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetHealthCheckInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetHealthCheckInput"} - if s.HealthCheckId == nil { - invalidParams.Add(request.NewErrParamRequired("HealthCheckId")) - } - if s.HealthCheckId != nil && len(*s.HealthCheckId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HealthCheckId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHealthCheckId sets the HealthCheckId field's value. -func (s *GetHealthCheckInput) SetHealthCheckId(v string) *GetHealthCheckInput { - s.HealthCheckId = &v - return s -} - -// A request for the reason that a health check failed most recently. -type GetHealthCheckLastFailureReasonInput struct { - _ struct{} `locationName:"GetHealthCheckLastFailureReasonRequest" type:"structure"` - - // The ID for the health check for which you want the last failure reason. When - // you created the health check, CreateHealthCheck returned the ID in the response, - // in the HealthCheckId element. - // - // If you want to get the last failure reason for a calculated health check, - // you must use the Amazon Route 53 console or the CloudWatch console. You can't - // use GetHealthCheckLastFailureReason for a calculated health check. - // - // HealthCheckId is a required field - HealthCheckId *string `location:"uri" locationName:"HealthCheckId" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckLastFailureReasonInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckLastFailureReasonInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetHealthCheckLastFailureReasonInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetHealthCheckLastFailureReasonInput"} - if s.HealthCheckId == nil { - invalidParams.Add(request.NewErrParamRequired("HealthCheckId")) - } - if s.HealthCheckId != nil && len(*s.HealthCheckId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HealthCheckId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHealthCheckId sets the HealthCheckId field's value. -func (s *GetHealthCheckLastFailureReasonInput) SetHealthCheckId(v string) *GetHealthCheckLastFailureReasonInput { - s.HealthCheckId = &v - return s -} - -// A complex type that contains the response to a GetHealthCheckLastFailureReason -// request. -type GetHealthCheckLastFailureReasonOutput struct { - _ struct{} `type:"structure"` - - // A list that contains one Observation element for each Amazon Route 53 health - // checker that is reporting a last failure reason. - // - // HealthCheckObservations is a required field - HealthCheckObservations []*HealthCheckObservation `locationNameList:"HealthCheckObservation" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckLastFailureReasonOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckLastFailureReasonOutput) GoString() string { - return s.String() -} - -// SetHealthCheckObservations sets the HealthCheckObservations field's value. -func (s *GetHealthCheckLastFailureReasonOutput) SetHealthCheckObservations(v []*HealthCheckObservation) *GetHealthCheckLastFailureReasonOutput { - s.HealthCheckObservations = v - return s -} - -// A complex type that contains the response to a GetHealthCheck request. -type GetHealthCheckOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about one health check that is associated - // with the current Amazon Web Services account. - // - // HealthCheck is a required field - HealthCheck *HealthCheck `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckOutput) GoString() string { - return s.String() -} - -// SetHealthCheck sets the HealthCheck field's value. -func (s *GetHealthCheckOutput) SetHealthCheck(v *HealthCheck) *GetHealthCheckOutput { - s.HealthCheck = v - return s -} - -// A request to get the status for a health check. -type GetHealthCheckStatusInput struct { - _ struct{} `locationName:"GetHealthCheckStatusRequest" type:"structure"` - - // The ID for the health check that you want the current status for. When you - // created the health check, CreateHealthCheck returned the ID in the response, - // in the HealthCheckId element. - // - // If you want to check the status of a calculated health check, you must use - // the Amazon Route 53 console or the CloudWatch console. You can't use GetHealthCheckStatus - // to get the status of a calculated health check. - // - // HealthCheckId is a required field - HealthCheckId *string `location:"uri" locationName:"HealthCheckId" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckStatusInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckStatusInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetHealthCheckStatusInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetHealthCheckStatusInput"} - if s.HealthCheckId == nil { - invalidParams.Add(request.NewErrParamRequired("HealthCheckId")) - } - if s.HealthCheckId != nil && len(*s.HealthCheckId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HealthCheckId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHealthCheckId sets the HealthCheckId field's value. -func (s *GetHealthCheckStatusInput) SetHealthCheckId(v string) *GetHealthCheckStatusInput { - s.HealthCheckId = &v - return s -} - -// A complex type that contains the response to a GetHealthCheck request. -type GetHealthCheckStatusOutput struct { - _ struct{} `type:"structure"` - - // A list that contains one HealthCheckObservation element for each Amazon Route - // 53 health checker that is reporting a status about the health check endpoint. - // - // HealthCheckObservations is a required field - HealthCheckObservations []*HealthCheckObservation `locationNameList:"HealthCheckObservation" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckStatusOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHealthCheckStatusOutput) GoString() string { - return s.String() -} - -// SetHealthCheckObservations sets the HealthCheckObservations field's value. -func (s *GetHealthCheckStatusOutput) SetHealthCheckObservations(v []*HealthCheckObservation) *GetHealthCheckStatusOutput { - s.HealthCheckObservations = v - return s -} - -// A request to retrieve a count of all the hosted zones that are associated -// with the current Amazon Web Services account. -type GetHostedZoneCountInput struct { - _ struct{} `locationName:"GetHostedZoneCountRequest" type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneCountInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneCountInput) GoString() string { - return s.String() -} - -// A complex type that contains the response to a GetHostedZoneCount request. -type GetHostedZoneCountOutput struct { - _ struct{} `type:"structure"` - - // The total number of public and private hosted zones that are associated with - // the current Amazon Web Services account. - // - // HostedZoneCount is a required field - HostedZoneCount *int64 `type:"long" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneCountOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneCountOutput) GoString() string { - return s.String() -} - -// SetHostedZoneCount sets the HostedZoneCount field's value. -func (s *GetHostedZoneCountOutput) SetHostedZoneCount(v int64) *GetHostedZoneCountOutput { - s.HostedZoneCount = &v - return s -} - -// A request to get information about a specified hosted zone. -type GetHostedZoneInput struct { - _ struct{} `locationName:"GetHostedZoneRequest" type:"structure"` - - // The ID of the hosted zone that you want to get information about. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetHostedZoneInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetHostedZoneInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *GetHostedZoneInput) SetId(v string) *GetHostedZoneInput { - s.Id = &v - return s -} - -// A complex type that contains information about the request to create a hosted -// zone. -type GetHostedZoneLimitInput struct { - _ struct{} `locationName:"GetHostedZoneLimitRequest" type:"structure"` - - // The ID of the hosted zone that you want to get a limit for. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` - - // The limit that you want to get. Valid values include the following: - // - // * MAX_RRSETS_BY_ZONE: The maximum number of records that you can create - // in the specified hosted zone. - // - // * MAX_VPCS_ASSOCIATED_BY_ZONE: The maximum number of Amazon VPCs that - // you can associate with the specified private hosted zone. - // - // Type is a required field - Type *string `location:"uri" locationName:"Type" type:"string" required:"true" enum:"HostedZoneLimitType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneLimitInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneLimitInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetHostedZoneLimitInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetHostedZoneLimitInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.Type == nil { - invalidParams.Add(request.NewErrParamRequired("Type")) - } - if s.Type != nil && len(*s.Type) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Type", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *GetHostedZoneLimitInput) SetHostedZoneId(v string) *GetHostedZoneLimitInput { - s.HostedZoneId = &v - return s -} - -// SetType sets the Type field's value. -func (s *GetHostedZoneLimitInput) SetType(v string) *GetHostedZoneLimitInput { - s.Type = &v - return s -} - -// A complex type that contains the requested limit. -type GetHostedZoneLimitOutput struct { - _ struct{} `type:"structure"` - - // The current number of entities that you have created of the specified type. - // For example, if you specified MAX_RRSETS_BY_ZONE for the value of Type in - // the request, the value of Count is the current number of records that you - // have created in the specified hosted zone. - // - // Count is a required field - Count *int64 `type:"long" required:"true"` - - // The current setting for the specified limit. For example, if you specified - // MAX_RRSETS_BY_ZONE for the value of Type in the request, the value of Limit - // is the maximum number of records that you can create in the specified hosted - // zone. - // - // Limit is a required field - Limit *HostedZoneLimit `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneLimitOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneLimitOutput) GoString() string { - return s.String() -} - -// SetCount sets the Count field's value. -func (s *GetHostedZoneLimitOutput) SetCount(v int64) *GetHostedZoneLimitOutput { - s.Count = &v - return s -} - -// SetLimit sets the Limit field's value. -func (s *GetHostedZoneLimitOutput) SetLimit(v *HostedZoneLimit) *GetHostedZoneLimitOutput { - s.Limit = v - return s -} - -// A complex type that contain the response to a GetHostedZone request. -type GetHostedZoneOutput struct { - _ struct{} `type:"structure"` - - // A complex type that lists the Amazon Route 53 name servers for the specified - // hosted zone. - DelegationSet *DelegationSet `type:"structure"` - - // A complex type that contains general information about the specified hosted - // zone. - // - // HostedZone is a required field - HostedZone *HostedZone `type:"structure" required:"true"` - - // A complex type that contains information about the VPCs that are associated - // with the specified hosted zone. - VPCs []*VPC `locationNameList:"VPC" min:"1" type:"list"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetHostedZoneOutput) GoString() string { - return s.String() -} - -// SetDelegationSet sets the DelegationSet field's value. -func (s *GetHostedZoneOutput) SetDelegationSet(v *DelegationSet) *GetHostedZoneOutput { - s.DelegationSet = v - return s -} - -// SetHostedZone sets the HostedZone field's value. -func (s *GetHostedZoneOutput) SetHostedZone(v *HostedZone) *GetHostedZoneOutput { - s.HostedZone = v - return s -} - -// SetVPCs sets the VPCs field's value. -func (s *GetHostedZoneOutput) SetVPCs(v []*VPC) *GetHostedZoneOutput { - s.VPCs = v - return s -} - -type GetQueryLoggingConfigInput struct { - _ struct{} `locationName:"GetQueryLoggingConfigRequest" type:"structure"` - - // The ID of the configuration for DNS query logging that you want to get information - // about. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetQueryLoggingConfigInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetQueryLoggingConfigInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetQueryLoggingConfigInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetQueryLoggingConfigInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *GetQueryLoggingConfigInput) SetId(v string) *GetQueryLoggingConfigInput { - s.Id = &v - return s -} - -type GetQueryLoggingConfigOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about the query logging configuration - // that you specified in a GetQueryLoggingConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetQueryLoggingConfig.html) - // request. - // - // QueryLoggingConfig is a required field - QueryLoggingConfig *QueryLoggingConfig `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetQueryLoggingConfigOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetQueryLoggingConfigOutput) GoString() string { - return s.String() -} - -// SetQueryLoggingConfig sets the QueryLoggingConfig field's value. -func (s *GetQueryLoggingConfigOutput) SetQueryLoggingConfig(v *QueryLoggingConfig) *GetQueryLoggingConfigOutput { - s.QueryLoggingConfig = v - return s -} - -// A request to get information about a specified reusable delegation set. -type GetReusableDelegationSetInput struct { - _ struct{} `locationName:"GetReusableDelegationSetRequest" type:"structure"` - - // The ID of the reusable delegation set that you want to get a list of name - // servers for. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetReusableDelegationSetInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetReusableDelegationSetInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetReusableDelegationSetInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetReusableDelegationSetInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *GetReusableDelegationSetInput) SetId(v string) *GetReusableDelegationSetInput { - s.Id = &v - return s -} - -// A complex type that contains information about the request to create a hosted -// zone. -type GetReusableDelegationSetLimitInput struct { - _ struct{} `locationName:"GetReusableDelegationSetLimitRequest" type:"structure"` - - // The ID of the delegation set that you want to get the limit for. - // - // DelegationSetId is a required field - DelegationSetId *string `location:"uri" locationName:"Id" type:"string" required:"true"` - - // Specify MAX_ZONES_BY_REUSABLE_DELEGATION_SET to get the maximum number of - // hosted zones that you can associate with the specified reusable delegation - // set. - // - // Type is a required field - Type *string `location:"uri" locationName:"Type" type:"string" required:"true" enum:"ReusableDelegationSetLimitType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetReusableDelegationSetLimitInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetReusableDelegationSetLimitInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetReusableDelegationSetLimitInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetReusableDelegationSetLimitInput"} - if s.DelegationSetId == nil { - invalidParams.Add(request.NewErrParamRequired("DelegationSetId")) - } - if s.DelegationSetId != nil && len(*s.DelegationSetId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("DelegationSetId", 1)) - } - if s.Type == nil { - invalidParams.Add(request.NewErrParamRequired("Type")) - } - if s.Type != nil && len(*s.Type) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Type", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetDelegationSetId sets the DelegationSetId field's value. -func (s *GetReusableDelegationSetLimitInput) SetDelegationSetId(v string) *GetReusableDelegationSetLimitInput { - s.DelegationSetId = &v - return s -} - -// SetType sets the Type field's value. -func (s *GetReusableDelegationSetLimitInput) SetType(v string) *GetReusableDelegationSetLimitInput { - s.Type = &v - return s -} - -// A complex type that contains the requested limit. -type GetReusableDelegationSetLimitOutput struct { - _ struct{} `type:"structure"` - - // The current number of hosted zones that you can associate with the specified - // reusable delegation set. - // - // Count is a required field - Count *int64 `type:"long" required:"true"` - - // The current setting for the limit on hosted zones that you can associate - // with the specified reusable delegation set. - // - // Limit is a required field - Limit *ReusableDelegationSetLimit `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetReusableDelegationSetLimitOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetReusableDelegationSetLimitOutput) GoString() string { - return s.String() -} - -// SetCount sets the Count field's value. -func (s *GetReusableDelegationSetLimitOutput) SetCount(v int64) *GetReusableDelegationSetLimitOutput { - s.Count = &v - return s -} - -// SetLimit sets the Limit field's value. -func (s *GetReusableDelegationSetLimitOutput) SetLimit(v *ReusableDelegationSetLimit) *GetReusableDelegationSetLimitOutput { - s.Limit = v - return s -} - -// A complex type that contains the response to the GetReusableDelegationSet -// request. -type GetReusableDelegationSetOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about the reusable delegation set. - // - // DelegationSet is a required field - DelegationSet *DelegationSet `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetReusableDelegationSetOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetReusableDelegationSetOutput) GoString() string { - return s.String() -} - -// SetDelegationSet sets the DelegationSet field's value. -func (s *GetReusableDelegationSetOutput) SetDelegationSet(v *DelegationSet) *GetReusableDelegationSetOutput { - s.DelegationSet = v - return s -} - -// Gets information about a specific traffic policy version. -type GetTrafficPolicyInput struct { - _ struct{} `locationName:"GetTrafficPolicyRequest" type:"structure"` - - // The ID of the traffic policy that you want to get information about. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` - - // The version number of the traffic policy that you want to get information - // about. - // - // Version is a required field - Version *int64 `location:"uri" locationName:"Version" min:"1" type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetTrafficPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetTrafficPolicyInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - if s.Version == nil { - invalidParams.Add(request.NewErrParamRequired("Version")) - } - if s.Version != nil && *s.Version < 1 { - invalidParams.Add(request.NewErrParamMinValue("Version", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *GetTrafficPolicyInput) SetId(v string) *GetTrafficPolicyInput { - s.Id = &v - return s -} - -// SetVersion sets the Version field's value. -func (s *GetTrafficPolicyInput) SetVersion(v int64) *GetTrafficPolicyInput { - s.Version = &v - return s -} - -// Request to get the number of traffic policy instances that are associated -// with the current Amazon Web Services account. -type GetTrafficPolicyInstanceCountInput struct { - _ struct{} `locationName:"GetTrafficPolicyInstanceCountRequest" type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInstanceCountInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInstanceCountInput) GoString() string { - return s.String() -} - -// A complex type that contains information about the resource record sets that -// Amazon Route 53 created based on a specified traffic policy. -type GetTrafficPolicyInstanceCountOutput struct { - _ struct{} `type:"structure"` - - // The number of traffic policy instances that are associated with the current - // Amazon Web Services account. - // - // TrafficPolicyInstanceCount is a required field - TrafficPolicyInstanceCount *int64 `type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInstanceCountOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInstanceCountOutput) GoString() string { - return s.String() -} - -// SetTrafficPolicyInstanceCount sets the TrafficPolicyInstanceCount field's value. -func (s *GetTrafficPolicyInstanceCountOutput) SetTrafficPolicyInstanceCount(v int64) *GetTrafficPolicyInstanceCountOutput { - s.TrafficPolicyInstanceCount = &v - return s -} - -// Gets information about a specified traffic policy instance. -type GetTrafficPolicyInstanceInput struct { - _ struct{} `locationName:"GetTrafficPolicyInstanceRequest" type:"structure"` - - // The ID of the traffic policy instance that you want to get information about. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInstanceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInstanceInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetTrafficPolicyInstanceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetTrafficPolicyInstanceInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *GetTrafficPolicyInstanceInput) SetId(v string) *GetTrafficPolicyInstanceInput { - s.Id = &v - return s -} - -// A complex type that contains information about the resource record sets that -// Amazon Route 53 created based on a specified traffic policy. -type GetTrafficPolicyInstanceOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains settings for the traffic policy instance. - // - // TrafficPolicyInstance is a required field - TrafficPolicyInstance *TrafficPolicyInstance `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInstanceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyInstanceOutput) GoString() string { - return s.String() -} - -// SetTrafficPolicyInstance sets the TrafficPolicyInstance field's value. -func (s *GetTrafficPolicyInstanceOutput) SetTrafficPolicyInstance(v *TrafficPolicyInstance) *GetTrafficPolicyInstanceOutput { - s.TrafficPolicyInstance = v - return s -} - -// A complex type that contains the response information for the request. -type GetTrafficPolicyOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains settings for the specified traffic policy. - // - // TrafficPolicy is a required field - TrafficPolicy *TrafficPolicy `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetTrafficPolicyOutput) GoString() string { - return s.String() -} - -// SetTrafficPolicy sets the TrafficPolicy field's value. -func (s *GetTrafficPolicyOutput) SetTrafficPolicy(v *TrafficPolicy) *GetTrafficPolicyOutput { - s.TrafficPolicy = v - return s -} - -// A complex type that contains information about one health check that is associated -// with the current Amazon Web Services account. -type HealthCheck struct { - _ struct{} `type:"structure"` - - // A unique string that you specified when you created the health check. - // - // CallerReference is a required field - CallerReference *string `min:"1" type:"string" required:"true"` - - // A complex type that contains information about the CloudWatch alarm that - // Amazon Route 53 is monitoring for this health check. - CloudWatchAlarmConfiguration *CloudWatchAlarmConfiguration `type:"structure"` - - // A complex type that contains detailed information about one health check. - // - // HealthCheckConfig is a required field - HealthCheckConfig *HealthCheckConfig `type:"structure" required:"true"` - - // The version of the health check. You can optionally pass this value in a - // call to UpdateHealthCheck to prevent overwriting another change to the health - // check. - // - // HealthCheckVersion is a required field - HealthCheckVersion *int64 `min:"1" type:"long" required:"true"` - - // The identifier that Amazon Route 53 assigned to the health check when you - // created it. When you add or update a resource record set, you use this value - // to specify which health check to use. The value can be up to 64 characters - // long. - // - // Id is a required field - Id *string `type:"string" required:"true"` - - // If the health check was created by another service, the service that created - // the health check. When a health check is created by another service, you - // can't edit or delete it using Amazon Route 53. - LinkedService *LinkedService `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HealthCheck) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HealthCheck) GoString() string { - return s.String() -} - -// SetCallerReference sets the CallerReference field's value. -func (s *HealthCheck) SetCallerReference(v string) *HealthCheck { - s.CallerReference = &v - return s -} - -// SetCloudWatchAlarmConfiguration sets the CloudWatchAlarmConfiguration field's value. -func (s *HealthCheck) SetCloudWatchAlarmConfiguration(v *CloudWatchAlarmConfiguration) *HealthCheck { - s.CloudWatchAlarmConfiguration = v - return s -} - -// SetHealthCheckConfig sets the HealthCheckConfig field's value. -func (s *HealthCheck) SetHealthCheckConfig(v *HealthCheckConfig) *HealthCheck { - s.HealthCheckConfig = v - return s -} - -// SetHealthCheckVersion sets the HealthCheckVersion field's value. -func (s *HealthCheck) SetHealthCheckVersion(v int64) *HealthCheck { - s.HealthCheckVersion = &v - return s -} - -// SetId sets the Id field's value. -func (s *HealthCheck) SetId(v string) *HealthCheck { - s.Id = &v - return s -} - -// SetLinkedService sets the LinkedService field's value. -func (s *HealthCheck) SetLinkedService(v *LinkedService) *HealthCheck { - s.LinkedService = v - return s -} - -// A complex type that contains information about the health check. -type HealthCheckConfig struct { - _ struct{} `type:"structure"` - - // A complex type that identifies the CloudWatch alarm that you want Amazon - // Route 53 health checkers to use to determine whether the specified health - // check is healthy. - AlarmIdentifier *AlarmIdentifier `type:"structure"` - - // (CALCULATED Health Checks Only) A complex type that contains one ChildHealthCheck - // element for each health check that you want to associate with a CALCULATED - // health check. - ChildHealthChecks []*string `locationNameList:"ChildHealthCheck" type:"list"` - - // Stops Route 53 from performing health checks. When you disable a health check, - // here's what happens: - // - // * Health checks that check the health of endpoints: Route 53 stops submitting - // requests to your application, server, or other resource. - // - // * Calculated health checks: Route 53 stops aggregating the status of the - // referenced health checks. - // - // * Health checks that monitor CloudWatch alarms: Route 53 stops monitoring - // the corresponding CloudWatch metrics. - // - // After you disable a health check, Route 53 considers the status of the health - // check to always be healthy. If you configured DNS failover, Route 53 continues - // to route traffic to the corresponding resources. If you want to stop routing - // traffic to a resource, change the value of Inverted (https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-Inverted). - // - // Charges for a health check still apply when the health check is disabled. - // For more information, see Amazon Route 53 Pricing (http://aws.amazon.com/route53/pricing/). - Disabled *bool `type:"boolean"` - - // Specify whether you want Amazon Route 53 to send the value of FullyQualifiedDomainName - // to the endpoint in the client_hello message during TLS negotiation. This - // allows the endpoint to respond to HTTPS health check requests with the applicable - // SSL/TLS certificate. - // - // Some endpoints require that HTTPS requests include the host name in the client_hello - // message. If you don't enable SNI, the status of the health check will be - // SSL alert handshake_failure. A health check can also have that status for - // other reasons. If SNI is enabled and you're still getting the error, check - // the SSL/TLS configuration on your endpoint and confirm that your certificate - // is valid. - // - // The SSL/TLS certificate on your endpoint includes a domain name in the Common - // Name field and possibly several more in the Subject Alternative Names field. - // One of the domain names in the certificate should match the value that you - // specify for FullyQualifiedDomainName. If the endpoint responds to the client_hello - // message with a certificate that does not include the domain name that you - // specified in FullyQualifiedDomainName, a health checker will retry the handshake. - // In the second attempt, the health checker will omit FullyQualifiedDomainName - // from the client_hello message. - EnableSNI *bool `type:"boolean"` - - // The number of consecutive health checks that an endpoint must pass or fail - // for Amazon Route 53 to change the current status of the endpoint from unhealthy - // to healthy or vice versa. For more information, see How Amazon Route 53 Determines - // Whether an Endpoint Is Healthy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) - // in the Amazon Route 53 Developer Guide. - // - // If you don't specify a value for FailureThreshold, the default value is three - // health checks. - FailureThreshold *int64 `min:"1" type:"integer"` - - // Amazon Route 53 behavior depends on whether you specify a value for IPAddress. - // - // If you specify a value for IPAddress: - // - // Amazon Route 53 sends health check requests to the specified IPv4 or IPv6 - // address and passes the value of FullyQualifiedDomainName in the Host header - // for all health checks except TCP health checks. This is typically the fully - // qualified DNS name of the endpoint on which you want Route 53 to perform - // health checks. - // - // When Route 53 checks the health of an endpoint, here is how it constructs - // the Host header: - // - // * If you specify a value of 80 for Port and HTTP or HTTP_STR_MATCH for - // Type, Route 53 passes the value of FullyQualifiedDomainName to the endpoint - // in the Host header. - // - // * If you specify a value of 443 for Port and HTTPS or HTTPS_STR_MATCH - // for Type, Route 53 passes the value of FullyQualifiedDomainName to the - // endpoint in the Host header. - // - // * If you specify another value for Port and any value except TCP for Type, - // Route 53 passes FullyQualifiedDomainName:Port to the endpoint in the Host - // header. - // - // If you don't specify a value for FullyQualifiedDomainName, Route 53 substitutes - // the value of IPAddress in the Host header in each of the preceding cases. - // - // If you don't specify a value for IPAddress: - // - // Route 53 sends a DNS request to the domain that you specify for FullyQualifiedDomainName - // at the interval that you specify for RequestInterval. Using an IPv4 address - // that DNS returns, Route 53 then checks the health of the endpoint. - // - // If you don't specify a value for IPAddress, Route 53 uses only IPv4 to send - // health checks to the endpoint. If there's no resource record set with a type - // of A for the name that you specify for FullyQualifiedDomainName, the health - // check fails with a "DNS resolution failed" error. - // - // If you want to check the health of weighted, latency, or failover resource - // record sets and you choose to specify the endpoint only by FullyQualifiedDomainName, - // we recommend that you create a separate health check for each endpoint. For - // example, create a health check for each HTTP server that is serving content - // for www.example.com. For the value of FullyQualifiedDomainName, specify the - // domain name of the server (such as us-east-2-www.example.com), not the name - // of the resource record sets (www.example.com). - // - // In this configuration, if you create a health check for which the value of - // FullyQualifiedDomainName matches the name of the resource record sets and - // you then associate the health check with those resource record sets, health - // check results will be unpredictable. - // - // In addition, if the value that you specify for Type is HTTP, HTTPS, HTTP_STR_MATCH, - // or HTTPS_STR_MATCH, Route 53 passes the value of FullyQualifiedDomainName - // in the Host header, as it does when you specify a value for IPAddress. If - // the value of Type is TCP, Route 53 doesn't pass a Host header. - FullyQualifiedDomainName *string `type:"string"` - - // The number of child health checks that are associated with a CALCULATED health - // check that Amazon Route 53 must consider healthy for the CALCULATED health - // check to be considered healthy. To specify the child health checks that you - // want to associate with a CALCULATED health check, use the ChildHealthChecks - // (https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) - // element. - // - // Note the following: - // - // * If you specify a number greater than the number of child health checks, - // Route 53 always considers this health check to be unhealthy. - // - // * If you specify 0, Route 53 always considers this health check to be - // healthy. - HealthThreshold *int64 `type:"integer"` - - // The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 - // to perform health checks on. If you don't specify a value for IPAddress, - // Route 53 sends a DNS request to resolve the domain name that you specify - // in FullyQualifiedDomainName at the interval that you specify in RequestInterval. - // Using an IP address returned by DNS, Route 53 then checks the health of the - // endpoint. - // - // Use one of the following formats for the value of IPAddress: - // - // * IPv4 address: four values between 0 and 255, separated by periods (.), - // for example, 192.0.2.44. - // - // * IPv6 address: eight groups of four hexadecimal values, separated by - // colons (:), for example, 2001:0db8:85a3:0000:0000:abcd:0001:2345. You - // can also shorten IPv6 addresses as described in RFC 5952, for example, - // 2001:db8:85a3::abcd:1:2345. - // - // If the endpoint is an EC2 instance, we recommend that you create an Elastic - // IP address, associate it with your EC2 instance, and specify the Elastic - // IP address for IPAddress. This ensures that the IP address of your instance - // will never change. - // - // For more information, see FullyQualifiedDomainName (https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName). - // - // Constraints: Route 53 can't check the health of endpoints for which the IP - // address is in local, private, non-routable, or multicast ranges. For more - // information about IP addresses for which you can't create health checks, - // see the following documents: - // - // * RFC 5735, Special Use IPv4 Addresses (https://tools.ietf.org/html/rfc5735) - // - // * RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space (https://tools.ietf.org/html/rfc6598) - // - // * RFC 5156, Special-Use IPv6 Addresses (https://tools.ietf.org/html/rfc5156) - // - // When the value of Type is CALCULATED or CLOUDWATCH_METRIC, omit IPAddress. - IPAddress *string `type:"string"` - - // When CloudWatch has insufficient data about the metric to determine the alarm - // state, the status that you want Amazon Route 53 to assign to the health check: - // - // * Healthy: Route 53 considers the health check to be healthy. - // - // * Unhealthy: Route 53 considers the health check to be unhealthy. - // - // * LastKnownStatus: Route 53 uses the status of the health check from the - // last time that CloudWatch had sufficient data to determine the alarm state. - // For new health checks that have no last known status, the default status - // for the health check is healthy. - InsufficientDataHealthStatus *string `type:"string" enum:"InsufficientDataHealthStatus"` - - // Specify whether you want Amazon Route 53 to invert the status of a health - // check, for example, to consider a health check unhealthy when it otherwise - // would be considered healthy. - Inverted *bool `type:"boolean"` - - // Specify whether you want Amazon Route 53 to measure the latency between health - // checkers in multiple Amazon Web Services regions and your endpoint, and to - // display CloudWatch latency graphs on the Health Checks page in the Route - // 53 console. - // - // You can't change the value of MeasureLatency after you create a health check. - MeasureLatency *bool `type:"boolean"` - - // The port on the endpoint that you want Amazon Route 53 to perform health - // checks on. - // - // Don't specify a value for Port when you specify a value for Type of CLOUDWATCH_METRIC - // or CALCULATED. - Port *int64 `min:"1" type:"integer"` - - // A complex type that contains one Region element for each region from which - // you want Amazon Route 53 health checkers to check the specified endpoint. - // - // If you don't specify any regions, Route 53 health checkers automatically - // performs checks from all of the regions that are listed under Valid Values. - // - // If you update a health check to remove a region that has been performing - // health checks, Route 53 will briefly continue to perform checks from that - // region to ensure that some health checkers are always checking the endpoint - // (for example, if you replace three regions with four different regions). - Regions []*string `locationNameList:"Region" min:"3" type:"list" enum:"HealthCheckRegion"` - - // The number of seconds between the time that Amazon Route 53 gets a response - // from your endpoint and the time that it sends the next health check request. - // Each Route 53 health checker makes requests at this interval. - // - // You can't change the value of RequestInterval after you create a health check. - // - // If you don't specify a value for RequestInterval, the default value is 30 - // seconds. - RequestInterval *int64 `min:"10" type:"integer"` - - // The path, if any, that you want Amazon Route 53 to request when performing - // health checks. The path can be any value for which your endpoint will return - // an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, - // the file /docs/route53-health-check.html. You can also include query string - // parameters, for example, /welcome.html?language=jp&login=y. - ResourcePath *string `type:"string"` - - // The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller - // routing control. - // - // For more information about Route 53 Application Recovery Controller, see - // Route 53 Application Recovery Controller Developer Guide. (https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html). - RoutingControlArn *string `min:"1" type:"string"` - - // If the value of Type is HTTP_STR_MATCH or HTTPS_STR_MATCH, the string that - // you want Amazon Route 53 to search for in the response body from the specified - // resource. If the string appears in the response body, Route 53 considers - // the resource healthy. - // - // Route 53 considers case when searching for SearchString in the response body. - SearchString *string `type:"string"` - - // The type of health check that you want to create, which indicates how Amazon - // Route 53 determines whether an endpoint is healthy. - // - // You can't change the value of Type after you create a health check. - // - // You can create the following types of health checks: - // - // * HTTP: Route 53 tries to establish a TCP connection. If successful, Route - // 53 submits an HTTP request and waits for an HTTP status code of 200 or - // greater and less than 400. - // - // * HTTPS: Route 53 tries to establish a TCP connection. If successful, - // Route 53 submits an HTTPS request and waits for an HTTP status code of - // 200 or greater and less than 400. If you specify HTTPS for the value of - // Type, the endpoint must support TLS v1.0 or later. - // - // * HTTP_STR_MATCH: Route 53 tries to establish a TCP connection. If successful, - // Route 53 submits an HTTP request and searches the first 5,120 bytes of - // the response body for the string that you specify in SearchString. - // - // * HTTPS_STR_MATCH: Route 53 tries to establish a TCP connection. If successful, - // Route 53 submits an HTTPS request and searches the first 5,120 bytes of - // the response body for the string that you specify in SearchString. - // - // * TCP: Route 53 tries to establish a TCP connection. - // - // * CLOUDWATCH_METRIC: The health check is associated with a CloudWatch - // alarm. If the state of the alarm is OK, the health check is considered - // healthy. If the state is ALARM, the health check is considered unhealthy. - // If CloudWatch doesn't have sufficient data to determine whether the state - // is OK or ALARM, the health check status depends on the setting for InsufficientDataHealthStatus: - // Healthy, Unhealthy, or LastKnownStatus. - // - // * CALCULATED: For health checks that monitor the status of other health - // checks, Route 53 adds up the number of health checks that Route 53 health - // checkers consider to be healthy and compares that number with the value - // of HealthThreshold. - // - // * RECOVERY_CONTROL: The health check is associated with a Route53 Application - // Recovery Controller routing control. If the routing control state is ON, - // the health check is considered healthy. If the state is OFF, the health - // check is considered unhealthy. - // - // For more information, see How Route 53 Determines Whether an Endpoint Is - // Healthy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) - // in the Amazon Route 53 Developer Guide. - // - // Type is a required field - Type *string `type:"string" required:"true" enum:"HealthCheckType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HealthCheckConfig) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HealthCheckConfig) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *HealthCheckConfig) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "HealthCheckConfig"} - if s.FailureThreshold != nil && *s.FailureThreshold < 1 { - invalidParams.Add(request.NewErrParamMinValue("FailureThreshold", 1)) - } - if s.Port != nil && *s.Port < 1 { - invalidParams.Add(request.NewErrParamMinValue("Port", 1)) - } - if s.Regions != nil && len(s.Regions) < 3 { - invalidParams.Add(request.NewErrParamMinLen("Regions", 3)) - } - if s.RequestInterval != nil && *s.RequestInterval < 10 { - invalidParams.Add(request.NewErrParamMinValue("RequestInterval", 10)) - } - if s.RoutingControlArn != nil && len(*s.RoutingControlArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RoutingControlArn", 1)) - } - if s.Type == nil { - invalidParams.Add(request.NewErrParamRequired("Type")) - } - if s.AlarmIdentifier != nil { - if err := s.AlarmIdentifier.Validate(); err != nil { - invalidParams.AddNested("AlarmIdentifier", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAlarmIdentifier sets the AlarmIdentifier field's value. -func (s *HealthCheckConfig) SetAlarmIdentifier(v *AlarmIdentifier) *HealthCheckConfig { - s.AlarmIdentifier = v - return s -} - -// SetChildHealthChecks sets the ChildHealthChecks field's value. -func (s *HealthCheckConfig) SetChildHealthChecks(v []*string) *HealthCheckConfig { - s.ChildHealthChecks = v - return s -} - -// SetDisabled sets the Disabled field's value. -func (s *HealthCheckConfig) SetDisabled(v bool) *HealthCheckConfig { - s.Disabled = &v - return s -} - -// SetEnableSNI sets the EnableSNI field's value. -func (s *HealthCheckConfig) SetEnableSNI(v bool) *HealthCheckConfig { - s.EnableSNI = &v - return s -} - -// SetFailureThreshold sets the FailureThreshold field's value. -func (s *HealthCheckConfig) SetFailureThreshold(v int64) *HealthCheckConfig { - s.FailureThreshold = &v - return s -} - -// SetFullyQualifiedDomainName sets the FullyQualifiedDomainName field's value. -func (s *HealthCheckConfig) SetFullyQualifiedDomainName(v string) *HealthCheckConfig { - s.FullyQualifiedDomainName = &v - return s -} - -// SetHealthThreshold sets the HealthThreshold field's value. -func (s *HealthCheckConfig) SetHealthThreshold(v int64) *HealthCheckConfig { - s.HealthThreshold = &v - return s -} - -// SetIPAddress sets the IPAddress field's value. -func (s *HealthCheckConfig) SetIPAddress(v string) *HealthCheckConfig { - s.IPAddress = &v - return s -} - -// SetInsufficientDataHealthStatus sets the InsufficientDataHealthStatus field's value. -func (s *HealthCheckConfig) SetInsufficientDataHealthStatus(v string) *HealthCheckConfig { - s.InsufficientDataHealthStatus = &v - return s -} - -// SetInverted sets the Inverted field's value. -func (s *HealthCheckConfig) SetInverted(v bool) *HealthCheckConfig { - s.Inverted = &v - return s -} - -// SetMeasureLatency sets the MeasureLatency field's value. -func (s *HealthCheckConfig) SetMeasureLatency(v bool) *HealthCheckConfig { - s.MeasureLatency = &v - return s -} - -// SetPort sets the Port field's value. -func (s *HealthCheckConfig) SetPort(v int64) *HealthCheckConfig { - s.Port = &v - return s -} - -// SetRegions sets the Regions field's value. -func (s *HealthCheckConfig) SetRegions(v []*string) *HealthCheckConfig { - s.Regions = v - return s -} - -// SetRequestInterval sets the RequestInterval field's value. -func (s *HealthCheckConfig) SetRequestInterval(v int64) *HealthCheckConfig { - s.RequestInterval = &v - return s -} - -// SetResourcePath sets the ResourcePath field's value. -func (s *HealthCheckConfig) SetResourcePath(v string) *HealthCheckConfig { - s.ResourcePath = &v - return s -} - -// SetRoutingControlArn sets the RoutingControlArn field's value. -func (s *HealthCheckConfig) SetRoutingControlArn(v string) *HealthCheckConfig { - s.RoutingControlArn = &v - return s -} - -// SetSearchString sets the SearchString field's value. -func (s *HealthCheckConfig) SetSearchString(v string) *HealthCheckConfig { - s.SearchString = &v - return s -} - -// SetType sets the Type field's value. -func (s *HealthCheckConfig) SetType(v string) *HealthCheckConfig { - s.Type = &v - return s -} - -// A complex type that contains the last failure reason as reported by one Amazon -// Route 53 health checker. -type HealthCheckObservation struct { - _ struct{} `type:"structure"` - - // The IP address of the Amazon Route 53 health checker that provided the failure - // reason in StatusReport. - IPAddress *string `type:"string"` - - // The region of the Amazon Route 53 health checker that provided the status - // in StatusReport. - Region *string `min:"1" type:"string" enum:"HealthCheckRegion"` - - // A complex type that contains the last failure reason as reported by one Amazon - // Route 53 health checker and the time of the failed health check. - StatusReport *StatusReport `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HealthCheckObservation) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HealthCheckObservation) GoString() string { - return s.String() -} - -// SetIPAddress sets the IPAddress field's value. -func (s *HealthCheckObservation) SetIPAddress(v string) *HealthCheckObservation { - s.IPAddress = &v - return s -} - -// SetRegion sets the Region field's value. -func (s *HealthCheckObservation) SetRegion(v string) *HealthCheckObservation { - s.Region = &v - return s -} - -// SetStatusReport sets the StatusReport field's value. -func (s *HealthCheckObservation) SetStatusReport(v *StatusReport) *HealthCheckObservation { - s.StatusReport = v - return s -} - -// A complex type that contains general information about the hosted zone. -type HostedZone struct { - _ struct{} `type:"structure"` - - // The value that you specified for CallerReference when you created the hosted - // zone. - // - // CallerReference is a required field - CallerReference *string `min:"1" type:"string" required:"true"` - - // A complex type that includes the Comment and PrivateZone elements. If you - // omitted the HostedZoneConfig and Comment elements from the request, the Config - // and Comment elements don't appear in the response. - Config *HostedZoneConfig `type:"structure"` - - // The ID that Amazon Route 53 assigned to the hosted zone when you created - // it. - // - // Id is a required field - Id *string `type:"string" required:"true"` - - // If the hosted zone was created by another service, the service that created - // the hosted zone. When a hosted zone is created by another service, you can't - // edit or delete it using Route 53. - LinkedService *LinkedService `type:"structure"` - - // The name of the domain. For public hosted zones, this is the name that you - // have registered with your DNS registrar. - // - // For information about how to specify characters other than a-z, 0-9, and - // - (hyphen) and how to specify internationalized domain names, see CreateHostedZone - // (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateHostedZone.html). - // - // Name is a required field - Name *string `type:"string" required:"true"` - - // The number of resource record sets in the hosted zone. - ResourceRecordSetCount *int64 `type:"long"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZone) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZone) GoString() string { - return s.String() -} - -// SetCallerReference sets the CallerReference field's value. -func (s *HostedZone) SetCallerReference(v string) *HostedZone { - s.CallerReference = &v - return s -} - -// SetConfig sets the Config field's value. -func (s *HostedZone) SetConfig(v *HostedZoneConfig) *HostedZone { - s.Config = v - return s -} - -// SetId sets the Id field's value. -func (s *HostedZone) SetId(v string) *HostedZone { - s.Id = &v - return s -} - -// SetLinkedService sets the LinkedService field's value. -func (s *HostedZone) SetLinkedService(v *LinkedService) *HostedZone { - s.LinkedService = v - return s -} - -// SetName sets the Name field's value. -func (s *HostedZone) SetName(v string) *HostedZone { - s.Name = &v - return s -} - -// SetResourceRecordSetCount sets the ResourceRecordSetCount field's value. -func (s *HostedZone) SetResourceRecordSetCount(v int64) *HostedZone { - s.ResourceRecordSetCount = &v - return s -} - -// A complex type that contains an optional comment about your hosted zone. -// If you don't want to specify a comment, omit both the HostedZoneConfig and -// Comment elements. -type HostedZoneConfig struct { - _ struct{} `type:"structure"` - - // Any comments that you want to include about the hosted zone. - Comment *string `type:"string"` - - // A value that indicates whether this is a private hosted zone. - PrivateZone *bool `type:"boolean"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZoneConfig) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZoneConfig) GoString() string { - return s.String() -} - -// SetComment sets the Comment field's value. -func (s *HostedZoneConfig) SetComment(v string) *HostedZoneConfig { - s.Comment = &v - return s -} - -// SetPrivateZone sets the PrivateZone field's value. -func (s *HostedZoneConfig) SetPrivateZone(v bool) *HostedZoneConfig { - s.PrivateZone = &v - return s -} - -// A complex type that contains the type of limit that you specified in the -// request and the current value for that limit. -type HostedZoneLimit struct { - _ struct{} `type:"structure"` - - // The limit that you requested. Valid values include the following: - // - // * MAX_RRSETS_BY_ZONE: The maximum number of records that you can create - // in the specified hosted zone. - // - // * MAX_VPCS_ASSOCIATED_BY_ZONE: The maximum number of Amazon VPCs that - // you can associate with the specified private hosted zone. - // - // Type is a required field - Type *string `type:"string" required:"true" enum:"HostedZoneLimitType"` - - // The current value for the limit that is specified by Type. - // - // Value is a required field - Value *int64 `min:"1" type:"long" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZoneLimit) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZoneLimit) GoString() string { - return s.String() -} - -// SetType sets the Type field's value. -func (s *HostedZoneLimit) SetType(v string) *HostedZoneLimit { - s.Type = &v - return s -} - -// SetValue sets the Value field's value. -func (s *HostedZoneLimit) SetValue(v int64) *HostedZoneLimit { - s.Value = &v - return s -} - -// A complex type that identifies a hosted zone that a specified Amazon VPC -// is associated with and the owner of the hosted zone. If there is a value -// for OwningAccount, there is no value for OwningService, and vice versa. -type HostedZoneOwner struct { - _ struct{} `type:"structure"` - - // If the hosted zone was created by an Amazon Web Services account, or was - // created by an Amazon Web Services service that creates hosted zones using - // the current account, OwningAccount contains the account ID of that account. - // For example, when you use Cloud Map to create a hosted zone, Cloud Map creates - // the hosted zone using the current Amazon Web Services account. - OwningAccount *string `type:"string"` - - // If an Amazon Web Services service uses its own account to create a hosted - // zone and associate the specified VPC with that hosted zone, OwningService - // contains an abbreviation that identifies the service. For example, if Amazon - // Elastic File System (Amazon EFS) created a hosted zone and associated a VPC - // with the hosted zone, the value of OwningService is efs.amazonaws.com. - OwningService *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZoneOwner) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZoneOwner) GoString() string { - return s.String() -} - -// SetOwningAccount sets the OwningAccount field's value. -func (s *HostedZoneOwner) SetOwningAccount(v string) *HostedZoneOwner { - s.OwningAccount = &v - return s -} - -// SetOwningService sets the OwningService field's value. -func (s *HostedZoneOwner) SetOwningService(v string) *HostedZoneOwner { - s.OwningService = &v - return s -} - -// In the response to a ListHostedZonesByVPC request, the HostedZoneSummaries -// element contains one HostedZoneSummary element for each hosted zone that -// the specified Amazon VPC is associated with. Each HostedZoneSummary element -// contains the hosted zone name and ID, and information about who owns the -// hosted zone. -type HostedZoneSummary struct { - _ struct{} `type:"structure"` - - // The Route 53 hosted zone ID of a private hosted zone that the specified VPC - // is associated with. - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` - - // The name of the private hosted zone, such as example.com. - // - // Name is a required field - Name *string `type:"string" required:"true"` - - // The owner of a private hosted zone that the specified VPC is associated with. - // The owner can be either an Amazon Web Services account or an Amazon Web Services - // service. - // - // Owner is a required field - Owner *HostedZoneOwner `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZoneSummary) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s HostedZoneSummary) GoString() string { - return s.String() -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *HostedZoneSummary) SetHostedZoneId(v string) *HostedZoneSummary { - s.HostedZoneId = &v - return s -} - -// SetName sets the Name field's value. -func (s *HostedZoneSummary) SetName(v string) *HostedZoneSummary { - s.Name = &v - return s -} - -// SetOwner sets the Owner field's value. -func (s *HostedZoneSummary) SetOwner(v *HostedZoneOwner) *HostedZoneSummary { - s.Owner = v - return s -} - -// A key-signing key (KSK) is a complex type that represents a public/private -// key pair. The private key is used to generate a digital signature for the -// zone signing key (ZSK). The public key is stored in the DNS and is used to -// authenticate the ZSK. A KSK is always associated with a hosted zone; it cannot -// exist by itself. -type KeySigningKey struct { - _ struct{} `type:"structure"` - - // The date when the key-signing key (KSK) was created. - CreatedDate *time.Time `type:"timestamp"` - - // A string that represents a DNSKEY record. - DNSKEYRecord *string `type:"string"` - - // A string that represents a delegation signer (DS) record. - DSRecord *string `type:"string"` - - // A string used to represent the delegation signer digest algorithm. This value - // must follow the guidelines provided by RFC-8624 Section 3.3 (https://tools.ietf.org/html/rfc8624#section-3.3). - DigestAlgorithmMnemonic *string `type:"string"` - - // An integer used to represent the delegation signer digest algorithm. This - // value must follow the guidelines provided by RFC-8624 Section 3.3 (https://tools.ietf.org/html/rfc8624#section-3.3). - DigestAlgorithmType *int64 `type:"integer"` - - // A cryptographic digest of a DNSKEY resource record (RR). DNSKEY records are - // used to publish the public key that resolvers can use to verify DNSSEC signatures - // that are used to secure certain kinds of information provided by the DNS - // system. - DigestValue *string `type:"string"` - - // An integer that specifies how the key is used. For key-signing key (KSK), - // this value is always 257. - Flag *int64 `type:"integer"` - - // An integer used to identify the DNSSEC record for the domain name. The process - // used to calculate the value is described in RFC-4034 Appendix B (https://tools.ietf.org/rfc/rfc4034.txt). - KeyTag *int64 `type:"integer"` - - // The Amazon resource name (ARN) used to identify the customer managed key - // in Key Management Service (KMS). The KmsArn must be unique for each key-signing - // key (KSK) in a single hosted zone. - // - // You must configure the customer managed key as follows: - // - // Status - // - // Enabled - // - // Key spec - // - // ECC_NIST_P256 - // - // Key usage - // - // Sign and verify - // - // Key policy - // - // The key policy must give permission for the following actions: - // - // * DescribeKey - // - // * GetPublicKey - // - // * Sign - // - // The key policy must also include the Amazon Route 53 service in the principal - // for your account. Specify the following: - // - // * "Service": "dnssec-route53.amazonaws.com" - // - // For more information about working with the customer managed key in KMS, - // see Key Management Service concepts (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html). - KmsArn *string `type:"string"` - - // The last time that the key-signing key (KSK) was changed. - LastModifiedDate *time.Time `type:"timestamp"` - - // A string used to identify a key-signing key (KSK). Name can include numbers, - // letters, and underscores (_). Name must be unique for each key-signing key - // in the same hosted zone. - Name *string `min:"3" type:"string"` - - // The public key, represented as a Base64 encoding, as required by RFC-4034 - // Page 5 (https://tools.ietf.org/rfc/rfc4034.txt). - PublicKey *string `type:"string"` - - // A string used to represent the signing algorithm. This value must follow - // the guidelines provided by RFC-8624 Section 3.1 (https://tools.ietf.org/html/rfc8624#section-3.1). - SigningAlgorithmMnemonic *string `type:"string"` - - // An integer used to represent the signing algorithm. This value must follow - // the guidelines provided by RFC-8624 Section 3.1 (https://tools.ietf.org/html/rfc8624#section-3.1). - SigningAlgorithmType *int64 `type:"integer"` - - // A string that represents the current key-signing key (KSK) status. - // - // Status can have one of the following values: - // - // ACTIVE - // - // The KSK is being used for signing. - // - // INACTIVE - // - // The KSK is not being used for signing. - // - // DELETING - // - // The KSK is in the process of being deleted. - // - // ACTION_NEEDED - // - // There is a problem with the KSK that requires you to take action to resolve. - // For example, the customer managed key might have been deleted, or the permissions - // for the customer managed key might have been changed. - // - // INTERNAL_FAILURE - // - // There was an error during a request. Before you can continue to work with - // DNSSEC signing, including actions that involve this KSK, you must correct - // the problem. For example, you may need to activate or deactivate the KSK. - Status *string `min:"5" type:"string"` - - // The status message provided for the following key-signing key (KSK) statuses: - // ACTION_NEEDED or INTERNAL_FAILURE. The status message includes information - // about what the problem might be and steps that you can take to correct the - // issue. - StatusMessage *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s KeySigningKey) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s KeySigningKey) GoString() string { - return s.String() -} - -// SetCreatedDate sets the CreatedDate field's value. -func (s *KeySigningKey) SetCreatedDate(v time.Time) *KeySigningKey { - s.CreatedDate = &v - return s -} - -// SetDNSKEYRecord sets the DNSKEYRecord field's value. -func (s *KeySigningKey) SetDNSKEYRecord(v string) *KeySigningKey { - s.DNSKEYRecord = &v - return s -} - -// SetDSRecord sets the DSRecord field's value. -func (s *KeySigningKey) SetDSRecord(v string) *KeySigningKey { - s.DSRecord = &v - return s -} - -// SetDigestAlgorithmMnemonic sets the DigestAlgorithmMnemonic field's value. -func (s *KeySigningKey) SetDigestAlgorithmMnemonic(v string) *KeySigningKey { - s.DigestAlgorithmMnemonic = &v - return s -} - -// SetDigestAlgorithmType sets the DigestAlgorithmType field's value. -func (s *KeySigningKey) SetDigestAlgorithmType(v int64) *KeySigningKey { - s.DigestAlgorithmType = &v - return s -} - -// SetDigestValue sets the DigestValue field's value. -func (s *KeySigningKey) SetDigestValue(v string) *KeySigningKey { - s.DigestValue = &v - return s -} - -// SetFlag sets the Flag field's value. -func (s *KeySigningKey) SetFlag(v int64) *KeySigningKey { - s.Flag = &v - return s -} - -// SetKeyTag sets the KeyTag field's value. -func (s *KeySigningKey) SetKeyTag(v int64) *KeySigningKey { - s.KeyTag = &v - return s -} - -// SetKmsArn sets the KmsArn field's value. -func (s *KeySigningKey) SetKmsArn(v string) *KeySigningKey { - s.KmsArn = &v - return s -} - -// SetLastModifiedDate sets the LastModifiedDate field's value. -func (s *KeySigningKey) SetLastModifiedDate(v time.Time) *KeySigningKey { - s.LastModifiedDate = &v - return s -} - -// SetName sets the Name field's value. -func (s *KeySigningKey) SetName(v string) *KeySigningKey { - s.Name = &v - return s -} - -// SetPublicKey sets the PublicKey field's value. -func (s *KeySigningKey) SetPublicKey(v string) *KeySigningKey { - s.PublicKey = &v - return s -} - -// SetSigningAlgorithmMnemonic sets the SigningAlgorithmMnemonic field's value. -func (s *KeySigningKey) SetSigningAlgorithmMnemonic(v string) *KeySigningKey { - s.SigningAlgorithmMnemonic = &v - return s -} - -// SetSigningAlgorithmType sets the SigningAlgorithmType field's value. -func (s *KeySigningKey) SetSigningAlgorithmType(v int64) *KeySigningKey { - s.SigningAlgorithmType = &v - return s -} - -// SetStatus sets the Status field's value. -func (s *KeySigningKey) SetStatus(v string) *KeySigningKey { - s.Status = &v - return s -} - -// SetStatusMessage sets the StatusMessage field's value. -func (s *KeySigningKey) SetStatusMessage(v string) *KeySigningKey { - s.StatusMessage = &v - return s -} - -// If a health check or hosted zone was created by another service, LinkedService -// is a complex type that describes the service that created the resource. When -// a resource is created by another service, you can't edit or delete it using -// Amazon Route 53. -type LinkedService struct { - _ struct{} `type:"structure"` - - // If the health check or hosted zone was created by another service, an optional - // description that can be provided by the other service. When a resource is - // created by another service, you can't edit or delete it using Amazon Route - // 53. - Description *string `type:"string"` - - // If the health check or hosted zone was created by another service, the service - // that created the resource. When a resource is created by another service, - // you can't edit or delete it using Amazon Route 53. - ServicePrincipal *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LinkedService) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LinkedService) GoString() string { - return s.String() -} - -// SetDescription sets the Description field's value. -func (s *LinkedService) SetDescription(v string) *LinkedService { - s.Description = &v - return s -} - -// SetServicePrincipal sets the ServicePrincipal field's value. -func (s *LinkedService) SetServicePrincipal(v string) *LinkedService { - s.ServicePrincipal = &v - return s -} - -type ListCidrBlocksInput struct { - _ struct{} `locationName:"ListCidrBlocksRequest" type:"structure"` - - // The UUID of the CIDR collection. - // - // CollectionId is a required field - CollectionId *string `location:"uri" locationName:"CidrCollectionId" type:"string" required:"true"` - - // The name of the CIDR collection location. - LocationName *string `location:"querystring" locationName:"location" min:"1" type:"string"` - - // Maximum number of results you want returned. - MaxResults *string `location:"querystring" locationName:"maxresults" type:"string"` - - // An opaque pagination token to indicate where the service is to begin enumerating - // results. - NextToken *string `location:"querystring" locationName:"nexttoken" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrBlocksInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrBlocksInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListCidrBlocksInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListCidrBlocksInput"} - if s.CollectionId == nil { - invalidParams.Add(request.NewErrParamRequired("CollectionId")) - } - if s.CollectionId != nil && len(*s.CollectionId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CollectionId", 1)) - } - if s.LocationName != nil && len(*s.LocationName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LocationName", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCollectionId sets the CollectionId field's value. -func (s *ListCidrBlocksInput) SetCollectionId(v string) *ListCidrBlocksInput { - s.CollectionId = &v - return s -} - -// SetLocationName sets the LocationName field's value. -func (s *ListCidrBlocksInput) SetLocationName(v string) *ListCidrBlocksInput { - s.LocationName = &v - return s -} - -// SetMaxResults sets the MaxResults field's value. -func (s *ListCidrBlocksInput) SetMaxResults(v string) *ListCidrBlocksInput { - s.MaxResults = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListCidrBlocksInput) SetNextToken(v string) *ListCidrBlocksInput { - s.NextToken = &v - return s -} - -type ListCidrBlocksOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about the CIDR blocks. - CidrBlocks []*CidrBlockSummary `type:"list"` - - // An opaque pagination token to indicate where the service is to begin enumerating - // results. - // - // If no value is provided, the listing of results starts from the beginning. - NextToken *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrBlocksOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrBlocksOutput) GoString() string { - return s.String() -} - -// SetCidrBlocks sets the CidrBlocks field's value. -func (s *ListCidrBlocksOutput) SetCidrBlocks(v []*CidrBlockSummary) *ListCidrBlocksOutput { - s.CidrBlocks = v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListCidrBlocksOutput) SetNextToken(v string) *ListCidrBlocksOutput { - s.NextToken = &v - return s -} - -type ListCidrCollectionsInput struct { - _ struct{} `locationName:"ListCidrCollectionsRequest" type:"structure"` - - // The maximum number of CIDR collections to return in the response. - MaxResults *string `location:"querystring" locationName:"maxresults" type:"string"` - - // An opaque pagination token to indicate where the service is to begin enumerating - // results. - // - // If no value is provided, the listing of results starts from the beginning. - NextToken *string `location:"querystring" locationName:"nexttoken" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrCollectionsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrCollectionsInput) GoString() string { - return s.String() -} - -// SetMaxResults sets the MaxResults field's value. -func (s *ListCidrCollectionsInput) SetMaxResults(v string) *ListCidrCollectionsInput { - s.MaxResults = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListCidrCollectionsInput) SetNextToken(v string) *ListCidrCollectionsInput { - s.NextToken = &v - return s -} - -type ListCidrCollectionsOutput struct { - _ struct{} `type:"structure"` - - // A complex type with information about the CIDR collection. - CidrCollections []*CollectionSummary `type:"list"` - - // An opaque pagination token to indicate where the service is to begin enumerating - // results. - // - // If no value is provided, the listing of results starts from the beginning. - NextToken *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrCollectionsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrCollectionsOutput) GoString() string { - return s.String() -} - -// SetCidrCollections sets the CidrCollections field's value. -func (s *ListCidrCollectionsOutput) SetCidrCollections(v []*CollectionSummary) *ListCidrCollectionsOutput { - s.CidrCollections = v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListCidrCollectionsOutput) SetNextToken(v string) *ListCidrCollectionsOutput { - s.NextToken = &v - return s -} - -type ListCidrLocationsInput struct { - _ struct{} `locationName:"ListCidrLocationsRequest" type:"structure"` - - // The CIDR collection ID. - // - // CollectionId is a required field - CollectionId *string `location:"uri" locationName:"CidrCollectionId" type:"string" required:"true"` - - // The maximum number of CIDR collection locations to return in the response. - MaxResults *string `location:"querystring" locationName:"maxresults" type:"string"` - - // An opaque pagination token to indicate where the service is to begin enumerating - // results. - // - // If no value is provided, the listing of results starts from the beginning. - NextToken *string `location:"querystring" locationName:"nexttoken" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrLocationsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrLocationsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListCidrLocationsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListCidrLocationsInput"} - if s.CollectionId == nil { - invalidParams.Add(request.NewErrParamRequired("CollectionId")) - } - if s.CollectionId != nil && len(*s.CollectionId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CollectionId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetCollectionId sets the CollectionId field's value. -func (s *ListCidrLocationsInput) SetCollectionId(v string) *ListCidrLocationsInput { - s.CollectionId = &v - return s -} - -// SetMaxResults sets the MaxResults field's value. -func (s *ListCidrLocationsInput) SetMaxResults(v string) *ListCidrLocationsInput { - s.MaxResults = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListCidrLocationsInput) SetNextToken(v string) *ListCidrLocationsInput { - s.NextToken = &v - return s -} - -type ListCidrLocationsOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains information about the list of CIDR locations. - CidrLocations []*LocationSummary `type:"list"` - - // An opaque pagination token to indicate where the service is to begin enumerating - // results. - // - // If no value is provided, the listing of results starts from the beginning. - NextToken *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrLocationsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListCidrLocationsOutput) GoString() string { - return s.String() -} - -// SetCidrLocations sets the CidrLocations field's value. -func (s *ListCidrLocationsOutput) SetCidrLocations(v []*LocationSummary) *ListCidrLocationsOutput { - s.CidrLocations = v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListCidrLocationsOutput) SetNextToken(v string) *ListCidrLocationsOutput { - s.NextToken = &v - return s -} - -// A request to get a list of geographic locations that Amazon Route 53 supports -// for geolocation resource record sets. -type ListGeoLocationsInput struct { - _ struct{} `locationName:"ListGeoLocationsRequest" type:"structure"` - - // (Optional) The maximum number of geolocations to be included in the response - // body for this request. If more than maxitems geolocations remain to be listed, - // then the value of the IsTruncated element in the response is true. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` - - // The code for the continent with which you want to start listing locations - // that Amazon Route 53 supports for geolocation. If Route 53 has already returned - // a page or more of results, if IsTruncated is true, and if NextContinentCode - // from the previous response has a value, enter that value in startcontinentcode - // to return the next page of results. - // - // Include startcontinentcode only if you want to list continents. Don't include - // startcontinentcode when you're listing countries or countries with their - // subdivisions. - StartContinentCode *string `location:"querystring" locationName:"startcontinentcode" min:"2" type:"string"` - - // The code for the country with which you want to start listing locations that - // Amazon Route 53 supports for geolocation. If Route 53 has already returned - // a page or more of results, if IsTruncated is true, and if NextCountryCode - // from the previous response has a value, enter that value in startcountrycode - // to return the next page of results. - StartCountryCode *string `location:"querystring" locationName:"startcountrycode" min:"1" type:"string"` - - // The code for the state of the United States with which you want to start - // listing locations that Amazon Route 53 supports for geolocation. If Route - // 53 has already returned a page or more of results, if IsTruncated is true, - // and if NextSubdivisionCode from the previous response has a value, enter - // that value in startsubdivisioncode to return the next page of results. - // - // To list subdivisions (U.S. states), you must include both startcountrycode - // and startsubdivisioncode. - StartSubdivisionCode *string `location:"querystring" locationName:"startsubdivisioncode" min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListGeoLocationsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListGeoLocationsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListGeoLocationsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListGeoLocationsInput"} - if s.StartContinentCode != nil && len(*s.StartContinentCode) < 2 { - invalidParams.Add(request.NewErrParamMinLen("StartContinentCode", 2)) - } - if s.StartCountryCode != nil && len(*s.StartCountryCode) < 1 { - invalidParams.Add(request.NewErrParamMinLen("StartCountryCode", 1)) - } - if s.StartSubdivisionCode != nil && len(*s.StartSubdivisionCode) < 1 { - invalidParams.Add(request.NewErrParamMinLen("StartSubdivisionCode", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListGeoLocationsInput) SetMaxItems(v string) *ListGeoLocationsInput { - s.MaxItems = &v - return s -} - -// SetStartContinentCode sets the StartContinentCode field's value. -func (s *ListGeoLocationsInput) SetStartContinentCode(v string) *ListGeoLocationsInput { - s.StartContinentCode = &v - return s -} - -// SetStartCountryCode sets the StartCountryCode field's value. -func (s *ListGeoLocationsInput) SetStartCountryCode(v string) *ListGeoLocationsInput { - s.StartCountryCode = &v - return s -} - -// SetStartSubdivisionCode sets the StartSubdivisionCode field's value. -func (s *ListGeoLocationsInput) SetStartSubdivisionCode(v string) *ListGeoLocationsInput { - s.StartSubdivisionCode = &v - return s -} - -// A complex type containing the response information for the request. -type ListGeoLocationsOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains one GeoLocationDetails element for each location - // that Amazon Route 53 supports for geolocation. - // - // GeoLocationDetailsList is a required field - GeoLocationDetailsList []*GeoLocationDetails `locationNameList:"GeoLocationDetails" type:"list" required:"true"` - - // A value that indicates whether more locations remain to be listed after the - // last location in this response. If so, the value of IsTruncated is true. - // To get more values, submit another request and include the values of NextContinentCode, - // NextCountryCode, and NextSubdivisionCode in the startcontinentcode, startcountrycode, - // and startsubdivisioncode, as applicable. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // The value that you specified for MaxItems in the request. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If IsTruncated is true, you can make a follow-up request to display more - // locations. Enter the value of NextContinentCode in the startcontinentcode - // parameter in another ListGeoLocations request. - NextContinentCode *string `min:"2" type:"string"` - - // If IsTruncated is true, you can make a follow-up request to display more - // locations. Enter the value of NextCountryCode in the startcountrycode parameter - // in another ListGeoLocations request. - NextCountryCode *string `min:"1" type:"string"` - - // If IsTruncated is true, you can make a follow-up request to display more - // locations. Enter the value of NextSubdivisionCode in the startsubdivisioncode - // parameter in another ListGeoLocations request. - NextSubdivisionCode *string `min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListGeoLocationsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListGeoLocationsOutput) GoString() string { - return s.String() -} - -// SetGeoLocationDetailsList sets the GeoLocationDetailsList field's value. -func (s *ListGeoLocationsOutput) SetGeoLocationDetailsList(v []*GeoLocationDetails) *ListGeoLocationsOutput { - s.GeoLocationDetailsList = v - return s -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListGeoLocationsOutput) SetIsTruncated(v bool) *ListGeoLocationsOutput { - s.IsTruncated = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListGeoLocationsOutput) SetMaxItems(v string) *ListGeoLocationsOutput { - s.MaxItems = &v - return s -} - -// SetNextContinentCode sets the NextContinentCode field's value. -func (s *ListGeoLocationsOutput) SetNextContinentCode(v string) *ListGeoLocationsOutput { - s.NextContinentCode = &v - return s -} - -// SetNextCountryCode sets the NextCountryCode field's value. -func (s *ListGeoLocationsOutput) SetNextCountryCode(v string) *ListGeoLocationsOutput { - s.NextCountryCode = &v - return s -} - -// SetNextSubdivisionCode sets the NextSubdivisionCode field's value. -func (s *ListGeoLocationsOutput) SetNextSubdivisionCode(v string) *ListGeoLocationsOutput { - s.NextSubdivisionCode = &v - return s -} - -// A request to retrieve a list of the health checks that are associated with -// the current Amazon Web Services account. -type ListHealthChecksInput struct { - _ struct{} `locationName:"ListHealthChecksRequest" type:"structure"` - - // If the value of IsTruncated in the previous response was true, you have more - // health checks. To get another group, submit another ListHealthChecks request. - // - // For the value of marker, specify the value of NextMarker from the previous - // response, which is the ID of the first health check that Amazon Route 53 - // will return if you submit another request. - // - // If the value of IsTruncated in the previous response was false, there are - // no more health checks to get. - Marker *string `location:"querystring" locationName:"marker" type:"string"` - - // The maximum number of health checks that you want ListHealthChecks to return - // in response to the current request. Amazon Route 53 returns a maximum of - // 1000 items. If you set MaxItems to a value greater than 1000, Route 53 returns - // only the first 1000 health checks. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHealthChecksInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHealthChecksInput) GoString() string { - return s.String() -} - -// SetMarker sets the Marker field's value. -func (s *ListHealthChecksInput) SetMarker(v string) *ListHealthChecksInput { - s.Marker = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListHealthChecksInput) SetMaxItems(v string) *ListHealthChecksInput { - s.MaxItems = &v - return s -} - -// A complex type that contains the response to a ListHealthChecks request. -type ListHealthChecksOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains one HealthCheck element for each health check - // that is associated with the current Amazon Web Services account. - // - // HealthChecks is a required field - HealthChecks []*HealthCheck `locationNameList:"HealthCheck" type:"list" required:"true"` - - // A flag that indicates whether there are more health checks to be listed. - // If the response was truncated, you can get the next group of health checks - // by submitting another ListHealthChecks request and specifying the value of - // NextMarker in the marker parameter. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // For the second and subsequent calls to ListHealthChecks, Marker is the value - // that you specified for the marker parameter in the previous request. - // - // Marker is a required field - Marker *string `type:"string" required:"true"` - - // The value that you specified for the maxitems parameter in the call to ListHealthChecks - // that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If IsTruncated is true, the value of NextMarker identifies the first health - // check that Amazon Route 53 returns if you submit another ListHealthChecks - // request and specify the value of NextMarker in the marker parameter. - NextMarker *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHealthChecksOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHealthChecksOutput) GoString() string { - return s.String() -} - -// SetHealthChecks sets the HealthChecks field's value. -func (s *ListHealthChecksOutput) SetHealthChecks(v []*HealthCheck) *ListHealthChecksOutput { - s.HealthChecks = v - return s -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListHealthChecksOutput) SetIsTruncated(v bool) *ListHealthChecksOutput { - s.IsTruncated = &v - return s -} - -// SetMarker sets the Marker field's value. -func (s *ListHealthChecksOutput) SetMarker(v string) *ListHealthChecksOutput { - s.Marker = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListHealthChecksOutput) SetMaxItems(v string) *ListHealthChecksOutput { - s.MaxItems = &v - return s -} - -// SetNextMarker sets the NextMarker field's value. -func (s *ListHealthChecksOutput) SetNextMarker(v string) *ListHealthChecksOutput { - s.NextMarker = &v - return s -} - -// Retrieves a list of the public and private hosted zones that are associated -// with the current Amazon Web Services account in ASCII order by domain name. -type ListHostedZonesByNameInput struct { - _ struct{} `locationName:"ListHostedZonesByNameRequest" type:"structure"` - - // (Optional) For your first request to ListHostedZonesByName, include the dnsname - // parameter only if you want to specify the name of the first hosted zone in - // the response. If you don't include the dnsname parameter, Amazon Route 53 - // returns all of the hosted zones that were created by the current Amazon Web - // Services account, in ASCII order. For subsequent requests, include both dnsname - // and hostedzoneid parameters. For dnsname, specify the value of NextDNSName - // from the previous response. - DNSName *string `location:"querystring" locationName:"dnsname" type:"string"` - - // (Optional) For your first request to ListHostedZonesByName, do not include - // the hostedzoneid parameter. - // - // If you have more hosted zones than the value of maxitems, ListHostedZonesByName - // returns only the first maxitems hosted zones. To get the next group of maxitems - // hosted zones, submit another request to ListHostedZonesByName and include - // both dnsname and hostedzoneid parameters. For the value of hostedzoneid, - // specify the value of the NextHostedZoneId element from the previous response. - HostedZoneId *string `location:"querystring" locationName:"hostedzoneid" type:"string"` - - // The maximum number of hosted zones to be included in the response body for - // this request. If you have more than maxitems hosted zones, then the value - // of the IsTruncated element in the response is true, and the values of NextDNSName - // and NextHostedZoneId specify the first hosted zone in the next group of maxitems - // hosted zones. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesByNameInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesByNameInput) GoString() string { - return s.String() -} - -// SetDNSName sets the DNSName field's value. -func (s *ListHostedZonesByNameInput) SetDNSName(v string) *ListHostedZonesByNameInput { - s.DNSName = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ListHostedZonesByNameInput) SetHostedZoneId(v string) *ListHostedZonesByNameInput { - s.HostedZoneId = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListHostedZonesByNameInput) SetMaxItems(v string) *ListHostedZonesByNameInput { - s.MaxItems = &v - return s -} - -// A complex type that contains the response information for the request. -type ListHostedZonesByNameOutput struct { - _ struct{} `type:"structure"` - - // For the second and subsequent calls to ListHostedZonesByName, DNSName is - // the value that you specified for the dnsname parameter in the request that - // produced the current response. - DNSName *string `type:"string"` - - // The ID that Amazon Route 53 assigned to the hosted zone when you created - // it. - HostedZoneId *string `type:"string"` - - // A complex type that contains general information about the hosted zone. - // - // HostedZones is a required field - HostedZones []*HostedZone `locationNameList:"HostedZone" type:"list" required:"true"` - - // A flag that indicates whether there are more hosted zones to be listed. If - // the response was truncated, you can get the next group of maxitems hosted - // zones by calling ListHostedZonesByName again and specifying the values of - // NextDNSName and NextHostedZoneId elements in the dnsname and hostedzoneid - // parameters. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // The value that you specified for the maxitems parameter in the call to ListHostedZonesByName - // that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If IsTruncated is true, the value of NextDNSName is the name of the first - // hosted zone in the next group of maxitems hosted zones. Call ListHostedZonesByName - // again and specify the value of NextDNSName and NextHostedZoneId in the dnsname - // and hostedzoneid parameters, respectively. - // - // This element is present only if IsTruncated is true. - NextDNSName *string `type:"string"` - - // If IsTruncated is true, the value of NextHostedZoneId identifies the first - // hosted zone in the next group of maxitems hosted zones. Call ListHostedZonesByName - // again and specify the value of NextDNSName and NextHostedZoneId in the dnsname - // and hostedzoneid parameters, respectively. - // - // This element is present only if IsTruncated is true. - NextHostedZoneId *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesByNameOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesByNameOutput) GoString() string { - return s.String() -} - -// SetDNSName sets the DNSName field's value. -func (s *ListHostedZonesByNameOutput) SetDNSName(v string) *ListHostedZonesByNameOutput { - s.DNSName = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ListHostedZonesByNameOutput) SetHostedZoneId(v string) *ListHostedZonesByNameOutput { - s.HostedZoneId = &v - return s -} - -// SetHostedZones sets the HostedZones field's value. -func (s *ListHostedZonesByNameOutput) SetHostedZones(v []*HostedZone) *ListHostedZonesByNameOutput { - s.HostedZones = v - return s -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListHostedZonesByNameOutput) SetIsTruncated(v bool) *ListHostedZonesByNameOutput { - s.IsTruncated = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListHostedZonesByNameOutput) SetMaxItems(v string) *ListHostedZonesByNameOutput { - s.MaxItems = &v - return s -} - -// SetNextDNSName sets the NextDNSName field's value. -func (s *ListHostedZonesByNameOutput) SetNextDNSName(v string) *ListHostedZonesByNameOutput { - s.NextDNSName = &v - return s -} - -// SetNextHostedZoneId sets the NextHostedZoneId field's value. -func (s *ListHostedZonesByNameOutput) SetNextHostedZoneId(v string) *ListHostedZonesByNameOutput { - s.NextHostedZoneId = &v - return s -} - -// Lists all the private hosted zones that a specified VPC is associated with, -// regardless of which Amazon Web Services account created the hosted zones. -type ListHostedZonesByVPCInput struct { - _ struct{} `locationName:"ListHostedZonesByVPCRequest" type:"structure"` - - // (Optional) The maximum number of hosted zones that you want Amazon Route - // 53 to return. If the specified VPC is associated with more than MaxItems - // hosted zones, the response includes a NextToken element. NextToken contains - // an encrypted token that identifies the first hosted zone that Route 53 will - // return if you submit another request. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` - - // If the previous response included a NextToken element, the specified VPC - // is associated with more hosted zones. To get more hosted zones, submit another - // ListHostedZonesByVPC request. - // - // For the value of NextToken, specify the value of NextToken from the previous - // response. - // - // If the previous response didn't include a NextToken element, there are no - // more hosted zones to get. - NextToken *string `location:"querystring" locationName:"nexttoken" type:"string"` - - // The ID of the Amazon VPC that you want to list hosted zones for. - // - // VPCId is a required field - VPCId *string `location:"querystring" locationName:"vpcid" type:"string" required:"true"` - - // For the Amazon VPC that you specified for VPCId, the Amazon Web Services - // Region that you created the VPC in. - // - // VPCRegion is a required field - VPCRegion *string `location:"querystring" locationName:"vpcregion" min:"1" type:"string" required:"true" enum:"VPCRegion"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesByVPCInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesByVPCInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListHostedZonesByVPCInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListHostedZonesByVPCInput"} - if s.VPCId == nil { - invalidParams.Add(request.NewErrParamRequired("VPCId")) - } - if s.VPCRegion == nil { - invalidParams.Add(request.NewErrParamRequired("VPCRegion")) - } - if s.VPCRegion != nil && len(*s.VPCRegion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("VPCRegion", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListHostedZonesByVPCInput) SetMaxItems(v string) *ListHostedZonesByVPCInput { - s.MaxItems = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListHostedZonesByVPCInput) SetNextToken(v string) *ListHostedZonesByVPCInput { - s.NextToken = &v - return s -} - -// SetVPCId sets the VPCId field's value. -func (s *ListHostedZonesByVPCInput) SetVPCId(v string) *ListHostedZonesByVPCInput { - s.VPCId = &v - return s -} - -// SetVPCRegion sets the VPCRegion field's value. -func (s *ListHostedZonesByVPCInput) SetVPCRegion(v string) *ListHostedZonesByVPCInput { - s.VPCRegion = &v - return s -} - -type ListHostedZonesByVPCOutput struct { - _ struct{} `type:"structure"` - - // A list that contains one HostedZoneSummary element for each hosted zone that - // the specified Amazon VPC is associated with. Each HostedZoneSummary element - // contains the hosted zone name and ID, and information about who owns the - // hosted zone. - // - // HostedZoneSummaries is a required field - HostedZoneSummaries []*HostedZoneSummary `locationNameList:"HostedZoneSummary" type:"list" required:"true"` - - // The value that you specified for MaxItems in the most recent ListHostedZonesByVPC - // request. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // The value that you will use for NextToken in the next ListHostedZonesByVPC - // request. - NextToken *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesByVPCOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesByVPCOutput) GoString() string { - return s.String() -} - -// SetHostedZoneSummaries sets the HostedZoneSummaries field's value. -func (s *ListHostedZonesByVPCOutput) SetHostedZoneSummaries(v []*HostedZoneSummary) *ListHostedZonesByVPCOutput { - s.HostedZoneSummaries = v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListHostedZonesByVPCOutput) SetMaxItems(v string) *ListHostedZonesByVPCOutput { - s.MaxItems = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListHostedZonesByVPCOutput) SetNextToken(v string) *ListHostedZonesByVPCOutput { - s.NextToken = &v - return s -} - -// A request to retrieve a list of the public and private hosted zones that -// are associated with the current Amazon Web Services account. -type ListHostedZonesInput struct { - _ struct{} `locationName:"ListHostedZonesRequest" type:"structure"` - - // If you're using reusable delegation sets and you want to list all of the - // hosted zones that are associated with a reusable delegation set, specify - // the ID of that reusable delegation set. - DelegationSetId *string `location:"querystring" locationName:"delegationsetid" type:"string"` - - // (Optional) Specifies if the hosted zone is private. - HostedZoneType *string `location:"querystring" locationName:"hostedzonetype" type:"string" enum:"HostedZoneType"` - - // If the value of IsTruncated in the previous response was true, you have more - // hosted zones. To get more hosted zones, submit another ListHostedZones request. - // - // For the value of marker, specify the value of NextMarker from the previous - // response, which is the ID of the first hosted zone that Amazon Route 53 will - // return if you submit another request. - // - // If the value of IsTruncated in the previous response was false, there are - // no more hosted zones to get. - Marker *string `location:"querystring" locationName:"marker" type:"string"` - - // (Optional) The maximum number of hosted zones that you want Amazon Route - // 53 to return. If you have more than maxitems hosted zones, the value of IsTruncated - // in the response is true, and the value of NextMarker is the hosted zone ID - // of the first hosted zone that Route 53 will return if you submit another - // request. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesInput) GoString() string { - return s.String() -} - -// SetDelegationSetId sets the DelegationSetId field's value. -func (s *ListHostedZonesInput) SetDelegationSetId(v string) *ListHostedZonesInput { - s.DelegationSetId = &v - return s -} - -// SetHostedZoneType sets the HostedZoneType field's value. -func (s *ListHostedZonesInput) SetHostedZoneType(v string) *ListHostedZonesInput { - s.HostedZoneType = &v - return s -} - -// SetMarker sets the Marker field's value. -func (s *ListHostedZonesInput) SetMarker(v string) *ListHostedZonesInput { - s.Marker = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListHostedZonesInput) SetMaxItems(v string) *ListHostedZonesInput { - s.MaxItems = &v - return s -} - -type ListHostedZonesOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains general information about the hosted zone. - // - // HostedZones is a required field - HostedZones []*HostedZone `locationNameList:"HostedZone" type:"list" required:"true"` - - // A flag indicating whether there are more hosted zones to be listed. If the - // response was truncated, you can get more hosted zones by submitting another - // ListHostedZones request and specifying the value of NextMarker in the marker - // parameter. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // For the second and subsequent calls to ListHostedZones, Marker is the value - // that you specified for the marker parameter in the request that produced - // the current response. - // - // Marker is a required field - Marker *string `type:"string" required:"true"` - - // The value that you specified for the maxitems parameter in the call to ListHostedZones - // that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If IsTruncated is true, the value of NextMarker identifies the first hosted - // zone in the next group of hosted zones. Submit another ListHostedZones request, - // and specify the value of NextMarker from the response in the marker parameter. - // - // This element is present only if IsTruncated is true. - NextMarker *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListHostedZonesOutput) GoString() string { - return s.String() -} - -// SetHostedZones sets the HostedZones field's value. -func (s *ListHostedZonesOutput) SetHostedZones(v []*HostedZone) *ListHostedZonesOutput { - s.HostedZones = v - return s -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListHostedZonesOutput) SetIsTruncated(v bool) *ListHostedZonesOutput { - s.IsTruncated = &v - return s -} - -// SetMarker sets the Marker field's value. -func (s *ListHostedZonesOutput) SetMarker(v string) *ListHostedZonesOutput { - s.Marker = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListHostedZonesOutput) SetMaxItems(v string) *ListHostedZonesOutput { - s.MaxItems = &v - return s -} - -// SetNextMarker sets the NextMarker field's value. -func (s *ListHostedZonesOutput) SetNextMarker(v string) *ListHostedZonesOutput { - s.NextMarker = &v - return s -} - -type ListQueryLoggingConfigsInput struct { - _ struct{} `locationName:"ListQueryLoggingConfigsRequest" type:"structure"` - - // (Optional) If you want to list the query logging configuration that is associated - // with a hosted zone, specify the ID in HostedZoneId. - // - // If you don't specify a hosted zone ID, ListQueryLoggingConfigs returns all - // of the configurations that are associated with the current Amazon Web Services - // account. - HostedZoneId *string `location:"querystring" locationName:"hostedzoneid" type:"string"` - - // (Optional) The maximum number of query logging configurations that you want - // Amazon Route 53 to return in response to the current request. If the current - // Amazon Web Services account has more than MaxResults configurations, use - // the value of NextToken (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListQueryLoggingConfigs.html#API_ListQueryLoggingConfigs_RequestSyntax) - // in the response to get the next page of results. - // - // If you don't specify a value for MaxResults, Route 53 returns up to 100 configurations. - MaxResults *string `location:"querystring" locationName:"maxresults" type:"string"` - - // (Optional) If the current Amazon Web Services account has more than MaxResults - // query logging configurations, use NextToken to get the second and subsequent - // pages of results. - // - // For the first ListQueryLoggingConfigs request, omit this value. - // - // For the second and subsequent requests, get the value of NextToken from the - // previous response and specify that value for NextToken in the request. - NextToken *string `location:"querystring" locationName:"nexttoken" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListQueryLoggingConfigsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListQueryLoggingConfigsInput) GoString() string { - return s.String() -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ListQueryLoggingConfigsInput) SetHostedZoneId(v string) *ListQueryLoggingConfigsInput { - s.HostedZoneId = &v - return s -} - -// SetMaxResults sets the MaxResults field's value. -func (s *ListQueryLoggingConfigsInput) SetMaxResults(v string) *ListQueryLoggingConfigsInput { - s.MaxResults = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListQueryLoggingConfigsInput) SetNextToken(v string) *ListQueryLoggingConfigsInput { - s.NextToken = &v - return s -} - -type ListQueryLoggingConfigsOutput struct { - _ struct{} `type:"structure"` - - // If a response includes the last of the query logging configurations that - // are associated with the current Amazon Web Services account, NextToken doesn't - // appear in the response. - // - // If a response doesn't include the last of the configurations, you can get - // more configurations by submitting another ListQueryLoggingConfigs (https://docs.aws.amazon.com/Route53/latest/APIReference/API_ListQueryLoggingConfigs.html) - // request. Get the value of NextToken that Amazon Route 53 returned in the - // previous response and include it in NextToken in the next request. - NextToken *string `type:"string"` - - // An array that contains one QueryLoggingConfig (https://docs.aws.amazon.com/Route53/latest/APIReference/API_QueryLoggingConfig.html) - // element for each configuration for DNS query logging that is associated with - // the current Amazon Web Services account. - // - // QueryLoggingConfigs is a required field - QueryLoggingConfigs []*QueryLoggingConfig `locationNameList:"QueryLoggingConfig" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListQueryLoggingConfigsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListQueryLoggingConfigsOutput) GoString() string { - return s.String() -} - -// SetNextToken sets the NextToken field's value. -func (s *ListQueryLoggingConfigsOutput) SetNextToken(v string) *ListQueryLoggingConfigsOutput { - s.NextToken = &v - return s -} - -// SetQueryLoggingConfigs sets the QueryLoggingConfigs field's value. -func (s *ListQueryLoggingConfigsOutput) SetQueryLoggingConfigs(v []*QueryLoggingConfig) *ListQueryLoggingConfigsOutput { - s.QueryLoggingConfigs = v - return s -} - -// A request for the resource record sets that are associated with a specified -// hosted zone. -type ListResourceRecordSetsInput struct { - _ struct{} `locationName:"ListResourceRecordSetsRequest" type:"structure"` - - // The ID of the hosted zone that contains the resource record sets that you - // want to list. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` - - // (Optional) The maximum number of resource records sets to include in the - // response body for this request. If the response includes more than maxitems - // resource record sets, the value of the IsTruncated element in the response - // is true, and the values of the NextRecordName and NextRecordType elements - // in the response identify the first resource record set in the next group - // of maxitems resource record sets. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` - - // Resource record sets that have a routing policy other than simple: If results - // were truncated for a given DNS name and type, specify the value of NextRecordIdentifier - // from the previous response to get the next resource record set that has the - // current DNS name and type. - StartRecordIdentifier *string `location:"querystring" locationName:"identifier" min:"1" type:"string"` - - // The first name in the lexicographic ordering of resource record sets that - // you want to list. If the specified record name doesn't exist, the results - // begin with the first resource record set that has a name greater than the - // value of name. - StartRecordName *string `location:"querystring" locationName:"name" type:"string"` - - // The type of resource record set to begin the record listing from. - // - // Valid values for basic resource record sets: A | AAAA | CAA | CNAME | MX - // | NAPTR | NS | PTR | SOA | SPF | SRV | TXT - // - // Values for weighted, latency, geolocation, and failover resource record sets: - // A | AAAA | CAA | CNAME | MX | NAPTR | PTR | SPF | SRV | TXT - // - // Values for alias resource record sets: - // - // * API Gateway custom regional API or edge-optimized API: A - // - // * CloudFront distribution: A or AAAA - // - // * Elastic Beanstalk environment that has a regionalized subdomain: A - // - // * Elastic Load Balancing load balancer: A | AAAA - // - // * S3 bucket: A - // - // * VPC interface VPC endpoint: A - // - // * Another resource record set in this hosted zone: The type of the resource - // record set that the alias references. - // - // Constraint: Specifying type without specifying name returns an InvalidInput - // error. - StartRecordType *string `location:"querystring" locationName:"type" type:"string" enum:"RRType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListResourceRecordSetsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListResourceRecordSetsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListResourceRecordSetsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListResourceRecordSetsInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - if s.StartRecordIdentifier != nil && len(*s.StartRecordIdentifier) < 1 { - invalidParams.Add(request.NewErrParamMinLen("StartRecordIdentifier", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ListResourceRecordSetsInput) SetHostedZoneId(v string) *ListResourceRecordSetsInput { - s.HostedZoneId = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListResourceRecordSetsInput) SetMaxItems(v string) *ListResourceRecordSetsInput { - s.MaxItems = &v - return s -} - -// SetStartRecordIdentifier sets the StartRecordIdentifier field's value. -func (s *ListResourceRecordSetsInput) SetStartRecordIdentifier(v string) *ListResourceRecordSetsInput { - s.StartRecordIdentifier = &v - return s -} - -// SetStartRecordName sets the StartRecordName field's value. -func (s *ListResourceRecordSetsInput) SetStartRecordName(v string) *ListResourceRecordSetsInput { - s.StartRecordName = &v - return s -} - -// SetStartRecordType sets the StartRecordType field's value. -func (s *ListResourceRecordSetsInput) SetStartRecordType(v string) *ListResourceRecordSetsInput { - s.StartRecordType = &v - return s -} - -// A complex type that contains list information for the resource record set. -type ListResourceRecordSetsOutput struct { - _ struct{} `type:"structure"` - - // A flag that indicates whether more resource record sets remain to be listed. - // If your results were truncated, you can make a follow-up pagination request - // by using the NextRecordName element. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // The maximum number of records you requested. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // Resource record sets that have a routing policy other than simple: If results - // were truncated for a given DNS name and type, the value of SetIdentifier - // for the next resource record set that has the current DNS name and type. - // - // For information about routing policies, see Choosing a Routing Policy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) - // in the Amazon Route 53 Developer Guide. - NextRecordIdentifier *string `min:"1" type:"string"` - - // If the results were truncated, the name of the next record in the list. - // - // This element is present only if IsTruncated is true. - NextRecordName *string `type:"string"` - - // If the results were truncated, the type of the next record in the list. - // - // This element is present only if IsTruncated is true. - NextRecordType *string `type:"string" enum:"RRType"` - - // Information about multiple resource record sets. - // - // ResourceRecordSets is a required field - ResourceRecordSets []*ResourceRecordSet `locationNameList:"ResourceRecordSet" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListResourceRecordSetsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListResourceRecordSetsOutput) GoString() string { - return s.String() -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListResourceRecordSetsOutput) SetIsTruncated(v bool) *ListResourceRecordSetsOutput { - s.IsTruncated = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListResourceRecordSetsOutput) SetMaxItems(v string) *ListResourceRecordSetsOutput { - s.MaxItems = &v - return s -} - -// SetNextRecordIdentifier sets the NextRecordIdentifier field's value. -func (s *ListResourceRecordSetsOutput) SetNextRecordIdentifier(v string) *ListResourceRecordSetsOutput { - s.NextRecordIdentifier = &v - return s -} - -// SetNextRecordName sets the NextRecordName field's value. -func (s *ListResourceRecordSetsOutput) SetNextRecordName(v string) *ListResourceRecordSetsOutput { - s.NextRecordName = &v - return s -} - -// SetNextRecordType sets the NextRecordType field's value. -func (s *ListResourceRecordSetsOutput) SetNextRecordType(v string) *ListResourceRecordSetsOutput { - s.NextRecordType = &v - return s -} - -// SetResourceRecordSets sets the ResourceRecordSets field's value. -func (s *ListResourceRecordSetsOutput) SetResourceRecordSets(v []*ResourceRecordSet) *ListResourceRecordSetsOutput { - s.ResourceRecordSets = v - return s -} - -// A request to get a list of the reusable delegation sets that are associated -// with the current Amazon Web Services account. -type ListReusableDelegationSetsInput struct { - _ struct{} `locationName:"ListReusableDelegationSetsRequest" type:"structure"` - - // If the value of IsTruncated in the previous response was true, you have more - // reusable delegation sets. To get another group, submit another ListReusableDelegationSets - // request. - // - // For the value of marker, specify the value of NextMarker from the previous - // response, which is the ID of the first reusable delegation set that Amazon - // Route 53 will return if you submit another request. - // - // If the value of IsTruncated in the previous response was false, there are - // no more reusable delegation sets to get. - Marker *string `location:"querystring" locationName:"marker" type:"string"` - - // The number of reusable delegation sets that you want Amazon Route 53 to return - // in the response to this request. If you specify a value greater than 100, - // Route 53 returns only the first 100 reusable delegation sets. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListReusableDelegationSetsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListReusableDelegationSetsInput) GoString() string { - return s.String() -} - -// SetMarker sets the Marker field's value. -func (s *ListReusableDelegationSetsInput) SetMarker(v string) *ListReusableDelegationSetsInput { - s.Marker = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListReusableDelegationSetsInput) SetMaxItems(v string) *ListReusableDelegationSetsInput { - s.MaxItems = &v - return s -} - -// A complex type that contains information about the reusable delegation sets -// that are associated with the current Amazon Web Services account. -type ListReusableDelegationSetsOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains one DelegationSet element for each reusable - // delegation set that was created by the current Amazon Web Services account. - // - // DelegationSets is a required field - DelegationSets []*DelegationSet `locationNameList:"DelegationSet" type:"list" required:"true"` - - // A flag that indicates whether there are more reusable delegation sets to - // be listed. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // For the second and subsequent calls to ListReusableDelegationSets, Marker - // is the value that you specified for the marker parameter in the request that - // produced the current response. - // - // Marker is a required field - Marker *string `type:"string" required:"true"` - - // The value that you specified for the maxitems parameter in the call to ListReusableDelegationSets - // that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If IsTruncated is true, the value of NextMarker identifies the next reusable - // delegation set that Amazon Route 53 will return if you submit another ListReusableDelegationSets - // request and specify the value of NextMarker in the marker parameter. - NextMarker *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListReusableDelegationSetsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListReusableDelegationSetsOutput) GoString() string { - return s.String() -} - -// SetDelegationSets sets the DelegationSets field's value. -func (s *ListReusableDelegationSetsOutput) SetDelegationSets(v []*DelegationSet) *ListReusableDelegationSetsOutput { - s.DelegationSets = v - return s -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListReusableDelegationSetsOutput) SetIsTruncated(v bool) *ListReusableDelegationSetsOutput { - s.IsTruncated = &v - return s -} - -// SetMarker sets the Marker field's value. -func (s *ListReusableDelegationSetsOutput) SetMarker(v string) *ListReusableDelegationSetsOutput { - s.Marker = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListReusableDelegationSetsOutput) SetMaxItems(v string) *ListReusableDelegationSetsOutput { - s.MaxItems = &v - return s -} - -// SetNextMarker sets the NextMarker field's value. -func (s *ListReusableDelegationSetsOutput) SetNextMarker(v string) *ListReusableDelegationSetsOutput { - s.NextMarker = &v - return s -} - -// A complex type containing information about a request for a list of the tags -// that are associated with an individual resource. -type ListTagsForResourceInput struct { - _ struct{} `locationName:"ListTagsForResourceRequest" type:"structure"` - - // The ID of the resource for which you want to retrieve tags. - // - // ResourceId is a required field - ResourceId *string `location:"uri" locationName:"ResourceId" type:"string" required:"true"` - - // The type of the resource. - // - // * The resource type for health checks is healthcheck. - // - // * The resource type for hosted zones is hostedzone. - // - // ResourceType is a required field - ResourceType *string `location:"uri" locationName:"ResourceType" type:"string" required:"true" enum:"TagResourceType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourceInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListTagsForResourceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} - if s.ResourceId == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceId")) - } - if s.ResourceId != nil && len(*s.ResourceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceId", 1)) - } - if s.ResourceType == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceType")) - } - if s.ResourceType != nil && len(*s.ResourceType) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetResourceId sets the ResourceId field's value. -func (s *ListTagsForResourceInput) SetResourceId(v string) *ListTagsForResourceInput { - s.ResourceId = &v - return s -} - -// SetResourceType sets the ResourceType field's value. -func (s *ListTagsForResourceInput) SetResourceType(v string) *ListTagsForResourceInput { - s.ResourceType = &v - return s -} - -// A complex type that contains information about the health checks or hosted -// zones for which you want to list tags. -type ListTagsForResourceOutput struct { - _ struct{} `type:"structure"` - - // A ResourceTagSet containing tags associated with the specified resource. - // - // ResourceTagSet is a required field - ResourceTagSet *ResourceTagSet `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourceOutput) GoString() string { - return s.String() -} - -// SetResourceTagSet sets the ResourceTagSet field's value. -func (s *ListTagsForResourceOutput) SetResourceTagSet(v *ResourceTagSet) *ListTagsForResourceOutput { - s.ResourceTagSet = v - return s -} - -// A complex type that contains information about the health checks or hosted -// zones for which you want to list tags. -type ListTagsForResourcesInput struct { - _ struct{} `locationName:"ListTagsForResourcesRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A complex type that contains the ResourceId element for each resource for - // which you want to get a list of tags. - // - // ResourceIds is a required field - ResourceIds []*string `locationNameList:"ResourceId" min:"1" type:"list" required:"true"` - - // The type of the resources. - // - // * The resource type for health checks is healthcheck. - // - // * The resource type for hosted zones is hostedzone. - // - // ResourceType is a required field - ResourceType *string `location:"uri" locationName:"ResourceType" type:"string" required:"true" enum:"TagResourceType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourcesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourcesInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListTagsForResourcesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourcesInput"} - if s.ResourceIds == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceIds")) - } - if s.ResourceIds != nil && len(s.ResourceIds) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceIds", 1)) - } - if s.ResourceType == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceType")) - } - if s.ResourceType != nil && len(*s.ResourceType) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetResourceIds sets the ResourceIds field's value. -func (s *ListTagsForResourcesInput) SetResourceIds(v []*string) *ListTagsForResourcesInput { - s.ResourceIds = v - return s -} - -// SetResourceType sets the ResourceType field's value. -func (s *ListTagsForResourcesInput) SetResourceType(v string) *ListTagsForResourcesInput { - s.ResourceType = &v - return s -} - -// A complex type containing tags for the specified resources. -type ListTagsForResourcesOutput struct { - _ struct{} `type:"structure"` - - // A list of ResourceTagSets containing tags associated with the specified resources. - // - // ResourceTagSets is a required field - ResourceTagSets []*ResourceTagSet `locationNameList:"ResourceTagSet" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourcesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsForResourcesOutput) GoString() string { - return s.String() -} - -// SetResourceTagSets sets the ResourceTagSets field's value. -func (s *ListTagsForResourcesOutput) SetResourceTagSets(v []*ResourceTagSet) *ListTagsForResourcesOutput { - s.ResourceTagSets = v - return s -} - -// A complex type that contains the information about the request to list the -// traffic policies that are associated with the current Amazon Web Services -// account. -type ListTrafficPoliciesInput struct { - _ struct{} `locationName:"ListTrafficPoliciesRequest" type:"structure"` - - // (Optional) The maximum number of traffic policies that you want Amazon Route - // 53 to return in response to this request. If you have more than MaxItems - // traffic policies, the value of IsTruncated in the response is true, and the - // value of TrafficPolicyIdMarker is the ID of the first traffic policy that - // Route 53 will return if you submit another request. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` - - // (Conditional) For your first request to ListTrafficPolicies, don't include - // the TrafficPolicyIdMarker parameter. - // - // If you have more traffic policies than the value of MaxItems, ListTrafficPolicies - // returns only the first MaxItems traffic policies. To get the next group of - // policies, submit another request to ListTrafficPolicies. For the value of - // TrafficPolicyIdMarker, specify the value of TrafficPolicyIdMarker that was - // returned in the previous response. - TrafficPolicyIdMarker *string `location:"querystring" locationName:"trafficpolicyid" min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPoliciesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPoliciesInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListTrafficPoliciesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTrafficPoliciesInput"} - if s.TrafficPolicyIdMarker != nil && len(*s.TrafficPolicyIdMarker) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TrafficPolicyIdMarker", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPoliciesInput) SetMaxItems(v string) *ListTrafficPoliciesInput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyIdMarker sets the TrafficPolicyIdMarker field's value. -func (s *ListTrafficPoliciesInput) SetTrafficPolicyIdMarker(v string) *ListTrafficPoliciesInput { - s.TrafficPolicyIdMarker = &v - return s -} - -// A complex type that contains the response information for the request. -type ListTrafficPoliciesOutput struct { - _ struct{} `type:"structure"` - - // A flag that indicates whether there are more traffic policies to be listed. - // If the response was truncated, you can get the next group of traffic policies - // by submitting another ListTrafficPolicies request and specifying the value - // of TrafficPolicyIdMarker in the TrafficPolicyIdMarker request parameter. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // The value that you specified for the MaxItems parameter in the ListTrafficPolicies - // request that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If the value of IsTruncated is true, TrafficPolicyIdMarker is the ID of the - // first traffic policy in the next group of MaxItems traffic policies. - // - // TrafficPolicyIdMarker is a required field - TrafficPolicyIdMarker *string `min:"1" type:"string" required:"true"` - - // A list that contains one TrafficPolicySummary element for each traffic policy - // that was created by the current Amazon Web Services account. - // - // TrafficPolicySummaries is a required field - TrafficPolicySummaries []*TrafficPolicySummary `locationNameList:"TrafficPolicySummary" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPoliciesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPoliciesOutput) GoString() string { - return s.String() -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListTrafficPoliciesOutput) SetIsTruncated(v bool) *ListTrafficPoliciesOutput { - s.IsTruncated = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPoliciesOutput) SetMaxItems(v string) *ListTrafficPoliciesOutput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyIdMarker sets the TrafficPolicyIdMarker field's value. -func (s *ListTrafficPoliciesOutput) SetTrafficPolicyIdMarker(v string) *ListTrafficPoliciesOutput { - s.TrafficPolicyIdMarker = &v - return s -} - -// SetTrafficPolicySummaries sets the TrafficPolicySummaries field's value. -func (s *ListTrafficPoliciesOutput) SetTrafficPolicySummaries(v []*TrafficPolicySummary) *ListTrafficPoliciesOutput { - s.TrafficPolicySummaries = v - return s -} - -// A request for the traffic policy instances that you created in a specified -// hosted zone. -type ListTrafficPolicyInstancesByHostedZoneInput struct { - _ struct{} `locationName:"ListTrafficPolicyInstancesByHostedZoneRequest" type:"structure"` - - // The ID of the hosted zone that you want to list traffic policy instances - // for. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"querystring" locationName:"id" type:"string" required:"true"` - - // The maximum number of traffic policy instances to be included in the response - // body for this request. If you have more than MaxItems traffic policy instances, - // the value of the IsTruncated element in the response is true, and the values - // of HostedZoneIdMarker, TrafficPolicyInstanceNameMarker, and TrafficPolicyInstanceTypeMarker - // represent the first traffic policy instance that Amazon Route 53 will return - // if you submit another request. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` - - // If the value of IsTruncated in the previous response is true, you have more - // traffic policy instances. To get more traffic policy instances, submit another - // ListTrafficPolicyInstances request. For the value of trafficpolicyinstancename, - // specify the value of TrafficPolicyInstanceNameMarker from the previous response, - // which is the name of the first traffic policy instance in the next group - // of traffic policy instances. - // - // If the value of IsTruncated in the previous response was false, there are - // no more traffic policy instances to get. - TrafficPolicyInstanceNameMarker *string `location:"querystring" locationName:"trafficpolicyinstancename" type:"string"` - - // If the value of IsTruncated in the previous response is true, you have more - // traffic policy instances. To get more traffic policy instances, submit another - // ListTrafficPolicyInstances request. For the value of trafficpolicyinstancetype, - // specify the value of TrafficPolicyInstanceTypeMarker from the previous response, - // which is the type of the first traffic policy instance in the next group - // of traffic policy instances. - // - // If the value of IsTruncated in the previous response was false, there are - // no more traffic policy instances to get. - TrafficPolicyInstanceTypeMarker *string `location:"querystring" locationName:"trafficpolicyinstancetype" type:"string" enum:"RRType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesByHostedZoneInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesByHostedZoneInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListTrafficPolicyInstancesByHostedZoneInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTrafficPolicyInstancesByHostedZoneInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneInput) SetHostedZoneId(v string) *ListTrafficPolicyInstancesByHostedZoneInput { - s.HostedZoneId = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneInput) SetMaxItems(v string) *ListTrafficPolicyInstancesByHostedZoneInput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyInstanceNameMarker sets the TrafficPolicyInstanceNameMarker field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneInput) SetTrafficPolicyInstanceNameMarker(v string) *ListTrafficPolicyInstancesByHostedZoneInput { - s.TrafficPolicyInstanceNameMarker = &v - return s -} - -// SetTrafficPolicyInstanceTypeMarker sets the TrafficPolicyInstanceTypeMarker field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneInput) SetTrafficPolicyInstanceTypeMarker(v string) *ListTrafficPolicyInstancesByHostedZoneInput { - s.TrafficPolicyInstanceTypeMarker = &v - return s -} - -// A complex type that contains the response information for the request. -type ListTrafficPolicyInstancesByHostedZoneOutput struct { - _ struct{} `type:"structure"` - - // A flag that indicates whether there are more traffic policy instances to - // be listed. If the response was truncated, you can get the next group of traffic - // policy instances by submitting another ListTrafficPolicyInstancesByHostedZone - // request and specifying the values of HostedZoneIdMarker, TrafficPolicyInstanceNameMarker, - // and TrafficPolicyInstanceTypeMarker in the corresponding request parameters. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // The value that you specified for the MaxItems parameter in the ListTrafficPolicyInstancesByHostedZone - // request that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If IsTruncated is true, TrafficPolicyInstanceNameMarker is the name of the - // first traffic policy instance in the next group of traffic policy instances. - TrafficPolicyInstanceNameMarker *string `type:"string"` - - // If IsTruncated is true, TrafficPolicyInstanceTypeMarker is the DNS type of - // the resource record sets that are associated with the first traffic policy - // instance in the next group of traffic policy instances. - TrafficPolicyInstanceTypeMarker *string `type:"string" enum:"RRType"` - - // A list that contains one TrafficPolicyInstance element for each traffic policy - // instance that matches the elements in the request. - // - // TrafficPolicyInstances is a required field - TrafficPolicyInstances []*TrafficPolicyInstance `locationNameList:"TrafficPolicyInstance" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesByHostedZoneOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesByHostedZoneOutput) GoString() string { - return s.String() -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneOutput) SetIsTruncated(v bool) *ListTrafficPolicyInstancesByHostedZoneOutput { - s.IsTruncated = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneOutput) SetMaxItems(v string) *ListTrafficPolicyInstancesByHostedZoneOutput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyInstanceNameMarker sets the TrafficPolicyInstanceNameMarker field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneOutput) SetTrafficPolicyInstanceNameMarker(v string) *ListTrafficPolicyInstancesByHostedZoneOutput { - s.TrafficPolicyInstanceNameMarker = &v - return s -} - -// SetTrafficPolicyInstanceTypeMarker sets the TrafficPolicyInstanceTypeMarker field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneOutput) SetTrafficPolicyInstanceTypeMarker(v string) *ListTrafficPolicyInstancesByHostedZoneOutput { - s.TrafficPolicyInstanceTypeMarker = &v - return s -} - -// SetTrafficPolicyInstances sets the TrafficPolicyInstances field's value. -func (s *ListTrafficPolicyInstancesByHostedZoneOutput) SetTrafficPolicyInstances(v []*TrafficPolicyInstance) *ListTrafficPolicyInstancesByHostedZoneOutput { - s.TrafficPolicyInstances = v - return s -} - -// A complex type that contains the information about the request to list your -// traffic policy instances. -type ListTrafficPolicyInstancesByPolicyInput struct { - _ struct{} `locationName:"ListTrafficPolicyInstancesByPolicyRequest" type:"structure"` - - // If the value of IsTruncated in the previous response was true, you have more - // traffic policy instances. To get more traffic policy instances, submit another - // ListTrafficPolicyInstancesByPolicy request. - // - // For the value of hostedzoneid, specify the value of HostedZoneIdMarker from - // the previous response, which is the hosted zone ID of the first traffic policy - // instance that Amazon Route 53 will return if you submit another request. - // - // If the value of IsTruncated in the previous response was false, there are - // no more traffic policy instances to get. - HostedZoneIdMarker *string `location:"querystring" locationName:"hostedzoneid" type:"string"` - - // The maximum number of traffic policy instances to be included in the response - // body for this request. If you have more than MaxItems traffic policy instances, - // the value of the IsTruncated element in the response is true, and the values - // of HostedZoneIdMarker, TrafficPolicyInstanceNameMarker, and TrafficPolicyInstanceTypeMarker - // represent the first traffic policy instance that Amazon Route 53 will return - // if you submit another request. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` - - // The ID of the traffic policy for which you want to list traffic policy instances. - // - // TrafficPolicyId is a required field - TrafficPolicyId *string `location:"querystring" locationName:"id" min:"1" type:"string" required:"true"` - - // If the value of IsTruncated in the previous response was true, you have more - // traffic policy instances. To get more traffic policy instances, submit another - // ListTrafficPolicyInstancesByPolicy request. - // - // For the value of trafficpolicyinstancename, specify the value of TrafficPolicyInstanceNameMarker - // from the previous response, which is the name of the first traffic policy - // instance that Amazon Route 53 will return if you submit another request. - // - // If the value of IsTruncated in the previous response was false, there are - // no more traffic policy instances to get. - TrafficPolicyInstanceNameMarker *string `location:"querystring" locationName:"trafficpolicyinstancename" type:"string"` - - // If the value of IsTruncated in the previous response was true, you have more - // traffic policy instances. To get more traffic policy instances, submit another - // ListTrafficPolicyInstancesByPolicy request. - // - // For the value of trafficpolicyinstancetype, specify the value of TrafficPolicyInstanceTypeMarker - // from the previous response, which is the name of the first traffic policy - // instance that Amazon Route 53 will return if you submit another request. - // - // If the value of IsTruncated in the previous response was false, there are - // no more traffic policy instances to get. - TrafficPolicyInstanceTypeMarker *string `location:"querystring" locationName:"trafficpolicyinstancetype" type:"string" enum:"RRType"` - - // The version of the traffic policy for which you want to list traffic policy - // instances. The version must be associated with the traffic policy that is - // specified by TrafficPolicyId. - // - // TrafficPolicyVersion is a required field - TrafficPolicyVersion *int64 `location:"querystring" locationName:"version" min:"1" type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesByPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesByPolicyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListTrafficPolicyInstancesByPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTrafficPolicyInstancesByPolicyInput"} - if s.TrafficPolicyId == nil { - invalidParams.Add(request.NewErrParamRequired("TrafficPolicyId")) - } - if s.TrafficPolicyId != nil && len(*s.TrafficPolicyId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TrafficPolicyId", 1)) - } - if s.TrafficPolicyVersion == nil { - invalidParams.Add(request.NewErrParamRequired("TrafficPolicyVersion")) - } - if s.TrafficPolicyVersion != nil && *s.TrafficPolicyVersion < 1 { - invalidParams.Add(request.NewErrParamMinValue("TrafficPolicyVersion", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneIdMarker sets the HostedZoneIdMarker field's value. -func (s *ListTrafficPolicyInstancesByPolicyInput) SetHostedZoneIdMarker(v string) *ListTrafficPolicyInstancesByPolicyInput { - s.HostedZoneIdMarker = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPolicyInstancesByPolicyInput) SetMaxItems(v string) *ListTrafficPolicyInstancesByPolicyInput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyId sets the TrafficPolicyId field's value. -func (s *ListTrafficPolicyInstancesByPolicyInput) SetTrafficPolicyId(v string) *ListTrafficPolicyInstancesByPolicyInput { - s.TrafficPolicyId = &v - return s -} - -// SetTrafficPolicyInstanceNameMarker sets the TrafficPolicyInstanceNameMarker field's value. -func (s *ListTrafficPolicyInstancesByPolicyInput) SetTrafficPolicyInstanceNameMarker(v string) *ListTrafficPolicyInstancesByPolicyInput { - s.TrafficPolicyInstanceNameMarker = &v - return s -} - -// SetTrafficPolicyInstanceTypeMarker sets the TrafficPolicyInstanceTypeMarker field's value. -func (s *ListTrafficPolicyInstancesByPolicyInput) SetTrafficPolicyInstanceTypeMarker(v string) *ListTrafficPolicyInstancesByPolicyInput { - s.TrafficPolicyInstanceTypeMarker = &v - return s -} - -// SetTrafficPolicyVersion sets the TrafficPolicyVersion field's value. -func (s *ListTrafficPolicyInstancesByPolicyInput) SetTrafficPolicyVersion(v int64) *ListTrafficPolicyInstancesByPolicyInput { - s.TrafficPolicyVersion = &v - return s -} - -// A complex type that contains the response information for the request. -type ListTrafficPolicyInstancesByPolicyOutput struct { - _ struct{} `type:"structure"` - - // If IsTruncated is true, HostedZoneIdMarker is the ID of the hosted zone of - // the first traffic policy instance in the next group of traffic policy instances. - HostedZoneIdMarker *string `type:"string"` - - // A flag that indicates whether there are more traffic policy instances to - // be listed. If the response was truncated, you can get the next group of traffic - // policy instances by calling ListTrafficPolicyInstancesByPolicy again and - // specifying the values of the HostedZoneIdMarker, TrafficPolicyInstanceNameMarker, - // and TrafficPolicyInstanceTypeMarker elements in the corresponding request - // parameters. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // The value that you specified for the MaxItems parameter in the call to ListTrafficPolicyInstancesByPolicy - // that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If IsTruncated is true, TrafficPolicyInstanceNameMarker is the name of the - // first traffic policy instance in the next group of MaxItems traffic policy - // instances. - TrafficPolicyInstanceNameMarker *string `type:"string"` - - // If IsTruncated is true, TrafficPolicyInstanceTypeMarker is the DNS type of - // the resource record sets that are associated with the first traffic policy - // instance in the next group of MaxItems traffic policy instances. - TrafficPolicyInstanceTypeMarker *string `type:"string" enum:"RRType"` - - // A list that contains one TrafficPolicyInstance element for each traffic policy - // instance that matches the elements in the request. - // - // TrafficPolicyInstances is a required field - TrafficPolicyInstances []*TrafficPolicyInstance `locationNameList:"TrafficPolicyInstance" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesByPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesByPolicyOutput) GoString() string { - return s.String() -} - -// SetHostedZoneIdMarker sets the HostedZoneIdMarker field's value. -func (s *ListTrafficPolicyInstancesByPolicyOutput) SetHostedZoneIdMarker(v string) *ListTrafficPolicyInstancesByPolicyOutput { - s.HostedZoneIdMarker = &v - return s -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListTrafficPolicyInstancesByPolicyOutput) SetIsTruncated(v bool) *ListTrafficPolicyInstancesByPolicyOutput { - s.IsTruncated = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPolicyInstancesByPolicyOutput) SetMaxItems(v string) *ListTrafficPolicyInstancesByPolicyOutput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyInstanceNameMarker sets the TrafficPolicyInstanceNameMarker field's value. -func (s *ListTrafficPolicyInstancesByPolicyOutput) SetTrafficPolicyInstanceNameMarker(v string) *ListTrafficPolicyInstancesByPolicyOutput { - s.TrafficPolicyInstanceNameMarker = &v - return s -} - -// SetTrafficPolicyInstanceTypeMarker sets the TrafficPolicyInstanceTypeMarker field's value. -func (s *ListTrafficPolicyInstancesByPolicyOutput) SetTrafficPolicyInstanceTypeMarker(v string) *ListTrafficPolicyInstancesByPolicyOutput { - s.TrafficPolicyInstanceTypeMarker = &v - return s -} - -// SetTrafficPolicyInstances sets the TrafficPolicyInstances field's value. -func (s *ListTrafficPolicyInstancesByPolicyOutput) SetTrafficPolicyInstances(v []*TrafficPolicyInstance) *ListTrafficPolicyInstancesByPolicyOutput { - s.TrafficPolicyInstances = v - return s -} - -// A request to get information about the traffic policy instances that you -// created by using the current Amazon Web Services account. -type ListTrafficPolicyInstancesInput struct { - _ struct{} `locationName:"ListTrafficPolicyInstancesRequest" type:"structure"` - - // If the value of IsTruncated in the previous response was true, you have more - // traffic policy instances. To get more traffic policy instances, submit another - // ListTrafficPolicyInstances request. For the value of HostedZoneId, specify - // the value of HostedZoneIdMarker from the previous response, which is the - // hosted zone ID of the first traffic policy instance in the next group of - // traffic policy instances. - // - // If the value of IsTruncated in the previous response was false, there are - // no more traffic policy instances to get. - HostedZoneIdMarker *string `location:"querystring" locationName:"hostedzoneid" type:"string"` - - // The maximum number of traffic policy instances that you want Amazon Route - // 53 to return in response to a ListTrafficPolicyInstances request. If you - // have more than MaxItems traffic policy instances, the value of the IsTruncated - // element in the response is true, and the values of HostedZoneIdMarker, TrafficPolicyInstanceNameMarker, - // and TrafficPolicyInstanceTypeMarker represent the first traffic policy instance - // in the next group of MaxItems traffic policy instances. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` - - // If the value of IsTruncated in the previous response was true, you have more - // traffic policy instances. To get more traffic policy instances, submit another - // ListTrafficPolicyInstances request. For the value of trafficpolicyinstancename, - // specify the value of TrafficPolicyInstanceNameMarker from the previous response, - // which is the name of the first traffic policy instance in the next group - // of traffic policy instances. - // - // If the value of IsTruncated in the previous response was false, there are - // no more traffic policy instances to get. - TrafficPolicyInstanceNameMarker *string `location:"querystring" locationName:"trafficpolicyinstancename" type:"string"` - - // If the value of IsTruncated in the previous response was true, you have more - // traffic policy instances. To get more traffic policy instances, submit another - // ListTrafficPolicyInstances request. For the value of trafficpolicyinstancetype, - // specify the value of TrafficPolicyInstanceTypeMarker from the previous response, - // which is the type of the first traffic policy instance in the next group - // of traffic policy instances. - // - // If the value of IsTruncated in the previous response was false, there are - // no more traffic policy instances to get. - TrafficPolicyInstanceTypeMarker *string `location:"querystring" locationName:"trafficpolicyinstancetype" type:"string" enum:"RRType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesInput) GoString() string { - return s.String() -} - -// SetHostedZoneIdMarker sets the HostedZoneIdMarker field's value. -func (s *ListTrafficPolicyInstancesInput) SetHostedZoneIdMarker(v string) *ListTrafficPolicyInstancesInput { - s.HostedZoneIdMarker = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPolicyInstancesInput) SetMaxItems(v string) *ListTrafficPolicyInstancesInput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyInstanceNameMarker sets the TrafficPolicyInstanceNameMarker field's value. -func (s *ListTrafficPolicyInstancesInput) SetTrafficPolicyInstanceNameMarker(v string) *ListTrafficPolicyInstancesInput { - s.TrafficPolicyInstanceNameMarker = &v - return s -} - -// SetTrafficPolicyInstanceTypeMarker sets the TrafficPolicyInstanceTypeMarker field's value. -func (s *ListTrafficPolicyInstancesInput) SetTrafficPolicyInstanceTypeMarker(v string) *ListTrafficPolicyInstancesInput { - s.TrafficPolicyInstanceTypeMarker = &v - return s -} - -// A complex type that contains the response information for the request. -type ListTrafficPolicyInstancesOutput struct { - _ struct{} `type:"structure"` - - // If IsTruncated is true, HostedZoneIdMarker is the ID of the hosted zone of - // the first traffic policy instance that Route 53 will return if you submit - // another ListTrafficPolicyInstances request. - HostedZoneIdMarker *string `type:"string"` - - // A flag that indicates whether there are more traffic policy instances to - // be listed. If the response was truncated, you can get more traffic policy - // instances by calling ListTrafficPolicyInstances again and specifying the - // values of the HostedZoneIdMarker, TrafficPolicyInstanceNameMarker, and TrafficPolicyInstanceTypeMarker - // in the corresponding request parameters. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // The value that you specified for the MaxItems parameter in the call to ListTrafficPolicyInstances - // that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // If IsTruncated is true, TrafficPolicyInstanceNameMarker is the name of the - // first traffic policy instance that Route 53 will return if you submit another - // ListTrafficPolicyInstances request. - TrafficPolicyInstanceNameMarker *string `type:"string"` - - // If IsTruncated is true, TrafficPolicyInstanceTypeMarker is the DNS type of - // the resource record sets that are associated with the first traffic policy - // instance that Amazon Route 53 will return if you submit another ListTrafficPolicyInstances - // request. - TrafficPolicyInstanceTypeMarker *string `type:"string" enum:"RRType"` - - // A list that contains one TrafficPolicyInstance element for each traffic policy - // instance that matches the elements in the request. - // - // TrafficPolicyInstances is a required field - TrafficPolicyInstances []*TrafficPolicyInstance `locationNameList:"TrafficPolicyInstance" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyInstancesOutput) GoString() string { - return s.String() -} - -// SetHostedZoneIdMarker sets the HostedZoneIdMarker field's value. -func (s *ListTrafficPolicyInstancesOutput) SetHostedZoneIdMarker(v string) *ListTrafficPolicyInstancesOutput { - s.HostedZoneIdMarker = &v - return s -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListTrafficPolicyInstancesOutput) SetIsTruncated(v bool) *ListTrafficPolicyInstancesOutput { - s.IsTruncated = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPolicyInstancesOutput) SetMaxItems(v string) *ListTrafficPolicyInstancesOutput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyInstanceNameMarker sets the TrafficPolicyInstanceNameMarker field's value. -func (s *ListTrafficPolicyInstancesOutput) SetTrafficPolicyInstanceNameMarker(v string) *ListTrafficPolicyInstancesOutput { - s.TrafficPolicyInstanceNameMarker = &v - return s -} - -// SetTrafficPolicyInstanceTypeMarker sets the TrafficPolicyInstanceTypeMarker field's value. -func (s *ListTrafficPolicyInstancesOutput) SetTrafficPolicyInstanceTypeMarker(v string) *ListTrafficPolicyInstancesOutput { - s.TrafficPolicyInstanceTypeMarker = &v - return s -} - -// SetTrafficPolicyInstances sets the TrafficPolicyInstances field's value. -func (s *ListTrafficPolicyInstancesOutput) SetTrafficPolicyInstances(v []*TrafficPolicyInstance) *ListTrafficPolicyInstancesOutput { - s.TrafficPolicyInstances = v - return s -} - -// A complex type that contains the information about the request to list your -// traffic policies. -type ListTrafficPolicyVersionsInput struct { - _ struct{} `locationName:"ListTrafficPolicyVersionsRequest" type:"structure"` - - // Specify the value of Id of the traffic policy for which you want to list - // all versions. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` - - // The maximum number of traffic policy versions that you want Amazon Route - // 53 to include in the response body for this request. If the specified traffic - // policy has more than MaxItems versions, the value of IsTruncated in the response - // is true, and the value of the TrafficPolicyVersionMarker element is the ID - // of the first version that Route 53 will return if you submit another request. - MaxItems *string `location:"querystring" locationName:"maxitems" type:"string"` - - // For your first request to ListTrafficPolicyVersions, don't include the TrafficPolicyVersionMarker - // parameter. - // - // If you have more traffic policy versions than the value of MaxItems, ListTrafficPolicyVersions - // returns only the first group of MaxItems versions. To get more traffic policy - // versions, submit another ListTrafficPolicyVersions request. For the value - // of TrafficPolicyVersionMarker, specify the value of TrafficPolicyVersionMarker - // in the previous response. - TrafficPolicyVersionMarker *string `location:"querystring" locationName:"trafficpolicyversion" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyVersionsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyVersionsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListTrafficPolicyVersionsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTrafficPolicyVersionsInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *ListTrafficPolicyVersionsInput) SetId(v string) *ListTrafficPolicyVersionsInput { - s.Id = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPolicyVersionsInput) SetMaxItems(v string) *ListTrafficPolicyVersionsInput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicyVersionMarker sets the TrafficPolicyVersionMarker field's value. -func (s *ListTrafficPolicyVersionsInput) SetTrafficPolicyVersionMarker(v string) *ListTrafficPolicyVersionsInput { - s.TrafficPolicyVersionMarker = &v - return s -} - -// A complex type that contains the response information for the request. -type ListTrafficPolicyVersionsOutput struct { - _ struct{} `type:"structure"` - - // A flag that indicates whether there are more traffic policies to be listed. - // If the response was truncated, you can get the next group of traffic policies - // by submitting another ListTrafficPolicyVersions request and specifying the - // value of NextMarker in the marker parameter. - // - // IsTruncated is a required field - IsTruncated *bool `type:"boolean" required:"true"` - - // The value that you specified for the maxitems parameter in the ListTrafficPolicyVersions - // request that produced the current response. - // - // MaxItems is a required field - MaxItems *string `type:"string" required:"true"` - - // A list that contains one TrafficPolicy element for each traffic policy version - // that is associated with the specified traffic policy. - // - // TrafficPolicies is a required field - TrafficPolicies []*TrafficPolicy `locationNameList:"TrafficPolicy" type:"list" required:"true"` - - // If IsTruncated is true, the value of TrafficPolicyVersionMarker identifies - // the first traffic policy that Amazon Route 53 will return if you submit another - // request. Call ListTrafficPolicyVersions again and specify the value of TrafficPolicyVersionMarker - // in the TrafficPolicyVersionMarker request parameter. - // - // This element is present only if IsTruncated is true. - // - // TrafficPolicyVersionMarker is a required field - TrafficPolicyVersionMarker *string `type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyVersionsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTrafficPolicyVersionsOutput) GoString() string { - return s.String() -} - -// SetIsTruncated sets the IsTruncated field's value. -func (s *ListTrafficPolicyVersionsOutput) SetIsTruncated(v bool) *ListTrafficPolicyVersionsOutput { - s.IsTruncated = &v - return s -} - -// SetMaxItems sets the MaxItems field's value. -func (s *ListTrafficPolicyVersionsOutput) SetMaxItems(v string) *ListTrafficPolicyVersionsOutput { - s.MaxItems = &v - return s -} - -// SetTrafficPolicies sets the TrafficPolicies field's value. -func (s *ListTrafficPolicyVersionsOutput) SetTrafficPolicies(v []*TrafficPolicy) *ListTrafficPolicyVersionsOutput { - s.TrafficPolicies = v - return s -} - -// SetTrafficPolicyVersionMarker sets the TrafficPolicyVersionMarker field's value. -func (s *ListTrafficPolicyVersionsOutput) SetTrafficPolicyVersionMarker(v string) *ListTrafficPolicyVersionsOutput { - s.TrafficPolicyVersionMarker = &v - return s -} - -// A complex type that contains information about that can be associated with -// your hosted zone. -type ListVPCAssociationAuthorizationsInput struct { - _ struct{} `locationName:"ListVPCAssociationAuthorizationsRequest" type:"structure"` - - // The ID of the hosted zone for which you want a list of VPCs that can be associated - // with the hosted zone. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"uri" locationName:"Id" type:"string" required:"true"` - - // Optional: An integer that specifies the maximum number of VPCs that you want - // Amazon Route 53 to return. If you don't specify a value for MaxResults, Route - // 53 returns up to 50 VPCs per page. - MaxResults *string `location:"querystring" locationName:"maxresults" type:"string"` - - // Optional: If a response includes a NextToken element, there are more VPCs - // that can be associated with the specified hosted zone. To get the next page - // of results, submit another request, and include the value of NextToken from - // the response in the nexttoken parameter in another ListVPCAssociationAuthorizations - // request. - NextToken *string `location:"querystring" locationName:"nexttoken" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListVPCAssociationAuthorizationsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListVPCAssociationAuthorizationsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListVPCAssociationAuthorizationsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListVPCAssociationAuthorizationsInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.HostedZoneId != nil && len(*s.HostedZoneId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HostedZoneId", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ListVPCAssociationAuthorizationsInput) SetHostedZoneId(v string) *ListVPCAssociationAuthorizationsInput { - s.HostedZoneId = &v - return s -} - -// SetMaxResults sets the MaxResults field's value. -func (s *ListVPCAssociationAuthorizationsInput) SetMaxResults(v string) *ListVPCAssociationAuthorizationsInput { - s.MaxResults = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListVPCAssociationAuthorizationsInput) SetNextToken(v string) *ListVPCAssociationAuthorizationsInput { - s.NextToken = &v - return s -} - -// A complex type that contains the response information for the request. -type ListVPCAssociationAuthorizationsOutput struct { - _ struct{} `type:"structure"` - - // The ID of the hosted zone that you can associate the listed VPCs with. - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` - - // When the response includes a NextToken element, there are more VPCs that - // can be associated with the specified hosted zone. To get the next page of - // VPCs, submit another ListVPCAssociationAuthorizations request, and include - // the value of the NextToken element from the response in the nexttoken request - // parameter. - NextToken *string `type:"string"` - - // The list of VPCs that are authorized to be associated with the specified - // hosted zone. - // - // VPCs is a required field - VPCs []*VPC `locationNameList:"VPC" min:"1" type:"list" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListVPCAssociationAuthorizationsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListVPCAssociationAuthorizationsOutput) GoString() string { - return s.String() -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *ListVPCAssociationAuthorizationsOutput) SetHostedZoneId(v string) *ListVPCAssociationAuthorizationsOutput { - s.HostedZoneId = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListVPCAssociationAuthorizationsOutput) SetNextToken(v string) *ListVPCAssociationAuthorizationsOutput { - s.NextToken = &v - return s -} - -// SetVPCs sets the VPCs field's value. -func (s *ListVPCAssociationAuthorizationsOutput) SetVPCs(v []*VPC) *ListVPCAssociationAuthorizationsOutput { - s.VPCs = v - return s -} - -// A complex type that contains information about the CIDR location. -type LocationSummary struct { - _ struct{} `type:"structure"` - - // A string that specifies a location name. - LocationName *string `min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LocationSummary) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LocationSummary) GoString() string { - return s.String() -} - -// SetLocationName sets the LocationName field's value. -func (s *LocationSummary) SetLocationName(v string) *LocationSummary { - s.LocationName = &v - return s -} - -// A complex type that contains information about a configuration for DNS query -// logging. -type QueryLoggingConfig struct { - _ struct{} `type:"structure"` - - // The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon - // Route 53 is publishing logs to. - // - // CloudWatchLogsLogGroupArn is a required field - CloudWatchLogsLogGroupArn *string `type:"string" required:"true"` - - // The ID of the hosted zone that CloudWatch Logs is logging queries for. - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` - - // The ID for a configuration for DNS query logging. - // - // Id is a required field - Id *string `min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s QueryLoggingConfig) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s QueryLoggingConfig) GoString() string { - return s.String() -} - -// SetCloudWatchLogsLogGroupArn sets the CloudWatchLogsLogGroupArn field's value. -func (s *QueryLoggingConfig) SetCloudWatchLogsLogGroupArn(v string) *QueryLoggingConfig { - s.CloudWatchLogsLogGroupArn = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *QueryLoggingConfig) SetHostedZoneId(v string) *QueryLoggingConfig { - s.HostedZoneId = &v - return s -} - -// SetId sets the Id field's value. -func (s *QueryLoggingConfig) SetId(v string) *QueryLoggingConfig { - s.Id = &v - return s -} - -// Information specific to the resource record. -// -// If you're creating an alias resource record set, omit ResourceRecord. -type ResourceRecord struct { - _ struct{} `type:"structure"` - - // The current or new DNS record value, not to exceed 4,000 characters. In the - // case of a DELETE action, if the current value does not match the actual value, - // an error is returned. For descriptions about how to format Value for different - // record types, see Supported DNS Resource Record Types (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) - // in the Amazon Route 53 Developer Guide. - // - // You can specify more than one value for all record types except CNAME and - // SOA. - // - // If you're creating an alias resource record set, omit Value. - // - // Value is a required field - Value *string `type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ResourceRecord) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ResourceRecord) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ResourceRecord) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ResourceRecord"} - if s.Value == nil { - invalidParams.Add(request.NewErrParamRequired("Value")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetValue sets the Value field's value. -func (s *ResourceRecord) SetValue(v string) *ResourceRecord { - s.Value = &v - return s -} - -// Information about the resource record set to create or delete. -type ResourceRecordSet struct { - _ struct{} `type:"structure"` - - // Alias resource record sets only: Information about the Amazon Web Services - // resource, such as a CloudFront distribution or an Amazon S3 bucket, that - // you want to route traffic to. - // - // If you're creating resource records sets for a private hosted zone, note - // the following: - // - // * You can't create an alias resource record set in a private hosted zone - // to route traffic to a CloudFront distribution. - // - // * For information about creating failover resource record sets in a private - // hosted zone, see Configuring Failover in a Private Hosted Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) - // in the Amazon Route 53 Developer Guide. - AliasTarget *AliasTarget `type:"structure"` - - // The object that is specified in resource record set object when you are linking - // a resource record set to a CIDR location. - // - // A LocationName with an asterisk “*” can be used to create a default CIDR - // record. CollectionId is still required for default record. - CidrRoutingConfig *CidrRoutingConfig `type:"structure"` - - // Failover resource record sets only: To configure failover, you add the Failover - // element to two resource record sets. For one resource record set, you specify - // PRIMARY as the value for Failover; for the other resource record set, you - // specify SECONDARY. In addition, you include the HealthCheckId element and - // specify the health check that you want Amazon Route 53 to perform for each - // resource record set. - // - // Except where noted, the following failover behaviors assume that you have - // included the HealthCheckId element in both resource record sets: - // - // * When the primary resource record set is healthy, Route 53 responds to - // DNS queries with the applicable value from the primary resource record - // set regardless of the health of the secondary resource record set. - // - // * When the primary resource record set is unhealthy and the secondary - // resource record set is healthy, Route 53 responds to DNS queries with - // the applicable value from the secondary resource record set. - // - // * When the secondary resource record set is unhealthy, Route 53 responds - // to DNS queries with the applicable value from the primary resource record - // set regardless of the health of the primary resource record set. - // - // * If you omit the HealthCheckId element for the secondary resource record - // set, and if the primary resource record set is unhealthy, Route 53 always - // responds to DNS queries with the applicable value from the secondary resource - // record set. This is true regardless of the health of the associated endpoint. - // - // You can't create non-failover resource record sets that have the same values - // for the Name and Type elements as failover resource record sets. - // - // For failover alias resource record sets, you must also include the EvaluateTargetHealth - // element and set the value to true. - // - // For more information about configuring failover for Route 53, see the following - // topics in the Amazon Route 53 Developer Guide: - // - // * Route 53 Health Checks and DNS Failover (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) - // - // * Configuring Failover in a Private Hosted Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) - Failover *string `type:"string" enum:"ResourceRecordSetFailover"` - - // Geolocation resource record sets only: A complex type that lets you control - // how Amazon Route 53 responds to DNS queries based on the geographic origin - // of the query. For example, if you want all queries from Africa to be routed - // to a web server with an IP address of 192.0.2.111, create a resource record - // set with a Type of A and a ContinentCode of AF. - // - // If you create separate resource record sets for overlapping geographic regions - // (for example, one resource record set for a continent and one for a country - // on the same continent), priority goes to the smallest geographic region. - // This allows you to route most queries for a continent to one resource and - // to route queries for a country on that continent to a different resource. - // - // You can't create two geolocation resource record sets that specify the same - // geographic location. - // - // The value * in the CountryCode element matches all geographic locations that - // aren't specified in other geolocation resource record sets that have the - // same values for the Name and Type elements. - // - // Geolocation works by mapping IP addresses to locations. However, some IP - // addresses aren't mapped to geographic locations, so even if you create geolocation - // resource record sets that cover all seven continents, Route 53 will receive - // some DNS queries from locations that it can't identify. We recommend that - // you create a resource record set for which the value of CountryCode is *. - // Two groups of queries are routed to the resource that you specify in this - // record: queries that come from locations for which you haven't created geolocation - // resource record sets and queries from IP addresses that aren't mapped to - // a location. If you don't create a * resource record set, Route 53 returns - // a "no answer" response for queries from those locations. - // - // You can't create non-geolocation resource record sets that have the same - // values for the Name and Type elements as geolocation resource record sets. - GeoLocation *GeoLocation `type:"structure"` - - // GeoproximityLocation resource record sets only: A complex type that lets - // you control how Route 53 responds to DNS queries based on the geographic - // origin of the query and your resources. - GeoProximityLocation *GeoProximityLocation `type:"structure"` - - // If you want Amazon Route 53 to return this resource record set in response - // to a DNS query only when the status of a health check is healthy, include - // the HealthCheckId element and specify the ID of the applicable health check. - // - // Route 53 determines whether a resource record set is healthy based on one - // of the following: - // - // * By periodically sending a request to the endpoint that is specified - // in the health check - // - // * By aggregating the status of a specified group of health checks (calculated - // health checks) - // - // * By determining the current state of a CloudWatch alarm (CloudWatch metric - // health checks) - // - // Route 53 doesn't check the health of the endpoint that is specified in the - // resource record set, for example, the endpoint specified by the IP address - // in the Value element. When you add a HealthCheckId element to a resource - // record set, Route 53 checks the health of the endpoint that you specified - // in the health check. - // - // For more information, see the following topics in the Amazon Route 53 Developer - // Guide: - // - // * How Amazon Route 53 Determines Whether an Endpoint Is Healthy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) - // - // * Route 53 Health Checks and DNS Failover (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) - // - // * Configuring Failover in a Private Hosted Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) - // - // When to Specify HealthCheckId - // - // Specifying a value for HealthCheckId is useful only when Route 53 is choosing - // between two or more resource record sets to respond to a DNS query, and you - // want Route 53 to base the choice in part on the status of a health check. - // Configuring health checks makes sense only in the following configurations: - // - // * Non-alias resource record sets: You're checking the health of a group - // of non-alias resource record sets that have the same routing policy, name, - // and type (such as multiple weighted records named www.example.com with - // a type of A) and you specify health check IDs for all the resource record - // sets. If the health check status for a resource record set is healthy, - // Route 53 includes the record among the records that it responds to DNS - // queries with. If the health check status for a resource record set is - // unhealthy, Route 53 stops responding to DNS queries using the value for - // that resource record set. If the health check status for all resource - // record sets in the group is unhealthy, Route 53 considers all resource - // record sets in the group healthy and responds to DNS queries accordingly. - // - // * Alias resource record sets: You specify the following settings: You - // set EvaluateTargetHealth to true for an alias resource record set in a - // group of resource record sets that have the same routing policy, name, - // and type (such as multiple weighted records named www.example.com with - // a type of A). You configure the alias resource record set to route traffic - // to a non-alias resource record set in the same hosted zone. You specify - // a health check ID for the non-alias resource record set. If the health - // check status is healthy, Route 53 considers the alias resource record - // set to be healthy and includes the alias record among the records that - // it responds to DNS queries with. If the health check status is unhealthy, - // Route 53 stops responding to DNS queries using the alias resource record - // set. The alias resource record set can also route traffic to a group of - // non-alias resource record sets that have the same routing policy, name, - // and type. In that configuration, associate health checks with all of the - // resource record sets in the group of non-alias resource record sets. - // - // Geolocation Routing - // - // For geolocation resource record sets, if an endpoint is unhealthy, Route - // 53 looks for a resource record set for the larger, associated geographic - // region. For example, suppose you have resource record sets for a state in - // the United States, for the entire United States, for North America, and a - // resource record set that has * for CountryCode is *, which applies to all - // locations. If the endpoint for the state resource record set is unhealthy, - // Route 53 checks for healthy resource record sets in the following order until - // it finds a resource record set for which the endpoint is healthy: - // - // * The United States - // - // * North America - // - // * The default resource record set - // - // Specifying the Health Check Endpoint by Domain Name - // - // If your health checks specify the endpoint only by domain name, we recommend - // that you create a separate health check for each endpoint. For example, create - // a health check for each HTTP server that is serving content for www.example.com. - // For the value of FullyQualifiedDomainName, specify the domain name of the - // server (such as us-east-2-www.example.com), not the name of the resource - // record sets (www.example.com). - // - // Health check results will be unpredictable if you do the following: - // - // * Create a health check that has the same value for FullyQualifiedDomainName - // as the name of a resource record set. - // - // * Associate that health check with the resource record set. - HealthCheckId *string `type:"string"` - - // Multivalue answer resource record sets only: To route traffic approximately - // randomly to multiple resources, such as web servers, create one multivalue - // answer record for each resource and specify true for MultiValueAnswer. Note - // the following: - // - // * If you associate a health check with a multivalue answer resource record - // set, Amazon Route 53 responds to DNS queries with the corresponding IP - // address only when the health check is healthy. - // - // * If you don't associate a health check with a multivalue answer record, - // Route 53 always considers the record to be healthy. - // - // * Route 53 responds to DNS queries with up to eight healthy records; if - // you have eight or fewer healthy records, Route 53 responds to all DNS - // queries with all the healthy records. - // - // * If you have more than eight healthy records, Route 53 responds to different - // DNS resolvers with different combinations of healthy records. - // - // * When all records are unhealthy, Route 53 responds to DNS queries with - // up to eight unhealthy records. - // - // * If a resource becomes unavailable after a resolver caches a response, - // client software typically tries another of the IP addresses in the response. - // - // You can't create multivalue answer alias records. - MultiValueAnswer *bool `type:"boolean"` - - // For ChangeResourceRecordSets requests, the name of the record that you want - // to create, update, or delete. For ListResourceRecordSets responses, the name - // of a record in the specified hosted zone. - // - // ChangeResourceRecordSets Only - // - // Enter a fully qualified domain name, for example, www.example.com. You can - // optionally include a trailing dot. If you omit the trailing dot, Amazon Route - // 53 assumes that the domain name that you specify is fully qualified. This - // means that Route 53 treats www.example.com (without a trailing dot) and www.example.com. - // (with a trailing dot) as identical. - // - // For information about how to specify characters other than a-z, 0-9, and - // - (hyphen) and how to specify internationalized domain names, see DNS Domain - // Name Format (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) - // in the Amazon Route 53 Developer Guide. - // - // You can use the asterisk (*) wildcard to replace the leftmost label in a - // domain name, for example, *.example.com. Note the following: - // - // * The * must replace the entire label. For example, you can't specify - // *prod.example.com or prod*.example.com. - // - // * The * can't replace any of the middle labels, for example, marketing.*.example.com. - // - // * If you include * in any position other than the leftmost label in a - // domain name, DNS treats it as an * character (ASCII 42), not as a wildcard. - // You can't use the * wildcard for resource records sets that have a type - // of NS. - // - // Name is a required field - Name *string `type:"string" required:"true"` - - // Latency-based resource record sets only: The Amazon EC2 Region where you - // created the resource that this resource record set refers to. The resource - // typically is an Amazon Web Services resource, such as an EC2 instance or - // an ELB load balancer, and is referred to by an IP address or a DNS domain - // name, depending on the record type. - // - // When Amazon Route 53 receives a DNS query for a domain name and type for - // which you have created latency resource record sets, Route 53 selects the - // latency resource record set that has the lowest latency between the end user - // and the associated Amazon EC2 Region. Route 53 then returns the value that - // is associated with the selected resource record set. - // - // Note the following: - // - // * You can only specify one ResourceRecord per latency resource record - // set. - // - // * You can only create one latency resource record set for each Amazon - // EC2 Region. - // - // * You aren't required to create latency resource record sets for all Amazon - // EC2 Regions. Route 53 will choose the region with the best latency from - // among the regions that you create latency resource record sets for. - // - // * You can't create non-latency resource record sets that have the same - // values for the Name and Type elements as latency resource record sets. - Region *string `min:"1" type:"string" enum:"ResourceRecordSetRegion"` - - // Information about the resource records to act upon. - // - // If you're creating an alias resource record set, omit ResourceRecords. - ResourceRecords []*ResourceRecord `locationNameList:"ResourceRecord" min:"1" type:"list"` - - // Resource record sets that have a routing policy other than simple: An identifier - // that differentiates among multiple resource record sets that have the same - // combination of name and type, such as multiple weighted resource record sets - // named acme.example.com that have a type of A. In a group of resource record - // sets that have the same name and type, the value of SetIdentifier must be - // unique for each resource record set. - // - // For information about routing policies, see Choosing a Routing Policy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) - // in the Amazon Route 53 Developer Guide. - SetIdentifier *string `min:"1" type:"string"` - - // The resource record cache time to live (TTL), in seconds. Note the following: - // - // * If you're creating or updating an alias resource record set, omit TTL. - // Amazon Route 53 uses the value of TTL for the alias target. - // - // * If you're associating this resource record set with a health check (if - // you're adding a HealthCheckId element), we recommend that you specify - // a TTL of 60 seconds or less so clients respond quickly to changes in health - // status. - // - // * All of the resource record sets in a group of weighted resource record - // sets must have the same value for TTL. - // - // * If a group of weighted resource record sets includes one or more weighted - // alias resource record sets for which the alias target is an ELB load balancer, - // we recommend that you specify a TTL of 60 seconds for all of the non-alias - // weighted resource record sets that have the same name and type. Values - // other than 60 seconds (the TTL for load balancers) will change the effect - // of the values that you specify for Weight. - TTL *int64 `type:"long"` - - // When you create a traffic policy instance, Amazon Route 53 automatically - // creates a resource record set. TrafficPolicyInstanceId is the ID of the traffic - // policy instance that Route 53 created this resource record set for. - // - // To delete the resource record set that is associated with a traffic policy - // instance, use DeleteTrafficPolicyInstance. Route 53 will delete the resource - // record set automatically. If you delete the resource record set by using - // ChangeResourceRecordSets, Route 53 doesn't automatically delete the traffic - // policy instance, and you'll continue to be charged for it even though it's - // no longer in use. - TrafficPolicyInstanceId *string `min:"1" type:"string"` - - // The DNS record type. For information about different record types and how - // data is encoded for them, see Supported DNS Resource Record Types (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) - // in the Amazon Route 53 Developer Guide. - // - // Valid values for basic resource record sets: A | AAAA | CAA | CNAME | DS - // |MX | NAPTR | NS | PTR | SOA | SPF | SRV | TXT - // - // Values for weighted, latency, geolocation, and failover resource record sets: - // A | AAAA | CAA | CNAME | MX | NAPTR | PTR | SPF | SRV | TXT. When creating - // a group of weighted, latency, geolocation, or failover resource record sets, - // specify the same value for all of the resource record sets in the group. - // - // Valid values for multivalue answer resource record sets: A | AAAA | MX | - // NAPTR | PTR | SPF | SRV | TXT - // - // SPF records were formerly used to verify the identity of the sender of email - // messages. However, we no longer recommend that you create resource record - // sets for which the value of Type is SPF. RFC 7208, Sender Policy Framework - // (SPF) for Authorizing Use of Domains in Email, Version 1, has been updated - // to say, "...[I]ts existence and mechanism defined in [RFC4408] have led to - // some interoperability issues. Accordingly, its use is no longer appropriate - // for SPF version 1; implementations are not to use it." In RFC 7208, see section - // 14.1, The SPF DNS Record Type (http://tools.ietf.org/html/rfc7208#section-14.1). - // - // Values for alias resource record sets: - // - // * Amazon API Gateway custom regional APIs and edge-optimized APIs: A - // - // * CloudFront distributions: A If IPv6 is enabled for the distribution, - // create two resource record sets to route traffic to your distribution, - // one with a value of A and one with a value of AAAA. - // - // * Amazon API Gateway environment that has a regionalized subdomain: A - // - // * ELB load balancers: A | AAAA - // - // * Amazon S3 buckets: A - // - // * Amazon Virtual Private Cloud interface VPC endpoints A - // - // * Another resource record set in this hosted zone: Specify the type of - // the resource record set that you're creating the alias for. All values - // are supported except NS and SOA. If you're creating an alias record that - // has the same name as the hosted zone (known as the zone apex), you can't - // route traffic to a record for which the value of Type is CNAME. This is - // because the alias record must have the same type as the record you're - // routing traffic to, and creating a CNAME record for the zone apex isn't - // supported even for an alias record. - // - // Type is a required field - Type *string `type:"string" required:"true" enum:"RRType"` - - // Weighted resource record sets only: Among resource record sets that have - // the same combination of DNS name and type, a value that determines the proportion - // of DNS queries that Amazon Route 53 responds to using the current resource - // record set. Route 53 calculates the sum of the weights for the resource record - // sets that have the same combination of DNS name and type. Route 53 then responds - // to queries based on the ratio of a resource's weight to the total. Note the - // following: - // - // * You must specify a value for the Weight element for every weighted resource - // record set. - // - // * You can only specify one ResourceRecord per weighted resource record - // set. - // - // * You can't create latency, failover, or geolocation resource record sets - // that have the same values for the Name and Type elements as weighted resource - // record sets. - // - // * You can create a maximum of 100 weighted resource record sets that have - // the same values for the Name and Type elements. - // - // * For weighted (but not weighted alias) resource record sets, if you set - // Weight to 0 for a resource record set, Route 53 never responds to queries - // with the applicable value for that resource record set. However, if you - // set Weight to 0 for all resource record sets that have the same combination - // of DNS name and type, traffic is routed to all resources with equal probability. - // The effect of setting Weight to 0 is different when you associate health - // checks with weighted resource record sets. For more information, see Options - // for Configuring Route 53 Active-Active and Active-Passive Failover (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) - // in the Amazon Route 53 Developer Guide. - Weight *int64 `type:"long"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ResourceRecordSet) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ResourceRecordSet) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ResourceRecordSet) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ResourceRecordSet"} - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Region != nil && len(*s.Region) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Region", 1)) - } - if s.ResourceRecords != nil && len(s.ResourceRecords) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceRecords", 1)) - } - if s.SetIdentifier != nil && len(*s.SetIdentifier) < 1 { - invalidParams.Add(request.NewErrParamMinLen("SetIdentifier", 1)) - } - if s.TrafficPolicyInstanceId != nil && len(*s.TrafficPolicyInstanceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TrafficPolicyInstanceId", 1)) - } - if s.Type == nil { - invalidParams.Add(request.NewErrParamRequired("Type")) - } - if s.AliasTarget != nil { - if err := s.AliasTarget.Validate(); err != nil { - invalidParams.AddNested("AliasTarget", err.(request.ErrInvalidParams)) - } - } - if s.CidrRoutingConfig != nil { - if err := s.CidrRoutingConfig.Validate(); err != nil { - invalidParams.AddNested("CidrRoutingConfig", err.(request.ErrInvalidParams)) - } - } - if s.GeoLocation != nil { - if err := s.GeoLocation.Validate(); err != nil { - invalidParams.AddNested("GeoLocation", err.(request.ErrInvalidParams)) - } - } - if s.GeoProximityLocation != nil { - if err := s.GeoProximityLocation.Validate(); err != nil { - invalidParams.AddNested("GeoProximityLocation", err.(request.ErrInvalidParams)) - } - } - if s.ResourceRecords != nil { - for i, v := range s.ResourceRecords { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ResourceRecords", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAliasTarget sets the AliasTarget field's value. -func (s *ResourceRecordSet) SetAliasTarget(v *AliasTarget) *ResourceRecordSet { - s.AliasTarget = v - return s -} - -// SetCidrRoutingConfig sets the CidrRoutingConfig field's value. -func (s *ResourceRecordSet) SetCidrRoutingConfig(v *CidrRoutingConfig) *ResourceRecordSet { - s.CidrRoutingConfig = v - return s -} - -// SetFailover sets the Failover field's value. -func (s *ResourceRecordSet) SetFailover(v string) *ResourceRecordSet { - s.Failover = &v - return s -} - -// SetGeoLocation sets the GeoLocation field's value. -func (s *ResourceRecordSet) SetGeoLocation(v *GeoLocation) *ResourceRecordSet { - s.GeoLocation = v - return s -} - -// SetGeoProximityLocation sets the GeoProximityLocation field's value. -func (s *ResourceRecordSet) SetGeoProximityLocation(v *GeoProximityLocation) *ResourceRecordSet { - s.GeoProximityLocation = v - return s -} - -// SetHealthCheckId sets the HealthCheckId field's value. -func (s *ResourceRecordSet) SetHealthCheckId(v string) *ResourceRecordSet { - s.HealthCheckId = &v - return s -} - -// SetMultiValueAnswer sets the MultiValueAnswer field's value. -func (s *ResourceRecordSet) SetMultiValueAnswer(v bool) *ResourceRecordSet { - s.MultiValueAnswer = &v - return s -} - -// SetName sets the Name field's value. -func (s *ResourceRecordSet) SetName(v string) *ResourceRecordSet { - s.Name = &v - return s -} - -// SetRegion sets the Region field's value. -func (s *ResourceRecordSet) SetRegion(v string) *ResourceRecordSet { - s.Region = &v - return s -} - -// SetResourceRecords sets the ResourceRecords field's value. -func (s *ResourceRecordSet) SetResourceRecords(v []*ResourceRecord) *ResourceRecordSet { - s.ResourceRecords = v - return s -} - -// SetSetIdentifier sets the SetIdentifier field's value. -func (s *ResourceRecordSet) SetSetIdentifier(v string) *ResourceRecordSet { - s.SetIdentifier = &v - return s -} - -// SetTTL sets the TTL field's value. -func (s *ResourceRecordSet) SetTTL(v int64) *ResourceRecordSet { - s.TTL = &v - return s -} - -// SetTrafficPolicyInstanceId sets the TrafficPolicyInstanceId field's value. -func (s *ResourceRecordSet) SetTrafficPolicyInstanceId(v string) *ResourceRecordSet { - s.TrafficPolicyInstanceId = &v - return s -} - -// SetType sets the Type field's value. -func (s *ResourceRecordSet) SetType(v string) *ResourceRecordSet { - s.Type = &v - return s -} - -// SetWeight sets the Weight field's value. -func (s *ResourceRecordSet) SetWeight(v int64) *ResourceRecordSet { - s.Weight = &v - return s -} - -// A complex type containing a resource and its associated tags. -type ResourceTagSet struct { - _ struct{} `type:"structure"` - - // The ID for the specified resource. - ResourceId *string `type:"string"` - - // The type of the resource. - // - // * The resource type for health checks is healthcheck. - // - // * The resource type for hosted zones is hostedzone. - ResourceType *string `type:"string" enum:"TagResourceType"` - - // The tags associated with the specified resource. - Tags []*Tag `locationNameList:"Tag" min:"1" type:"list"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ResourceTagSet) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ResourceTagSet) GoString() string { - return s.String() -} - -// SetResourceId sets the ResourceId field's value. -func (s *ResourceTagSet) SetResourceId(v string) *ResourceTagSet { - s.ResourceId = &v - return s -} - -// SetResourceType sets the ResourceType field's value. -func (s *ResourceTagSet) SetResourceType(v string) *ResourceTagSet { - s.ResourceType = &v - return s -} - -// SetTags sets the Tags field's value. -func (s *ResourceTagSet) SetTags(v []*Tag) *ResourceTagSet { - s.Tags = v - return s -} - -// A complex type that contains the type of limit that you specified in the -// request and the current value for that limit. -type ReusableDelegationSetLimit struct { - _ struct{} `type:"structure"` - - // The limit that you requested: MAX_ZONES_BY_REUSABLE_DELEGATION_SET, the maximum - // number of hosted zones that you can associate with the specified reusable - // delegation set. - // - // Type is a required field - Type *string `type:"string" required:"true" enum:"ReusableDelegationSetLimitType"` - - // The current value for the MAX_ZONES_BY_REUSABLE_DELEGATION_SET limit. - // - // Value is a required field - Value *int64 `min:"1" type:"long" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ReusableDelegationSetLimit) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ReusableDelegationSetLimit) GoString() string { - return s.String() -} - -// SetType sets the Type field's value. -func (s *ReusableDelegationSetLimit) SetType(v string) *ReusableDelegationSetLimit { - s.Type = &v - return s -} - -// SetValue sets the Value field's value. -func (s *ReusableDelegationSetLimit) SetValue(v int64) *ReusableDelegationSetLimit { - s.Value = &v - return s -} - -// A complex type that contains the status that one Amazon Route 53 health checker -// reports and the time of the health check. -type StatusReport struct { - _ struct{} `type:"structure"` - - // The date and time that the health checker performed the health check in ISO - // 8601 format (https://en.wikipedia.org/wiki/ISO_8601) and Coordinated Universal - // Time (UTC). For example, the value 2017-03-27T17:48:16.751Z represents March - // 27, 2017 at 17:48:16.751 UTC. - CheckedTime *time.Time `type:"timestamp"` - - // A description of the status of the health check endpoint as reported by one - // of the Amazon Route 53 health checkers. - Status *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s StatusReport) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s StatusReport) GoString() string { - return s.String() -} - -// SetCheckedTime sets the CheckedTime field's value. -func (s *StatusReport) SetCheckedTime(v time.Time) *StatusReport { - s.CheckedTime = &v - return s -} - -// SetStatus sets the Status field's value. -func (s *StatusReport) SetStatus(v string) *StatusReport { - s.Status = &v - return s -} - -// A complex type that contains information about a tag that you want to add -// or edit for the specified health check or hosted zone. -type Tag struct { - _ struct{} `type:"structure"` - - // The value of Key depends on the operation that you want to perform: - // - // * Add a tag to a health check or hosted zone: Key is the name that you - // want to give the new tag. - // - // * Edit a tag: Key is the name of the tag that you want to change the Value - // for. - // - // * Delete a key: Key is the name of the tag you want to remove. - // - // * Give a name to a health check: Edit the default Name tag. In the Amazon - // Route 53 console, the list of your health checks includes a Name column - // that lets you see the name that you've given to each health check. - Key *string `type:"string"` - - // The value of Value depends on the operation that you want to perform: - // - // * Add a tag to a health check or hosted zone: Value is the value that - // you want to give the new tag. - // - // * Edit a tag: Value is the new value that you want to assign the tag. - Value *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Tag) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Tag) GoString() string { - return s.String() -} - -// SetKey sets the Key field's value. -func (s *Tag) SetKey(v string) *Tag { - s.Key = &v - return s -} - -// SetValue sets the Value field's value. -func (s *Tag) SetValue(v string) *Tag { - s.Value = &v - return s -} - -// Gets the value that Amazon Route 53 returns in response to a DNS request -// for a specified record name and type. You can optionally specify the IP address -// of a DNS resolver, an EDNS0 client subnet IP address, and a subnet mask. -type TestDNSAnswerInput struct { - _ struct{} `locationName:"TestDNSAnswerRequest" type:"structure"` - - // If the resolver that you specified for resolverip supports EDNS0, specify - // the IPv4 or IPv6 address of a client in the applicable location, for example, - // 192.0.2.44 or 2001:db8:85a3::8a2e:370:7334. - EDNS0ClientSubnetIP *string `location:"querystring" locationName:"edns0clientsubnetip" type:"string"` - - // If you specify an IP address for edns0clientsubnetip, you can optionally - // specify the number of bits of the IP address that you want the checking tool - // to include in the DNS query. For example, if you specify 192.0.2.44 for edns0clientsubnetip - // and 24 for edns0clientsubnetmask, the checking tool will simulate a request - // from 192.0.2.0/24. The default value is 24 bits for IPv4 addresses and 64 - // bits for IPv6 addresses. - // - // The range of valid values depends on whether edns0clientsubnetip is an IPv4 - // or an IPv6 address: - // - // * IPv4: Specify a value between 0 and 32 - // - // * IPv6: Specify a value between 0 and 128 - EDNS0ClientSubnetMask *string `location:"querystring" locationName:"edns0clientsubnetmask" type:"string"` - - // The ID of the hosted zone that you want Amazon Route 53 to simulate a query - // for. - // - // HostedZoneId is a required field - HostedZoneId *string `location:"querystring" locationName:"hostedzoneid" type:"string" required:"true"` - - // The name of the resource record set that you want Amazon Route 53 to simulate - // a query for. - // - // RecordName is a required field - RecordName *string `location:"querystring" locationName:"recordname" type:"string" required:"true"` - - // The type of the resource record set. - // - // RecordType is a required field - RecordType *string `location:"querystring" locationName:"recordtype" type:"string" required:"true" enum:"RRType"` - - // If you want to simulate a request from a specific DNS resolver, specify the - // IP address for that resolver. If you omit this value, TestDnsAnswer uses - // the IP address of a DNS resolver in the Amazon Web Services US East (N. Virginia) - // Region (us-east-1). - ResolverIP *string `location:"querystring" locationName:"resolverip" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TestDNSAnswerInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TestDNSAnswerInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *TestDNSAnswerInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "TestDNSAnswerInput"} - if s.HostedZoneId == nil { - invalidParams.Add(request.NewErrParamRequired("HostedZoneId")) - } - if s.RecordName == nil { - invalidParams.Add(request.NewErrParamRequired("RecordName")) - } - if s.RecordType == nil { - invalidParams.Add(request.NewErrParamRequired("RecordType")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetEDNS0ClientSubnetIP sets the EDNS0ClientSubnetIP field's value. -func (s *TestDNSAnswerInput) SetEDNS0ClientSubnetIP(v string) *TestDNSAnswerInput { - s.EDNS0ClientSubnetIP = &v - return s -} - -// SetEDNS0ClientSubnetMask sets the EDNS0ClientSubnetMask field's value. -func (s *TestDNSAnswerInput) SetEDNS0ClientSubnetMask(v string) *TestDNSAnswerInput { - s.EDNS0ClientSubnetMask = &v - return s -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *TestDNSAnswerInput) SetHostedZoneId(v string) *TestDNSAnswerInput { - s.HostedZoneId = &v - return s -} - -// SetRecordName sets the RecordName field's value. -func (s *TestDNSAnswerInput) SetRecordName(v string) *TestDNSAnswerInput { - s.RecordName = &v - return s -} - -// SetRecordType sets the RecordType field's value. -func (s *TestDNSAnswerInput) SetRecordType(v string) *TestDNSAnswerInput { - s.RecordType = &v - return s -} - -// SetResolverIP sets the ResolverIP field's value. -func (s *TestDNSAnswerInput) SetResolverIP(v string) *TestDNSAnswerInput { - s.ResolverIP = &v - return s -} - -// A complex type that contains the response to a TestDNSAnswer request. -type TestDNSAnswerOutput struct { - _ struct{} `type:"structure"` - - // The Amazon Route 53 name server used to respond to the request. - // - // Nameserver is a required field - Nameserver *string `type:"string" required:"true"` - - // The protocol that Amazon Route 53 used to respond to the request, either - // UDP or TCP. - // - // Protocol is a required field - Protocol *string `type:"string" required:"true"` - - // A list that contains values that Amazon Route 53 returned for this resource - // record set. - // - // RecordData is a required field - RecordData []*string `locationNameList:"RecordDataEntry" type:"list" required:"true"` - - // The name of the resource record set that you submitted a request for. - // - // RecordName is a required field - RecordName *string `type:"string" required:"true"` - - // The type of the resource record set that you submitted a request for. - // - // RecordType is a required field - RecordType *string `type:"string" required:"true" enum:"RRType"` - - // A code that indicates whether the request is valid or not. The most common - // response code is NOERROR, meaning that the request is valid. If the response - // is not valid, Amazon Route 53 returns a response code that describes the - // error. For a list of possible response codes, see DNS RCODES (http://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml#dns-parameters-6) - // on the IANA website. - // - // ResponseCode is a required field - ResponseCode *string `type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TestDNSAnswerOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TestDNSAnswerOutput) GoString() string { - return s.String() -} - -// SetNameserver sets the Nameserver field's value. -func (s *TestDNSAnswerOutput) SetNameserver(v string) *TestDNSAnswerOutput { - s.Nameserver = &v - return s -} - -// SetProtocol sets the Protocol field's value. -func (s *TestDNSAnswerOutput) SetProtocol(v string) *TestDNSAnswerOutput { - s.Protocol = &v - return s -} - -// SetRecordData sets the RecordData field's value. -func (s *TestDNSAnswerOutput) SetRecordData(v []*string) *TestDNSAnswerOutput { - s.RecordData = v - return s -} - -// SetRecordName sets the RecordName field's value. -func (s *TestDNSAnswerOutput) SetRecordName(v string) *TestDNSAnswerOutput { - s.RecordName = &v - return s -} - -// SetRecordType sets the RecordType field's value. -func (s *TestDNSAnswerOutput) SetRecordType(v string) *TestDNSAnswerOutput { - s.RecordType = &v - return s -} - -// SetResponseCode sets the ResponseCode field's value. -func (s *TestDNSAnswerOutput) SetResponseCode(v string) *TestDNSAnswerOutput { - s.ResponseCode = &v - return s -} - -// A complex type that contains settings for a traffic policy. -type TrafficPolicy struct { - _ struct{} `type:"structure"` - - // The comment that you specify in the CreateTrafficPolicy request, if any. - Comment *string `type:"string"` - - // The definition of a traffic policy in JSON format. You specify the JSON document - // to use for a new traffic policy in the CreateTrafficPolicy request. For more - // information about the JSON format, see Traffic Policy Document Format (https://docs.aws.amazon.com/Route53/latest/APIReference/api-policies-traffic-policy-document-format.html). - // - // Document is a required field - Document *string `type:"string" required:"true"` - - // The ID that Amazon Route 53 assigned to a traffic policy when you created - // it. - // - // Id is a required field - Id *string `min:"1" type:"string" required:"true"` - - // The name that you specified when you created the traffic policy. - // - // Name is a required field - Name *string `type:"string" required:"true"` - - // The DNS type of the resource record sets that Amazon Route 53 creates when - // you use a traffic policy to create a traffic policy instance. - // - // Type is a required field - Type *string `type:"string" required:"true" enum:"RRType"` - - // The version number that Amazon Route 53 assigns to a traffic policy. For - // a new traffic policy, the value of Version is always 1. - // - // Version is a required field - Version *int64 `min:"1" type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TrafficPolicy) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TrafficPolicy) GoString() string { - return s.String() -} - -// SetComment sets the Comment field's value. -func (s *TrafficPolicy) SetComment(v string) *TrafficPolicy { - s.Comment = &v - return s -} - -// SetDocument sets the Document field's value. -func (s *TrafficPolicy) SetDocument(v string) *TrafficPolicy { - s.Document = &v - return s -} - -// SetId sets the Id field's value. -func (s *TrafficPolicy) SetId(v string) *TrafficPolicy { - s.Id = &v - return s -} - -// SetName sets the Name field's value. -func (s *TrafficPolicy) SetName(v string) *TrafficPolicy { - s.Name = &v - return s -} - -// SetType sets the Type field's value. -func (s *TrafficPolicy) SetType(v string) *TrafficPolicy { - s.Type = &v - return s -} - -// SetVersion sets the Version field's value. -func (s *TrafficPolicy) SetVersion(v int64) *TrafficPolicy { - s.Version = &v - return s -} - -// A complex type that contains settings for the new traffic policy instance. -type TrafficPolicyInstance struct { - _ struct{} `type:"structure"` - - // The ID of the hosted zone that Amazon Route 53 created resource record sets - // in. - // - // HostedZoneId is a required field - HostedZoneId *string `type:"string" required:"true"` - - // The ID that Amazon Route 53 assigned to the new traffic policy instance. - // - // Id is a required field - Id *string `min:"1" type:"string" required:"true"` - - // If State is Failed, an explanation of the reason for the failure. If State - // is another value, Message is empty. - // - // Message is a required field - Message *string `type:"string" required:"true"` - - // The DNS name, such as www.example.com, for which Amazon Route 53 responds - // to queries by using the resource record sets that are associated with this - // traffic policy instance. - // - // Name is a required field - Name *string `type:"string" required:"true"` - - // The value of State is one of the following values: - // - // Applied - // - // Amazon Route 53 has finished creating resource record sets, and changes have - // propagated to all Route 53 edge locations. - // - // Creating - // - // Route 53 is creating the resource record sets. Use GetTrafficPolicyInstance - // to confirm that the CreateTrafficPolicyInstance request completed successfully. - // - // Failed - // - // Route 53 wasn't able to create or update the resource record sets. When the - // value of State is Failed, see Message for an explanation of what caused the - // request to fail. - // - // State is a required field - State *string `type:"string" required:"true"` - - // The TTL that Amazon Route 53 assigned to all of the resource record sets - // that it created in the specified hosted zone. - // - // TTL is a required field - TTL *int64 `type:"long" required:"true"` - - // The ID of the traffic policy that Amazon Route 53 used to create resource - // record sets in the specified hosted zone. - // - // TrafficPolicyId is a required field - TrafficPolicyId *string `min:"1" type:"string" required:"true"` - - // The DNS type that Amazon Route 53 assigned to all of the resource record - // sets that it created for this traffic policy instance. - // - // TrafficPolicyType is a required field - TrafficPolicyType *string `type:"string" required:"true" enum:"RRType"` - - // The version of the traffic policy that Amazon Route 53 used to create resource - // record sets in the specified hosted zone. - // - // TrafficPolicyVersion is a required field - TrafficPolicyVersion *int64 `min:"1" type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TrafficPolicyInstance) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TrafficPolicyInstance) GoString() string { - return s.String() -} - -// SetHostedZoneId sets the HostedZoneId field's value. -func (s *TrafficPolicyInstance) SetHostedZoneId(v string) *TrafficPolicyInstance { - s.HostedZoneId = &v - return s -} - -// SetId sets the Id field's value. -func (s *TrafficPolicyInstance) SetId(v string) *TrafficPolicyInstance { - s.Id = &v - return s -} - -// SetMessage sets the Message field's value. -func (s *TrafficPolicyInstance) SetMessage(v string) *TrafficPolicyInstance { - s.Message = &v - return s -} - -// SetName sets the Name field's value. -func (s *TrafficPolicyInstance) SetName(v string) *TrafficPolicyInstance { - s.Name = &v - return s -} - -// SetState sets the State field's value. -func (s *TrafficPolicyInstance) SetState(v string) *TrafficPolicyInstance { - s.State = &v - return s -} - -// SetTTL sets the TTL field's value. -func (s *TrafficPolicyInstance) SetTTL(v int64) *TrafficPolicyInstance { - s.TTL = &v - return s -} - -// SetTrafficPolicyId sets the TrafficPolicyId field's value. -func (s *TrafficPolicyInstance) SetTrafficPolicyId(v string) *TrafficPolicyInstance { - s.TrafficPolicyId = &v - return s -} - -// SetTrafficPolicyType sets the TrafficPolicyType field's value. -func (s *TrafficPolicyInstance) SetTrafficPolicyType(v string) *TrafficPolicyInstance { - s.TrafficPolicyType = &v - return s -} - -// SetTrafficPolicyVersion sets the TrafficPolicyVersion field's value. -func (s *TrafficPolicyInstance) SetTrafficPolicyVersion(v int64) *TrafficPolicyInstance { - s.TrafficPolicyVersion = &v - return s -} - -// A complex type that contains information about the latest version of one -// traffic policy that is associated with the current Amazon Web Services account. -type TrafficPolicySummary struct { - _ struct{} `type:"structure"` - - // The ID that Amazon Route 53 assigned to the traffic policy when you created - // it. - // - // Id is a required field - Id *string `min:"1" type:"string" required:"true"` - - // The version number of the latest version of the traffic policy. - // - // LatestVersion is a required field - LatestVersion *int64 `min:"1" type:"integer" required:"true"` - - // The name that you specified for the traffic policy when you created it. - // - // Name is a required field - Name *string `type:"string" required:"true"` - - // The number of traffic policies that are associated with the current Amazon - // Web Services account. - // - // TrafficPolicyCount is a required field - TrafficPolicyCount *int64 `min:"1" type:"integer" required:"true"` - - // The DNS type of the resource record sets that Amazon Route 53 creates when - // you use a traffic policy to create a traffic policy instance. - // - // Type is a required field - Type *string `type:"string" required:"true" enum:"RRType"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TrafficPolicySummary) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TrafficPolicySummary) GoString() string { - return s.String() -} - -// SetId sets the Id field's value. -func (s *TrafficPolicySummary) SetId(v string) *TrafficPolicySummary { - s.Id = &v - return s -} - -// SetLatestVersion sets the LatestVersion field's value. -func (s *TrafficPolicySummary) SetLatestVersion(v int64) *TrafficPolicySummary { - s.LatestVersion = &v - return s -} - -// SetName sets the Name field's value. -func (s *TrafficPolicySummary) SetName(v string) *TrafficPolicySummary { - s.Name = &v - return s -} - -// SetTrafficPolicyCount sets the TrafficPolicyCount field's value. -func (s *TrafficPolicySummary) SetTrafficPolicyCount(v int64) *TrafficPolicySummary { - s.TrafficPolicyCount = &v - return s -} - -// SetType sets the Type field's value. -func (s *TrafficPolicySummary) SetType(v string) *TrafficPolicySummary { - s.Type = &v - return s -} - -// A complex type that contains information about a request to update a health -// check. -type UpdateHealthCheckInput struct { - _ struct{} `locationName:"UpdateHealthCheckRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // A complex type that identifies the CloudWatch alarm that you want Amazon - // Route 53 health checkers to use to determine whether the specified health - // check is healthy. - AlarmIdentifier *AlarmIdentifier `type:"structure"` - - // A complex type that contains one ChildHealthCheck element for each health - // check that you want to associate with a CALCULATED health check. - ChildHealthChecks []*string `locationNameList:"ChildHealthCheck" type:"list"` - - // Stops Route 53 from performing health checks. When you disable a health check, - // here's what happens: - // - // * Health checks that check the health of endpoints: Route 53 stops submitting - // requests to your application, server, or other resource. - // - // * Calculated health checks: Route 53 stops aggregating the status of the - // referenced health checks. - // - // * Health checks that monitor CloudWatch alarms: Route 53 stops monitoring - // the corresponding CloudWatch metrics. - // - // After you disable a health check, Route 53 considers the status of the health - // check to always be healthy. If you configured DNS failover, Route 53 continues - // to route traffic to the corresponding resources. If you want to stop routing - // traffic to a resource, change the value of Inverted (https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-Inverted). - // - // Charges for a health check still apply when the health check is disabled. - // For more information, see Amazon Route 53 Pricing (http://aws.amazon.com/route53/pricing/). - Disabled *bool `type:"boolean"` - - // Specify whether you want Amazon Route 53 to send the value of FullyQualifiedDomainName - // to the endpoint in the client_hello message during TLS negotiation. This - // allows the endpoint to respond to HTTPS health check requests with the applicable - // SSL/TLS certificate. - // - // Some endpoints require that HTTPS requests include the host name in the client_hello - // message. If you don't enable SNI, the status of the health check will be - // SSL alert handshake_failure. A health check can also have that status for - // other reasons. If SNI is enabled and you're still getting the error, check - // the SSL/TLS configuration on your endpoint and confirm that your certificate - // is valid. - // - // The SSL/TLS certificate on your endpoint includes a domain name in the Common - // Name field and possibly several more in the Subject Alternative Names field. - // One of the domain names in the certificate should match the value that you - // specify for FullyQualifiedDomainName. If the endpoint responds to the client_hello - // message with a certificate that does not include the domain name that you - // specified in FullyQualifiedDomainName, a health checker will retry the handshake. - // In the second attempt, the health checker will omit FullyQualifiedDomainName - // from the client_hello message. - EnableSNI *bool `type:"boolean"` - - // The number of consecutive health checks that an endpoint must pass or fail - // for Amazon Route 53 to change the current status of the endpoint from unhealthy - // to healthy or vice versa. For more information, see How Amazon Route 53 Determines - // Whether an Endpoint Is Healthy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) - // in the Amazon Route 53 Developer Guide. - // - // If you don't specify a value for FailureThreshold, the default value is three - // health checks. - FailureThreshold *int64 `min:"1" type:"integer"` - - // Amazon Route 53 behavior depends on whether you specify a value for IPAddress. - // - // If a health check already has a value for IPAddress, you can change the value. - // However, you can't update an existing health check to add or remove the value - // of IPAddress. - // - // If you specify a value for IPAddress: - // - // Route 53 sends health check requests to the specified IPv4 or IPv6 address - // and passes the value of FullyQualifiedDomainName in the Host header for all - // health checks except TCP health checks. This is typically the fully qualified - // DNS name of the endpoint on which you want Route 53 to perform health checks. - // - // When Route 53 checks the health of an endpoint, here is how it constructs - // the Host header: - // - // * If you specify a value of 80 for Port and HTTP or HTTP_STR_MATCH for - // Type, Route 53 passes the value of FullyQualifiedDomainName to the endpoint - // in the Host header. - // - // * If you specify a value of 443 for Port and HTTPS or HTTPS_STR_MATCH - // for Type, Route 53 passes the value of FullyQualifiedDomainName to the - // endpoint in the Host header. - // - // * If you specify another value for Port and any value except TCP for Type, - // Route 53 passes FullyQualifiedDomainName:Port to the endpoint in the Host - // header. - // - // If you don't specify a value for FullyQualifiedDomainName, Route 53 substitutes - // the value of IPAddress in the Host header in each of the above cases. - // - // If you don't specify a value for IPAddress: - // - // If you don't specify a value for IPAddress, Route 53 sends a DNS request - // to the domain that you specify in FullyQualifiedDomainName at the interval - // you specify in RequestInterval. Using an IPv4 address that is returned by - // DNS, Route 53 then checks the health of the endpoint. - // - // If you don't specify a value for IPAddress, you can’t update the health - // check to remove the FullyQualifiedDomainName; if you don’t specify a value - // for IPAddress on creation, a FullyQualifiedDomainName is required. - // - // If you don't specify a value for IPAddress, Route 53 uses only IPv4 to send - // health checks to the endpoint. If there's no resource record set with a type - // of A for the name that you specify for FullyQualifiedDomainName, the health - // check fails with a "DNS resolution failed" error. - // - // If you want to check the health of weighted, latency, or failover resource - // record sets and you choose to specify the endpoint only by FullyQualifiedDomainName, - // we recommend that you create a separate health check for each endpoint. For - // example, create a health check for each HTTP server that is serving content - // for www.example.com. For the value of FullyQualifiedDomainName, specify the - // domain name of the server (such as us-east-2-www.example.com), not the name - // of the resource record sets (www.example.com). - // - // In this configuration, if the value of FullyQualifiedDomainName matches the - // name of the resource record sets and you then associate the health check - // with those resource record sets, health check results will be unpredictable. - // - // In addition, if the value of Type is HTTP, HTTPS, HTTP_STR_MATCH, or HTTPS_STR_MATCH, - // Route 53 passes the value of FullyQualifiedDomainName in the Host header, - // as it does when you specify a value for IPAddress. If the value of Type is - // TCP, Route 53 doesn't pass a Host header. - FullyQualifiedDomainName *string `type:"string"` - - // The ID for the health check for which you want detailed information. When - // you created the health check, CreateHealthCheck returned the ID in the response, - // in the HealthCheckId element. - // - // HealthCheckId is a required field - HealthCheckId *string `location:"uri" locationName:"HealthCheckId" type:"string" required:"true"` - - // A sequential counter that Amazon Route 53 sets to 1 when you create a health - // check and increments by 1 each time you update settings for the health check. - // - // We recommend that you use GetHealthCheck or ListHealthChecks to get the current - // value of HealthCheckVersion for the health check that you want to update, - // and that you include that value in your UpdateHealthCheck request. This prevents - // Route 53 from overwriting an intervening update: - // - // * If the value in the UpdateHealthCheck request matches the value of HealthCheckVersion - // in the health check, Route 53 updates the health check with the new settings. - // - // * If the value of HealthCheckVersion in the health check is greater, the - // health check was changed after you got the version number. Route 53 does - // not update the health check, and it returns a HealthCheckVersionMismatch - // error. - HealthCheckVersion *int64 `min:"1" type:"long"` - - // The number of child health checks that are associated with a CALCULATED health - // that Amazon Route 53 must consider healthy for the CALCULATED health check - // to be considered healthy. To specify the child health checks that you want - // to associate with a CALCULATED health check, use the ChildHealthChecks and - // ChildHealthCheck elements. - // - // Note the following: - // - // * If you specify a number greater than the number of child health checks, - // Route 53 always considers this health check to be unhealthy. - // - // * If you specify 0, Route 53 always considers this health check to be - // healthy. - HealthThreshold *int64 `type:"integer"` - - // The IPv4 or IPv6 IP address for the endpoint that you want Amazon Route 53 - // to perform health checks on. If you don't specify a value for IPAddress, - // Route 53 sends a DNS request to resolve the domain name that you specify - // in FullyQualifiedDomainName at the interval that you specify in RequestInterval. - // Using an IP address that is returned by DNS, Route 53 then checks the health - // of the endpoint. - // - // Use one of the following formats for the value of IPAddress: - // - // * IPv4 address: four values between 0 and 255, separated by periods (.), - // for example, 192.0.2.44. - // - // * IPv6 address: eight groups of four hexadecimal values, separated by - // colons (:), for example, 2001:0db8:85a3:0000:0000:abcd:0001:2345. You - // can also shorten IPv6 addresses as described in RFC 5952, for example, - // 2001:db8:85a3::abcd:1:2345. - // - // If the endpoint is an EC2 instance, we recommend that you create an Elastic - // IP address, associate it with your EC2 instance, and specify the Elastic - // IP address for IPAddress. This ensures that the IP address of your instance - // never changes. For more information, see the applicable documentation: - // - // * Linux: Elastic IP Addresses (EIP) (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) - // in the Amazon EC2 User Guide for Linux Instances - // - // * Windows: Elastic IP Addresses (EIP) (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-ip-addresses-eip.html) - // in the Amazon EC2 User Guide for Windows Instances - // - // If a health check already has a value for IPAddress, you can change the value. - // However, you can't update an existing health check to add or remove the value - // of IPAddress. - // - // For more information, see FullyQualifiedDomainName (https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName). - // - // Constraints: Route 53 can't check the health of endpoints for which the IP - // address is in local, private, non-routable, or multicast ranges. For more - // information about IP addresses for which you can't create health checks, - // see the following documents: - // - // * RFC 5735, Special Use IPv4 Addresses (https://tools.ietf.org/html/rfc5735) - // - // * RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space (https://tools.ietf.org/html/rfc6598) - // - // * RFC 5156, Special-Use IPv6 Addresses (https://tools.ietf.org/html/rfc5156) - IPAddress *string `type:"string"` - - // When CloudWatch has insufficient data about the metric to determine the alarm - // state, the status that you want Amazon Route 53 to assign to the health check: - // - // * Healthy: Route 53 considers the health check to be healthy. - // - // * Unhealthy: Route 53 considers the health check to be unhealthy. - // - // * LastKnownStatus: By default, Route 53 uses the status of the health - // check from the last time CloudWatch had sufficient data to determine the - // alarm state. For new health checks that have no last known status, the - // status for the health check is healthy. - InsufficientDataHealthStatus *string `type:"string" enum:"InsufficientDataHealthStatus"` - - // Specify whether you want Amazon Route 53 to invert the status of a health - // check, for example, to consider a health check unhealthy when it otherwise - // would be considered healthy. - Inverted *bool `type:"boolean"` - - // The port on the endpoint that you want Amazon Route 53 to perform health - // checks on. - // - // Don't specify a value for Port when you specify a value for Type of CLOUDWATCH_METRIC - // or CALCULATED. - Port *int64 `min:"1" type:"integer"` - - // A complex type that contains one Region element for each region that you - // want Amazon Route 53 health checkers to check the specified endpoint from. - Regions []*string `locationNameList:"Region" min:"3" type:"list" enum:"HealthCheckRegion"` - - // A complex type that contains one ResettableElementName element for each element - // that you want to reset to the default value. Valid values for ResettableElementName - // include the following: - // - // * ChildHealthChecks: Amazon Route 53 resets ChildHealthChecks (https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html#Route53-Type-HealthCheckConfig-ChildHealthChecks) - // to null. - // - // * FullyQualifiedDomainName: Route 53 resets FullyQualifiedDomainName (https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName). - // to null. - // - // * Regions: Route 53 resets the Regions (https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html#Route53-Type-HealthCheckConfig-Regions) - // list to the default set of regions. - // - // * ResourcePath: Route 53 resets ResourcePath (https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html#Route53-Type-HealthCheckConfig-ResourcePath) - // to null. - ResetElements []*string `locationNameList:"ResettableElementName" type:"list" enum:"ResettableElementName"` - - // The path that you want Amazon Route 53 to request when performing health - // checks. The path can be any value for which your endpoint will return an - // HTTP status code of 2xx or 3xx when the endpoint is healthy, for example - // the file /docs/route53-health-check.html. You can also include query string - // parameters, for example, /welcome.html?language=jp&login=y. - // - // Specify this value only if you want to change it. - ResourcePath *string `type:"string"` - - // If the value of Type is HTTP_STR_MATCH or HTTPS_STR_MATCH, the string that - // you want Amazon Route 53 to search for in the response body from the specified - // resource. If the string appears in the response body, Route 53 considers - // the resource healthy. (You can't change the value of Type when you update - // a health check.) - SearchString *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateHealthCheckInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateHealthCheckInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *UpdateHealthCheckInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "UpdateHealthCheckInput"} - if s.FailureThreshold != nil && *s.FailureThreshold < 1 { - invalidParams.Add(request.NewErrParamMinValue("FailureThreshold", 1)) - } - if s.HealthCheckId == nil { - invalidParams.Add(request.NewErrParamRequired("HealthCheckId")) - } - if s.HealthCheckId != nil && len(*s.HealthCheckId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("HealthCheckId", 1)) - } - if s.HealthCheckVersion != nil && *s.HealthCheckVersion < 1 { - invalidParams.Add(request.NewErrParamMinValue("HealthCheckVersion", 1)) - } - if s.Port != nil && *s.Port < 1 { - invalidParams.Add(request.NewErrParamMinValue("Port", 1)) - } - if s.Regions != nil && len(s.Regions) < 3 { - invalidParams.Add(request.NewErrParamMinLen("Regions", 3)) - } - if s.AlarmIdentifier != nil { - if err := s.AlarmIdentifier.Validate(); err != nil { - invalidParams.AddNested("AlarmIdentifier", err.(request.ErrInvalidParams)) - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAlarmIdentifier sets the AlarmIdentifier field's value. -func (s *UpdateHealthCheckInput) SetAlarmIdentifier(v *AlarmIdentifier) *UpdateHealthCheckInput { - s.AlarmIdentifier = v - return s -} - -// SetChildHealthChecks sets the ChildHealthChecks field's value. -func (s *UpdateHealthCheckInput) SetChildHealthChecks(v []*string) *UpdateHealthCheckInput { - s.ChildHealthChecks = v - return s -} - -// SetDisabled sets the Disabled field's value. -func (s *UpdateHealthCheckInput) SetDisabled(v bool) *UpdateHealthCheckInput { - s.Disabled = &v - return s -} - -// SetEnableSNI sets the EnableSNI field's value. -func (s *UpdateHealthCheckInput) SetEnableSNI(v bool) *UpdateHealthCheckInput { - s.EnableSNI = &v - return s -} - -// SetFailureThreshold sets the FailureThreshold field's value. -func (s *UpdateHealthCheckInput) SetFailureThreshold(v int64) *UpdateHealthCheckInput { - s.FailureThreshold = &v - return s -} - -// SetFullyQualifiedDomainName sets the FullyQualifiedDomainName field's value. -func (s *UpdateHealthCheckInput) SetFullyQualifiedDomainName(v string) *UpdateHealthCheckInput { - s.FullyQualifiedDomainName = &v - return s -} - -// SetHealthCheckId sets the HealthCheckId field's value. -func (s *UpdateHealthCheckInput) SetHealthCheckId(v string) *UpdateHealthCheckInput { - s.HealthCheckId = &v - return s -} - -// SetHealthCheckVersion sets the HealthCheckVersion field's value. -func (s *UpdateHealthCheckInput) SetHealthCheckVersion(v int64) *UpdateHealthCheckInput { - s.HealthCheckVersion = &v - return s -} - -// SetHealthThreshold sets the HealthThreshold field's value. -func (s *UpdateHealthCheckInput) SetHealthThreshold(v int64) *UpdateHealthCheckInput { - s.HealthThreshold = &v - return s -} - -// SetIPAddress sets the IPAddress field's value. -func (s *UpdateHealthCheckInput) SetIPAddress(v string) *UpdateHealthCheckInput { - s.IPAddress = &v - return s -} - -// SetInsufficientDataHealthStatus sets the InsufficientDataHealthStatus field's value. -func (s *UpdateHealthCheckInput) SetInsufficientDataHealthStatus(v string) *UpdateHealthCheckInput { - s.InsufficientDataHealthStatus = &v - return s -} - -// SetInverted sets the Inverted field's value. -func (s *UpdateHealthCheckInput) SetInverted(v bool) *UpdateHealthCheckInput { - s.Inverted = &v - return s -} - -// SetPort sets the Port field's value. -func (s *UpdateHealthCheckInput) SetPort(v int64) *UpdateHealthCheckInput { - s.Port = &v - return s -} - -// SetRegions sets the Regions field's value. -func (s *UpdateHealthCheckInput) SetRegions(v []*string) *UpdateHealthCheckInput { - s.Regions = v - return s -} - -// SetResetElements sets the ResetElements field's value. -func (s *UpdateHealthCheckInput) SetResetElements(v []*string) *UpdateHealthCheckInput { - s.ResetElements = v - return s -} - -// SetResourcePath sets the ResourcePath field's value. -func (s *UpdateHealthCheckInput) SetResourcePath(v string) *UpdateHealthCheckInput { - s.ResourcePath = &v - return s -} - -// SetSearchString sets the SearchString field's value. -func (s *UpdateHealthCheckInput) SetSearchString(v string) *UpdateHealthCheckInput { - s.SearchString = &v - return s -} - -// A complex type that contains the response to the UpdateHealthCheck request. -type UpdateHealthCheckOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains the response to an UpdateHealthCheck request. - // - // HealthCheck is a required field - HealthCheck *HealthCheck `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateHealthCheckOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateHealthCheckOutput) GoString() string { - return s.String() -} - -// SetHealthCheck sets the HealthCheck field's value. -func (s *UpdateHealthCheckOutput) SetHealthCheck(v *HealthCheck) *UpdateHealthCheckOutput { - s.HealthCheck = v - return s -} - -// A request to update the comment for a hosted zone. -type UpdateHostedZoneCommentInput struct { - _ struct{} `locationName:"UpdateHostedZoneCommentRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // The new comment for the hosted zone. If you don't specify a value for Comment, - // Amazon Route 53 deletes the existing value of the Comment element, if any. - Comment *string `type:"string"` - - // The ID for the hosted zone that you want to update the comment for. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateHostedZoneCommentInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateHostedZoneCommentInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *UpdateHostedZoneCommentInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "UpdateHostedZoneCommentInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetComment sets the Comment field's value. -func (s *UpdateHostedZoneCommentInput) SetComment(v string) *UpdateHostedZoneCommentInput { - s.Comment = &v - return s -} - -// SetId sets the Id field's value. -func (s *UpdateHostedZoneCommentInput) SetId(v string) *UpdateHostedZoneCommentInput { - s.Id = &v - return s -} - -// A complex type that contains the response to the UpdateHostedZoneComment -// request. -type UpdateHostedZoneCommentOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains the response to the UpdateHostedZoneComment - // request. - // - // HostedZone is a required field - HostedZone *HostedZone `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateHostedZoneCommentOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateHostedZoneCommentOutput) GoString() string { - return s.String() -} - -// SetHostedZone sets the HostedZone field's value. -func (s *UpdateHostedZoneCommentOutput) SetHostedZone(v *HostedZone) *UpdateHostedZoneCommentOutput { - s.HostedZone = v - return s -} - -// A complex type that contains information about the traffic policy that you -// want to update the comment for. -type UpdateTrafficPolicyCommentInput struct { - _ struct{} `locationName:"UpdateTrafficPolicyCommentRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // The new comment for the specified traffic policy and version. - // - // Comment is a required field - Comment *string `type:"string" required:"true"` - - // The value of Id for the traffic policy that you want to update the comment - // for. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` - - // The value of Version for the traffic policy that you want to update the comment - // for. - // - // Version is a required field - Version *int64 `location:"uri" locationName:"Version" min:"1" type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateTrafficPolicyCommentInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateTrafficPolicyCommentInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *UpdateTrafficPolicyCommentInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "UpdateTrafficPolicyCommentInput"} - if s.Comment == nil { - invalidParams.Add(request.NewErrParamRequired("Comment")) - } - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - if s.Version == nil { - invalidParams.Add(request.NewErrParamRequired("Version")) - } - if s.Version != nil && *s.Version < 1 { - invalidParams.Add(request.NewErrParamMinValue("Version", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetComment sets the Comment field's value. -func (s *UpdateTrafficPolicyCommentInput) SetComment(v string) *UpdateTrafficPolicyCommentInput { - s.Comment = &v - return s -} - -// SetId sets the Id field's value. -func (s *UpdateTrafficPolicyCommentInput) SetId(v string) *UpdateTrafficPolicyCommentInput { - s.Id = &v - return s -} - -// SetVersion sets the Version field's value. -func (s *UpdateTrafficPolicyCommentInput) SetVersion(v int64) *UpdateTrafficPolicyCommentInput { - s.Version = &v - return s -} - -// A complex type that contains the response information for the traffic policy. -type UpdateTrafficPolicyCommentOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains settings for the specified traffic policy. - // - // TrafficPolicy is a required field - TrafficPolicy *TrafficPolicy `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateTrafficPolicyCommentOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateTrafficPolicyCommentOutput) GoString() string { - return s.String() -} - -// SetTrafficPolicy sets the TrafficPolicy field's value. -func (s *UpdateTrafficPolicyCommentOutput) SetTrafficPolicy(v *TrafficPolicy) *UpdateTrafficPolicyCommentOutput { - s.TrafficPolicy = v - return s -} - -// A complex type that contains information about the resource record sets that -// you want to update based on a specified traffic policy instance. -type UpdateTrafficPolicyInstanceInput struct { - _ struct{} `locationName:"UpdateTrafficPolicyInstanceRequest" type:"structure" xmlURI:"https://route53.amazonaws.com/doc/2013-04-01/"` - - // The ID of the traffic policy instance that you want to update. - // - // Id is a required field - Id *string `location:"uri" locationName:"Id" min:"1" type:"string" required:"true"` - - // The TTL that you want Amazon Route 53 to assign to all of the updated resource - // record sets. - // - // TTL is a required field - TTL *int64 `type:"long" required:"true"` - - // The ID of the traffic policy that you want Amazon Route 53 to use to update - // resource record sets for the specified traffic policy instance. - // - // TrafficPolicyId is a required field - TrafficPolicyId *string `min:"1" type:"string" required:"true"` - - // The version of the traffic policy that you want Amazon Route 53 to use to - // update resource record sets for the specified traffic policy instance. - // - // TrafficPolicyVersion is a required field - TrafficPolicyVersion *int64 `min:"1" type:"integer" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateTrafficPolicyInstanceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateTrafficPolicyInstanceInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *UpdateTrafficPolicyInstanceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "UpdateTrafficPolicyInstanceInput"} - if s.Id == nil { - invalidParams.Add(request.NewErrParamRequired("Id")) - } - if s.Id != nil && len(*s.Id) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Id", 1)) - } - if s.TTL == nil { - invalidParams.Add(request.NewErrParamRequired("TTL")) - } - if s.TrafficPolicyId == nil { - invalidParams.Add(request.NewErrParamRequired("TrafficPolicyId")) - } - if s.TrafficPolicyId != nil && len(*s.TrafficPolicyId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TrafficPolicyId", 1)) - } - if s.TrafficPolicyVersion == nil { - invalidParams.Add(request.NewErrParamRequired("TrafficPolicyVersion")) - } - if s.TrafficPolicyVersion != nil && *s.TrafficPolicyVersion < 1 { - invalidParams.Add(request.NewErrParamMinValue("TrafficPolicyVersion", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetId sets the Id field's value. -func (s *UpdateTrafficPolicyInstanceInput) SetId(v string) *UpdateTrafficPolicyInstanceInput { - s.Id = &v - return s -} - -// SetTTL sets the TTL field's value. -func (s *UpdateTrafficPolicyInstanceInput) SetTTL(v int64) *UpdateTrafficPolicyInstanceInput { - s.TTL = &v - return s -} - -// SetTrafficPolicyId sets the TrafficPolicyId field's value. -func (s *UpdateTrafficPolicyInstanceInput) SetTrafficPolicyId(v string) *UpdateTrafficPolicyInstanceInput { - s.TrafficPolicyId = &v - return s -} - -// SetTrafficPolicyVersion sets the TrafficPolicyVersion field's value. -func (s *UpdateTrafficPolicyInstanceInput) SetTrafficPolicyVersion(v int64) *UpdateTrafficPolicyInstanceInput { - s.TrafficPolicyVersion = &v - return s -} - -// A complex type that contains information about the resource record sets that -// Amazon Route 53 created based on a specified traffic policy. -type UpdateTrafficPolicyInstanceOutput struct { - _ struct{} `type:"structure"` - - // A complex type that contains settings for the updated traffic policy instance. - // - // TrafficPolicyInstance is a required field - TrafficPolicyInstance *TrafficPolicyInstance `type:"structure" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateTrafficPolicyInstanceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UpdateTrafficPolicyInstanceOutput) GoString() string { - return s.String() -} - -// SetTrafficPolicyInstance sets the TrafficPolicyInstance field's value. -func (s *UpdateTrafficPolicyInstanceOutput) SetTrafficPolicyInstance(v *TrafficPolicyInstance) *UpdateTrafficPolicyInstanceOutput { - s.TrafficPolicyInstance = v - return s -} - -// (Private hosted zones only) A complex type that contains information about -// an Amazon VPC. -// -// If you associate a private hosted zone with an Amazon VPC when you make a -// CreateHostedZone (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateHostedZone.html) -// request, the following parameters are also required. -type VPC struct { - _ struct{} `type:"structure"` - - // (Private hosted zones only) The ID of an Amazon VPC. - VPCId *string `type:"string"` - - // (Private hosted zones only) The region that an Amazon VPC was created in. - VPCRegion *string `min:"1" type:"string" enum:"VPCRegion"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s VPC) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s VPC) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *VPC) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "VPC"} - if s.VPCRegion != nil && len(*s.VPCRegion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("VPCRegion", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetVPCId sets the VPCId field's value. -func (s *VPC) SetVPCId(v string) *VPC { - s.VPCId = &v - return s -} - -// SetVPCRegion sets the VPCRegion field's value. -func (s *VPC) SetVPCRegion(v string) *VPC { - s.VPCRegion = &v - return s -} - -const ( - // AccountLimitTypeMaxHealthChecksByOwner is a AccountLimitType enum value - AccountLimitTypeMaxHealthChecksByOwner = "MAX_HEALTH_CHECKS_BY_OWNER" - - // AccountLimitTypeMaxHostedZonesByOwner is a AccountLimitType enum value - AccountLimitTypeMaxHostedZonesByOwner = "MAX_HOSTED_ZONES_BY_OWNER" - - // AccountLimitTypeMaxTrafficPolicyInstancesByOwner is a AccountLimitType enum value - AccountLimitTypeMaxTrafficPolicyInstancesByOwner = "MAX_TRAFFIC_POLICY_INSTANCES_BY_OWNER" - - // AccountLimitTypeMaxReusableDelegationSetsByOwner is a AccountLimitType enum value - AccountLimitTypeMaxReusableDelegationSetsByOwner = "MAX_REUSABLE_DELEGATION_SETS_BY_OWNER" - - // AccountLimitTypeMaxTrafficPoliciesByOwner is a AccountLimitType enum value - AccountLimitTypeMaxTrafficPoliciesByOwner = "MAX_TRAFFIC_POLICIES_BY_OWNER" -) - -// AccountLimitType_Values returns all elements of the AccountLimitType enum -func AccountLimitType_Values() []string { - return []string{ - AccountLimitTypeMaxHealthChecksByOwner, - AccountLimitTypeMaxHostedZonesByOwner, - AccountLimitTypeMaxTrafficPolicyInstancesByOwner, - AccountLimitTypeMaxReusableDelegationSetsByOwner, - AccountLimitTypeMaxTrafficPoliciesByOwner, - } -} - -const ( - // ChangeActionCreate is a ChangeAction enum value - ChangeActionCreate = "CREATE" - - // ChangeActionDelete is a ChangeAction enum value - ChangeActionDelete = "DELETE" - - // ChangeActionUpsert is a ChangeAction enum value - ChangeActionUpsert = "UPSERT" -) - -// ChangeAction_Values returns all elements of the ChangeAction enum -func ChangeAction_Values() []string { - return []string{ - ChangeActionCreate, - ChangeActionDelete, - ChangeActionUpsert, - } -} - -const ( - // ChangeStatusPending is a ChangeStatus enum value - ChangeStatusPending = "PENDING" - - // ChangeStatusInsync is a ChangeStatus enum value - ChangeStatusInsync = "INSYNC" -) - -// ChangeStatus_Values returns all elements of the ChangeStatus enum -func ChangeStatus_Values() []string { - return []string{ - ChangeStatusPending, - ChangeStatusInsync, - } -} - -const ( - // CidrCollectionChangeActionPut is a CidrCollectionChangeAction enum value - CidrCollectionChangeActionPut = "PUT" - - // CidrCollectionChangeActionDeleteIfExists is a CidrCollectionChangeAction enum value - CidrCollectionChangeActionDeleteIfExists = "DELETE_IF_EXISTS" -) - -// CidrCollectionChangeAction_Values returns all elements of the CidrCollectionChangeAction enum -func CidrCollectionChangeAction_Values() []string { - return []string{ - CidrCollectionChangeActionPut, - CidrCollectionChangeActionDeleteIfExists, - } -} - -const ( - // CloudWatchRegionUsEast1 is a CloudWatchRegion enum value - CloudWatchRegionUsEast1 = "us-east-1" - - // CloudWatchRegionUsEast2 is a CloudWatchRegion enum value - CloudWatchRegionUsEast2 = "us-east-2" - - // CloudWatchRegionUsWest1 is a CloudWatchRegion enum value - CloudWatchRegionUsWest1 = "us-west-1" - - // CloudWatchRegionUsWest2 is a CloudWatchRegion enum value - CloudWatchRegionUsWest2 = "us-west-2" - - // CloudWatchRegionCaCentral1 is a CloudWatchRegion enum value - CloudWatchRegionCaCentral1 = "ca-central-1" - - // CloudWatchRegionEuCentral1 is a CloudWatchRegion enum value - CloudWatchRegionEuCentral1 = "eu-central-1" - - // CloudWatchRegionEuCentral2 is a CloudWatchRegion enum value - CloudWatchRegionEuCentral2 = "eu-central-2" - - // CloudWatchRegionEuWest1 is a CloudWatchRegion enum value - CloudWatchRegionEuWest1 = "eu-west-1" - - // CloudWatchRegionEuWest2 is a CloudWatchRegion enum value - CloudWatchRegionEuWest2 = "eu-west-2" - - // CloudWatchRegionEuWest3 is a CloudWatchRegion enum value - CloudWatchRegionEuWest3 = "eu-west-3" - - // CloudWatchRegionApEast1 is a CloudWatchRegion enum value - CloudWatchRegionApEast1 = "ap-east-1" - - // CloudWatchRegionMeSouth1 is a CloudWatchRegion enum value - CloudWatchRegionMeSouth1 = "me-south-1" - - // CloudWatchRegionMeCentral1 is a CloudWatchRegion enum value - CloudWatchRegionMeCentral1 = "me-central-1" - - // CloudWatchRegionApSouth1 is a CloudWatchRegion enum value - CloudWatchRegionApSouth1 = "ap-south-1" - - // CloudWatchRegionApSouth2 is a CloudWatchRegion enum value - CloudWatchRegionApSouth2 = "ap-south-2" - - // CloudWatchRegionApSoutheast1 is a CloudWatchRegion enum value - CloudWatchRegionApSoutheast1 = "ap-southeast-1" - - // CloudWatchRegionApSoutheast2 is a CloudWatchRegion enum value - CloudWatchRegionApSoutheast2 = "ap-southeast-2" - - // CloudWatchRegionApSoutheast3 is a CloudWatchRegion enum value - CloudWatchRegionApSoutheast3 = "ap-southeast-3" - - // CloudWatchRegionApNortheast1 is a CloudWatchRegion enum value - CloudWatchRegionApNortheast1 = "ap-northeast-1" - - // CloudWatchRegionApNortheast2 is a CloudWatchRegion enum value - CloudWatchRegionApNortheast2 = "ap-northeast-2" - - // CloudWatchRegionApNortheast3 is a CloudWatchRegion enum value - CloudWatchRegionApNortheast3 = "ap-northeast-3" - - // CloudWatchRegionEuNorth1 is a CloudWatchRegion enum value - CloudWatchRegionEuNorth1 = "eu-north-1" - - // CloudWatchRegionSaEast1 is a CloudWatchRegion enum value - CloudWatchRegionSaEast1 = "sa-east-1" - - // CloudWatchRegionCnNorthwest1 is a CloudWatchRegion enum value - CloudWatchRegionCnNorthwest1 = "cn-northwest-1" - - // CloudWatchRegionCnNorth1 is a CloudWatchRegion enum value - CloudWatchRegionCnNorth1 = "cn-north-1" - - // CloudWatchRegionAfSouth1 is a CloudWatchRegion enum value - CloudWatchRegionAfSouth1 = "af-south-1" - - // CloudWatchRegionEuSouth1 is a CloudWatchRegion enum value - CloudWatchRegionEuSouth1 = "eu-south-1" - - // CloudWatchRegionEuSouth2 is a CloudWatchRegion enum value - CloudWatchRegionEuSouth2 = "eu-south-2" - - // CloudWatchRegionUsGovWest1 is a CloudWatchRegion enum value - CloudWatchRegionUsGovWest1 = "us-gov-west-1" - - // CloudWatchRegionUsGovEast1 is a CloudWatchRegion enum value - CloudWatchRegionUsGovEast1 = "us-gov-east-1" - - // CloudWatchRegionUsIsoEast1 is a CloudWatchRegion enum value - CloudWatchRegionUsIsoEast1 = "us-iso-east-1" - - // CloudWatchRegionUsIsoWest1 is a CloudWatchRegion enum value - CloudWatchRegionUsIsoWest1 = "us-iso-west-1" - - // CloudWatchRegionUsIsobEast1 is a CloudWatchRegion enum value - CloudWatchRegionUsIsobEast1 = "us-isob-east-1" - - // CloudWatchRegionApSoutheast4 is a CloudWatchRegion enum value - CloudWatchRegionApSoutheast4 = "ap-southeast-4" - - // CloudWatchRegionIlCentral1 is a CloudWatchRegion enum value - CloudWatchRegionIlCentral1 = "il-central-1" - - // CloudWatchRegionCaWest1 is a CloudWatchRegion enum value - CloudWatchRegionCaWest1 = "ca-west-1" -) - -// CloudWatchRegion_Values returns all elements of the CloudWatchRegion enum -func CloudWatchRegion_Values() []string { - return []string{ - CloudWatchRegionUsEast1, - CloudWatchRegionUsEast2, - CloudWatchRegionUsWest1, - CloudWatchRegionUsWest2, - CloudWatchRegionCaCentral1, - CloudWatchRegionEuCentral1, - CloudWatchRegionEuCentral2, - CloudWatchRegionEuWest1, - CloudWatchRegionEuWest2, - CloudWatchRegionEuWest3, - CloudWatchRegionApEast1, - CloudWatchRegionMeSouth1, - CloudWatchRegionMeCentral1, - CloudWatchRegionApSouth1, - CloudWatchRegionApSouth2, - CloudWatchRegionApSoutheast1, - CloudWatchRegionApSoutheast2, - CloudWatchRegionApSoutheast3, - CloudWatchRegionApNortheast1, - CloudWatchRegionApNortheast2, - CloudWatchRegionApNortheast3, - CloudWatchRegionEuNorth1, - CloudWatchRegionSaEast1, - CloudWatchRegionCnNorthwest1, - CloudWatchRegionCnNorth1, - CloudWatchRegionAfSouth1, - CloudWatchRegionEuSouth1, - CloudWatchRegionEuSouth2, - CloudWatchRegionUsGovWest1, - CloudWatchRegionUsGovEast1, - CloudWatchRegionUsIsoEast1, - CloudWatchRegionUsIsoWest1, - CloudWatchRegionUsIsobEast1, - CloudWatchRegionApSoutheast4, - CloudWatchRegionIlCentral1, - CloudWatchRegionCaWest1, - } -} - -const ( - // ComparisonOperatorGreaterThanOrEqualToThreshold is a ComparisonOperator enum value - ComparisonOperatorGreaterThanOrEqualToThreshold = "GreaterThanOrEqualToThreshold" - - // ComparisonOperatorGreaterThanThreshold is a ComparisonOperator enum value - ComparisonOperatorGreaterThanThreshold = "GreaterThanThreshold" - - // ComparisonOperatorLessThanThreshold is a ComparisonOperator enum value - ComparisonOperatorLessThanThreshold = "LessThanThreshold" - - // ComparisonOperatorLessThanOrEqualToThreshold is a ComparisonOperator enum value - ComparisonOperatorLessThanOrEqualToThreshold = "LessThanOrEqualToThreshold" -) - -// ComparisonOperator_Values returns all elements of the ComparisonOperator enum -func ComparisonOperator_Values() []string { - return []string{ - ComparisonOperatorGreaterThanOrEqualToThreshold, - ComparisonOperatorGreaterThanThreshold, - ComparisonOperatorLessThanThreshold, - ComparisonOperatorLessThanOrEqualToThreshold, - } -} - -const ( - // HealthCheckRegionUsEast1 is a HealthCheckRegion enum value - HealthCheckRegionUsEast1 = "us-east-1" - - // HealthCheckRegionUsWest1 is a HealthCheckRegion enum value - HealthCheckRegionUsWest1 = "us-west-1" - - // HealthCheckRegionUsWest2 is a HealthCheckRegion enum value - HealthCheckRegionUsWest2 = "us-west-2" - - // HealthCheckRegionEuWest1 is a HealthCheckRegion enum value - HealthCheckRegionEuWest1 = "eu-west-1" - - // HealthCheckRegionApSoutheast1 is a HealthCheckRegion enum value - HealthCheckRegionApSoutheast1 = "ap-southeast-1" - - // HealthCheckRegionApSoutheast2 is a HealthCheckRegion enum value - HealthCheckRegionApSoutheast2 = "ap-southeast-2" - - // HealthCheckRegionApNortheast1 is a HealthCheckRegion enum value - HealthCheckRegionApNortheast1 = "ap-northeast-1" - - // HealthCheckRegionSaEast1 is a HealthCheckRegion enum value - HealthCheckRegionSaEast1 = "sa-east-1" -) - -// HealthCheckRegion_Values returns all elements of the HealthCheckRegion enum -func HealthCheckRegion_Values() []string { - return []string{ - HealthCheckRegionUsEast1, - HealthCheckRegionUsWest1, - HealthCheckRegionUsWest2, - HealthCheckRegionEuWest1, - HealthCheckRegionApSoutheast1, - HealthCheckRegionApSoutheast2, - HealthCheckRegionApNortheast1, - HealthCheckRegionSaEast1, - } -} - -const ( - // HealthCheckTypeHttp is a HealthCheckType enum value - HealthCheckTypeHttp = "HTTP" - - // HealthCheckTypeHttps is a HealthCheckType enum value - HealthCheckTypeHttps = "HTTPS" - - // HealthCheckTypeHttpStrMatch is a HealthCheckType enum value - HealthCheckTypeHttpStrMatch = "HTTP_STR_MATCH" - - // HealthCheckTypeHttpsStrMatch is a HealthCheckType enum value - HealthCheckTypeHttpsStrMatch = "HTTPS_STR_MATCH" - - // HealthCheckTypeTcp is a HealthCheckType enum value - HealthCheckTypeTcp = "TCP" - - // HealthCheckTypeCalculated is a HealthCheckType enum value - HealthCheckTypeCalculated = "CALCULATED" - - // HealthCheckTypeCloudwatchMetric is a HealthCheckType enum value - HealthCheckTypeCloudwatchMetric = "CLOUDWATCH_METRIC" - - // HealthCheckTypeRecoveryControl is a HealthCheckType enum value - HealthCheckTypeRecoveryControl = "RECOVERY_CONTROL" -) - -// HealthCheckType_Values returns all elements of the HealthCheckType enum -func HealthCheckType_Values() []string { - return []string{ - HealthCheckTypeHttp, - HealthCheckTypeHttps, - HealthCheckTypeHttpStrMatch, - HealthCheckTypeHttpsStrMatch, - HealthCheckTypeTcp, - HealthCheckTypeCalculated, - HealthCheckTypeCloudwatchMetric, - HealthCheckTypeRecoveryControl, - } -} - -const ( - // HostedZoneLimitTypeMaxRrsetsByZone is a HostedZoneLimitType enum value - HostedZoneLimitTypeMaxRrsetsByZone = "MAX_RRSETS_BY_ZONE" - - // HostedZoneLimitTypeMaxVpcsAssociatedByZone is a HostedZoneLimitType enum value - HostedZoneLimitTypeMaxVpcsAssociatedByZone = "MAX_VPCS_ASSOCIATED_BY_ZONE" -) - -// HostedZoneLimitType_Values returns all elements of the HostedZoneLimitType enum -func HostedZoneLimitType_Values() []string { - return []string{ - HostedZoneLimitTypeMaxRrsetsByZone, - HostedZoneLimitTypeMaxVpcsAssociatedByZone, - } -} - -const ( - // HostedZoneTypePrivateHostedZone is a HostedZoneType enum value - HostedZoneTypePrivateHostedZone = "PrivateHostedZone" -) - -// HostedZoneType_Values returns all elements of the HostedZoneType enum -func HostedZoneType_Values() []string { - return []string{ - HostedZoneTypePrivateHostedZone, - } -} - -const ( - // InsufficientDataHealthStatusHealthy is a InsufficientDataHealthStatus enum value - InsufficientDataHealthStatusHealthy = "Healthy" - - // InsufficientDataHealthStatusUnhealthy is a InsufficientDataHealthStatus enum value - InsufficientDataHealthStatusUnhealthy = "Unhealthy" - - // InsufficientDataHealthStatusLastKnownStatus is a InsufficientDataHealthStatus enum value - InsufficientDataHealthStatusLastKnownStatus = "LastKnownStatus" -) - -// InsufficientDataHealthStatus_Values returns all elements of the InsufficientDataHealthStatus enum -func InsufficientDataHealthStatus_Values() []string { - return []string{ - InsufficientDataHealthStatusHealthy, - InsufficientDataHealthStatusUnhealthy, - InsufficientDataHealthStatusLastKnownStatus, - } -} - -const ( - // RRTypeSoa is a RRType enum value - RRTypeSoa = "SOA" - - // RRTypeA is a RRType enum value - RRTypeA = "A" - - // RRTypeTxt is a RRType enum value - RRTypeTxt = "TXT" - - // RRTypeNs is a RRType enum value - RRTypeNs = "NS" - - // RRTypeCname is a RRType enum value - RRTypeCname = "CNAME" - - // RRTypeMx is a RRType enum value - RRTypeMx = "MX" - - // RRTypeNaptr is a RRType enum value - RRTypeNaptr = "NAPTR" - - // RRTypePtr is a RRType enum value - RRTypePtr = "PTR" - - // RRTypeSrv is a RRType enum value - RRTypeSrv = "SRV" - - // RRTypeSpf is a RRType enum value - RRTypeSpf = "SPF" - - // RRTypeAaaa is a RRType enum value - RRTypeAaaa = "AAAA" - - // RRTypeCaa is a RRType enum value - RRTypeCaa = "CAA" - - // RRTypeDs is a RRType enum value - RRTypeDs = "DS" -) - -// RRType_Values returns all elements of the RRType enum -func RRType_Values() []string { - return []string{ - RRTypeSoa, - RRTypeA, - RRTypeTxt, - RRTypeNs, - RRTypeCname, - RRTypeMx, - RRTypeNaptr, - RRTypePtr, - RRTypeSrv, - RRTypeSpf, - RRTypeAaaa, - RRTypeCaa, - RRTypeDs, - } -} - -const ( - // ResettableElementNameFullyQualifiedDomainName is a ResettableElementName enum value - ResettableElementNameFullyQualifiedDomainName = "FullyQualifiedDomainName" - - // ResettableElementNameRegions is a ResettableElementName enum value - ResettableElementNameRegions = "Regions" - - // ResettableElementNameResourcePath is a ResettableElementName enum value - ResettableElementNameResourcePath = "ResourcePath" - - // ResettableElementNameChildHealthChecks is a ResettableElementName enum value - ResettableElementNameChildHealthChecks = "ChildHealthChecks" -) - -// ResettableElementName_Values returns all elements of the ResettableElementName enum -func ResettableElementName_Values() []string { - return []string{ - ResettableElementNameFullyQualifiedDomainName, - ResettableElementNameRegions, - ResettableElementNameResourcePath, - ResettableElementNameChildHealthChecks, - } -} - -const ( - // ResourceRecordSetFailoverPrimary is a ResourceRecordSetFailover enum value - ResourceRecordSetFailoverPrimary = "PRIMARY" - - // ResourceRecordSetFailoverSecondary is a ResourceRecordSetFailover enum value - ResourceRecordSetFailoverSecondary = "SECONDARY" -) - -// ResourceRecordSetFailover_Values returns all elements of the ResourceRecordSetFailover enum -func ResourceRecordSetFailover_Values() []string { - return []string{ - ResourceRecordSetFailoverPrimary, - ResourceRecordSetFailoverSecondary, - } -} - -const ( - // ResourceRecordSetRegionUsEast1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionUsEast1 = "us-east-1" - - // ResourceRecordSetRegionUsEast2 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionUsEast2 = "us-east-2" - - // ResourceRecordSetRegionUsWest1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionUsWest1 = "us-west-1" - - // ResourceRecordSetRegionUsWest2 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionUsWest2 = "us-west-2" - - // ResourceRecordSetRegionCaCentral1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionCaCentral1 = "ca-central-1" - - // ResourceRecordSetRegionEuWest1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionEuWest1 = "eu-west-1" - - // ResourceRecordSetRegionEuWest2 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionEuWest2 = "eu-west-2" - - // ResourceRecordSetRegionEuWest3 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionEuWest3 = "eu-west-3" - - // ResourceRecordSetRegionEuCentral1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionEuCentral1 = "eu-central-1" - - // ResourceRecordSetRegionEuCentral2 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionEuCentral2 = "eu-central-2" - - // ResourceRecordSetRegionApSoutheast1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApSoutheast1 = "ap-southeast-1" - - // ResourceRecordSetRegionApSoutheast2 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApSoutheast2 = "ap-southeast-2" - - // ResourceRecordSetRegionApSoutheast3 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApSoutheast3 = "ap-southeast-3" - - // ResourceRecordSetRegionApNortheast1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApNortheast1 = "ap-northeast-1" - - // ResourceRecordSetRegionApNortheast2 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApNortheast2 = "ap-northeast-2" - - // ResourceRecordSetRegionApNortheast3 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApNortheast3 = "ap-northeast-3" - - // ResourceRecordSetRegionEuNorth1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionEuNorth1 = "eu-north-1" - - // ResourceRecordSetRegionSaEast1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionSaEast1 = "sa-east-1" - - // ResourceRecordSetRegionCnNorth1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionCnNorth1 = "cn-north-1" - - // ResourceRecordSetRegionCnNorthwest1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionCnNorthwest1 = "cn-northwest-1" - - // ResourceRecordSetRegionApEast1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApEast1 = "ap-east-1" - - // ResourceRecordSetRegionMeSouth1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionMeSouth1 = "me-south-1" - - // ResourceRecordSetRegionMeCentral1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionMeCentral1 = "me-central-1" - - // ResourceRecordSetRegionApSouth1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApSouth1 = "ap-south-1" - - // ResourceRecordSetRegionApSouth2 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApSouth2 = "ap-south-2" - - // ResourceRecordSetRegionAfSouth1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionAfSouth1 = "af-south-1" - - // ResourceRecordSetRegionEuSouth1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionEuSouth1 = "eu-south-1" - - // ResourceRecordSetRegionEuSouth2 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionEuSouth2 = "eu-south-2" - - // ResourceRecordSetRegionApSoutheast4 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionApSoutheast4 = "ap-southeast-4" - - // ResourceRecordSetRegionIlCentral1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionIlCentral1 = "il-central-1" - - // ResourceRecordSetRegionCaWest1 is a ResourceRecordSetRegion enum value - ResourceRecordSetRegionCaWest1 = "ca-west-1" -) - -// ResourceRecordSetRegion_Values returns all elements of the ResourceRecordSetRegion enum -func ResourceRecordSetRegion_Values() []string { - return []string{ - ResourceRecordSetRegionUsEast1, - ResourceRecordSetRegionUsEast2, - ResourceRecordSetRegionUsWest1, - ResourceRecordSetRegionUsWest2, - ResourceRecordSetRegionCaCentral1, - ResourceRecordSetRegionEuWest1, - ResourceRecordSetRegionEuWest2, - ResourceRecordSetRegionEuWest3, - ResourceRecordSetRegionEuCentral1, - ResourceRecordSetRegionEuCentral2, - ResourceRecordSetRegionApSoutheast1, - ResourceRecordSetRegionApSoutheast2, - ResourceRecordSetRegionApSoutheast3, - ResourceRecordSetRegionApNortheast1, - ResourceRecordSetRegionApNortheast2, - ResourceRecordSetRegionApNortheast3, - ResourceRecordSetRegionEuNorth1, - ResourceRecordSetRegionSaEast1, - ResourceRecordSetRegionCnNorth1, - ResourceRecordSetRegionCnNorthwest1, - ResourceRecordSetRegionApEast1, - ResourceRecordSetRegionMeSouth1, - ResourceRecordSetRegionMeCentral1, - ResourceRecordSetRegionApSouth1, - ResourceRecordSetRegionApSouth2, - ResourceRecordSetRegionAfSouth1, - ResourceRecordSetRegionEuSouth1, - ResourceRecordSetRegionEuSouth2, - ResourceRecordSetRegionApSoutheast4, - ResourceRecordSetRegionIlCentral1, - ResourceRecordSetRegionCaWest1, - } -} - -const ( - // ReusableDelegationSetLimitTypeMaxZonesByReusableDelegationSet is a ReusableDelegationSetLimitType enum value - ReusableDelegationSetLimitTypeMaxZonesByReusableDelegationSet = "MAX_ZONES_BY_REUSABLE_DELEGATION_SET" -) - -// ReusableDelegationSetLimitType_Values returns all elements of the ReusableDelegationSetLimitType enum -func ReusableDelegationSetLimitType_Values() []string { - return []string{ - ReusableDelegationSetLimitTypeMaxZonesByReusableDelegationSet, - } -} - -const ( - // StatisticAverage is a Statistic enum value - StatisticAverage = "Average" - - // StatisticSum is a Statistic enum value - StatisticSum = "Sum" - - // StatisticSampleCount is a Statistic enum value - StatisticSampleCount = "SampleCount" - - // StatisticMaximum is a Statistic enum value - StatisticMaximum = "Maximum" - - // StatisticMinimum is a Statistic enum value - StatisticMinimum = "Minimum" -) - -// Statistic_Values returns all elements of the Statistic enum -func Statistic_Values() []string { - return []string{ - StatisticAverage, - StatisticSum, - StatisticSampleCount, - StatisticMaximum, - StatisticMinimum, - } -} - -const ( - // TagResourceTypeHealthcheck is a TagResourceType enum value - TagResourceTypeHealthcheck = "healthcheck" - - // TagResourceTypeHostedzone is a TagResourceType enum value - TagResourceTypeHostedzone = "hostedzone" -) - -// TagResourceType_Values returns all elements of the TagResourceType enum -func TagResourceType_Values() []string { - return []string{ - TagResourceTypeHealthcheck, - TagResourceTypeHostedzone, - } -} - -const ( - // VPCRegionUsEast1 is a VPCRegion enum value - VPCRegionUsEast1 = "us-east-1" - - // VPCRegionUsEast2 is a VPCRegion enum value - VPCRegionUsEast2 = "us-east-2" - - // VPCRegionUsWest1 is a VPCRegion enum value - VPCRegionUsWest1 = "us-west-1" - - // VPCRegionUsWest2 is a VPCRegion enum value - VPCRegionUsWest2 = "us-west-2" - - // VPCRegionEuWest1 is a VPCRegion enum value - VPCRegionEuWest1 = "eu-west-1" - - // VPCRegionEuWest2 is a VPCRegion enum value - VPCRegionEuWest2 = "eu-west-2" - - // VPCRegionEuWest3 is a VPCRegion enum value - VPCRegionEuWest3 = "eu-west-3" - - // VPCRegionEuCentral1 is a VPCRegion enum value - VPCRegionEuCentral1 = "eu-central-1" - - // VPCRegionEuCentral2 is a VPCRegion enum value - VPCRegionEuCentral2 = "eu-central-2" - - // VPCRegionApEast1 is a VPCRegion enum value - VPCRegionApEast1 = "ap-east-1" - - // VPCRegionMeSouth1 is a VPCRegion enum value - VPCRegionMeSouth1 = "me-south-1" - - // VPCRegionUsGovWest1 is a VPCRegion enum value - VPCRegionUsGovWest1 = "us-gov-west-1" - - // VPCRegionUsGovEast1 is a VPCRegion enum value - VPCRegionUsGovEast1 = "us-gov-east-1" - - // VPCRegionUsIsoEast1 is a VPCRegion enum value - VPCRegionUsIsoEast1 = "us-iso-east-1" - - // VPCRegionUsIsoWest1 is a VPCRegion enum value - VPCRegionUsIsoWest1 = "us-iso-west-1" - - // VPCRegionUsIsobEast1 is a VPCRegion enum value - VPCRegionUsIsobEast1 = "us-isob-east-1" - - // VPCRegionMeCentral1 is a VPCRegion enum value - VPCRegionMeCentral1 = "me-central-1" - - // VPCRegionApSoutheast1 is a VPCRegion enum value - VPCRegionApSoutheast1 = "ap-southeast-1" - - // VPCRegionApSoutheast2 is a VPCRegion enum value - VPCRegionApSoutheast2 = "ap-southeast-2" - - // VPCRegionApSoutheast3 is a VPCRegion enum value - VPCRegionApSoutheast3 = "ap-southeast-3" - - // VPCRegionApSouth1 is a VPCRegion enum value - VPCRegionApSouth1 = "ap-south-1" - - // VPCRegionApSouth2 is a VPCRegion enum value - VPCRegionApSouth2 = "ap-south-2" - - // VPCRegionApNortheast1 is a VPCRegion enum value - VPCRegionApNortheast1 = "ap-northeast-1" - - // VPCRegionApNortheast2 is a VPCRegion enum value - VPCRegionApNortheast2 = "ap-northeast-2" - - // VPCRegionApNortheast3 is a VPCRegion enum value - VPCRegionApNortheast3 = "ap-northeast-3" - - // VPCRegionEuNorth1 is a VPCRegion enum value - VPCRegionEuNorth1 = "eu-north-1" - - // VPCRegionSaEast1 is a VPCRegion enum value - VPCRegionSaEast1 = "sa-east-1" - - // VPCRegionCaCentral1 is a VPCRegion enum value - VPCRegionCaCentral1 = "ca-central-1" - - // VPCRegionCnNorth1 is a VPCRegion enum value - VPCRegionCnNorth1 = "cn-north-1" - - // VPCRegionAfSouth1 is a VPCRegion enum value - VPCRegionAfSouth1 = "af-south-1" - - // VPCRegionEuSouth1 is a VPCRegion enum value - VPCRegionEuSouth1 = "eu-south-1" - - // VPCRegionEuSouth2 is a VPCRegion enum value - VPCRegionEuSouth2 = "eu-south-2" - - // VPCRegionApSoutheast4 is a VPCRegion enum value - VPCRegionApSoutheast4 = "ap-southeast-4" - - // VPCRegionIlCentral1 is a VPCRegion enum value - VPCRegionIlCentral1 = "il-central-1" - - // VPCRegionCaWest1 is a VPCRegion enum value - VPCRegionCaWest1 = "ca-west-1" -) - -// VPCRegion_Values returns all elements of the VPCRegion enum -func VPCRegion_Values() []string { - return []string{ - VPCRegionUsEast1, - VPCRegionUsEast2, - VPCRegionUsWest1, - VPCRegionUsWest2, - VPCRegionEuWest1, - VPCRegionEuWest2, - VPCRegionEuWest3, - VPCRegionEuCentral1, - VPCRegionEuCentral2, - VPCRegionApEast1, - VPCRegionMeSouth1, - VPCRegionUsGovWest1, - VPCRegionUsGovEast1, - VPCRegionUsIsoEast1, - VPCRegionUsIsoWest1, - VPCRegionUsIsobEast1, - VPCRegionMeCentral1, - VPCRegionApSoutheast1, - VPCRegionApSoutheast2, - VPCRegionApSoutheast3, - VPCRegionApSouth1, - VPCRegionApSouth2, - VPCRegionApNortheast1, - VPCRegionApNortheast2, - VPCRegionApNortheast3, - VPCRegionEuNorth1, - VPCRegionSaEast1, - VPCRegionCaCentral1, - VPCRegionCnNorth1, - VPCRegionAfSouth1, - VPCRegionEuSouth1, - VPCRegionEuSouth2, - VPCRegionApSoutheast4, - VPCRegionIlCentral1, - VPCRegionCaWest1, - } -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/customizations.go b/vendor/github.com/aws/aws-sdk-go/service/route53/customizations.go deleted file mode 100644 index 7aca8722..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/customizations.go +++ /dev/null @@ -1,42 +0,0 @@ -package route53 - -import ( - "net/url" - "regexp" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/restxml" -) - -func init() { - initClient = func(c *client.Client) { - c.Handlers.Build.PushBack(sanitizeURL) - } - - initRequest = func(r *request.Request) { - switch r.Operation.Name { - case opChangeResourceRecordSets: - r.Handlers.UnmarshalError.Remove(restxml.UnmarshalErrorHandler) - r.Handlers.UnmarshalError.PushBack(unmarshalChangeResourceRecordSetsError) - } - } -} - -var reSanitizeURL = regexp.MustCompile(`\/%2F\w+%2F`) - -func sanitizeURL(r *request.Request) { - r.HTTPRequest.URL.RawPath = - reSanitizeURL.ReplaceAllString(r.HTTPRequest.URL.RawPath, "/") - - // Update Path so that it reflects the cleaned RawPath - updated, err := url.Parse(r.HTTPRequest.URL.RawPath) - if err != nil { - r.Error = awserr.New(request.ErrCodeSerialization, "failed to clean Route53 URL", err) - return - } - - // Take the updated path so the requests's URL Path has parity with RawPath. - r.HTTPRequest.URL.Path = updated.Path -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/doc.go b/vendor/github.com/aws/aws-sdk-go/service/route53/doc.go deleted file mode 100644 index 09a352bb..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/doc.go +++ /dev/null @@ -1,41 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -// Package route53 provides the client and types for making API -// requests to Amazon Route 53. -// -// Amazon Route 53 is a highly available and scalable Domain Name System (DNS) -// web service. -// -// You can use Route 53 to: -// -// - Register domain names. For more information, see How domain registration -// works (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-domain-registration.html). -// -// - Route internet traffic to the resources for your domain For more information, -// see How internet traffic is routed to your website or web application -// (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html). -// -// - Check the health of your resources. For more information, see How Route -// 53 checks the health of your resources (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-health-checks.html). -// -// See https://docs.aws.amazon.com/goto/WebAPI/route53-2013-04-01 for more information on this service. -// -// See route53 package documentation for more information. -// https://docs.aws.amazon.com/sdk-for-go/api/service/route53/ -// -// # Using the Client -// -// To contact Amazon Route 53 with the SDK use the New function to create -// a new service client. With that client you can make API requests to the service. -// These clients are safe to use concurrently. -// -// See the SDK's documentation for more information on how to use the SDK. -// https://docs.aws.amazon.com/sdk-for-go/api/ -// -// See aws.Config documentation for more information on configuring SDK clients. -// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config -// -// See the Amazon Route 53 client Route53 for more -// information on creating client for this service. -// https://docs.aws.amazon.com/sdk-for-go/api/service/route53/#New -package route53 diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/errors.go b/vendor/github.com/aws/aws-sdk-go/service/route53/errors.go deleted file mode 100644 index a124f212..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/errors.go +++ /dev/null @@ -1,561 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package route53 - -const ( - - // ErrCodeCidrBlockInUseException for service response error code - // "CidrBlockInUseException". - // - // This CIDR block is already in use. - ErrCodeCidrBlockInUseException = "CidrBlockInUseException" - - // ErrCodeCidrCollectionAlreadyExistsException for service response error code - // "CidrCollectionAlreadyExistsException". - // - // A CIDR collection with this name and a different caller reference already - // exists in this account. - ErrCodeCidrCollectionAlreadyExistsException = "CidrCollectionAlreadyExistsException" - - // ErrCodeCidrCollectionInUseException for service response error code - // "CidrCollectionInUseException". - // - // This CIDR collection is in use, and isn't empty. - ErrCodeCidrCollectionInUseException = "CidrCollectionInUseException" - - // ErrCodeCidrCollectionVersionMismatchException for service response error code - // "CidrCollectionVersionMismatchException". - // - // The CIDR collection version you provided, doesn't match the one in the ListCidrCollections - // operation. - ErrCodeCidrCollectionVersionMismatchException = "CidrCollectionVersionMismatchException" - - // ErrCodeConcurrentModification for service response error code - // "ConcurrentModification". - // - // Another user submitted a request to create, update, or delete the object - // at the same time that you did. Retry the request. - ErrCodeConcurrentModification = "ConcurrentModification" - - // ErrCodeConflictingDomainExists for service response error code - // "ConflictingDomainExists". - // - // The cause of this error depends on the operation that you're performing: - // - // * Create a public hosted zone: Two hosted zones that have the same name - // or that have a parent/child relationship (example.com and test.example.com) - // can't have any common name servers. You tried to create a hosted zone - // that has the same name as an existing hosted zone or that's the parent - // or child of an existing hosted zone, and you specified a delegation set - // that shares one or more name servers with the existing hosted zone. For - // more information, see CreateReusableDelegationSet (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html). - // - // * Create a private hosted zone: A hosted zone with the specified name - // already exists and is already associated with the Amazon VPC that you - // specified. - // - // * Associate VPCs with a private hosted zone: The VPC that you specified - // is already associated with another hosted zone that has the same name. - ErrCodeConflictingDomainExists = "ConflictingDomainExists" - - // ErrCodeConflictingTypes for service response error code - // "ConflictingTypes". - // - // You tried to update a traffic policy instance by using a traffic policy version - // that has a different DNS type than the current type for the instance. You - // specified the type in the JSON document in the CreateTrafficPolicy or CreateTrafficPolicyVersionrequest. - ErrCodeConflictingTypes = "ConflictingTypes" - - // ErrCodeDNSSECNotFound for service response error code - // "DNSSECNotFound". - // - // The hosted zone doesn't have any DNSSEC resources. - ErrCodeDNSSECNotFound = "DNSSECNotFound" - - // ErrCodeDelegationSetAlreadyCreated for service response error code - // "DelegationSetAlreadyCreated". - // - // A delegation set with the same owner and caller reference combination has - // already been created. - ErrCodeDelegationSetAlreadyCreated = "DelegationSetAlreadyCreated" - - // ErrCodeDelegationSetAlreadyReusable for service response error code - // "DelegationSetAlreadyReusable". - // - // The specified delegation set has already been marked as reusable. - ErrCodeDelegationSetAlreadyReusable = "DelegationSetAlreadyReusable" - - // ErrCodeDelegationSetInUse for service response error code - // "DelegationSetInUse". - // - // The specified delegation contains associated hosted zones which must be deleted - // before the reusable delegation set can be deleted. - ErrCodeDelegationSetInUse = "DelegationSetInUse" - - // ErrCodeDelegationSetNotAvailable for service response error code - // "DelegationSetNotAvailable". - // - // You can create a hosted zone that has the same name as an existing hosted - // zone (example.com is common), but there is a limit to the number of hosted - // zones that have the same name. If you get this error, Amazon Route 53 has - // reached that limit. If you own the domain name and Route 53 generates this - // error, contact Customer Support. - ErrCodeDelegationSetNotAvailable = "DelegationSetNotAvailable" - - // ErrCodeDelegationSetNotReusable for service response error code - // "DelegationSetNotReusable". - // - // A reusable delegation set with the specified ID does not exist. - ErrCodeDelegationSetNotReusable = "DelegationSetNotReusable" - - // ErrCodeHealthCheckAlreadyExists for service response error code - // "HealthCheckAlreadyExists". - // - // The health check you're attempting to create already exists. Amazon Route - // 53 returns this error when you submit a request that has the following values: - // - // * The same value for CallerReference as an existing health check, and - // one or more values that differ from the existing health check that has - // the same caller reference. - // - // * The same value for CallerReference as a health check that you created - // and later deleted, regardless of the other settings in the request. - ErrCodeHealthCheckAlreadyExists = "HealthCheckAlreadyExists" - - // ErrCodeHealthCheckInUse for service response error code - // "HealthCheckInUse". - // - // This error code is not in use. - ErrCodeHealthCheckInUse = "HealthCheckInUse" - - // ErrCodeHealthCheckVersionMismatch for service response error code - // "HealthCheckVersionMismatch". - // - // The value of HealthCheckVersion in the request doesn't match the value of - // HealthCheckVersion in the health check. - ErrCodeHealthCheckVersionMismatch = "HealthCheckVersionMismatch" - - // ErrCodeHostedZoneAlreadyExists for service response error code - // "HostedZoneAlreadyExists". - // - // The hosted zone you're trying to create already exists. Amazon Route 53 returns - // this error when a hosted zone has already been created with the specified - // CallerReference. - ErrCodeHostedZoneAlreadyExists = "HostedZoneAlreadyExists" - - // ErrCodeHostedZoneNotEmpty for service response error code - // "HostedZoneNotEmpty". - // - // The hosted zone contains resource records that are not SOA or NS records. - ErrCodeHostedZoneNotEmpty = "HostedZoneNotEmpty" - - // ErrCodeHostedZoneNotFound for service response error code - // "HostedZoneNotFound". - // - // The specified HostedZone can't be found. - ErrCodeHostedZoneNotFound = "HostedZoneNotFound" - - // ErrCodeHostedZoneNotPrivate for service response error code - // "HostedZoneNotPrivate". - // - // The specified hosted zone is a public hosted zone, not a private hosted zone. - ErrCodeHostedZoneNotPrivate = "HostedZoneNotPrivate" - - // ErrCodeHostedZonePartiallyDelegated for service response error code - // "HostedZonePartiallyDelegated". - // - // The hosted zone nameservers don't match the parent nameservers. The hosted - // zone and parent must have the same nameservers. - ErrCodeHostedZonePartiallyDelegated = "HostedZonePartiallyDelegated" - - // ErrCodeIncompatibleVersion for service response error code - // "IncompatibleVersion". - // - // The resource you're trying to access is unsupported on this Amazon Route - // 53 endpoint. - ErrCodeIncompatibleVersion = "IncompatibleVersion" - - // ErrCodeInsufficientCloudWatchLogsResourcePolicy for service response error code - // "InsufficientCloudWatchLogsResourcePolicy". - // - // Amazon Route 53 doesn't have the permissions required to create log streams - // and send query logs to log streams. Possible causes include the following: - // - // * There is no resource policy that specifies the log group ARN in the - // value for Resource. - // - // * The resource policy that includes the log group ARN in the value for - // Resource doesn't have the necessary permissions. - // - // * The resource policy hasn't finished propagating yet. - // - // * The Key management service (KMS) key you specified doesn’t exist or - // it can’t be used with the log group associated with query log. Update - // or provide a resource policy to grant permissions for the KMS key. - // - // * The Key management service (KMS) key you specified is marked as disabled - // for the log group associated with query log. Update or provide a resource - // policy to grant permissions for the KMS key. - ErrCodeInsufficientCloudWatchLogsResourcePolicy = "InsufficientCloudWatchLogsResourcePolicy" - - // ErrCodeInvalidArgument for service response error code - // "InvalidArgument". - // - // Parameter name is not valid. - ErrCodeInvalidArgument = "InvalidArgument" - - // ErrCodeInvalidChangeBatch for service response error code - // "InvalidChangeBatch". - // - // This exception contains a list of messages that might contain one or more - // error messages. Each error message indicates one error in the change batch. - ErrCodeInvalidChangeBatch = "InvalidChangeBatch" - - // ErrCodeInvalidDomainName for service response error code - // "InvalidDomainName". - // - // The specified domain name is not valid. - ErrCodeInvalidDomainName = "InvalidDomainName" - - // ErrCodeInvalidInput for service response error code - // "InvalidInput". - // - // The input is not valid. - ErrCodeInvalidInput = "InvalidInput" - - // ErrCodeInvalidKMSArn for service response error code - // "InvalidKMSArn". - // - // The KeyManagementServiceArn that you specified isn't valid to use with DNSSEC - // signing. - ErrCodeInvalidKMSArn = "InvalidKMSArn" - - // ErrCodeInvalidKeySigningKeyName for service response error code - // "InvalidKeySigningKeyName". - // - // The key-signing key (KSK) name that you specified isn't a valid name. - ErrCodeInvalidKeySigningKeyName = "InvalidKeySigningKeyName" - - // ErrCodeInvalidKeySigningKeyStatus for service response error code - // "InvalidKeySigningKeyStatus". - // - // The key-signing key (KSK) status isn't valid or another KSK has the status - // INTERNAL_FAILURE. - ErrCodeInvalidKeySigningKeyStatus = "InvalidKeySigningKeyStatus" - - // ErrCodeInvalidPaginationToken for service response error code - // "InvalidPaginationToken". - // - // The value that you specified to get the second or subsequent page of results - // is invalid. - ErrCodeInvalidPaginationToken = "InvalidPaginationToken" - - // ErrCodeInvalidSigningStatus for service response error code - // "InvalidSigningStatus". - // - // Your hosted zone status isn't valid for this operation. In the hosted zone, - // change the status to enable DNSSEC or disable DNSSEC. - ErrCodeInvalidSigningStatus = "InvalidSigningStatus" - - // ErrCodeInvalidTrafficPolicyDocument for service response error code - // "InvalidTrafficPolicyDocument". - // - // The format of the traffic policy document that you specified in the Document - // element is not valid. - ErrCodeInvalidTrafficPolicyDocument = "InvalidTrafficPolicyDocument" - - // ErrCodeInvalidVPCId for service response error code - // "InvalidVPCId". - // - // The VPC ID that you specified either isn't a valid ID or the current account - // is not authorized to access this VPC. - ErrCodeInvalidVPCId = "InvalidVPCId" - - // ErrCodeKeySigningKeyAlreadyExists for service response error code - // "KeySigningKeyAlreadyExists". - // - // You've already created a key-signing key (KSK) with this name or with the - // same customer managed key ARN. - ErrCodeKeySigningKeyAlreadyExists = "KeySigningKeyAlreadyExists" - - // ErrCodeKeySigningKeyInParentDSRecord for service response error code - // "KeySigningKeyInParentDSRecord". - // - // The key-signing key (KSK) is specified in a parent DS record. - ErrCodeKeySigningKeyInParentDSRecord = "KeySigningKeyInParentDSRecord" - - // ErrCodeKeySigningKeyInUse for service response error code - // "KeySigningKeyInUse". - // - // The key-signing key (KSK) that you specified can't be deactivated because - // it's the only KSK for a currently-enabled DNSSEC. Disable DNSSEC signing, - // or add or enable another KSK. - ErrCodeKeySigningKeyInUse = "KeySigningKeyInUse" - - // ErrCodeKeySigningKeyWithActiveStatusNotFound for service response error code - // "KeySigningKeyWithActiveStatusNotFound". - // - // A key-signing key (KSK) with ACTIVE status wasn't found. - ErrCodeKeySigningKeyWithActiveStatusNotFound = "KeySigningKeyWithActiveStatusNotFound" - - // ErrCodeLastVPCAssociation for service response error code - // "LastVPCAssociation". - // - // The VPC that you're trying to disassociate from the private hosted zone is - // the last VPC that is associated with the hosted zone. Amazon Route 53 doesn't - // support disassociating the last VPC from a hosted zone. - ErrCodeLastVPCAssociation = "LastVPCAssociation" - - // ErrCodeLimitsExceeded for service response error code - // "LimitsExceeded". - // - // This operation can't be completed because the current account has reached - // the limit on the resource you are trying to create. To request a higher limit, - // create a case (http://aws.amazon.com/route53-request) with the Amazon Web - // Services Support Center. - ErrCodeLimitsExceeded = "LimitsExceeded" - - // ErrCodeNoSuchChange for service response error code - // "NoSuchChange". - // - // A change with the specified change ID does not exist. - ErrCodeNoSuchChange = "NoSuchChange" - - // ErrCodeNoSuchCidrCollectionException for service response error code - // "NoSuchCidrCollectionException". - // - // The CIDR collection you specified, doesn't exist. - ErrCodeNoSuchCidrCollectionException = "NoSuchCidrCollectionException" - - // ErrCodeNoSuchCidrLocationException for service response error code - // "NoSuchCidrLocationException". - // - // The CIDR collection location doesn't match any locations in your account. - ErrCodeNoSuchCidrLocationException = "NoSuchCidrLocationException" - - // ErrCodeNoSuchCloudWatchLogsLogGroup for service response error code - // "NoSuchCloudWatchLogsLogGroup". - // - // There is no CloudWatch Logs log group with the specified ARN. - ErrCodeNoSuchCloudWatchLogsLogGroup = "NoSuchCloudWatchLogsLogGroup" - - // ErrCodeNoSuchDelegationSet for service response error code - // "NoSuchDelegationSet". - // - // A reusable delegation set with the specified ID does not exist. - ErrCodeNoSuchDelegationSet = "NoSuchDelegationSet" - - // ErrCodeNoSuchGeoLocation for service response error code - // "NoSuchGeoLocation". - // - // Amazon Route 53 doesn't support the specified geographic location. For a - // list of supported geolocation codes, see the GeoLocation (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GeoLocation.html) - // data type. - ErrCodeNoSuchGeoLocation = "NoSuchGeoLocation" - - // ErrCodeNoSuchHealthCheck for service response error code - // "NoSuchHealthCheck". - // - // No health check exists with the specified ID. - ErrCodeNoSuchHealthCheck = "NoSuchHealthCheck" - - // ErrCodeNoSuchHostedZone for service response error code - // "NoSuchHostedZone". - // - // No hosted zone exists with the ID that you specified. - ErrCodeNoSuchHostedZone = "NoSuchHostedZone" - - // ErrCodeNoSuchKeySigningKey for service response error code - // "NoSuchKeySigningKey". - // - // The specified key-signing key (KSK) doesn't exist. - ErrCodeNoSuchKeySigningKey = "NoSuchKeySigningKey" - - // ErrCodeNoSuchQueryLoggingConfig for service response error code - // "NoSuchQueryLoggingConfig". - // - // There is no DNS query logging configuration with the specified ID. - ErrCodeNoSuchQueryLoggingConfig = "NoSuchQueryLoggingConfig" - - // ErrCodeNoSuchTrafficPolicy for service response error code - // "NoSuchTrafficPolicy". - // - // No traffic policy exists with the specified ID. - ErrCodeNoSuchTrafficPolicy = "NoSuchTrafficPolicy" - - // ErrCodeNoSuchTrafficPolicyInstance for service response error code - // "NoSuchTrafficPolicyInstance". - // - // No traffic policy instance exists with the specified ID. - ErrCodeNoSuchTrafficPolicyInstance = "NoSuchTrafficPolicyInstance" - - // ErrCodeNotAuthorizedException for service response error code - // "NotAuthorizedException". - // - // Associating the specified VPC with the specified hosted zone has not been - // authorized. - ErrCodeNotAuthorizedException = "NotAuthorizedException" - - // ErrCodePriorRequestNotComplete for service response error code - // "PriorRequestNotComplete". - // - // If Amazon Route 53 can't process a request before the next request arrives, - // it will reject subsequent requests for the same hosted zone and return an - // HTTP 400 error (Bad request). If Route 53 returns this error repeatedly for - // the same request, we recommend that you wait, in intervals of increasing - // duration, before you try the request again. - ErrCodePriorRequestNotComplete = "PriorRequestNotComplete" - - // ErrCodePublicZoneVPCAssociation for service response error code - // "PublicZoneVPCAssociation". - // - // You're trying to associate a VPC with a public hosted zone. Amazon Route - // 53 doesn't support associating a VPC with a public hosted zone. - ErrCodePublicZoneVPCAssociation = "PublicZoneVPCAssociation" - - // ErrCodeQueryLoggingConfigAlreadyExists for service response error code - // "QueryLoggingConfigAlreadyExists". - // - // You can create only one query logging configuration for a hosted zone, and - // a query logging configuration already exists for this hosted zone. - ErrCodeQueryLoggingConfigAlreadyExists = "QueryLoggingConfigAlreadyExists" - - // ErrCodeThrottlingException for service response error code - // "ThrottlingException". - // - // The limit on the number of requests per second was exceeded. - ErrCodeThrottlingException = "ThrottlingException" - - // ErrCodeTooManyHealthChecks for service response error code - // "TooManyHealthChecks". - // - // This health check can't be created because the current account has reached - // the limit on the number of active health checks. - // - // For information about default limits, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) - // in the Amazon Route 53 Developer Guide. - // - // For information about how to get the current limit for an account, see GetAccountLimit - // (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html). - // To request a higher limit, create a case (http://aws.amazon.com/route53-request) - // with the Amazon Web Services Support Center. - // - // You have reached the maximum number of active health checks for an Amazon - // Web Services account. To request a higher limit, create a case (http://aws.amazon.com/route53-request) - // with the Amazon Web Services Support Center. - ErrCodeTooManyHealthChecks = "TooManyHealthChecks" - - // ErrCodeTooManyHostedZones for service response error code - // "TooManyHostedZones". - // - // This operation can't be completed either because the current account has - // reached the limit on the number of hosted zones or because you've reached - // the limit on the number of hosted zones that can be associated with a reusable - // delegation set. - // - // For information about default limits, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) - // in the Amazon Route 53 Developer Guide. - // - // To get the current limit on hosted zones that can be created by an account, - // see GetAccountLimit (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html). - // - // To get the current limit on hosted zones that can be associated with a reusable - // delegation set, see GetReusableDelegationSetLimit (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetReusableDelegationSetLimit.html). - // - // To request a higher limit, create a case (http://aws.amazon.com/route53-request) - // with the Amazon Web Services Support Center. - ErrCodeTooManyHostedZones = "TooManyHostedZones" - - // ErrCodeTooManyKeySigningKeys for service response error code - // "TooManyKeySigningKeys". - // - // You've reached the limit for the number of key-signing keys (KSKs). Remove - // at least one KSK, and then try again. - ErrCodeTooManyKeySigningKeys = "TooManyKeySigningKeys" - - // ErrCodeTooManyTrafficPolicies for service response error code - // "TooManyTrafficPolicies". - // - // This traffic policy can't be created because the current account has reached - // the limit on the number of traffic policies. - // - // For information about default limits, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) - // in the Amazon Route 53 Developer Guide. - // - // To get the current limit for an account, see GetAccountLimit (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html). - // - // To request a higher limit, create a case (http://aws.amazon.com/route53-request) - // with the Amazon Web Services Support Center. - ErrCodeTooManyTrafficPolicies = "TooManyTrafficPolicies" - - // ErrCodeTooManyTrafficPolicyInstances for service response error code - // "TooManyTrafficPolicyInstances". - // - // This traffic policy instance can't be created because the current account - // has reached the limit on the number of traffic policy instances. - // - // For information about default limits, see Limits (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html) - // in the Amazon Route 53 Developer Guide. - // - // For information about how to get the current limit for an account, see GetAccountLimit - // (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetAccountLimit.html). - // - // To request a higher limit, create a case (http://aws.amazon.com/route53-request) - // with the Amazon Web Services Support Center. - ErrCodeTooManyTrafficPolicyInstances = "TooManyTrafficPolicyInstances" - - // ErrCodeTooManyTrafficPolicyVersionsForCurrentPolicy for service response error code - // "TooManyTrafficPolicyVersionsForCurrentPolicy". - // - // This traffic policy version can't be created because you've reached the limit - // of 1000 on the number of versions that you can create for the current traffic - // policy. - // - // To create more traffic policy versions, you can use GetTrafficPolicy (https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetTrafficPolicy.html) - // to get the traffic policy document for a specified traffic policy version, - // and then use CreateTrafficPolicy (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateTrafficPolicy.html) - // to create a new traffic policy using the traffic policy document. - ErrCodeTooManyTrafficPolicyVersionsForCurrentPolicy = "TooManyTrafficPolicyVersionsForCurrentPolicy" - - // ErrCodeTooManyVPCAssociationAuthorizations for service response error code - // "TooManyVPCAssociationAuthorizations". - // - // You've created the maximum number of authorizations that can be created for - // the specified hosted zone. To authorize another VPC to be associated with - // the hosted zone, submit a DeleteVPCAssociationAuthorization request to remove - // an existing authorization. To get a list of existing authorizations, submit - // a ListVPCAssociationAuthorizations request. - ErrCodeTooManyVPCAssociationAuthorizations = "TooManyVPCAssociationAuthorizations" - - // ErrCodeTrafficPolicyAlreadyExists for service response error code - // "TrafficPolicyAlreadyExists". - // - // A traffic policy that has the same value for Name already exists. - ErrCodeTrafficPolicyAlreadyExists = "TrafficPolicyAlreadyExists" - - // ErrCodeTrafficPolicyInUse for service response error code - // "TrafficPolicyInUse". - // - // One or more traffic policy instances were created by using the specified - // traffic policy. - ErrCodeTrafficPolicyInUse = "TrafficPolicyInUse" - - // ErrCodeTrafficPolicyInstanceAlreadyExists for service response error code - // "TrafficPolicyInstanceAlreadyExists". - // - // There is already a traffic policy instance with the specified ID. - ErrCodeTrafficPolicyInstanceAlreadyExists = "TrafficPolicyInstanceAlreadyExists" - - // ErrCodeVPCAssociationAuthorizationNotFound for service response error code - // "VPCAssociationAuthorizationNotFound". - // - // The VPC that you specified is not authorized to be associated with the hosted - // zone. - ErrCodeVPCAssociationAuthorizationNotFound = "VPCAssociationAuthorizationNotFound" - - // ErrCodeVPCAssociationNotFound for service response error code - // "VPCAssociationNotFound". - // - // The specified VPC and hosted zone are not currently associated. - ErrCodeVPCAssociationNotFound = "VPCAssociationNotFound" -) diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/route53iface/interface.go b/vendor/github.com/aws/aws-sdk-go/service/route53/route53iface/interface.go deleted file mode 100644 index 940fd981..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/route53iface/interface.go +++ /dev/null @@ -1,368 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -// Package route53iface provides an interface to enable mocking the Amazon Route 53 service client -// for testing your code. -// -// It is important to note that this interface will have breaking changes -// when the service model is updated and adds new API operations, paginators, -// and waiters. -package route53iface - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/route53" -) - -// Route53API provides an interface to enable mocking the -// route53.Route53 service client's API operation, -// paginators, and waiters. This make unit testing your code that calls out -// to the SDK's service client's calls easier. -// -// The best way to use this interface is so the SDK's service client's calls -// can be stubbed out for unit testing your code with the SDK without needing -// to inject custom request handlers into the SDK's request pipeline. -// -// // myFunc uses an SDK service client to make a request to -// // Amazon Route 53. -// func myFunc(svc route53iface.Route53API) bool { -// // Make svc.ActivateKeySigningKey request -// } -// -// func main() { -// sess := session.New() -// svc := route53.New(sess) -// -// myFunc(svc) -// } -// -// In your _test.go file: -// -// // Define a mock struct to be used in your unit tests of myFunc. -// type mockRoute53Client struct { -// route53iface.Route53API -// } -// func (m *mockRoute53Client) ActivateKeySigningKey(input *route53.ActivateKeySigningKeyInput) (*route53.ActivateKeySigningKeyOutput, error) { -// // mock response/functionality -// } -// -// func TestMyFunc(t *testing.T) { -// // Setup Test -// mockSvc := &mockRoute53Client{} -// -// myfunc(mockSvc) -// -// // Verify myFunc's functionality -// } -// -// It is important to note that this interface will have breaking changes -// when the service model is updated and adds new API operations, paginators, -// and waiters. Its suggested to use the pattern above for testing, or using -// tooling to generate mocks to satisfy the interfaces. -type Route53API interface { - ActivateKeySigningKey(*route53.ActivateKeySigningKeyInput) (*route53.ActivateKeySigningKeyOutput, error) - ActivateKeySigningKeyWithContext(aws.Context, *route53.ActivateKeySigningKeyInput, ...request.Option) (*route53.ActivateKeySigningKeyOutput, error) - ActivateKeySigningKeyRequest(*route53.ActivateKeySigningKeyInput) (*request.Request, *route53.ActivateKeySigningKeyOutput) - - AssociateVPCWithHostedZone(*route53.AssociateVPCWithHostedZoneInput) (*route53.AssociateVPCWithHostedZoneOutput, error) - AssociateVPCWithHostedZoneWithContext(aws.Context, *route53.AssociateVPCWithHostedZoneInput, ...request.Option) (*route53.AssociateVPCWithHostedZoneOutput, error) - AssociateVPCWithHostedZoneRequest(*route53.AssociateVPCWithHostedZoneInput) (*request.Request, *route53.AssociateVPCWithHostedZoneOutput) - - ChangeCidrCollection(*route53.ChangeCidrCollectionInput) (*route53.ChangeCidrCollectionOutput, error) - ChangeCidrCollectionWithContext(aws.Context, *route53.ChangeCidrCollectionInput, ...request.Option) (*route53.ChangeCidrCollectionOutput, error) - ChangeCidrCollectionRequest(*route53.ChangeCidrCollectionInput) (*request.Request, *route53.ChangeCidrCollectionOutput) - - ChangeResourceRecordSets(*route53.ChangeResourceRecordSetsInput) (*route53.ChangeResourceRecordSetsOutput, error) - ChangeResourceRecordSetsWithContext(aws.Context, *route53.ChangeResourceRecordSetsInput, ...request.Option) (*route53.ChangeResourceRecordSetsOutput, error) - ChangeResourceRecordSetsRequest(*route53.ChangeResourceRecordSetsInput) (*request.Request, *route53.ChangeResourceRecordSetsOutput) - - ChangeTagsForResource(*route53.ChangeTagsForResourceInput) (*route53.ChangeTagsForResourceOutput, error) - ChangeTagsForResourceWithContext(aws.Context, *route53.ChangeTagsForResourceInput, ...request.Option) (*route53.ChangeTagsForResourceOutput, error) - ChangeTagsForResourceRequest(*route53.ChangeTagsForResourceInput) (*request.Request, *route53.ChangeTagsForResourceOutput) - - CreateCidrCollection(*route53.CreateCidrCollectionInput) (*route53.CreateCidrCollectionOutput, error) - CreateCidrCollectionWithContext(aws.Context, *route53.CreateCidrCollectionInput, ...request.Option) (*route53.CreateCidrCollectionOutput, error) - CreateCidrCollectionRequest(*route53.CreateCidrCollectionInput) (*request.Request, *route53.CreateCidrCollectionOutput) - - CreateHealthCheck(*route53.CreateHealthCheckInput) (*route53.CreateHealthCheckOutput, error) - CreateHealthCheckWithContext(aws.Context, *route53.CreateHealthCheckInput, ...request.Option) (*route53.CreateHealthCheckOutput, error) - CreateHealthCheckRequest(*route53.CreateHealthCheckInput) (*request.Request, *route53.CreateHealthCheckOutput) - - CreateHostedZone(*route53.CreateHostedZoneInput) (*route53.CreateHostedZoneOutput, error) - CreateHostedZoneWithContext(aws.Context, *route53.CreateHostedZoneInput, ...request.Option) (*route53.CreateHostedZoneOutput, error) - CreateHostedZoneRequest(*route53.CreateHostedZoneInput) (*request.Request, *route53.CreateHostedZoneOutput) - - CreateKeySigningKey(*route53.CreateKeySigningKeyInput) (*route53.CreateKeySigningKeyOutput, error) - CreateKeySigningKeyWithContext(aws.Context, *route53.CreateKeySigningKeyInput, ...request.Option) (*route53.CreateKeySigningKeyOutput, error) - CreateKeySigningKeyRequest(*route53.CreateKeySigningKeyInput) (*request.Request, *route53.CreateKeySigningKeyOutput) - - CreateQueryLoggingConfig(*route53.CreateQueryLoggingConfigInput) (*route53.CreateQueryLoggingConfigOutput, error) - CreateQueryLoggingConfigWithContext(aws.Context, *route53.CreateQueryLoggingConfigInput, ...request.Option) (*route53.CreateQueryLoggingConfigOutput, error) - CreateQueryLoggingConfigRequest(*route53.CreateQueryLoggingConfigInput) (*request.Request, *route53.CreateQueryLoggingConfigOutput) - - CreateReusableDelegationSet(*route53.CreateReusableDelegationSetInput) (*route53.CreateReusableDelegationSetOutput, error) - CreateReusableDelegationSetWithContext(aws.Context, *route53.CreateReusableDelegationSetInput, ...request.Option) (*route53.CreateReusableDelegationSetOutput, error) - CreateReusableDelegationSetRequest(*route53.CreateReusableDelegationSetInput) (*request.Request, *route53.CreateReusableDelegationSetOutput) - - CreateTrafficPolicy(*route53.CreateTrafficPolicyInput) (*route53.CreateTrafficPolicyOutput, error) - CreateTrafficPolicyWithContext(aws.Context, *route53.CreateTrafficPolicyInput, ...request.Option) (*route53.CreateTrafficPolicyOutput, error) - CreateTrafficPolicyRequest(*route53.CreateTrafficPolicyInput) (*request.Request, *route53.CreateTrafficPolicyOutput) - - CreateTrafficPolicyInstance(*route53.CreateTrafficPolicyInstanceInput) (*route53.CreateTrafficPolicyInstanceOutput, error) - CreateTrafficPolicyInstanceWithContext(aws.Context, *route53.CreateTrafficPolicyInstanceInput, ...request.Option) (*route53.CreateTrafficPolicyInstanceOutput, error) - CreateTrafficPolicyInstanceRequest(*route53.CreateTrafficPolicyInstanceInput) (*request.Request, *route53.CreateTrafficPolicyInstanceOutput) - - CreateTrafficPolicyVersion(*route53.CreateTrafficPolicyVersionInput) (*route53.CreateTrafficPolicyVersionOutput, error) - CreateTrafficPolicyVersionWithContext(aws.Context, *route53.CreateTrafficPolicyVersionInput, ...request.Option) (*route53.CreateTrafficPolicyVersionOutput, error) - CreateTrafficPolicyVersionRequest(*route53.CreateTrafficPolicyVersionInput) (*request.Request, *route53.CreateTrafficPolicyVersionOutput) - - CreateVPCAssociationAuthorization(*route53.CreateVPCAssociationAuthorizationInput) (*route53.CreateVPCAssociationAuthorizationOutput, error) - CreateVPCAssociationAuthorizationWithContext(aws.Context, *route53.CreateVPCAssociationAuthorizationInput, ...request.Option) (*route53.CreateVPCAssociationAuthorizationOutput, error) - CreateVPCAssociationAuthorizationRequest(*route53.CreateVPCAssociationAuthorizationInput) (*request.Request, *route53.CreateVPCAssociationAuthorizationOutput) - - DeactivateKeySigningKey(*route53.DeactivateKeySigningKeyInput) (*route53.DeactivateKeySigningKeyOutput, error) - DeactivateKeySigningKeyWithContext(aws.Context, *route53.DeactivateKeySigningKeyInput, ...request.Option) (*route53.DeactivateKeySigningKeyOutput, error) - DeactivateKeySigningKeyRequest(*route53.DeactivateKeySigningKeyInput) (*request.Request, *route53.DeactivateKeySigningKeyOutput) - - DeleteCidrCollection(*route53.DeleteCidrCollectionInput) (*route53.DeleteCidrCollectionOutput, error) - DeleteCidrCollectionWithContext(aws.Context, *route53.DeleteCidrCollectionInput, ...request.Option) (*route53.DeleteCidrCollectionOutput, error) - DeleteCidrCollectionRequest(*route53.DeleteCidrCollectionInput) (*request.Request, *route53.DeleteCidrCollectionOutput) - - DeleteHealthCheck(*route53.DeleteHealthCheckInput) (*route53.DeleteHealthCheckOutput, error) - DeleteHealthCheckWithContext(aws.Context, *route53.DeleteHealthCheckInput, ...request.Option) (*route53.DeleteHealthCheckOutput, error) - DeleteHealthCheckRequest(*route53.DeleteHealthCheckInput) (*request.Request, *route53.DeleteHealthCheckOutput) - - DeleteHostedZone(*route53.DeleteHostedZoneInput) (*route53.DeleteHostedZoneOutput, error) - DeleteHostedZoneWithContext(aws.Context, *route53.DeleteHostedZoneInput, ...request.Option) (*route53.DeleteHostedZoneOutput, error) - DeleteHostedZoneRequest(*route53.DeleteHostedZoneInput) (*request.Request, *route53.DeleteHostedZoneOutput) - - DeleteKeySigningKey(*route53.DeleteKeySigningKeyInput) (*route53.DeleteKeySigningKeyOutput, error) - DeleteKeySigningKeyWithContext(aws.Context, *route53.DeleteKeySigningKeyInput, ...request.Option) (*route53.DeleteKeySigningKeyOutput, error) - DeleteKeySigningKeyRequest(*route53.DeleteKeySigningKeyInput) (*request.Request, *route53.DeleteKeySigningKeyOutput) - - DeleteQueryLoggingConfig(*route53.DeleteQueryLoggingConfigInput) (*route53.DeleteQueryLoggingConfigOutput, error) - DeleteQueryLoggingConfigWithContext(aws.Context, *route53.DeleteQueryLoggingConfigInput, ...request.Option) (*route53.DeleteQueryLoggingConfigOutput, error) - DeleteQueryLoggingConfigRequest(*route53.DeleteQueryLoggingConfigInput) (*request.Request, *route53.DeleteQueryLoggingConfigOutput) - - DeleteReusableDelegationSet(*route53.DeleteReusableDelegationSetInput) (*route53.DeleteReusableDelegationSetOutput, error) - DeleteReusableDelegationSetWithContext(aws.Context, *route53.DeleteReusableDelegationSetInput, ...request.Option) (*route53.DeleteReusableDelegationSetOutput, error) - DeleteReusableDelegationSetRequest(*route53.DeleteReusableDelegationSetInput) (*request.Request, *route53.DeleteReusableDelegationSetOutput) - - DeleteTrafficPolicy(*route53.DeleteTrafficPolicyInput) (*route53.DeleteTrafficPolicyOutput, error) - DeleteTrafficPolicyWithContext(aws.Context, *route53.DeleteTrafficPolicyInput, ...request.Option) (*route53.DeleteTrafficPolicyOutput, error) - DeleteTrafficPolicyRequest(*route53.DeleteTrafficPolicyInput) (*request.Request, *route53.DeleteTrafficPolicyOutput) - - DeleteTrafficPolicyInstance(*route53.DeleteTrafficPolicyInstanceInput) (*route53.DeleteTrafficPolicyInstanceOutput, error) - DeleteTrafficPolicyInstanceWithContext(aws.Context, *route53.DeleteTrafficPolicyInstanceInput, ...request.Option) (*route53.DeleteTrafficPolicyInstanceOutput, error) - DeleteTrafficPolicyInstanceRequest(*route53.DeleteTrafficPolicyInstanceInput) (*request.Request, *route53.DeleteTrafficPolicyInstanceOutput) - - DeleteVPCAssociationAuthorization(*route53.DeleteVPCAssociationAuthorizationInput) (*route53.DeleteVPCAssociationAuthorizationOutput, error) - DeleteVPCAssociationAuthorizationWithContext(aws.Context, *route53.DeleteVPCAssociationAuthorizationInput, ...request.Option) (*route53.DeleteVPCAssociationAuthorizationOutput, error) - DeleteVPCAssociationAuthorizationRequest(*route53.DeleteVPCAssociationAuthorizationInput) (*request.Request, *route53.DeleteVPCAssociationAuthorizationOutput) - - DisableHostedZoneDNSSEC(*route53.DisableHostedZoneDNSSECInput) (*route53.DisableHostedZoneDNSSECOutput, error) - DisableHostedZoneDNSSECWithContext(aws.Context, *route53.DisableHostedZoneDNSSECInput, ...request.Option) (*route53.DisableHostedZoneDNSSECOutput, error) - DisableHostedZoneDNSSECRequest(*route53.DisableHostedZoneDNSSECInput) (*request.Request, *route53.DisableHostedZoneDNSSECOutput) - - DisassociateVPCFromHostedZone(*route53.DisassociateVPCFromHostedZoneInput) (*route53.DisassociateVPCFromHostedZoneOutput, error) - DisassociateVPCFromHostedZoneWithContext(aws.Context, *route53.DisassociateVPCFromHostedZoneInput, ...request.Option) (*route53.DisassociateVPCFromHostedZoneOutput, error) - DisassociateVPCFromHostedZoneRequest(*route53.DisassociateVPCFromHostedZoneInput) (*request.Request, *route53.DisassociateVPCFromHostedZoneOutput) - - EnableHostedZoneDNSSEC(*route53.EnableHostedZoneDNSSECInput) (*route53.EnableHostedZoneDNSSECOutput, error) - EnableHostedZoneDNSSECWithContext(aws.Context, *route53.EnableHostedZoneDNSSECInput, ...request.Option) (*route53.EnableHostedZoneDNSSECOutput, error) - EnableHostedZoneDNSSECRequest(*route53.EnableHostedZoneDNSSECInput) (*request.Request, *route53.EnableHostedZoneDNSSECOutput) - - GetAccountLimit(*route53.GetAccountLimitInput) (*route53.GetAccountLimitOutput, error) - GetAccountLimitWithContext(aws.Context, *route53.GetAccountLimitInput, ...request.Option) (*route53.GetAccountLimitOutput, error) - GetAccountLimitRequest(*route53.GetAccountLimitInput) (*request.Request, *route53.GetAccountLimitOutput) - - GetChange(*route53.GetChangeInput) (*route53.GetChangeOutput, error) - GetChangeWithContext(aws.Context, *route53.GetChangeInput, ...request.Option) (*route53.GetChangeOutput, error) - GetChangeRequest(*route53.GetChangeInput) (*request.Request, *route53.GetChangeOutput) - - GetCheckerIpRanges(*route53.GetCheckerIpRangesInput) (*route53.GetCheckerIpRangesOutput, error) - GetCheckerIpRangesWithContext(aws.Context, *route53.GetCheckerIpRangesInput, ...request.Option) (*route53.GetCheckerIpRangesOutput, error) - GetCheckerIpRangesRequest(*route53.GetCheckerIpRangesInput) (*request.Request, *route53.GetCheckerIpRangesOutput) - - GetDNSSEC(*route53.GetDNSSECInput) (*route53.GetDNSSECOutput, error) - GetDNSSECWithContext(aws.Context, *route53.GetDNSSECInput, ...request.Option) (*route53.GetDNSSECOutput, error) - GetDNSSECRequest(*route53.GetDNSSECInput) (*request.Request, *route53.GetDNSSECOutput) - - GetGeoLocation(*route53.GetGeoLocationInput) (*route53.GetGeoLocationOutput, error) - GetGeoLocationWithContext(aws.Context, *route53.GetGeoLocationInput, ...request.Option) (*route53.GetGeoLocationOutput, error) - GetGeoLocationRequest(*route53.GetGeoLocationInput) (*request.Request, *route53.GetGeoLocationOutput) - - GetHealthCheck(*route53.GetHealthCheckInput) (*route53.GetHealthCheckOutput, error) - GetHealthCheckWithContext(aws.Context, *route53.GetHealthCheckInput, ...request.Option) (*route53.GetHealthCheckOutput, error) - GetHealthCheckRequest(*route53.GetHealthCheckInput) (*request.Request, *route53.GetHealthCheckOutput) - - GetHealthCheckCount(*route53.GetHealthCheckCountInput) (*route53.GetHealthCheckCountOutput, error) - GetHealthCheckCountWithContext(aws.Context, *route53.GetHealthCheckCountInput, ...request.Option) (*route53.GetHealthCheckCountOutput, error) - GetHealthCheckCountRequest(*route53.GetHealthCheckCountInput) (*request.Request, *route53.GetHealthCheckCountOutput) - - GetHealthCheckLastFailureReason(*route53.GetHealthCheckLastFailureReasonInput) (*route53.GetHealthCheckLastFailureReasonOutput, error) - GetHealthCheckLastFailureReasonWithContext(aws.Context, *route53.GetHealthCheckLastFailureReasonInput, ...request.Option) (*route53.GetHealthCheckLastFailureReasonOutput, error) - GetHealthCheckLastFailureReasonRequest(*route53.GetHealthCheckLastFailureReasonInput) (*request.Request, *route53.GetHealthCheckLastFailureReasonOutput) - - GetHealthCheckStatus(*route53.GetHealthCheckStatusInput) (*route53.GetHealthCheckStatusOutput, error) - GetHealthCheckStatusWithContext(aws.Context, *route53.GetHealthCheckStatusInput, ...request.Option) (*route53.GetHealthCheckStatusOutput, error) - GetHealthCheckStatusRequest(*route53.GetHealthCheckStatusInput) (*request.Request, *route53.GetHealthCheckStatusOutput) - - GetHostedZone(*route53.GetHostedZoneInput) (*route53.GetHostedZoneOutput, error) - GetHostedZoneWithContext(aws.Context, *route53.GetHostedZoneInput, ...request.Option) (*route53.GetHostedZoneOutput, error) - GetHostedZoneRequest(*route53.GetHostedZoneInput) (*request.Request, *route53.GetHostedZoneOutput) - - GetHostedZoneCount(*route53.GetHostedZoneCountInput) (*route53.GetHostedZoneCountOutput, error) - GetHostedZoneCountWithContext(aws.Context, *route53.GetHostedZoneCountInput, ...request.Option) (*route53.GetHostedZoneCountOutput, error) - GetHostedZoneCountRequest(*route53.GetHostedZoneCountInput) (*request.Request, *route53.GetHostedZoneCountOutput) - - GetHostedZoneLimit(*route53.GetHostedZoneLimitInput) (*route53.GetHostedZoneLimitOutput, error) - GetHostedZoneLimitWithContext(aws.Context, *route53.GetHostedZoneLimitInput, ...request.Option) (*route53.GetHostedZoneLimitOutput, error) - GetHostedZoneLimitRequest(*route53.GetHostedZoneLimitInput) (*request.Request, *route53.GetHostedZoneLimitOutput) - - GetQueryLoggingConfig(*route53.GetQueryLoggingConfigInput) (*route53.GetQueryLoggingConfigOutput, error) - GetQueryLoggingConfigWithContext(aws.Context, *route53.GetQueryLoggingConfigInput, ...request.Option) (*route53.GetQueryLoggingConfigOutput, error) - GetQueryLoggingConfigRequest(*route53.GetQueryLoggingConfigInput) (*request.Request, *route53.GetQueryLoggingConfigOutput) - - GetReusableDelegationSet(*route53.GetReusableDelegationSetInput) (*route53.GetReusableDelegationSetOutput, error) - GetReusableDelegationSetWithContext(aws.Context, *route53.GetReusableDelegationSetInput, ...request.Option) (*route53.GetReusableDelegationSetOutput, error) - GetReusableDelegationSetRequest(*route53.GetReusableDelegationSetInput) (*request.Request, *route53.GetReusableDelegationSetOutput) - - GetReusableDelegationSetLimit(*route53.GetReusableDelegationSetLimitInput) (*route53.GetReusableDelegationSetLimitOutput, error) - GetReusableDelegationSetLimitWithContext(aws.Context, *route53.GetReusableDelegationSetLimitInput, ...request.Option) (*route53.GetReusableDelegationSetLimitOutput, error) - GetReusableDelegationSetLimitRequest(*route53.GetReusableDelegationSetLimitInput) (*request.Request, *route53.GetReusableDelegationSetLimitOutput) - - GetTrafficPolicy(*route53.GetTrafficPolicyInput) (*route53.GetTrafficPolicyOutput, error) - GetTrafficPolicyWithContext(aws.Context, *route53.GetTrafficPolicyInput, ...request.Option) (*route53.GetTrafficPolicyOutput, error) - GetTrafficPolicyRequest(*route53.GetTrafficPolicyInput) (*request.Request, *route53.GetTrafficPolicyOutput) - - GetTrafficPolicyInstance(*route53.GetTrafficPolicyInstanceInput) (*route53.GetTrafficPolicyInstanceOutput, error) - GetTrafficPolicyInstanceWithContext(aws.Context, *route53.GetTrafficPolicyInstanceInput, ...request.Option) (*route53.GetTrafficPolicyInstanceOutput, error) - GetTrafficPolicyInstanceRequest(*route53.GetTrafficPolicyInstanceInput) (*request.Request, *route53.GetTrafficPolicyInstanceOutput) - - GetTrafficPolicyInstanceCount(*route53.GetTrafficPolicyInstanceCountInput) (*route53.GetTrafficPolicyInstanceCountOutput, error) - GetTrafficPolicyInstanceCountWithContext(aws.Context, *route53.GetTrafficPolicyInstanceCountInput, ...request.Option) (*route53.GetTrafficPolicyInstanceCountOutput, error) - GetTrafficPolicyInstanceCountRequest(*route53.GetTrafficPolicyInstanceCountInput) (*request.Request, *route53.GetTrafficPolicyInstanceCountOutput) - - ListCidrBlocks(*route53.ListCidrBlocksInput) (*route53.ListCidrBlocksOutput, error) - ListCidrBlocksWithContext(aws.Context, *route53.ListCidrBlocksInput, ...request.Option) (*route53.ListCidrBlocksOutput, error) - ListCidrBlocksRequest(*route53.ListCidrBlocksInput) (*request.Request, *route53.ListCidrBlocksOutput) - - ListCidrBlocksPages(*route53.ListCidrBlocksInput, func(*route53.ListCidrBlocksOutput, bool) bool) error - ListCidrBlocksPagesWithContext(aws.Context, *route53.ListCidrBlocksInput, func(*route53.ListCidrBlocksOutput, bool) bool, ...request.Option) error - - ListCidrCollections(*route53.ListCidrCollectionsInput) (*route53.ListCidrCollectionsOutput, error) - ListCidrCollectionsWithContext(aws.Context, *route53.ListCidrCollectionsInput, ...request.Option) (*route53.ListCidrCollectionsOutput, error) - ListCidrCollectionsRequest(*route53.ListCidrCollectionsInput) (*request.Request, *route53.ListCidrCollectionsOutput) - - ListCidrCollectionsPages(*route53.ListCidrCollectionsInput, func(*route53.ListCidrCollectionsOutput, bool) bool) error - ListCidrCollectionsPagesWithContext(aws.Context, *route53.ListCidrCollectionsInput, func(*route53.ListCidrCollectionsOutput, bool) bool, ...request.Option) error - - ListCidrLocations(*route53.ListCidrLocationsInput) (*route53.ListCidrLocationsOutput, error) - ListCidrLocationsWithContext(aws.Context, *route53.ListCidrLocationsInput, ...request.Option) (*route53.ListCidrLocationsOutput, error) - ListCidrLocationsRequest(*route53.ListCidrLocationsInput) (*request.Request, *route53.ListCidrLocationsOutput) - - ListCidrLocationsPages(*route53.ListCidrLocationsInput, func(*route53.ListCidrLocationsOutput, bool) bool) error - ListCidrLocationsPagesWithContext(aws.Context, *route53.ListCidrLocationsInput, func(*route53.ListCidrLocationsOutput, bool) bool, ...request.Option) error - - ListGeoLocations(*route53.ListGeoLocationsInput) (*route53.ListGeoLocationsOutput, error) - ListGeoLocationsWithContext(aws.Context, *route53.ListGeoLocationsInput, ...request.Option) (*route53.ListGeoLocationsOutput, error) - ListGeoLocationsRequest(*route53.ListGeoLocationsInput) (*request.Request, *route53.ListGeoLocationsOutput) - - ListHealthChecks(*route53.ListHealthChecksInput) (*route53.ListHealthChecksOutput, error) - ListHealthChecksWithContext(aws.Context, *route53.ListHealthChecksInput, ...request.Option) (*route53.ListHealthChecksOutput, error) - ListHealthChecksRequest(*route53.ListHealthChecksInput) (*request.Request, *route53.ListHealthChecksOutput) - - ListHealthChecksPages(*route53.ListHealthChecksInput, func(*route53.ListHealthChecksOutput, bool) bool) error - ListHealthChecksPagesWithContext(aws.Context, *route53.ListHealthChecksInput, func(*route53.ListHealthChecksOutput, bool) bool, ...request.Option) error - - ListHostedZones(*route53.ListHostedZonesInput) (*route53.ListHostedZonesOutput, error) - ListHostedZonesWithContext(aws.Context, *route53.ListHostedZonesInput, ...request.Option) (*route53.ListHostedZonesOutput, error) - ListHostedZonesRequest(*route53.ListHostedZonesInput) (*request.Request, *route53.ListHostedZonesOutput) - - ListHostedZonesPages(*route53.ListHostedZonesInput, func(*route53.ListHostedZonesOutput, bool) bool) error - ListHostedZonesPagesWithContext(aws.Context, *route53.ListHostedZonesInput, func(*route53.ListHostedZonesOutput, bool) bool, ...request.Option) error - - ListHostedZonesByName(*route53.ListHostedZonesByNameInput) (*route53.ListHostedZonesByNameOutput, error) - ListHostedZonesByNameWithContext(aws.Context, *route53.ListHostedZonesByNameInput, ...request.Option) (*route53.ListHostedZonesByNameOutput, error) - ListHostedZonesByNameRequest(*route53.ListHostedZonesByNameInput) (*request.Request, *route53.ListHostedZonesByNameOutput) - - ListHostedZonesByVPC(*route53.ListHostedZonesByVPCInput) (*route53.ListHostedZonesByVPCOutput, error) - ListHostedZonesByVPCWithContext(aws.Context, *route53.ListHostedZonesByVPCInput, ...request.Option) (*route53.ListHostedZonesByVPCOutput, error) - ListHostedZonesByVPCRequest(*route53.ListHostedZonesByVPCInput) (*request.Request, *route53.ListHostedZonesByVPCOutput) - - ListQueryLoggingConfigs(*route53.ListQueryLoggingConfigsInput) (*route53.ListQueryLoggingConfigsOutput, error) - ListQueryLoggingConfigsWithContext(aws.Context, *route53.ListQueryLoggingConfigsInput, ...request.Option) (*route53.ListQueryLoggingConfigsOutput, error) - ListQueryLoggingConfigsRequest(*route53.ListQueryLoggingConfigsInput) (*request.Request, *route53.ListQueryLoggingConfigsOutput) - - ListQueryLoggingConfigsPages(*route53.ListQueryLoggingConfigsInput, func(*route53.ListQueryLoggingConfigsOutput, bool) bool) error - ListQueryLoggingConfigsPagesWithContext(aws.Context, *route53.ListQueryLoggingConfigsInput, func(*route53.ListQueryLoggingConfigsOutput, bool) bool, ...request.Option) error - - ListResourceRecordSets(*route53.ListResourceRecordSetsInput) (*route53.ListResourceRecordSetsOutput, error) - ListResourceRecordSetsWithContext(aws.Context, *route53.ListResourceRecordSetsInput, ...request.Option) (*route53.ListResourceRecordSetsOutput, error) - ListResourceRecordSetsRequest(*route53.ListResourceRecordSetsInput) (*request.Request, *route53.ListResourceRecordSetsOutput) - - ListResourceRecordSetsPages(*route53.ListResourceRecordSetsInput, func(*route53.ListResourceRecordSetsOutput, bool) bool) error - ListResourceRecordSetsPagesWithContext(aws.Context, *route53.ListResourceRecordSetsInput, func(*route53.ListResourceRecordSetsOutput, bool) bool, ...request.Option) error - - ListReusableDelegationSets(*route53.ListReusableDelegationSetsInput) (*route53.ListReusableDelegationSetsOutput, error) - ListReusableDelegationSetsWithContext(aws.Context, *route53.ListReusableDelegationSetsInput, ...request.Option) (*route53.ListReusableDelegationSetsOutput, error) - ListReusableDelegationSetsRequest(*route53.ListReusableDelegationSetsInput) (*request.Request, *route53.ListReusableDelegationSetsOutput) - - ListTagsForResource(*route53.ListTagsForResourceInput) (*route53.ListTagsForResourceOutput, error) - ListTagsForResourceWithContext(aws.Context, *route53.ListTagsForResourceInput, ...request.Option) (*route53.ListTagsForResourceOutput, error) - ListTagsForResourceRequest(*route53.ListTagsForResourceInput) (*request.Request, *route53.ListTagsForResourceOutput) - - ListTagsForResources(*route53.ListTagsForResourcesInput) (*route53.ListTagsForResourcesOutput, error) - ListTagsForResourcesWithContext(aws.Context, *route53.ListTagsForResourcesInput, ...request.Option) (*route53.ListTagsForResourcesOutput, error) - ListTagsForResourcesRequest(*route53.ListTagsForResourcesInput) (*request.Request, *route53.ListTagsForResourcesOutput) - - ListTrafficPolicies(*route53.ListTrafficPoliciesInput) (*route53.ListTrafficPoliciesOutput, error) - ListTrafficPoliciesWithContext(aws.Context, *route53.ListTrafficPoliciesInput, ...request.Option) (*route53.ListTrafficPoliciesOutput, error) - ListTrafficPoliciesRequest(*route53.ListTrafficPoliciesInput) (*request.Request, *route53.ListTrafficPoliciesOutput) - - ListTrafficPolicyInstances(*route53.ListTrafficPolicyInstancesInput) (*route53.ListTrafficPolicyInstancesOutput, error) - ListTrafficPolicyInstancesWithContext(aws.Context, *route53.ListTrafficPolicyInstancesInput, ...request.Option) (*route53.ListTrafficPolicyInstancesOutput, error) - ListTrafficPolicyInstancesRequest(*route53.ListTrafficPolicyInstancesInput) (*request.Request, *route53.ListTrafficPolicyInstancesOutput) - - ListTrafficPolicyInstancesByHostedZone(*route53.ListTrafficPolicyInstancesByHostedZoneInput) (*route53.ListTrafficPolicyInstancesByHostedZoneOutput, error) - ListTrafficPolicyInstancesByHostedZoneWithContext(aws.Context, *route53.ListTrafficPolicyInstancesByHostedZoneInput, ...request.Option) (*route53.ListTrafficPolicyInstancesByHostedZoneOutput, error) - ListTrafficPolicyInstancesByHostedZoneRequest(*route53.ListTrafficPolicyInstancesByHostedZoneInput) (*request.Request, *route53.ListTrafficPolicyInstancesByHostedZoneOutput) - - ListTrafficPolicyInstancesByPolicy(*route53.ListTrafficPolicyInstancesByPolicyInput) (*route53.ListTrafficPolicyInstancesByPolicyOutput, error) - ListTrafficPolicyInstancesByPolicyWithContext(aws.Context, *route53.ListTrafficPolicyInstancesByPolicyInput, ...request.Option) (*route53.ListTrafficPolicyInstancesByPolicyOutput, error) - ListTrafficPolicyInstancesByPolicyRequest(*route53.ListTrafficPolicyInstancesByPolicyInput) (*request.Request, *route53.ListTrafficPolicyInstancesByPolicyOutput) - - ListTrafficPolicyVersions(*route53.ListTrafficPolicyVersionsInput) (*route53.ListTrafficPolicyVersionsOutput, error) - ListTrafficPolicyVersionsWithContext(aws.Context, *route53.ListTrafficPolicyVersionsInput, ...request.Option) (*route53.ListTrafficPolicyVersionsOutput, error) - ListTrafficPolicyVersionsRequest(*route53.ListTrafficPolicyVersionsInput) (*request.Request, *route53.ListTrafficPolicyVersionsOutput) - - ListVPCAssociationAuthorizations(*route53.ListVPCAssociationAuthorizationsInput) (*route53.ListVPCAssociationAuthorizationsOutput, error) - ListVPCAssociationAuthorizationsWithContext(aws.Context, *route53.ListVPCAssociationAuthorizationsInput, ...request.Option) (*route53.ListVPCAssociationAuthorizationsOutput, error) - ListVPCAssociationAuthorizationsRequest(*route53.ListVPCAssociationAuthorizationsInput) (*request.Request, *route53.ListVPCAssociationAuthorizationsOutput) - - TestDNSAnswer(*route53.TestDNSAnswerInput) (*route53.TestDNSAnswerOutput, error) - TestDNSAnswerWithContext(aws.Context, *route53.TestDNSAnswerInput, ...request.Option) (*route53.TestDNSAnswerOutput, error) - TestDNSAnswerRequest(*route53.TestDNSAnswerInput) (*request.Request, *route53.TestDNSAnswerOutput) - - UpdateHealthCheck(*route53.UpdateHealthCheckInput) (*route53.UpdateHealthCheckOutput, error) - UpdateHealthCheckWithContext(aws.Context, *route53.UpdateHealthCheckInput, ...request.Option) (*route53.UpdateHealthCheckOutput, error) - UpdateHealthCheckRequest(*route53.UpdateHealthCheckInput) (*request.Request, *route53.UpdateHealthCheckOutput) - - UpdateHostedZoneComment(*route53.UpdateHostedZoneCommentInput) (*route53.UpdateHostedZoneCommentOutput, error) - UpdateHostedZoneCommentWithContext(aws.Context, *route53.UpdateHostedZoneCommentInput, ...request.Option) (*route53.UpdateHostedZoneCommentOutput, error) - UpdateHostedZoneCommentRequest(*route53.UpdateHostedZoneCommentInput) (*request.Request, *route53.UpdateHostedZoneCommentOutput) - - UpdateTrafficPolicyComment(*route53.UpdateTrafficPolicyCommentInput) (*route53.UpdateTrafficPolicyCommentOutput, error) - UpdateTrafficPolicyCommentWithContext(aws.Context, *route53.UpdateTrafficPolicyCommentInput, ...request.Option) (*route53.UpdateTrafficPolicyCommentOutput, error) - UpdateTrafficPolicyCommentRequest(*route53.UpdateTrafficPolicyCommentInput) (*request.Request, *route53.UpdateTrafficPolicyCommentOutput) - - UpdateTrafficPolicyInstance(*route53.UpdateTrafficPolicyInstanceInput) (*route53.UpdateTrafficPolicyInstanceOutput, error) - UpdateTrafficPolicyInstanceWithContext(aws.Context, *route53.UpdateTrafficPolicyInstanceInput, ...request.Option) (*route53.UpdateTrafficPolicyInstanceOutput, error) - UpdateTrafficPolicyInstanceRequest(*route53.UpdateTrafficPolicyInstanceInput) (*request.Request, *route53.UpdateTrafficPolicyInstanceOutput) - - WaitUntilResourceRecordSetsChanged(*route53.GetChangeInput) error - WaitUntilResourceRecordSetsChangedWithContext(aws.Context, *route53.GetChangeInput, ...request.WaiterOption) error -} - -var _ Route53API = (*route53.Route53)(nil) diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/service.go b/vendor/github.com/aws/aws-sdk-go/service/route53/service.go deleted file mode 100644 index e2759c3b..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/service.go +++ /dev/null @@ -1,104 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package route53 - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/aws/signer/v4" - "github.com/aws/aws-sdk-go/private/protocol/restxml" -) - -// Route53 provides the API operation methods for making requests to -// Amazon Route 53. See this package's package overview docs -// for details on the service. -// -// Route53 methods are safe to use concurrently. It is not safe to -// modify mutate any of the struct's properties though. -type Route53 struct { - *client.Client -} - -// Used for custom client initialization logic -var initClient func(*client.Client) - -// Used for custom request initialization logic -var initRequest func(*request.Request) - -// Service information constants -const ( - ServiceName = "route53" // Name of service. - EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "Route 53" // ServiceID is a unique identifier of a specific service. -) - -// New creates a new instance of the Route53 client with a session. -// If additional configuration is needed for the client instance use the optional -// aws.Config parameter to add your extra config. -// -// Example: -// -// mySession := session.Must(session.NewSession()) -// -// // Create a Route53 client from just a session. -// svc := route53.New(mySession) -// -// // Create a Route53 client with additional configuration -// svc := route53.New(mySession, aws.NewConfig().WithRegion("us-west-2")) -func New(p client.ConfigProvider, cfgs ...*aws.Config) *Route53 { - c := p.ClientConfig(EndpointsID, cfgs...) - if c.SigningNameDerived || len(c.SigningName) == 0 { - c.SigningName = EndpointsID - // No Fallback - } - return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) -} - -// newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *Route53 { - svc := &Route53{ - Client: client.New( - cfg, - metadata.ClientInfo{ - ServiceName: ServiceName, - ServiceID: ServiceID, - SigningName: signingName, - SigningRegion: signingRegion, - PartitionID: partitionID, - Endpoint: endpoint, - APIVersion: "2013-04-01", - ResolvedRegion: resolvedRegion, - }, - handlers, - ), - } - - // Handlers - svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) - svc.Handlers.Build.PushBackNamed(restxml.BuildHandler) - svc.Handlers.Unmarshal.PushBackNamed(restxml.UnmarshalHandler) - svc.Handlers.UnmarshalMeta.PushBackNamed(restxml.UnmarshalMetaHandler) - svc.Handlers.UnmarshalError.PushBackNamed(restxml.UnmarshalErrorHandler) - - // Run custom client initialization if present - if initClient != nil { - initClient(svc.Client) - } - - return svc -} - -// newRequest creates a new request for a Route53 operation and runs any -// custom request initialization. -func (c *Route53) newRequest(op *request.Operation, params, data interface{}) *request.Request { - req := c.NewRequest(op, params, data) - - // Run custom request initialization if present - if initRequest != nil { - initRequest(req) - } - - return req -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/unmarshal_error.go b/vendor/github.com/aws/aws-sdk-go/service/route53/unmarshal_error.go deleted file mode 100644 index b3b95a12..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/unmarshal_error.go +++ /dev/null @@ -1,106 +0,0 @@ -package route53 - -import ( - "encoding/xml" - "fmt" - - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil" -) - -const errorRespTag = "ErrorResponse" -const invalidChangeTag = "InvalidChangeBatch" - -type standardXMLErrorResponse struct { - Code string `xml:"Error>Code"` - Message string `xml:"Error>Message"` - RequestID string `xml:"RequestId"` -} - -func (e standardXMLErrorResponse) FillCommon(c *xmlErrorResponse) { - c.Code = e.Code - c.Message = e.Message - c.RequestID = e.RequestID -} - -type invalidChangeBatchXMLErrorResponse struct { - Messages []string `xml:"Messages>Message"` - RequestID string `xml:"RequestId"` -} - -func (e invalidChangeBatchXMLErrorResponse) FillCommon(c *xmlErrorResponse) { - c.Code = invalidChangeTag - c.Message = "ChangeBatch errors occurred" - c.Messages = e.Messages - c.RequestID = e.RequestID -} - -type xmlErrorResponse struct { - Code string - Message string - Messages []string - RequestID string -} - -func (e *xmlErrorResponse) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error { - type commonFiller interface { - FillCommon(*xmlErrorResponse) - } - - var errResp commonFiller - switch start.Name.Local { - case errorRespTag: - errResp = &standardXMLErrorResponse{} - - case invalidChangeTag: - errResp = &invalidChangeBatchXMLErrorResponse{} - - default: - return fmt.Errorf("unknown error message, %v", start.Name.Local) - } - - if err := d.DecodeElement(errResp, &start); err != nil { - return err - } - - errResp.FillCommon(e) - return nil -} - -func unmarshalChangeResourceRecordSetsError(r *request.Request) { - defer r.HTTPResponse.Body.Close() - - var errResp xmlErrorResponse - err := xmlutil.UnmarshalXMLError(&errResp, r.HTTPResponse.Body) - if err != nil { - r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to unmarshal error message", err), - r.HTTPResponse.StatusCode, - r.RequestID, - ) - return - } - - var baseErr awserr.Error - if len(errResp.Messages) != 0 { - var errs []error - for _, msg := range errResp.Messages { - errs = append(errs, awserr.New(invalidChangeTag, msg, nil)) - } - baseErr = awserr.NewBatchError(errResp.Code, errResp.Message, errs) - } else { - baseErr = awserr.New(errResp.Code, errResp.Message, nil) - } - - reqID := errResp.RequestID - if len(reqID) == 0 { - reqID = r.RequestID - } - r.Error = awserr.NewRequestFailure( - baseErr, - r.HTTPResponse.StatusCode, - reqID, - ) -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/route53/waiters.go b/vendor/github.com/aws/aws-sdk-go/service/route53/waiters.go deleted file mode 100644 index 9bd7a9a7..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/route53/waiters.go +++ /dev/null @@ -1,56 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package route53 - -import ( - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" -) - -// WaitUntilResourceRecordSetsChanged uses the Route 53 API operation -// GetChange to wait for a condition to be met before returning. -// If the condition is not met within the max attempt window, an error will -// be returned. -func (c *Route53) WaitUntilResourceRecordSetsChanged(input *GetChangeInput) error { - return c.WaitUntilResourceRecordSetsChangedWithContext(aws.BackgroundContext(), input) -} - -// WaitUntilResourceRecordSetsChangedWithContext is an extended version of WaitUntilResourceRecordSetsChanged. -// With the support for passing in a context and options to configure the -// Waiter and the underlying request options. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *Route53) WaitUntilResourceRecordSetsChangedWithContext(ctx aws.Context, input *GetChangeInput, opts ...request.WaiterOption) error { - w := request.Waiter{ - Name: "WaitUntilResourceRecordSetsChanged", - MaxAttempts: 60, - Delay: request.ConstantWaiterDelay(30 * time.Second), - Acceptors: []request.WaiterAcceptor{ - { - State: request.SuccessWaiterState, - Matcher: request.PathWaiterMatch, Argument: "ChangeInfo.Status", - Expected: "INSYNC", - }, - }, - Logger: c.Config.Logger, - NewRequest: func(opts []request.Option) (*request.Request, error) { - var inCpy *GetChangeInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.GetChangeRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - w.ApplyOptions(opts...) - - return w.WaitWithContext(ctx) -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/api.go b/vendor/github.com/aws/aws-sdk-go/service/sso/api.go deleted file mode 100644 index b8f590f7..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sso/api.go +++ /dev/null @@ -1,1367 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package sso - -import ( - "fmt" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awsutil" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol" - "github.com/aws/aws-sdk-go/private/protocol/restjson" -) - -const opGetRoleCredentials = "GetRoleCredentials" - -// GetRoleCredentialsRequest generates a "aws/request.Request" representing the -// client's request for the GetRoleCredentials operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetRoleCredentials for more information on using the GetRoleCredentials -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetRoleCredentialsRequest method. -// req, resp := client.GetRoleCredentialsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/GetRoleCredentials -func (c *SSO) GetRoleCredentialsRequest(input *GetRoleCredentialsInput) (req *request.Request, output *GetRoleCredentialsOutput) { - op := &request.Operation{ - Name: opGetRoleCredentials, - HTTPMethod: "GET", - HTTPPath: "/federation/credentials", - } - - if input == nil { - input = &GetRoleCredentialsInput{} - } - - output = &GetRoleCredentialsOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - return -} - -// GetRoleCredentials API operation for AWS Single Sign-On. -// -// Returns the STS short-term credentials for a given role name that is assigned -// to the user. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Single Sign-On's -// API operation GetRoleCredentials for usage and error information. -// -// Returned Error Types: -// -// - InvalidRequestException -// Indicates that a problem occurred with the input to the request. For example, -// a required parameter might be missing or out of range. -// -// - UnauthorizedException -// Indicates that the request is not authorized. This can happen due to an invalid -// access token in the request. -// -// - TooManyRequestsException -// Indicates that the request is being made too frequently and is more than -// what the server can handle. -// -// - ResourceNotFoundException -// The specified resource doesn't exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/GetRoleCredentials -func (c *SSO) GetRoleCredentials(input *GetRoleCredentialsInput) (*GetRoleCredentialsOutput, error) { - req, out := c.GetRoleCredentialsRequest(input) - return out, req.Send() -} - -// GetRoleCredentialsWithContext is the same as GetRoleCredentials with the addition of -// the ability to pass a context and additional request options. -// -// See GetRoleCredentials for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSO) GetRoleCredentialsWithContext(ctx aws.Context, input *GetRoleCredentialsInput, opts ...request.Option) (*GetRoleCredentialsOutput, error) { - req, out := c.GetRoleCredentialsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opListAccountRoles = "ListAccountRoles" - -// ListAccountRolesRequest generates a "aws/request.Request" representing the -// client's request for the ListAccountRoles operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListAccountRoles for more information on using the ListAccountRoles -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListAccountRolesRequest method. -// req, resp := client.ListAccountRolesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRoles -func (c *SSO) ListAccountRolesRequest(input *ListAccountRolesInput) (req *request.Request, output *ListAccountRolesOutput) { - op := &request.Operation{ - Name: opListAccountRoles, - HTTPMethod: "GET", - HTTPPath: "/assignment/roles", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "maxResults", - TruncationToken: "", - }, - } - - if input == nil { - input = &ListAccountRolesInput{} - } - - output = &ListAccountRolesOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - return -} - -// ListAccountRoles API operation for AWS Single Sign-On. -// -// Lists all roles that are assigned to the user for a given AWS account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Single Sign-On's -// API operation ListAccountRoles for usage and error information. -// -// Returned Error Types: -// -// - InvalidRequestException -// Indicates that a problem occurred with the input to the request. For example, -// a required parameter might be missing or out of range. -// -// - UnauthorizedException -// Indicates that the request is not authorized. This can happen due to an invalid -// access token in the request. -// -// - TooManyRequestsException -// Indicates that the request is being made too frequently and is more than -// what the server can handle. -// -// - ResourceNotFoundException -// The specified resource doesn't exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRoles -func (c *SSO) ListAccountRoles(input *ListAccountRolesInput) (*ListAccountRolesOutput, error) { - req, out := c.ListAccountRolesRequest(input) - return out, req.Send() -} - -// ListAccountRolesWithContext is the same as ListAccountRoles with the addition of -// the ability to pass a context and additional request options. -// -// See ListAccountRoles for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSO) ListAccountRolesWithContext(ctx aws.Context, input *ListAccountRolesInput, opts ...request.Option) (*ListAccountRolesOutput, error) { - req, out := c.ListAccountRolesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListAccountRolesPages iterates over the pages of a ListAccountRoles operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListAccountRoles method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListAccountRoles operation. -// pageNum := 0 -// err := client.ListAccountRolesPages(params, -// func(page *sso.ListAccountRolesOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *SSO) ListAccountRolesPages(input *ListAccountRolesInput, fn func(*ListAccountRolesOutput, bool) bool) error { - return c.ListAccountRolesPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListAccountRolesPagesWithContext same as ListAccountRolesPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSO) ListAccountRolesPagesWithContext(ctx aws.Context, input *ListAccountRolesInput, fn func(*ListAccountRolesOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListAccountRolesInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListAccountRolesRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListAccountRolesOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListAccounts = "ListAccounts" - -// ListAccountsRequest generates a "aws/request.Request" representing the -// client's request for the ListAccounts operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See ListAccounts for more information on using the ListAccounts -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the ListAccountsRequest method. -// req, resp := client.ListAccountsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccounts -func (c *SSO) ListAccountsRequest(input *ListAccountsInput) (req *request.Request, output *ListAccountsOutput) { - op := &request.Operation{ - Name: opListAccounts, - HTTPMethod: "GET", - HTTPPath: "/assignment/accounts", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "maxResults", - TruncationToken: "", - }, - } - - if input == nil { - input = &ListAccountsInput{} - } - - output = &ListAccountsOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - return -} - -// ListAccounts API operation for AWS Single Sign-On. -// -// Lists all AWS accounts assigned to the user. These AWS accounts are assigned -// by the administrator of the account. For more information, see Assign User -// Access (https://docs.aws.amazon.com/singlesignon/latest/userguide/useraccess.html#assignusers) -// in the IAM Identity Center User Guide. This operation returns a paginated -// response. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Single Sign-On's -// API operation ListAccounts for usage and error information. -// -// Returned Error Types: -// -// - InvalidRequestException -// Indicates that a problem occurred with the input to the request. For example, -// a required parameter might be missing or out of range. -// -// - UnauthorizedException -// Indicates that the request is not authorized. This can happen due to an invalid -// access token in the request. -// -// - TooManyRequestsException -// Indicates that the request is being made too frequently and is more than -// what the server can handle. -// -// - ResourceNotFoundException -// The specified resource doesn't exist. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccounts -func (c *SSO) ListAccounts(input *ListAccountsInput) (*ListAccountsOutput, error) { - req, out := c.ListAccountsRequest(input) - return out, req.Send() -} - -// ListAccountsWithContext is the same as ListAccounts with the addition of -// the ability to pass a context and additional request options. -// -// See ListAccounts for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSO) ListAccountsWithContext(ctx aws.Context, input *ListAccountsInput, opts ...request.Option) (*ListAccountsOutput, error) { - req, out := c.ListAccountsRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// ListAccountsPages iterates over the pages of a ListAccounts operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListAccounts method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListAccounts operation. -// pageNum := 0 -// err := client.ListAccountsPages(params, -// func(page *sso.ListAccountsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *SSO) ListAccountsPages(input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool) error { - return c.ListAccountsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListAccountsPagesWithContext same as ListAccountsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSO) ListAccountsPagesWithContext(ctx aws.Context, input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListAccountsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListAccountsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListAccountsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opLogout = "Logout" - -// LogoutRequest generates a "aws/request.Request" representing the -// client's request for the Logout operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See Logout for more information on using the Logout -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the LogoutRequest method. -// req, resp := client.LogoutRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/Logout -func (c *SSO) LogoutRequest(input *LogoutInput) (req *request.Request, output *LogoutOutput) { - op := &request.Operation{ - Name: opLogout, - HTTPMethod: "POST", - HTTPPath: "/logout", - } - - if input == nil { - input = &LogoutInput{} - } - - output = &LogoutOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) - return -} - -// Logout API operation for AWS Single Sign-On. -// -// Removes the locally stored SSO tokens from the client-side cache and sends -// an API call to the IAM Identity Center service to invalidate the corresponding -// server-side IAM Identity Center sign in session. -// -// If a user uses IAM Identity Center to access the AWS CLI, the user’s IAM -// Identity Center sign in session is used to obtain an IAM session, as specified -// in the corresponding IAM Identity Center permission set. More specifically, -// IAM Identity Center assumes an IAM role in the target account on behalf of -// the user, and the corresponding temporary AWS credentials are returned to -// the client. -// -// After user logout, any existing IAM role sessions that were created by using -// IAM Identity Center permission sets continue based on the duration configured -// in the permission set. For more information, see User authentications (https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html) -// in the IAM Identity Center User Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Single Sign-On's -// API operation Logout for usage and error information. -// -// Returned Error Types: -// -// - InvalidRequestException -// Indicates that a problem occurred with the input to the request. For example, -// a required parameter might be missing or out of range. -// -// - UnauthorizedException -// Indicates that the request is not authorized. This can happen due to an invalid -// access token in the request. -// -// - TooManyRequestsException -// Indicates that the request is being made too frequently and is more than -// what the server can handle. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/Logout -func (c *SSO) Logout(input *LogoutInput) (*LogoutOutput, error) { - req, out := c.LogoutRequest(input) - return out, req.Send() -} - -// LogoutWithContext is the same as Logout with the addition of -// the ability to pass a context and additional request options. -// -// See Logout for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSO) LogoutWithContext(ctx aws.Context, input *LogoutInput, opts ...request.Option) (*LogoutOutput, error) { - req, out := c.LogoutRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// Provides information about your AWS account. -type AccountInfo struct { - _ struct{} `type:"structure"` - - // The identifier of the AWS account that is assigned to the user. - AccountId *string `locationName:"accountId" type:"string"` - - // The display name of the AWS account that is assigned to the user. - AccountName *string `locationName:"accountName" type:"string"` - - // The email address of the AWS account that is assigned to the user. - EmailAddress *string `locationName:"emailAddress" min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccountInfo) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccountInfo) GoString() string { - return s.String() -} - -// SetAccountId sets the AccountId field's value. -func (s *AccountInfo) SetAccountId(v string) *AccountInfo { - s.AccountId = &v - return s -} - -// SetAccountName sets the AccountName field's value. -func (s *AccountInfo) SetAccountName(v string) *AccountInfo { - s.AccountName = &v - return s -} - -// SetEmailAddress sets the EmailAddress field's value. -func (s *AccountInfo) SetEmailAddress(v string) *AccountInfo { - s.EmailAddress = &v - return s -} - -type GetRoleCredentialsInput struct { - _ struct{} `type:"structure" nopayload:"true"` - - // The token issued by the CreateToken API call. For more information, see CreateToken - // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) - // in the IAM Identity Center OIDC API Reference Guide. - // - // AccessToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by GetRoleCredentialsInput's - // String and GoString methods. - // - // AccessToken is a required field - AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` - - // The identifier for the AWS account that is assigned to the user. - // - // AccountId is a required field - AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"` - - // The friendly name of the role that is assigned to the user. - // - // RoleName is a required field - RoleName *string `location:"querystring" locationName:"role_name" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetRoleCredentialsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetRoleCredentialsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetRoleCredentialsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetRoleCredentialsInput"} - if s.AccessToken == nil { - invalidParams.Add(request.NewErrParamRequired("AccessToken")) - } - if s.AccountId == nil { - invalidParams.Add(request.NewErrParamRequired("AccountId")) - } - if s.RoleName == nil { - invalidParams.Add(request.NewErrParamRequired("RoleName")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAccessToken sets the AccessToken field's value. -func (s *GetRoleCredentialsInput) SetAccessToken(v string) *GetRoleCredentialsInput { - s.AccessToken = &v - return s -} - -// SetAccountId sets the AccountId field's value. -func (s *GetRoleCredentialsInput) SetAccountId(v string) *GetRoleCredentialsInput { - s.AccountId = &v - return s -} - -// SetRoleName sets the RoleName field's value. -func (s *GetRoleCredentialsInput) SetRoleName(v string) *GetRoleCredentialsInput { - s.RoleName = &v - return s -} - -type GetRoleCredentialsOutput struct { - _ struct{} `type:"structure"` - - // The credentials for the role that is assigned to the user. - RoleCredentials *RoleCredentials `locationName:"roleCredentials" type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetRoleCredentialsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetRoleCredentialsOutput) GoString() string { - return s.String() -} - -// SetRoleCredentials sets the RoleCredentials field's value. -func (s *GetRoleCredentialsOutput) SetRoleCredentials(v *RoleCredentials) *GetRoleCredentialsOutput { - s.RoleCredentials = v - return s -} - -// Indicates that a problem occurred with the input to the request. For example, -// a required parameter might be missing or out of range. -type InvalidRequestException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidRequestException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidRequestException) GoString() string { - return s.String() -} - -func newErrorInvalidRequestException(v protocol.ResponseMetadata) error { - return &InvalidRequestException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InvalidRequestException) Code() string { - return "InvalidRequestException" -} - -// Message returns the exception's message. -func (s *InvalidRequestException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidRequestException) OrigErr() error { - return nil -} - -func (s *InvalidRequestException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidRequestException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InvalidRequestException) RequestID() string { - return s.RespMetadata.RequestID -} - -type ListAccountRolesInput struct { - _ struct{} `type:"structure" nopayload:"true"` - - // The token issued by the CreateToken API call. For more information, see CreateToken - // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) - // in the IAM Identity Center OIDC API Reference Guide. - // - // AccessToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by ListAccountRolesInput's - // String and GoString methods. - // - // AccessToken is a required field - AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` - - // The identifier for the AWS account that is assigned to the user. - // - // AccountId is a required field - AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"` - - // The number of items that clients can request per page. - MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"` - - // The page token from the previous response output when you request subsequent - // pages. - NextToken *string `location:"querystring" locationName:"next_token" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListAccountRolesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListAccountRolesInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListAccountRolesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListAccountRolesInput"} - if s.AccessToken == nil { - invalidParams.Add(request.NewErrParamRequired("AccessToken")) - } - if s.AccountId == nil { - invalidParams.Add(request.NewErrParamRequired("AccountId")) - } - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAccessToken sets the AccessToken field's value. -func (s *ListAccountRolesInput) SetAccessToken(v string) *ListAccountRolesInput { - s.AccessToken = &v - return s -} - -// SetAccountId sets the AccountId field's value. -func (s *ListAccountRolesInput) SetAccountId(v string) *ListAccountRolesInput { - s.AccountId = &v - return s -} - -// SetMaxResults sets the MaxResults field's value. -func (s *ListAccountRolesInput) SetMaxResults(v int64) *ListAccountRolesInput { - s.MaxResults = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListAccountRolesInput) SetNextToken(v string) *ListAccountRolesInput { - s.NextToken = &v - return s -} - -type ListAccountRolesOutput struct { - _ struct{} `type:"structure"` - - // The page token client that is used to retrieve the list of accounts. - NextToken *string `locationName:"nextToken" type:"string"` - - // A paginated response with the list of roles and the next token if more results - // are available. - RoleList []*RoleInfo `locationName:"roleList" type:"list"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListAccountRolesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListAccountRolesOutput) GoString() string { - return s.String() -} - -// SetNextToken sets the NextToken field's value. -func (s *ListAccountRolesOutput) SetNextToken(v string) *ListAccountRolesOutput { - s.NextToken = &v - return s -} - -// SetRoleList sets the RoleList field's value. -func (s *ListAccountRolesOutput) SetRoleList(v []*RoleInfo) *ListAccountRolesOutput { - s.RoleList = v - return s -} - -type ListAccountsInput struct { - _ struct{} `type:"structure" nopayload:"true"` - - // The token issued by the CreateToken API call. For more information, see CreateToken - // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) - // in the IAM Identity Center OIDC API Reference Guide. - // - // AccessToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by ListAccountsInput's - // String and GoString methods. - // - // AccessToken is a required field - AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` - - // This is the number of items clients can request per page. - MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"` - - // (Optional) When requesting subsequent pages, this is the page token from - // the previous response output. - NextToken *string `location:"querystring" locationName:"next_token" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListAccountsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListAccountsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ListAccountsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListAccountsInput"} - if s.AccessToken == nil { - invalidParams.Add(request.NewErrParamRequired("AccessToken")) - } - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAccessToken sets the AccessToken field's value. -func (s *ListAccountsInput) SetAccessToken(v string) *ListAccountsInput { - s.AccessToken = &v - return s -} - -// SetMaxResults sets the MaxResults field's value. -func (s *ListAccountsInput) SetMaxResults(v int64) *ListAccountsInput { - s.MaxResults = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListAccountsInput) SetNextToken(v string) *ListAccountsInput { - s.NextToken = &v - return s -} - -type ListAccountsOutput struct { - _ struct{} `type:"structure"` - - // A paginated response with the list of account information and the next token - // if more results are available. - AccountList []*AccountInfo `locationName:"accountList" type:"list"` - - // The page token client that is used to retrieve the list of accounts. - NextToken *string `locationName:"nextToken" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListAccountsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListAccountsOutput) GoString() string { - return s.String() -} - -// SetAccountList sets the AccountList field's value. -func (s *ListAccountsOutput) SetAccountList(v []*AccountInfo) *ListAccountsOutput { - s.AccountList = v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *ListAccountsOutput) SetNextToken(v string) *ListAccountsOutput { - s.NextToken = &v - return s -} - -type LogoutInput struct { - _ struct{} `type:"structure" nopayload:"true"` - - // The token issued by the CreateToken API call. For more information, see CreateToken - // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) - // in the IAM Identity Center OIDC API Reference Guide. - // - // AccessToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by LogoutInput's - // String and GoString methods. - // - // AccessToken is a required field - AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LogoutInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LogoutInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *LogoutInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "LogoutInput"} - if s.AccessToken == nil { - invalidParams.Add(request.NewErrParamRequired("AccessToken")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAccessToken sets the AccessToken field's value. -func (s *LogoutInput) SetAccessToken(v string) *LogoutInput { - s.AccessToken = &v - return s -} - -type LogoutOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LogoutOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s LogoutOutput) GoString() string { - return s.String() -} - -// The specified resource doesn't exist. -type ResourceNotFoundException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ResourceNotFoundException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ResourceNotFoundException) GoString() string { - return s.String() -} - -func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { - return &ResourceNotFoundException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *ResourceNotFoundException) Code() string { - return "ResourceNotFoundException" -} - -// Message returns the exception's message. -func (s *ResourceNotFoundException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *ResourceNotFoundException) OrigErr() error { - return nil -} - -func (s *ResourceNotFoundException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *ResourceNotFoundException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *ResourceNotFoundException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Provides information about the role credentials that are assigned to the -// user. -type RoleCredentials struct { - _ struct{} `type:"structure"` - - // The identifier used for the temporary security credentials. For more information, - // see Using Temporary Security Credentials to Request Access to AWS Resources - // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) - // in the AWS IAM User Guide. - AccessKeyId *string `locationName:"accessKeyId" type:"string"` - - // The date on which temporary security credentials expire. - Expiration *int64 `locationName:"expiration" type:"long"` - - // The key that is used to sign the request. For more information, see Using - // Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) - // in the AWS IAM User Guide. - // - // SecretAccessKey is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by RoleCredentials's - // String and GoString methods. - SecretAccessKey *string `locationName:"secretAccessKey" type:"string" sensitive:"true"` - - // The token used for temporary credentials. For more information, see Using - // Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) - // in the AWS IAM User Guide. - // - // SessionToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by RoleCredentials's - // String and GoString methods. - SessionToken *string `locationName:"sessionToken" type:"string" sensitive:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RoleCredentials) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RoleCredentials) GoString() string { - return s.String() -} - -// SetAccessKeyId sets the AccessKeyId field's value. -func (s *RoleCredentials) SetAccessKeyId(v string) *RoleCredentials { - s.AccessKeyId = &v - return s -} - -// SetExpiration sets the Expiration field's value. -func (s *RoleCredentials) SetExpiration(v int64) *RoleCredentials { - s.Expiration = &v - return s -} - -// SetSecretAccessKey sets the SecretAccessKey field's value. -func (s *RoleCredentials) SetSecretAccessKey(v string) *RoleCredentials { - s.SecretAccessKey = &v - return s -} - -// SetSessionToken sets the SessionToken field's value. -func (s *RoleCredentials) SetSessionToken(v string) *RoleCredentials { - s.SessionToken = &v - return s -} - -// Provides information about the role that is assigned to the user. -type RoleInfo struct { - _ struct{} `type:"structure"` - - // The identifier of the AWS account assigned to the user. - AccountId *string `locationName:"accountId" type:"string"` - - // The friendly name of the role that is assigned to the user. - RoleName *string `locationName:"roleName" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RoleInfo) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RoleInfo) GoString() string { - return s.String() -} - -// SetAccountId sets the AccountId field's value. -func (s *RoleInfo) SetAccountId(v string) *RoleInfo { - s.AccountId = &v - return s -} - -// SetRoleName sets the RoleName field's value. -func (s *RoleInfo) SetRoleName(v string) *RoleInfo { - s.RoleName = &v - return s -} - -// Indicates that the request is being made too frequently and is more than -// what the server can handle. -type TooManyRequestsException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TooManyRequestsException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s TooManyRequestsException) GoString() string { - return s.String() -} - -func newErrorTooManyRequestsException(v protocol.ResponseMetadata) error { - return &TooManyRequestsException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *TooManyRequestsException) Code() string { - return "TooManyRequestsException" -} - -// Message returns the exception's message. -func (s *TooManyRequestsException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *TooManyRequestsException) OrigErr() error { - return nil -} - -func (s *TooManyRequestsException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *TooManyRequestsException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *TooManyRequestsException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that the request is not authorized. This can happen due to an invalid -// access token in the request. -type UnauthorizedException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UnauthorizedException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UnauthorizedException) GoString() string { - return s.String() -} - -func newErrorUnauthorizedException(v protocol.ResponseMetadata) error { - return &UnauthorizedException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *UnauthorizedException) Code() string { - return "UnauthorizedException" -} - -// Message returns the exception's message. -func (s *UnauthorizedException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *UnauthorizedException) OrigErr() error { - return nil -} - -func (s *UnauthorizedException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *UnauthorizedException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *UnauthorizedException) RequestID() string { - return s.RespMetadata.RequestID -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go b/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go deleted file mode 100644 index 15e61a32..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go +++ /dev/null @@ -1,45 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -// Package sso provides the client and types for making API -// requests to AWS Single Sign-On. -// -// AWS IAM Identity Center (successor to AWS Single Sign-On) Portal is a web -// service that makes it easy for you to assign user access to IAM Identity -// Center resources such as the AWS access portal. Users can get AWS account -// applications and roles assigned to them and get federated into the application. -// -// Although AWS Single Sign-On was renamed, the sso and identitystore API namespaces -// will continue to retain their original name for backward compatibility purposes. -// For more information, see IAM Identity Center rename (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed). -// -// This reference guide describes the IAM Identity Center Portal operations -// that you can call programatically and includes detailed information on data -// types and errors. -// -// AWS provides SDKs that consist of libraries and sample code for various programming -// languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs -// provide a convenient way to create programmatic access to IAM Identity Center -// and other AWS services. For more information about the AWS SDKs, including -// how to download and install them, see Tools for Amazon Web Services (http://aws.amazon.com/tools/). -// -// See https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10 for more information on this service. -// -// See sso package documentation for more information. -// https://docs.aws.amazon.com/sdk-for-go/api/service/sso/ -// -// # Using the Client -// -// To contact AWS Single Sign-On with the SDK use the New function to create -// a new service client. With that client you can make API requests to the service. -// These clients are safe to use concurrently. -// -// See the SDK's documentation for more information on how to use the SDK. -// https://docs.aws.amazon.com/sdk-for-go/api/ -// -// See aws.Config documentation for more information on configuring SDK clients. -// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config -// -// See the AWS Single Sign-On client SSO for more -// information on creating client for this service. -// https://docs.aws.amazon.com/sdk-for-go/api/service/sso/#New -package sso diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go b/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go deleted file mode 100644 index 77a6792e..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go +++ /dev/null @@ -1,44 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package sso - -import ( - "github.com/aws/aws-sdk-go/private/protocol" -) - -const ( - - // ErrCodeInvalidRequestException for service response error code - // "InvalidRequestException". - // - // Indicates that a problem occurred with the input to the request. For example, - // a required parameter might be missing or out of range. - ErrCodeInvalidRequestException = "InvalidRequestException" - - // ErrCodeResourceNotFoundException for service response error code - // "ResourceNotFoundException". - // - // The specified resource doesn't exist. - ErrCodeResourceNotFoundException = "ResourceNotFoundException" - - // ErrCodeTooManyRequestsException for service response error code - // "TooManyRequestsException". - // - // Indicates that the request is being made too frequently and is more than - // what the server can handle. - ErrCodeTooManyRequestsException = "TooManyRequestsException" - - // ErrCodeUnauthorizedException for service response error code - // "UnauthorizedException". - // - // Indicates that the request is not authorized. This can happen due to an invalid - // access token in the request. - ErrCodeUnauthorizedException = "UnauthorizedException" -) - -var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ - "InvalidRequestException": newErrorInvalidRequestException, - "ResourceNotFoundException": newErrorResourceNotFoundException, - "TooManyRequestsException": newErrorTooManyRequestsException, - "UnauthorizedException": newErrorUnauthorizedException, -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/service.go b/vendor/github.com/aws/aws-sdk-go/service/sso/service.go deleted file mode 100644 index 7094cfe4..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sso/service.go +++ /dev/null @@ -1,106 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package sso - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/aws/signer/v4" - "github.com/aws/aws-sdk-go/private/protocol" - "github.com/aws/aws-sdk-go/private/protocol/restjson" -) - -// SSO provides the API operation methods for making requests to -// AWS Single Sign-On. See this package's package overview docs -// for details on the service. -// -// SSO methods are safe to use concurrently. It is not safe to -// modify mutate any of the struct's properties though. -type SSO struct { - *client.Client -} - -// Used for custom client initialization logic -var initClient func(*client.Client) - -// Used for custom request initialization logic -var initRequest func(*request.Request) - -// Service information constants -const ( - ServiceName = "SSO" // Name of service. - EndpointsID = "portal.sso" // ID to lookup a service endpoint with. - ServiceID = "SSO" // ServiceID is a unique identifier of a specific service. -) - -// New creates a new instance of the SSO client with a session. -// If additional configuration is needed for the client instance use the optional -// aws.Config parameter to add your extra config. -// -// Example: -// -// mySession := session.Must(session.NewSession()) -// -// // Create a SSO client from just a session. -// svc := sso.New(mySession) -// -// // Create a SSO client with additional configuration -// svc := sso.New(mySession, aws.NewConfig().WithRegion("us-west-2")) -func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSO { - c := p.ClientConfig(EndpointsID, cfgs...) - if c.SigningNameDerived || len(c.SigningName) == 0 { - c.SigningName = "awsssoportal" - } - return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) -} - -// newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *SSO { - svc := &SSO{ - Client: client.New( - cfg, - metadata.ClientInfo{ - ServiceName: ServiceName, - ServiceID: ServiceID, - SigningName: signingName, - SigningRegion: signingRegion, - PartitionID: partitionID, - Endpoint: endpoint, - APIVersion: "2019-06-10", - ResolvedRegion: resolvedRegion, - }, - handlers, - ), - } - - // Handlers - svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) - svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) - svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) - svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) - svc.Handlers.UnmarshalError.PushBackNamed( - protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), - ) - - // Run custom client initialization if present - if initClient != nil { - initClient(svc.Client) - } - - return svc -} - -// newRequest creates a new request for a SSO operation and runs any -// custom request initialization. -func (c *SSO) newRequest(op *request.Operation, params, data interface{}) *request.Request { - req := c.NewRequest(op, params, data) - - // Run custom request initialization if present - if initRequest != nil { - initRequest(req) - } - - return req -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go b/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go deleted file mode 100644 index 818cab7c..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go +++ /dev/null @@ -1,86 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -// Package ssoiface provides an interface to enable mocking the AWS Single Sign-On service client -// for testing your code. -// -// It is important to note that this interface will have breaking changes -// when the service model is updated and adds new API operations, paginators, -// and waiters. -package ssoiface - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/sso" -) - -// SSOAPI provides an interface to enable mocking the -// sso.SSO service client's API operation, -// paginators, and waiters. This make unit testing your code that calls out -// to the SDK's service client's calls easier. -// -// The best way to use this interface is so the SDK's service client's calls -// can be stubbed out for unit testing your code with the SDK without needing -// to inject custom request handlers into the SDK's request pipeline. -// -// // myFunc uses an SDK service client to make a request to -// // AWS Single Sign-On. -// func myFunc(svc ssoiface.SSOAPI) bool { -// // Make svc.GetRoleCredentials request -// } -// -// func main() { -// sess := session.New() -// svc := sso.New(sess) -// -// myFunc(svc) -// } -// -// In your _test.go file: -// -// // Define a mock struct to be used in your unit tests of myFunc. -// type mockSSOClient struct { -// ssoiface.SSOAPI -// } -// func (m *mockSSOClient) GetRoleCredentials(input *sso.GetRoleCredentialsInput) (*sso.GetRoleCredentialsOutput, error) { -// // mock response/functionality -// } -// -// func TestMyFunc(t *testing.T) { -// // Setup Test -// mockSvc := &mockSSOClient{} -// -// myfunc(mockSvc) -// -// // Verify myFunc's functionality -// } -// -// It is important to note that this interface will have breaking changes -// when the service model is updated and adds new API operations, paginators, -// and waiters. Its suggested to use the pattern above for testing, or using -// tooling to generate mocks to satisfy the interfaces. -type SSOAPI interface { - GetRoleCredentials(*sso.GetRoleCredentialsInput) (*sso.GetRoleCredentialsOutput, error) - GetRoleCredentialsWithContext(aws.Context, *sso.GetRoleCredentialsInput, ...request.Option) (*sso.GetRoleCredentialsOutput, error) - GetRoleCredentialsRequest(*sso.GetRoleCredentialsInput) (*request.Request, *sso.GetRoleCredentialsOutput) - - ListAccountRoles(*sso.ListAccountRolesInput) (*sso.ListAccountRolesOutput, error) - ListAccountRolesWithContext(aws.Context, *sso.ListAccountRolesInput, ...request.Option) (*sso.ListAccountRolesOutput, error) - ListAccountRolesRequest(*sso.ListAccountRolesInput) (*request.Request, *sso.ListAccountRolesOutput) - - ListAccountRolesPages(*sso.ListAccountRolesInput, func(*sso.ListAccountRolesOutput, bool) bool) error - ListAccountRolesPagesWithContext(aws.Context, *sso.ListAccountRolesInput, func(*sso.ListAccountRolesOutput, bool) bool, ...request.Option) error - - ListAccounts(*sso.ListAccountsInput) (*sso.ListAccountsOutput, error) - ListAccountsWithContext(aws.Context, *sso.ListAccountsInput, ...request.Option) (*sso.ListAccountsOutput, error) - ListAccountsRequest(*sso.ListAccountsInput) (*request.Request, *sso.ListAccountsOutput) - - ListAccountsPages(*sso.ListAccountsInput, func(*sso.ListAccountsOutput, bool) bool) error - ListAccountsPagesWithContext(aws.Context, *sso.ListAccountsInput, func(*sso.ListAccountsOutput, bool) bool, ...request.Option) error - - Logout(*sso.LogoutInput) (*sso.LogoutOutput, error) - LogoutWithContext(aws.Context, *sso.LogoutInput, ...request.Option) (*sso.LogoutOutput, error) - LogoutRequest(*sso.LogoutInput) (*request.Request, *sso.LogoutOutput) -} - -var _ SSOAPI = (*sso.SSO)(nil) diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go deleted file mode 100644 index 827bd519..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go +++ /dev/null @@ -1,2406 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package ssooidc - -import ( - "fmt" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awsutil" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol" -) - -const opCreateToken = "CreateToken" - -// CreateTokenRequest generates a "aws/request.Request" representing the -// client's request for the CreateToken operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateToken for more information on using the CreateToken -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateTokenRequest method. -// req, resp := client.CreateTokenRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken -func (c *SSOOIDC) CreateTokenRequest(input *CreateTokenInput) (req *request.Request, output *CreateTokenOutput) { - op := &request.Operation{ - Name: opCreateToken, - HTTPMethod: "POST", - HTTPPath: "/token", - } - - if input == nil { - input = &CreateTokenInput{} - } - - output = &CreateTokenOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - return -} - -// CreateToken API operation for AWS SSO OIDC. -// -// Creates and returns access and refresh tokens for clients that are authenticated -// using client secrets. The access token can be used to fetch short-term credentials -// for the assigned AWS accounts or to access application APIs using bearer -// authentication. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS SSO OIDC's -// API operation CreateToken for usage and error information. -// -// Returned Error Types: -// -// - InvalidRequestException -// Indicates that something is wrong with the input to the request. For example, -// a required parameter might be missing or out of range. -// -// - InvalidClientException -// Indicates that the clientId or clientSecret in the request is invalid. For -// example, this can occur when a client sends an incorrect clientId or an expired -// clientSecret. -// -// - InvalidGrantException -// Indicates that a request contains an invalid grant. This can occur if a client -// makes a CreateToken request with an invalid grant type. -// -// - UnauthorizedClientException -// Indicates that the client is not currently authorized to make the request. -// This can happen when a clientId is not issued for a public client. -// -// - UnsupportedGrantTypeException -// Indicates that the grant type in the request is not supported by the service. -// -// - InvalidScopeException -// Indicates that the scope provided in the request is invalid. -// -// - AuthorizationPendingException -// Indicates that a request to authorize a client with an access user session -// token is pending. -// -// - SlowDownException -// Indicates that the client is making the request too frequently and is more -// than the service can handle. -// -// - AccessDeniedException -// You do not have sufficient access to perform this action. -// -// - ExpiredTokenException -// Indicates that the token issued by the service is expired and is no longer -// valid. -// -// - InternalServerException -// Indicates that an error from the service occurred while trying to process -// a request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken -func (c *SSOOIDC) CreateToken(input *CreateTokenInput) (*CreateTokenOutput, error) { - req, out := c.CreateTokenRequest(input) - return out, req.Send() -} - -// CreateTokenWithContext is the same as CreateToken with the addition of -// the ability to pass a context and additional request options. -// -// See CreateToken for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSOOIDC) CreateTokenWithContext(ctx aws.Context, input *CreateTokenInput, opts ...request.Option) (*CreateTokenOutput, error) { - req, out := c.CreateTokenRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opCreateTokenWithIAM = "CreateTokenWithIAM" - -// CreateTokenWithIAMRequest generates a "aws/request.Request" representing the -// client's request for the CreateTokenWithIAM operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See CreateTokenWithIAM for more information on using the CreateTokenWithIAM -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the CreateTokenWithIAMRequest method. -// req, resp := client.CreateTokenWithIAMRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM -func (c *SSOOIDC) CreateTokenWithIAMRequest(input *CreateTokenWithIAMInput) (req *request.Request, output *CreateTokenWithIAMOutput) { - op := &request.Operation{ - Name: opCreateTokenWithIAM, - HTTPMethod: "POST", - HTTPPath: "/token?aws_iam=t", - } - - if input == nil { - input = &CreateTokenWithIAMInput{} - } - - output = &CreateTokenWithIAMOutput{} - req = c.newRequest(op, input, output) - return -} - -// CreateTokenWithIAM API operation for AWS SSO OIDC. -// -// Creates and returns access and refresh tokens for clients and applications -// that are authenticated using IAM entities. The access token can be used to -// fetch short-term credentials for the assigned Amazon Web Services accounts -// or to access application APIs using bearer authentication. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS SSO OIDC's -// API operation CreateTokenWithIAM for usage and error information. -// -// Returned Error Types: -// -// - InvalidRequestException -// Indicates that something is wrong with the input to the request. For example, -// a required parameter might be missing or out of range. -// -// - InvalidClientException -// Indicates that the clientId or clientSecret in the request is invalid. For -// example, this can occur when a client sends an incorrect clientId or an expired -// clientSecret. -// -// - InvalidGrantException -// Indicates that a request contains an invalid grant. This can occur if a client -// makes a CreateToken request with an invalid grant type. -// -// - UnauthorizedClientException -// Indicates that the client is not currently authorized to make the request. -// This can happen when a clientId is not issued for a public client. -// -// - UnsupportedGrantTypeException -// Indicates that the grant type in the request is not supported by the service. -// -// - InvalidScopeException -// Indicates that the scope provided in the request is invalid. -// -// - AuthorizationPendingException -// Indicates that a request to authorize a client with an access user session -// token is pending. -// -// - SlowDownException -// Indicates that the client is making the request too frequently and is more -// than the service can handle. -// -// - AccessDeniedException -// You do not have sufficient access to perform this action. -// -// - ExpiredTokenException -// Indicates that the token issued by the service is expired and is no longer -// valid. -// -// - InternalServerException -// Indicates that an error from the service occurred while trying to process -// a request. -// -// - InvalidRequestRegionException -// Indicates that a token provided as input to the request was issued by and -// is only usable by calling IAM Identity Center endpoints in another region. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM -func (c *SSOOIDC) CreateTokenWithIAM(input *CreateTokenWithIAMInput) (*CreateTokenWithIAMOutput, error) { - req, out := c.CreateTokenWithIAMRequest(input) - return out, req.Send() -} - -// CreateTokenWithIAMWithContext is the same as CreateTokenWithIAM with the addition of -// the ability to pass a context and additional request options. -// -// See CreateTokenWithIAM for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSOOIDC) CreateTokenWithIAMWithContext(ctx aws.Context, input *CreateTokenWithIAMInput, opts ...request.Option) (*CreateTokenWithIAMOutput, error) { - req, out := c.CreateTokenWithIAMRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opRegisterClient = "RegisterClient" - -// RegisterClientRequest generates a "aws/request.Request" representing the -// client's request for the RegisterClient operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See RegisterClient for more information on using the RegisterClient -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the RegisterClientRequest method. -// req, resp := client.RegisterClientRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient -func (c *SSOOIDC) RegisterClientRequest(input *RegisterClientInput) (req *request.Request, output *RegisterClientOutput) { - op := &request.Operation{ - Name: opRegisterClient, - HTTPMethod: "POST", - HTTPPath: "/client/register", - } - - if input == nil { - input = &RegisterClientInput{} - } - - output = &RegisterClientOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - return -} - -// RegisterClient API operation for AWS SSO OIDC. -// -// Registers a client with IAM Identity Center. This allows clients to initiate -// device authorization. The output should be persisted for reuse through many -// authentication requests. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS SSO OIDC's -// API operation RegisterClient for usage and error information. -// -// Returned Error Types: -// -// - InvalidRequestException -// Indicates that something is wrong with the input to the request. For example, -// a required parameter might be missing or out of range. -// -// - InvalidScopeException -// Indicates that the scope provided in the request is invalid. -// -// - InvalidClientMetadataException -// Indicates that the client information sent in the request during registration -// is invalid. -// -// - InternalServerException -// Indicates that an error from the service occurred while trying to process -// a request. -// -// - InvalidRedirectUriException -// Indicates that one or more redirect URI in the request is not supported for -// this operation. -// -// - UnsupportedGrantTypeException -// Indicates that the grant type in the request is not supported by the service. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient -func (c *SSOOIDC) RegisterClient(input *RegisterClientInput) (*RegisterClientOutput, error) { - req, out := c.RegisterClientRequest(input) - return out, req.Send() -} - -// RegisterClientWithContext is the same as RegisterClient with the addition of -// the ability to pass a context and additional request options. -// -// See RegisterClient for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSOOIDC) RegisterClientWithContext(ctx aws.Context, input *RegisterClientInput, opts ...request.Option) (*RegisterClientOutput, error) { - req, out := c.RegisterClientRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opStartDeviceAuthorization = "StartDeviceAuthorization" - -// StartDeviceAuthorizationRequest generates a "aws/request.Request" representing the -// client's request for the StartDeviceAuthorization operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See StartDeviceAuthorization for more information on using the StartDeviceAuthorization -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the StartDeviceAuthorizationRequest method. -// req, resp := client.StartDeviceAuthorizationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization -func (c *SSOOIDC) StartDeviceAuthorizationRequest(input *StartDeviceAuthorizationInput) (req *request.Request, output *StartDeviceAuthorizationOutput) { - op := &request.Operation{ - Name: opStartDeviceAuthorization, - HTTPMethod: "POST", - HTTPPath: "/device_authorization", - } - - if input == nil { - input = &StartDeviceAuthorizationInput{} - } - - output = &StartDeviceAuthorizationOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - return -} - -// StartDeviceAuthorization API operation for AWS SSO OIDC. -// -// Initiates device authorization by requesting a pair of verification codes -// from the authorization service. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS SSO OIDC's -// API operation StartDeviceAuthorization for usage and error information. -// -// Returned Error Types: -// -// - InvalidRequestException -// Indicates that something is wrong with the input to the request. For example, -// a required parameter might be missing or out of range. -// -// - InvalidClientException -// Indicates that the clientId or clientSecret in the request is invalid. For -// example, this can occur when a client sends an incorrect clientId or an expired -// clientSecret. -// -// - UnauthorizedClientException -// Indicates that the client is not currently authorized to make the request. -// This can happen when a clientId is not issued for a public client. -// -// - SlowDownException -// Indicates that the client is making the request too frequently and is more -// than the service can handle. -// -// - InternalServerException -// Indicates that an error from the service occurred while trying to process -// a request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization -func (c *SSOOIDC) StartDeviceAuthorization(input *StartDeviceAuthorizationInput) (*StartDeviceAuthorizationOutput, error) { - req, out := c.StartDeviceAuthorizationRequest(input) - return out, req.Send() -} - -// StartDeviceAuthorizationWithContext is the same as StartDeviceAuthorization with the addition of -// the ability to pass a context and additional request options. -// -// See StartDeviceAuthorization for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *SSOOIDC) StartDeviceAuthorizationWithContext(ctx aws.Context, input *StartDeviceAuthorizationInput, opts ...request.Option) (*StartDeviceAuthorizationOutput, error) { - req, out := c.StartDeviceAuthorizationRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -// You do not have sufficient access to perform this action. -type AccessDeniedException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be access_denied. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccessDeniedException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccessDeniedException) GoString() string { - return s.String() -} - -func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { - return &AccessDeniedException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *AccessDeniedException) Code() string { - return "AccessDeniedException" -} - -// Message returns the exception's message. -func (s *AccessDeniedException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *AccessDeniedException) OrigErr() error { - return nil -} - -func (s *AccessDeniedException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *AccessDeniedException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *AccessDeniedException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that a request to authorize a client with an access user session -// token is pending. -type AuthorizationPendingException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be authorization_pending. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AuthorizationPendingException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AuthorizationPendingException) GoString() string { - return s.String() -} - -func newErrorAuthorizationPendingException(v protocol.ResponseMetadata) error { - return &AuthorizationPendingException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *AuthorizationPendingException) Code() string { - return "AuthorizationPendingException" -} - -// Message returns the exception's message. -func (s *AuthorizationPendingException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *AuthorizationPendingException) OrigErr() error { - return nil -} - -func (s *AuthorizationPendingException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *AuthorizationPendingException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *AuthorizationPendingException) RequestID() string { - return s.RespMetadata.RequestID -} - -type CreateTokenInput struct { - _ struct{} `type:"structure"` - - // The unique identifier string for the client or application. This value comes - // from the result of the RegisterClient API. - // - // ClientId is a required field - ClientId *string `locationName:"clientId" type:"string" required:"true"` - - // A secret string generated for the client. This value should come from the - // persisted result of the RegisterClient API. - // - // ClientSecret is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenInput's - // String and GoString methods. - // - // ClientSecret is a required field - ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` - - // Used only when calling this API for the Authorization Code grant type. The - // short-term code is used to identify this authorization request. This grant - // type is currently unsupported for the CreateToken API. - Code *string `locationName:"code" type:"string"` - - // Used only when calling this API for the Authorization Code grant type. This - // value is generated by the client and presented to validate the original code - // challenge value the client passed at authorization time. - // - // CodeVerifier is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenInput's - // String and GoString methods. - CodeVerifier *string `locationName:"codeVerifier" type:"string" sensitive:"true"` - - // Used only when calling this API for the Device Code grant type. This short-term - // code is used to identify this authorization request. This comes from the - // result of the StartDeviceAuthorization API. - DeviceCode *string `locationName:"deviceCode" type:"string"` - - // Supports the following OAuth grant types: Device Code and Refresh Token. - // Specify either of the following values, depending on the grant type that - // you want: - // - // * Device Code - urn:ietf:params:oauth:grant-type:device_code - // - // * Refresh Token - refresh_token - // - // For information about how to obtain the device code, see the StartDeviceAuthorization - // topic. - // - // GrantType is a required field - GrantType *string `locationName:"grantType" type:"string" required:"true"` - - // Used only when calling this API for the Authorization Code grant type. This - // value specifies the location of the client or application that has registered - // to receive the authorization code. - RedirectUri *string `locationName:"redirectUri" type:"string"` - - // Used only when calling this API for the Refresh Token grant type. This token - // is used to refresh short-term tokens, such as the access token, that might - // expire. - // - // For more information about the features and limitations of the current IAM - // Identity Center OIDC implementation, see Considerations for Using this Guide - // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). - // - // RefreshToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenInput's - // String and GoString methods. - RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` - - // The list of scopes for which authorization is requested. The access token - // that is issued is limited to the scopes that are granted. If this value is - // not specified, IAM Identity Center authorizes all scopes that are configured - // for the client during the call to RegisterClient. - Scope []*string `locationName:"scope" type:"list"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTokenInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTokenInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateTokenInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateTokenInput"} - if s.ClientId == nil { - invalidParams.Add(request.NewErrParamRequired("ClientId")) - } - if s.ClientSecret == nil { - invalidParams.Add(request.NewErrParamRequired("ClientSecret")) - } - if s.GrantType == nil { - invalidParams.Add(request.NewErrParamRequired("GrantType")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetClientId sets the ClientId field's value. -func (s *CreateTokenInput) SetClientId(v string) *CreateTokenInput { - s.ClientId = &v - return s -} - -// SetClientSecret sets the ClientSecret field's value. -func (s *CreateTokenInput) SetClientSecret(v string) *CreateTokenInput { - s.ClientSecret = &v - return s -} - -// SetCode sets the Code field's value. -func (s *CreateTokenInput) SetCode(v string) *CreateTokenInput { - s.Code = &v - return s -} - -// SetCodeVerifier sets the CodeVerifier field's value. -func (s *CreateTokenInput) SetCodeVerifier(v string) *CreateTokenInput { - s.CodeVerifier = &v - return s -} - -// SetDeviceCode sets the DeviceCode field's value. -func (s *CreateTokenInput) SetDeviceCode(v string) *CreateTokenInput { - s.DeviceCode = &v - return s -} - -// SetGrantType sets the GrantType field's value. -func (s *CreateTokenInput) SetGrantType(v string) *CreateTokenInput { - s.GrantType = &v - return s -} - -// SetRedirectUri sets the RedirectUri field's value. -func (s *CreateTokenInput) SetRedirectUri(v string) *CreateTokenInput { - s.RedirectUri = &v - return s -} - -// SetRefreshToken sets the RefreshToken field's value. -func (s *CreateTokenInput) SetRefreshToken(v string) *CreateTokenInput { - s.RefreshToken = &v - return s -} - -// SetScope sets the Scope field's value. -func (s *CreateTokenInput) SetScope(v []*string) *CreateTokenInput { - s.Scope = v - return s -} - -type CreateTokenOutput struct { - _ struct{} `type:"structure"` - - // A bearer token to access Amazon Web Services accounts and applications assigned - // to a user. - // - // AccessToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenOutput's - // String and GoString methods. - AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` - - // Indicates the time in seconds when an access token will expire. - ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` - - // The idToken is not implemented or supported. For more information about the - // features and limitations of the current IAM Identity Center OIDC implementation, - // see Considerations for Using this Guide in the IAM Identity Center OIDC API - // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). - // - // A JSON Web Token (JWT) that identifies who is associated with the issued - // access token. - // - // IdToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenOutput's - // String and GoString methods. - IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` - - // A token that, if present, can be used to refresh a previously issued access - // token that might have expired. - // - // For more information about the features and limitations of the current IAM - // Identity Center OIDC implementation, see Considerations for Using this Guide - // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). - // - // RefreshToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenOutput's - // String and GoString methods. - RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` - - // Used to notify the client that the returned token is an access token. The - // supported token type is Bearer. - TokenType *string `locationName:"tokenType" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTokenOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTokenOutput) GoString() string { - return s.String() -} - -// SetAccessToken sets the AccessToken field's value. -func (s *CreateTokenOutput) SetAccessToken(v string) *CreateTokenOutput { - s.AccessToken = &v - return s -} - -// SetExpiresIn sets the ExpiresIn field's value. -func (s *CreateTokenOutput) SetExpiresIn(v int64) *CreateTokenOutput { - s.ExpiresIn = &v - return s -} - -// SetIdToken sets the IdToken field's value. -func (s *CreateTokenOutput) SetIdToken(v string) *CreateTokenOutput { - s.IdToken = &v - return s -} - -// SetRefreshToken sets the RefreshToken field's value. -func (s *CreateTokenOutput) SetRefreshToken(v string) *CreateTokenOutput { - s.RefreshToken = &v - return s -} - -// SetTokenType sets the TokenType field's value. -func (s *CreateTokenOutput) SetTokenType(v string) *CreateTokenOutput { - s.TokenType = &v - return s -} - -type CreateTokenWithIAMInput struct { - _ struct{} `type:"structure"` - - // Used only when calling this API for the JWT Bearer grant type. This value - // specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize - // a trusted token issuer, configure the JWT Bearer GrantOptions for the application. - // - // Assertion is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's - // String and GoString methods. - Assertion *string `locationName:"assertion" type:"string" sensitive:"true"` - - // The unique identifier string for the client or application. This value is - // an application ARN that has OAuth grants configured. - // - // ClientId is a required field - ClientId *string `locationName:"clientId" type:"string" required:"true"` - - // Used only when calling this API for the Authorization Code grant type. This - // short-term code is used to identify this authorization request. The code - // is obtained through a redirect from IAM Identity Center to a redirect URI - // persisted in the Authorization Code GrantOptions for the application. - Code *string `locationName:"code" type:"string"` - - // Used only when calling this API for the Authorization Code grant type. This - // value is generated by the client and presented to validate the original code - // challenge value the client passed at authorization time. - // - // CodeVerifier is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's - // String and GoString methods. - CodeVerifier *string `locationName:"codeVerifier" type:"string" sensitive:"true"` - - // Supports the following OAuth grant types: Authorization Code, Refresh Token, - // JWT Bearer, and Token Exchange. Specify one of the following values, depending - // on the grant type that you want: - // - // * Authorization Code - authorization_code - // - // * Refresh Token - refresh_token - // - // * JWT Bearer - urn:ietf:params:oauth:grant-type:jwt-bearer - // - // * Token Exchange - urn:ietf:params:oauth:grant-type:token-exchange - // - // GrantType is a required field - GrantType *string `locationName:"grantType" type:"string" required:"true"` - - // Used only when calling this API for the Authorization Code grant type. This - // value specifies the location of the client or application that has registered - // to receive the authorization code. - RedirectUri *string `locationName:"redirectUri" type:"string"` - - // Used only when calling this API for the Refresh Token grant type. This token - // is used to refresh short-term tokens, such as the access token, that might - // expire. - // - // For more information about the features and limitations of the current IAM - // Identity Center OIDC implementation, see Considerations for Using this Guide - // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). - // - // RefreshToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's - // String and GoString methods. - RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` - - // Used only when calling this API for the Token Exchange grant type. This value - // specifies the type of token that the requester can receive. The following - // values are supported: - // - // * Access Token - urn:ietf:params:oauth:token-type:access_token - // - // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token - RequestedTokenType *string `locationName:"requestedTokenType" type:"string"` - - // The list of scopes for which authorization is requested. The access token - // that is issued is limited to the scopes that are granted. If the value is - // not specified, IAM Identity Center authorizes all scopes configured for the - // application, including the following default scopes: openid, aws, sts:identity_context. - Scope []*string `locationName:"scope" type:"list"` - - // Used only when calling this API for the Token Exchange grant type. This value - // specifies the subject of the exchange. The value of the subject token must - // be an access token issued by IAM Identity Center to a different client or - // application. The access token must have authorized scopes that indicate the - // requested application as a target audience. - // - // SubjectToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's - // String and GoString methods. - SubjectToken *string `locationName:"subjectToken" type:"string" sensitive:"true"` - - // Used only when calling this API for the Token Exchange grant type. This value - // specifies the type of token that is passed as the subject of the exchange. - // The following value is supported: - // - // * Access Token - urn:ietf:params:oauth:token-type:access_token - SubjectTokenType *string `locationName:"subjectTokenType" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTokenWithIAMInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTokenWithIAMInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *CreateTokenWithIAMInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateTokenWithIAMInput"} - if s.ClientId == nil { - invalidParams.Add(request.NewErrParamRequired("ClientId")) - } - if s.GrantType == nil { - invalidParams.Add(request.NewErrParamRequired("GrantType")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAssertion sets the Assertion field's value. -func (s *CreateTokenWithIAMInput) SetAssertion(v string) *CreateTokenWithIAMInput { - s.Assertion = &v - return s -} - -// SetClientId sets the ClientId field's value. -func (s *CreateTokenWithIAMInput) SetClientId(v string) *CreateTokenWithIAMInput { - s.ClientId = &v - return s -} - -// SetCode sets the Code field's value. -func (s *CreateTokenWithIAMInput) SetCode(v string) *CreateTokenWithIAMInput { - s.Code = &v - return s -} - -// SetCodeVerifier sets the CodeVerifier field's value. -func (s *CreateTokenWithIAMInput) SetCodeVerifier(v string) *CreateTokenWithIAMInput { - s.CodeVerifier = &v - return s -} - -// SetGrantType sets the GrantType field's value. -func (s *CreateTokenWithIAMInput) SetGrantType(v string) *CreateTokenWithIAMInput { - s.GrantType = &v - return s -} - -// SetRedirectUri sets the RedirectUri field's value. -func (s *CreateTokenWithIAMInput) SetRedirectUri(v string) *CreateTokenWithIAMInput { - s.RedirectUri = &v - return s -} - -// SetRefreshToken sets the RefreshToken field's value. -func (s *CreateTokenWithIAMInput) SetRefreshToken(v string) *CreateTokenWithIAMInput { - s.RefreshToken = &v - return s -} - -// SetRequestedTokenType sets the RequestedTokenType field's value. -func (s *CreateTokenWithIAMInput) SetRequestedTokenType(v string) *CreateTokenWithIAMInput { - s.RequestedTokenType = &v - return s -} - -// SetScope sets the Scope field's value. -func (s *CreateTokenWithIAMInput) SetScope(v []*string) *CreateTokenWithIAMInput { - s.Scope = v - return s -} - -// SetSubjectToken sets the SubjectToken field's value. -func (s *CreateTokenWithIAMInput) SetSubjectToken(v string) *CreateTokenWithIAMInput { - s.SubjectToken = &v - return s -} - -// SetSubjectTokenType sets the SubjectTokenType field's value. -func (s *CreateTokenWithIAMInput) SetSubjectTokenType(v string) *CreateTokenWithIAMInput { - s.SubjectTokenType = &v - return s -} - -type CreateTokenWithIAMOutput struct { - _ struct{} `type:"structure"` - - // A bearer token to access Amazon Web Services accounts and applications assigned - // to a user. - // - // AccessToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's - // String and GoString methods. - AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` - - // Indicates the time in seconds when an access token will expire. - ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` - - // A JSON Web Token (JWT) that identifies the user associated with the issued - // access token. - // - // IdToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's - // String and GoString methods. - IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` - - // Indicates the type of tokens that are issued by IAM Identity Center. The - // following values are supported: - // - // * Access Token - urn:ietf:params:oauth:token-type:access_token - // - // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token - IssuedTokenType *string `locationName:"issuedTokenType" type:"string"` - - // A token that, if present, can be used to refresh a previously issued access - // token that might have expired. - // - // For more information about the features and limitations of the current IAM - // Identity Center OIDC implementation, see Considerations for Using this Guide - // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). - // - // RefreshToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's - // String and GoString methods. - RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` - - // The list of scopes for which authorization is granted. The access token that - // is issued is limited to the scopes that are granted. - Scope []*string `locationName:"scope" type:"list"` - - // Used to notify the requester that the returned token is an access token. - // The supported token type is Bearer. - TokenType *string `locationName:"tokenType" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTokenWithIAMOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateTokenWithIAMOutput) GoString() string { - return s.String() -} - -// SetAccessToken sets the AccessToken field's value. -func (s *CreateTokenWithIAMOutput) SetAccessToken(v string) *CreateTokenWithIAMOutput { - s.AccessToken = &v - return s -} - -// SetExpiresIn sets the ExpiresIn field's value. -func (s *CreateTokenWithIAMOutput) SetExpiresIn(v int64) *CreateTokenWithIAMOutput { - s.ExpiresIn = &v - return s -} - -// SetIdToken sets the IdToken field's value. -func (s *CreateTokenWithIAMOutput) SetIdToken(v string) *CreateTokenWithIAMOutput { - s.IdToken = &v - return s -} - -// SetIssuedTokenType sets the IssuedTokenType field's value. -func (s *CreateTokenWithIAMOutput) SetIssuedTokenType(v string) *CreateTokenWithIAMOutput { - s.IssuedTokenType = &v - return s -} - -// SetRefreshToken sets the RefreshToken field's value. -func (s *CreateTokenWithIAMOutput) SetRefreshToken(v string) *CreateTokenWithIAMOutput { - s.RefreshToken = &v - return s -} - -// SetScope sets the Scope field's value. -func (s *CreateTokenWithIAMOutput) SetScope(v []*string) *CreateTokenWithIAMOutput { - s.Scope = v - return s -} - -// SetTokenType sets the TokenType field's value. -func (s *CreateTokenWithIAMOutput) SetTokenType(v string) *CreateTokenWithIAMOutput { - s.TokenType = &v - return s -} - -// Indicates that the token issued by the service is expired and is no longer -// valid. -type ExpiredTokenException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be expired_token. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ExpiredTokenException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ExpiredTokenException) GoString() string { - return s.String() -} - -func newErrorExpiredTokenException(v protocol.ResponseMetadata) error { - return &ExpiredTokenException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *ExpiredTokenException) Code() string { - return "ExpiredTokenException" -} - -// Message returns the exception's message. -func (s *ExpiredTokenException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *ExpiredTokenException) OrigErr() error { - return nil -} - -func (s *ExpiredTokenException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *ExpiredTokenException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *ExpiredTokenException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that an error from the service occurred while trying to process -// a request. -type InternalServerException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be server_error. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InternalServerException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InternalServerException) GoString() string { - return s.String() -} - -func newErrorInternalServerException(v protocol.ResponseMetadata) error { - return &InternalServerException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InternalServerException) Code() string { - return "InternalServerException" -} - -// Message returns the exception's message. -func (s *InternalServerException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InternalServerException) OrigErr() error { - return nil -} - -func (s *InternalServerException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InternalServerException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InternalServerException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that the clientId or clientSecret in the request is invalid. For -// example, this can occur when a client sends an incorrect clientId or an expired -// clientSecret. -type InvalidClientException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be invalid_client. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidClientException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidClientException) GoString() string { - return s.String() -} - -func newErrorInvalidClientException(v protocol.ResponseMetadata) error { - return &InvalidClientException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InvalidClientException) Code() string { - return "InvalidClientException" -} - -// Message returns the exception's message. -func (s *InvalidClientException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidClientException) OrigErr() error { - return nil -} - -func (s *InvalidClientException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidClientException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InvalidClientException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that the client information sent in the request during registration -// is invalid. -type InvalidClientMetadataException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be invalid_client_metadata. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidClientMetadataException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidClientMetadataException) GoString() string { - return s.String() -} - -func newErrorInvalidClientMetadataException(v protocol.ResponseMetadata) error { - return &InvalidClientMetadataException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InvalidClientMetadataException) Code() string { - return "InvalidClientMetadataException" -} - -// Message returns the exception's message. -func (s *InvalidClientMetadataException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidClientMetadataException) OrigErr() error { - return nil -} - -func (s *InvalidClientMetadataException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidClientMetadataException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InvalidClientMetadataException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that a request contains an invalid grant. This can occur if a client -// makes a CreateToken request with an invalid grant type. -type InvalidGrantException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be invalid_grant. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidGrantException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidGrantException) GoString() string { - return s.String() -} - -func newErrorInvalidGrantException(v protocol.ResponseMetadata) error { - return &InvalidGrantException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InvalidGrantException) Code() string { - return "InvalidGrantException" -} - -// Message returns the exception's message. -func (s *InvalidGrantException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidGrantException) OrigErr() error { - return nil -} - -func (s *InvalidGrantException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidGrantException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InvalidGrantException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that one or more redirect URI in the request is not supported for -// this operation. -type InvalidRedirectUriException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be invalid_redirect_uri. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidRedirectUriException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidRedirectUriException) GoString() string { - return s.String() -} - -func newErrorInvalidRedirectUriException(v protocol.ResponseMetadata) error { - return &InvalidRedirectUriException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InvalidRedirectUriException) Code() string { - return "InvalidRedirectUriException" -} - -// Message returns the exception's message. -func (s *InvalidRedirectUriException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidRedirectUriException) OrigErr() error { - return nil -} - -func (s *InvalidRedirectUriException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidRedirectUriException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InvalidRedirectUriException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that something is wrong with the input to the request. For example, -// a required parameter might be missing or out of range. -type InvalidRequestException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be invalid_request. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidRequestException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidRequestException) GoString() string { - return s.String() -} - -func newErrorInvalidRequestException(v protocol.ResponseMetadata) error { - return &InvalidRequestException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InvalidRequestException) Code() string { - return "InvalidRequestException" -} - -// Message returns the exception's message. -func (s *InvalidRequestException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidRequestException) OrigErr() error { - return nil -} - -func (s *InvalidRequestException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidRequestException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InvalidRequestException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that a token provided as input to the request was issued by and -// is only usable by calling IAM Identity Center endpoints in another region. -type InvalidRequestRegionException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Indicates the IAM Identity Center endpoint which the requester may call with - // this token. - Endpoint *string `locationName:"endpoint" type:"string"` - - // Single error code. For this exception the value will be invalid_request. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` - - // Indicates the region which the requester may call with this token. - Region *string `locationName:"region" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidRequestRegionException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidRequestRegionException) GoString() string { - return s.String() -} - -func newErrorInvalidRequestRegionException(v protocol.ResponseMetadata) error { - return &InvalidRequestRegionException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InvalidRequestRegionException) Code() string { - return "InvalidRequestRegionException" -} - -// Message returns the exception's message. -func (s *InvalidRequestRegionException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidRequestRegionException) OrigErr() error { - return nil -} - -func (s *InvalidRequestRegionException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidRequestRegionException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InvalidRequestRegionException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that the scope provided in the request is invalid. -type InvalidScopeException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be invalid_scope. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidScopeException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s InvalidScopeException) GoString() string { - return s.String() -} - -func newErrorInvalidScopeException(v protocol.ResponseMetadata) error { - return &InvalidScopeException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *InvalidScopeException) Code() string { - return "InvalidScopeException" -} - -// Message returns the exception's message. -func (s *InvalidScopeException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidScopeException) OrigErr() error { - return nil -} - -func (s *InvalidScopeException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidScopeException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *InvalidScopeException) RequestID() string { - return s.RespMetadata.RequestID -} - -type RegisterClientInput struct { - _ struct{} `type:"structure"` - - // The friendly name of the client. - // - // ClientName is a required field - ClientName *string `locationName:"clientName" type:"string" required:"true"` - - // The type of client. The service supports only public as a client type. Anything - // other than public will be rejected by the service. - // - // ClientType is a required field - ClientType *string `locationName:"clientType" type:"string" required:"true"` - - // This IAM Identity Center application ARN is used to define administrator-managed - // configuration for public client access to resources. At authorization, the - // scopes, grants, and redirect URI available to this client will be restricted - // by this application resource. - EntitledApplicationArn *string `locationName:"entitledApplicationArn" type:"string"` - - // The list of OAuth 2.0 grant types that are defined by the client. This list - // is used to restrict the token granting flows available to the client. - GrantTypes []*string `locationName:"grantTypes" type:"list"` - - // The IAM Identity Center Issuer URL associated with an instance of IAM Identity - // Center. This value is needed for user access to resources through the client. - IssuerUrl *string `locationName:"issuerUrl" type:"string"` - - // The list of redirect URI that are defined by the client. At completion of - // authorization, this list is used to restrict what locations the user agent - // can be redirected back to. - RedirectUris []*string `locationName:"redirectUris" type:"list"` - - // The list of scopes that are defined by the client. Upon authorization, this - // list is used to restrict permissions when granting an access token. - Scopes []*string `locationName:"scopes" type:"list"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RegisterClientInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RegisterClientInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *RegisterClientInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "RegisterClientInput"} - if s.ClientName == nil { - invalidParams.Add(request.NewErrParamRequired("ClientName")) - } - if s.ClientType == nil { - invalidParams.Add(request.NewErrParamRequired("ClientType")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetClientName sets the ClientName field's value. -func (s *RegisterClientInput) SetClientName(v string) *RegisterClientInput { - s.ClientName = &v - return s -} - -// SetClientType sets the ClientType field's value. -func (s *RegisterClientInput) SetClientType(v string) *RegisterClientInput { - s.ClientType = &v - return s -} - -// SetEntitledApplicationArn sets the EntitledApplicationArn field's value. -func (s *RegisterClientInput) SetEntitledApplicationArn(v string) *RegisterClientInput { - s.EntitledApplicationArn = &v - return s -} - -// SetGrantTypes sets the GrantTypes field's value. -func (s *RegisterClientInput) SetGrantTypes(v []*string) *RegisterClientInput { - s.GrantTypes = v - return s -} - -// SetIssuerUrl sets the IssuerUrl field's value. -func (s *RegisterClientInput) SetIssuerUrl(v string) *RegisterClientInput { - s.IssuerUrl = &v - return s -} - -// SetRedirectUris sets the RedirectUris field's value. -func (s *RegisterClientInput) SetRedirectUris(v []*string) *RegisterClientInput { - s.RedirectUris = v - return s -} - -// SetScopes sets the Scopes field's value. -func (s *RegisterClientInput) SetScopes(v []*string) *RegisterClientInput { - s.Scopes = v - return s -} - -type RegisterClientOutput struct { - _ struct{} `type:"structure"` - - // An endpoint that the client can use to request authorization. - AuthorizationEndpoint *string `locationName:"authorizationEndpoint" type:"string"` - - // The unique identifier string for each client. This client uses this identifier - // to get authenticated by the service in subsequent calls. - ClientId *string `locationName:"clientId" type:"string"` - - // Indicates the time at which the clientId and clientSecret were issued. - ClientIdIssuedAt *int64 `locationName:"clientIdIssuedAt" type:"long"` - - // A secret string generated for the client. The client will use this string - // to get authenticated by the service in subsequent calls. - // - // ClientSecret is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by RegisterClientOutput's - // String and GoString methods. - ClientSecret *string `locationName:"clientSecret" type:"string" sensitive:"true"` - - // Indicates the time at which the clientId and clientSecret will become invalid. - ClientSecretExpiresAt *int64 `locationName:"clientSecretExpiresAt" type:"long"` - - // An endpoint that the client can use to create tokens. - TokenEndpoint *string `locationName:"tokenEndpoint" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RegisterClientOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RegisterClientOutput) GoString() string { - return s.String() -} - -// SetAuthorizationEndpoint sets the AuthorizationEndpoint field's value. -func (s *RegisterClientOutput) SetAuthorizationEndpoint(v string) *RegisterClientOutput { - s.AuthorizationEndpoint = &v - return s -} - -// SetClientId sets the ClientId field's value. -func (s *RegisterClientOutput) SetClientId(v string) *RegisterClientOutput { - s.ClientId = &v - return s -} - -// SetClientIdIssuedAt sets the ClientIdIssuedAt field's value. -func (s *RegisterClientOutput) SetClientIdIssuedAt(v int64) *RegisterClientOutput { - s.ClientIdIssuedAt = &v - return s -} - -// SetClientSecret sets the ClientSecret field's value. -func (s *RegisterClientOutput) SetClientSecret(v string) *RegisterClientOutput { - s.ClientSecret = &v - return s -} - -// SetClientSecretExpiresAt sets the ClientSecretExpiresAt field's value. -func (s *RegisterClientOutput) SetClientSecretExpiresAt(v int64) *RegisterClientOutput { - s.ClientSecretExpiresAt = &v - return s -} - -// SetTokenEndpoint sets the TokenEndpoint field's value. -func (s *RegisterClientOutput) SetTokenEndpoint(v string) *RegisterClientOutput { - s.TokenEndpoint = &v - return s -} - -// Indicates that the client is making the request too frequently and is more -// than the service can handle. -type SlowDownException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be slow_down. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s SlowDownException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s SlowDownException) GoString() string { - return s.String() -} - -func newErrorSlowDownException(v protocol.ResponseMetadata) error { - return &SlowDownException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *SlowDownException) Code() string { - return "SlowDownException" -} - -// Message returns the exception's message. -func (s *SlowDownException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *SlowDownException) OrigErr() error { - return nil -} - -func (s *SlowDownException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *SlowDownException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *SlowDownException) RequestID() string { - return s.RespMetadata.RequestID -} - -type StartDeviceAuthorizationInput struct { - _ struct{} `type:"structure"` - - // The unique identifier string for the client that is registered with IAM Identity - // Center. This value should come from the persisted result of the RegisterClient - // API operation. - // - // ClientId is a required field - ClientId *string `locationName:"clientId" type:"string" required:"true"` - - // A secret string that is generated for the client. This value should come - // from the persisted result of the RegisterClient API operation. - // - // ClientSecret is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by StartDeviceAuthorizationInput's - // String and GoString methods. - // - // ClientSecret is a required field - ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` - - // The URL for the Amazon Web Services access portal. For more information, - // see Using the Amazon Web Services access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html) - // in the IAM Identity Center User Guide. - // - // StartUrl is a required field - StartUrl *string `locationName:"startUrl" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s StartDeviceAuthorizationInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s StartDeviceAuthorizationInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *StartDeviceAuthorizationInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "StartDeviceAuthorizationInput"} - if s.ClientId == nil { - invalidParams.Add(request.NewErrParamRequired("ClientId")) - } - if s.ClientSecret == nil { - invalidParams.Add(request.NewErrParamRequired("ClientSecret")) - } - if s.StartUrl == nil { - invalidParams.Add(request.NewErrParamRequired("StartUrl")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetClientId sets the ClientId field's value. -func (s *StartDeviceAuthorizationInput) SetClientId(v string) *StartDeviceAuthorizationInput { - s.ClientId = &v - return s -} - -// SetClientSecret sets the ClientSecret field's value. -func (s *StartDeviceAuthorizationInput) SetClientSecret(v string) *StartDeviceAuthorizationInput { - s.ClientSecret = &v - return s -} - -// SetStartUrl sets the StartUrl field's value. -func (s *StartDeviceAuthorizationInput) SetStartUrl(v string) *StartDeviceAuthorizationInput { - s.StartUrl = &v - return s -} - -type StartDeviceAuthorizationOutput struct { - _ struct{} `type:"structure"` - - // The short-lived code that is used by the device when polling for a session - // token. - DeviceCode *string `locationName:"deviceCode" type:"string"` - - // Indicates the number of seconds in which the verification code will become - // invalid. - ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` - - // Indicates the number of seconds the client must wait between attempts when - // polling for a session. - Interval *int64 `locationName:"interval" type:"integer"` - - // A one-time user verification code. This is needed to authorize an in-use - // device. - UserCode *string `locationName:"userCode" type:"string"` - - // The URI of the verification page that takes the userCode to authorize the - // device. - VerificationUri *string `locationName:"verificationUri" type:"string"` - - // An alternate URL that the client can use to automatically launch a browser. - // This process skips the manual step in which the user visits the verification - // page and enters their code. - VerificationUriComplete *string `locationName:"verificationUriComplete" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s StartDeviceAuthorizationOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s StartDeviceAuthorizationOutput) GoString() string { - return s.String() -} - -// SetDeviceCode sets the DeviceCode field's value. -func (s *StartDeviceAuthorizationOutput) SetDeviceCode(v string) *StartDeviceAuthorizationOutput { - s.DeviceCode = &v - return s -} - -// SetExpiresIn sets the ExpiresIn field's value. -func (s *StartDeviceAuthorizationOutput) SetExpiresIn(v int64) *StartDeviceAuthorizationOutput { - s.ExpiresIn = &v - return s -} - -// SetInterval sets the Interval field's value. -func (s *StartDeviceAuthorizationOutput) SetInterval(v int64) *StartDeviceAuthorizationOutput { - s.Interval = &v - return s -} - -// SetUserCode sets the UserCode field's value. -func (s *StartDeviceAuthorizationOutput) SetUserCode(v string) *StartDeviceAuthorizationOutput { - s.UserCode = &v - return s -} - -// SetVerificationUri sets the VerificationUri field's value. -func (s *StartDeviceAuthorizationOutput) SetVerificationUri(v string) *StartDeviceAuthorizationOutput { - s.VerificationUri = &v - return s -} - -// SetVerificationUriComplete sets the VerificationUriComplete field's value. -func (s *StartDeviceAuthorizationOutput) SetVerificationUriComplete(v string) *StartDeviceAuthorizationOutput { - s.VerificationUriComplete = &v - return s -} - -// Indicates that the client is not currently authorized to make the request. -// This can happen when a clientId is not issued for a public client. -type UnauthorizedClientException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be unauthorized_client. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UnauthorizedClientException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UnauthorizedClientException) GoString() string { - return s.String() -} - -func newErrorUnauthorizedClientException(v protocol.ResponseMetadata) error { - return &UnauthorizedClientException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *UnauthorizedClientException) Code() string { - return "UnauthorizedClientException" -} - -// Message returns the exception's message. -func (s *UnauthorizedClientException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *UnauthorizedClientException) OrigErr() error { - return nil -} - -func (s *UnauthorizedClientException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *UnauthorizedClientException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *UnauthorizedClientException) RequestID() string { - return s.RespMetadata.RequestID -} - -// Indicates that the grant type in the request is not supported by the service. -type UnsupportedGrantTypeException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - // Single error code. For this exception the value will be unsupported_grant_type. - Error_ *string `locationName:"error" type:"string"` - - // Human-readable text providing additional information, used to assist the - // client developer in understanding the error that occurred. - Error_description *string `locationName:"error_description" type:"string"` - - Message_ *string `locationName:"message" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UnsupportedGrantTypeException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s UnsupportedGrantTypeException) GoString() string { - return s.String() -} - -func newErrorUnsupportedGrantTypeException(v protocol.ResponseMetadata) error { - return &UnsupportedGrantTypeException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *UnsupportedGrantTypeException) Code() string { - return "UnsupportedGrantTypeException" -} - -// Message returns the exception's message. -func (s *UnsupportedGrantTypeException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *UnsupportedGrantTypeException) OrigErr() error { - return nil -} - -func (s *UnsupportedGrantTypeException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *UnsupportedGrantTypeException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *UnsupportedGrantTypeException) RequestID() string { - return s.RespMetadata.RequestID -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go deleted file mode 100644 index 083568c6..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go +++ /dev/null @@ -1,67 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -// Package ssooidc provides the client and types for making API -// requests to AWS SSO OIDC. -// -// IAM Identity Center OpenID Connect (OIDC) is a web service that enables a -// client (such as CLI or a native application) to register with IAM Identity -// Center. The service also enables the client to fetch the user’s access -// token upon successful authentication and authorization with IAM Identity -// Center. -// -// IAM Identity Center uses the sso and identitystore API namespaces. -// -// # Considerations for Using This Guide -// -// Before you begin using this guide, we recommend that you first review the -// following important information about how the IAM Identity Center OIDC service -// works. -// -// - The IAM Identity Center OIDC service currently implements only the portions -// of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628 -// (https://tools.ietf.org/html/rfc8628)) that are necessary to enable single -// sign-on authentication with the CLI. -// -// - With older versions of the CLI, the service only emits OIDC access tokens, -// so to obtain a new token, users must explicitly re-authenticate. To access -// the OIDC flow that supports token refresh and doesn’t require re-authentication, -// update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI -// V2) with support for OIDC token refresh and configurable IAM Identity -// Center session durations. For more information, see Configure Amazon Web -// Services access portal session duration (https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html). -// -// - The access tokens provided by this service grant access to all Amazon -// Web Services account entitlements assigned to an IAM Identity Center user, -// not just a particular application. -// -// - The documentation in this guide does not describe the mechanism to convert -// the access token into Amazon Web Services Auth (“sigv4”) credentials -// for use with IAM-protected Amazon Web Services service endpoints. For -// more information, see GetRoleCredentials (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html) -// in the IAM Identity Center Portal API Reference Guide. -// -// For general information about IAM Identity Center, see What is IAM Identity -// Center? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) -// in the IAM Identity Center User Guide. -// -// See https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10 for more information on this service. -// -// See ssooidc package documentation for more information. -// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/ -// -// # Using the Client -// -// To contact AWS SSO OIDC with the SDK use the New function to create -// a new service client. With that client you can make API requests to the service. -// These clients are safe to use concurrently. -// -// See the SDK's documentation for more information on how to use the SDK. -// https://docs.aws.amazon.com/sdk-for-go/api/ -// -// See aws.Config documentation for more information on configuring SDK clients. -// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config -// -// See the AWS SSO OIDC client SSOOIDC for more -// information on creating client for this service. -// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/#New -package ssooidc diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go deleted file mode 100644 index cadf4584..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go +++ /dev/null @@ -1,123 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package ssooidc - -import ( - "github.com/aws/aws-sdk-go/private/protocol" -) - -const ( - - // ErrCodeAccessDeniedException for service response error code - // "AccessDeniedException". - // - // You do not have sufficient access to perform this action. - ErrCodeAccessDeniedException = "AccessDeniedException" - - // ErrCodeAuthorizationPendingException for service response error code - // "AuthorizationPendingException". - // - // Indicates that a request to authorize a client with an access user session - // token is pending. - ErrCodeAuthorizationPendingException = "AuthorizationPendingException" - - // ErrCodeExpiredTokenException for service response error code - // "ExpiredTokenException". - // - // Indicates that the token issued by the service is expired and is no longer - // valid. - ErrCodeExpiredTokenException = "ExpiredTokenException" - - // ErrCodeInternalServerException for service response error code - // "InternalServerException". - // - // Indicates that an error from the service occurred while trying to process - // a request. - ErrCodeInternalServerException = "InternalServerException" - - // ErrCodeInvalidClientException for service response error code - // "InvalidClientException". - // - // Indicates that the clientId or clientSecret in the request is invalid. For - // example, this can occur when a client sends an incorrect clientId or an expired - // clientSecret. - ErrCodeInvalidClientException = "InvalidClientException" - - // ErrCodeInvalidClientMetadataException for service response error code - // "InvalidClientMetadataException". - // - // Indicates that the client information sent in the request during registration - // is invalid. - ErrCodeInvalidClientMetadataException = "InvalidClientMetadataException" - - // ErrCodeInvalidGrantException for service response error code - // "InvalidGrantException". - // - // Indicates that a request contains an invalid grant. This can occur if a client - // makes a CreateToken request with an invalid grant type. - ErrCodeInvalidGrantException = "InvalidGrantException" - - // ErrCodeInvalidRedirectUriException for service response error code - // "InvalidRedirectUriException". - // - // Indicates that one or more redirect URI in the request is not supported for - // this operation. - ErrCodeInvalidRedirectUriException = "InvalidRedirectUriException" - - // ErrCodeInvalidRequestException for service response error code - // "InvalidRequestException". - // - // Indicates that something is wrong with the input to the request. For example, - // a required parameter might be missing or out of range. - ErrCodeInvalidRequestException = "InvalidRequestException" - - // ErrCodeInvalidRequestRegionException for service response error code - // "InvalidRequestRegionException". - // - // Indicates that a token provided as input to the request was issued by and - // is only usable by calling IAM Identity Center endpoints in another region. - ErrCodeInvalidRequestRegionException = "InvalidRequestRegionException" - - // ErrCodeInvalidScopeException for service response error code - // "InvalidScopeException". - // - // Indicates that the scope provided in the request is invalid. - ErrCodeInvalidScopeException = "InvalidScopeException" - - // ErrCodeSlowDownException for service response error code - // "SlowDownException". - // - // Indicates that the client is making the request too frequently and is more - // than the service can handle. - ErrCodeSlowDownException = "SlowDownException" - - // ErrCodeUnauthorizedClientException for service response error code - // "UnauthorizedClientException". - // - // Indicates that the client is not currently authorized to make the request. - // This can happen when a clientId is not issued for a public client. - ErrCodeUnauthorizedClientException = "UnauthorizedClientException" - - // ErrCodeUnsupportedGrantTypeException for service response error code - // "UnsupportedGrantTypeException". - // - // Indicates that the grant type in the request is not supported by the service. - ErrCodeUnsupportedGrantTypeException = "UnsupportedGrantTypeException" -) - -var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ - "AccessDeniedException": newErrorAccessDeniedException, - "AuthorizationPendingException": newErrorAuthorizationPendingException, - "ExpiredTokenException": newErrorExpiredTokenException, - "InternalServerException": newErrorInternalServerException, - "InvalidClientException": newErrorInvalidClientException, - "InvalidClientMetadataException": newErrorInvalidClientMetadataException, - "InvalidGrantException": newErrorInvalidGrantException, - "InvalidRedirectUriException": newErrorInvalidRedirectUriException, - "InvalidRequestException": newErrorInvalidRequestException, - "InvalidRequestRegionException": newErrorInvalidRequestRegionException, - "InvalidScopeException": newErrorInvalidScopeException, - "SlowDownException": newErrorSlowDownException, - "UnauthorizedClientException": newErrorUnauthorizedClientException, - "UnsupportedGrantTypeException": newErrorUnsupportedGrantTypeException, -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go b/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go deleted file mode 100644 index 782bae36..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go +++ /dev/null @@ -1,106 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package ssooidc - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/aws/signer/v4" - "github.com/aws/aws-sdk-go/private/protocol" - "github.com/aws/aws-sdk-go/private/protocol/restjson" -) - -// SSOOIDC provides the API operation methods for making requests to -// AWS SSO OIDC. See this package's package overview docs -// for details on the service. -// -// SSOOIDC methods are safe to use concurrently. It is not safe to -// modify mutate any of the struct's properties though. -type SSOOIDC struct { - *client.Client -} - -// Used for custom client initialization logic -var initClient func(*client.Client) - -// Used for custom request initialization logic -var initRequest func(*request.Request) - -// Service information constants -const ( - ServiceName = "SSO OIDC" // Name of service. - EndpointsID = "oidc" // ID to lookup a service endpoint with. - ServiceID = "SSO OIDC" // ServiceID is a unique identifier of a specific service. -) - -// New creates a new instance of the SSOOIDC client with a session. -// If additional configuration is needed for the client instance use the optional -// aws.Config parameter to add your extra config. -// -// Example: -// -// mySession := session.Must(session.NewSession()) -// -// // Create a SSOOIDC client from just a session. -// svc := ssooidc.New(mySession) -// -// // Create a SSOOIDC client with additional configuration -// svc := ssooidc.New(mySession, aws.NewConfig().WithRegion("us-west-2")) -func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC { - c := p.ClientConfig(EndpointsID, cfgs...) - if c.SigningNameDerived || len(c.SigningName) == 0 { - c.SigningName = "sso-oauth" - } - return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) -} - -// newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *SSOOIDC { - svc := &SSOOIDC{ - Client: client.New( - cfg, - metadata.ClientInfo{ - ServiceName: ServiceName, - ServiceID: ServiceID, - SigningName: signingName, - SigningRegion: signingRegion, - PartitionID: partitionID, - Endpoint: endpoint, - APIVersion: "2019-06-10", - ResolvedRegion: resolvedRegion, - }, - handlers, - ), - } - - // Handlers - svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) - svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) - svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) - svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) - svc.Handlers.UnmarshalError.PushBackNamed( - protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), - ) - - // Run custom client initialization if present - if initClient != nil { - initClient(svc.Client) - } - - return svc -} - -// newRequest creates a new request for a SSOOIDC operation and runs any -// custom request initialization. -func (c *SSOOIDC) newRequest(op *request.Operation, params, data interface{}) *request.Request { - req := c.NewRequest(op, params, data) - - // Run custom request initialization if present - if initRequest != nil { - initRequest(req) - } - - return req -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/vendor/github.com/aws/aws-sdk-go/service/sts/api.go deleted file mode 100644 index 2c395f5f..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ /dev/null @@ -1,3553 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package sts - -import ( - "fmt" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awsutil" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" -) - -const opAssumeRole = "AssumeRole" - -// AssumeRoleRequest generates a "aws/request.Request" representing the -// client's request for the AssumeRole operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See AssumeRole for more information on using the AssumeRole -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the AssumeRoleRequest method. -// req, resp := client.AssumeRoleRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRole -func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, output *AssumeRoleOutput) { - op := &request.Operation{ - Name: opAssumeRole, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AssumeRoleInput{} - } - - output = &AssumeRoleOutput{} - req = c.newRequest(op, input, output) - return -} - -// AssumeRole API operation for AWS Security Token Service. -// -// Returns a set of temporary security credentials that you can use to access -// Amazon Web Services resources. These temporary credentials consist of an -// access key ID, a secret access key, and a security token. Typically, you -// use AssumeRole within your account or for cross-account access. For a comparison -// of AssumeRole with other API operations that produce temporary credentials, -// see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) -// in the IAM User Guide. -// -// # Permissions -// -// The temporary security credentials created by AssumeRole can be used to make -// API calls to any Amazon Web Services service with the following exception: -// You cannot call the Amazon Web Services STS GetFederationToken or GetSessionToken -// API operations. -// -// (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) -// to this operation. You can pass a single JSON policy document to use as an -// inline session policy. You can also specify up to 10 managed policy Amazon -// Resource Names (ARNs) to use as managed session policies. The plaintext that -// you use for both inline and managed session policies can't exceed 2,048 characters. -// Passing policies to this operation returns new temporary credentials. The -// resulting session's permissions are the intersection of the role's identity-based -// policy and the session policies. You can use the role's temporary credentials -// in subsequent Amazon Web Services API calls to access resources in the account -// that owns the role. You cannot use session policies to grant more permissions -// than those allowed by the identity-based policy of the role that is being -// assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) -// in the IAM User Guide. -// -// When you create a role, you create two policies: a role trust policy that -// specifies who can assume the role, and a permissions policy that specifies -// what can be done with the role. You specify the trusted principal that is -// allowed to assume the role in the role trust policy. -// -// To assume a role from a different account, your Amazon Web Services account -// must be trusted by the role. The trust relationship is defined in the role's -// trust policy when the role is created. That trust policy states which accounts -// are allowed to delegate that access to users in the account. -// -// A user who wants to access a role in a different account must also have permissions -// that are delegated from the account administrator. The administrator must -// attach a policy that allows the user to call AssumeRole for the ARN of the -// role in the other account. -// -// To allow a user to assume a role in the same account, you can do either of -// the following: -// -// - Attach a policy to the user that allows the user to call AssumeRole -// (as long as the role's trust policy trusts the account). -// -// - Add the user as a principal directly in the role's trust policy. -// -// You can do either because the role’s trust policy acts as an IAM resource-based -// policy. When a resource-based policy grants access to a principal in the -// same account, no additional identity-based policy is required. For more information -// about trust policies and resource-based policies, see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) -// in the IAM User Guide. -// -// # Tags -// -// (Optional) You can pass tag key-value pairs to your session. These tags are -// called session tags. For more information about session tags, see Passing -// Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// An administrator must grant you the permissions necessary to pass session -// tags. The administrator can also create granular permissions to allow you -// to pass only specific session tags. For more information, see Tutorial: Using -// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) -// in the IAM User Guide. -// -// You can set the session tags as transitive. Transitive tags persist during -// role chaining. For more information, see Chaining Roles with Session Tags -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) -// in the IAM User Guide. -// -// # Using MFA with AssumeRole -// -// (Optional) You can include multi-factor authentication (MFA) information -// when you call AssumeRole. This is useful for cross-account scenarios to ensure -// that the user that assumes the role has been authenticated with an Amazon -// Web Services MFA device. In that scenario, the trust policy of the role being -// assumed includes a condition that tests for MFA authentication. If the caller -// does not include valid MFA information, the request to assume the role is -// denied. The condition in a trust policy that tests for MFA authentication -// might look like the following example. -// -// "Condition": {"Bool": {"aws:MultiFactorAuthPresent": true}} -// -// For more information, see Configuring MFA-Protected API Access (https://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html) -// in the IAM User Guide guide. -// -// To use MFA with AssumeRole, you pass values for the SerialNumber and TokenCode -// parameters. The SerialNumber value identifies the user's hardware or virtual -// MFA device. The TokenCode is the time-based one-time password (TOTP) that -// the MFA device produces. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Security Token Service's -// API operation AssumeRole for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -// -// - ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An Amazon Web Services conversion -// compresses the session policy document, session policy ARNs, and session -// tags into a packed binary format that has a separate limit. The error message -// indicates by percentage how close the policies and tags are to the upper -// size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see IAM and STS Entity Character -// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) -// in the IAM User Guide. -// -// - ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating Amazon Web Services STS in an Amazon Web Services Region -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// - ErrCodeExpiredTokenException "ExpiredTokenException" -// The web identity token that was passed is expired or is not valid. Get a -// new identity token from the identity provider and then retry the request. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRole -func (c *STS) AssumeRole(input *AssumeRoleInput) (*AssumeRoleOutput, error) { - req, out := c.AssumeRoleRequest(input) - return out, req.Send() -} - -// AssumeRoleWithContext is the same as AssumeRole with the addition of -// the ability to pass a context and additional request options. -// -// See AssumeRole for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *STS) AssumeRoleWithContext(ctx aws.Context, input *AssumeRoleInput, opts ...request.Option) (*AssumeRoleOutput, error) { - req, out := c.AssumeRoleRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opAssumeRoleWithSAML = "AssumeRoleWithSAML" - -// AssumeRoleWithSAMLRequest generates a "aws/request.Request" representing the -// client's request for the AssumeRoleWithSAML operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See AssumeRoleWithSAML for more information on using the AssumeRoleWithSAML -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the AssumeRoleWithSAMLRequest method. -// req, resp := client.AssumeRoleWithSAMLRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithSAML -func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *request.Request, output *AssumeRoleWithSAMLOutput) { - op := &request.Operation{ - Name: opAssumeRoleWithSAML, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AssumeRoleWithSAMLInput{} - } - - output = &AssumeRoleWithSAMLOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - return -} - -// AssumeRoleWithSAML API operation for AWS Security Token Service. -// -// Returns a set of temporary security credentials for users who have been authenticated -// via a SAML authentication response. This operation provides a mechanism for -// tying an enterprise identity store or directory to role-based Amazon Web -// Services access without user-specific credentials or configuration. For a -// comparison of AssumeRoleWithSAML with the other API operations that produce -// temporary credentials, see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) -// in the IAM User Guide. -// -// The temporary security credentials returned by this operation consist of -// an access key ID, a secret access key, and a security token. Applications -// can use these temporary security credentials to sign calls to Amazon Web -// Services services. -// -// # Session Duration -// -// By default, the temporary security credentials created by AssumeRoleWithSAML -// last for one hour. However, you can use the optional DurationSeconds parameter -// to specify the duration of your session. Your role session lasts for the -// duration that you specify, or until the time specified in the SAML authentication -// response's SessionNotOnOrAfter value, whichever is shorter. You can provide -// a DurationSeconds value from 900 seconds (15 minutes) up to the maximum session -// duration setting for the role. This setting can have a value from 1 hour -// to 12 hours. To learn how to view the maximum value for your role, see View -// the Maximum Session Duration Setting for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) -// in the IAM User Guide. The maximum session duration limit applies when you -// use the AssumeRole* API operations or the assume-role* CLI commands. However -// the limit does not apply when you use those operations to create a console -// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) -// in the IAM User Guide. -// -// Role chaining (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-role-chaining) -// limits your CLI or Amazon Web Services API role session to a maximum of one -// hour. When you use the AssumeRole API operation to assume a role, you can -// specify the duration of your role session with the DurationSeconds parameter. -// You can specify a parameter value of up to 43200 seconds (12 hours), depending -// on the maximum session duration setting for your role. However, if you assume -// a role using role chaining and provide a DurationSeconds parameter value -// greater than one hour, the operation fails. -// -// # Permissions -// -// The temporary security credentials created by AssumeRoleWithSAML can be used -// to make API calls to any Amazon Web Services service with the following exception: -// you cannot call the STS GetFederationToken or GetSessionToken API operations. -// -// (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) -// to this operation. You can pass a single JSON policy document to use as an -// inline session policy. You can also specify up to 10 managed policy Amazon -// Resource Names (ARNs) to use as managed session policies. The plaintext that -// you use for both inline and managed session policies can't exceed 2,048 characters. -// Passing policies to this operation returns new temporary credentials. The -// resulting session's permissions are the intersection of the role's identity-based -// policy and the session policies. You can use the role's temporary credentials -// in subsequent Amazon Web Services API calls to access resources in the account -// that owns the role. You cannot use session policies to grant more permissions -// than those allowed by the identity-based policy of the role that is being -// assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) -// in the IAM User Guide. -// -// Calling AssumeRoleWithSAML does not require the use of Amazon Web Services -// security credentials. The identity of the caller is validated by using keys -// in the metadata document that is uploaded for the SAML provider entity for -// your identity provider. -// -// Calling AssumeRoleWithSAML can result in an entry in your CloudTrail logs. -// The entry includes the value in the NameID element of the SAML assertion. -// We recommend that you use a NameIDType that is not associated with any personally -// identifiable information (PII). For example, you could instead use the persistent -// identifier (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent). -// -// # Tags -// -// (Optional) You can configure your IdP to pass attributes into your SAML assertion -// as session tags. Each session tag consists of a key name and an associated -// value. For more information about session tags, see Passing Session Tags -// in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You can pass up to 50 session tags. The plaintext session tag keys can’t -// exceed 128 characters and the values can’t exceed 256 characters. For these -// and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) -// in the IAM User Guide. -// -// An Amazon Web Services conversion compresses the passed inline session policy, -// managed policy ARNs, and session tags into a packed binary format that has -// a separate limit. Your request can fail for this limit even if your plaintext -// meets the other requirements. The PackedPolicySize response element indicates -// by percentage how close the policies and tags for your request are to the -// upper size limit. -// -// You can pass a session tag with the same key as a tag that is attached to -// the role. When you do, session tags override the role's tags with the same -// key. -// -// An administrator must grant you the permissions necessary to pass session -// tags. The administrator can also create granular permissions to allow you -// to pass only specific session tags. For more information, see Tutorial: Using -// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) -// in the IAM User Guide. -// -// You can set the session tags as transitive. Transitive tags persist during -// role chaining. For more information, see Chaining Roles with Session Tags -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) -// in the IAM User Guide. -// -// # SAML Configuration -// -// Before your application can call AssumeRoleWithSAML, you must configure your -// SAML identity provider (IdP) to issue the claims required by Amazon Web Services. -// Additionally, you must use Identity and Access Management (IAM) to create -// a SAML provider entity in your Amazon Web Services account that represents -// your identity provider. You must also create an IAM role that specifies this -// SAML provider in its trust policy. -// -// For more information, see the following resources: -// -// - About SAML 2.0-based Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) -// in the IAM User Guide. -// -// - Creating SAML Identity Providers (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html) -// in the IAM User Guide. -// -// - Configuring a Relying Party and Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html) -// in the IAM User Guide. -// -// - Creating a Role for SAML 2.0 Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html) -// in the IAM User Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Security Token Service's -// API operation AssumeRoleWithSAML for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -// -// - ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An Amazon Web Services conversion -// compresses the session policy document, session policy ARNs, and session -// tags into a packed binary format that has a separate limit. The error message -// indicates by percentage how close the policies and tags are to the upper -// size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see IAM and STS Entity Character -// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) -// in the IAM User Guide. -// -// - ErrCodeIDPRejectedClaimException "IDPRejectedClaim" -// The identity provider (IdP) reported that authentication failed. This might -// be because the claim is invalid. -// -// If this error is returned for the AssumeRoleWithWebIdentity operation, it -// can also mean that the claim has expired or has been explicitly revoked. -// -// - ErrCodeInvalidIdentityTokenException "InvalidIdentityToken" -// The web identity token that was passed could not be validated by Amazon Web -// Services. Get a new identity token from the identity provider and then retry -// the request. -// -// - ErrCodeExpiredTokenException "ExpiredTokenException" -// The web identity token that was passed is expired or is not valid. Get a -// new identity token from the identity provider and then retry the request. -// -// - ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating Amazon Web Services STS in an Amazon Web Services Region -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithSAML -func (c *STS) AssumeRoleWithSAML(input *AssumeRoleWithSAMLInput) (*AssumeRoleWithSAMLOutput, error) { - req, out := c.AssumeRoleWithSAMLRequest(input) - return out, req.Send() -} - -// AssumeRoleWithSAMLWithContext is the same as AssumeRoleWithSAML with the addition of -// the ability to pass a context and additional request options. -// -// See AssumeRoleWithSAML for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *STS) AssumeRoleWithSAMLWithContext(ctx aws.Context, input *AssumeRoleWithSAMLInput, opts ...request.Option) (*AssumeRoleWithSAMLOutput, error) { - req, out := c.AssumeRoleWithSAMLRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opAssumeRoleWithWebIdentity = "AssumeRoleWithWebIdentity" - -// AssumeRoleWithWebIdentityRequest generates a "aws/request.Request" representing the -// client's request for the AssumeRoleWithWebIdentity operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See AssumeRoleWithWebIdentity for more information on using the AssumeRoleWithWebIdentity -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the AssumeRoleWithWebIdentityRequest method. -// req, resp := client.AssumeRoleWithWebIdentityRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithWebIdentity -func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityInput) (req *request.Request, output *AssumeRoleWithWebIdentityOutput) { - op := &request.Operation{ - Name: opAssumeRoleWithWebIdentity, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AssumeRoleWithWebIdentityInput{} - } - - output = &AssumeRoleWithWebIdentityOutput{} - req = c.newRequest(op, input, output) - req.Config.Credentials = credentials.AnonymousCredentials - return -} - -// AssumeRoleWithWebIdentity API operation for AWS Security Token Service. -// -// Returns a set of temporary security credentials for users who have been authenticated -// in a mobile or web application with a web identity provider. Example providers -// include the OAuth 2.0 providers Login with Amazon and Facebook, or any OpenID -// Connect-compatible identity provider such as Google or Amazon Cognito federated -// identities (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html). -// -// For mobile applications, we recommend that you use Amazon Cognito. You can -// use Amazon Cognito with the Amazon Web Services SDK for iOS Developer Guide -// (http://aws.amazon.com/sdkforios/) and the Amazon Web Services SDK for Android -// Developer Guide (http://aws.amazon.com/sdkforandroid/) to uniquely identify -// a user. You can also supply the user with a consistent identity throughout -// the lifetime of an application. -// -// To learn more about Amazon Cognito, see Amazon Cognito identity pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html) -// in Amazon Cognito Developer Guide. -// -// Calling AssumeRoleWithWebIdentity does not require the use of Amazon Web -// Services security credentials. Therefore, you can distribute an application -// (for example, on mobile devices) that requests temporary security credentials -// without including long-term Amazon Web Services credentials in the application. -// You also don't need to deploy server-based proxy services that use long-term -// Amazon Web Services credentials. Instead, the identity of the caller is validated -// by using a token from the web identity provider. For a comparison of AssumeRoleWithWebIdentity -// with the other API operations that produce temporary credentials, see Requesting -// Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) -// in the IAM User Guide. -// -// The temporary security credentials returned by this API consist of an access -// key ID, a secret access key, and a security token. Applications can use these -// temporary security credentials to sign calls to Amazon Web Services service -// API operations. -// -// # Session Duration -// -// By default, the temporary security credentials created by AssumeRoleWithWebIdentity -// last for one hour. However, you can use the optional DurationSeconds parameter -// to specify the duration of your session. You can provide a value from 900 -// seconds (15 minutes) up to the maximum session duration setting for the role. -// This setting can have a value from 1 hour to 12 hours. To learn how to view -// the maximum value for your role, see View the Maximum Session Duration Setting -// for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) -// in the IAM User Guide. The maximum session duration limit applies when you -// use the AssumeRole* API operations or the assume-role* CLI commands. However -// the limit does not apply when you use those operations to create a console -// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) -// in the IAM User Guide. -// -// # Permissions -// -// The temporary security credentials created by AssumeRoleWithWebIdentity can -// be used to make API calls to any Amazon Web Services service with the following -// exception: you cannot call the STS GetFederationToken or GetSessionToken -// API operations. -// -// (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) -// to this operation. You can pass a single JSON policy document to use as an -// inline session policy. You can also specify up to 10 managed policy Amazon -// Resource Names (ARNs) to use as managed session policies. The plaintext that -// you use for both inline and managed session policies can't exceed 2,048 characters. -// Passing policies to this operation returns new temporary credentials. The -// resulting session's permissions are the intersection of the role's identity-based -// policy and the session policies. You can use the role's temporary credentials -// in subsequent Amazon Web Services API calls to access resources in the account -// that owns the role. You cannot use session policies to grant more permissions -// than those allowed by the identity-based policy of the role that is being -// assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) -// in the IAM User Guide. -// -// # Tags -// -// (Optional) You can configure your IdP to pass attributes into your web identity -// token as session tags. Each session tag consists of a key name and an associated -// value. For more information about session tags, see Passing Session Tags -// in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You can pass up to 50 session tags. The plaintext session tag keys can’t -// exceed 128 characters and the values can’t exceed 256 characters. For these -// and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) -// in the IAM User Guide. -// -// An Amazon Web Services conversion compresses the passed inline session policy, -// managed policy ARNs, and session tags into a packed binary format that has -// a separate limit. Your request can fail for this limit even if your plaintext -// meets the other requirements. The PackedPolicySize response element indicates -// by percentage how close the policies and tags for your request are to the -// upper size limit. -// -// You can pass a session tag with the same key as a tag that is attached to -// the role. When you do, the session tag overrides the role tag with the same -// key. -// -// An administrator must grant you the permissions necessary to pass session -// tags. The administrator can also create granular permissions to allow you -// to pass only specific session tags. For more information, see Tutorial: Using -// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) -// in the IAM User Guide. -// -// You can set the session tags as transitive. Transitive tags persist during -// role chaining. For more information, see Chaining Roles with Session Tags -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) -// in the IAM User Guide. -// -// # Identities -// -// Before your application can call AssumeRoleWithWebIdentity, you must have -// an identity token from a supported identity provider and create a role that -// the application can assume. The role that your application assumes must trust -// the identity provider that is associated with the identity token. In other -// words, the identity provider must be specified in the role's trust policy. -// -// Calling AssumeRoleWithWebIdentity can result in an entry in your CloudTrail -// logs. The entry includes the Subject (http://openid.net/specs/openid-connect-core-1_0.html#Claims) -// of the provided web identity token. We recommend that you avoid using any -// personally identifiable information (PII) in this field. For example, you -// could instead use a GUID or a pairwise identifier, as suggested in the OIDC -// specification (http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes). -// -// For more information about how to use web identity federation and the AssumeRoleWithWebIdentity -// API, see the following resources: -// -// - Using Web Identity Federation API Operations for Mobile Apps (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html) -// and Federation Through a Web-based Identity Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity). -// -// - Web Identity Federation Playground (https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/). -// Walk through the process of authenticating through Login with Amazon, -// Facebook, or Google, getting temporary security credentials, and then -// using those credentials to make a request to Amazon Web Services. -// -// - Amazon Web Services SDK for iOS Developer Guide (http://aws.amazon.com/sdkforios/) -// and Amazon Web Services SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/). -// These toolkits contain sample apps that show how to invoke the identity -// providers. The toolkits then show how to use the information from these -// providers to get and use temporary security credentials. -// -// - Web Identity Federation with Mobile Applications (http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications). -// This article discusses web identity federation and shows an example of -// how to use web identity federation to get access to content in Amazon -// S3. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Security Token Service's -// API operation AssumeRoleWithWebIdentity for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -// -// - ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An Amazon Web Services conversion -// compresses the session policy document, session policy ARNs, and session -// tags into a packed binary format that has a separate limit. The error message -// indicates by percentage how close the policies and tags are to the upper -// size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see IAM and STS Entity Character -// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) -// in the IAM User Guide. -// -// - ErrCodeIDPRejectedClaimException "IDPRejectedClaim" -// The identity provider (IdP) reported that authentication failed. This might -// be because the claim is invalid. -// -// If this error is returned for the AssumeRoleWithWebIdentity operation, it -// can also mean that the claim has expired or has been explicitly revoked. -// -// - ErrCodeIDPCommunicationErrorException "IDPCommunicationError" -// The request could not be fulfilled because the identity provider (IDP) that -// was asked to verify the incoming identity token could not be reached. This -// is often a transient error caused by network conditions. Retry the request -// a limited number of times so that you don't exceed the request rate. If the -// error persists, the identity provider might be down or not responding. -// -// - ErrCodeInvalidIdentityTokenException "InvalidIdentityToken" -// The web identity token that was passed could not be validated by Amazon Web -// Services. Get a new identity token from the identity provider and then retry -// the request. -// -// - ErrCodeExpiredTokenException "ExpiredTokenException" -// The web identity token that was passed is expired or is not valid. Get a -// new identity token from the identity provider and then retry the request. -// -// - ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating Amazon Web Services STS in an Amazon Web Services Region -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithWebIdentity -func (c *STS) AssumeRoleWithWebIdentity(input *AssumeRoleWithWebIdentityInput) (*AssumeRoleWithWebIdentityOutput, error) { - req, out := c.AssumeRoleWithWebIdentityRequest(input) - return out, req.Send() -} - -// AssumeRoleWithWebIdentityWithContext is the same as AssumeRoleWithWebIdentity with the addition of -// the ability to pass a context and additional request options. -// -// See AssumeRoleWithWebIdentity for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *STS) AssumeRoleWithWebIdentityWithContext(ctx aws.Context, input *AssumeRoleWithWebIdentityInput, opts ...request.Option) (*AssumeRoleWithWebIdentityOutput, error) { - req, out := c.AssumeRoleWithWebIdentityRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opDecodeAuthorizationMessage = "DecodeAuthorizationMessage" - -// DecodeAuthorizationMessageRequest generates a "aws/request.Request" representing the -// client's request for the DecodeAuthorizationMessage operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DecodeAuthorizationMessage for more information on using the DecodeAuthorizationMessage -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DecodeAuthorizationMessageRequest method. -// req, resp := client.DecodeAuthorizationMessageRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/DecodeAuthorizationMessage -func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessageInput) (req *request.Request, output *DecodeAuthorizationMessageOutput) { - op := &request.Operation{ - Name: opDecodeAuthorizationMessage, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DecodeAuthorizationMessageInput{} - } - - output = &DecodeAuthorizationMessageOutput{} - req = c.newRequest(op, input, output) - return -} - -// DecodeAuthorizationMessage API operation for AWS Security Token Service. -// -// Decodes additional information about the authorization status of a request -// from an encoded message returned in response to an Amazon Web Services request. -// -// For example, if a user is not authorized to perform an operation that he -// or she has requested, the request returns a Client.UnauthorizedOperation -// response (an HTTP 403 response). Some Amazon Web Services operations additionally -// return an encoded message that can provide details about this authorization -// failure. -// -// Only certain Amazon Web Services operations return an encoded authorization -// message. The documentation for an individual operation indicates whether -// that operation returns an encoded message in addition to returning an HTTP -// code. -// -// The message is encoded because the details of the authorization status can -// contain privileged information that the user who requested the operation -// should not see. To decode an authorization status message, a user must be -// granted permissions through an IAM policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) -// to request the DecodeAuthorizationMessage (sts:DecodeAuthorizationMessage) -// action. -// -// The decoded message includes the following type of information: -// -// - Whether the request was denied due to an explicit deny or due to the -// absence of an explicit allow. For more information, see Determining Whether -// a Request is Allowed or Denied (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow) -// in the IAM User Guide. -// -// - The principal who made the request. -// -// - The requested action. -// -// - The requested resource. -// -// - The values of condition keys in the context of the user's request. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Security Token Service's -// API operation DecodeAuthorizationMessage for usage and error information. -// -// Returned Error Codes: -// - ErrCodeInvalidAuthorizationMessageException "InvalidAuthorizationMessageException" -// The error returned if the message passed to DecodeAuthorizationMessage was -// invalid. This can happen if the token contains invalid characters, such as -// linebreaks. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/DecodeAuthorizationMessage -func (c *STS) DecodeAuthorizationMessage(input *DecodeAuthorizationMessageInput) (*DecodeAuthorizationMessageOutput, error) { - req, out := c.DecodeAuthorizationMessageRequest(input) - return out, req.Send() -} - -// DecodeAuthorizationMessageWithContext is the same as DecodeAuthorizationMessage with the addition of -// the ability to pass a context and additional request options. -// -// See DecodeAuthorizationMessage for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *STS) DecodeAuthorizationMessageWithContext(ctx aws.Context, input *DecodeAuthorizationMessageInput, opts ...request.Option) (*DecodeAuthorizationMessageOutput, error) { - req, out := c.DecodeAuthorizationMessageRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetAccessKeyInfo = "GetAccessKeyInfo" - -// GetAccessKeyInfoRequest generates a "aws/request.Request" representing the -// client's request for the GetAccessKeyInfo operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetAccessKeyInfo for more information on using the GetAccessKeyInfo -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetAccessKeyInfoRequest method. -// req, resp := client.GetAccessKeyInfoRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetAccessKeyInfo -func (c *STS) GetAccessKeyInfoRequest(input *GetAccessKeyInfoInput) (req *request.Request, output *GetAccessKeyInfoOutput) { - op := &request.Operation{ - Name: opGetAccessKeyInfo, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetAccessKeyInfoInput{} - } - - output = &GetAccessKeyInfoOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetAccessKeyInfo API operation for AWS Security Token Service. -// -// Returns the account identifier for the specified access key ID. -// -// Access keys consist of two parts: an access key ID (for example, AKIAIOSFODNN7EXAMPLE) -// and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). -// For more information about access keys, see Managing Access Keys for IAM -// Users (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html) -// in the IAM User Guide. -// -// When you pass an access key ID to this operation, it returns the ID of the -// Amazon Web Services account to which the keys belong. Access key IDs beginning -// with AKIA are long-term credentials for an IAM user or the Amazon Web Services -// account root user. Access key IDs beginning with ASIA are temporary credentials -// that are created using STS operations. If the account in the response belongs -// to you, you can sign in as the root user and review your root user access -// keys. Then, you can pull a credentials report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html) -// to learn which IAM user owns the keys. To learn who requested the temporary -// credentials for an ASIA access key, view the STS events in your CloudTrail -// logs (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) -// in the IAM User Guide. -// -// This operation does not indicate the state of the access key. The key might -// be active, inactive, or deleted. Active keys might not have permissions to -// perform an operation. Providing a deleted access key might return an error -// that the key doesn't exist. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Security Token Service's -// API operation GetAccessKeyInfo for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetAccessKeyInfo -func (c *STS) GetAccessKeyInfo(input *GetAccessKeyInfoInput) (*GetAccessKeyInfoOutput, error) { - req, out := c.GetAccessKeyInfoRequest(input) - return out, req.Send() -} - -// GetAccessKeyInfoWithContext is the same as GetAccessKeyInfo with the addition of -// the ability to pass a context and additional request options. -// -// See GetAccessKeyInfo for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *STS) GetAccessKeyInfoWithContext(ctx aws.Context, input *GetAccessKeyInfoInput, opts ...request.Option) (*GetAccessKeyInfoOutput, error) { - req, out := c.GetAccessKeyInfoRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetCallerIdentity = "GetCallerIdentity" - -// GetCallerIdentityRequest generates a "aws/request.Request" representing the -// client's request for the GetCallerIdentity operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetCallerIdentity for more information on using the GetCallerIdentity -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetCallerIdentityRequest method. -// req, resp := client.GetCallerIdentityRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetCallerIdentity -func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *request.Request, output *GetCallerIdentityOutput) { - op := &request.Operation{ - Name: opGetCallerIdentity, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetCallerIdentityInput{} - } - - output = &GetCallerIdentityOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetCallerIdentity API operation for AWS Security Token Service. -// -// Returns details about the IAM user or role whose credentials are used to -// call the operation. -// -// No permissions are required to perform this operation. If an administrator -// attaches a policy to your identity that explicitly denies access to the sts:GetCallerIdentity -// action, you can still perform this operation. Permissions are not required -// because the same information is returned when access is denied. To view an -// example response, see I Am Not Authorized to Perform: iam:DeleteVirtualMFADevice -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) -// in the IAM User Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Security Token Service's -// API operation GetCallerIdentity for usage and error information. -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetCallerIdentity -func (c *STS) GetCallerIdentity(input *GetCallerIdentityInput) (*GetCallerIdentityOutput, error) { - req, out := c.GetCallerIdentityRequest(input) - return out, req.Send() -} - -// GetCallerIdentityWithContext is the same as GetCallerIdentity with the addition of -// the ability to pass a context and additional request options. -// -// See GetCallerIdentity for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *STS) GetCallerIdentityWithContext(ctx aws.Context, input *GetCallerIdentityInput, opts ...request.Option) (*GetCallerIdentityOutput, error) { - req, out := c.GetCallerIdentityRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetFederationToken = "GetFederationToken" - -// GetFederationTokenRequest generates a "aws/request.Request" representing the -// client's request for the GetFederationToken operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetFederationToken for more information on using the GetFederationToken -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetFederationTokenRequest method. -// req, resp := client.GetFederationTokenRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetFederationToken -func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *request.Request, output *GetFederationTokenOutput) { - op := &request.Operation{ - Name: opGetFederationToken, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetFederationTokenInput{} - } - - output = &GetFederationTokenOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetFederationToken API operation for AWS Security Token Service. -// -// Returns a set of temporary security credentials (consisting of an access -// key ID, a secret access key, and a security token) for a user. A typical -// use is in a proxy application that gets temporary security credentials on -// behalf of distributed applications inside a corporate network. -// -// You must call the GetFederationToken operation using the long-term security -// credentials of an IAM user. As a result, this call is appropriate in contexts -// where those credentials can be safeguarded, usually in a server-based application. -// For a comparison of GetFederationToken with the other API operations that -// produce temporary credentials, see Requesting Temporary Security Credentials -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) -// in the IAM User Guide. -// -// Although it is possible to call GetFederationToken using the security credentials -// of an Amazon Web Services account root user rather than an IAM user that -// you create for the purpose of a proxy application, we do not recommend it. -// For more information, see Safeguard your root user credentials and don't -// use them for everyday tasks (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials) -// in the IAM User Guide. -// -// You can create a mobile-based or browser-based app that can authenticate -// users using a web identity provider like Login with Amazon, Facebook, Google, -// or an OpenID Connect-compatible identity provider. In this case, we recommend -// that you use Amazon Cognito (http://aws.amazon.com/cognito/) or AssumeRoleWithWebIdentity. -// For more information, see Federation Through a Web-based Identity Provider -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity) -// in the IAM User Guide. -// -// # Session duration -// -// The temporary credentials are valid for the specified duration, from 900 -// seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default -// session duration is 43,200 seconds (12 hours). Temporary credentials obtained -// by using the root user credentials have a maximum duration of 3,600 seconds -// (1 hour). -// -// # Permissions -// -// You can use the temporary credentials created by GetFederationToken in any -// Amazon Web Services service with the following exceptions: -// -// - You cannot call any IAM operations using the CLI or the Amazon Web Services -// API. This limitation does not apply to console sessions. -// -// - You cannot call any STS operations except GetCallerIdentity. -// -// You can use temporary credentials for single sign-on (SSO) to the console. -// -// You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) -// to this operation. You can pass a single JSON policy document to use as an -// inline session policy. You can also specify up to 10 managed policy Amazon -// Resource Names (ARNs) to use as managed session policies. The plaintext that -// you use for both inline and managed session policies can't exceed 2,048 characters. -// -// Though the session policy parameters are optional, if you do not pass a policy, -// then the resulting federated user session has no permissions. When you pass -// session policies, the session permissions are the intersection of the IAM -// user policies and the session policies that you pass. This gives you a way -// to further restrict the permissions for a federated user. You cannot use -// session policies to grant more permissions than those that are defined in -// the permissions policy of the IAM user. For more information, see Session -// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) -// in the IAM User Guide. For information about using GetFederationToken to -// create temporary security credentials, see GetFederationToken—Federation -// Through a Custom Identity Broker (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken). -// -// You can use the credentials to access a resource that has a resource-based -// policy. If that policy specifically references the federated user session -// in the Principal element of the policy, the session has the permissions allowed -// by the policy. These permissions are granted in addition to the permissions -// granted by the session policies. -// -// # Tags -// -// (Optional) You can pass tag key-value pairs to your session. These are called -// session tags. For more information about session tags, see Passing Session -// Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You can create a mobile-based or browser-based app that can authenticate -// users using a web identity provider like Login with Amazon, Facebook, Google, -// or an OpenID Connect-compatible identity provider. In this case, we recommend -// that you use Amazon Cognito (http://aws.amazon.com/cognito/) or AssumeRoleWithWebIdentity. -// For more information, see Federation Through a Web-based Identity Provider -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity) -// in the IAM User Guide. -// -// An administrator must grant you the permissions necessary to pass session -// tags. The administrator can also create granular permissions to allow you -// to pass only specific session tags. For more information, see Tutorial: Using -// Tags for Attribute-Based Access Control (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html) -// in the IAM User Guide. -// -// Tag key–value pairs are not case sensitive, but case is preserved. This -// means that you cannot have separate Department and department tag keys. Assume -// that the user that you are federating has the Department=Marketing tag and -// you pass the department=engineering session tag. Department and department -// are not saved as separate tags, and the session tag passed in the request -// takes precedence over the user tag. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Security Token Service's -// API operation GetFederationToken for usage and error information. -// -// Returned Error Codes: -// -// - ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -// -// - ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An Amazon Web Services conversion -// compresses the session policy document, session policy ARNs, and session -// tags into a packed binary format that has a separate limit. The error message -// indicates by percentage how close the policies and tags are to the upper -// size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see IAM and STS Entity Character -// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) -// in the IAM User Guide. -// -// - ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating Amazon Web Services STS in an Amazon Web Services Region -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetFederationToken -func (c *STS) GetFederationToken(input *GetFederationTokenInput) (*GetFederationTokenOutput, error) { - req, out := c.GetFederationTokenRequest(input) - return out, req.Send() -} - -// GetFederationTokenWithContext is the same as GetFederationToken with the addition of -// the ability to pass a context and additional request options. -// -// See GetFederationToken for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *STS) GetFederationTokenWithContext(ctx aws.Context, input *GetFederationTokenInput, opts ...request.Option) (*GetFederationTokenOutput, error) { - req, out := c.GetFederationTokenRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -const opGetSessionToken = "GetSessionToken" - -// GetSessionTokenRequest generates a "aws/request.Request" representing the -// client's request for the GetSessionToken operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetSessionToken for more information on using the GetSessionToken -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the GetSessionTokenRequest method. -// req, resp := client.GetSessionTokenRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetSessionToken -func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request.Request, output *GetSessionTokenOutput) { - op := &request.Operation{ - Name: opGetSessionToken, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetSessionTokenInput{} - } - - output = &GetSessionTokenOutput{} - req = c.newRequest(op, input, output) - return -} - -// GetSessionToken API operation for AWS Security Token Service. -// -// Returns a set of temporary credentials for an Amazon Web Services account -// or IAM user. The credentials consist of an access key ID, a secret access -// key, and a security token. Typically, you use GetSessionToken if you want -// to use MFA to protect programmatic calls to specific Amazon Web Services -// API operations like Amazon EC2 StopInstances. -// -// MFA-enabled IAM users must call GetSessionToken and submit an MFA code that -// is associated with their MFA device. Using the temporary security credentials -// that the call returns, IAM users can then make programmatic calls to API -// operations that require MFA authentication. An incorrect MFA code causes -// the API to return an access denied error. For a comparison of GetSessionToken -// with the other API operations that produce temporary credentials, see Requesting -// Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) -// in the IAM User Guide. -// -// No permissions are required for users to perform this operation. The purpose -// of the sts:GetSessionToken operation is to authenticate the user using MFA. -// You cannot use policies to control authentication operations. For more information, -// see Permissions for GetSessionToken (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html) -// in the IAM User Guide. -// -// # Session Duration -// -// The GetSessionToken operation must be called by using the long-term Amazon -// Web Services security credentials of an IAM user. Credentials that are created -// by IAM users are valid for the duration that you specify. This duration can -// range from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36 -// hours), with a default of 43,200 seconds (12 hours). Credentials based on -// account credentials can range from 900 seconds (15 minutes) up to 3,600 seconds -// (1 hour), with a default of 1 hour. -// -// # Permissions -// -// The temporary security credentials created by GetSessionToken can be used -// to make API calls to any Amazon Web Services service with the following exceptions: -// -// - You cannot call any IAM API operations unless MFA authentication information -// is included in the request. -// -// - You cannot call any STS API except AssumeRole or GetCallerIdentity. -// -// The credentials that GetSessionToken returns are based on permissions associated -// with the IAM user whose credentials were used to call the operation. The -// temporary credentials have the same permissions as the IAM user. -// -// Although it is possible to call GetSessionToken using the security credentials -// of an Amazon Web Services account root user rather than an IAM user, we do -// not recommend it. If GetSessionToken is called using root user credentials, -// the temporary credentials have root user permissions. For more information, -// see Safeguard your root user credentials and don't use them for everyday -// tasks (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials) -// in the IAM User Guide -// -// For more information about using GetSessionToken to create temporary credentials, -// see Temporary Credentials for Users in Untrusted Environments (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) -// in the IAM User Guide. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for AWS Security Token Service's -// API operation GetSessionToken for usage and error information. -// -// Returned Error Codes: -// - ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating Amazon Web Services STS in an Amazon Web Services Region -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetSessionToken -func (c *STS) GetSessionToken(input *GetSessionTokenInput) (*GetSessionTokenOutput, error) { - req, out := c.GetSessionTokenRequest(input) - return out, req.Send() -} - -// GetSessionTokenWithContext is the same as GetSessionToken with the addition of -// the ability to pass a context and additional request options. -// -// See GetSessionToken for details on how to use this API operation. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *STS) GetSessionTokenWithContext(ctx aws.Context, input *GetSessionTokenInput, opts ...request.Option) (*GetSessionTokenOutput, error) { - req, out := c.GetSessionTokenRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() -} - -type AssumeRoleInput struct { - _ struct{} `type:"structure"` - - // The duration, in seconds, of the role session. The value specified can range - // from 900 seconds (15 minutes) up to the maximum session duration set for - // the role. The maximum session duration setting can have a value from 1 hour - // to 12 hours. If you specify a value higher than this setting or the administrator - // setting (whichever is lower), the operation fails. For example, if you specify - // a session duration of 12 hours, but your administrator set the maximum session - // duration to 6 hours, your operation fails. - // - // Role chaining limits your Amazon Web Services CLI or Amazon Web Services - // API role session to a maximum of one hour. When you use the AssumeRole API - // operation to assume a role, you can specify the duration of your role session - // with the DurationSeconds parameter. You can specify a parameter value of - // up to 43200 seconds (12 hours), depending on the maximum session duration - // setting for your role. However, if you assume a role using role chaining - // and provide a DurationSeconds parameter value greater than one hour, the - // operation fails. To learn how to view the maximum value for your role, see - // View the Maximum Session Duration Setting for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) - // in the IAM User Guide. - // - // By default, the value is set to 3600 seconds. - // - // The DurationSeconds parameter is separate from the duration of a console - // session that you might request using the returned credentials. The request - // to the federation endpoint for a console sign-in token takes a SessionDuration - // parameter that specifies the maximum length of the console session. For more - // information, see Creating a URL that Enables Federated Users to Access the - // Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) - // in the IAM User Guide. - DurationSeconds *int64 `min:"900" type:"integer"` - - // A unique identifier that might be required when you assume a role in another - // account. If the administrator of the account to which the role belongs provided - // you with an external ID, then provide that value in the ExternalId parameter. - // This value can be any string, such as a passphrase or account number. A cross-account - // role is usually set up to trust everyone in an account. Therefore, the administrator - // of the trusting account might send an external ID to the administrator of - // the trusted account. That way, only someone with the ID can assume the role, - // rather than everyone in the account. For more information about the external - // ID, see How to Use an External ID When Granting Access to Your Amazon Web - // Services Resources to a Third Party (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) - // in the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@:/- - ExternalId *string `min:"2" type:"string"` - - // An IAM policy in JSON format that you want to use as an inline session policy. - // - // This parameter is optional. Passing policies to this operation returns new - // temporary credentials. The resulting session's permissions are the intersection - // of the role's identity-based policy and the session policies. You can use - // the role's temporary credentials in subsequent Amazon Web Services API calls - // to access resources in the account that owns the role. You cannot use session - // policies to grant more permissions than those allowed by the identity-based - // policy of the role that is being assumed. For more information, see Session - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - // - // The plaintext that you use for both inline and managed session policies can't - // exceed 2,048 characters. The JSON policy characters can be any ASCII character - // from the space character to the end of the valid character list (\u0020 through - // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage - // return (\u000D) characters. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - Policy *string `min:"1" type:"string"` - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you want - // to use as managed session policies. The policies must exist in the same account - // as the role. - // - // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plaintext that you use for both inline and managed session policies - // can't exceed 2,048 characters. For more information about ARNs, see Amazon - // Resource Names (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the Amazon Web Services General Reference. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - // - // Passing policies to this operation returns new temporary credentials. The - // resulting session's permissions are the intersection of the role's identity-based - // policy and the session policies. You can use the role's temporary credentials - // in subsequent Amazon Web Services API calls to access resources in the account - // that owns the role. You cannot use session policies to grant more permissions - // than those allowed by the identity-based policy of the role that is being - // assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - PolicyArns []*PolicyDescriptorType `type:"list"` - - // A list of previously acquired trusted context assertions in the format of - // a JSON array. The trusted context assertion is signed and encrypted by Amazon - // Web Services STS. - // - // The following is an example of a ProvidedContext value that includes a single - // trusted context assertion and the ARN of the context provider from which - // the trusted context assertion was generated. - // - // [{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}] - ProvidedContexts []*ProvidedContext `type:"list"` - - // The Amazon Resource Name (ARN) of the role to assume. - // - // RoleArn is a required field - RoleArn *string `min:"20" type:"string" required:"true"` - - // An identifier for the assumed role session. - // - // Use the role session name to uniquely identify a session when the same role - // is assumed by different principals or for different reasons. In cross-account - // scenarios, the role session name is visible to, and can be logged by the - // account that owns the role. The role session name is also used in the ARN - // of the assumed role principal. This means that subsequent cross-account API - // requests that use the temporary security credentials will expose the role - // session name to the external account in their CloudTrail logs. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@- - // - // RoleSessionName is a required field - RoleSessionName *string `min:"2" type:"string" required:"true"` - - // The identification number of the MFA device that is associated with the user - // who is making the AssumeRole call. Specify this value if the trust policy - // of the role being assumed includes a condition that requires MFA authentication. - // The value is either the serial number for a hardware device (such as GAHT12345678) - // or an Amazon Resource Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user). - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@- - SerialNumber *string `min:"9" type:"string"` - - // The source identity specified by the principal that is calling the AssumeRole - // operation. - // - // You can require users to specify a source identity when they assume a role. - // You do this by using the sts:SourceIdentity condition key in a role trust - // policy. You can use source identity information in CloudTrail logs to determine - // who took actions with a role. You can use the aws:SourceIdentity condition - // key to further control access to Amazon Web Services resources based on the - // value of source identity. For more information about using source identity, - // see Monitor and control actions taken with assumed roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) - // in the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@-. You cannot - // use a value that begins with the text aws:. This prefix is reserved for Amazon - // Web Services internal use. - SourceIdentity *string `min:"2" type:"string"` - - // A list of session tags that you want to pass. Each session tag consists of - // a key name and an associated value. For more information about session tags, - // see Tagging Amazon Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) - // in the IAM User Guide. - // - // This parameter is optional. You can pass up to 50 session tags. The plaintext - // session tag keys can’t exceed 128 characters, and the values can’t exceed - // 256 characters. For these and additional limits, see IAM and STS Character - // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) - // in the IAM User Guide. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - // - // You can pass a session tag with the same key as a tag that is already attached - // to the role. When you do, session tags override a role tag with the same - // key. - // - // Tag key–value pairs are not case sensitive, but case is preserved. This - // means that you cannot have separate Department and department tag keys. Assume - // that the role has the Department=Marketing tag and you pass the department=engineering - // session tag. Department and department are not saved as separate tags, and - // the session tag passed in the request takes precedence over the role tag. - // - // Additionally, if you used temporary credentials to perform this operation, - // the new session inherits any transitive session tags from the calling session. - // If you pass a session tag with the same key as an inherited tag, the operation - // fails. To view the inherited tags for a session, see the CloudTrail logs. - // For more information, see Viewing Session Tags in CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_ctlogs) - // in the IAM User Guide. - Tags []*Tag `type:"list"` - - // The value provided by the MFA device, if the trust policy of the role being - // assumed requires MFA. (In other words, if the policy includes a condition - // that tests for MFA). If the role being assumed requires MFA and if the TokenCode - // value is missing or expired, the AssumeRole call returns an "access denied" - // error. - // - // The format for this parameter, as described by its regex pattern, is a sequence - // of six numeric digits. - TokenCode *string `min:"6" type:"string"` - - // A list of keys for session tags that you want to set as transitive. If you - // set a tag key as transitive, the corresponding key and value passes to subsequent - // sessions in a role chain. For more information, see Chaining Roles with Session - // Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) - // in the IAM User Guide. - // - // This parameter is optional. When you set session tags as transitive, the - // session policy and session tags packed binary limit is not affected. - // - // If you choose not to specify a transitive tag key, then no tags are passed - // from this session to any subsequent sessions. - TransitiveTagKeys []*string `type:"list"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *AssumeRoleInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AssumeRoleInput"} - if s.DurationSeconds != nil && *s.DurationSeconds < 900 { - invalidParams.Add(request.NewErrParamMinValue("DurationSeconds", 900)) - } - if s.ExternalId != nil && len(*s.ExternalId) < 2 { - invalidParams.Add(request.NewErrParamMinLen("ExternalId", 2)) - } - if s.Policy != nil && len(*s.Policy) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Policy", 1)) - } - if s.RoleArn == nil { - invalidParams.Add(request.NewErrParamRequired("RoleArn")) - } - if s.RoleArn != nil && len(*s.RoleArn) < 20 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20)) - } - if s.RoleSessionName == nil { - invalidParams.Add(request.NewErrParamRequired("RoleSessionName")) - } - if s.RoleSessionName != nil && len(*s.RoleSessionName) < 2 { - invalidParams.Add(request.NewErrParamMinLen("RoleSessionName", 2)) - } - if s.SerialNumber != nil && len(*s.SerialNumber) < 9 { - invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9)) - } - if s.SourceIdentity != nil && len(*s.SourceIdentity) < 2 { - invalidParams.Add(request.NewErrParamMinLen("SourceIdentity", 2)) - } - if s.TokenCode != nil && len(*s.TokenCode) < 6 { - invalidParams.Add(request.NewErrParamMinLen("TokenCode", 6)) - } - if s.PolicyArns != nil { - for i, v := range s.PolicyArns { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PolicyArns", i), err.(request.ErrInvalidParams)) - } - } - } - if s.ProvidedContexts != nil { - for i, v := range s.ProvidedContexts { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ProvidedContexts", i), err.(request.ErrInvalidParams)) - } - } - } - if s.Tags != nil { - for i, v := range s.Tags { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetDurationSeconds sets the DurationSeconds field's value. -func (s *AssumeRoleInput) SetDurationSeconds(v int64) *AssumeRoleInput { - s.DurationSeconds = &v - return s -} - -// SetExternalId sets the ExternalId field's value. -func (s *AssumeRoleInput) SetExternalId(v string) *AssumeRoleInput { - s.ExternalId = &v - return s -} - -// SetPolicy sets the Policy field's value. -func (s *AssumeRoleInput) SetPolicy(v string) *AssumeRoleInput { - s.Policy = &v - return s -} - -// SetPolicyArns sets the PolicyArns field's value. -func (s *AssumeRoleInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleInput { - s.PolicyArns = v - return s -} - -// SetProvidedContexts sets the ProvidedContexts field's value. -func (s *AssumeRoleInput) SetProvidedContexts(v []*ProvidedContext) *AssumeRoleInput { - s.ProvidedContexts = v - return s -} - -// SetRoleArn sets the RoleArn field's value. -func (s *AssumeRoleInput) SetRoleArn(v string) *AssumeRoleInput { - s.RoleArn = &v - return s -} - -// SetRoleSessionName sets the RoleSessionName field's value. -func (s *AssumeRoleInput) SetRoleSessionName(v string) *AssumeRoleInput { - s.RoleSessionName = &v - return s -} - -// SetSerialNumber sets the SerialNumber field's value. -func (s *AssumeRoleInput) SetSerialNumber(v string) *AssumeRoleInput { - s.SerialNumber = &v - return s -} - -// SetSourceIdentity sets the SourceIdentity field's value. -func (s *AssumeRoleInput) SetSourceIdentity(v string) *AssumeRoleInput { - s.SourceIdentity = &v - return s -} - -// SetTags sets the Tags field's value. -func (s *AssumeRoleInput) SetTags(v []*Tag) *AssumeRoleInput { - s.Tags = v - return s -} - -// SetTokenCode sets the TokenCode field's value. -func (s *AssumeRoleInput) SetTokenCode(v string) *AssumeRoleInput { - s.TokenCode = &v - return s -} - -// SetTransitiveTagKeys sets the TransitiveTagKeys field's value. -func (s *AssumeRoleInput) SetTransitiveTagKeys(v []*string) *AssumeRoleInput { - s.TransitiveTagKeys = v - return s -} - -// Contains the response to a successful AssumeRole request, including temporary -// Amazon Web Services credentials that can be used to make Amazon Web Services -// requests. -type AssumeRoleOutput struct { - _ struct{} `type:"structure"` - - // The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers - // that you can use to refer to the resulting temporary security credentials. - // For example, you can reference these credentials as a principal in a resource-based - // policy by using the ARN or assumed role ID. The ARN and ID include the RoleSessionName - // that you specified when you called AssumeRole. - AssumedRoleUser *AssumedRoleUser `type:"structure"` - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security (or session) token. - // - // The size of the security token that STS API operations return is not fixed. - // We strongly recommend that you make no assumptions about the maximum size. - Credentials *Credentials `type:"structure"` - - // A percentage value that indicates the packed size of the session policies - // and session tags combined passed in the request. The request fails if the - // packed size is greater than 100 percent, which means the policies and tags - // exceeded the allowed space. - PackedPolicySize *int64 `type:"integer"` - - // The source identity specified by the principal that is calling the AssumeRole - // operation. - // - // You can require users to specify a source identity when they assume a role. - // You do this by using the sts:SourceIdentity condition key in a role trust - // policy. You can use source identity information in CloudTrail logs to determine - // who took actions with a role. You can use the aws:SourceIdentity condition - // key to further control access to Amazon Web Services resources based on the - // value of source identity. For more information about using source identity, - // see Monitor and control actions taken with assumed roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) - // in the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@- - SourceIdentity *string `min:"2" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleOutput) GoString() string { - return s.String() -} - -// SetAssumedRoleUser sets the AssumedRoleUser field's value. -func (s *AssumeRoleOutput) SetAssumedRoleUser(v *AssumedRoleUser) *AssumeRoleOutput { - s.AssumedRoleUser = v - return s -} - -// SetCredentials sets the Credentials field's value. -func (s *AssumeRoleOutput) SetCredentials(v *Credentials) *AssumeRoleOutput { - s.Credentials = v - return s -} - -// SetPackedPolicySize sets the PackedPolicySize field's value. -func (s *AssumeRoleOutput) SetPackedPolicySize(v int64) *AssumeRoleOutput { - s.PackedPolicySize = &v - return s -} - -// SetSourceIdentity sets the SourceIdentity field's value. -func (s *AssumeRoleOutput) SetSourceIdentity(v string) *AssumeRoleOutput { - s.SourceIdentity = &v - return s -} - -type AssumeRoleWithSAMLInput struct { - _ struct{} `type:"structure"` - - // The duration, in seconds, of the role session. Your role session lasts for - // the duration that you specify for the DurationSeconds parameter, or until - // the time specified in the SAML authentication response's SessionNotOnOrAfter - // value, whichever is shorter. You can provide a DurationSeconds value from - // 900 seconds (15 minutes) up to the maximum session duration setting for the - // role. This setting can have a value from 1 hour to 12 hours. If you specify - // a value higher than this setting, the operation fails. For example, if you - // specify a session duration of 12 hours, but your administrator set the maximum - // session duration to 6 hours, your operation fails. To learn how to view the - // maximum value for your role, see View the Maximum Session Duration Setting - // for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) - // in the IAM User Guide. - // - // By default, the value is set to 3600 seconds. - // - // The DurationSeconds parameter is separate from the duration of a console - // session that you might request using the returned credentials. The request - // to the federation endpoint for a console sign-in token takes a SessionDuration - // parameter that specifies the maximum length of the console session. For more - // information, see Creating a URL that Enables Federated Users to Access the - // Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) - // in the IAM User Guide. - DurationSeconds *int64 `min:"900" type:"integer"` - - // An IAM policy in JSON format that you want to use as an inline session policy. - // - // This parameter is optional. Passing policies to this operation returns new - // temporary credentials. The resulting session's permissions are the intersection - // of the role's identity-based policy and the session policies. You can use - // the role's temporary credentials in subsequent Amazon Web Services API calls - // to access resources in the account that owns the role. You cannot use session - // policies to grant more permissions than those allowed by the identity-based - // policy of the role that is being assumed. For more information, see Session - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - // - // The plaintext that you use for both inline and managed session policies can't - // exceed 2,048 characters. The JSON policy characters can be any ASCII character - // from the space character to the end of the valid character list (\u0020 through - // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage - // return (\u000D) characters. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - Policy *string `min:"1" type:"string"` - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you want - // to use as managed session policies. The policies must exist in the same account - // as the role. - // - // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plaintext that you use for both inline and managed session policies - // can't exceed 2,048 characters. For more information about ARNs, see Amazon - // Resource Names (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the Amazon Web Services General Reference. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - // - // Passing policies to this operation returns new temporary credentials. The - // resulting session's permissions are the intersection of the role's identity-based - // policy and the session policies. You can use the role's temporary credentials - // in subsequent Amazon Web Services API calls to access resources in the account - // that owns the role. You cannot use session policies to grant more permissions - // than those allowed by the identity-based policy of the role that is being - // assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - PolicyArns []*PolicyDescriptorType `type:"list"` - - // The Amazon Resource Name (ARN) of the SAML provider in IAM that describes - // the IdP. - // - // PrincipalArn is a required field - PrincipalArn *string `min:"20" type:"string" required:"true"` - - // The Amazon Resource Name (ARN) of the role that the caller is assuming. - // - // RoleArn is a required field - RoleArn *string `min:"20" type:"string" required:"true"` - - // The base64 encoded SAML authentication response provided by the IdP. - // - // For more information, see Configuring a Relying Party and Adding Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html) - // in the IAM User Guide. - // - // SAMLAssertion is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by AssumeRoleWithSAMLInput's - // String and GoString methods. - // - // SAMLAssertion is a required field - SAMLAssertion *string `min:"4" type:"string" required:"true" sensitive:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleWithSAMLInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleWithSAMLInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *AssumeRoleWithSAMLInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AssumeRoleWithSAMLInput"} - if s.DurationSeconds != nil && *s.DurationSeconds < 900 { - invalidParams.Add(request.NewErrParamMinValue("DurationSeconds", 900)) - } - if s.Policy != nil && len(*s.Policy) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Policy", 1)) - } - if s.PrincipalArn == nil { - invalidParams.Add(request.NewErrParamRequired("PrincipalArn")) - } - if s.PrincipalArn != nil && len(*s.PrincipalArn) < 20 { - invalidParams.Add(request.NewErrParamMinLen("PrincipalArn", 20)) - } - if s.RoleArn == nil { - invalidParams.Add(request.NewErrParamRequired("RoleArn")) - } - if s.RoleArn != nil && len(*s.RoleArn) < 20 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20)) - } - if s.SAMLAssertion == nil { - invalidParams.Add(request.NewErrParamRequired("SAMLAssertion")) - } - if s.SAMLAssertion != nil && len(*s.SAMLAssertion) < 4 { - invalidParams.Add(request.NewErrParamMinLen("SAMLAssertion", 4)) - } - if s.PolicyArns != nil { - for i, v := range s.PolicyArns { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PolicyArns", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetDurationSeconds sets the DurationSeconds field's value. -func (s *AssumeRoleWithSAMLInput) SetDurationSeconds(v int64) *AssumeRoleWithSAMLInput { - s.DurationSeconds = &v - return s -} - -// SetPolicy sets the Policy field's value. -func (s *AssumeRoleWithSAMLInput) SetPolicy(v string) *AssumeRoleWithSAMLInput { - s.Policy = &v - return s -} - -// SetPolicyArns sets the PolicyArns field's value. -func (s *AssumeRoleWithSAMLInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleWithSAMLInput { - s.PolicyArns = v - return s -} - -// SetPrincipalArn sets the PrincipalArn field's value. -func (s *AssumeRoleWithSAMLInput) SetPrincipalArn(v string) *AssumeRoleWithSAMLInput { - s.PrincipalArn = &v - return s -} - -// SetRoleArn sets the RoleArn field's value. -func (s *AssumeRoleWithSAMLInput) SetRoleArn(v string) *AssumeRoleWithSAMLInput { - s.RoleArn = &v - return s -} - -// SetSAMLAssertion sets the SAMLAssertion field's value. -func (s *AssumeRoleWithSAMLInput) SetSAMLAssertion(v string) *AssumeRoleWithSAMLInput { - s.SAMLAssertion = &v - return s -} - -// Contains the response to a successful AssumeRoleWithSAML request, including -// temporary Amazon Web Services credentials that can be used to make Amazon -// Web Services requests. -type AssumeRoleWithSAMLOutput struct { - _ struct{} `type:"structure"` - - // The identifiers for the temporary security credentials that the operation - // returns. - AssumedRoleUser *AssumedRoleUser `type:"structure"` - - // The value of the Recipient attribute of the SubjectConfirmationData element - // of the SAML assertion. - Audience *string `type:"string"` - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security (or session) token. - // - // The size of the security token that STS API operations return is not fixed. - // We strongly recommend that you make no assumptions about the maximum size. - Credentials *Credentials `type:"structure"` - - // The value of the Issuer element of the SAML assertion. - Issuer *string `type:"string"` - - // A hash value based on the concatenation of the following: - // - // * The Issuer response value. - // - // * The Amazon Web Services account ID. - // - // * The friendly name (the last part of the ARN) of the SAML provider in - // IAM. - // - // The combination of NameQualifier and Subject can be used to uniquely identify - // a user. - // - // The following pseudocode shows how the hash value is calculated: - // - // BASE64 ( SHA1 ( "https://example.com/saml" + "123456789012" + "/MySAMLIdP" - // ) ) - NameQualifier *string `type:"string"` - - // A percentage value that indicates the packed size of the session policies - // and session tags combined passed in the request. The request fails if the - // packed size is greater than 100 percent, which means the policies and tags - // exceeded the allowed space. - PackedPolicySize *int64 `type:"integer"` - - // The value in the SourceIdentity attribute in the SAML assertion. - // - // You can require users to set a source identity value when they assume a role. - // You do this by using the sts:SourceIdentity condition key in a role trust - // policy. That way, actions that are taken with the role are associated with - // that user. After the source identity is set, the value cannot be changed. - // It is present in the request for all actions that are taken by the role and - // persists across chained role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining) - // sessions. You can configure your SAML identity provider to use an attribute - // associated with your users, like user name or email, as the source identity - // when calling AssumeRoleWithSAML. You do this by adding an attribute to the - // SAML assertion. For more information about using source identity, see Monitor - // and control actions taken with assumed roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) - // in the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@- - SourceIdentity *string `min:"2" type:"string"` - - // The value of the NameID element in the Subject element of the SAML assertion. - Subject *string `type:"string"` - - // The format of the name ID, as defined by the Format attribute in the NameID - // element of the SAML assertion. Typical examples of the format are transient - // or persistent. - // - // If the format includes the prefix urn:oasis:names:tc:SAML:2.0:nameid-format, - // that prefix is removed. For example, urn:oasis:names:tc:SAML:2.0:nameid-format:transient - // is returned as transient. If the format includes any other prefix, the format - // is returned with no modifications. - SubjectType *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleWithSAMLOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleWithSAMLOutput) GoString() string { - return s.String() -} - -// SetAssumedRoleUser sets the AssumedRoleUser field's value. -func (s *AssumeRoleWithSAMLOutput) SetAssumedRoleUser(v *AssumedRoleUser) *AssumeRoleWithSAMLOutput { - s.AssumedRoleUser = v - return s -} - -// SetAudience sets the Audience field's value. -func (s *AssumeRoleWithSAMLOutput) SetAudience(v string) *AssumeRoleWithSAMLOutput { - s.Audience = &v - return s -} - -// SetCredentials sets the Credentials field's value. -func (s *AssumeRoleWithSAMLOutput) SetCredentials(v *Credentials) *AssumeRoleWithSAMLOutput { - s.Credentials = v - return s -} - -// SetIssuer sets the Issuer field's value. -func (s *AssumeRoleWithSAMLOutput) SetIssuer(v string) *AssumeRoleWithSAMLOutput { - s.Issuer = &v - return s -} - -// SetNameQualifier sets the NameQualifier field's value. -func (s *AssumeRoleWithSAMLOutput) SetNameQualifier(v string) *AssumeRoleWithSAMLOutput { - s.NameQualifier = &v - return s -} - -// SetPackedPolicySize sets the PackedPolicySize field's value. -func (s *AssumeRoleWithSAMLOutput) SetPackedPolicySize(v int64) *AssumeRoleWithSAMLOutput { - s.PackedPolicySize = &v - return s -} - -// SetSourceIdentity sets the SourceIdentity field's value. -func (s *AssumeRoleWithSAMLOutput) SetSourceIdentity(v string) *AssumeRoleWithSAMLOutput { - s.SourceIdentity = &v - return s -} - -// SetSubject sets the Subject field's value. -func (s *AssumeRoleWithSAMLOutput) SetSubject(v string) *AssumeRoleWithSAMLOutput { - s.Subject = &v - return s -} - -// SetSubjectType sets the SubjectType field's value. -func (s *AssumeRoleWithSAMLOutput) SetSubjectType(v string) *AssumeRoleWithSAMLOutput { - s.SubjectType = &v - return s -} - -type AssumeRoleWithWebIdentityInput struct { - _ struct{} `type:"structure"` - - // The duration, in seconds, of the role session. The value can range from 900 - // seconds (15 minutes) up to the maximum session duration setting for the role. - // This setting can have a value from 1 hour to 12 hours. If you specify a value - // higher than this setting, the operation fails. For example, if you specify - // a session duration of 12 hours, but your administrator set the maximum session - // duration to 6 hours, your operation fails. To learn how to view the maximum - // value for your role, see View the Maximum Session Duration Setting for a - // Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) - // in the IAM User Guide. - // - // By default, the value is set to 3600 seconds. - // - // The DurationSeconds parameter is separate from the duration of a console - // session that you might request using the returned credentials. The request - // to the federation endpoint for a console sign-in token takes a SessionDuration - // parameter that specifies the maximum length of the console session. For more - // information, see Creating a URL that Enables Federated Users to Access the - // Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) - // in the IAM User Guide. - DurationSeconds *int64 `min:"900" type:"integer"` - - // An IAM policy in JSON format that you want to use as an inline session policy. - // - // This parameter is optional. Passing policies to this operation returns new - // temporary credentials. The resulting session's permissions are the intersection - // of the role's identity-based policy and the session policies. You can use - // the role's temporary credentials in subsequent Amazon Web Services API calls - // to access resources in the account that owns the role. You cannot use session - // policies to grant more permissions than those allowed by the identity-based - // policy of the role that is being assumed. For more information, see Session - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - // - // The plaintext that you use for both inline and managed session policies can't - // exceed 2,048 characters. The JSON policy characters can be any ASCII character - // from the space character to the end of the valid character list (\u0020 through - // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage - // return (\u000D) characters. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - Policy *string `min:"1" type:"string"` - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you want - // to use as managed session policies. The policies must exist in the same account - // as the role. - // - // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plaintext that you use for both inline and managed session policies - // can't exceed 2,048 characters. For more information about ARNs, see Amazon - // Resource Names (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the Amazon Web Services General Reference. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - // - // Passing policies to this operation returns new temporary credentials. The - // resulting session's permissions are the intersection of the role's identity-based - // policy and the session policies. You can use the role's temporary credentials - // in subsequent Amazon Web Services API calls to access resources in the account - // that owns the role. You cannot use session policies to grant more permissions - // than those allowed by the identity-based policy of the role that is being - // assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - PolicyArns []*PolicyDescriptorType `type:"list"` - - // The fully qualified host component of the domain name of the OAuth 2.0 identity - // provider. Do not specify this value for an OpenID Connect identity provider. - // - // Currently www.amazon.com and graph.facebook.com are the only supported identity - // providers for OAuth 2.0 access tokens. Do not include URL schemes and port - // numbers. - // - // Do not specify this value for OpenID Connect ID tokens. - ProviderId *string `min:"4" type:"string"` - - // The Amazon Resource Name (ARN) of the role that the caller is assuming. - // - // RoleArn is a required field - RoleArn *string `min:"20" type:"string" required:"true"` - - // An identifier for the assumed role session. Typically, you pass the name - // or identifier that is associated with the user who is using your application. - // That way, the temporary security credentials that your application will use - // are associated with that user. This session name is included as part of the - // ARN and assumed role ID in the AssumedRoleUser response element. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@- - // - // RoleSessionName is a required field - RoleSessionName *string `min:"2" type:"string" required:"true"` - - // The OAuth 2.0 access token or OpenID Connect ID token that is provided by - // the identity provider. Your application must get this token by authenticating - // the user who is using your application with a web identity provider before - // the application makes an AssumeRoleWithWebIdentity call. Only tokens with - // RSA algorithms (RS256) are supported. - // - // WebIdentityToken is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by AssumeRoleWithWebIdentityInput's - // String and GoString methods. - // - // WebIdentityToken is a required field - WebIdentityToken *string `min:"4" type:"string" required:"true" sensitive:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleWithWebIdentityInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleWithWebIdentityInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *AssumeRoleWithWebIdentityInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AssumeRoleWithWebIdentityInput"} - if s.DurationSeconds != nil && *s.DurationSeconds < 900 { - invalidParams.Add(request.NewErrParamMinValue("DurationSeconds", 900)) - } - if s.Policy != nil && len(*s.Policy) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Policy", 1)) - } - if s.ProviderId != nil && len(*s.ProviderId) < 4 { - invalidParams.Add(request.NewErrParamMinLen("ProviderId", 4)) - } - if s.RoleArn == nil { - invalidParams.Add(request.NewErrParamRequired("RoleArn")) - } - if s.RoleArn != nil && len(*s.RoleArn) < 20 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 20)) - } - if s.RoleSessionName == nil { - invalidParams.Add(request.NewErrParamRequired("RoleSessionName")) - } - if s.RoleSessionName != nil && len(*s.RoleSessionName) < 2 { - invalidParams.Add(request.NewErrParamMinLen("RoleSessionName", 2)) - } - if s.WebIdentityToken == nil { - invalidParams.Add(request.NewErrParamRequired("WebIdentityToken")) - } - if s.WebIdentityToken != nil && len(*s.WebIdentityToken) < 4 { - invalidParams.Add(request.NewErrParamMinLen("WebIdentityToken", 4)) - } - if s.PolicyArns != nil { - for i, v := range s.PolicyArns { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PolicyArns", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetDurationSeconds sets the DurationSeconds field's value. -func (s *AssumeRoleWithWebIdentityInput) SetDurationSeconds(v int64) *AssumeRoleWithWebIdentityInput { - s.DurationSeconds = &v - return s -} - -// SetPolicy sets the Policy field's value. -func (s *AssumeRoleWithWebIdentityInput) SetPolicy(v string) *AssumeRoleWithWebIdentityInput { - s.Policy = &v - return s -} - -// SetPolicyArns sets the PolicyArns field's value. -func (s *AssumeRoleWithWebIdentityInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleWithWebIdentityInput { - s.PolicyArns = v - return s -} - -// SetProviderId sets the ProviderId field's value. -func (s *AssumeRoleWithWebIdentityInput) SetProviderId(v string) *AssumeRoleWithWebIdentityInput { - s.ProviderId = &v - return s -} - -// SetRoleArn sets the RoleArn field's value. -func (s *AssumeRoleWithWebIdentityInput) SetRoleArn(v string) *AssumeRoleWithWebIdentityInput { - s.RoleArn = &v - return s -} - -// SetRoleSessionName sets the RoleSessionName field's value. -func (s *AssumeRoleWithWebIdentityInput) SetRoleSessionName(v string) *AssumeRoleWithWebIdentityInput { - s.RoleSessionName = &v - return s -} - -// SetWebIdentityToken sets the WebIdentityToken field's value. -func (s *AssumeRoleWithWebIdentityInput) SetWebIdentityToken(v string) *AssumeRoleWithWebIdentityInput { - s.WebIdentityToken = &v - return s -} - -// Contains the response to a successful AssumeRoleWithWebIdentity request, -// including temporary Amazon Web Services credentials that can be used to make -// Amazon Web Services requests. -type AssumeRoleWithWebIdentityOutput struct { - _ struct{} `type:"structure"` - - // The Amazon Resource Name (ARN) and the assumed role ID, which are identifiers - // that you can use to refer to the resulting temporary security credentials. - // For example, you can reference these credentials as a principal in a resource-based - // policy by using the ARN or assumed role ID. The ARN and ID include the RoleSessionName - // that you specified when you called AssumeRole. - AssumedRoleUser *AssumedRoleUser `type:"structure"` - - // The intended audience (also known as client ID) of the web identity token. - // This is traditionally the client identifier issued to the application that - // requested the web identity token. - Audience *string `type:"string"` - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security token. - // - // The size of the security token that STS API operations return is not fixed. - // We strongly recommend that you make no assumptions about the maximum size. - Credentials *Credentials `type:"structure"` - - // A percentage value that indicates the packed size of the session policies - // and session tags combined passed in the request. The request fails if the - // packed size is greater than 100 percent, which means the policies and tags - // exceeded the allowed space. - PackedPolicySize *int64 `type:"integer"` - - // The issuing authority of the web identity token presented. For OpenID Connect - // ID tokens, this contains the value of the iss field. For OAuth 2.0 access - // tokens, this contains the value of the ProviderId parameter that was passed - // in the AssumeRoleWithWebIdentity request. - Provider *string `type:"string"` - - // The value of the source identity that is returned in the JSON web token (JWT) - // from the identity provider. - // - // You can require users to set a source identity value when they assume a role. - // You do this by using the sts:SourceIdentity condition key in a role trust - // policy. That way, actions that are taken with the role are associated with - // that user. After the source identity is set, the value cannot be changed. - // It is present in the request for all actions that are taken by the role and - // persists across chained role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining) - // sessions. You can configure your identity provider to use an attribute associated - // with your users, like user name or email, as the source identity when calling - // AssumeRoleWithWebIdentity. You do this by adding a claim to the JSON web - // token. To learn more about OIDC tokens and claims, see Using Tokens with - // User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html) - // in the Amazon Cognito Developer Guide. For more information about using source - // identity, see Monitor and control actions taken with assumed roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) - // in the IAM User Guide. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@- - SourceIdentity *string `min:"2" type:"string"` - - // The unique user identifier that is returned by the identity provider. This - // identifier is associated with the WebIdentityToken that was submitted with - // the AssumeRoleWithWebIdentity call. The identifier is typically unique to - // the user and the application that acquired the WebIdentityToken (pairwise - // identifier). For OpenID Connect ID tokens, this field contains the value - // returned by the identity provider as the token's sub (Subject) claim. - SubjectFromWebIdentityToken *string `min:"6" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleWithWebIdentityOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumeRoleWithWebIdentityOutput) GoString() string { - return s.String() -} - -// SetAssumedRoleUser sets the AssumedRoleUser field's value. -func (s *AssumeRoleWithWebIdentityOutput) SetAssumedRoleUser(v *AssumedRoleUser) *AssumeRoleWithWebIdentityOutput { - s.AssumedRoleUser = v - return s -} - -// SetAudience sets the Audience field's value. -func (s *AssumeRoleWithWebIdentityOutput) SetAudience(v string) *AssumeRoleWithWebIdentityOutput { - s.Audience = &v - return s -} - -// SetCredentials sets the Credentials field's value. -func (s *AssumeRoleWithWebIdentityOutput) SetCredentials(v *Credentials) *AssumeRoleWithWebIdentityOutput { - s.Credentials = v - return s -} - -// SetPackedPolicySize sets the PackedPolicySize field's value. -func (s *AssumeRoleWithWebIdentityOutput) SetPackedPolicySize(v int64) *AssumeRoleWithWebIdentityOutput { - s.PackedPolicySize = &v - return s -} - -// SetProvider sets the Provider field's value. -func (s *AssumeRoleWithWebIdentityOutput) SetProvider(v string) *AssumeRoleWithWebIdentityOutput { - s.Provider = &v - return s -} - -// SetSourceIdentity sets the SourceIdentity field's value. -func (s *AssumeRoleWithWebIdentityOutput) SetSourceIdentity(v string) *AssumeRoleWithWebIdentityOutput { - s.SourceIdentity = &v - return s -} - -// SetSubjectFromWebIdentityToken sets the SubjectFromWebIdentityToken field's value. -func (s *AssumeRoleWithWebIdentityOutput) SetSubjectFromWebIdentityToken(v string) *AssumeRoleWithWebIdentityOutput { - s.SubjectFromWebIdentityToken = &v - return s -} - -// The identifiers for the temporary security credentials that the operation -// returns. -type AssumedRoleUser struct { - _ struct{} `type:"structure"` - - // The ARN of the temporary security credentials that are returned from the - // AssumeRole action. For more information about ARNs and how to use them in - // policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) - // in the IAM User Guide. - // - // Arn is a required field - Arn *string `min:"20" type:"string" required:"true"` - - // A unique identifier that contains the role ID and the role session name of - // the role that is being assumed. The role ID is generated by Amazon Web Services - // when the role is created. - // - // AssumedRoleId is a required field - AssumedRoleId *string `min:"2" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumedRoleUser) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssumedRoleUser) GoString() string { - return s.String() -} - -// SetArn sets the Arn field's value. -func (s *AssumedRoleUser) SetArn(v string) *AssumedRoleUser { - s.Arn = &v - return s -} - -// SetAssumedRoleId sets the AssumedRoleId field's value. -func (s *AssumedRoleUser) SetAssumedRoleId(v string) *AssumedRoleUser { - s.AssumedRoleId = &v - return s -} - -// Amazon Web Services credentials for API authentication. -type Credentials struct { - _ struct{} `type:"structure"` - - // The access key ID that identifies the temporary security credentials. - // - // AccessKeyId is a required field - AccessKeyId *string `min:"16" type:"string" required:"true"` - - // The date on which the current credentials expire. - // - // Expiration is a required field - Expiration *time.Time `type:"timestamp" required:"true"` - - // The secret access key that can be used to sign requests. - // - // SecretAccessKey is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by Credentials's - // String and GoString methods. - // - // SecretAccessKey is a required field - SecretAccessKey *string `type:"string" required:"true" sensitive:"true"` - - // The token that users must pass to the service API to use the temporary credentials. - // - // SessionToken is a required field - SessionToken *string `type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Credentials) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Credentials) GoString() string { - return s.String() -} - -// SetAccessKeyId sets the AccessKeyId field's value. -func (s *Credentials) SetAccessKeyId(v string) *Credentials { - s.AccessKeyId = &v - return s -} - -// SetExpiration sets the Expiration field's value. -func (s *Credentials) SetExpiration(v time.Time) *Credentials { - s.Expiration = &v - return s -} - -// SetSecretAccessKey sets the SecretAccessKey field's value. -func (s *Credentials) SetSecretAccessKey(v string) *Credentials { - s.SecretAccessKey = &v - return s -} - -// SetSessionToken sets the SessionToken field's value. -func (s *Credentials) SetSessionToken(v string) *Credentials { - s.SessionToken = &v - return s -} - -type DecodeAuthorizationMessageInput struct { - _ struct{} `type:"structure"` - - // The encoded message that was returned with the response. - // - // EncodedMessage is a required field - EncodedMessage *string `min:"1" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DecodeAuthorizationMessageInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DecodeAuthorizationMessageInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DecodeAuthorizationMessageInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DecodeAuthorizationMessageInput"} - if s.EncodedMessage == nil { - invalidParams.Add(request.NewErrParamRequired("EncodedMessage")) - } - if s.EncodedMessage != nil && len(*s.EncodedMessage) < 1 { - invalidParams.Add(request.NewErrParamMinLen("EncodedMessage", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetEncodedMessage sets the EncodedMessage field's value. -func (s *DecodeAuthorizationMessageInput) SetEncodedMessage(v string) *DecodeAuthorizationMessageInput { - s.EncodedMessage = &v - return s -} - -// A document that contains additional information about the authorization status -// of a request from an encoded message that is returned in response to an Amazon -// Web Services request. -type DecodeAuthorizationMessageOutput struct { - _ struct{} `type:"structure"` - - // The API returns a response with the decoded message. - DecodedMessage *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DecodeAuthorizationMessageOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DecodeAuthorizationMessageOutput) GoString() string { - return s.String() -} - -// SetDecodedMessage sets the DecodedMessage field's value. -func (s *DecodeAuthorizationMessageOutput) SetDecodedMessage(v string) *DecodeAuthorizationMessageOutput { - s.DecodedMessage = &v - return s -} - -// Identifiers for the federated user that is associated with the credentials. -type FederatedUser struct { - _ struct{} `type:"structure"` - - // The ARN that specifies the federated user that is associated with the credentials. - // For more information about ARNs and how to use them in policies, see IAM - // Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) - // in the IAM User Guide. - // - // Arn is a required field - Arn *string `min:"20" type:"string" required:"true"` - - // The string that identifies the federated user associated with the credentials, - // similar to the unique ID of an IAM user. - // - // FederatedUserId is a required field - FederatedUserId *string `min:"2" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s FederatedUser) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s FederatedUser) GoString() string { - return s.String() -} - -// SetArn sets the Arn field's value. -func (s *FederatedUser) SetArn(v string) *FederatedUser { - s.Arn = &v - return s -} - -// SetFederatedUserId sets the FederatedUserId field's value. -func (s *FederatedUser) SetFederatedUserId(v string) *FederatedUser { - s.FederatedUserId = &v - return s -} - -type GetAccessKeyInfoInput struct { - _ struct{} `type:"structure"` - - // The identifier of an access key. - // - // This parameter allows (through its regex pattern) a string of characters - // that can consist of any upper- or lowercase letter or digit. - // - // AccessKeyId is a required field - AccessKeyId *string `min:"16" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetAccessKeyInfoInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetAccessKeyInfoInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetAccessKeyInfoInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetAccessKeyInfoInput"} - if s.AccessKeyId == nil { - invalidParams.Add(request.NewErrParamRequired("AccessKeyId")) - } - if s.AccessKeyId != nil && len(*s.AccessKeyId) < 16 { - invalidParams.Add(request.NewErrParamMinLen("AccessKeyId", 16)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetAccessKeyId sets the AccessKeyId field's value. -func (s *GetAccessKeyInfoInput) SetAccessKeyId(v string) *GetAccessKeyInfoInput { - s.AccessKeyId = &v - return s -} - -type GetAccessKeyInfoOutput struct { - _ struct{} `type:"structure"` - - // The number used to identify the Amazon Web Services account. - Account *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetAccessKeyInfoOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetAccessKeyInfoOutput) GoString() string { - return s.String() -} - -// SetAccount sets the Account field's value. -func (s *GetAccessKeyInfoOutput) SetAccount(v string) *GetAccessKeyInfoOutput { - s.Account = &v - return s -} - -type GetCallerIdentityInput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetCallerIdentityInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetCallerIdentityInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetCallerIdentity request, including -// information about the entity making the request. -type GetCallerIdentityOutput struct { - _ struct{} `type:"structure"` - - // The Amazon Web Services account ID number of the account that owns or contains - // the calling entity. - Account *string `type:"string"` - - // The Amazon Web Services ARN associated with the calling entity. - Arn *string `min:"20" type:"string"` - - // The unique identifier of the calling entity. The exact value depends on the - // type of entity that is making the call. The values returned are those listed - // in the aws:userid column in the Principal table (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_variables.html#principaltable) - // found on the Policy Variables reference page in the IAM User Guide. - UserId *string `type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetCallerIdentityOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetCallerIdentityOutput) GoString() string { - return s.String() -} - -// SetAccount sets the Account field's value. -func (s *GetCallerIdentityOutput) SetAccount(v string) *GetCallerIdentityOutput { - s.Account = &v - return s -} - -// SetArn sets the Arn field's value. -func (s *GetCallerIdentityOutput) SetArn(v string) *GetCallerIdentityOutput { - s.Arn = &v - return s -} - -// SetUserId sets the UserId field's value. -func (s *GetCallerIdentityOutput) SetUserId(v string) *GetCallerIdentityOutput { - s.UserId = &v - return s -} - -type GetFederationTokenInput struct { - _ struct{} `type:"structure"` - - // The duration, in seconds, that the session should last. Acceptable durations - // for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds - // (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained - // using root user credentials are restricted to a maximum of 3,600 seconds - // (one hour). If the specified duration is longer than one hour, the session - // obtained by using root user credentials defaults to one hour. - DurationSeconds *int64 `min:"900" type:"integer"` - - // The name of the federated user. The name is used as an identifier for the - // temporary security credentials (such as Bob). For example, you can reference - // the federated user name in a resource-based policy, such as in an Amazon - // S3 bucket policy. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@- - // - // Name is a required field - Name *string `min:"2" type:"string" required:"true"` - - // An IAM policy in JSON format that you want to use as an inline session policy. - // - // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // to this operation. You can pass a single JSON policy document to use as an - // inline session policy. You can also specify up to 10 managed policy Amazon - // Resource Names (ARNs) to use as managed session policies. - // - // This parameter is optional. However, if you do not pass any session policies, - // then the resulting federated user session has no permissions. - // - // When you pass session policies, the session permissions are the intersection - // of the IAM user policies and the session policies that you pass. This gives - // you a way to further restrict the permissions for a federated user. You cannot - // use session policies to grant more permissions than those that are defined - // in the permissions policy of the IAM user. For more information, see Session - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - // - // The resulting credentials can be used to access a resource that has a resource-based - // policy. If that policy specifically references the federated user session - // in the Principal element of the policy, the session has the permissions allowed - // by the policy. These permissions are granted in addition to the permissions - // that are granted by the session policies. - // - // The plaintext that you use for both inline and managed session policies can't - // exceed 2,048 characters. The JSON policy characters can be any ASCII character - // from the space character to the end of the valid character list (\u0020 through - // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage - // return (\u000D) characters. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - Policy *string `min:"1" type:"string"` - - // The Amazon Resource Names (ARNs) of the IAM managed policies that you want - // to use as a managed session policy. The policies must exist in the same account - // as the IAM user that is requesting federated access. - // - // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // to this operation. You can pass a single JSON policy document to use as an - // inline session policy. You can also specify up to 10 managed policy Amazon - // Resource Names (ARNs) to use as managed session policies. The plaintext that - // you use for both inline and managed session policies can't exceed 2,048 characters. - // You can provide up to 10 managed policy ARNs. For more information about - // ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces - // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the Amazon Web Services General Reference. - // - // This parameter is optional. However, if you do not pass any session policies, - // then the resulting federated user session has no permissions. - // - // When you pass session policies, the session permissions are the intersection - // of the IAM user policies and the session policies that you pass. This gives - // you a way to further restrict the permissions for a federated user. You cannot - // use session policies to grant more permissions than those that are defined - // in the permissions policy of the IAM user. For more information, see Session - // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) - // in the IAM User Guide. - // - // The resulting credentials can be used to access a resource that has a resource-based - // policy. If that policy specifically references the federated user session - // in the Principal element of the policy, the session has the permissions allowed - // by the policy. These permissions are granted in addition to the permissions - // that are granted by the session policies. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - PolicyArns []*PolicyDescriptorType `type:"list"` - - // A list of session tags. Each session tag consists of a key name and an associated - // value. For more information about session tags, see Passing Session Tags - // in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) - // in the IAM User Guide. - // - // This parameter is optional. You can pass up to 50 session tags. The plaintext - // session tag keys can’t exceed 128 characters and the values can’t exceed - // 256 characters. For these and additional limits, see IAM and STS Character - // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) - // in the IAM User Guide. - // - // An Amazon Web Services conversion compresses the passed inline session policy, - // managed policy ARNs, and session tags into a packed binary format that has - // a separate limit. Your request can fail for this limit even if your plaintext - // meets the other requirements. The PackedPolicySize response element indicates - // by percentage how close the policies and tags for your request are to the - // upper size limit. - // - // You can pass a session tag with the same key as a tag that is already attached - // to the user you are federating. When you do, session tags override a user - // tag with the same key. - // - // Tag key–value pairs are not case sensitive, but case is preserved. This - // means that you cannot have separate Department and department tag keys. Assume - // that the role has the Department=Marketing tag and you pass the department=engineering - // session tag. Department and department are not saved as separate tags, and - // the session tag passed in the request takes precedence over the role tag. - Tags []*Tag `type:"list"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetFederationTokenInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetFederationTokenInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetFederationTokenInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetFederationTokenInput"} - if s.DurationSeconds != nil && *s.DurationSeconds < 900 { - invalidParams.Add(request.NewErrParamMinValue("DurationSeconds", 900)) - } - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Name != nil && len(*s.Name) < 2 { - invalidParams.Add(request.NewErrParamMinLen("Name", 2)) - } - if s.Policy != nil && len(*s.Policy) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Policy", 1)) - } - if s.PolicyArns != nil { - for i, v := range s.PolicyArns { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "PolicyArns", i), err.(request.ErrInvalidParams)) - } - } - } - if s.Tags != nil { - for i, v := range s.Tags { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Tags", i), err.(request.ErrInvalidParams)) - } - } - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetDurationSeconds sets the DurationSeconds field's value. -func (s *GetFederationTokenInput) SetDurationSeconds(v int64) *GetFederationTokenInput { - s.DurationSeconds = &v - return s -} - -// SetName sets the Name field's value. -func (s *GetFederationTokenInput) SetName(v string) *GetFederationTokenInput { - s.Name = &v - return s -} - -// SetPolicy sets the Policy field's value. -func (s *GetFederationTokenInput) SetPolicy(v string) *GetFederationTokenInput { - s.Policy = &v - return s -} - -// SetPolicyArns sets the PolicyArns field's value. -func (s *GetFederationTokenInput) SetPolicyArns(v []*PolicyDescriptorType) *GetFederationTokenInput { - s.PolicyArns = v - return s -} - -// SetTags sets the Tags field's value. -func (s *GetFederationTokenInput) SetTags(v []*Tag) *GetFederationTokenInput { - s.Tags = v - return s -} - -// Contains the response to a successful GetFederationToken request, including -// temporary Amazon Web Services credentials that can be used to make Amazon -// Web Services requests. -type GetFederationTokenOutput struct { - _ struct{} `type:"structure"` - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security (or session) token. - // - // The size of the security token that STS API operations return is not fixed. - // We strongly recommend that you make no assumptions about the maximum size. - Credentials *Credentials `type:"structure"` - - // Identifiers for the federated user associated with the credentials (such - // as arn:aws:sts::123456789012:federated-user/Bob or 123456789012:Bob). You - // can use the federated user's ARN in your resource-based policies, such as - // an Amazon S3 bucket policy. - FederatedUser *FederatedUser `type:"structure"` - - // A percentage value that indicates the packed size of the session policies - // and session tags combined passed in the request. The request fails if the - // packed size is greater than 100 percent, which means the policies and tags - // exceeded the allowed space. - PackedPolicySize *int64 `type:"integer"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetFederationTokenOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetFederationTokenOutput) GoString() string { - return s.String() -} - -// SetCredentials sets the Credentials field's value. -func (s *GetFederationTokenOutput) SetCredentials(v *Credentials) *GetFederationTokenOutput { - s.Credentials = v - return s -} - -// SetFederatedUser sets the FederatedUser field's value. -func (s *GetFederationTokenOutput) SetFederatedUser(v *FederatedUser) *GetFederationTokenOutput { - s.FederatedUser = v - return s -} - -// SetPackedPolicySize sets the PackedPolicySize field's value. -func (s *GetFederationTokenOutput) SetPackedPolicySize(v int64) *GetFederationTokenOutput { - s.PackedPolicySize = &v - return s -} - -type GetSessionTokenInput struct { - _ struct{} `type:"structure"` - - // The duration, in seconds, that the credentials should remain valid. Acceptable - // durations for IAM user sessions range from 900 seconds (15 minutes) to 129,600 - // seconds (36 hours), with 43,200 seconds (12 hours) as the default. Sessions - // for Amazon Web Services account owners are restricted to a maximum of 3,600 - // seconds (one hour). If the duration is longer than one hour, the session - // for Amazon Web Services account owners defaults to one hour. - DurationSeconds *int64 `min:"900" type:"integer"` - - // The identification number of the MFA device that is associated with the IAM - // user who is making the GetSessionToken call. Specify this value if the IAM - // user has a policy that requires MFA authentication. The value is either the - // serial number for a hardware device (such as GAHT12345678) or an Amazon Resource - // Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user). - // You can find the device for an IAM user by going to the Amazon Web Services - // Management Console and viewing the user's security credentials. - // - // The regex used to validate this parameter is a string of characters consisting - // of upper- and lower-case alphanumeric characters with no spaces. You can - // also include underscores or any of the following characters: =,.@:/- - SerialNumber *string `min:"9" type:"string"` - - // The value provided by the MFA device, if MFA is required. If any policy requires - // the IAM user to submit an MFA code, specify this value. If MFA authentication - // is required, the user must provide a code when requesting a set of temporary - // security credentials. A user who fails to provide the code receives an "access - // denied" response when requesting resources that require MFA authentication. - // - // The format for this parameter, as described by its regex pattern, is a sequence - // of six numeric digits. - TokenCode *string `min:"6" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetSessionTokenInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetSessionTokenInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetSessionTokenInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetSessionTokenInput"} - if s.DurationSeconds != nil && *s.DurationSeconds < 900 { - invalidParams.Add(request.NewErrParamMinValue("DurationSeconds", 900)) - } - if s.SerialNumber != nil && len(*s.SerialNumber) < 9 { - invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9)) - } - if s.TokenCode != nil && len(*s.TokenCode) < 6 { - invalidParams.Add(request.NewErrParamMinLen("TokenCode", 6)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetDurationSeconds sets the DurationSeconds field's value. -func (s *GetSessionTokenInput) SetDurationSeconds(v int64) *GetSessionTokenInput { - s.DurationSeconds = &v - return s -} - -// SetSerialNumber sets the SerialNumber field's value. -func (s *GetSessionTokenInput) SetSerialNumber(v string) *GetSessionTokenInput { - s.SerialNumber = &v - return s -} - -// SetTokenCode sets the TokenCode field's value. -func (s *GetSessionTokenInput) SetTokenCode(v string) *GetSessionTokenInput { - s.TokenCode = &v - return s -} - -// Contains the response to a successful GetSessionToken request, including -// temporary Amazon Web Services credentials that can be used to make Amazon -// Web Services requests. -type GetSessionTokenOutput struct { - _ struct{} `type:"structure"` - - // The temporary security credentials, which include an access key ID, a secret - // access key, and a security (or session) token. - // - // The size of the security token that STS API operations return is not fixed. - // We strongly recommend that you make no assumptions about the maximum size. - Credentials *Credentials `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetSessionTokenOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetSessionTokenOutput) GoString() string { - return s.String() -} - -// SetCredentials sets the Credentials field's value. -func (s *GetSessionTokenOutput) SetCredentials(v *Credentials) *GetSessionTokenOutput { - s.Credentials = v - return s -} - -// A reference to the IAM managed policy that is passed as a session policy -// for a role session or a federated user session. -type PolicyDescriptorType struct { - _ struct{} `type:"structure"` - - // The Amazon Resource Name (ARN) of the IAM managed policy to use as a session - // policy for the role. For more information about ARNs, see Amazon Resource - // Names (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the Amazon Web Services General Reference. - Arn *string `locationName:"arn" min:"20" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s PolicyDescriptorType) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s PolicyDescriptorType) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *PolicyDescriptorType) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PolicyDescriptorType"} - if s.Arn != nil && len(*s.Arn) < 20 { - invalidParams.Add(request.NewErrParamMinLen("Arn", 20)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetArn sets the Arn field's value. -func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType { - s.Arn = &v - return s -} - -// Contains information about the provided context. This includes the signed -// and encrypted trusted context assertion and the context provider ARN from -// which the trusted context assertion was generated. -type ProvidedContext struct { - _ struct{} `type:"structure"` - - // The signed and encrypted trusted context assertion generated by the context - // provider. The trusted context assertion is signed and encrypted by Amazon - // Web Services STS. - ContextAssertion *string `min:"4" type:"string"` - - // The context provider ARN from which the trusted context assertion was generated. - ProviderArn *string `min:"20" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ProvidedContext) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ProvidedContext) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *ProvidedContext) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ProvidedContext"} - if s.ContextAssertion != nil && len(*s.ContextAssertion) < 4 { - invalidParams.Add(request.NewErrParamMinLen("ContextAssertion", 4)) - } - if s.ProviderArn != nil && len(*s.ProviderArn) < 20 { - invalidParams.Add(request.NewErrParamMinLen("ProviderArn", 20)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetContextAssertion sets the ContextAssertion field's value. -func (s *ProvidedContext) SetContextAssertion(v string) *ProvidedContext { - s.ContextAssertion = &v - return s -} - -// SetProviderArn sets the ProviderArn field's value. -func (s *ProvidedContext) SetProviderArn(v string) *ProvidedContext { - s.ProviderArn = &v - return s -} - -// You can pass custom key-value pair attributes when you assume a role or federate -// a user. These are called session tags. You can then use the session tags -// to control access to resources. For more information, see Tagging Amazon -// Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -type Tag struct { - _ struct{} `type:"structure"` - - // The key for a session tag. - // - // You can pass up to 50 session tags. The plain text session tag keys can’t - // exceed 128 characters. For these and additional limits, see IAM and STS Character - // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) - // in the IAM User Guide. - // - // Key is a required field - Key *string `min:"1" type:"string" required:"true"` - - // The value for a session tag. - // - // You can pass up to 50 session tags. The plain text session tag values can’t - // exceed 256 characters. For these and additional limits, see IAM and STS Character - // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) - // in the IAM User Guide. - // - // Value is a required field - Value *string `type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Tag) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Tag) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *Tag) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "Tag"} - if s.Key == nil { - invalidParams.Add(request.NewErrParamRequired("Key")) - } - if s.Key != nil && len(*s.Key) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Key", 1)) - } - if s.Value == nil { - invalidParams.Add(request.NewErrParamRequired("Value")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetKey sets the Key field's value. -func (s *Tag) SetKey(v string) *Tag { - s.Key = &v - return s -} - -// SetValue sets the Value field's value. -func (s *Tag) SetValue(v string) *Tag { - s.Value = &v - return s -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go b/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go deleted file mode 100644 index d5307fca..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/customizations.go +++ /dev/null @@ -1,11 +0,0 @@ -package sts - -import "github.com/aws/aws-sdk-go/aws/request" - -func init() { - initRequest = customizeRequest -} - -func customizeRequest(r *request.Request) { - r.RetryErrorCodes = append(r.RetryErrorCodes, ErrCodeIDPCommunicationErrorException) -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go b/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go deleted file mode 100644 index ea1d9eb0..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go +++ /dev/null @@ -1,31 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -// Package sts provides the client and types for making API -// requests to AWS Security Token Service. -// -// Security Token Service (STS) enables you to request temporary, limited-privilege -// credentials for users. This guide provides descriptions of the STS API. For -// more information about using this service, see Temporary Security Credentials -// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). -// -// See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service. -// -// See sts package documentation for more information. -// https://docs.aws.amazon.com/sdk-for-go/api/service/sts/ -// -// # Using the Client -// -// To contact AWS Security Token Service with the SDK use the New function to create -// a new service client. With that client you can make API requests to the service. -// These clients are safe to use concurrently. -// -// See the SDK's documentation for more information on how to use the SDK. -// https://docs.aws.amazon.com/sdk-for-go/api/ -// -// See aws.Config documentation for more information on configuring SDK clients. -// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config -// -// See the AWS Security Token Service client STS for more -// information on creating client for this service. -// https://docs.aws.amazon.com/sdk-for-go/api/service/sts/#New -package sts diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go b/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go deleted file mode 100644 index b680bbd5..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go +++ /dev/null @@ -1,84 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package sts - -const ( - - // ErrCodeExpiredTokenException for service response error code - // "ExpiredTokenException". - // - // The web identity token that was passed is expired or is not valid. Get a - // new identity token from the identity provider and then retry the request. - ErrCodeExpiredTokenException = "ExpiredTokenException" - - // ErrCodeIDPCommunicationErrorException for service response error code - // "IDPCommunicationError". - // - // The request could not be fulfilled because the identity provider (IDP) that - // was asked to verify the incoming identity token could not be reached. This - // is often a transient error caused by network conditions. Retry the request - // a limited number of times so that you don't exceed the request rate. If the - // error persists, the identity provider might be down or not responding. - ErrCodeIDPCommunicationErrorException = "IDPCommunicationError" - - // ErrCodeIDPRejectedClaimException for service response error code - // "IDPRejectedClaim". - // - // The identity provider (IdP) reported that authentication failed. This might - // be because the claim is invalid. - // - // If this error is returned for the AssumeRoleWithWebIdentity operation, it - // can also mean that the claim has expired or has been explicitly revoked. - ErrCodeIDPRejectedClaimException = "IDPRejectedClaim" - - // ErrCodeInvalidAuthorizationMessageException for service response error code - // "InvalidAuthorizationMessageException". - // - // The error returned if the message passed to DecodeAuthorizationMessage was - // invalid. This can happen if the token contains invalid characters, such as - // linebreaks. - ErrCodeInvalidAuthorizationMessageException = "InvalidAuthorizationMessageException" - - // ErrCodeInvalidIdentityTokenException for service response error code - // "InvalidIdentityToken". - // - // The web identity token that was passed could not be validated by Amazon Web - // Services. Get a new identity token from the identity provider and then retry - // the request. - ErrCodeInvalidIdentityTokenException = "InvalidIdentityToken" - - // ErrCodeMalformedPolicyDocumentException for service response error code - // "MalformedPolicyDocument". - // - // The request was rejected because the policy document was malformed. The error - // message describes the specific error. - ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocument" - - // ErrCodePackedPolicyTooLargeException for service response error code - // "PackedPolicyTooLarge". - // - // The request was rejected because the total packed size of the session policies - // and session tags combined was too large. An Amazon Web Services conversion - // compresses the session policy document, session policy ARNs, and session - // tags into a packed binary format that has a separate limit. The error message - // indicates by percentage how close the policies and tags are to the upper - // size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) - // in the IAM User Guide. - // - // You could receive this error even though you meet other defined session policy - // and session tag limits. For more information, see IAM and STS Entity Character - // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) - // in the IAM User Guide. - ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge" - - // ErrCodeRegionDisabledException for service response error code - // "RegionDisabledException". - // - // STS is not activated in the requested region for the account that is being - // asked to generate credentials. The account administrator must use the IAM - // console to activate STS in that region. For more information, see Activating - // and Deactivating Amazon Web Services STS in an Amazon Web Services Region - // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) - // in the IAM User Guide. - ErrCodeRegionDisabledException = "RegionDisabledException" -) diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/service.go b/vendor/github.com/aws/aws-sdk-go/service/sts/service.go deleted file mode 100644 index 12327d05..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/service.go +++ /dev/null @@ -1,104 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -package sts - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/aws/signer/v4" - "github.com/aws/aws-sdk-go/private/protocol/query" -) - -// STS provides the API operation methods for making requests to -// AWS Security Token Service. See this package's package overview docs -// for details on the service. -// -// STS methods are safe to use concurrently. It is not safe to -// modify mutate any of the struct's properties though. -type STS struct { - *client.Client -} - -// Used for custom client initialization logic -var initClient func(*client.Client) - -// Used for custom request initialization logic -var initRequest func(*request.Request) - -// Service information constants -const ( - ServiceName = "sts" // Name of service. - EndpointsID = ServiceName // ID to lookup a service endpoint with. - ServiceID = "STS" // ServiceID is a unique identifier of a specific service. -) - -// New creates a new instance of the STS client with a session. -// If additional configuration is needed for the client instance use the optional -// aws.Config parameter to add your extra config. -// -// Example: -// -// mySession := session.Must(session.NewSession()) -// -// // Create a STS client from just a session. -// svc := sts.New(mySession) -// -// // Create a STS client with additional configuration -// svc := sts.New(mySession, aws.NewConfig().WithRegion("us-west-2")) -func New(p client.ConfigProvider, cfgs ...*aws.Config) *STS { - c := p.ClientConfig(EndpointsID, cfgs...) - if c.SigningNameDerived || len(c.SigningName) == 0 { - c.SigningName = EndpointsID - // No Fallback - } - return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) -} - -// newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *STS { - svc := &STS{ - Client: client.New( - cfg, - metadata.ClientInfo{ - ServiceName: ServiceName, - ServiceID: ServiceID, - SigningName: signingName, - SigningRegion: signingRegion, - PartitionID: partitionID, - Endpoint: endpoint, - APIVersion: "2011-06-15", - ResolvedRegion: resolvedRegion, - }, - handlers, - ), - } - - // Handlers - svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) - svc.Handlers.Build.PushBackNamed(query.BuildHandler) - svc.Handlers.Unmarshal.PushBackNamed(query.UnmarshalHandler) - svc.Handlers.UnmarshalMeta.PushBackNamed(query.UnmarshalMetaHandler) - svc.Handlers.UnmarshalError.PushBackNamed(query.UnmarshalErrorHandler) - - // Run custom client initialization if present - if initClient != nil { - initClient(svc.Client) - } - - return svc -} - -// newRequest creates a new request for a STS operation and runs any -// custom request initialization. -func (c *STS) newRequest(op *request.Operation, params, data interface{}) *request.Request { - req := c.NewRequest(op, params, data) - - // Run custom request initialization if present - if initRequest != nil { - initRequest(req) - } - - return req -} diff --git a/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go b/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go deleted file mode 100644 index bf06b2e7..00000000 --- a/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go +++ /dev/null @@ -1,96 +0,0 @@ -// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. - -// Package stsiface provides an interface to enable mocking the AWS Security Token Service service client -// for testing your code. -// -// It is important to note that this interface will have breaking changes -// when the service model is updated and adds new API operations, paginators, -// and waiters. -package stsiface - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/sts" -) - -// STSAPI provides an interface to enable mocking the -// sts.STS service client's API operation, -// paginators, and waiters. This make unit testing your code that calls out -// to the SDK's service client's calls easier. -// -// The best way to use this interface is so the SDK's service client's calls -// can be stubbed out for unit testing your code with the SDK without needing -// to inject custom request handlers into the SDK's request pipeline. -// -// // myFunc uses an SDK service client to make a request to -// // AWS Security Token Service. -// func myFunc(svc stsiface.STSAPI) bool { -// // Make svc.AssumeRole request -// } -// -// func main() { -// sess := session.New() -// svc := sts.New(sess) -// -// myFunc(svc) -// } -// -// In your _test.go file: -// -// // Define a mock struct to be used in your unit tests of myFunc. -// type mockSTSClient struct { -// stsiface.STSAPI -// } -// func (m *mockSTSClient) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) { -// // mock response/functionality -// } -// -// func TestMyFunc(t *testing.T) { -// // Setup Test -// mockSvc := &mockSTSClient{} -// -// myfunc(mockSvc) -// -// // Verify myFunc's functionality -// } -// -// It is important to note that this interface will have breaking changes -// when the service model is updated and adds new API operations, paginators, -// and waiters. Its suggested to use the pattern above for testing, or using -// tooling to generate mocks to satisfy the interfaces. -type STSAPI interface { - AssumeRole(*sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) - AssumeRoleWithContext(aws.Context, *sts.AssumeRoleInput, ...request.Option) (*sts.AssumeRoleOutput, error) - AssumeRoleRequest(*sts.AssumeRoleInput) (*request.Request, *sts.AssumeRoleOutput) - - AssumeRoleWithSAML(*sts.AssumeRoleWithSAMLInput) (*sts.AssumeRoleWithSAMLOutput, error) - AssumeRoleWithSAMLWithContext(aws.Context, *sts.AssumeRoleWithSAMLInput, ...request.Option) (*sts.AssumeRoleWithSAMLOutput, error) - AssumeRoleWithSAMLRequest(*sts.AssumeRoleWithSAMLInput) (*request.Request, *sts.AssumeRoleWithSAMLOutput) - - AssumeRoleWithWebIdentity(*sts.AssumeRoleWithWebIdentityInput) (*sts.AssumeRoleWithWebIdentityOutput, error) - AssumeRoleWithWebIdentityWithContext(aws.Context, *sts.AssumeRoleWithWebIdentityInput, ...request.Option) (*sts.AssumeRoleWithWebIdentityOutput, error) - AssumeRoleWithWebIdentityRequest(*sts.AssumeRoleWithWebIdentityInput) (*request.Request, *sts.AssumeRoleWithWebIdentityOutput) - - DecodeAuthorizationMessage(*sts.DecodeAuthorizationMessageInput) (*sts.DecodeAuthorizationMessageOutput, error) - DecodeAuthorizationMessageWithContext(aws.Context, *sts.DecodeAuthorizationMessageInput, ...request.Option) (*sts.DecodeAuthorizationMessageOutput, error) - DecodeAuthorizationMessageRequest(*sts.DecodeAuthorizationMessageInput) (*request.Request, *sts.DecodeAuthorizationMessageOutput) - - GetAccessKeyInfo(*sts.GetAccessKeyInfoInput) (*sts.GetAccessKeyInfoOutput, error) - GetAccessKeyInfoWithContext(aws.Context, *sts.GetAccessKeyInfoInput, ...request.Option) (*sts.GetAccessKeyInfoOutput, error) - GetAccessKeyInfoRequest(*sts.GetAccessKeyInfoInput) (*request.Request, *sts.GetAccessKeyInfoOutput) - - GetCallerIdentity(*sts.GetCallerIdentityInput) (*sts.GetCallerIdentityOutput, error) - GetCallerIdentityWithContext(aws.Context, *sts.GetCallerIdentityInput, ...request.Option) (*sts.GetCallerIdentityOutput, error) - GetCallerIdentityRequest(*sts.GetCallerIdentityInput) (*request.Request, *sts.GetCallerIdentityOutput) - - GetFederationToken(*sts.GetFederationTokenInput) (*sts.GetFederationTokenOutput, error) - GetFederationTokenWithContext(aws.Context, *sts.GetFederationTokenInput, ...request.Option) (*sts.GetFederationTokenOutput, error) - GetFederationTokenRequest(*sts.GetFederationTokenInput) (*request.Request, *sts.GetFederationTokenOutput) - - GetSessionToken(*sts.GetSessionTokenInput) (*sts.GetSessionTokenOutput, error) - GetSessionTokenWithContext(aws.Context, *sts.GetSessionTokenInput, ...request.Option) (*sts.GetSessionTokenOutput, error) - GetSessionTokenRequest(*sts.GetSessionTokenInput) (*request.Request, *sts.GetSessionTokenOutput) -} - -var _ STSAPI = (*sts.STS)(nil) diff --git a/vendor/github.com/aws/smithy-go/.gitignore b/vendor/github.com/aws/smithy-go/.gitignore deleted file mode 100644 index 2518b349..00000000 --- a/vendor/github.com/aws/smithy-go/.gitignore +++ /dev/null @@ -1,29 +0,0 @@ -# Eclipse -.classpath -.project -.settings/ - -# Intellij -.idea/ -*.iml -*.iws - -# Mac -.DS_Store - -# Maven -target/ -**/dependency-reduced-pom.xml - -# Gradle -/.gradle -build/ -*/out/ -*/*/out/ - -# VS Code -bin/ -.vscode/ - -# make -c.out diff --git a/vendor/github.com/aws/smithy-go/.travis.yml b/vendor/github.com/aws/smithy-go/.travis.yml deleted file mode 100644 index f8d1035c..00000000 --- a/vendor/github.com/aws/smithy-go/.travis.yml +++ /dev/null @@ -1,28 +0,0 @@ -language: go -sudo: true -dist: bionic - -branches: - only: - - main - -os: - - linux - - osx - # Travis doesn't work with windows and Go tip - #- windows - -go: - - tip - -matrix: - allow_failures: - - go: tip - -before_install: - - if [ "$TRAVIS_OS_NAME" = "windows" ]; then choco install make; fi - - (cd /tmp/; go get golang.org/x/lint/golint) - -script: - - make go test -v ./...; - diff --git a/vendor/github.com/aws/smithy-go/CHANGELOG.md b/vendor/github.com/aws/smithy-go/CHANGELOG.md deleted file mode 100644 index de39171c..00000000 --- a/vendor/github.com/aws/smithy-go/CHANGELOG.md +++ /dev/null @@ -1,292 +0,0 @@ -# Release (2025-01-21) - -## General Highlights -* **Dependency Update**: Updated to the latest SDK module versions - -## Module Highlights -* `github.com/aws/smithy-go`: v1.22.2 - * **Bug Fix**: Fix HTTP metrics data race. - * **Bug Fix**: Replace usages of deprecated ioutil package. - -# Release (2024-11-15) - -## General Highlights -* **Dependency Update**: Updated to the latest SDK module versions - -## Module Highlights -* `github.com/aws/smithy-go`: v1.22.1 - * **Bug Fix**: Fix failure to replace URI path segments when their names overlap. - -# Release (2024-10-03) - -## General Highlights -* **Dependency Update**: Updated to the latest SDK module versions - -## Module Highlights -* `github.com/aws/smithy-go`: v1.22.0 - * **Feature**: Add HTTP client metrics. - -# Release (2024-09-25) - -## Module Highlights -* `github.com/aws/smithy-go/aws-http-auth`: [v1.0.0](aws-http-auth/CHANGELOG.md#v100-2024-09-25) - * **Release**: Initial release of module aws-http-auth, which implements generically consumable SigV4 and SigV4a request signing. - -# Release (2024-09-19) - -## General Highlights -* **Dependency Update**: Updated to the latest SDK module versions - -## Module Highlights -* `github.com/aws/smithy-go`: v1.21.0 - * **Feature**: Add tracing and metrics APIs, and builtin instrumentation for both, in generated clients. -* `github.com/aws/smithy-go/metrics/smithyotelmetrics`: [v1.0.0](metrics/smithyotelmetrics/CHANGELOG.md#v100-2024-09-19) - * **Release**: Initial release of `smithyotelmetrics` module, which is used to adapt an OpenTelemetry SDK meter provider to be used with Smithy clients. -* `github.com/aws/smithy-go/tracing/smithyoteltracing`: [v1.0.0](tracing/smithyoteltracing/CHANGELOG.md#v100-2024-09-19) - * **Release**: Initial release of `smithyoteltracing` module, which is used to adapt an OpenTelemetry SDK tracer provider to be used with Smithy clients. - -# Release (2024-08-14) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.20.4 - * **Dependency Update**: Bump minimum Go version to 1.21. - -# Release (2024-06-27) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.20.3 - * **Bug Fix**: Fix encoding/cbor test overflow on x86. - -# Release (2024-03-29) - -* No change notes available for this release. - -# Release (2024-02-21) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.20.1 - * **Bug Fix**: Remove runtime dependency on go-cmp. - -# Release (2024-02-13) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.20.0 - * **Feature**: Add codegen definition for sigv4a trait. - * **Feature**: Bump minimum Go version to 1.20 per our language support policy. - -# Release (2023-12-07) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.19.0 - * **Feature**: Support modeled request compression. - -# Release (2023-11-30) - -* No change notes available for this release. - -# Release (2023-11-29) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.18.0 - * **Feature**: Expose Options() method on generated service clients. - -# Release (2023-11-15) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.17.0 - * **Feature**: Support identity/auth components of client reference architecture. - -# Release (2023-10-31) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.16.0 - * **Feature**: **LANG**: Bump minimum go version to 1.19. - -# Release (2023-10-06) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.15.0 - * **Feature**: Add `http.WithHeaderComment` middleware. - -# Release (2023-08-18) - -* No change notes available for this release. - -# Release (2023-08-07) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.14.1 - * **Bug Fix**: Prevent duplicated error returns in EndpointResolverV2 default implementation. - -# Release (2023-07-31) - -## General Highlights -* **Feature**: Adds support for smithy-modeled endpoint resolution. - -# Release (2022-12-02) - -* No change notes available for this release. - -# Release (2022-10-24) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.13.4 - * **Bug Fix**: fixed document type checking for encoding nested types - -# Release (2022-09-14) - -* No change notes available for this release. - -# Release (v1.13.2) - -* No change notes available for this release. - -# Release (v1.13.1) - -* No change notes available for this release. - -# Release (v1.13.0) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.13.0 - * **Feature**: Adds support for the Smithy httpBearerAuth authentication trait to smithy-go. This allows the SDK to support the bearer authentication flow for API operations decorated with httpBearerAuth. An API client will need to be provided with its own bearer.TokenProvider implementation or use the bearer.StaticTokenProvider implementation. - -# Release (v1.12.1) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.12.1 - * **Bug Fix**: Fixes a bug where JSON object keys were not escaped. - -# Release (v1.12.0) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.12.0 - * **Feature**: `transport/http`: Add utility for setting context metadata when operation serializer automatically assigns content-type default value. - -# Release (v1.11.3) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.11.3 - * **Dependency Update**: Updates smithy-go unit test dependency go-cmp to 0.5.8. - -# Release (v1.11.2) - -* No change notes available for this release. - -# Release (v1.11.1) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.11.1 - * **Bug Fix**: Updates the smithy-go HTTP Request to correctly handle building the request to an http.Request. Related to [aws/aws-sdk-go-v2#1583](https://github.com/aws/aws-sdk-go-v2/issues/1583) - -# Release (v1.11.0) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.11.0 - * **Feature**: Updates deserialization of header list to supported quoted strings - -# Release (v1.10.0) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.10.0 - * **Feature**: Add `ptr.Duration`, `ptr.ToDuration`, `ptr.DurationSlice`, `ptr.ToDurationSlice`, `ptr.DurationMap`, and `ptr.ToDurationMap` functions for the `time.Duration` type. - -# Release (v1.9.1) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.9.1 - * **Documentation**: Fixes various typos in Go package documentation. - -# Release (v1.9.0) - -## Module Highlights -* `github.com/aws/smithy-go`: v1.9.0 - * **Feature**: sync: OnceErr, can be used to concurrently record a signal when an error has occurred. - * **Bug Fix**: `transport/http`: CloseResponseBody and ErrorCloseResponseBody middleware have been updated to ensure that the body is fully drained before closing. - -# Release v1.8.1 - -### Smithy Go Module -* **Bug Fix**: Fixed an issue that would cause the HTTP Content-Length to be set to 0 if the stream body was not set. - * Fixes [aws/aws-sdk-go-v2#1418](https://github.com/aws/aws-sdk-go-v2/issues/1418) - -# Release v1.8.0 - -### Smithy Go Module - -* `time`: Add support for parsing additional DateTime timestamp format ([#324](https://github.com/aws/smithy-go/pull/324)) - * Adds support for parsing DateTime timestamp formatted time similar to RFC 3339, but without the `Z` character, nor UTC offset. - * Fixes [#1387](https://github.com/aws/aws-sdk-go-v2/issues/1387) - -# Release v1.7.0 - -### Smithy Go Module -* `ptr`: Handle error for deferred file close call ([#314](https://github.com/aws/smithy-go/pull/314)) - * Handle error for defer close call -* `middleware`: Add Clone to Metadata ([#318](https://github.com/aws/smithy-go/pull/318)) - * Adds a new Clone method to the middleware Metadata type. This provides a shallow clone of the entries in the Metadata. -* `document`: Add new package for document shape serialization support ([#310](https://github.com/aws/smithy-go/pull/310)) - -### Codegen -* Add Smithy Document Shape Support ([#310](https://github.com/aws/smithy-go/pull/310)) - * Adds support for Smithy Document shapes and supporting types for protocols to implement support - -# Release v1.6.0 (2021-07-15) - -### Smithy Go Module -* `encoding/httpbinding`: Support has been added for encoding `float32` and `float64` values that are `NaN`, `Infinity`, or `-Infinity`. ([#316](https://github.com/aws/smithy-go/pull/316)) - -### Codegen -* Adds support for handling `float32` and `float64` `NaN` values in HTTP Protocol Unit Tests. ([#316](https://github.com/aws/smithy-go/pull/316)) -* Adds support protocol generator implementations to override the error code string returned by `ErrorCode` methods on generated error types. ([#315](https://github.com/aws/smithy-go/pull/315)) - -# Release v1.5.0 (2021-06-25) - -### Smithy Go module -* `time`: Update time parsing to not be as strict for HTTPDate and DateTime ([#307](https://github.com/aws/smithy-go/pull/307)) - * Fixes [#302](https://github.com/aws/smithy-go/issues/302) by changing time to UTC before formatting so no local offset time is lost. - -### Codegen -* Adds support for integrating client members via plugins ([#301](https://github.com/aws/smithy-go/pull/301)) -* Fix serialization of enum types marked with payload trait ([#296](https://github.com/aws/smithy-go/pull/296)) -* Update generation of API client modules to include a manifest of files generated ([#283](https://github.com/aws/smithy-go/pull/283)) -* Update Group Java group ID for smithy-go generator ([#298](https://github.com/aws/smithy-go/pull/298)) -* Support the delegation of determining the errors that can occur for an operation ([#304](https://github.com/aws/smithy-go/pull/304)) -* Support for marking and documenting deprecated client config fields. ([#303](https://github.com/aws/smithy-go/pull/303)) - -# Release v1.4.0 (2021-05-06) - -### Smithy Go module -* `encoding/xml`: Fix escaping of Next Line and Line Start in XML Encoder ([#267](https://github.com/aws/smithy-go/pull/267)) - -### Codegen -* Add support for Smithy 1.7 ([#289](https://github.com/aws/smithy-go/pull/289)) -* Add support for httpQueryParams location -* Add support for model renaming conflict resolution with service closure - -# Release v1.3.1 (2021-04-08) - -### Smithy Go module -* `transport/http`: Loosen endpoint hostname validation to allow specifying port numbers. ([#279](https://github.com/aws/smithy-go/pull/279)) -* `io`: Fix RingBuffer panics due to out of bounds index. ([#282](https://github.com/aws/smithy-go/pull/282)) - -# Release v1.3.0 (2021-04-01) - -### Smithy Go module -* `transport/http`: Add utility to safely join string to url path, and url raw query. - -### Codegen -* Update HttpBindingProtocolGenerator to use http/transport JoinPath and JoinQuery utility. - -# Release v1.2.0 (2021-03-12) - -### Smithy Go module -* Fix support for parsing shortened year format in HTTP Date header. -* Fix GitHub APIDiff action workflow to get gorelease tool correctly. -* Fix codegen artifact unit test for Go 1.16 - -### Codegen -* Fix generating paginator nil parameter handling before usage. -* Fix Serialize unboxed members decorated as required. -* Add ability to define resolvers at both client construction and operation invocation. -* Support for extending paginators with custom runtime trait diff --git a/vendor/github.com/aws/smithy-go/CODE_OF_CONDUCT.md b/vendor/github.com/aws/smithy-go/CODE_OF_CONDUCT.md deleted file mode 100644 index 5b627cfa..00000000 --- a/vendor/github.com/aws/smithy-go/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,4 +0,0 @@ -## Code of Conduct -This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). -For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact -opensource-codeofconduct@amazon.com with any additional questions or comments. diff --git a/vendor/github.com/aws/smithy-go/CONTRIBUTING.md b/vendor/github.com/aws/smithy-go/CONTRIBUTING.md deleted file mode 100644 index 1f8d01ff..00000000 --- a/vendor/github.com/aws/smithy-go/CONTRIBUTING.md +++ /dev/null @@ -1,90 +0,0 @@ -# Contributing Guidelines - -Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional -documentation, we greatly value feedback and contributions from our community. - -Please read through this document before submitting any issues or pull requests to ensure we have all the necessary -information to effectively respond to your bug report or contribution. - - -## Reporting Bugs/Feature Requests - -We welcome you to use the GitHub issue tracker to report bugs or suggest features. - -When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already -reported the issue. Please try to include as much information as you can. Details like these are incredibly useful: - -* A reproducible test case or series of steps -* The version of our code being used -* Any modifications you've made relevant to the bug -* Anything unusual about your environment or deployment - - -## Contributing via Pull Requests -Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: - -1. You are working against the latest source on the *main* branch. -2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. -3. You open an issue to discuss any significant work - we would hate for your time to be wasted. - -To send us a pull request, please: - -1. Fork the repository. -2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. -3. Ensure local tests pass. -4. Commit to your fork using clear commit messages. -5. Send us a pull request, answering any default questions in the pull request interface. -6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. - -GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and -[creating a pull request](https://help.github.com/articles/creating-a-pull-request/). - -### Changelog Documents - -(You can SKIP this step if you are only changing the code generator, and not the runtime). - -When submitting a pull request please include a changelog file on a folder named `.changelog`. -These are used to generate the content `CHANGELOG.md` and Release Notes. The format of the file is as follows: - -``` -{ - "id": "12345678-1234-1234-1234-123456789012" - "type": "bugfix" - "collapse": true - "description": "Fix improper use of printf-style functions.", - "modules": [ - "." - ] -} -``` - -* id: a UUID. This should also be used for the name of the file, so if your id is `12345678-1234-1234-1234-123456789012` the file should be named `12345678-1234-1234-1234-123456789012.json/` -* type: one of the following: - * bugfix: Fixing an existing bug - * Feature: Adding a new feature to an existing service - * Release: Releasing a new module - * Dependency: Updating dependencies - * Announcement: Making an announcement, like deprecation of a module -* collapse: whether this change should appear separately on the release notes on every module listed on `modules` (`"collapse": false`), or if it should show up as a single entry (`"collapse": true`) - * For the smithy-go repository this should always be `false` -* description: Description of this change. Most of the times is the same as the title of the PR -* modules: which Go modules does this change impact. The root module is expressed as "." - - -## Finding contributions to work on -Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues is a great place to start. - - -## Code of Conduct -This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). -For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact -opensource-codeofconduct@amazon.com with any additional questions or comments. - - -## Security issue notifications -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. - - -## Licensing - -See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. diff --git a/vendor/github.com/aws/smithy-go/LICENSE b/vendor/github.com/aws/smithy-go/LICENSE deleted file mode 100644 index 67db8588..00000000 --- a/vendor/github.com/aws/smithy-go/LICENSE +++ /dev/null @@ -1,175 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. diff --git a/vendor/github.com/aws/smithy-go/Makefile b/vendor/github.com/aws/smithy-go/Makefile deleted file mode 100644 index a3c2cf17..00000000 --- a/vendor/github.com/aws/smithy-go/Makefile +++ /dev/null @@ -1,109 +0,0 @@ -PRE_RELEASE_VERSION ?= - -RELEASE_MANIFEST_FILE ?= -RELEASE_CHGLOG_DESC_FILE ?= - -REPOTOOLS_VERSION ?= latest -REPOTOOLS_MODULE = github.com/awslabs/aws-go-multi-module-repository-tools -REPOTOOLS_CMD_CALCULATE_RELEASE = ${REPOTOOLS_MODULE}/cmd/calculaterelease@${REPOTOOLS_VERSION} -REPOTOOLS_CMD_CALCULATE_RELEASE_ADDITIONAL_ARGS ?= -REPOTOOLS_CMD_UPDATE_REQUIRES = ${REPOTOOLS_MODULE}/cmd/updaterequires@${REPOTOOLS_VERSION} -REPOTOOLS_CMD_UPDATE_MODULE_METADATA = ${REPOTOOLS_MODULE}/cmd/updatemodulemeta@${REPOTOOLS_VERSION} -REPOTOOLS_CMD_GENERATE_CHANGELOG = ${REPOTOOLS_MODULE}/cmd/generatechangelog@${REPOTOOLS_VERSION} -REPOTOOLS_CMD_CHANGELOG = ${REPOTOOLS_MODULE}/cmd/changelog@${REPOTOOLS_VERSION} -REPOTOOLS_CMD_TAG_RELEASE = ${REPOTOOLS_MODULE}/cmd/tagrelease@${REPOTOOLS_VERSION} -REPOTOOLS_CMD_MODULE_VERSION = ${REPOTOOLS_MODULE}/cmd/moduleversion@${REPOTOOLS_VERSION} - -UNIT_TEST_TAGS= -BUILD_TAGS= - -ifneq ($(PRE_RELEASE_VERSION),) - REPOTOOLS_CMD_CALCULATE_RELEASE_ADDITIONAL_ARGS += -preview=${PRE_RELEASE_VERSION} -endif - -smithy-publish-local: - cd codegen && ./gradlew publishToMavenLocal - -smithy-build: - cd codegen && ./gradlew build - -smithy-clean: - cd codegen && ./gradlew clean - -################## -# Linting/Verify # -################## -.PHONY: verify vet cover - -verify: vet - -vet: - go vet ${BUILD_TAGS} --all ./... - -cover: - go test ${BUILD_TAGS} -coverprofile c.out ./... - @cover=`go tool cover -func c.out | grep '^total:' | awk '{ print $$3+0 }'`; \ - echo "total (statements): $$cover%"; - -################ -# Unit Testing # -################ -.PHONY: unit unit-race unit-test unit-race-test - -unit: verify - go vet ${BUILD_TAGS} --all ./... && \ - go test ${BUILD_TAGS} ${RUN_NONE} ./... && \ - go test -timeout=1m ${UNIT_TEST_TAGS} ./... - -unit-race: verify - go vet ${BUILD_TAGS} --all ./... && \ - go test ${BUILD_TAGS} ${RUN_NONE} ./... && \ - go test -timeout=1m ${UNIT_TEST_TAGS} -race -cpu=4 ./... - -unit-test: verify - go test -timeout=1m ${UNIT_TEST_TAGS} ./... - -unit-race-test: verify - go test -timeout=1m ${UNIT_TEST_TAGS} -race -cpu=4 ./... - -##################### -# Release Process # -##################### -.PHONY: preview-release pre-release-validation release - -preview-release: - go run ${REPOTOOLS_CMD_CALCULATE_RELEASE} ${REPOTOOLS_CMD_CALCULATE_RELEASE_ADDITIONAL_ARGS} - -pre-release-validation: - @if [[ -z "${RELEASE_MANIFEST_FILE}" ]]; then \ - echo "RELEASE_MANIFEST_FILE is required to specify the file to write the release manifest" && false; \ - fi - @if [[ -z "${RELEASE_CHGLOG_DESC_FILE}" ]]; then \ - echo "RELEASE_CHGLOG_DESC_FILE is required to specify the file to write the release notes" && false; \ - fi - -release: pre-release-validation - go run ${REPOTOOLS_CMD_CALCULATE_RELEASE} -o ${RELEASE_MANIFEST_FILE} ${REPOTOOLS_CMD_CALCULATE_RELEASE_ADDITIONAL_ARGS} - go run ${REPOTOOLS_CMD_UPDATE_REQUIRES} -release ${RELEASE_MANIFEST_FILE} - go run ${REPOTOOLS_CMD_UPDATE_MODULE_METADATA} -release ${RELEASE_MANIFEST_FILE} - go run ${REPOTOOLS_CMD_GENERATE_CHANGELOG} -release ${RELEASE_MANIFEST_FILE} -o ${RELEASE_CHGLOG_DESC_FILE} - go run ${REPOTOOLS_CMD_CHANGELOG} rm -all - go run ${REPOTOOLS_CMD_TAG_RELEASE} -release ${RELEASE_MANIFEST_FILE} - -module-version: - @go run ${REPOTOOLS_CMD_MODULE_VERSION} . - -############## -# Repo Tools # -############## -.PHONY: install-changelog - -external-changelog: - mkdir -p .changelog - cp changelog-template.json .changelog/00000000-0000-0000-0000-000000000000.json - @echo "Generate a new UUID and update the file at .changelog/00000000-0000-0000-0000-000000000000.json" - @echo "Make sure to rename the file with your new id, like .changelog/12345678-1234-1234-1234-123456789012.json" - @echo "See CONTRIBUTING.md 'Changelog Documents' and an example at https://github.com/aws/smithy-go/pull/543/files" - -install-changelog: - go install ${REPOTOOLS_MODULE}/cmd/changelog@${REPOTOOLS_VERSION} diff --git a/vendor/github.com/aws/smithy-go/NOTICE b/vendor/github.com/aws/smithy-go/NOTICE deleted file mode 100644 index 616fc588..00000000 --- a/vendor/github.com/aws/smithy-go/NOTICE +++ /dev/null @@ -1 +0,0 @@ -Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/vendor/github.com/aws/smithy-go/README.md b/vendor/github.com/aws/smithy-go/README.md deleted file mode 100644 index 08df7458..00000000 --- a/vendor/github.com/aws/smithy-go/README.md +++ /dev/null @@ -1,93 +0,0 @@ -# Smithy Go - -[![Go Build Status](https://github.com/aws/smithy-go/actions/workflows/go.yml/badge.svg?branch=main)](https://github.com/aws/smithy-go/actions/workflows/go.yml)[![Codegen Build Status](https://github.com/aws/smithy-go/actions/workflows/codegen.yml/badge.svg?branch=main)](https://github.com/aws/smithy-go/actions/workflows/codegen.yml) - -[Smithy](https://smithy.io/) code generators for Go and the accompanying smithy-go runtime. - -The smithy-go runtime requires a minimum version of Go 1.20. - -**WARNING: All interfaces are subject to change.** - -## Can I use the code generators? - -In order to generate a usable smithy client you must provide a [protocol definition](https://github.com/aws/smithy-go/blob/main/codegen/smithy-go-codegen/src/main/java/software/amazon/smithy/go/codegen/integration/ProtocolGenerator.java), -such as [AWS restJson1](https://smithy.io/2.0/aws/protocols/aws-restjson1-protocol.html), -in order to generate transport mechanisms and serialization/deserialization -code ("serde") accordingly. - -The code generator does not currently support any protocols out of the box other than the new `smithy.protocols#rpcv2Cbor`, -therefore the useability of this project on its own is currently limited. -Support for all [AWS protocols](https://smithy.io/2.0/aws/protocols/index.html) -exists in [aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2). We are -tracking the movement of those out of the SDK into smithy-go in -[#458](https://github.com/aws/smithy-go/issues/458), but there's currently no -timeline for doing so. - -## Plugins - -This repository implements the following Smithy build plugins: - -| ID | GAV prefix | Description | -|----|------------|-------------| -| `go-codegen` | `software.amazon.smithy.go:smithy-go-codegen` | Implements Go client code generation for Smithy models. | -| `go-server-codegen` | `software.amazon.smithy.go:smithy-go-codegen` | Implements Go server code generation for Smithy models. | - -**NOTE: Build plugins are not currently published to mavenCentral. You must publish to mavenLocal to make the build plugins visible to the Smithy CLI. The artifact version is currently fixed at 0.1.0.** - -## `go-codegen` - -### Configuration - -[`GoSettings`](codegen/smithy-go-codegen/src/main/java/software/amazon/smithy/go/codegen/GoSettings.java) -contains all of the settings enabled from `smithy-build.json` and helper -methods and types. The up-to-date list of top-level properties enabled for -`go-client-codegen` can be found in `GoSettings::from()`. - -| Setting | Type | Required | Description | -|-----------------|---------|----------|-----------------------------------------------------------------------------------------------------------------------------| -| `service` | string | yes | The Shape ID of the service for which to generate the client. | -| `module` | string | yes | Name of the module in `generated.json` (and `go.mod` if `generateGoMod` is enabled) and `doc.go`. | -| `generateGoMod` | boolean | | Whether to generate a default `go.mod` file. The default value is `false`. | -| `goDirective` | string | | [Go directive](https://go.dev/ref/mod#go-mod-file-go) of the module. The default value is the minimum supported Go version. | - -### Supported protocols - -| Protocol | Notes | -|----------|-------| -| [`smithy.protocols#rpcv2Cbor`](https://smithy.io/2.0/additional-specs/protocols/smithy-rpc-v2.html) | Event streaming not yet implemented. | - -### Example - -This example applies the `go-codegen` build plugin to the Smithy quickstart -example created from `smithy init`: - -```json -{ - "version": "1.0", - "sources": [ - "models" - ], - "maven": { - "dependencies": [ - "software.amazon.smithy.go:smithy-go-codegen:0.1.0" - ] - }, - "plugins": { - "go-codegen": { - "service": "example.weather#Weather", - "module": "github.com/example/weather", - "generateGoMod": true, - "goDirective": "1.20" - } - } -} -``` - -## `go-server-codegen` - -This plugin is a work-in-progress and is currently undocumented. - -## License - -This project is licensed under the Apache-2.0 License. - diff --git a/vendor/github.com/aws/smithy-go/auth/auth.go b/vendor/github.com/aws/smithy-go/auth/auth.go deleted file mode 100644 index 5bdb70c9..00000000 --- a/vendor/github.com/aws/smithy-go/auth/auth.go +++ /dev/null @@ -1,3 +0,0 @@ -// Package auth defines protocol-agnostic authentication types for smithy -// clients. -package auth diff --git a/vendor/github.com/aws/smithy-go/auth/bearer/docs.go b/vendor/github.com/aws/smithy-go/auth/bearer/docs.go deleted file mode 100644 index 1c9b9715..00000000 --- a/vendor/github.com/aws/smithy-go/auth/bearer/docs.go +++ /dev/null @@ -1,3 +0,0 @@ -// Package bearer provides middleware and utilities for authenticating API -// operation calls with a Bearer Token. -package bearer diff --git a/vendor/github.com/aws/smithy-go/auth/bearer/middleware.go b/vendor/github.com/aws/smithy-go/auth/bearer/middleware.go deleted file mode 100644 index 8c7d7209..00000000 --- a/vendor/github.com/aws/smithy-go/auth/bearer/middleware.go +++ /dev/null @@ -1,104 +0,0 @@ -package bearer - -import ( - "context" - "fmt" - - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" -) - -// Message is the middleware stack's request transport message value. -type Message interface{} - -// Signer provides an interface for implementations to decorate a request -// message with a bearer token. The signer is responsible for validating the -// message type is compatible with the signer. -type Signer interface { - SignWithBearerToken(context.Context, Token, Message) (Message, error) -} - -// AuthenticationMiddleware provides the Finalize middleware step for signing -// an request message with a bearer token. -type AuthenticationMiddleware struct { - signer Signer - tokenProvider TokenProvider -} - -// AddAuthenticationMiddleware helper adds the AuthenticationMiddleware to the -// middleware Stack in the Finalize step with the options provided. -func AddAuthenticationMiddleware(s *middleware.Stack, signer Signer, tokenProvider TokenProvider) error { - return s.Finalize.Add( - NewAuthenticationMiddleware(signer, tokenProvider), - middleware.After, - ) -} - -// NewAuthenticationMiddleware returns an initialized AuthenticationMiddleware. -func NewAuthenticationMiddleware(signer Signer, tokenProvider TokenProvider) *AuthenticationMiddleware { - return &AuthenticationMiddleware{ - signer: signer, - tokenProvider: tokenProvider, - } -} - -const authenticationMiddlewareID = "BearerTokenAuthentication" - -// ID returns the resolver identifier -func (m *AuthenticationMiddleware) ID() string { - return authenticationMiddlewareID -} - -// HandleFinalize implements the FinalizeMiddleware interface in order to -// update the request with bearer token authentication. -func (m *AuthenticationMiddleware) HandleFinalize( - ctx context.Context, in middleware.FinalizeInput, next middleware.FinalizeHandler, -) ( - out middleware.FinalizeOutput, metadata middleware.Metadata, err error, -) { - token, err := m.tokenProvider.RetrieveBearerToken(ctx) - if err != nil { - return out, metadata, fmt.Errorf("failed AuthenticationMiddleware wrap message, %w", err) - } - - signedMessage, err := m.signer.SignWithBearerToken(ctx, token, in.Request) - if err != nil { - return out, metadata, fmt.Errorf("failed AuthenticationMiddleware sign message, %w", err) - } - - in.Request = signedMessage - return next.HandleFinalize(ctx, in) -} - -// SignHTTPSMessage provides a bearer token authentication implementation that -// will sign the message with the provided bearer token. -// -// Will fail if the message is not a smithy-go HTTP request or the request is -// not HTTPS. -type SignHTTPSMessage struct{} - -// NewSignHTTPSMessage returns an initialized signer for HTTP messages. -func NewSignHTTPSMessage() *SignHTTPSMessage { - return &SignHTTPSMessage{} -} - -// SignWithBearerToken returns a copy of the HTTP request with the bearer token -// added via the "Authorization" header, per RFC 6750, https://datatracker.ietf.org/doc/html/rfc6750. -// -// Returns an error if the request's URL scheme is not HTTPS, or the request -// message is not an smithy-go HTTP Request pointer type. -func (SignHTTPSMessage) SignWithBearerToken(ctx context.Context, token Token, message Message) (Message, error) { - req, ok := message.(*smithyhttp.Request) - if !ok { - return nil, fmt.Errorf("expect smithy-go HTTP Request, got %T", message) - } - - if !req.IsHTTPS() { - return nil, fmt.Errorf("bearer token with HTTP request requires HTTPS") - } - - reqClone := req.Clone() - reqClone.Header.Set("Authorization", "Bearer "+token.Value) - - return reqClone, nil -} diff --git a/vendor/github.com/aws/smithy-go/auth/bearer/token.go b/vendor/github.com/aws/smithy-go/auth/bearer/token.go deleted file mode 100644 index be260d4c..00000000 --- a/vendor/github.com/aws/smithy-go/auth/bearer/token.go +++ /dev/null @@ -1,50 +0,0 @@ -package bearer - -import ( - "context" - "time" -) - -// Token provides a type wrapping a bearer token and expiration metadata. -type Token struct { - Value string - - CanExpire bool - Expires time.Time -} - -// Expired returns if the token's Expires time is before or equal to the time -// provided. If CanExpires is false, Expired will always return false. -func (t Token) Expired(now time.Time) bool { - if !t.CanExpire { - return false - } - now = now.Round(0) - return now.Equal(t.Expires) || now.After(t.Expires) -} - -// TokenProvider provides interface for retrieving bearer tokens. -type TokenProvider interface { - RetrieveBearerToken(context.Context) (Token, error) -} - -// TokenProviderFunc provides a helper utility to wrap a function as a type -// that implements the TokenProvider interface. -type TokenProviderFunc func(context.Context) (Token, error) - -// RetrieveBearerToken calls the wrapped function, returning the Token or -// error. -func (fn TokenProviderFunc) RetrieveBearerToken(ctx context.Context) (Token, error) { - return fn(ctx) -} - -// StaticTokenProvider provides a utility for wrapping a static bearer token -// value within an implementation of a token provider. -type StaticTokenProvider struct { - Token Token -} - -// RetrieveBearerToken returns the static token specified. -func (s StaticTokenProvider) RetrieveBearerToken(context.Context) (Token, error) { - return s.Token, nil -} diff --git a/vendor/github.com/aws/smithy-go/auth/bearer/token_cache.go b/vendor/github.com/aws/smithy-go/auth/bearer/token_cache.go deleted file mode 100644 index 223ddf52..00000000 --- a/vendor/github.com/aws/smithy-go/auth/bearer/token_cache.go +++ /dev/null @@ -1,208 +0,0 @@ -package bearer - -import ( - "context" - "fmt" - "sync/atomic" - "time" - - smithycontext "github.com/aws/smithy-go/context" - "github.com/aws/smithy-go/internal/sync/singleflight" -) - -// package variable that can be override in unit tests. -var timeNow = time.Now - -// TokenCacheOptions provides a set of optional configuration options for the -// TokenCache TokenProvider. -type TokenCacheOptions struct { - // The duration before the token will expire when the credentials will be - // refreshed. If DisableAsyncRefresh is true, the RetrieveBearerToken calls - // will be blocking. - // - // Asynchronous refreshes are deduplicated, and only one will be in-flight - // at a time. If the token expires while an asynchronous refresh is in - // flight, the next call to RetrieveBearerToken will block on that refresh - // to return. - RefreshBeforeExpires time.Duration - - // The timeout the underlying TokenProvider's RetrieveBearerToken call must - // return within, or will be canceled. Defaults to 0, no timeout. - // - // If 0 timeout, its possible for the underlying tokenProvider's - // RetrieveBearerToken call to block forever. Preventing subsequent - // TokenCache attempts to refresh the token. - // - // If this timeout is reached all pending deduplicated calls to - // TokenCache RetrieveBearerToken will fail with an error. - RetrieveBearerTokenTimeout time.Duration - - // The minimum duration between asynchronous refresh attempts. If the next - // asynchronous recent refresh attempt was within the minimum delay - // duration, the call to retrieve will return the current cached token, if - // not expired. - // - // The asynchronous retrieve is deduplicated across multiple calls when - // RetrieveBearerToken is called. The asynchronous retrieve is not a - // periodic task. It is only performed when the token has not yet expired, - // and the current item is within the RefreshBeforeExpires window, and the - // TokenCache's RetrieveBearerToken method is called. - // - // If 0, (default) there will be no minimum delay between asynchronous - // refresh attempts. - // - // If DisableAsyncRefresh is true, this option is ignored. - AsyncRefreshMinimumDelay time.Duration - - // Sets if the TokenCache will attempt to refresh the token in the - // background asynchronously instead of blocking for credentials to be - // refreshed. If disabled token refresh will be blocking. - // - // The first call to RetrieveBearerToken will always be blocking, because - // there is no cached token. - DisableAsyncRefresh bool -} - -// TokenCache provides an utility to cache Bearer Authentication tokens from a -// wrapped TokenProvider. The TokenCache can be has options to configure the -// cache's early and asynchronous refresh of the token. -type TokenCache struct { - options TokenCacheOptions - provider TokenProvider - - cachedToken atomic.Value - lastRefreshAttemptTime atomic.Value - sfGroup singleflight.Group -} - -// NewTokenCache returns a initialized TokenCache that implements the -// TokenProvider interface. Wrapping the provider passed in. Also taking a set -// of optional functional option parameters to configure the token cache. -func NewTokenCache(provider TokenProvider, optFns ...func(*TokenCacheOptions)) *TokenCache { - var options TokenCacheOptions - for _, fn := range optFns { - fn(&options) - } - - return &TokenCache{ - options: options, - provider: provider, - } -} - -// RetrieveBearerToken returns the token if it could be obtained, or error if a -// valid token could not be retrieved. -// -// The passed in Context's cancel/deadline/timeout will impacting only this -// individual retrieve call and not any other already queued up calls. This -// means underlying provider's RetrieveBearerToken calls could block for ever, -// and not be canceled with the Context. Set RetrieveBearerTokenTimeout to -// provide a timeout, preventing the underlying TokenProvider blocking forever. -// -// By default, if the passed in Context is canceled, all of its values will be -// considered expired. The wrapped TokenProvider will not be able to lookup the -// values from the Context once it is expired. This is done to protect against -// expired values no longer being valid. To disable this behavior, use -// smithy-go's context.WithPreserveExpiredValues to add a value to the Context -// before calling RetrieveBearerToken to enable support for expired values. -// -// Without RetrieveBearerTokenTimeout there is the potential for a underlying -// Provider's RetrieveBearerToken call to sit forever. Blocking in subsequent -// attempts at refreshing the token. -func (p *TokenCache) RetrieveBearerToken(ctx context.Context) (Token, error) { - cachedToken, ok := p.getCachedToken() - if !ok || cachedToken.Expired(timeNow()) { - return p.refreshBearerToken(ctx) - } - - // Check if the token should be refreshed before it expires. - refreshToken := cachedToken.Expired(timeNow().Add(p.options.RefreshBeforeExpires)) - if !refreshToken { - return cachedToken, nil - } - - if p.options.DisableAsyncRefresh { - return p.refreshBearerToken(ctx) - } - - p.tryAsyncRefresh(ctx) - - return cachedToken, nil -} - -// tryAsyncRefresh attempts to asynchronously refresh the token returning the -// already cached token. If it AsyncRefreshMinimumDelay option is not zero, and -// the duration since the last refresh is less than that value, nothing will be -// done. -func (p *TokenCache) tryAsyncRefresh(ctx context.Context) { - if p.options.AsyncRefreshMinimumDelay != 0 { - var lastRefreshAttempt time.Time - if v := p.lastRefreshAttemptTime.Load(); v != nil { - lastRefreshAttempt = v.(time.Time) - } - - if timeNow().Before(lastRefreshAttempt.Add(p.options.AsyncRefreshMinimumDelay)) { - return - } - } - - // Ignore the returned channel so this won't be blocking, and limit the - // number of additional goroutines created. - p.sfGroup.DoChan("async-refresh", func() (interface{}, error) { - res, err := p.refreshBearerToken(ctx) - if p.options.AsyncRefreshMinimumDelay != 0 { - var refreshAttempt time.Time - if err != nil { - refreshAttempt = timeNow() - } - p.lastRefreshAttemptTime.Store(refreshAttempt) - } - - return res, err - }) -} - -func (p *TokenCache) refreshBearerToken(ctx context.Context) (Token, error) { - resCh := p.sfGroup.DoChan("refresh-token", func() (interface{}, error) { - ctx := smithycontext.WithSuppressCancel(ctx) - if v := p.options.RetrieveBearerTokenTimeout; v != 0 { - var cancel func() - ctx, cancel = context.WithTimeout(ctx, v) - defer cancel() - } - return p.singleRetrieve(ctx) - }) - - select { - case res := <-resCh: - return res.Val.(Token), res.Err - case <-ctx.Done(): - return Token{}, fmt.Errorf("retrieve bearer token canceled, %w", ctx.Err()) - } -} - -func (p *TokenCache) singleRetrieve(ctx context.Context) (interface{}, error) { - token, err := p.provider.RetrieveBearerToken(ctx) - if err != nil { - return Token{}, fmt.Errorf("failed to retrieve bearer token, %w", err) - } - - p.cachedToken.Store(&token) - return token, nil -} - -// getCachedToken returns the currently cached token and true if found. Returns -// false if no token is cached. -func (p *TokenCache) getCachedToken() (Token, bool) { - v := p.cachedToken.Load() - if v == nil { - return Token{}, false - } - - t := v.(*Token) - if t == nil || t.Value == "" { - return Token{}, false - } - - return *t, true -} diff --git a/vendor/github.com/aws/smithy-go/auth/identity.go b/vendor/github.com/aws/smithy-go/auth/identity.go deleted file mode 100644 index ba8cf70d..00000000 --- a/vendor/github.com/aws/smithy-go/auth/identity.go +++ /dev/null @@ -1,47 +0,0 @@ -package auth - -import ( - "context" - "time" - - "github.com/aws/smithy-go" -) - -// Identity contains information that identifies who the user making the -// request is. -type Identity interface { - Expiration() time.Time -} - -// IdentityResolver defines the interface through which an Identity is -// retrieved. -type IdentityResolver interface { - GetIdentity(context.Context, smithy.Properties) (Identity, error) -} - -// IdentityResolverOptions defines the interface through which an entity can be -// queried to retrieve an IdentityResolver for a given auth scheme. -type IdentityResolverOptions interface { - GetIdentityResolver(schemeID string) IdentityResolver -} - -// AnonymousIdentity is a sentinel to indicate no identity. -type AnonymousIdentity struct{} - -var _ Identity = (*AnonymousIdentity)(nil) - -// Expiration returns the zero value for time, as anonymous identity never -// expires. -func (*AnonymousIdentity) Expiration() time.Time { - return time.Time{} -} - -// AnonymousIdentityResolver returns AnonymousIdentity. -type AnonymousIdentityResolver struct{} - -var _ IdentityResolver = (*AnonymousIdentityResolver)(nil) - -// GetIdentity returns AnonymousIdentity. -func (*AnonymousIdentityResolver) GetIdentity(_ context.Context, _ smithy.Properties) (Identity, error) { - return &AnonymousIdentity{}, nil -} diff --git a/vendor/github.com/aws/smithy-go/auth/option.go b/vendor/github.com/aws/smithy-go/auth/option.go deleted file mode 100644 index d5dabff0..00000000 --- a/vendor/github.com/aws/smithy-go/auth/option.go +++ /dev/null @@ -1,25 +0,0 @@ -package auth - -import "github.com/aws/smithy-go" - -type ( - authOptionsKey struct{} -) - -// Option represents a possible authentication method for an operation. -type Option struct { - SchemeID string - IdentityProperties smithy.Properties - SignerProperties smithy.Properties -} - -// GetAuthOptions gets auth Options from Properties. -func GetAuthOptions(p *smithy.Properties) ([]*Option, bool) { - v, ok := p.Get(authOptionsKey{}).([]*Option) - return v, ok -} - -// SetAuthOptions sets auth Options on Properties. -func SetAuthOptions(p *smithy.Properties, options []*Option) { - p.Set(authOptionsKey{}, options) -} diff --git a/vendor/github.com/aws/smithy-go/auth/scheme_id.go b/vendor/github.com/aws/smithy-go/auth/scheme_id.go deleted file mode 100644 index fb6a57c6..00000000 --- a/vendor/github.com/aws/smithy-go/auth/scheme_id.go +++ /dev/null @@ -1,20 +0,0 @@ -package auth - -// Anonymous -const ( - SchemeIDAnonymous = "smithy.api#noAuth" -) - -// HTTP auth schemes -const ( - SchemeIDHTTPBasic = "smithy.api#httpBasicAuth" - SchemeIDHTTPDigest = "smithy.api#httpDigestAuth" - SchemeIDHTTPBearer = "smithy.api#httpBearerAuth" - SchemeIDHTTPAPIKey = "smithy.api#httpApiKeyAuth" -) - -// AWS auth schemes -const ( - SchemeIDSigV4 = "aws.auth#sigv4" - SchemeIDSigV4A = "aws.auth#sigv4a" -) diff --git a/vendor/github.com/aws/smithy-go/changelog-template.json b/vendor/github.com/aws/smithy-go/changelog-template.json deleted file mode 100644 index d36e2b3e..00000000 --- a/vendor/github.com/aws/smithy-go/changelog-template.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "id": "00000000-0000-0000-0000-000000000000", - "type": "feature|bugfix|dependency", - "description": "Description of your changes", - "collapse": false, - "modules": [ - "." - ] -} diff --git a/vendor/github.com/aws/smithy-go/context/suppress_expired.go b/vendor/github.com/aws/smithy-go/context/suppress_expired.go deleted file mode 100644 index a39b84a2..00000000 --- a/vendor/github.com/aws/smithy-go/context/suppress_expired.go +++ /dev/null @@ -1,81 +0,0 @@ -package context - -import "context" - -// valueOnlyContext provides a utility to preserve only the values of a -// Context. Suppressing any cancellation or deadline on that context being -// propagated downstream of this value. -// -// If preserveExpiredValues is false (default), and the valueCtx is canceled, -// calls to lookup values with the Values method, will always return nil. Setting -// preserveExpiredValues to true, will allow the valueOnlyContext to lookup -// values in valueCtx even if valueCtx is canceled. -// -// Based on the Go standard libraries net/lookup.go onlyValuesCtx utility. -// https://github.com/golang/go/blob/da2773fe3e2f6106634673a38dc3a6eb875fe7d8/src/net/lookup.go -type valueOnlyContext struct { - context.Context - - preserveExpiredValues bool - valuesCtx context.Context -} - -var _ context.Context = (*valueOnlyContext)(nil) - -// Value looks up the key, returning its value. If configured to not preserve -// values of expired context, and the wrapping context is canceled, nil will be -// returned. -func (v *valueOnlyContext) Value(key interface{}) interface{} { - if !v.preserveExpiredValues { - select { - case <-v.valuesCtx.Done(): - return nil - default: - } - } - - return v.valuesCtx.Value(key) -} - -// WithSuppressCancel wraps the Context value, suppressing its deadline and -// cancellation events being propagated downstream to consumer of the returned -// context. -// -// By default the wrapped Context's Values are available downstream until the -// wrapped Context is canceled. Once the wrapped Context is canceled, Values -// method called on the context return will no longer lookup any key. As they -// are now considered expired. -// -// To override this behavior, use WithPreserveExpiredValues on the Context -// before it is wrapped by WithSuppressCancel. This will make the Context -// returned by WithSuppressCancel allow lookup of expired values. -func WithSuppressCancel(ctx context.Context) context.Context { - return &valueOnlyContext{ - Context: context.Background(), - valuesCtx: ctx, - - preserveExpiredValues: GetPreserveExpiredValues(ctx), - } -} - -type preserveExpiredValuesKey struct{} - -// WithPreserveExpiredValues adds a Value to the Context if expired values -// should be preserved, and looked up by a Context wrapped by -// WithSuppressCancel. -// -// WithPreserveExpiredValues must be added as a value to a Context, before that -// Context is wrapped by WithSuppressCancel -func WithPreserveExpiredValues(ctx context.Context, enable bool) context.Context { - return context.WithValue(ctx, preserveExpiredValuesKey{}, enable) -} - -// GetPreserveExpiredValues looks up, and returns the PreserveExpressValues -// value in the context. Returning true if enabled, false otherwise. -func GetPreserveExpiredValues(ctx context.Context) bool { - v := ctx.Value(preserveExpiredValuesKey{}) - if v != nil { - return v.(bool) - } - return false -} diff --git a/vendor/github.com/aws/smithy-go/doc.go b/vendor/github.com/aws/smithy-go/doc.go deleted file mode 100644 index 87b0c74b..00000000 --- a/vendor/github.com/aws/smithy-go/doc.go +++ /dev/null @@ -1,2 +0,0 @@ -// Package smithy provides the core components for a Smithy SDK. -package smithy diff --git a/vendor/github.com/aws/smithy-go/document.go b/vendor/github.com/aws/smithy-go/document.go deleted file mode 100644 index dec498c5..00000000 --- a/vendor/github.com/aws/smithy-go/document.go +++ /dev/null @@ -1,10 +0,0 @@ -package smithy - -// Document provides access to loosely structured data in a document-like -// format. -// -// Deprecated: See the github.com/aws/smithy-go/document package. -type Document interface { - UnmarshalDocument(interface{}) error - GetValue() (interface{}, error) -} diff --git a/vendor/github.com/aws/smithy-go/document/doc.go b/vendor/github.com/aws/smithy-go/document/doc.go deleted file mode 100644 index 03055b7a..00000000 --- a/vendor/github.com/aws/smithy-go/document/doc.go +++ /dev/null @@ -1,12 +0,0 @@ -// Package document provides interface definitions and error types for document types. -// -// A document is a protocol-agnostic type which supports a JSON-like data-model. You can use this type to send -// UTF-8 strings, arbitrary precision numbers, booleans, nulls, a list of these values, and a map of UTF-8 -// strings to these values. -// -// API Clients expose document constructors in their respective client document packages which must be used to -// Marshal and Unmarshal Go types to and from their respective protocol representations. -// -// See the Marshaler and Unmarshaler type documentation for more details on how to Go types can be converted to and from -// document types. -package document diff --git a/vendor/github.com/aws/smithy-go/document/document.go b/vendor/github.com/aws/smithy-go/document/document.go deleted file mode 100644 index 8f852d95..00000000 --- a/vendor/github.com/aws/smithy-go/document/document.go +++ /dev/null @@ -1,153 +0,0 @@ -package document - -import ( - "fmt" - "math/big" - "strconv" -) - -// Marshaler is an interface for a type that marshals a document to its protocol-specific byte representation and -// returns the resulting bytes. A non-nil error will be returned if an error is encountered during marshaling. -// -// Marshal supports basic scalars (int,uint,float,bool,string), big.Int, and big.Float, maps, slices, and structs. -// Anonymous nested types are flattened based on Go anonymous type visibility. -// -// When defining struct types. the `document` struct tag can be used to control how the value will be -// marshaled into the resulting protocol document. -// -// // Field is ignored -// Field int `document:"-"` -// -// // Field object of key "myName" -// Field int `document:"myName"` -// -// // Field object key of key "myName", and -// // Field is omitted if the field is a zero value for the type. -// Field int `document:"myName,omitempty"` -// -// // Field object key of "Field", and -// // Field is omitted if the field is a zero value for the type. -// Field int `document:",omitempty"` -// -// All struct fields, including anonymous fields, are marshaled unless the -// any of the following conditions are meet. -// -// - the field is not exported -// - document field tag is "-" -// - document field tag specifies "omitempty", and is a zero value. -// -// Pointer and interface values are encoded as the value pointed to or -// contained in the interface. A nil value encodes as a null -// value unless `omitempty` struct tag is provided. -// -// Channel, complex, and function values are not encoded and will be skipped -// when walking the value to be marshaled. -// -// time.Time is not supported and will cause the Marshaler to return an error. These values should be represented -// by your application as a string or numerical representation. -// -// Errors that occur when marshaling will stop the marshaler, and return the error. -// -// Marshal cannot represent cyclic data structures and will not handle them. -// Passing cyclic structures to Marshal will result in an infinite recursion. -type Marshaler interface { - MarshalSmithyDocument() ([]byte, error) -} - -// Unmarshaler is an interface for a type that unmarshals a document from its protocol-specific representation, and -// stores the result into the value pointed by v. If v is nil or not a pointer then InvalidUnmarshalError will be -// returned. -// -// Unmarshaler supports the same encodings produced by a document Marshaler. This includes support for the `document` -// struct field tag for controlling how struct fields are unmarshaled. -// -// Both generic interface{} and concrete types are valid unmarshal destination types. When unmarshaling a document -// into an empty interface the Unmarshaler will store one of these values: -// bool, for boolean values -// document.Number, for arbitrary-precision numbers (int64, float64, big.Int, big.Float) -// string, for string values -// []interface{}, for array values -// map[string]interface{}, for objects -// nil, for null values -// -// When unmarshaling, any error that occurs will halt the unmarshal and return the error. -type Unmarshaler interface { - UnmarshalSmithyDocument(v interface{}) error -} - -type noSerde interface { - noSmithyDocumentSerde() -} - -// NoSerde is a sentinel value to indicate that a given type should not be marshaled or unmarshaled -// into a protocol document. -type NoSerde struct{} - -func (n NoSerde) noSmithyDocumentSerde() {} - -var _ noSerde = (*NoSerde)(nil) - -// IsNoSerde returns whether the given type implements the no smithy document serde interface. -func IsNoSerde(x interface{}) bool { - _, ok := x.(noSerde) - return ok -} - -// Number is an arbitrary precision numerical value -type Number string - -// Int64 returns the number as a string. -func (n Number) String() string { - return string(n) -} - -// Int64 returns the number as an int64. -func (n Number) Int64() (int64, error) { - return n.intOfBitSize(64) -} - -func (n Number) intOfBitSize(bitSize int) (int64, error) { - return strconv.ParseInt(string(n), 10, bitSize) -} - -// Uint64 returns the number as a uint64. -func (n Number) Uint64() (uint64, error) { - return n.uintOfBitSize(64) -} - -func (n Number) uintOfBitSize(bitSize int) (uint64, error) { - return strconv.ParseUint(string(n), 10, bitSize) -} - -// Float32 returns the number parsed as a 32-bit float, returns a float64. -func (n Number) Float32() (float64, error) { - return n.floatOfBitSize(32) -} - -// Float64 returns the number as a float64. -func (n Number) Float64() (float64, error) { - return n.floatOfBitSize(64) -} - -// Float64 returns the number as a float64. -func (n Number) floatOfBitSize(bitSize int) (float64, error) { - return strconv.ParseFloat(string(n), bitSize) -} - -// BigFloat attempts to convert the number to a big.Float, returns an error if the operation fails. -func (n Number) BigFloat() (*big.Float, error) { - f, ok := (&big.Float{}).SetString(string(n)) - if !ok { - return nil, fmt.Errorf("failed to convert to big.Float") - } - return f, nil -} - -// BigInt attempts to convert the number to a big.Int, returns an error if the operation fails. -func (n Number) BigInt() (*big.Int, error) { - f, ok := (&big.Int{}).SetString(string(n), 10) - if !ok { - return nil, fmt.Errorf("failed to convert to big.Float") - } - return f, nil -} diff --git a/vendor/github.com/aws/smithy-go/document/errors.go b/vendor/github.com/aws/smithy-go/document/errors.go deleted file mode 100644 index 046a7a76..00000000 --- a/vendor/github.com/aws/smithy-go/document/errors.go +++ /dev/null @@ -1,75 +0,0 @@ -package document - -import ( - "fmt" - "reflect" -) - -// UnmarshalTypeError is an error type representing an error -// unmarshaling a Smithy document to a Go value type. This is different -// from UnmarshalError in that it does not wrap an underlying error type. -type UnmarshalTypeError struct { - Value string - Type reflect.Type -} - -// Error returns the string representation of the error. -// Satisfying the error interface. -func (e *UnmarshalTypeError) Error() string { - return fmt.Sprintf("unmarshal failed, cannot unmarshal %s into Go value type %s", - e.Value, e.Type.String()) -} - -// An InvalidUnmarshalError is an error type representing an invalid type -// encountered while unmarshaling a Smithy document to a Go value type. -type InvalidUnmarshalError struct { - Type reflect.Type -} - -// Error returns the string representation of the error. -// Satisfying the error interface. -func (e *InvalidUnmarshalError) Error() string { - var msg string - if e.Type == nil { - msg = "cannot unmarshal to nil value" - } else if e.Type.Kind() != reflect.Ptr { - msg = fmt.Sprintf("cannot unmarshal to non-pointer value, got %s", e.Type.String()) - } else { - msg = fmt.Sprintf("cannot unmarshal to nil value, %s", e.Type.String()) - } - - return fmt.Sprintf("unmarshal failed, %s", msg) -} - -// An UnmarshalError wraps an error that occurred while unmarshaling a -// Smithy document into a Go type. This is different from -// UnmarshalTypeError in that it wraps the underlying error that occurred. -type UnmarshalError struct { - Err error - Value string - Type reflect.Type -} - -// Unwrap returns the underlying unmarshaling error -func (e *UnmarshalError) Unwrap() error { - return e.Err -} - -// Error returns the string representation of the error. -// Satisfying the error interface. -func (e *UnmarshalError) Error() string { - return fmt.Sprintf("unmarshal failed, cannot unmarshal %q into %s, %v", - e.Value, e.Type.String(), e.Err) -} - -// An InvalidMarshalError is an error type representing an error -// occurring when marshaling a Go value type. -type InvalidMarshalError struct { - Message string -} - -// Error returns the string representation of the error. -// Satisfying the error interface. -func (e *InvalidMarshalError) Error() string { - return fmt.Sprintf("marshal failed, %s", e.Message) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/doc.go b/vendor/github.com/aws/smithy-go/encoding/doc.go deleted file mode 100644 index 792fdfa0..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/doc.go +++ /dev/null @@ -1,4 +0,0 @@ -// Package encoding provides utilities for encoding values for specific -// document encodings. - -package encoding diff --git a/vendor/github.com/aws/smithy-go/encoding/encoding.go b/vendor/github.com/aws/smithy-go/encoding/encoding.go deleted file mode 100644 index 2fdfb522..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/encoding.go +++ /dev/null @@ -1,40 +0,0 @@ -package encoding - -import ( - "fmt" - "math" - "strconv" -) - -// EncodeFloat encodes a float value as per the stdlib encoder for json and xml protocol -// This encodes a float value into dst while attempting to conform to ES6 ToString for Numbers -// -// Based on encoding/json floatEncoder from the Go Standard Library -// https://golang.org/src/encoding/json/encode.go -func EncodeFloat(dst []byte, v float64, bits int) []byte { - if math.IsInf(v, 0) || math.IsNaN(v) { - panic(fmt.Sprintf("invalid float value: %s", strconv.FormatFloat(v, 'g', -1, bits))) - } - - abs := math.Abs(v) - fmt := byte('f') - - if abs != 0 { - if bits == 64 && (abs < 1e-6 || abs >= 1e21) || bits == 32 && (float32(abs) < 1e-6 || float32(abs) >= 1e21) { - fmt = 'e' - } - } - - dst = strconv.AppendFloat(dst, v, fmt, -1, bits) - - if fmt == 'e' { - // clean up e-09 to e-9 - n := len(dst) - if n >= 4 && dst[n-4] == 'e' && dst[n-3] == '-' && dst[n-2] == '0' { - dst[n-2] = dst[n-1] - dst = dst[:n-1] - } - } - - return dst -} diff --git a/vendor/github.com/aws/smithy-go/encoding/httpbinding/encode.go b/vendor/github.com/aws/smithy-go/encoding/httpbinding/encode.go deleted file mode 100644 index 543e7cf0..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/httpbinding/encode.go +++ /dev/null @@ -1,123 +0,0 @@ -package httpbinding - -import ( - "fmt" - "net/http" - "net/url" - "strconv" - "strings" -) - -const ( - contentLengthHeader = "Content-Length" - floatNaN = "NaN" - floatInfinity = "Infinity" - floatNegInfinity = "-Infinity" -) - -// An Encoder provides encoding of REST URI path, query, and header components -// of an HTTP request. Can also encode a stream as the payload. -// -// Does not support SetFields. -type Encoder struct { - path, rawPath, pathBuffer []byte - - query url.Values - header http.Header -} - -// NewEncoder creates a new encoder from the passed in request. It assumes that -// raw path contains no valuable information at this point, so it passes in path -// as path and raw path for subsequent trans -func NewEncoder(path, query string, headers http.Header) (*Encoder, error) { - return NewEncoderWithRawPath(path, path, query, headers) -} - -// NewHTTPBindingEncoder creates a new encoder from the passed in request. All query and -// header values will be added on top of the request's existing values. Overwriting -// duplicate values. -func NewEncoderWithRawPath(path, rawPath, query string, headers http.Header) (*Encoder, error) { - parseQuery, err := url.ParseQuery(query) - if err != nil { - return nil, fmt.Errorf("failed to parse query string: %w", err) - } - - e := &Encoder{ - path: []byte(path), - rawPath: []byte(rawPath), - query: parseQuery, - header: headers.Clone(), - } - - return e, nil -} - -// Encode returns a REST protocol encoder for encoding HTTP bindings. -// -// Due net/http requiring `Content-Length` to be specified on the http.Request#ContentLength directly. Encode -// will look for whether the header is present, and if so will remove it and set the respective value on http.Request. -// -// Returns any error occurring during encoding. -func (e *Encoder) Encode(req *http.Request) (*http.Request, error) { - req.URL.Path, req.URL.RawPath = string(e.path), string(e.rawPath) - req.URL.RawQuery = e.query.Encode() - - // net/http ignores Content-Length header and requires it to be set on http.Request - if v := e.header.Get(contentLengthHeader); len(v) > 0 { - iv, err := strconv.ParseInt(v, 10, 64) - if err != nil { - return nil, err - } - req.ContentLength = iv - e.header.Del(contentLengthHeader) - } - - req.Header = e.header - - return req, nil -} - -// AddHeader returns a HeaderValue for appending to the given header name -func (e *Encoder) AddHeader(key string) HeaderValue { - return newHeaderValue(e.header, key, true) -} - -// SetHeader returns a HeaderValue for setting the given header name -func (e *Encoder) SetHeader(key string) HeaderValue { - return newHeaderValue(e.header, key, false) -} - -// Headers returns a Header used for encoding headers with the given prefix -func (e *Encoder) Headers(prefix string) Headers { - return Headers{ - header: e.header, - prefix: strings.TrimSpace(prefix), - } -} - -// HasHeader returns if a header with the key specified exists with one or -// more value. -func (e Encoder) HasHeader(key string) bool { - return len(e.header[key]) != 0 -} - -// SetURI returns a URIValue used for setting the given path key -func (e *Encoder) SetURI(key string) URIValue { - return newURIValue(&e.path, &e.rawPath, &e.pathBuffer, key) -} - -// SetQuery returns a QueryValue used for setting the given query key -func (e *Encoder) SetQuery(key string) QueryValue { - return NewQueryValue(e.query, key, false) -} - -// AddQuery returns a QueryValue used for appending the given query key -func (e *Encoder) AddQuery(key string) QueryValue { - return NewQueryValue(e.query, key, true) -} - -// HasQuery returns if a query with the key specified exists with one or -// more values. -func (e *Encoder) HasQuery(key string) bool { - return len(e.query.Get(key)) != 0 -} diff --git a/vendor/github.com/aws/smithy-go/encoding/httpbinding/header.go b/vendor/github.com/aws/smithy-go/encoding/httpbinding/header.go deleted file mode 100644 index f9256e17..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/httpbinding/header.go +++ /dev/null @@ -1,122 +0,0 @@ -package httpbinding - -import ( - "encoding/base64" - "math" - "math/big" - "net/http" - "strconv" - "strings" -) - -// Headers is used to encode header keys using a provided prefix -type Headers struct { - header http.Header - prefix string -} - -// AddHeader returns a HeaderValue used to append values to prefix+key -func (h Headers) AddHeader(key string) HeaderValue { - return h.newHeaderValue(key, true) -} - -// SetHeader returns a HeaderValue used to set the value of prefix+key -func (h Headers) SetHeader(key string) HeaderValue { - return h.newHeaderValue(key, false) -} - -func (h Headers) newHeaderValue(key string, append bool) HeaderValue { - return newHeaderValue(h.header, h.prefix+strings.TrimSpace(key), append) -} - -// HeaderValue is used to encode values to an HTTP header -type HeaderValue struct { - header http.Header - key string - append bool -} - -func newHeaderValue(header http.Header, key string, append bool) HeaderValue { - return HeaderValue{header: header, key: strings.TrimSpace(key), append: append} -} - -func (h HeaderValue) modifyHeader(value string) { - if h.append { - h.header[h.key] = append(h.header[h.key], value) - } else { - h.header[h.key] = append(h.header[h.key][:0], value) - } -} - -// String encodes the value v as the header string value -func (h HeaderValue) String(v string) { - h.modifyHeader(v) -} - -// Byte encodes the value v as a query string value -func (h HeaderValue) Byte(v int8) { - h.Long(int64(v)) -} - -// Short encodes the value v as a query string value -func (h HeaderValue) Short(v int16) { - h.Long(int64(v)) -} - -// Integer encodes the value v as the header string value -func (h HeaderValue) Integer(v int32) { - h.Long(int64(v)) -} - -// Long encodes the value v as the header string value -func (h HeaderValue) Long(v int64) { - h.modifyHeader(strconv.FormatInt(v, 10)) -} - -// Boolean encodes the value v as a query string value -func (h HeaderValue) Boolean(v bool) { - h.modifyHeader(strconv.FormatBool(v)) -} - -// Float encodes the value v as a query string value -func (h HeaderValue) Float(v float32) { - h.float(float64(v), 32) -} - -// Double encodes the value v as a query string value -func (h HeaderValue) Double(v float64) { - h.float(v, 64) -} - -func (h HeaderValue) float(v float64, bitSize int) { - switch { - case math.IsNaN(v): - h.String(floatNaN) - case math.IsInf(v, 1): - h.String(floatInfinity) - case math.IsInf(v, -1): - h.String(floatNegInfinity) - default: - h.modifyHeader(strconv.FormatFloat(v, 'f', -1, bitSize)) - } -} - -// BigInteger encodes the value v as a query string value -func (h HeaderValue) BigInteger(v *big.Int) { - h.modifyHeader(v.String()) -} - -// BigDecimal encodes the value v as a query string value -func (h HeaderValue) BigDecimal(v *big.Float) { - if i, accuracy := v.Int64(); accuracy == big.Exact { - h.Long(i) - return - } - h.modifyHeader(v.Text('e', -1)) -} - -// Blob encodes the value v as a base64 header string value -func (h HeaderValue) Blob(v []byte) { - encodeToString := base64.StdEncoding.EncodeToString(v) - h.modifyHeader(encodeToString) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/httpbinding/path_replace.go b/vendor/github.com/aws/smithy-go/encoding/httpbinding/path_replace.go deleted file mode 100644 index 9ae30854..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/httpbinding/path_replace.go +++ /dev/null @@ -1,108 +0,0 @@ -package httpbinding - -import ( - "bytes" - "fmt" -) - -const ( - uriTokenStart = '{' - uriTokenStop = '}' - uriTokenSkip = '+' -) - -func bufCap(b []byte, n int) []byte { - if cap(b) < n { - return make([]byte, 0, n) - } - - return b[0:0] -} - -// replacePathElement replaces a single element in the path []byte. -// Escape is used to control whether the value will be escaped using Amazon path escape style. -func replacePathElement(path, fieldBuf []byte, key, val string, escape bool) ([]byte, []byte, error) { - // search for "{}". If not found, search for the greedy version "{+}". If none are found, return error - fieldBuf = bufCap(fieldBuf, len(key)+2) // { } - fieldBuf = append(fieldBuf, uriTokenStart) - fieldBuf = append(fieldBuf, key...) - fieldBuf = append(fieldBuf, uriTokenStop) - - start := bytes.Index(path, fieldBuf) - encodeSep := true - if start < 0 { - fieldBuf = bufCap(fieldBuf, len(key)+3) // { [+] } - fieldBuf = append(fieldBuf, uriTokenStart) - fieldBuf = append(fieldBuf, key...) - fieldBuf = append(fieldBuf, uriTokenSkip) - fieldBuf = append(fieldBuf, uriTokenStop) - - start = bytes.Index(path, fieldBuf) - if start < 0 { - return path, fieldBuf, fmt.Errorf("invalid path index, start=%d. %s", start, path) - } - encodeSep = false - } - end := start + len(fieldBuf) - - if escape { - val = EscapePath(val, encodeSep) - } - - fieldBuf = bufCap(fieldBuf, len(val)) - fieldBuf = append(fieldBuf, val...) - - keyLen := end - start - valLen := len(fieldBuf) - - if keyLen == valLen { - copy(path[start:], fieldBuf) - return path, fieldBuf, nil - } - - newLen := len(path) + (valLen - keyLen) - if len(path) < newLen { - path = path[:cap(path)] - } - if cap(path) < newLen { - newURI := make([]byte, newLen) - copy(newURI, path) - path = newURI - } - - // shift - copy(path[start+valLen:], path[end:]) - path = path[:newLen] - copy(path[start:], fieldBuf) - - return path, fieldBuf, nil -} - -// EscapePath escapes part of a URL path in Amazon style. -func EscapePath(path string, encodeSep bool) string { - var buf bytes.Buffer - for i := 0; i < len(path); i++ { - c := path[i] - if noEscape[c] || (c == '/' && !encodeSep) { - buf.WriteByte(c) - } else { - fmt.Fprintf(&buf, "%%%02X", c) - } - } - return buf.String() -} - -var noEscape [256]bool - -func init() { - for i := 0; i < len(noEscape); i++ { - // AWS expects every character except these to be escaped - noEscape[i] = (i >= 'A' && i <= 'Z') || - (i >= 'a' && i <= 'z') || - (i >= '0' && i <= '9') || - i == '-' || - i == '.' || - i == '_' || - i == '~' - } -} diff --git a/vendor/github.com/aws/smithy-go/encoding/httpbinding/query.go b/vendor/github.com/aws/smithy-go/encoding/httpbinding/query.go deleted file mode 100644 index c2e7d0a2..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/httpbinding/query.go +++ /dev/null @@ -1,107 +0,0 @@ -package httpbinding - -import ( - "encoding/base64" - "math" - "math/big" - "net/url" - "strconv" -) - -// QueryValue is used to encode query key values -type QueryValue struct { - query url.Values - key string - append bool -} - -// NewQueryValue creates a new QueryValue which enables encoding -// a query value into the given url.Values. -func NewQueryValue(query url.Values, key string, append bool) QueryValue { - return QueryValue{ - query: query, - key: key, - append: append, - } -} - -func (qv QueryValue) updateKey(value string) { - if qv.append { - qv.query.Add(qv.key, value) - } else { - qv.query.Set(qv.key, value) - } -} - -// Blob encodes v as a base64 query string value -func (qv QueryValue) Blob(v []byte) { - encodeToString := base64.StdEncoding.EncodeToString(v) - qv.updateKey(encodeToString) -} - -// Boolean encodes v as a query string value -func (qv QueryValue) Boolean(v bool) { - qv.updateKey(strconv.FormatBool(v)) -} - -// String encodes v as a query string value -func (qv QueryValue) String(v string) { - qv.updateKey(v) -} - -// Byte encodes v as a query string value -func (qv QueryValue) Byte(v int8) { - qv.Long(int64(v)) -} - -// Short encodes v as a query string value -func (qv QueryValue) Short(v int16) { - qv.Long(int64(v)) -} - -// Integer encodes v as a query string value -func (qv QueryValue) Integer(v int32) { - qv.Long(int64(v)) -} - -// Long encodes v as a query string value -func (qv QueryValue) Long(v int64) { - qv.updateKey(strconv.FormatInt(v, 10)) -} - -// Float encodes v as a query string value -func (qv QueryValue) Float(v float32) { - qv.float(float64(v), 32) -} - -// Double encodes v as a query string value -func (qv QueryValue) Double(v float64) { - qv.float(v, 64) -} - -func (qv QueryValue) float(v float64, bitSize int) { - switch { - case math.IsNaN(v): - qv.String(floatNaN) - case math.IsInf(v, 1): - qv.String(floatInfinity) - case math.IsInf(v, -1): - qv.String(floatNegInfinity) - default: - qv.updateKey(strconv.FormatFloat(v, 'f', -1, bitSize)) - } -} - -// BigInteger encodes v as a query string value -func (qv QueryValue) BigInteger(v *big.Int) { - qv.updateKey(v.String()) -} - -// BigDecimal encodes v as a query string value -func (qv QueryValue) BigDecimal(v *big.Float) { - if i, accuracy := v.Int64(); accuracy == big.Exact { - qv.Long(i) - return - } - qv.updateKey(v.Text('e', -1)) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/httpbinding/uri.go b/vendor/github.com/aws/smithy-go/encoding/httpbinding/uri.go deleted file mode 100644 index f04e1198..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/httpbinding/uri.go +++ /dev/null @@ -1,111 +0,0 @@ -package httpbinding - -import ( - "math" - "math/big" - "strconv" - "strings" -) - -// URIValue is used to encode named URI parameters -type URIValue struct { - path, rawPath, buffer *[]byte - - key string -} - -func newURIValue(path *[]byte, rawPath *[]byte, buffer *[]byte, key string) URIValue { - return URIValue{path: path, rawPath: rawPath, buffer: buffer, key: key} -} - -func (u URIValue) modifyURI(value string) (err error) { - *u.path, *u.buffer, err = replacePathElement(*u.path, *u.buffer, u.key, value, false) - if err != nil { - return err - } - *u.rawPath, *u.buffer, err = replacePathElement(*u.rawPath, *u.buffer, u.key, value, true) - return err -} - -// Boolean encodes v as a URI string value -func (u URIValue) Boolean(v bool) error { - return u.modifyURI(strconv.FormatBool(v)) -} - -// String encodes v as a URI string value -func (u URIValue) String(v string) error { - return u.modifyURI(v) -} - -// Byte encodes v as a URI string value -func (u URIValue) Byte(v int8) error { - return u.Long(int64(v)) -} - -// Short encodes v as a URI string value -func (u URIValue) Short(v int16) error { - return u.Long(int64(v)) -} - -// Integer encodes v as a URI string value -func (u URIValue) Integer(v int32) error { - return u.Long(int64(v)) -} - -// Long encodes v as a URI string value -func (u URIValue) Long(v int64) error { - return u.modifyURI(strconv.FormatInt(v, 10)) -} - -// Float encodes v as a query string value -func (u URIValue) Float(v float32) error { - return u.float(float64(v), 32) -} - -// Double encodes v as a query string value -func (u URIValue) Double(v float64) error { - return u.float(v, 64) -} - -func (u URIValue) float(v float64, bitSize int) error { - switch { - case math.IsNaN(v): - return u.String(floatNaN) - case math.IsInf(v, 1): - return u.String(floatInfinity) - case math.IsInf(v, -1): - return u.String(floatNegInfinity) - default: - return u.modifyURI(strconv.FormatFloat(v, 'f', -1, bitSize)) - } -} - -// BigInteger encodes v as a query string value -func (u URIValue) BigInteger(v *big.Int) error { - return u.modifyURI(v.String()) -} - -// BigDecimal encodes v as a query string value -func (u URIValue) BigDecimal(v *big.Float) error { - if i, accuracy := v.Int64(); accuracy == big.Exact { - return u.Long(i) - } - return u.modifyURI(v.Text('e', -1)) -} - -// SplitURI parses a Smithy HTTP binding trait URI -func SplitURI(uri string) (path, query string) { - queryStart := strings.IndexRune(uri, '?') - if queryStart == -1 { - path = uri - return path, query - } - - path = uri[:queryStart] - if queryStart+1 >= len(uri) { - return path, query - } - query = uri[queryStart+1:] - - return path, query -} diff --git a/vendor/github.com/aws/smithy-go/encoding/json/array.go b/vendor/github.com/aws/smithy-go/encoding/json/array.go deleted file mode 100644 index 7a232f66..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/json/array.go +++ /dev/null @@ -1,35 +0,0 @@ -package json - -import ( - "bytes" -) - -// Array represents the encoding of a JSON Array -type Array struct { - w *bytes.Buffer - writeComma bool - scratch *[]byte -} - -func newArray(w *bytes.Buffer, scratch *[]byte) *Array { - w.WriteRune(leftBracket) - return &Array{w: w, scratch: scratch} -} - -// Value adds a new element to the JSON Array. -// Returns a Value type that is used to encode -// the array element. -func (a *Array) Value() Value { - if a.writeComma { - a.w.WriteRune(comma) - } else { - a.writeComma = true - } - - return newValue(a.w, a.scratch) -} - -// Close encodes the end of the JSON Array -func (a *Array) Close() { - a.w.WriteRune(rightBracket) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/json/constants.go b/vendor/github.com/aws/smithy-go/encoding/json/constants.go deleted file mode 100644 index 91044092..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/json/constants.go +++ /dev/null @@ -1,15 +0,0 @@ -package json - -const ( - leftBrace = '{' - rightBrace = '}' - - leftBracket = '[' - rightBracket = ']' - - comma = ',' - quote = '"' - colon = ':' - - null = "null" -) diff --git a/vendor/github.com/aws/smithy-go/encoding/json/decoder_util.go b/vendor/github.com/aws/smithy-go/encoding/json/decoder_util.go deleted file mode 100644 index 7050c85b..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/json/decoder_util.go +++ /dev/null @@ -1,139 +0,0 @@ -package json - -import ( - "bytes" - "encoding/json" - "fmt" - "io" -) - -// DiscardUnknownField discards unknown fields from a decoder body. -// This function is useful while deserializing a JSON body with additional -// unknown information that should be discarded. -func DiscardUnknownField(decoder *json.Decoder) error { - // This deliberately does not share logic with CollectUnknownField, even - // though it could, because if we were to delegate to that then we'd incur - // extra allocations and general memory usage. - v, err := decoder.Token() - if err == io.EOF { - return nil - } - if err != nil { - return err - } - - if _, ok := v.(json.Delim); ok { - for decoder.More() { - err = DiscardUnknownField(decoder) - } - endToken, err := decoder.Token() - if err != nil { - return err - } - if _, ok := endToken.(json.Delim); !ok { - return fmt.Errorf("invalid JSON : expected json delimiter, found %T %v", - endToken, endToken) - } - } - - return nil -} - -// CollectUnknownField grabs the contents of unknown fields from the decoder body -// and returns them as a byte slice. This is useful for skipping unknown fields without -// completely discarding them. -func CollectUnknownField(decoder *json.Decoder) ([]byte, error) { - result, err := collectUnknownField(decoder) - if err != nil { - return nil, err - } - - buff := bytes.NewBuffer(nil) - encoder := json.NewEncoder(buff) - - if err := encoder.Encode(result); err != nil { - return nil, err - } - - return buff.Bytes(), nil -} - -func collectUnknownField(decoder *json.Decoder) (interface{}, error) { - // Grab the initial value. This could either be a concrete value like a string or a a - // delimiter. - token, err := decoder.Token() - if err == io.EOF { - return nil, nil - } - if err != nil { - return nil, err - } - - // If it's an array or object, we'll need to recurse. - delim, ok := token.(json.Delim) - if ok { - var result interface{} - if delim == '{' { - result, err = collectUnknownObject(decoder) - if err != nil { - return nil, err - } - } else { - result, err = collectUnknownArray(decoder) - if err != nil { - return nil, err - } - } - - // Discard the closing token. decoder.Token handles checking for matching delimiters - if _, err := decoder.Token(); err != nil { - return nil, err - } - return result, nil - } - - return token, nil -} - -func collectUnknownArray(decoder *json.Decoder) ([]interface{}, error) { - // We need to create an empty array here instead of a nil array, since by getting - // into this function at all we necessarily have seen a non-nil list. - array := []interface{}{} - - for decoder.More() { - value, err := collectUnknownField(decoder) - if err != nil { - return nil, err - } - array = append(array, value) - } - - return array, nil -} - -func collectUnknownObject(decoder *json.Decoder) (map[string]interface{}, error) { - object := make(map[string]interface{}) - - for decoder.More() { - key, err := collectUnknownField(decoder) - if err != nil { - return nil, err - } - - // Keys have to be strings, which is particularly important as the encoder - // won't except a map with interface{} keys - stringKey, ok := key.(string) - if !ok { - return nil, fmt.Errorf("expected string key, found %T", key) - } - - value, err := collectUnknownField(decoder) - if err != nil { - return nil, err - } - - object[stringKey] = value - } - - return object, nil -} diff --git a/vendor/github.com/aws/smithy-go/encoding/json/encoder.go b/vendor/github.com/aws/smithy-go/encoding/json/encoder.go deleted file mode 100644 index 8772953f..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/json/encoder.go +++ /dev/null @@ -1,30 +0,0 @@ -package json - -import ( - "bytes" -) - -// Encoder is JSON encoder that supports construction of JSON values -// using methods. -type Encoder struct { - w *bytes.Buffer - Value -} - -// NewEncoder returns a new JSON encoder -func NewEncoder() *Encoder { - writer := bytes.NewBuffer(nil) - scratch := make([]byte, 64) - - return &Encoder{w: writer, Value: newValue(writer, &scratch)} -} - -// String returns the String output of the JSON encoder -func (e Encoder) String() string { - return e.w.String() -} - -// Bytes returns the []byte slice of the JSON encoder -func (e Encoder) Bytes() []byte { - return e.w.Bytes() -} diff --git a/vendor/github.com/aws/smithy-go/encoding/json/escape.go b/vendor/github.com/aws/smithy-go/encoding/json/escape.go deleted file mode 100644 index d984d0cd..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/json/escape.go +++ /dev/null @@ -1,198 +0,0 @@ -// Copyright 2016 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Copied and modified from Go 1.8 stdlib's encoding/json/#safeSet - -package json - -import ( - "bytes" - "unicode/utf8" -) - -// safeSet holds the value true if the ASCII character with the given array -// position can be represented inside a JSON string without any further -// escaping. -// -// All values are true except for the ASCII control characters (0-31), the -// double quote ("), and the backslash character ("\"). -var safeSet = [utf8.RuneSelf]bool{ - ' ': true, - '!': true, - '"': false, - '#': true, - '$': true, - '%': true, - '&': true, - '\'': true, - '(': true, - ')': true, - '*': true, - '+': true, - ',': true, - '-': true, - '.': true, - '/': true, - '0': true, - '1': true, - '2': true, - '3': true, - '4': true, - '5': true, - '6': true, - '7': true, - '8': true, - '9': true, - ':': true, - ';': true, - '<': true, - '=': true, - '>': true, - '?': true, - '@': true, - 'A': true, - 'B': true, - 'C': true, - 'D': true, - 'E': true, - 'F': true, - 'G': true, - 'H': true, - 'I': true, - 'J': true, - 'K': true, - 'L': true, - 'M': true, - 'N': true, - 'O': true, - 'P': true, - 'Q': true, - 'R': true, - 'S': true, - 'T': true, - 'U': true, - 'V': true, - 'W': true, - 'X': true, - 'Y': true, - 'Z': true, - '[': true, - '\\': false, - ']': true, - '^': true, - '_': true, - '`': true, - 'a': true, - 'b': true, - 'c': true, - 'd': true, - 'e': true, - 'f': true, - 'g': true, - 'h': true, - 'i': true, - 'j': true, - 'k': true, - 'l': true, - 'm': true, - 'n': true, - 'o': true, - 'p': true, - 'q': true, - 'r': true, - 's': true, - 't': true, - 'u': true, - 'v': true, - 'w': true, - 'x': true, - 'y': true, - 'z': true, - '{': true, - '|': true, - '}': true, - '~': true, - '\u007f': true, -} - -// copied from Go 1.8 stdlib's encoding/json/#hex -var hex = "0123456789abcdef" - -// escapeStringBytes escapes and writes the passed in string bytes to the dst -// buffer -// -// Copied and modifed from Go 1.8 stdlib's encodeing/json/#encodeState.stringBytes -func escapeStringBytes(e *bytes.Buffer, s []byte) { - e.WriteByte('"') - start := 0 - for i := 0; i < len(s); { - if b := s[i]; b < utf8.RuneSelf { - if safeSet[b] { - i++ - continue - } - if start < i { - e.Write(s[start:i]) - } - switch b { - case '\\', '"': - e.WriteByte('\\') - e.WriteByte(b) - case '\n': - e.WriteByte('\\') - e.WriteByte('n') - case '\r': - e.WriteByte('\\') - e.WriteByte('r') - case '\t': - e.WriteByte('\\') - e.WriteByte('t') - default: - // This encodes bytes < 0x20 except for \t, \n and \r. - // If escapeHTML is set, it also escapes <, >, and & - // because they can lead to security holes when - // user-controlled strings are rendered into JSON - // and served to some browsers. - e.WriteString(`\u00`) - e.WriteByte(hex[b>>4]) - e.WriteByte(hex[b&0xF]) - } - i++ - start = i - continue - } - c, size := utf8.DecodeRune(s[i:]) - if c == utf8.RuneError && size == 1 { - if start < i { - e.Write(s[start:i]) - } - e.WriteString(`\ufffd`) - i += size - start = i - continue - } - // U+2028 is LINE SEPARATOR. - // U+2029 is PARAGRAPH SEPARATOR. - // They are both technically valid characters in JSON strings, - // but don't work in JSONP, which has to be evaluated as JavaScript, - // and can lead to security holes there. It is valid JSON to - // escape them, so we do so unconditionally. - // See http://timelessrepo.com/json-isnt-a-javascript-subset for discussion. - if c == '\u2028' || c == '\u2029' { - if start < i { - e.Write(s[start:i]) - } - e.WriteString(`\u202`) - e.WriteByte(hex[c&0xF]) - i += size - start = i - continue - } - i += size - } - if start < len(s) { - e.Write(s[start:]) - } - e.WriteByte('"') -} diff --git a/vendor/github.com/aws/smithy-go/encoding/json/object.go b/vendor/github.com/aws/smithy-go/encoding/json/object.go deleted file mode 100644 index 722346d0..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/json/object.go +++ /dev/null @@ -1,40 +0,0 @@ -package json - -import ( - "bytes" -) - -// Object represents the encoding of a JSON Object type -type Object struct { - w *bytes.Buffer - writeComma bool - scratch *[]byte -} - -func newObject(w *bytes.Buffer, scratch *[]byte) *Object { - w.WriteRune(leftBrace) - return &Object{w: w, scratch: scratch} -} - -func (o *Object) writeKey(key string) { - escapeStringBytes(o.w, []byte(key)) - o.w.WriteRune(colon) -} - -// Key adds the given named key to the JSON object. -// Returns a Value encoder that should be used to encode -// a JSON value type. -func (o *Object) Key(name string) Value { - if o.writeComma { - o.w.WriteRune(comma) - } else { - o.writeComma = true - } - o.writeKey(name) - return newValue(o.w, o.scratch) -} - -// Close encodes the end of the JSON Object -func (o *Object) Close() { - o.w.WriteRune(rightBrace) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/json/value.go b/vendor/github.com/aws/smithy-go/encoding/json/value.go deleted file mode 100644 index b41ff1e1..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/json/value.go +++ /dev/null @@ -1,149 +0,0 @@ -package json - -import ( - "bytes" - "encoding/base64" - "math/big" - "strconv" - - "github.com/aws/smithy-go/encoding" -) - -// Value represents a JSON Value type -// JSON Value types: Object, Array, String, Number, Boolean, and Null -type Value struct { - w *bytes.Buffer - scratch *[]byte -} - -// newValue returns a new Value encoder -func newValue(w *bytes.Buffer, scratch *[]byte) Value { - return Value{w: w, scratch: scratch} -} - -// String encodes v as a JSON string -func (jv Value) String(v string) { - escapeStringBytes(jv.w, []byte(v)) -} - -// Byte encodes v as a JSON number -func (jv Value) Byte(v int8) { - jv.Long(int64(v)) -} - -// Short encodes v as a JSON number -func (jv Value) Short(v int16) { - jv.Long(int64(v)) -} - -// Integer encodes v as a JSON number -func (jv Value) Integer(v int32) { - jv.Long(int64(v)) -} - -// Long encodes v as a JSON number -func (jv Value) Long(v int64) { - *jv.scratch = strconv.AppendInt((*jv.scratch)[:0], v, 10) - jv.w.Write(*jv.scratch) -} - -// ULong encodes v as a JSON number -func (jv Value) ULong(v uint64) { - *jv.scratch = strconv.AppendUint((*jv.scratch)[:0], v, 10) - jv.w.Write(*jv.scratch) -} - -// Float encodes v as a JSON number -func (jv Value) Float(v float32) { - jv.float(float64(v), 32) -} - -// Double encodes v as a JSON number -func (jv Value) Double(v float64) { - jv.float(v, 64) -} - -func (jv Value) float(v float64, bits int) { - *jv.scratch = encoding.EncodeFloat((*jv.scratch)[:0], v, bits) - jv.w.Write(*jv.scratch) -} - -// Boolean encodes v as a JSON boolean -func (jv Value) Boolean(v bool) { - *jv.scratch = strconv.AppendBool((*jv.scratch)[:0], v) - jv.w.Write(*jv.scratch) -} - -// Base64EncodeBytes writes v as a base64 value in JSON string -func (jv Value) Base64EncodeBytes(v []byte) { - encodeByteSlice(jv.w, (*jv.scratch)[:0], v) -} - -// Write writes v directly to the JSON document -func (jv Value) Write(v []byte) { - jv.w.Write(v) -} - -// Array returns a new Array encoder -func (jv Value) Array() *Array { - return newArray(jv.w, jv.scratch) -} - -// Object returns a new Object encoder -func (jv Value) Object() *Object { - return newObject(jv.w, jv.scratch) -} - -// Null encodes a null JSON value -func (jv Value) Null() { - jv.w.WriteString(null) -} - -// BigInteger encodes v as JSON value -func (jv Value) BigInteger(v *big.Int) { - jv.w.Write([]byte(v.Text(10))) -} - -// BigDecimal encodes v as JSON value -func (jv Value) BigDecimal(v *big.Float) { - if i, accuracy := v.Int64(); accuracy == big.Exact { - jv.Long(i) - return - } - // TODO: Should this try to match ES6 ToString similar to stdlib JSON? - jv.w.Write([]byte(v.Text('e', -1))) -} - -// Based on encoding/json encodeByteSlice from the Go Standard Library -// https://golang.org/src/encoding/json/encode.go -func encodeByteSlice(w *bytes.Buffer, scratch []byte, v []byte) { - if v == nil { - w.WriteString(null) - return - } - - w.WriteRune(quote) - - encodedLen := base64.StdEncoding.EncodedLen(len(v)) - if encodedLen <= len(scratch) { - // If the encoded bytes fit in e.scratch, avoid an extra - // allocation and use the cheaper Encoding.Encode. - dst := scratch[:encodedLen] - base64.StdEncoding.Encode(dst, v) - w.Write(dst) - } else if encodedLen <= 1024 { - // The encoded bytes are short enough to allocate for, and - // Encoding.Encode is still cheaper. - dst := make([]byte, encodedLen) - base64.StdEncoding.Encode(dst, v) - w.Write(dst) - } else { - // The encoded bytes are too long to cheaply allocate, and - // Encoding.Encode is no longer noticeably cheaper. - enc := base64.NewEncoder(base64.StdEncoding, w) - enc.Write(v) - enc.Close() - } - - w.WriteRune(quote) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/array.go b/vendor/github.com/aws/smithy-go/encoding/xml/array.go deleted file mode 100644 index 508f3c99..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/array.go +++ /dev/null @@ -1,49 +0,0 @@ -package xml - -// arrayMemberWrapper is the default member wrapper tag name for XML Array type -var arrayMemberWrapper = StartElement{ - Name: Name{Local: "member"}, -} - -// Array represents the encoding of a XML array type -type Array struct { - w writer - scratch *[]byte - - // member start element is the array member wrapper start element - memberStartElement StartElement - - // isFlattened indicates if the array is a flattened array. - isFlattened bool -} - -// newArray returns an array encoder. -// It also takes in the member start element, array start element. -// It takes in a isFlattened bool, indicating that an array is flattened array. -// -// A wrapped array ["value1", "value2"] is represented as -// `value1value2`. - -// A flattened array `someList: ["value1", "value2"]` is represented as -// `value1value2`. -func newArray(w writer, scratch *[]byte, memberStartElement StartElement, arrayStartElement StartElement, isFlattened bool) *Array { - var memberWrapper = memberStartElement - if isFlattened { - memberWrapper = arrayStartElement - } - - return &Array{ - w: w, - scratch: scratch, - memberStartElement: memberWrapper, - isFlattened: isFlattened, - } -} - -// Member adds a new member to the XML array. -// It returns a Value encoder. -func (a *Array) Member() Value { - v := newValue(a.w, a.scratch, a.memberStartElement) - v.isFlattened = a.isFlattened - return v -} diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/constants.go b/vendor/github.com/aws/smithy-go/encoding/xml/constants.go deleted file mode 100644 index ccee90a6..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/constants.go +++ /dev/null @@ -1,10 +0,0 @@ -package xml - -const ( - leftAngleBracket = '<' - rightAngleBracket = '>' - forwardSlash = '/' - colon = ':' - equals = '=' - quote = '"' -) diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/doc.go b/vendor/github.com/aws/smithy-go/encoding/xml/doc.go deleted file mode 100644 index f9200093..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/doc.go +++ /dev/null @@ -1,49 +0,0 @@ -/* -Package xml holds the XMl encoder utility. This utility is written in accordance to our design to delegate to -shape serializer function in which a xml.Value will be passed around. - -Resources followed: https://smithy.io/2.0/spec/protocol-traits.html#xml-bindings - -Member Element - -Member element should be used to encode xml shapes into xml elements except for flattened xml shapes. Member element -write their own element start tag. These elements should always be closed. - -Flattened Element - -Flattened element should be used to encode shapes marked with flattened trait into xml elements. Flattened element -do not write a start tag, and thus should not be closed. - -Simple types encoding - -All simple type methods on value such as String(), Long() etc; auto close the associated member element. - -Array - -Array returns the collection encoder. It has two modes, wrapped and flattened encoding. - -Wrapped arrays have two methods Array() and ArrayWithCustomName() which facilitate array member wrapping. -By default, a wrapped array members are wrapped with `member` named start element. - - appletree - -Flattened arrays rely on Value being marked as flattened. -If a shape is marked as flattened, Array() will use the shape element name as wrapper for array elements. - - appletree - -Map - -Map is the map encoder. It has two modes, wrapped and flattened encoding. - -Wrapped map has Array() method, which facilitate map member wrapping. -By default, a wrapped map members are wrapped with `entry` named start element. - - appletreesnowice - -Flattened map rely on Value being marked as flattened. -If a shape is marked as flattened, Map() will use the shape element name as wrapper for map entry elements. - - appletreesnowice -*/ -package xml diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/element.go b/vendor/github.com/aws/smithy-go/encoding/xml/element.go deleted file mode 100644 index ae84e799..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/element.go +++ /dev/null @@ -1,91 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Copied and modified from Go 1.14 stdlib's encoding/xml - -package xml - -// A Name represents an XML name (Local) annotated -// with a name space identifier (Space). -// In tokens returned by Decoder.Token, the Space identifier -// is given as a canonical URL, not the short prefix used -// in the document being parsed. -type Name struct { - Space, Local string -} - -// An Attr represents an attribute in an XML element (Name=Value). -type Attr struct { - Name Name - Value string -} - -/* -NewAttribute returns a pointer to an attribute. -It takes in a local name aka attribute name, and value -representing the attribute value. -*/ -func NewAttribute(local, value string) Attr { - return Attr{ - Name: Name{ - Local: local, - }, - Value: value, - } -} - -/* -NewNamespaceAttribute returns a pointer to an attribute. -It takes in a local name aka attribute name, and value -representing the attribute value. - -NewNamespaceAttribute appends `xmlns:` in front of namespace -prefix. - -For creating a name space attribute representing -`xmlns:prefix="http://example.com`, the breakdown would be: -local = "prefix" -value = "http://example.com" -*/ -func NewNamespaceAttribute(local, value string) Attr { - attr := NewAttribute(local, value) - - // default name space identifier - attr.Name.Space = "xmlns" - return attr -} - -// A StartElement represents an XML start element. -type StartElement struct { - Name Name - Attr []Attr -} - -// Copy creates a new copy of StartElement. -func (e StartElement) Copy() StartElement { - attrs := make([]Attr, len(e.Attr)) - copy(attrs, e.Attr) - e.Attr = attrs - return e -} - -// End returns the corresponding XML end element. -func (e StartElement) End() EndElement { - return EndElement{e.Name} -} - -// returns true if start element local name is empty -func (e StartElement) isZero() bool { - return len(e.Name.Local) == 0 -} - -// An EndElement represents an XML end element. -type EndElement struct { - Name Name -} - -// returns true if end element local name is empty -func (e EndElement) isZero() bool { - return len(e.Name.Local) == 0 -} diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/encoder.go b/vendor/github.com/aws/smithy-go/encoding/xml/encoder.go deleted file mode 100644 index 16fb3ddd..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/encoder.go +++ /dev/null @@ -1,51 +0,0 @@ -package xml - -// writer interface used by the xml encoder to write an encoded xml -// document in a writer. -type writer interface { - - // Write takes in a byte slice and returns number of bytes written and error - Write(p []byte) (n int, err error) - - // WriteRune takes in a rune and returns number of bytes written and error - WriteRune(r rune) (n int, err error) - - // WriteString takes in a string and returns number of bytes written and error - WriteString(s string) (n int, err error) - - // String method returns a string - String() string - - // Bytes return a byte slice. - Bytes() []byte -} - -// Encoder is an XML encoder that supports construction of XML values -// using methods. The encoder takes in a writer and maintains a scratch buffer. -type Encoder struct { - w writer - scratch *[]byte -} - -// NewEncoder returns an XML encoder -func NewEncoder(w writer) *Encoder { - scratch := make([]byte, 64) - - return &Encoder{w: w, scratch: &scratch} -} - -// String returns the string output of the XML encoder -func (e Encoder) String() string { - return e.w.String() -} - -// Bytes returns the []byte slice of the XML encoder -func (e Encoder) Bytes() []byte { - return e.w.Bytes() -} - -// RootElement builds a root element encoding -// It writes it's start element tag. The value should be closed. -func (e Encoder) RootElement(element StartElement) Value { - return newValue(e.w, e.scratch, element) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/error_utils.go b/vendor/github.com/aws/smithy-go/encoding/xml/error_utils.go deleted file mode 100644 index f3db6ccc..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/error_utils.go +++ /dev/null @@ -1,51 +0,0 @@ -package xml - -import ( - "encoding/xml" - "fmt" - "io" -) - -// ErrorComponents represents the error response fields -// that will be deserialized from an xml error response body -type ErrorComponents struct { - Code string - Message string -} - -// GetErrorResponseComponents returns the error fields from an xml error response body -func GetErrorResponseComponents(r io.Reader, noErrorWrapping bool) (ErrorComponents, error) { - if noErrorWrapping { - var errResponse noWrappedErrorResponse - if err := xml.NewDecoder(r).Decode(&errResponse); err != nil && err != io.EOF { - return ErrorComponents{}, fmt.Errorf("error while deserializing xml error response: %w", err) - } - return ErrorComponents{ - Code: errResponse.Code, - Message: errResponse.Message, - }, nil - } - - var errResponse wrappedErrorResponse - if err := xml.NewDecoder(r).Decode(&errResponse); err != nil && err != io.EOF { - return ErrorComponents{}, fmt.Errorf("error while deserializing xml error response: %w", err) - } - return ErrorComponents{ - Code: errResponse.Code, - Message: errResponse.Message, - }, nil -} - -// noWrappedErrorResponse represents the error response body with -// no internal ... -type wrappedErrorResponse struct { - Code string `xml:"Error>Code"` - Message string `xml:"Error>Message"` -} diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/escape.go b/vendor/github.com/aws/smithy-go/encoding/xml/escape.go deleted file mode 100644 index 1c5479af..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/escape.go +++ /dev/null @@ -1,137 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Copied and modified from Go 1.14 stdlib's encoding/xml - -package xml - -import ( - "unicode/utf8" -) - -// Copied from Go 1.14 stdlib's encoding/xml -var ( - escQuot = []byte(""") // shorter than """ - escApos = []byte("'") // shorter than "'" - escAmp = []byte("&") - escLT = []byte("<") - escGT = []byte(">") - escTab = []byte(" ") - escNL = []byte(" ") - escCR = []byte(" ") - escFFFD = []byte("\uFFFD") // Unicode replacement character - - // Additional Escapes - escNextLine = []byte("…") - escLS = []byte("
") -) - -// Decide whether the given rune is in the XML Character Range, per -// the Char production of https://www.xml.com/axml/testaxml.htm, -// Section 2.2 Characters. -func isInCharacterRange(r rune) (inrange bool) { - return r == 0x09 || - r == 0x0A || - r == 0x0D || - r >= 0x20 && r <= 0xD7FF || - r >= 0xE000 && r <= 0xFFFD || - r >= 0x10000 && r <= 0x10FFFF -} - -// TODO: When do we need to escape the string? -// Based on encoding/xml escapeString from the Go Standard Library. -// https://golang.org/src/encoding/xml/xml.go -func escapeString(e writer, s string) { - var esc []byte - last := 0 - for i := 0; i < len(s); { - r, width := utf8.DecodeRuneInString(s[i:]) - i += width - switch r { - case '"': - esc = escQuot - case '\'': - esc = escApos - case '&': - esc = escAmp - case '<': - esc = escLT - case '>': - esc = escGT - case '\t': - esc = escTab - case '\n': - esc = escNL - case '\r': - esc = escCR - case '\u0085': - // Not escaped by stdlib - esc = escNextLine - case '\u2028': - // Not escaped by stdlib - esc = escLS - default: - if !isInCharacterRange(r) || (r == 0xFFFD && width == 1) { - esc = escFFFD - break - } - continue - } - e.WriteString(s[last : i-width]) - e.Write(esc) - last = i - } - e.WriteString(s[last:]) -} - -// escapeText writes to w the properly escaped XML equivalent -// of the plain text data s. If escapeNewline is true, newline -// characters will be escaped. -// -// Based on encoding/xml escapeText from the Go Standard Library. -// https://golang.org/src/encoding/xml/xml.go -func escapeText(e writer, s []byte) { - var esc []byte - last := 0 - for i := 0; i < len(s); { - r, width := utf8.DecodeRune(s[i:]) - i += width - switch r { - case '"': - esc = escQuot - case '\'': - esc = escApos - case '&': - esc = escAmp - case '<': - esc = escLT - case '>': - esc = escGT - case '\t': - esc = escTab - case '\n': - // This always escapes newline, which is different than stdlib's optional - // escape of new line. - esc = escNL - case '\r': - esc = escCR - case '\u0085': - // Not escaped by stdlib - esc = escNextLine - case '\u2028': - // Not escaped by stdlib - esc = escLS - default: - if !isInCharacterRange(r) || (r == 0xFFFD && width == 1) { - esc = escFFFD - break - } - continue - } - e.Write(s[last : i-width]) - e.Write(esc) - last = i - } - e.Write(s[last:]) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/map.go b/vendor/github.com/aws/smithy-go/encoding/xml/map.go deleted file mode 100644 index e4285896..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/map.go +++ /dev/null @@ -1,53 +0,0 @@ -package xml - -// mapEntryWrapper is the default member wrapper start element for XML Map entry -var mapEntryWrapper = StartElement{ - Name: Name{Local: "entry"}, -} - -// Map represents the encoding of a XML map type -type Map struct { - w writer - scratch *[]byte - - // member start element is the map entry wrapper start element - memberStartElement StartElement - - // isFlattened returns true if the map is a flattened map - isFlattened bool -} - -// newMap returns a map encoder which sets the default map -// entry wrapper to `entry`. -// -// A map `someMap : {{key:"abc", value:"123"}}` is represented as -// `abc123`. -func newMap(w writer, scratch *[]byte) *Map { - return &Map{ - w: w, - scratch: scratch, - memberStartElement: mapEntryWrapper, - } -} - -// newFlattenedMap returns a map encoder which sets the map -// entry wrapper to the passed in memberWrapper`. -// -// A flattened map `someMap : {{key:"abc", value:"123"}}` is represented as -// `abc123`. -func newFlattenedMap(w writer, scratch *[]byte, memberWrapper StartElement) *Map { - return &Map{ - w: w, - scratch: scratch, - memberStartElement: memberWrapper, - isFlattened: true, - } -} - -// Entry returns a Value encoder with map's element. -// It writes the member wrapper start tag for each entry. -func (m *Map) Entry() Value { - v := newValue(m.w, m.scratch, m.memberStartElement) - v.isFlattened = m.isFlattened - return v -} diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/value.go b/vendor/github.com/aws/smithy-go/encoding/xml/value.go deleted file mode 100644 index 09434b2c..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/value.go +++ /dev/null @@ -1,302 +0,0 @@ -package xml - -import ( - "encoding/base64" - "fmt" - "math/big" - "strconv" - - "github.com/aws/smithy-go/encoding" -) - -// Value represents an XML Value type -// XML Value types: Object, Array, Map, String, Number, Boolean. -type Value struct { - w writer - scratch *[]byte - - // xml start element is the associated start element for the Value - startElement StartElement - - // indicates if the Value represents a flattened shape - isFlattened bool -} - -// newFlattenedValue returns a Value encoder. newFlattenedValue does NOT write the start element tag -func newFlattenedValue(w writer, scratch *[]byte, startElement StartElement) Value { - return Value{ - w: w, - scratch: scratch, - startElement: startElement, - } -} - -// newValue writes the start element xml tag and returns a Value -func newValue(w writer, scratch *[]byte, startElement StartElement) Value { - writeStartElement(w, startElement) - return Value{w: w, scratch: scratch, startElement: startElement} -} - -// writeStartElement takes in a start element and writes it. -// It handles namespace, attributes in start element. -func writeStartElement(w writer, el StartElement) error { - if el.isZero() { - return fmt.Errorf("xml start element cannot be nil") - } - - w.WriteRune(leftAngleBracket) - - if len(el.Name.Space) != 0 { - escapeString(w, el.Name.Space) - w.WriteRune(colon) - } - escapeString(w, el.Name.Local) - for _, attr := range el.Attr { - w.WriteRune(' ') - writeAttribute(w, &attr) - } - - w.WriteRune(rightAngleBracket) - return nil -} - -// writeAttribute writes an attribute from a provided Attribute -// For a namespace attribute, the attr.Name.Space must be defined as "xmlns". -// https://www.w3.org/TR/REC-xml-names/#NT-DefaultAttName -func writeAttribute(w writer, attr *Attr) { - // if local, space both are not empty - if len(attr.Name.Space) != 0 && len(attr.Name.Local) != 0 { - escapeString(w, attr.Name.Space) - w.WriteRune(colon) - } - - // if prefix is empty, the default `xmlns` space should be used as prefix. - if len(attr.Name.Local) == 0 { - attr.Name.Local = attr.Name.Space - } - - escapeString(w, attr.Name.Local) - w.WriteRune(equals) - w.WriteRune(quote) - escapeString(w, attr.Value) - w.WriteRune(quote) -} - -// writeEndElement takes in a end element and writes it. -func writeEndElement(w writer, el EndElement) error { - if el.isZero() { - return fmt.Errorf("xml end element cannot be nil") - } - - w.WriteRune(leftAngleBracket) - w.WriteRune(forwardSlash) - - if len(el.Name.Space) != 0 { - escapeString(w, el.Name.Space) - w.WriteRune(colon) - } - escapeString(w, el.Name.Local) - w.WriteRune(rightAngleBracket) - - return nil -} - -// String encodes v as a XML string. -// It will auto close the parent xml element tag. -func (xv Value) String(v string) { - escapeString(xv.w, v) - xv.Close() -} - -// Byte encodes v as a XML number. -// It will auto close the parent xml element tag. -func (xv Value) Byte(v int8) { - xv.Long(int64(v)) -} - -// Short encodes v as a XML number. -// It will auto close the parent xml element tag. -func (xv Value) Short(v int16) { - xv.Long(int64(v)) -} - -// Integer encodes v as a XML number. -// It will auto close the parent xml element tag. -func (xv Value) Integer(v int32) { - xv.Long(int64(v)) -} - -// Long encodes v as a XML number. -// It will auto close the parent xml element tag. -func (xv Value) Long(v int64) { - *xv.scratch = strconv.AppendInt((*xv.scratch)[:0], v, 10) - xv.w.Write(*xv.scratch) - - xv.Close() -} - -// Float encodes v as a XML number. -// It will auto close the parent xml element tag. -func (xv Value) Float(v float32) { - xv.float(float64(v), 32) - xv.Close() -} - -// Double encodes v as a XML number. -// It will auto close the parent xml element tag. -func (xv Value) Double(v float64) { - xv.float(v, 64) - xv.Close() -} - -func (xv Value) float(v float64, bits int) { - *xv.scratch = encoding.EncodeFloat((*xv.scratch)[:0], v, bits) - xv.w.Write(*xv.scratch) -} - -// Boolean encodes v as a XML boolean. -// It will auto close the parent xml element tag. -func (xv Value) Boolean(v bool) { - *xv.scratch = strconv.AppendBool((*xv.scratch)[:0], v) - xv.w.Write(*xv.scratch) - - xv.Close() -} - -// Base64EncodeBytes writes v as a base64 value in XML string. -// It will auto close the parent xml element tag. -func (xv Value) Base64EncodeBytes(v []byte) { - encodeByteSlice(xv.w, (*xv.scratch)[:0], v) - xv.Close() -} - -// BigInteger encodes v big.Int as XML value. -// It will auto close the parent xml element tag. -func (xv Value) BigInteger(v *big.Int) { - xv.w.Write([]byte(v.Text(10))) - xv.Close() -} - -// BigDecimal encodes v big.Float as XML value. -// It will auto close the parent xml element tag. -func (xv Value) BigDecimal(v *big.Float) { - if i, accuracy := v.Int64(); accuracy == big.Exact { - xv.Long(i) - return - } - - xv.w.Write([]byte(v.Text('e', -1))) - xv.Close() -} - -// Write writes v directly to the xml document -// if escapeXMLText is set to true, write will escape text. -// It will auto close the parent xml element tag. -func (xv Value) Write(v []byte, escapeXMLText bool) { - // escape and write xml text - if escapeXMLText { - escapeText(xv.w, v) - } else { - // write xml directly - xv.w.Write(v) - } - - xv.Close() -} - -// MemberElement does member element encoding. It returns a Value. -// Member Element method should be used for all shapes except flattened shapes. -// -// A call to MemberElement will write nested element tags directly using the -// provided start element. The value returned by MemberElement should be closed. -func (xv Value) MemberElement(element StartElement) Value { - return newValue(xv.w, xv.scratch, element) -} - -// FlattenedElement returns flattened element encoding. It returns a Value. -// This method should be used for flattened shapes. -// -// Unlike MemberElement, flattened element will NOT write element tags -// directly for the associated start element. -// -// The value returned by the FlattenedElement does not need to be closed. -func (xv Value) FlattenedElement(element StartElement) Value { - v := newFlattenedValue(xv.w, xv.scratch, element) - v.isFlattened = true - return v -} - -// Array returns an array encoder. By default, the members of array are -// wrapped with `` element tag. -// If value is marked as flattened, the start element is used to wrap the members instead of -// the `` element. -func (xv Value) Array() *Array { - return newArray(xv.w, xv.scratch, arrayMemberWrapper, xv.startElement, xv.isFlattened) -} - -/* -ArrayWithCustomName returns an array encoder. - -It takes named start element as an argument, the named start element will used to wrap xml array entries. -for eg, `entry1` -Here `customName` named start element will be wrapped on each array member. -*/ -func (xv Value) ArrayWithCustomName(element StartElement) *Array { - return newArray(xv.w, xv.scratch, element, xv.startElement, xv.isFlattened) -} - -/* -Map returns a map encoder. By default, the map entries are -wrapped with `` element tag. - -If value is marked as flattened, the start element is used to wrap the entry instead of -the `` element. -*/ -func (xv Value) Map() *Map { - // flattened map - if xv.isFlattened { - return newFlattenedMap(xv.w, xv.scratch, xv.startElement) - } - - // un-flattened map - return newMap(xv.w, xv.scratch) -} - -// encodeByteSlice is modified copy of json encoder's encodeByteSlice. -// It is used to base64 encode a byte slice. -func encodeByteSlice(w writer, scratch []byte, v []byte) { - if v == nil { - return - } - - encodedLen := base64.StdEncoding.EncodedLen(len(v)) - if encodedLen <= len(scratch) { - // If the encoded bytes fit in e.scratch, avoid an extra - // allocation and use the cheaper Encoding.Encode. - dst := scratch[:encodedLen] - base64.StdEncoding.Encode(dst, v) - w.Write(dst) - } else if encodedLen <= 1024 { - // The encoded bytes are short enough to allocate for, and - // Encoding.Encode is still cheaper. - dst := make([]byte, encodedLen) - base64.StdEncoding.Encode(dst, v) - w.Write(dst) - } else { - // The encoded bytes are too long to cheaply allocate, and - // Encoding.Encode is no longer noticeably cheaper. - enc := base64.NewEncoder(base64.StdEncoding, w) - enc.Write(v) - enc.Close() - } -} - -// IsFlattened returns true if value is for flattened shape. -func (xv Value) IsFlattened() bool { - return xv.isFlattened -} - -// Close closes the value. -func (xv Value) Close() { - writeEndElement(xv.w, xv.startElement.End()) -} diff --git a/vendor/github.com/aws/smithy-go/encoding/xml/xml_decoder.go b/vendor/github.com/aws/smithy-go/encoding/xml/xml_decoder.go deleted file mode 100644 index dc4eebdf..00000000 --- a/vendor/github.com/aws/smithy-go/encoding/xml/xml_decoder.go +++ /dev/null @@ -1,154 +0,0 @@ -package xml - -import ( - "encoding/xml" - "fmt" - "strings" -) - -// NodeDecoder is a XML decoder wrapper that is responsible to decoding -// a single XML Node element and it's nested member elements. This wrapper decoder -// takes in the start element of the top level node being decoded. -type NodeDecoder struct { - Decoder *xml.Decoder - StartEl xml.StartElement -} - -// WrapNodeDecoder returns an initialized XMLNodeDecoder -func WrapNodeDecoder(decoder *xml.Decoder, startEl xml.StartElement) NodeDecoder { - return NodeDecoder{ - Decoder: decoder, - StartEl: startEl, - } -} - -// Token on a Node Decoder returns a xml StartElement. It returns a boolean that indicates the -// a token is the node decoder's end node token; and an error which indicates any error -// that occurred while retrieving the start element -func (d NodeDecoder) Token() (t xml.StartElement, done bool, err error) { - for { - token, e := d.Decoder.Token() - if e != nil { - return t, done, e - } - - // check if we reach end of the node being decoded - if el, ok := token.(xml.EndElement); ok { - return t, el == d.StartEl.End(), err - } - - if t, ok := token.(xml.StartElement); ok { - return restoreAttrNamespaces(t), false, err - } - - // skip token if it is a comment or preamble or empty space value due to indentation - // or if it's a value and is not expected - } -} - -// restoreAttrNamespaces update XML attributes to restore the short namespaces found within -// the raw XML document. -func restoreAttrNamespaces(node xml.StartElement) xml.StartElement { - if len(node.Attr) == 0 { - return node - } - - // Generate a mapping of XML namespace values to their short names. - ns := map[string]string{} - for _, a := range node.Attr { - if a.Name.Space == "xmlns" { - ns[a.Value] = a.Name.Local - break - } - } - - for i, a := range node.Attr { - if a.Name.Space == "xmlns" { - continue - } - // By default, xml.Decoder will fully resolve these namespaces. So if you had - // then by default the second attribute would have the `Name.Space` resolved to `baz`. But we need it to - // continue to resolve as `bar` so we can easily identify it later on. - if v, ok := ns[node.Attr[i].Name.Space]; ok { - node.Attr[i].Name.Space = v - } - } - return node -} - -// GetElement looks for the given tag name at the current level, and returns the element if found, and -// skipping over non-matching elements. Returns an error if the node is not found, or if an error occurs while walking -// the document. -func (d NodeDecoder) GetElement(name string) (t xml.StartElement, err error) { - for { - token, done, err := d.Token() - if err != nil { - return t, err - } - if done { - return t, fmt.Errorf("%s node not found", name) - } - switch { - case strings.EqualFold(name, token.Name.Local): - return token, nil - default: - err = d.Decoder.Skip() - if err != nil { - return t, err - } - } - } -} - -// Value provides an abstraction to retrieve char data value within an xml element. -// The method will return an error if it encounters a nested xml element instead of char data. -// This method should only be used to retrieve simple type or blob shape values as []byte. -func (d NodeDecoder) Value() (c []byte, err error) { - t, e := d.Decoder.Token() - if e != nil { - return c, e - } - - endElement := d.StartEl.End() - - switch ev := t.(type) { - case xml.CharData: - c = ev.Copy() - case xml.EndElement: // end tag or self-closing - if ev == endElement { - return []byte{}, err - } - return c, fmt.Errorf("expected value for %v element, got %T type %v instead", d.StartEl.Name.Local, t, t) - default: - return c, fmt.Errorf("expected value for %v element, got %T type %v instead", d.StartEl.Name.Local, t, t) - } - - t, e = d.Decoder.Token() - if e != nil { - return c, e - } - - if ev, ok := t.(xml.EndElement); ok { - if ev == endElement { - return c, err - } - } - - return c, fmt.Errorf("expected end element %v, got %T type %v instead", endElement, t, t) -} - -// FetchRootElement takes in a decoder and returns the first start element within the xml body. -// This function is useful in fetching the start element of an XML response and ignore the -// comments and preamble -func FetchRootElement(decoder *xml.Decoder) (startElement xml.StartElement, err error) { - for { - t, e := decoder.Token() - if e != nil { - return startElement, e - } - - if startElement, ok := t.(xml.StartElement); ok { - return startElement, err - } - } -} diff --git a/vendor/github.com/aws/smithy-go/endpoints/endpoint.go b/vendor/github.com/aws/smithy-go/endpoints/endpoint.go deleted file mode 100644 index a9352839..00000000 --- a/vendor/github.com/aws/smithy-go/endpoints/endpoint.go +++ /dev/null @@ -1,23 +0,0 @@ -package transport - -import ( - "net/http" - "net/url" - - "github.com/aws/smithy-go" -) - -// Endpoint is the endpoint object returned by Endpoint resolution V2 -type Endpoint struct { - // The complete URL minimally specfiying the scheme and host. - // May optionally specify the port and base path component. - URI url.URL - - // An optional set of headers to be sent using transport layer headers. - Headers http.Header - - // A grab-bag property map of endpoint attributes. The - // values present here are subject to change, or being add/removed at any - // time. - Properties smithy.Properties -} diff --git a/vendor/github.com/aws/smithy-go/errors.go b/vendor/github.com/aws/smithy-go/errors.go deleted file mode 100644 index d6948d02..00000000 --- a/vendor/github.com/aws/smithy-go/errors.go +++ /dev/null @@ -1,137 +0,0 @@ -package smithy - -import "fmt" - -// APIError provides the generic API and protocol agnostic error type all SDK -// generated exception types will implement. -type APIError interface { - error - - // ErrorCode returns the error code for the API exception. - ErrorCode() string - // ErrorMessage returns the error message for the API exception. - ErrorMessage() string - // ErrorFault returns the fault for the API exception. - ErrorFault() ErrorFault -} - -// GenericAPIError provides a generic concrete API error type that SDKs can use -// to deserialize error responses into. Should be used for unmodeled or untyped -// errors. -type GenericAPIError struct { - Code string - Message string - Fault ErrorFault -} - -// ErrorCode returns the error code for the API exception. -func (e *GenericAPIError) ErrorCode() string { return e.Code } - -// ErrorMessage returns the error message for the API exception. -func (e *GenericAPIError) ErrorMessage() string { return e.Message } - -// ErrorFault returns the fault for the API exception. -func (e *GenericAPIError) ErrorFault() ErrorFault { return e.Fault } - -func (e *GenericAPIError) Error() string { - return fmt.Sprintf("api error %s: %s", e.Code, e.Message) -} - -var _ APIError = (*GenericAPIError)(nil) - -// OperationError decorates an underlying error which occurred while invoking -// an operation with names of the operation and API. -type OperationError struct { - ServiceID string - OperationName string - Err error -} - -// Service returns the name of the API service the error occurred with. -func (e *OperationError) Service() string { return e.ServiceID } - -// Operation returns the name of the API operation the error occurred with. -func (e *OperationError) Operation() string { return e.OperationName } - -// Unwrap returns the nested error if any, or nil. -func (e *OperationError) Unwrap() error { return e.Err } - -func (e *OperationError) Error() string { - return fmt.Sprintf("operation error %s: %s, %v", e.ServiceID, e.OperationName, e.Err) -} - -// DeserializationError provides a wrapper for an error that occurs during -// deserialization. -type DeserializationError struct { - Err error // original error - Snapshot []byte -} - -// Error returns a formatted error for DeserializationError -func (e *DeserializationError) Error() string { - const msg = "deserialization failed" - if e.Err == nil { - return msg - } - return fmt.Sprintf("%s, %v", msg, e.Err) -} - -// Unwrap returns the underlying Error in DeserializationError -func (e *DeserializationError) Unwrap() error { return e.Err } - -// ErrorFault provides the type for a Smithy API error fault. -type ErrorFault int - -// ErrorFault enumeration values -const ( - FaultUnknown ErrorFault = iota - FaultServer - FaultClient -) - -func (f ErrorFault) String() string { - switch f { - case FaultServer: - return "server" - case FaultClient: - return "client" - default: - return "unknown" - } -} - -// SerializationError represents an error that occurred while attempting to serialize a request -type SerializationError struct { - Err error // original error -} - -// Error returns a formatted error for SerializationError -func (e *SerializationError) Error() string { - const msg = "serialization failed" - if e.Err == nil { - return msg - } - return fmt.Sprintf("%s: %v", msg, e.Err) -} - -// Unwrap returns the underlying Error in SerializationError -func (e *SerializationError) Unwrap() error { return e.Err } - -// CanceledError is the error that will be returned by an API request that was -// canceled. API operations given a Context may return this error when -// canceled. -type CanceledError struct { - Err error -} - -// CanceledError returns true to satisfy interfaces checking for canceled errors. -func (*CanceledError) CanceledError() bool { return true } - -// Unwrap returns the underlying error, if there was one. -func (e *CanceledError) Unwrap() error { - return e.Err -} - -func (e *CanceledError) Error() string { - return fmt.Sprintf("canceled, %v", e.Err) -} diff --git a/vendor/github.com/aws/smithy-go/go_module_metadata.go b/vendor/github.com/aws/smithy-go/go_module_metadata.go deleted file mode 100644 index a51ceca4..00000000 --- a/vendor/github.com/aws/smithy-go/go_module_metadata.go +++ /dev/null @@ -1,6 +0,0 @@ -// Code generated by internal/repotools/cmd/updatemodulemeta DO NOT EDIT. - -package smithy - -// goModuleVersion is the tagged release for this module -const goModuleVersion = "1.22.2" diff --git a/vendor/github.com/aws/smithy-go/internal/sync/singleflight/LICENSE b/vendor/github.com/aws/smithy-go/internal/sync/singleflight/LICENSE deleted file mode 100644 index fe6a6200..00000000 --- a/vendor/github.com/aws/smithy-go/internal/sync/singleflight/LICENSE +++ /dev/null @@ -1,28 +0,0 @@ -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - diff --git a/vendor/github.com/aws/smithy-go/internal/sync/singleflight/docs.go b/vendor/github.com/aws/smithy-go/internal/sync/singleflight/docs.go deleted file mode 100644 index 9c9d02b9..00000000 --- a/vendor/github.com/aws/smithy-go/internal/sync/singleflight/docs.go +++ /dev/null @@ -1,8 +0,0 @@ -// Package singleflight provides a duplicate function call suppression -// mechanism. This package is a fork of the Go golang.org/x/sync/singleflight -// package. The package is forked, because the package a part of the unstable -// and unversioned golang.org/x/sync module. -// -// https://github.com/golang/sync/tree/67f06af15bc961c363a7260195bcd53487529a21/singleflight - -package singleflight diff --git a/vendor/github.com/aws/smithy-go/internal/sync/singleflight/singleflight.go b/vendor/github.com/aws/smithy-go/internal/sync/singleflight/singleflight.go deleted file mode 100644 index e8a1b17d..00000000 --- a/vendor/github.com/aws/smithy-go/internal/sync/singleflight/singleflight.go +++ /dev/null @@ -1,210 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package singleflight - -import ( - "bytes" - "errors" - "fmt" - "runtime" - "runtime/debug" - "sync" -) - -// errGoexit indicates the runtime.Goexit was called in -// the user given function. -var errGoexit = errors.New("runtime.Goexit was called") - -// A panicError is an arbitrary value recovered from a panic -// with the stack trace during the execution of given function. -type panicError struct { - value interface{} - stack []byte -} - -// Error implements error interface. -func (p *panicError) Error() string { - return fmt.Sprintf("%v\n\n%s", p.value, p.stack) -} - -func newPanicError(v interface{}) error { - stack := debug.Stack() - - // The first line of the stack trace is of the form "goroutine N [status]:" - // but by the time the panic reaches Do the goroutine may no longer exist - // and its status will have changed. Trim out the misleading line. - if line := bytes.IndexByte(stack[:], '\n'); line >= 0 { - stack = stack[line+1:] - } - return &panicError{value: v, stack: stack} -} - -// call is an in-flight or completed singleflight.Do call -type call struct { - wg sync.WaitGroup - - // These fields are written once before the WaitGroup is done - // and are only read after the WaitGroup is done. - val interface{} - err error - - // forgotten indicates whether Forget was called with this call's key - // while the call was still in flight. - forgotten bool - - // These fields are read and written with the singleflight - // mutex held before the WaitGroup is done, and are read but - // not written after the WaitGroup is done. - dups int - chans []chan<- Result -} - -// Group represents a class of work and forms a namespace in -// which units of work can be executed with duplicate suppression. -type Group struct { - mu sync.Mutex // protects m - m map[string]*call // lazily initialized -} - -// Result holds the results of Do, so they can be passed -// on a channel. -type Result struct { - Val interface{} - Err error - Shared bool -} - -// Do executes and returns the results of the given function, making -// sure that only one execution is in-flight for a given key at a -// time. If a duplicate comes in, the duplicate caller waits for the -// original to complete and receives the same results. -// The return value shared indicates whether v was given to multiple callers. -func (g *Group) Do(key string, fn func() (interface{}, error)) (v interface{}, err error, shared bool) { - g.mu.Lock() - if g.m == nil { - g.m = make(map[string]*call) - } - if c, ok := g.m[key]; ok { - c.dups++ - g.mu.Unlock() - c.wg.Wait() - - if e, ok := c.err.(*panicError); ok { - panic(e) - } else if c.err == errGoexit { - runtime.Goexit() - } - return c.val, c.err, true - } - c := new(call) - c.wg.Add(1) - g.m[key] = c - g.mu.Unlock() - - g.doCall(c, key, fn) - return c.val, c.err, c.dups > 0 -} - -// DoChan is like Do but returns a channel that will receive the -// results when they are ready. -// -// The returned channel will not be closed. -func (g *Group) DoChan(key string, fn func() (interface{}, error)) <-chan Result { - ch := make(chan Result, 1) - g.mu.Lock() - if g.m == nil { - g.m = make(map[string]*call) - } - if c, ok := g.m[key]; ok { - c.dups++ - c.chans = append(c.chans, ch) - g.mu.Unlock() - return ch - } - c := &call{chans: []chan<- Result{ch}} - c.wg.Add(1) - g.m[key] = c - g.mu.Unlock() - - go g.doCall(c, key, fn) - - return ch -} - -// doCall handles the single call for a key. -func (g *Group) doCall(c *call, key string, fn func() (interface{}, error)) { - normalReturn := false - recovered := false - - // use double-defer to distinguish panic from runtime.Goexit, - // more details see https://golang.org/cl/134395 - defer func() { - // the given function invoked runtime.Goexit - if !normalReturn && !recovered { - c.err = errGoexit - } - - c.wg.Done() - g.mu.Lock() - defer g.mu.Unlock() - if !c.forgotten { - delete(g.m, key) - } - - if e, ok := c.err.(*panicError); ok { - // In order to prevent the waiting channels from being blocked forever, - // needs to ensure that this panic cannot be recovered. - if len(c.chans) > 0 { - go panic(e) - select {} // Keep this goroutine around so that it will appear in the crash dump. - } else { - panic(e) - } - } else if c.err == errGoexit { - // Already in the process of goexit, no need to call again - } else { - // Normal return - for _, ch := range c.chans { - ch <- Result{c.val, c.err, c.dups > 0} - } - } - }() - - func() { - defer func() { - if !normalReturn { - // Ideally, we would wait to take a stack trace until we've determined - // whether this is a panic or a runtime.Goexit. - // - // Unfortunately, the only way we can distinguish the two is to see - // whether the recover stopped the goroutine from terminating, and by - // the time we know that, the part of the stack trace relevant to the - // panic has been discarded. - if r := recover(); r != nil { - c.err = newPanicError(r) - } - } - }() - - c.val, c.err = fn() - normalReturn = true - }() - - if !normalReturn { - recovered = true - } -} - -// Forget tells the singleflight to forget about a key. Future calls -// to Do for this key will call the function rather than waiting for -// an earlier call to complete. -func (g *Group) Forget(key string) { - g.mu.Lock() - if c, ok := g.m[key]; ok { - c.forgotten = true - } - delete(g.m, key) - g.mu.Unlock() -} diff --git a/vendor/github.com/aws/smithy-go/io/byte.go b/vendor/github.com/aws/smithy-go/io/byte.go deleted file mode 100644 index f8417c15..00000000 --- a/vendor/github.com/aws/smithy-go/io/byte.go +++ /dev/null @@ -1,12 +0,0 @@ -package io - -const ( - // Byte is 8 bits - Byte int64 = 1 - // KibiByte (KiB) is 1024 Bytes - KibiByte = Byte * 1024 - // MebiByte (MiB) is 1024 KiB - MebiByte = KibiByte * 1024 - // GibiByte (GiB) is 1024 MiB - GibiByte = MebiByte * 1024 -) diff --git a/vendor/github.com/aws/smithy-go/io/doc.go b/vendor/github.com/aws/smithy-go/io/doc.go deleted file mode 100644 index a6a33eaf..00000000 --- a/vendor/github.com/aws/smithy-go/io/doc.go +++ /dev/null @@ -1,2 +0,0 @@ -// Package io provides utilities for Smithy generated API clients. -package io diff --git a/vendor/github.com/aws/smithy-go/io/reader.go b/vendor/github.com/aws/smithy-go/io/reader.go deleted file mode 100644 index 07063f29..00000000 --- a/vendor/github.com/aws/smithy-go/io/reader.go +++ /dev/null @@ -1,16 +0,0 @@ -package io - -import ( - "io" -) - -// ReadSeekNopCloser wraps an io.ReadSeeker with an additional Close method -// that does nothing. -type ReadSeekNopCloser struct { - io.ReadSeeker -} - -// Close does nothing. -func (ReadSeekNopCloser) Close() error { - return nil -} diff --git a/vendor/github.com/aws/smithy-go/io/ringbuffer.go b/vendor/github.com/aws/smithy-go/io/ringbuffer.go deleted file mode 100644 index 06b476ad..00000000 --- a/vendor/github.com/aws/smithy-go/io/ringbuffer.go +++ /dev/null @@ -1,94 +0,0 @@ -package io - -import ( - "bytes" - "io" -) - -// RingBuffer struct satisfies io.ReadWrite interface. -// -// ReadBuffer is a revolving buffer data structure, which can be used to store snapshots of data in a -// revolving window. -type RingBuffer struct { - slice []byte - start int - end int - size int -} - -// NewRingBuffer method takes in a byte slice as an input and returns a RingBuffer. -func NewRingBuffer(slice []byte) *RingBuffer { - ringBuf := RingBuffer{ - slice: slice, - } - return &ringBuf -} - -// Write method inserts the elements in a byte slice, and returns the number of bytes written along with any error. -func (r *RingBuffer) Write(p []byte) (int, error) { - for _, b := range p { - // check if end points to invalid index, we need to circle back - if r.end == len(r.slice) { - r.end = 0 - } - // check if start points to invalid index, we need to circle back - if r.start == len(r.slice) { - r.start = 0 - } - // if ring buffer is filled, increment the start index - if r.size == len(r.slice) { - r.size-- - r.start++ - } - - r.slice[r.end] = b - r.end++ - r.size++ - } - return len(p), nil -} - -// Read copies the data on the ring buffer into the byte slice provided to the method. -// Returns the read count along with any error encountered while reading. -func (r *RingBuffer) Read(p []byte) (int, error) { - // readCount keeps track of the number of bytes read - var readCount int - for j := 0; j < len(p); j++ { - // if ring buffer is empty or completely read - // return EOF error. - if r.size == 0 { - return readCount, io.EOF - } - - if r.start == len(r.slice) { - r.start = 0 - } - - p[j] = r.slice[r.start] - readCount++ - // increment the start pointer for ring buffer - r.start++ - // decrement the size of ring buffer - r.size-- - } - return readCount, nil -} - -// Len returns the number of unread bytes in the buffer. -func (r *RingBuffer) Len() int { - return r.size -} - -// Bytes returns a copy of the RingBuffer's bytes. -func (r RingBuffer) Bytes() []byte { - var b bytes.Buffer - io.Copy(&b, &r) - return b.Bytes() -} - -// Reset resets the ring buffer. -func (r *RingBuffer) Reset() { - *r = RingBuffer{ - slice: r.slice, - } -} diff --git a/vendor/github.com/aws/smithy-go/local-mod-replace.sh b/vendor/github.com/aws/smithy-go/local-mod-replace.sh deleted file mode 100644 index 800bf376..00000000 --- a/vendor/github.com/aws/smithy-go/local-mod-replace.sh +++ /dev/null @@ -1,39 +0,0 @@ -#1/usr/bin/env bash - -PROJECT_DIR="" -SMITHY_SOURCE_DIR=$(cd `dirname $0` && pwd) - -usage() { - echo "Usage: $0 [-s SMITHY_SOURCE_DIR] [-d PROJECT_DIR]" 1>&2 - exit 1 -} - -while getopts "hs:d:" options; do - case "${options}" in - s) - SMITHY_SOURCE_DIR=${OPTARG} - if [ "$SMITHY_SOURCE_DIR" == "" ]; then - echo "path to smithy-go source directory is required" || exit - usage - fi - ;; - d) - PROJECT_DIR=${OPTARG} - ;; - h) - usage - ;; - *) - usage - ;; - esac -done - -if [ "$PROJECT_DIR" != "" ]; then - cd $PROJECT_DIR || exit -fi - -go mod graph | awk '{print $1}' | cut -d '@' -f 1 | sort | uniq | grep "github.com/aws/smithy-go" | while read x; do - repPath=${x/github.com\/aws\/smithy-go/${SMITHY_SOURCE_DIR}} - echo -replace $x=$repPath -done | xargs go mod edit diff --git a/vendor/github.com/aws/smithy-go/logging/logger.go b/vendor/github.com/aws/smithy-go/logging/logger.go deleted file mode 100644 index 2071924b..00000000 --- a/vendor/github.com/aws/smithy-go/logging/logger.go +++ /dev/null @@ -1,82 +0,0 @@ -package logging - -import ( - "context" - "io" - "log" -) - -// Classification is the type of the log entry's classification name. -type Classification string - -// Set of standard classifications that can be used by clients and middleware -const ( - Warn Classification = "WARN" - Debug Classification = "DEBUG" -) - -// Logger is an interface for logging entries at certain classifications. -type Logger interface { - // Logf is expected to support the standard fmt package "verbs". - Logf(classification Classification, format string, v ...interface{}) -} - -// LoggerFunc is a wrapper around a function to satisfy the Logger interface. -type LoggerFunc func(classification Classification, format string, v ...interface{}) - -// Logf delegates the logging request to the wrapped function. -func (f LoggerFunc) Logf(classification Classification, format string, v ...interface{}) { - f(classification, format, v...) -} - -// ContextLogger is an optional interface a Logger implementation may expose that provides -// the ability to create context aware log entries. -type ContextLogger interface { - WithContext(context.Context) Logger -} - -// WithContext will pass the provided context to logger if it implements the ContextLogger interface and return the resulting -// logger. Otherwise the logger will be returned as is. As a special case if a nil logger is provided, a Nop logger will -// be returned to the caller. -func WithContext(ctx context.Context, logger Logger) Logger { - if logger == nil { - return Nop{} - } - - cl, ok := logger.(ContextLogger) - if !ok { - return logger - } - - return cl.WithContext(ctx) -} - -// Nop is a Logger implementation that simply does not perform any logging. -type Nop struct{} - -// Logf simply returns without performing any action -func (n Nop) Logf(Classification, string, ...interface{}) { - return -} - -// StandardLogger is a Logger implementation that wraps the standard library logger, and delegates logging to it's -// Printf method. -type StandardLogger struct { - Logger *log.Logger -} - -// Logf logs the given classification and message to the underlying logger. -func (s StandardLogger) Logf(classification Classification, format string, v ...interface{}) { - if len(classification) != 0 { - format = string(classification) + " " + format - } - - s.Logger.Printf(format, v...) -} - -// NewStandardLogger returns a new StandardLogger -func NewStandardLogger(writer io.Writer) *StandardLogger { - return &StandardLogger{ - Logger: log.New(writer, "SDK ", log.LstdFlags), - } -} diff --git a/vendor/github.com/aws/smithy-go/metrics/metrics.go b/vendor/github.com/aws/smithy-go/metrics/metrics.go deleted file mode 100644 index c009d9f2..00000000 --- a/vendor/github.com/aws/smithy-go/metrics/metrics.go +++ /dev/null @@ -1,136 +0,0 @@ -// Package metrics defines the metrics APIs used by Smithy clients. -package metrics - -import ( - "context" - - "github.com/aws/smithy-go" -) - -// MeterProvider is the entry point for creating a Meter. -type MeterProvider interface { - Meter(scope string, opts ...MeterOption) Meter -} - -// MeterOption applies configuration to a Meter. -type MeterOption func(o *MeterOptions) - -// MeterOptions represents configuration for a Meter. -type MeterOptions struct { - Properties smithy.Properties -} - -// Meter is the entry point for creation of measurement instruments. -type Meter interface { - // integer/synchronous - Int64Counter(name string, opts ...InstrumentOption) (Int64Counter, error) - Int64UpDownCounter(name string, opts ...InstrumentOption) (Int64UpDownCounter, error) - Int64Gauge(name string, opts ...InstrumentOption) (Int64Gauge, error) - Int64Histogram(name string, opts ...InstrumentOption) (Int64Histogram, error) - - // integer/asynchronous - Int64AsyncCounter(name string, callback Int64Callback, opts ...InstrumentOption) (AsyncInstrument, error) - Int64AsyncUpDownCounter(name string, callback Int64Callback, opts ...InstrumentOption) (AsyncInstrument, error) - Int64AsyncGauge(name string, callback Int64Callback, opts ...InstrumentOption) (AsyncInstrument, error) - - // floating-point/synchronous - Float64Counter(name string, opts ...InstrumentOption) (Float64Counter, error) - Float64UpDownCounter(name string, opts ...InstrumentOption) (Float64UpDownCounter, error) - Float64Gauge(name string, opts ...InstrumentOption) (Float64Gauge, error) - Float64Histogram(name string, opts ...InstrumentOption) (Float64Histogram, error) - - // floating-point/asynchronous - Float64AsyncCounter(name string, callback Float64Callback, opts ...InstrumentOption) (AsyncInstrument, error) - Float64AsyncUpDownCounter(name string, callback Float64Callback, opts ...InstrumentOption) (AsyncInstrument, error) - Float64AsyncGauge(name string, callback Float64Callback, opts ...InstrumentOption) (AsyncInstrument, error) -} - -// InstrumentOption applies configuration to an instrument. -type InstrumentOption func(o *InstrumentOptions) - -// InstrumentOptions represents configuration for an instrument. -type InstrumentOptions struct { - UnitLabel string - Description string -} - -// Int64Counter measures a monotonically increasing int64 value. -type Int64Counter interface { - Add(context.Context, int64, ...RecordMetricOption) -} - -// Int64UpDownCounter measures a fluctuating int64 value. -type Int64UpDownCounter interface { - Add(context.Context, int64, ...RecordMetricOption) -} - -// Int64Gauge samples a discrete int64 value. -type Int64Gauge interface { - Sample(context.Context, int64, ...RecordMetricOption) -} - -// Int64Histogram records multiple data points for an int64 value. -type Int64Histogram interface { - Record(context.Context, int64, ...RecordMetricOption) -} - -// Float64Counter measures a monotonically increasing float64 value. -type Float64Counter interface { - Add(context.Context, float64, ...RecordMetricOption) -} - -// Float64UpDownCounter measures a fluctuating float64 value. -type Float64UpDownCounter interface { - Add(context.Context, float64, ...RecordMetricOption) -} - -// Float64Gauge samples a discrete float64 value. -type Float64Gauge interface { - Sample(context.Context, float64, ...RecordMetricOption) -} - -// Float64Histogram records multiple data points for an float64 value. -type Float64Histogram interface { - Record(context.Context, float64, ...RecordMetricOption) -} - -// AsyncInstrument is the universal handle returned for creation of all async -// instruments. -// -// Callers use the Stop() API to unregister the callback passed at instrument -// creation. -type AsyncInstrument interface { - Stop() -} - -// Int64Callback describes a function invoked when an async int64 instrument is -// read. -type Int64Callback func(context.Context, Int64Observer) - -// Int64Observer is the interface passed to async int64 instruments. -// -// Callers use the Observe() API of this interface to report metrics to the -// underlying collector. -type Int64Observer interface { - Observe(context.Context, int64, ...RecordMetricOption) -} - -// Float64Callback describes a function invoked when an async float64 -// instrument is read. -type Float64Callback func(context.Context, Float64Observer) - -// Float64Observer is the interface passed to async int64 instruments. -// -// Callers use the Observe() API of this interface to report metrics to the -// underlying collector. -type Float64Observer interface { - Observe(context.Context, float64, ...RecordMetricOption) -} - -// RecordMetricOption applies configuration to a recorded metric. -type RecordMetricOption func(o *RecordMetricOptions) - -// RecordMetricOptions represents configuration for a recorded metric. -type RecordMetricOptions struct { - Properties smithy.Properties -} diff --git a/vendor/github.com/aws/smithy-go/metrics/nop.go b/vendor/github.com/aws/smithy-go/metrics/nop.go deleted file mode 100644 index fb374e1f..00000000 --- a/vendor/github.com/aws/smithy-go/metrics/nop.go +++ /dev/null @@ -1,67 +0,0 @@ -package metrics - -import "context" - -// NopMeterProvider is a no-op metrics implementation. -type NopMeterProvider struct{} - -var _ MeterProvider = (*NopMeterProvider)(nil) - -// Meter returns a meter which creates no-op instruments. -func (NopMeterProvider) Meter(string, ...MeterOption) Meter { - return nopMeter{} -} - -type nopMeter struct{} - -var _ Meter = (*nopMeter)(nil) - -func (nopMeter) Int64Counter(string, ...InstrumentOption) (Int64Counter, error) { - return nopInstrument[int64]{}, nil -} -func (nopMeter) Int64UpDownCounter(string, ...InstrumentOption) (Int64UpDownCounter, error) { - return nopInstrument[int64]{}, nil -} -func (nopMeter) Int64Gauge(string, ...InstrumentOption) (Int64Gauge, error) { - return nopInstrument[int64]{}, nil -} -func (nopMeter) Int64Histogram(string, ...InstrumentOption) (Int64Histogram, error) { - return nopInstrument[int64]{}, nil -} -func (nopMeter) Int64AsyncCounter(string, Int64Callback, ...InstrumentOption) (AsyncInstrument, error) { - return nopInstrument[int64]{}, nil -} -func (nopMeter) Int64AsyncUpDownCounter(string, Int64Callback, ...InstrumentOption) (AsyncInstrument, error) { - return nopInstrument[int64]{}, nil -} -func (nopMeter) Int64AsyncGauge(string, Int64Callback, ...InstrumentOption) (AsyncInstrument, error) { - return nopInstrument[int64]{}, nil -} -func (nopMeter) Float64Counter(string, ...InstrumentOption) (Float64Counter, error) { - return nopInstrument[float64]{}, nil -} -func (nopMeter) Float64UpDownCounter(string, ...InstrumentOption) (Float64UpDownCounter, error) { - return nopInstrument[float64]{}, nil -} -func (nopMeter) Float64Gauge(string, ...InstrumentOption) (Float64Gauge, error) { - return nopInstrument[float64]{}, nil -} -func (nopMeter) Float64Histogram(string, ...InstrumentOption) (Float64Histogram, error) { - return nopInstrument[float64]{}, nil -} -func (nopMeter) Float64AsyncCounter(string, Float64Callback, ...InstrumentOption) (AsyncInstrument, error) { - return nopInstrument[float64]{}, nil -} -func (nopMeter) Float64AsyncUpDownCounter(string, Float64Callback, ...InstrumentOption) (AsyncInstrument, error) { - return nopInstrument[float64]{}, nil -} -func (nopMeter) Float64AsyncGauge(string, Float64Callback, ...InstrumentOption) (AsyncInstrument, error) { - return nopInstrument[float64]{}, nil -} - -type nopInstrument[N any] struct{} - -func (nopInstrument[N]) Add(context.Context, N, ...RecordMetricOption) {} -func (nopInstrument[N]) Sample(context.Context, N, ...RecordMetricOption) {} -func (nopInstrument[N]) Record(context.Context, N, ...RecordMetricOption) {} -func (nopInstrument[_]) Stop() {} diff --git a/vendor/github.com/aws/smithy-go/middleware/context.go b/vendor/github.com/aws/smithy-go/middleware/context.go deleted file mode 100644 index f51aa4f0..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/context.go +++ /dev/null @@ -1,41 +0,0 @@ -package middleware - -import "context" - -type ( - serviceIDKey struct{} - operationNameKey struct{} -) - -// WithServiceID adds a service ID to the context, scoped to middleware stack -// values. -// -// This API is called in the client runtime when bootstrapping an operation and -// should not typically be used directly. -func WithServiceID(parent context.Context, id string) context.Context { - return WithStackValue(parent, serviceIDKey{}, id) -} - -// GetServiceID retrieves the service ID from the context. This is typically -// the service shape's name from its Smithy model. Service clients for specific -// systems (e.g. AWS SDK) may use an alternate designated value. -func GetServiceID(ctx context.Context) string { - id, _ := GetStackValue(ctx, serviceIDKey{}).(string) - return id -} - -// WithOperationName adds the operation name to the context, scoped to -// middleware stack values. -// -// This API is called in the client runtime when bootstrapping an operation and -// should not typically be used directly. -func WithOperationName(parent context.Context, id string) context.Context { - return WithStackValue(parent, operationNameKey{}, id) -} - -// GetOperationName retrieves the operation name from the context. This is -// typically the operation shape's name from its Smithy model. -func GetOperationName(ctx context.Context) string { - name, _ := GetStackValue(ctx, operationNameKey{}).(string) - return name -} diff --git a/vendor/github.com/aws/smithy-go/middleware/doc.go b/vendor/github.com/aws/smithy-go/middleware/doc.go deleted file mode 100644 index 9858928a..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/doc.go +++ /dev/null @@ -1,67 +0,0 @@ -// Package middleware provides transport agnostic middleware for decorating SDK -// handlers. -// -// The Smithy middleware stack provides ordered behavior to be invoked on an -// underlying handler. The stack is separated into steps that are invoked in a -// static order. A step is a collection of middleware that are injected into a -// ordered list defined by the user. The user may add, insert, swap, and remove a -// step's middleware. When the stack is invoked the step middleware become static, -// and their order cannot be modified. -// -// A stack and its step middleware are **not** safe to modify concurrently. -// -// A stack will use the ordered list of middleware to decorate a underlying -// handler. A handler could be something like an HTTP Client that round trips an -// API operation over HTTP. -// -// Smithy Middleware Stack -// -// A Stack is a collection of middleware that wrap a handler. The stack can be -// broken down into discreet steps. Each step may contain zero or more middleware -// specific to that stack's step. -// -// A Stack Step is a predefined set of middleware that are invoked in a static -// order by the Stack. These steps represent fixed points in the middleware stack -// for organizing specific behavior, such as serialize and build. A Stack Step is -// composed of zero or more middleware that are specific to that step. A step may -// define its own set of input/output parameters the generic input/output -// parameters are cast from. A step calls its middleware recursively, before -// calling the next step in the stack returning the result or error of the step -// middleware decorating the underlying handler. -// -// * Initialize: Prepares the input, and sets any default parameters as needed, -// (e.g. idempotency token, and presigned URLs). -// -// * Serialize: Serializes the prepared input into a data structure that can be -// consumed by the target transport's message, (e.g. REST-JSON serialization). -// -// * Build: Adds additional metadata to the serialized transport message, (e.g. -// HTTP's Content-Length header, or body checksum). Decorations and -// modifications to the message should be copied to all message attempts. -// -// * Finalize: Performs final preparations needed before sending the message. The -// message should already be complete by this stage, and is only alternated to -// meet the expectations of the recipient, (e.g. Retry and AWS SigV4 request -// signing). -// -// * Deserialize: Reacts to the handler's response returned by the recipient of -// the request message. Deserializes the response into a structured type or -// error above stacks can react to. -// -// Adding Middleware to a Stack Step -// -// Middleware can be added to a step front or back, or relative, by name, to an -// existing middleware in that stack. If a middleware does not have a name, a -// unique name will be generated at the middleware and be added to the step. -// -// // Create middleware stack -// stack := middleware.NewStack() -// -// // Add middleware to stack steps -// stack.Initialize.Add(paramValidationMiddleware, middleware.After) -// stack.Serialize.Add(marshalOperationFoo, middleware.After) -// stack.Deserialize.Add(unmarshalOperationFoo, middleware.After) -// -// // Invoke middleware on handler. -// resp, err := stack.HandleMiddleware(ctx, req.Input, clientHandler) -package middleware diff --git a/vendor/github.com/aws/smithy-go/middleware/logging.go b/vendor/github.com/aws/smithy-go/middleware/logging.go deleted file mode 100644 index c2f0dbb6..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/logging.go +++ /dev/null @@ -1,46 +0,0 @@ -package middleware - -import ( - "context" - - "github.com/aws/smithy-go/logging" -) - -// loggerKey is the context value key for which the logger is associated with. -type loggerKey struct{} - -// GetLogger takes a context to retrieve a Logger from. If no logger is present on the context a logging.Nop logger -// is returned. If the logger retrieved from context supports the ContextLogger interface, the context will be passed -// to the WithContext method and the resulting logger will be returned. Otherwise the stored logger is returned as is. -func GetLogger(ctx context.Context) logging.Logger { - logger, ok := ctx.Value(loggerKey{}).(logging.Logger) - if !ok || logger == nil { - return logging.Nop{} - } - - return logging.WithContext(ctx, logger) -} - -// SetLogger sets the provided logger value on the provided ctx. -func SetLogger(ctx context.Context, logger logging.Logger) context.Context { - return context.WithValue(ctx, loggerKey{}, logger) -} - -type setLogger struct { - Logger logging.Logger -} - -// AddSetLoggerMiddleware adds a middleware that will add the provided logger to the middleware context. -func AddSetLoggerMiddleware(stack *Stack, logger logging.Logger) error { - return stack.Initialize.Add(&setLogger{Logger: logger}, After) -} - -func (a *setLogger) ID() string { - return "SetLogger" -} - -func (a *setLogger) HandleInitialize(ctx context.Context, in InitializeInput, next InitializeHandler) ( - out InitializeOutput, metadata Metadata, err error, -) { - return next.HandleInitialize(SetLogger(ctx, a.Logger), in) -} diff --git a/vendor/github.com/aws/smithy-go/middleware/metadata.go b/vendor/github.com/aws/smithy-go/middleware/metadata.go deleted file mode 100644 index 7bb7dbcf..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/metadata.go +++ /dev/null @@ -1,65 +0,0 @@ -package middleware - -// MetadataReader provides an interface for reading metadata from the -// underlying metadata container. -type MetadataReader interface { - Get(key interface{}) interface{} -} - -// Metadata provides storing and reading metadata values. Keys may be any -// comparable value type. Get and set will panic if key is not a comparable -// value type. -// -// Metadata uses lazy initialization, and Set method must be called as an -// addressable value, or pointer. Not doing so may cause key/value pair to not -// be set. -type Metadata struct { - values map[interface{}]interface{} -} - -// Get attempts to retrieve the value the key points to. Returns nil if the -// key was not found. -// -// Panics if key type is not comparable. -func (m Metadata) Get(key interface{}) interface{} { - return m.values[key] -} - -// Clone creates a shallow copy of Metadata entries, returning a new Metadata -// value with the original entries copied into it. -func (m Metadata) Clone() Metadata { - vs := make(map[interface{}]interface{}, len(m.values)) - for k, v := range m.values { - vs[k] = v - } - - return Metadata{ - values: vs, - } -} - -// Set stores the value pointed to by the key. If a value already exists at -// that key it will be replaced with the new value. -// -// Set method must be called as an addressable value, or pointer. If Set is not -// called as an addressable value or pointer, the key value pair being set may -// be lost. -// -// Panics if the key type is not comparable. -func (m *Metadata) Set(key, value interface{}) { - if m.values == nil { - m.values = map[interface{}]interface{}{} - } - m.values[key] = value -} - -// Has returns whether the key exists in the metadata. -// -// Panics if the key type is not comparable. -func (m Metadata) Has(key interface{}) bool { - if m.values == nil { - return false - } - _, ok := m.values[key] - return ok -} diff --git a/vendor/github.com/aws/smithy-go/middleware/middleware.go b/vendor/github.com/aws/smithy-go/middleware/middleware.go deleted file mode 100644 index 803b7c75..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/middleware.go +++ /dev/null @@ -1,71 +0,0 @@ -package middleware - -import ( - "context" -) - -// Handler provides the interface for performing the logic to obtain an output, -// or error for the given input. -type Handler interface { - // Handle performs logic to obtain an output for the given input. Handler - // should be decorated with middleware to perform input specific behavior. - Handle(ctx context.Context, input interface{}) ( - output interface{}, metadata Metadata, err error, - ) -} - -// HandlerFunc provides a wrapper around a function pointer to be used as a -// middleware handler. -type HandlerFunc func(ctx context.Context, input interface{}) ( - output interface{}, metadata Metadata, err error, -) - -// Handle invokes the underlying function, returning the result. -func (fn HandlerFunc) Handle(ctx context.Context, input interface{}) ( - output interface{}, metadata Metadata, err error, -) { - return fn(ctx, input) -} - -// Middleware provides the interface to call handlers in a chain. -type Middleware interface { - // ID provides a unique identifier for the middleware. - ID() string - - // Performs the middleware's handling of the input, returning the output, - // or error. The middleware can invoke the next Handler if handling should - // continue. - HandleMiddleware(ctx context.Context, input interface{}, next Handler) ( - output interface{}, metadata Metadata, err error, - ) -} - -// decoratedHandler wraps a middleware in order to to call the next handler in -// the chain. -type decoratedHandler struct { - // The next handler to be called. - Next Handler - - // The current middleware decorating the handler. - With Middleware -} - -// Handle implements the Handler interface to handle a operation invocation. -func (m decoratedHandler) Handle(ctx context.Context, input interface{}) ( - output interface{}, metadata Metadata, err error, -) { - return m.With.HandleMiddleware(ctx, input, m.Next) -} - -// DecorateHandler decorates a handler with a middleware. Wrapping the handler -// with the middleware. -func DecorateHandler(h Handler, with ...Middleware) Handler { - for i := len(with) - 1; i >= 0; i-- { - h = decoratedHandler{ - Next: h, - With: with[i], - } - } - - return h -} diff --git a/vendor/github.com/aws/smithy-go/middleware/ordered_group.go b/vendor/github.com/aws/smithy-go/middleware/ordered_group.go deleted file mode 100644 index 4b195308..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/ordered_group.go +++ /dev/null @@ -1,268 +0,0 @@ -package middleware - -import "fmt" - -// RelativePosition provides specifying the relative position of a middleware -// in an ordered group. -type RelativePosition int - -// Relative position for middleware in steps. -const ( - After RelativePosition = iota - Before -) - -type ider interface { - ID() string -} - -// orderedIDs provides an ordered collection of items with relative ordering -// by name. -type orderedIDs struct { - order *relativeOrder - items map[string]ider -} - -const baseOrderedItems = 5 - -func newOrderedIDs() *orderedIDs { - return &orderedIDs{ - order: newRelativeOrder(), - items: make(map[string]ider, baseOrderedItems), - } -} - -// Add injects the item to the relative position of the item group. Returns an -// error if the item already exists. -func (g *orderedIDs) Add(m ider, pos RelativePosition) error { - id := m.ID() - if len(id) == 0 { - return fmt.Errorf("empty ID, ID must not be empty") - } - - if err := g.order.Add(pos, id); err != nil { - return err - } - - g.items[id] = m - return nil -} - -// Insert injects the item relative to an existing item id. Returns an error if -// the original item does not exist, or the item being added already exists. -func (g *orderedIDs) Insert(m ider, relativeTo string, pos RelativePosition) error { - if len(m.ID()) == 0 { - return fmt.Errorf("insert ID must not be empty") - } - if len(relativeTo) == 0 { - return fmt.Errorf("relative to ID must not be empty") - } - - if err := g.order.Insert(relativeTo, pos, m.ID()); err != nil { - return err - } - - g.items[m.ID()] = m - return nil -} - -// Get returns the ider identified by id. If ider is not present, returns false. -func (g *orderedIDs) Get(id string) (ider, bool) { - v, ok := g.items[id] - return v, ok -} - -// Swap removes the item by id, replacing it with the new item. Returns an error -// if the original item doesn't exist. -func (g *orderedIDs) Swap(id string, m ider) (ider, error) { - if len(id) == 0 { - return nil, fmt.Errorf("swap from ID must not be empty") - } - - iderID := m.ID() - if len(iderID) == 0 { - return nil, fmt.Errorf("swap to ID must not be empty") - } - - if err := g.order.Swap(id, iderID); err != nil { - return nil, err - } - - removed := g.items[id] - - delete(g.items, id) - g.items[iderID] = m - - return removed, nil -} - -// Remove removes the item by id. Returns an error if the item -// doesn't exist. -func (g *orderedIDs) Remove(id string) (ider, error) { - if len(id) == 0 { - return nil, fmt.Errorf("remove ID must not be empty") - } - - if err := g.order.Remove(id); err != nil { - return nil, err - } - - removed := g.items[id] - delete(g.items, id) - return removed, nil -} - -func (g *orderedIDs) List() []string { - items := g.order.List() - order := make([]string, len(items)) - copy(order, items) - return order -} - -// Clear removes all entries and slots. -func (g *orderedIDs) Clear() { - g.order.Clear() - g.items = map[string]ider{} -} - -// GetOrder returns the item in the order it should be invoked in. -func (g *orderedIDs) GetOrder() []interface{} { - order := g.order.List() - ordered := make([]interface{}, len(order)) - for i := 0; i < len(order); i++ { - ordered[i] = g.items[order[i]] - } - - return ordered -} - -// relativeOrder provides ordering of item -type relativeOrder struct { - order []string -} - -func newRelativeOrder() *relativeOrder { - return &relativeOrder{ - order: make([]string, 0, baseOrderedItems), - } -} - -// Add inserts an item into the order relative to the position provided. -func (s *relativeOrder) Add(pos RelativePosition, ids ...string) error { - if len(ids) == 0 { - return nil - } - - for _, id := range ids { - if _, ok := s.has(id); ok { - return fmt.Errorf("already exists, %v", id) - } - } - - switch pos { - case Before: - return s.insert(0, Before, ids...) - - case After: - s.order = append(s.order, ids...) - - default: - return fmt.Errorf("invalid position, %v", int(pos)) - } - - return nil -} - -// Insert injects an item before or after the relative item. Returns -// an error if the relative item does not exist. -func (s *relativeOrder) Insert(relativeTo string, pos RelativePosition, ids ...string) error { - if len(ids) == 0 { - return nil - } - - for _, id := range ids { - if _, ok := s.has(id); ok { - return fmt.Errorf("already exists, %v", id) - } - } - - i, ok := s.has(relativeTo) - if !ok { - return fmt.Errorf("not found, %v", relativeTo) - } - - return s.insert(i, pos, ids...) -} - -// Swap will replace the item id with the to item. Returns an -// error if the original item id does not exist. Allows swapping out an -// item for another item with the same id. -func (s *relativeOrder) Swap(id, to string) error { - i, ok := s.has(id) - if !ok { - return fmt.Errorf("not found, %v", id) - } - - if _, ok = s.has(to); ok && id != to { - return fmt.Errorf("already exists, %v", to) - } - - s.order[i] = to - return nil -} - -func (s *relativeOrder) Remove(id string) error { - i, ok := s.has(id) - if !ok { - return fmt.Errorf("not found, %v", id) - } - - s.order = append(s.order[:i], s.order[i+1:]...) - return nil -} - -func (s *relativeOrder) List() []string { - return s.order -} - -func (s *relativeOrder) Clear() { - s.order = s.order[0:0] -} - -func (s *relativeOrder) insert(i int, pos RelativePosition, ids ...string) error { - switch pos { - case Before: - n := len(ids) - var src []string - if n <= cap(s.order)-len(s.order) { - s.order = s.order[:len(s.order)+n] - src = s.order - } else { - src = s.order - s.order = make([]string, len(s.order)+n) - copy(s.order[:i], src[:i]) // only when allocating a new slice do we need to copy the front half - } - copy(s.order[i+n:], src[i:]) - copy(s.order[i:], ids) - case After: - if i == len(s.order)-1 || len(s.order) == 0 { - s.order = append(s.order, ids...) - } else { - s.order = append(s.order[:i+1], append(ids, s.order[i+1:]...)...) - } - - default: - return fmt.Errorf("invalid position, %v", int(pos)) - } - - return nil -} - -func (s *relativeOrder) has(id string) (i int, found bool) { - for i := 0; i < len(s.order); i++ { - if s.order[i] == id { - return i, true - } - } - return 0, false -} diff --git a/vendor/github.com/aws/smithy-go/middleware/stack.go b/vendor/github.com/aws/smithy-go/middleware/stack.go deleted file mode 100644 index 45ccb5b9..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/stack.go +++ /dev/null @@ -1,209 +0,0 @@ -package middleware - -import ( - "context" - "io" - "strings" -) - -// Stack provides protocol and transport agnostic set of middleware split into -// distinct steps. Steps have specific transitions between them, that are -// managed by the individual step. -// -// Steps are composed as middleware around the underlying handler in the -// following order: -// -// Initialize -> Serialize -> Build -> Finalize -> Deserialize -> Handler -// -// Any middleware within the chain may choose to stop and return an error or -// response. Since the middleware decorate the handler like a call stack, each -// middleware will receive the result of the next middleware in the chain. -// Middleware that does not need to react to an input, or result must forward -// along the input down the chain, or return the result back up the chain. -// -// Initialize <- Serialize -> Build -> Finalize <- Deserialize <- Handler -type Stack struct { - // Initialize prepares the input, and sets any default parameters as - // needed, (e.g. idempotency token, and presigned URLs). - // - // Takes Input Parameters, and returns result or error. - // - // Receives result or error from Serialize step. - Initialize *InitializeStep - - // Serialize serializes the prepared input into a data structure that can be consumed - // by the target transport's message, (e.g. REST-JSON serialization) - // - // Converts Input Parameters into a Request, and returns the result or error. - // - // Receives result or error from Build step. - Serialize *SerializeStep - - // Build adds additional metadata to the serialized transport message - // (e.g. HTTP's Content-Length header, or body checksum). Decorations and - // modifications to the message should be copied to all message attempts. - // - // Takes Request, and returns result or error. - // - // Receives result or error from Finalize step. - Build *BuildStep - - // Finalize performs final preparations needed before sending the message. The - // message should already be complete by this stage, and is only alternated - // to meet the expectations of the recipient (e.g. Retry and AWS SigV4 - // request signing) - // - // Takes Request, and returns result or error. - // - // Receives result or error from Deserialize step. - Finalize *FinalizeStep - - // Deserialize reacts to the handler's response returned by the recipient of the request - // message. Deserializes the response into a structured type or error above - // stacks can react to. - // - // Should only forward Request to underlying handler. - // - // Takes Request, and returns result or error. - // - // Receives raw response, or error from underlying handler. - Deserialize *DeserializeStep - - id string -} - -// NewStack returns an initialize empty stack. -func NewStack(id string, newRequestFn func() interface{}) *Stack { - return &Stack{ - id: id, - Initialize: NewInitializeStep(), - Serialize: NewSerializeStep(newRequestFn), - Build: NewBuildStep(), - Finalize: NewFinalizeStep(), - Deserialize: NewDeserializeStep(), - } -} - -// ID returns the unique ID for the stack as a middleware. -func (s *Stack) ID() string { return s.id } - -// HandleMiddleware invokes the middleware stack decorating the next handler. -// Each step of stack will be invoked in order before calling the next step. -// With the next handler call last. -// -// The input value must be the input parameters of the operation being -// performed. -// -// Will return the result of the operation, or error. -func (s *Stack) HandleMiddleware(ctx context.Context, input interface{}, next Handler) ( - output interface{}, metadata Metadata, err error, -) { - h := DecorateHandler(next, - s.Initialize, - s.Serialize, - s.Build, - s.Finalize, - s.Deserialize, - ) - - return h.Handle(ctx, input) -} - -// List returns a list of all middleware in the stack by step. -func (s *Stack) List() []string { - var l []string - l = append(l, s.id) - - l = append(l, s.Initialize.ID()) - l = append(l, s.Initialize.List()...) - - l = append(l, s.Serialize.ID()) - l = append(l, s.Serialize.List()...) - - l = append(l, s.Build.ID()) - l = append(l, s.Build.List()...) - - l = append(l, s.Finalize.ID()) - l = append(l, s.Finalize.List()...) - - l = append(l, s.Deserialize.ID()) - l = append(l, s.Deserialize.List()...) - - return l -} - -func (s *Stack) String() string { - var b strings.Builder - - w := &indentWriter{w: &b} - - w.WriteLine(s.id) - w.Push() - - writeStepItems(w, s.Initialize) - writeStepItems(w, s.Serialize) - writeStepItems(w, s.Build) - writeStepItems(w, s.Finalize) - writeStepItems(w, s.Deserialize) - - return b.String() -} - -type stackStepper interface { - ID() string - List() []string -} - -func writeStepItems(w *indentWriter, s stackStepper) { - type lister interface { - List() []string - } - - w.WriteLine(s.ID()) - w.Push() - - defer w.Pop() - - // ignore stack to prevent circular iterations - if _, ok := s.(*Stack); ok { - return - } - - for _, id := range s.List() { - w.WriteLine(id) - } -} - -type stringWriter interface { - io.Writer - WriteString(string) (int, error) - WriteRune(rune) (int, error) -} - -type indentWriter struct { - w stringWriter - depth int -} - -const indentDepth = "\t\t\t\t\t\t\t\t\t\t" - -func (w *indentWriter) Push() { - w.depth++ -} - -func (w *indentWriter) Pop() { - w.depth-- - if w.depth < 0 { - w.depth = 0 - } -} - -func (w *indentWriter) WriteLine(v string) { - w.w.WriteString(indentDepth[:w.depth]) - - v = strings.ReplaceAll(v, "\n", "\\n") - v = strings.ReplaceAll(v, "\r", "\\r") - - w.w.WriteString(v) - w.w.WriteRune('\n') -} diff --git a/vendor/github.com/aws/smithy-go/middleware/stack_values.go b/vendor/github.com/aws/smithy-go/middleware/stack_values.go deleted file mode 100644 index ef96009b..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/stack_values.go +++ /dev/null @@ -1,100 +0,0 @@ -package middleware - -import ( - "context" - "reflect" - "strings" -) - -// WithStackValue adds a key value pair to the context that is intended to be -// scoped to a stack. Use ClearStackValues to get a new context with all stack -// values cleared. -func WithStackValue(ctx context.Context, key, value interface{}) context.Context { - md, _ := ctx.Value(stackValuesKey{}).(*stackValues) - - md = withStackValue(md, key, value) - return context.WithValue(ctx, stackValuesKey{}, md) -} - -// ClearStackValues returns a context without any stack values. -func ClearStackValues(ctx context.Context) context.Context { - return context.WithValue(ctx, stackValuesKey{}, nil) -} - -// GetStackValues returns the value pointed to by the key within the stack -// values, if it is present. -func GetStackValue(ctx context.Context, key interface{}) interface{} { - md, _ := ctx.Value(stackValuesKey{}).(*stackValues) - if md == nil { - return nil - } - - return md.Value(key) -} - -type stackValuesKey struct{} - -type stackValues struct { - key interface{} - value interface{} - parent *stackValues -} - -func withStackValue(parent *stackValues, key, value interface{}) *stackValues { - if key == nil { - panic("nil key") - } - if !reflect.TypeOf(key).Comparable() { - panic("key is not comparable") - } - return &stackValues{key: key, value: value, parent: parent} -} - -func (m *stackValues) Value(key interface{}) interface{} { - if key == m.key { - return m.value - } - - if m.parent == nil { - return nil - } - - return m.parent.Value(key) -} - -func (c *stackValues) String() string { - var str strings.Builder - - cc := c - for cc == nil { - str.WriteString("(" + - reflect.TypeOf(c.key).String() + - ": " + - stringify(cc.value) + - ")") - if cc.parent != nil { - str.WriteString(" -> ") - } - cc = cc.parent - } - str.WriteRune('}') - - return str.String() -} - -type stringer interface { - String() string -} - -// stringify tries a bit to stringify v, without using fmt, since we don't -// want context depending on the unicode tables. This is only used by -// *valueCtx.String(). -func stringify(v interface{}) string { - switch s := v.(type) { - case stringer: - return s.String() - case string: - return s - } - return "" -} diff --git a/vendor/github.com/aws/smithy-go/middleware/step_build.go b/vendor/github.com/aws/smithy-go/middleware/step_build.go deleted file mode 100644 index 7e1d94ca..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/step_build.go +++ /dev/null @@ -1,211 +0,0 @@ -package middleware - -import ( - "context" -) - -// BuildInput provides the input parameters for the BuildMiddleware to consume. -// BuildMiddleware may modify the Request value before forwarding the input -// along to the next BuildHandler. -type BuildInput struct { - Request interface{} -} - -// BuildOutput provides the result returned by the next BuildHandler. -type BuildOutput struct { - Result interface{} -} - -// BuildHandler provides the interface for the next handler the -// BuildMiddleware will call in the middleware chain. -type BuildHandler interface { - HandleBuild(ctx context.Context, in BuildInput) ( - out BuildOutput, metadata Metadata, err error, - ) -} - -// BuildMiddleware provides the interface for middleware specific to the -// serialize step. Delegates to the next BuildHandler for further -// processing. -type BuildMiddleware interface { - // Unique ID for the middleware in theBuildStep. The step does not allow - // duplicate IDs. - ID() string - - // Invokes the middleware behavior which must delegate to the next handler - // for the middleware chain to continue. The method must return a result or - // error to its caller. - HandleBuild(ctx context.Context, in BuildInput, next BuildHandler) ( - out BuildOutput, metadata Metadata, err error, - ) -} - -// BuildMiddlewareFunc returns a BuildMiddleware with the unique ID provided, -// and the func to be invoked. -func BuildMiddlewareFunc(id string, fn func(context.Context, BuildInput, BuildHandler) (BuildOutput, Metadata, error)) BuildMiddleware { - return buildMiddlewareFunc{ - id: id, - fn: fn, - } -} - -type buildMiddlewareFunc struct { - // Unique ID for the middleware. - id string - - // Middleware function to be called. - fn func(context.Context, BuildInput, BuildHandler) (BuildOutput, Metadata, error) -} - -// ID returns the unique ID for the middleware. -func (s buildMiddlewareFunc) ID() string { return s.id } - -// HandleBuild invokes the middleware Fn. -func (s buildMiddlewareFunc) HandleBuild(ctx context.Context, in BuildInput, next BuildHandler) ( - out BuildOutput, metadata Metadata, err error, -) { - return s.fn(ctx, in, next) -} - -var _ BuildMiddleware = (buildMiddlewareFunc{}) - -// BuildStep provides the ordered grouping of BuildMiddleware to be invoked on -// a handler. -type BuildStep struct { - ids *orderedIDs -} - -// NewBuildStep returns a BuildStep ready to have middleware for -// initialization added to it. -func NewBuildStep() *BuildStep { - return &BuildStep{ - ids: newOrderedIDs(), - } -} - -var _ Middleware = (*BuildStep)(nil) - -// ID returns the unique name of the step as a middleware. -func (s *BuildStep) ID() string { - return "Build stack step" -} - -// HandleMiddleware invokes the middleware by decorating the next handler -// provided. Returns the result of the middleware and handler being invoked. -// -// Implements Middleware interface. -func (s *BuildStep) HandleMiddleware(ctx context.Context, in interface{}, next Handler) ( - out interface{}, metadata Metadata, err error, -) { - order := s.ids.GetOrder() - - var h BuildHandler = buildWrapHandler{Next: next} - for i := len(order) - 1; i >= 0; i-- { - h = decoratedBuildHandler{ - Next: h, - With: order[i].(BuildMiddleware), - } - } - - sIn := BuildInput{ - Request: in, - } - - res, metadata, err := h.HandleBuild(ctx, sIn) - return res.Result, metadata, err -} - -// Get retrieves the middleware identified by id. If the middleware is not present, returns false. -func (s *BuildStep) Get(id string) (BuildMiddleware, bool) { - get, ok := s.ids.Get(id) - if !ok { - return nil, false - } - return get.(BuildMiddleware), ok -} - -// Add injects the middleware to the relative position of the middleware group. -// Returns an error if the middleware already exists. -func (s *BuildStep) Add(m BuildMiddleware, pos RelativePosition) error { - return s.ids.Add(m, pos) -} - -// Insert injects the middleware relative to an existing middleware id. -// Returns an error if the original middleware does not exist, or the middleware -// being added already exists. -func (s *BuildStep) Insert(m BuildMiddleware, relativeTo string, pos RelativePosition) error { - return s.ids.Insert(m, relativeTo, pos) -} - -// Swap removes the middleware by id, replacing it with the new middleware. -// Returns the middleware removed, or an error if the middleware to be removed -// doesn't exist. -func (s *BuildStep) Swap(id string, m BuildMiddleware) (BuildMiddleware, error) { - removed, err := s.ids.Swap(id, m) - if err != nil { - return nil, err - } - - return removed.(BuildMiddleware), nil -} - -// Remove removes the middleware by id. Returns error if the middleware -// doesn't exist. -func (s *BuildStep) Remove(id string) (BuildMiddleware, error) { - removed, err := s.ids.Remove(id) - if err != nil { - return nil, err - } - - return removed.(BuildMiddleware), nil -} - -// List returns a list of the middleware in the step. -func (s *BuildStep) List() []string { - return s.ids.List() -} - -// Clear removes all middleware in the step. -func (s *BuildStep) Clear() { - s.ids.Clear() -} - -type buildWrapHandler struct { - Next Handler -} - -var _ BuildHandler = (*buildWrapHandler)(nil) - -// Implements BuildHandler, converts types and delegates to underlying -// generic handler. -func (w buildWrapHandler) HandleBuild(ctx context.Context, in BuildInput) ( - out BuildOutput, metadata Metadata, err error, -) { - res, metadata, err := w.Next.Handle(ctx, in.Request) - return BuildOutput{ - Result: res, - }, metadata, err -} - -type decoratedBuildHandler struct { - Next BuildHandler - With BuildMiddleware -} - -var _ BuildHandler = (*decoratedBuildHandler)(nil) - -func (h decoratedBuildHandler) HandleBuild(ctx context.Context, in BuildInput) ( - out BuildOutput, metadata Metadata, err error, -) { - return h.With.HandleBuild(ctx, in, h.Next) -} - -// BuildHandlerFunc provides a wrapper around a function to be used as a build middleware handler. -type BuildHandlerFunc func(context.Context, BuildInput) (BuildOutput, Metadata, error) - -// HandleBuild invokes the wrapped function with the provided arguments. -func (b BuildHandlerFunc) HandleBuild(ctx context.Context, in BuildInput) (BuildOutput, Metadata, error) { - return b(ctx, in) -} - -var _ BuildHandler = BuildHandlerFunc(nil) diff --git a/vendor/github.com/aws/smithy-go/middleware/step_deserialize.go b/vendor/github.com/aws/smithy-go/middleware/step_deserialize.go deleted file mode 100644 index 44860721..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/step_deserialize.go +++ /dev/null @@ -1,217 +0,0 @@ -package middleware - -import ( - "context" -) - -// DeserializeInput provides the input parameters for the DeserializeInput to -// consume. DeserializeMiddleware should not modify the Request, and instead -// forward it along to the next DeserializeHandler. -type DeserializeInput struct { - Request interface{} -} - -// DeserializeOutput provides the result returned by the next -// DeserializeHandler. The DeserializeMiddleware should deserialize the -// RawResponse into a Result that can be consumed by middleware higher up in -// the stack. -type DeserializeOutput struct { - RawResponse interface{} - Result interface{} -} - -// DeserializeHandler provides the interface for the next handler the -// DeserializeMiddleware will call in the middleware chain. -type DeserializeHandler interface { - HandleDeserialize(ctx context.Context, in DeserializeInput) ( - out DeserializeOutput, metadata Metadata, err error, - ) -} - -// DeserializeMiddleware provides the interface for middleware specific to the -// serialize step. Delegates to the next DeserializeHandler for further -// processing. -type DeserializeMiddleware interface { - // ID returns a unique ID for the middleware in the DeserializeStep. The step does not - // allow duplicate IDs. - ID() string - - // HandleDeserialize invokes the middleware behavior which must delegate to the next handler - // for the middleware chain to continue. The method must return a result or - // error to its caller. - HandleDeserialize(ctx context.Context, in DeserializeInput, next DeserializeHandler) ( - out DeserializeOutput, metadata Metadata, err error, - ) -} - -// DeserializeMiddlewareFunc returns a DeserializeMiddleware with the unique ID -// provided, and the func to be invoked. -func DeserializeMiddlewareFunc(id string, fn func(context.Context, DeserializeInput, DeserializeHandler) (DeserializeOutput, Metadata, error)) DeserializeMiddleware { - return deserializeMiddlewareFunc{ - id: id, - fn: fn, - } -} - -type deserializeMiddlewareFunc struct { - // Unique ID for the middleware. - id string - - // Middleware function to be called. - fn func(context.Context, DeserializeInput, DeserializeHandler) ( - DeserializeOutput, Metadata, error, - ) -} - -// ID returns the unique ID for the middleware. -func (s deserializeMiddlewareFunc) ID() string { return s.id } - -// HandleDeserialize invokes the middleware Fn. -func (s deserializeMiddlewareFunc) HandleDeserialize(ctx context.Context, in DeserializeInput, next DeserializeHandler) ( - out DeserializeOutput, metadata Metadata, err error, -) { - return s.fn(ctx, in, next) -} - -var _ DeserializeMiddleware = (deserializeMiddlewareFunc{}) - -// DeserializeStep provides the ordered grouping of DeserializeMiddleware to be -// invoked on a handler. -type DeserializeStep struct { - ids *orderedIDs -} - -// NewDeserializeStep returns a DeserializeStep ready to have middleware for -// initialization added to it. -func NewDeserializeStep() *DeserializeStep { - return &DeserializeStep{ - ids: newOrderedIDs(), - } -} - -var _ Middleware = (*DeserializeStep)(nil) - -// ID returns the unique ID of the step as a middleware. -func (s *DeserializeStep) ID() string { - return "Deserialize stack step" -} - -// HandleMiddleware invokes the middleware by decorating the next handler -// provided. Returns the result of the middleware and handler being invoked. -// -// Implements Middleware interface. -func (s *DeserializeStep) HandleMiddleware(ctx context.Context, in interface{}, next Handler) ( - out interface{}, metadata Metadata, err error, -) { - order := s.ids.GetOrder() - - var h DeserializeHandler = deserializeWrapHandler{Next: next} - for i := len(order) - 1; i >= 0; i-- { - h = decoratedDeserializeHandler{ - Next: h, - With: order[i].(DeserializeMiddleware), - } - } - - sIn := DeserializeInput{ - Request: in, - } - - res, metadata, err := h.HandleDeserialize(ctx, sIn) - return res.Result, metadata, err -} - -// Get retrieves the middleware identified by id. If the middleware is not present, returns false. -func (s *DeserializeStep) Get(id string) (DeserializeMiddleware, bool) { - get, ok := s.ids.Get(id) - if !ok { - return nil, false - } - return get.(DeserializeMiddleware), ok -} - -// Add injects the middleware to the relative position of the middleware group. -// Returns an error if the middleware already exists. -func (s *DeserializeStep) Add(m DeserializeMiddleware, pos RelativePosition) error { - return s.ids.Add(m, pos) -} - -// Insert injects the middleware relative to an existing middleware ID. -// Returns error if the original middleware does not exist, or the middleware -// being added already exists. -func (s *DeserializeStep) Insert(m DeserializeMiddleware, relativeTo string, pos RelativePosition) error { - return s.ids.Insert(m, relativeTo, pos) -} - -// Swap removes the middleware by id, replacing it with the new middleware. -// Returns the middleware removed, or error if the middleware to be removed -// doesn't exist. -func (s *DeserializeStep) Swap(id string, m DeserializeMiddleware) (DeserializeMiddleware, error) { - removed, err := s.ids.Swap(id, m) - if err != nil { - return nil, err - } - - return removed.(DeserializeMiddleware), nil -} - -// Remove removes the middleware by id. Returns error if the middleware -// doesn't exist. -func (s *DeserializeStep) Remove(id string) (DeserializeMiddleware, error) { - removed, err := s.ids.Remove(id) - if err != nil { - return nil, err - } - - return removed.(DeserializeMiddleware), nil -} - -// List returns a list of the middleware in the step. -func (s *DeserializeStep) List() []string { - return s.ids.List() -} - -// Clear removes all middleware in the step. -func (s *DeserializeStep) Clear() { - s.ids.Clear() -} - -type deserializeWrapHandler struct { - Next Handler -} - -var _ DeserializeHandler = (*deserializeWrapHandler)(nil) - -// HandleDeserialize implements DeserializeHandler, converts types and delegates to underlying -// generic handler. -func (w deserializeWrapHandler) HandleDeserialize(ctx context.Context, in DeserializeInput) ( - out DeserializeOutput, metadata Metadata, err error, -) { - resp, metadata, err := w.Next.Handle(ctx, in.Request) - return DeserializeOutput{ - RawResponse: resp, - }, metadata, err -} - -type decoratedDeserializeHandler struct { - Next DeserializeHandler - With DeserializeMiddleware -} - -var _ DeserializeHandler = (*decoratedDeserializeHandler)(nil) - -func (h decoratedDeserializeHandler) HandleDeserialize(ctx context.Context, in DeserializeInput) ( - out DeserializeOutput, metadata Metadata, err error, -) { - return h.With.HandleDeserialize(ctx, in, h.Next) -} - -// DeserializeHandlerFunc provides a wrapper around a function to be used as a deserialize middleware handler. -type DeserializeHandlerFunc func(context.Context, DeserializeInput) (DeserializeOutput, Metadata, error) - -// HandleDeserialize invokes the wrapped function with the given arguments. -func (d DeserializeHandlerFunc) HandleDeserialize(ctx context.Context, in DeserializeInput) (DeserializeOutput, Metadata, error) { - return d(ctx, in) -} - -var _ DeserializeHandler = DeserializeHandlerFunc(nil) diff --git a/vendor/github.com/aws/smithy-go/middleware/step_finalize.go b/vendor/github.com/aws/smithy-go/middleware/step_finalize.go deleted file mode 100644 index 065e3885..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/step_finalize.go +++ /dev/null @@ -1,211 +0,0 @@ -package middleware - -import "context" - -// FinalizeInput provides the input parameters for the FinalizeMiddleware to -// consume. FinalizeMiddleware may modify the Request value before forwarding -// the FinalizeInput along to the next next FinalizeHandler. -type FinalizeInput struct { - Request interface{} -} - -// FinalizeOutput provides the result returned by the next FinalizeHandler. -type FinalizeOutput struct { - Result interface{} -} - -// FinalizeHandler provides the interface for the next handler the -// FinalizeMiddleware will call in the middleware chain. -type FinalizeHandler interface { - HandleFinalize(ctx context.Context, in FinalizeInput) ( - out FinalizeOutput, metadata Metadata, err error, - ) -} - -// FinalizeMiddleware provides the interface for middleware specific to the -// serialize step. Delegates to the next FinalizeHandler for further -// processing. -type FinalizeMiddleware interface { - // ID returns a unique ID for the middleware in the FinalizeStep. The step does not - // allow duplicate IDs. - ID() string - - // HandleFinalize invokes the middleware behavior which must delegate to the next handler - // for the middleware chain to continue. The method must return a result or - // error to its caller. - HandleFinalize(ctx context.Context, in FinalizeInput, next FinalizeHandler) ( - out FinalizeOutput, metadata Metadata, err error, - ) -} - -// FinalizeMiddlewareFunc returns a FinalizeMiddleware with the unique ID -// provided, and the func to be invoked. -func FinalizeMiddlewareFunc(id string, fn func(context.Context, FinalizeInput, FinalizeHandler) (FinalizeOutput, Metadata, error)) FinalizeMiddleware { - return finalizeMiddlewareFunc{ - id: id, - fn: fn, - } -} - -type finalizeMiddlewareFunc struct { - // Unique ID for the middleware. - id string - - // Middleware function to be called. - fn func(context.Context, FinalizeInput, FinalizeHandler) ( - FinalizeOutput, Metadata, error, - ) -} - -// ID returns the unique ID for the middleware. -func (s finalizeMiddlewareFunc) ID() string { return s.id } - -// HandleFinalize invokes the middleware Fn. -func (s finalizeMiddlewareFunc) HandleFinalize(ctx context.Context, in FinalizeInput, next FinalizeHandler) ( - out FinalizeOutput, metadata Metadata, err error, -) { - return s.fn(ctx, in, next) -} - -var _ FinalizeMiddleware = (finalizeMiddlewareFunc{}) - -// FinalizeStep provides the ordered grouping of FinalizeMiddleware to be -// invoked on a handler. -type FinalizeStep struct { - ids *orderedIDs -} - -// NewFinalizeStep returns a FinalizeStep ready to have middleware for -// initialization added to it. -func NewFinalizeStep() *FinalizeStep { - return &FinalizeStep{ - ids: newOrderedIDs(), - } -} - -var _ Middleware = (*FinalizeStep)(nil) - -// ID returns the unique id of the step as a middleware. -func (s *FinalizeStep) ID() string { - return "Finalize stack step" -} - -// HandleMiddleware invokes the middleware by decorating the next handler -// provided. Returns the result of the middleware and handler being invoked. -// -// Implements Middleware interface. -func (s *FinalizeStep) HandleMiddleware(ctx context.Context, in interface{}, next Handler) ( - out interface{}, metadata Metadata, err error, -) { - order := s.ids.GetOrder() - - var h FinalizeHandler = finalizeWrapHandler{Next: next} - for i := len(order) - 1; i >= 0; i-- { - h = decoratedFinalizeHandler{ - Next: h, - With: order[i].(FinalizeMiddleware), - } - } - - sIn := FinalizeInput{ - Request: in, - } - - res, metadata, err := h.HandleFinalize(ctx, sIn) - return res.Result, metadata, err -} - -// Get retrieves the middleware identified by id. If the middleware is not present, returns false. -func (s *FinalizeStep) Get(id string) (FinalizeMiddleware, bool) { - get, ok := s.ids.Get(id) - if !ok { - return nil, false - } - return get.(FinalizeMiddleware), ok -} - -// Add injects the middleware to the relative position of the middleware group. -// Returns an error if the middleware already exists. -func (s *FinalizeStep) Add(m FinalizeMiddleware, pos RelativePosition) error { - return s.ids.Add(m, pos) -} - -// Insert injects the middleware relative to an existing middleware ID. -// Returns error if the original middleware does not exist, or the middleware -// being added already exists. -func (s *FinalizeStep) Insert(m FinalizeMiddleware, relativeTo string, pos RelativePosition) error { - return s.ids.Insert(m, relativeTo, pos) -} - -// Swap removes the middleware by id, replacing it with the new middleware. -// Returns the middleware removed, or error if the middleware to be removed -// doesn't exist. -func (s *FinalizeStep) Swap(id string, m FinalizeMiddleware) (FinalizeMiddleware, error) { - removed, err := s.ids.Swap(id, m) - if err != nil { - return nil, err - } - - return removed.(FinalizeMiddleware), nil -} - -// Remove removes the middleware by id. Returns error if the middleware -// doesn't exist. -func (s *FinalizeStep) Remove(id string) (FinalizeMiddleware, error) { - removed, err := s.ids.Remove(id) - if err != nil { - return nil, err - } - - return removed.(FinalizeMiddleware), nil -} - -// List returns a list of the middleware in the step. -func (s *FinalizeStep) List() []string { - return s.ids.List() -} - -// Clear removes all middleware in the step. -func (s *FinalizeStep) Clear() { - s.ids.Clear() -} - -type finalizeWrapHandler struct { - Next Handler -} - -var _ FinalizeHandler = (*finalizeWrapHandler)(nil) - -// HandleFinalize implements FinalizeHandler, converts types and delegates to underlying -// generic handler. -func (w finalizeWrapHandler) HandleFinalize(ctx context.Context, in FinalizeInput) ( - out FinalizeOutput, metadata Metadata, err error, -) { - res, metadata, err := w.Next.Handle(ctx, in.Request) - return FinalizeOutput{ - Result: res, - }, metadata, err -} - -type decoratedFinalizeHandler struct { - Next FinalizeHandler - With FinalizeMiddleware -} - -var _ FinalizeHandler = (*decoratedFinalizeHandler)(nil) - -func (h decoratedFinalizeHandler) HandleFinalize(ctx context.Context, in FinalizeInput) ( - out FinalizeOutput, metadata Metadata, err error, -) { - return h.With.HandleFinalize(ctx, in, h.Next) -} - -// FinalizeHandlerFunc provides a wrapper around a function to be used as a finalize middleware handler. -type FinalizeHandlerFunc func(context.Context, FinalizeInput) (FinalizeOutput, Metadata, error) - -// HandleFinalize invokes the wrapped function with the given arguments. -func (f FinalizeHandlerFunc) HandleFinalize(ctx context.Context, in FinalizeInput) (FinalizeOutput, Metadata, error) { - return f(ctx, in) -} - -var _ FinalizeHandler = FinalizeHandlerFunc(nil) diff --git a/vendor/github.com/aws/smithy-go/middleware/step_initialize.go b/vendor/github.com/aws/smithy-go/middleware/step_initialize.go deleted file mode 100644 index fe359144..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/step_initialize.go +++ /dev/null @@ -1,211 +0,0 @@ -package middleware - -import "context" - -// InitializeInput wraps the input parameters for the InitializeMiddlewares to -// consume. InitializeMiddleware may modify the parameter value before -// forwarding it along to the next InitializeHandler. -type InitializeInput struct { - Parameters interface{} -} - -// InitializeOutput provides the result returned by the next InitializeHandler. -type InitializeOutput struct { - Result interface{} -} - -// InitializeHandler provides the interface for the next handler the -// InitializeMiddleware will call in the middleware chain. -type InitializeHandler interface { - HandleInitialize(ctx context.Context, in InitializeInput) ( - out InitializeOutput, metadata Metadata, err error, - ) -} - -// InitializeMiddleware provides the interface for middleware specific to the -// initialize step. Delegates to the next InitializeHandler for further -// processing. -type InitializeMiddleware interface { - // ID returns a unique ID for the middleware in the InitializeStep. The step does not - // allow duplicate IDs. - ID() string - - // HandleInitialize invokes the middleware behavior which must delegate to the next handler - // for the middleware chain to continue. The method must return a result or - // error to its caller. - HandleInitialize(ctx context.Context, in InitializeInput, next InitializeHandler) ( - out InitializeOutput, metadata Metadata, err error, - ) -} - -// InitializeMiddlewareFunc returns a InitializeMiddleware with the unique ID provided, -// and the func to be invoked. -func InitializeMiddlewareFunc(id string, fn func(context.Context, InitializeInput, InitializeHandler) (InitializeOutput, Metadata, error)) InitializeMiddleware { - return initializeMiddlewareFunc{ - id: id, - fn: fn, - } -} - -type initializeMiddlewareFunc struct { - // Unique ID for the middleware. - id string - - // Middleware function to be called. - fn func(context.Context, InitializeInput, InitializeHandler) ( - InitializeOutput, Metadata, error, - ) -} - -// ID returns the unique ID for the middleware. -func (s initializeMiddlewareFunc) ID() string { return s.id } - -// HandleInitialize invokes the middleware Fn. -func (s initializeMiddlewareFunc) HandleInitialize(ctx context.Context, in InitializeInput, next InitializeHandler) ( - out InitializeOutput, metadata Metadata, err error, -) { - return s.fn(ctx, in, next) -} - -var _ InitializeMiddleware = (initializeMiddlewareFunc{}) - -// InitializeStep provides the ordered grouping of InitializeMiddleware to be -// invoked on a handler. -type InitializeStep struct { - ids *orderedIDs -} - -// NewInitializeStep returns an InitializeStep ready to have middleware for -// initialization added to it. -func NewInitializeStep() *InitializeStep { - return &InitializeStep{ - ids: newOrderedIDs(), - } -} - -var _ Middleware = (*InitializeStep)(nil) - -// ID returns the unique ID of the step as a middleware. -func (s *InitializeStep) ID() string { - return "Initialize stack step" -} - -// HandleMiddleware invokes the middleware by decorating the next handler -// provided. Returns the result of the middleware and handler being invoked. -// -// Implements Middleware interface. -func (s *InitializeStep) HandleMiddleware(ctx context.Context, in interface{}, next Handler) ( - out interface{}, metadata Metadata, err error, -) { - order := s.ids.GetOrder() - - var h InitializeHandler = initializeWrapHandler{Next: next} - for i := len(order) - 1; i >= 0; i-- { - h = decoratedInitializeHandler{ - Next: h, - With: order[i].(InitializeMiddleware), - } - } - - sIn := InitializeInput{ - Parameters: in, - } - - res, metadata, err := h.HandleInitialize(ctx, sIn) - return res.Result, metadata, err -} - -// Get retrieves the middleware identified by id. If the middleware is not present, returns false. -func (s *InitializeStep) Get(id string) (InitializeMiddleware, bool) { - get, ok := s.ids.Get(id) - if !ok { - return nil, false - } - return get.(InitializeMiddleware), ok -} - -// Add injects the middleware to the relative position of the middleware group. -// Returns an error if the middleware already exists. -func (s *InitializeStep) Add(m InitializeMiddleware, pos RelativePosition) error { - return s.ids.Add(m, pos) -} - -// Insert injects the middleware relative to an existing middleware ID. -// Returns error if the original middleware does not exist, or the middleware -// being added already exists. -func (s *InitializeStep) Insert(m InitializeMiddleware, relativeTo string, pos RelativePosition) error { - return s.ids.Insert(m, relativeTo, pos) -} - -// Swap removes the middleware by id, replacing it with the new middleware. -// Returns the middleware removed, or error if the middleware to be removed -// doesn't exist. -func (s *InitializeStep) Swap(id string, m InitializeMiddleware) (InitializeMiddleware, error) { - removed, err := s.ids.Swap(id, m) - if err != nil { - return nil, err - } - - return removed.(InitializeMiddleware), nil -} - -// Remove removes the middleware by id. Returns error if the middleware -// doesn't exist. -func (s *InitializeStep) Remove(id string) (InitializeMiddleware, error) { - removed, err := s.ids.Remove(id) - if err != nil { - return nil, err - } - - return removed.(InitializeMiddleware), nil -} - -// List returns a list of the middleware in the step. -func (s *InitializeStep) List() []string { - return s.ids.List() -} - -// Clear removes all middleware in the step. -func (s *InitializeStep) Clear() { - s.ids.Clear() -} - -type initializeWrapHandler struct { - Next Handler -} - -var _ InitializeHandler = (*initializeWrapHandler)(nil) - -// HandleInitialize implements InitializeHandler, converts types and delegates to underlying -// generic handler. -func (w initializeWrapHandler) HandleInitialize(ctx context.Context, in InitializeInput) ( - out InitializeOutput, metadata Metadata, err error, -) { - res, metadata, err := w.Next.Handle(ctx, in.Parameters) - return InitializeOutput{ - Result: res, - }, metadata, err -} - -type decoratedInitializeHandler struct { - Next InitializeHandler - With InitializeMiddleware -} - -var _ InitializeHandler = (*decoratedInitializeHandler)(nil) - -func (h decoratedInitializeHandler) HandleInitialize(ctx context.Context, in InitializeInput) ( - out InitializeOutput, metadata Metadata, err error, -) { - return h.With.HandleInitialize(ctx, in, h.Next) -} - -// InitializeHandlerFunc provides a wrapper around a function to be used as an initialize middleware handler. -type InitializeHandlerFunc func(context.Context, InitializeInput) (InitializeOutput, Metadata, error) - -// HandleInitialize calls the wrapped function with the provided arguments. -func (i InitializeHandlerFunc) HandleInitialize(ctx context.Context, in InitializeInput) (InitializeOutput, Metadata, error) { - return i(ctx, in) -} - -var _ InitializeHandler = InitializeHandlerFunc(nil) diff --git a/vendor/github.com/aws/smithy-go/middleware/step_serialize.go b/vendor/github.com/aws/smithy-go/middleware/step_serialize.go deleted file mode 100644 index 114bafce..00000000 --- a/vendor/github.com/aws/smithy-go/middleware/step_serialize.go +++ /dev/null @@ -1,219 +0,0 @@ -package middleware - -import "context" - -// SerializeInput provides the input parameters for the SerializeMiddleware to -// consume. SerializeMiddleware may modify the Request value before forwarding -// SerializeInput along to the next SerializeHandler. The Parameters member -// should not be modified by SerializeMiddleware, InitializeMiddleware should -// be responsible for modifying the provided Parameter value. -type SerializeInput struct { - Parameters interface{} - Request interface{} -} - -// SerializeOutput provides the result returned by the next SerializeHandler. -type SerializeOutput struct { - Result interface{} -} - -// SerializeHandler provides the interface for the next handler the -// SerializeMiddleware will call in the middleware chain. -type SerializeHandler interface { - HandleSerialize(ctx context.Context, in SerializeInput) ( - out SerializeOutput, metadata Metadata, err error, - ) -} - -// SerializeMiddleware provides the interface for middleware specific to the -// serialize step. Delegates to the next SerializeHandler for further -// processing. -type SerializeMiddleware interface { - // ID returns a unique ID for the middleware in the SerializeStep. The step does not - // allow duplicate IDs. - ID() string - - // HandleSerialize invokes the middleware behavior which must delegate to the next handler - // for the middleware chain to continue. The method must return a result or - // error to its caller. - HandleSerialize(ctx context.Context, in SerializeInput, next SerializeHandler) ( - out SerializeOutput, metadata Metadata, err error, - ) -} - -// SerializeMiddlewareFunc returns a SerializeMiddleware with the unique ID -// provided, and the func to be invoked. -func SerializeMiddlewareFunc(id string, fn func(context.Context, SerializeInput, SerializeHandler) (SerializeOutput, Metadata, error)) SerializeMiddleware { - return serializeMiddlewareFunc{ - id: id, - fn: fn, - } -} - -type serializeMiddlewareFunc struct { - // Unique ID for the middleware. - id string - - // Middleware function to be called. - fn func(context.Context, SerializeInput, SerializeHandler) ( - SerializeOutput, Metadata, error, - ) -} - -// ID returns the unique ID for the middleware. -func (s serializeMiddlewareFunc) ID() string { return s.id } - -// HandleSerialize invokes the middleware Fn. -func (s serializeMiddlewareFunc) HandleSerialize(ctx context.Context, in SerializeInput, next SerializeHandler) ( - out SerializeOutput, metadata Metadata, err error, -) { - return s.fn(ctx, in, next) -} - -var _ SerializeMiddleware = (serializeMiddlewareFunc{}) - -// SerializeStep provides the ordered grouping of SerializeMiddleware to be -// invoked on a handler. -type SerializeStep struct { - newRequest func() interface{} - ids *orderedIDs -} - -// NewSerializeStep returns a SerializeStep ready to have middleware for -// initialization added to it. The newRequest func parameter is used to -// initialize the transport specific request for the stack SerializeStep to -// serialize the input parameters into. -func NewSerializeStep(newRequest func() interface{}) *SerializeStep { - return &SerializeStep{ - ids: newOrderedIDs(), - newRequest: newRequest, - } -} - -var _ Middleware = (*SerializeStep)(nil) - -// ID returns the unique ID of the step as a middleware. -func (s *SerializeStep) ID() string { - return "Serialize stack step" -} - -// HandleMiddleware invokes the middleware by decorating the next handler -// provided. Returns the result of the middleware and handler being invoked. -// -// Implements Middleware interface. -func (s *SerializeStep) HandleMiddleware(ctx context.Context, in interface{}, next Handler) ( - out interface{}, metadata Metadata, err error, -) { - order := s.ids.GetOrder() - - var h SerializeHandler = serializeWrapHandler{Next: next} - for i := len(order) - 1; i >= 0; i-- { - h = decoratedSerializeHandler{ - Next: h, - With: order[i].(SerializeMiddleware), - } - } - - sIn := SerializeInput{ - Parameters: in, - Request: s.newRequest(), - } - - res, metadata, err := h.HandleSerialize(ctx, sIn) - return res.Result, metadata, err -} - -// Get retrieves the middleware identified by id. If the middleware is not present, returns false. -func (s *SerializeStep) Get(id string) (SerializeMiddleware, bool) { - get, ok := s.ids.Get(id) - if !ok { - return nil, false - } - return get.(SerializeMiddleware), ok -} - -// Add injects the middleware to the relative position of the middleware group. -// Returns an error if the middleware already exists. -func (s *SerializeStep) Add(m SerializeMiddleware, pos RelativePosition) error { - return s.ids.Add(m, pos) -} - -// Insert injects the middleware relative to an existing middleware ID. -// Returns error if the original middleware does not exist, or the middleware -// being added already exists. -func (s *SerializeStep) Insert(m SerializeMiddleware, relativeTo string, pos RelativePosition) error { - return s.ids.Insert(m, relativeTo, pos) -} - -// Swap removes the middleware by id, replacing it with the new middleware. -// Returns the middleware removed, or error if the middleware to be removed -// doesn't exist. -func (s *SerializeStep) Swap(id string, m SerializeMiddleware) (SerializeMiddleware, error) { - removed, err := s.ids.Swap(id, m) - if err != nil { - return nil, err - } - - return removed.(SerializeMiddleware), nil -} - -// Remove removes the middleware by id. Returns error if the middleware -// doesn't exist. -func (s *SerializeStep) Remove(id string) (SerializeMiddleware, error) { - removed, err := s.ids.Remove(id) - if err != nil { - return nil, err - } - - return removed.(SerializeMiddleware), nil -} - -// List returns a list of the middleware in the step. -func (s *SerializeStep) List() []string { - return s.ids.List() -} - -// Clear removes all middleware in the step. -func (s *SerializeStep) Clear() { - s.ids.Clear() -} - -type serializeWrapHandler struct { - Next Handler -} - -var _ SerializeHandler = (*serializeWrapHandler)(nil) - -// Implements SerializeHandler, converts types and delegates to underlying -// generic handler. -func (w serializeWrapHandler) HandleSerialize(ctx context.Context, in SerializeInput) ( - out SerializeOutput, metadata Metadata, err error, -) { - res, metadata, err := w.Next.Handle(ctx, in.Request) - return SerializeOutput{ - Result: res, - }, metadata, err -} - -type decoratedSerializeHandler struct { - Next SerializeHandler - With SerializeMiddleware -} - -var _ SerializeHandler = (*decoratedSerializeHandler)(nil) - -func (h decoratedSerializeHandler) HandleSerialize(ctx context.Context, in SerializeInput) ( - out SerializeOutput, metadata Metadata, err error, -) { - return h.With.HandleSerialize(ctx, in, h.Next) -} - -// SerializeHandlerFunc provides a wrapper around a function to be used as a serialize middleware handler. -type SerializeHandlerFunc func(context.Context, SerializeInput) (SerializeOutput, Metadata, error) - -// HandleSerialize calls the wrapped function with the provided arguments. -func (s SerializeHandlerFunc) HandleSerialize(ctx context.Context, in SerializeInput) (SerializeOutput, Metadata, error) { - return s(ctx, in) -} - -var _ SerializeHandler = SerializeHandlerFunc(nil) diff --git a/vendor/github.com/aws/smithy-go/modman.toml b/vendor/github.com/aws/smithy-go/modman.toml deleted file mode 100644 index 9d94b7cb..00000000 --- a/vendor/github.com/aws/smithy-go/modman.toml +++ /dev/null @@ -1,10 +0,0 @@ -[dependencies] - "github.com/jmespath/go-jmespath" = "v0.4.0" - -[modules] - - [modules.codegen] - no_tag = true - - [modules."codegen/smithy-go-codegen/build/test-generated/go/internal/testmodule"] - no_tag = true diff --git a/vendor/github.com/aws/smithy-go/private/requestcompression/gzip.go b/vendor/github.com/aws/smithy-go/private/requestcompression/gzip.go deleted file mode 100644 index 004d78f2..00000000 --- a/vendor/github.com/aws/smithy-go/private/requestcompression/gzip.go +++ /dev/null @@ -1,30 +0,0 @@ -package requestcompression - -import ( - "bytes" - "compress/gzip" - "fmt" - "io" -) - -func gzipCompress(input io.Reader) ([]byte, error) { - var b bytes.Buffer - w, err := gzip.NewWriterLevel(&b, gzip.DefaultCompression) - if err != nil { - return nil, fmt.Errorf("failed to create gzip writer, %v", err) - } - - inBytes, err := io.ReadAll(input) - if err != nil { - return nil, fmt.Errorf("failed read payload to compress, %v", err) - } - - if _, err = w.Write(inBytes); err != nil { - return nil, fmt.Errorf("failed to write payload to be compressed, %v", err) - } - if err = w.Close(); err != nil { - return nil, fmt.Errorf("failed to flush payload being compressed, %v", err) - } - - return b.Bytes(), nil -} diff --git a/vendor/github.com/aws/smithy-go/private/requestcompression/middleware_capture_request_compression.go b/vendor/github.com/aws/smithy-go/private/requestcompression/middleware_capture_request_compression.go deleted file mode 100644 index 06c16afc..00000000 --- a/vendor/github.com/aws/smithy-go/private/requestcompression/middleware_capture_request_compression.go +++ /dev/null @@ -1,52 +0,0 @@ -package requestcompression - -import ( - "bytes" - "context" - "fmt" - "github.com/aws/smithy-go/middleware" - smithyhttp "github.com/aws/smithy-go/transport/http" - "io" - "net/http" -) - -const captureUncompressedRequestID = "CaptureUncompressedRequest" - -// AddCaptureUncompressedRequestMiddleware captures http request before compress encoding for check -func AddCaptureUncompressedRequestMiddleware(stack *middleware.Stack, buf *bytes.Buffer) error { - return stack.Serialize.Insert(&captureUncompressedRequestMiddleware{ - buf: buf, - }, "RequestCompression", middleware.Before) -} - -type captureUncompressedRequestMiddleware struct { - req *http.Request - buf *bytes.Buffer - bytes []byte -} - -// ID returns id of the captureUncompressedRequestMiddleware -func (*captureUncompressedRequestMiddleware) ID() string { - return captureUncompressedRequestID -} - -// HandleSerialize captures request payload before it is compressed by request compression middleware -func (m *captureUncompressedRequestMiddleware) HandleSerialize(ctx context.Context, input middleware.SerializeInput, next middleware.SerializeHandler, -) ( - output middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - request, ok := input.Request.(*smithyhttp.Request) - if !ok { - return output, metadata, fmt.Errorf("error when retrieving http request") - } - - _, err = io.Copy(m.buf, request.GetStream()) - if err != nil { - return output, metadata, fmt.Errorf("error when copying http request stream: %q", err) - } - if err = request.RewindStream(); err != nil { - return output, metadata, fmt.Errorf("error when rewinding request stream: %q", err) - } - - return next.HandleSerialize(ctx, input) -} diff --git a/vendor/github.com/aws/smithy-go/private/requestcompression/request_compression.go b/vendor/github.com/aws/smithy-go/private/requestcompression/request_compression.go deleted file mode 100644 index 7c414760..00000000 --- a/vendor/github.com/aws/smithy-go/private/requestcompression/request_compression.go +++ /dev/null @@ -1,103 +0,0 @@ -// Package requestcompression implements runtime support for smithy-modeled -// request compression. -// -// This package is designated as private and is intended for use only by the -// smithy client runtime. The exported API therein is not considered stable and -// is subject to breaking changes without notice. -package requestcompression - -import ( - "bytes" - "context" - "fmt" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/transport/http" - "io" -) - -const MaxRequestMinCompressSizeBytes = 10485760 - -// Enumeration values for supported compress Algorithms. -const ( - GZIP = "gzip" -) - -type compressFunc func(io.Reader) ([]byte, error) - -var allowedAlgorithms = map[string]compressFunc{ - GZIP: gzipCompress, -} - -// AddRequestCompression add requestCompression middleware to op stack -func AddRequestCompression(stack *middleware.Stack, disabled bool, minBytes int64, algorithms []string) error { - return stack.Serialize.Add(&requestCompression{ - disableRequestCompression: disabled, - requestMinCompressSizeBytes: minBytes, - compressAlgorithms: algorithms, - }, middleware.After) -} - -type requestCompression struct { - disableRequestCompression bool - requestMinCompressSizeBytes int64 - compressAlgorithms []string -} - -// ID returns the ID of the middleware -func (m requestCompression) ID() string { - return "RequestCompression" -} - -// HandleSerialize gzip compress the request's stream/body if enabled by config fields -func (m requestCompression) HandleSerialize( - ctx context.Context, in middleware.SerializeInput, next middleware.SerializeHandler, -) ( - out middleware.SerializeOutput, metadata middleware.Metadata, err error, -) { - if m.disableRequestCompression { - return next.HandleSerialize(ctx, in) - } - // still need to check requestMinCompressSizeBytes in case it is out of range after service client config - if m.requestMinCompressSizeBytes < 0 || m.requestMinCompressSizeBytes > MaxRequestMinCompressSizeBytes { - return out, metadata, fmt.Errorf("invalid range for min request compression size bytes %d, must be within 0 and 10485760 inclusively", m.requestMinCompressSizeBytes) - } - - req, ok := in.Request.(*http.Request) - if !ok { - return out, metadata, fmt.Errorf("unknown request type %T", req) - } - - for _, algorithm := range m.compressAlgorithms { - compressFunc := allowedAlgorithms[algorithm] - if compressFunc != nil { - if stream := req.GetStream(); stream != nil { - size, found, err := req.StreamLength() - if err != nil { - return out, metadata, fmt.Errorf("error while finding request stream length, %v", err) - } else if !found || size < m.requestMinCompressSizeBytes { - return next.HandleSerialize(ctx, in) - } - - compressedBytes, err := compressFunc(stream) - if err != nil { - return out, metadata, fmt.Errorf("failed to compress request stream, %v", err) - } - - var newReq *http.Request - if newReq, err = req.SetStream(bytes.NewReader(compressedBytes)); err != nil { - return out, metadata, fmt.Errorf("failed to set request stream, %v", err) - } - *req = *newReq - - if val := req.Header.Get("Content-Encoding"); val != "" { - req.Header.Set("Content-Encoding", fmt.Sprintf("%s, %s", val, algorithm)) - } else { - req.Header.Set("Content-Encoding", algorithm) - } - } - break - } - } - - return next.HandleSerialize(ctx, in) -} diff --git a/vendor/github.com/aws/smithy-go/properties.go b/vendor/github.com/aws/smithy-go/properties.go deleted file mode 100644 index 68df4c4e..00000000 --- a/vendor/github.com/aws/smithy-go/properties.go +++ /dev/null @@ -1,69 +0,0 @@ -package smithy - -import "maps" - -// PropertiesReader provides an interface for reading metadata from the -// underlying metadata container. -type PropertiesReader interface { - Get(key any) any -} - -// Properties provides storing and reading metadata values. Keys may be any -// comparable value type. Get and Set will panic if a key is not comparable. -// -// The zero value for a Properties instance is ready for reads/writes without -// any additional initialization. -type Properties struct { - values map[any]any -} - -// Get attempts to retrieve the value the key points to. Returns nil if the -// key was not found. -// -// Panics if key type is not comparable. -func (m *Properties) Get(key any) any { - m.lazyInit() - return m.values[key] -} - -// Set stores the value pointed to by the key. If a value already exists at -// that key it will be replaced with the new value. -// -// Panics if the key type is not comparable. -func (m *Properties) Set(key, value any) { - m.lazyInit() - m.values[key] = value -} - -// Has returns whether the key exists in the metadata. -// -// Panics if the key type is not comparable. -func (m *Properties) Has(key any) bool { - m.lazyInit() - _, ok := m.values[key] - return ok -} - -// SetAll accepts all of the given Properties into the receiver, overwriting -// any existing keys in the case of conflicts. -func (m *Properties) SetAll(other *Properties) { - if other.values == nil { - return - } - - m.lazyInit() - for k, v := range other.values { - m.values[k] = v - } -} - -// Values returns a shallow clone of the property set's values. -func (m *Properties) Values() map[any]any { - return maps.Clone(m.values) -} - -func (m *Properties) lazyInit() { - if m.values == nil { - m.values = map[any]any{} - } -} diff --git a/vendor/github.com/aws/smithy-go/ptr/doc.go b/vendor/github.com/aws/smithy-go/ptr/doc.go deleted file mode 100644 index bc1f6996..00000000 --- a/vendor/github.com/aws/smithy-go/ptr/doc.go +++ /dev/null @@ -1,5 +0,0 @@ -// Package ptr provides utilities for converting scalar literal type values to and from pointers inline. -package ptr - -//go:generate go run -tags codegen generate.go -//go:generate gofmt -w -s . diff --git a/vendor/github.com/aws/smithy-go/ptr/from_ptr.go b/vendor/github.com/aws/smithy-go/ptr/from_ptr.go deleted file mode 100644 index a2845bb2..00000000 --- a/vendor/github.com/aws/smithy-go/ptr/from_ptr.go +++ /dev/null @@ -1,601 +0,0 @@ -// Code generated by smithy-go/ptr/generate.go DO NOT EDIT. -package ptr - -import ( - "time" -) - -// ToBool returns bool value dereferenced if the passed -// in pointer was not nil. Returns a bool zero value if the -// pointer was nil. -func ToBool(p *bool) (v bool) { - if p == nil { - return v - } - - return *p -} - -// ToBoolSlice returns a slice of bool values, that are -// dereferenced if the passed in pointer was not nil. Returns a bool -// zero value if the pointer was nil. -func ToBoolSlice(vs []*bool) []bool { - ps := make([]bool, len(vs)) - for i, v := range vs { - ps[i] = ToBool(v) - } - - return ps -} - -// ToBoolMap returns a map of bool values, that are -// dereferenced if the passed in pointer was not nil. The bool -// zero value is used if the pointer was nil. -func ToBoolMap(vs map[string]*bool) map[string]bool { - ps := make(map[string]bool, len(vs)) - for k, v := range vs { - ps[k] = ToBool(v) - } - - return ps -} - -// ToByte returns byte value dereferenced if the passed -// in pointer was not nil. Returns a byte zero value if the -// pointer was nil. -func ToByte(p *byte) (v byte) { - if p == nil { - return v - } - - return *p -} - -// ToByteSlice returns a slice of byte values, that are -// dereferenced if the passed in pointer was not nil. Returns a byte -// zero value if the pointer was nil. -func ToByteSlice(vs []*byte) []byte { - ps := make([]byte, len(vs)) - for i, v := range vs { - ps[i] = ToByte(v) - } - - return ps -} - -// ToByteMap returns a map of byte values, that are -// dereferenced if the passed in pointer was not nil. The byte -// zero value is used if the pointer was nil. -func ToByteMap(vs map[string]*byte) map[string]byte { - ps := make(map[string]byte, len(vs)) - for k, v := range vs { - ps[k] = ToByte(v) - } - - return ps -} - -// ToString returns string value dereferenced if the passed -// in pointer was not nil. Returns a string zero value if the -// pointer was nil. -func ToString(p *string) (v string) { - if p == nil { - return v - } - - return *p -} - -// ToStringSlice returns a slice of string values, that are -// dereferenced if the passed in pointer was not nil. Returns a string -// zero value if the pointer was nil. -func ToStringSlice(vs []*string) []string { - ps := make([]string, len(vs)) - for i, v := range vs { - ps[i] = ToString(v) - } - - return ps -} - -// ToStringMap returns a map of string values, that are -// dereferenced if the passed in pointer was not nil. The string -// zero value is used if the pointer was nil. -func ToStringMap(vs map[string]*string) map[string]string { - ps := make(map[string]string, len(vs)) - for k, v := range vs { - ps[k] = ToString(v) - } - - return ps -} - -// ToInt returns int value dereferenced if the passed -// in pointer was not nil. Returns a int zero value if the -// pointer was nil. -func ToInt(p *int) (v int) { - if p == nil { - return v - } - - return *p -} - -// ToIntSlice returns a slice of int values, that are -// dereferenced if the passed in pointer was not nil. Returns a int -// zero value if the pointer was nil. -func ToIntSlice(vs []*int) []int { - ps := make([]int, len(vs)) - for i, v := range vs { - ps[i] = ToInt(v) - } - - return ps -} - -// ToIntMap returns a map of int values, that are -// dereferenced if the passed in pointer was not nil. The int -// zero value is used if the pointer was nil. -func ToIntMap(vs map[string]*int) map[string]int { - ps := make(map[string]int, len(vs)) - for k, v := range vs { - ps[k] = ToInt(v) - } - - return ps -} - -// ToInt8 returns int8 value dereferenced if the passed -// in pointer was not nil. Returns a int8 zero value if the -// pointer was nil. -func ToInt8(p *int8) (v int8) { - if p == nil { - return v - } - - return *p -} - -// ToInt8Slice returns a slice of int8 values, that are -// dereferenced if the passed in pointer was not nil. Returns a int8 -// zero value if the pointer was nil. -func ToInt8Slice(vs []*int8) []int8 { - ps := make([]int8, len(vs)) - for i, v := range vs { - ps[i] = ToInt8(v) - } - - return ps -} - -// ToInt8Map returns a map of int8 values, that are -// dereferenced if the passed in pointer was not nil. The int8 -// zero value is used if the pointer was nil. -func ToInt8Map(vs map[string]*int8) map[string]int8 { - ps := make(map[string]int8, len(vs)) - for k, v := range vs { - ps[k] = ToInt8(v) - } - - return ps -} - -// ToInt16 returns int16 value dereferenced if the passed -// in pointer was not nil. Returns a int16 zero value if the -// pointer was nil. -func ToInt16(p *int16) (v int16) { - if p == nil { - return v - } - - return *p -} - -// ToInt16Slice returns a slice of int16 values, that are -// dereferenced if the passed in pointer was not nil. Returns a int16 -// zero value if the pointer was nil. -func ToInt16Slice(vs []*int16) []int16 { - ps := make([]int16, len(vs)) - for i, v := range vs { - ps[i] = ToInt16(v) - } - - return ps -} - -// ToInt16Map returns a map of int16 values, that are -// dereferenced if the passed in pointer was not nil. The int16 -// zero value is used if the pointer was nil. -func ToInt16Map(vs map[string]*int16) map[string]int16 { - ps := make(map[string]int16, len(vs)) - for k, v := range vs { - ps[k] = ToInt16(v) - } - - return ps -} - -// ToInt32 returns int32 value dereferenced if the passed -// in pointer was not nil. Returns a int32 zero value if the -// pointer was nil. -func ToInt32(p *int32) (v int32) { - if p == nil { - return v - } - - return *p -} - -// ToInt32Slice returns a slice of int32 values, that are -// dereferenced if the passed in pointer was not nil. Returns a int32 -// zero value if the pointer was nil. -func ToInt32Slice(vs []*int32) []int32 { - ps := make([]int32, len(vs)) - for i, v := range vs { - ps[i] = ToInt32(v) - } - - return ps -} - -// ToInt32Map returns a map of int32 values, that are -// dereferenced if the passed in pointer was not nil. The int32 -// zero value is used if the pointer was nil. -func ToInt32Map(vs map[string]*int32) map[string]int32 { - ps := make(map[string]int32, len(vs)) - for k, v := range vs { - ps[k] = ToInt32(v) - } - - return ps -} - -// ToInt64 returns int64 value dereferenced if the passed -// in pointer was not nil. Returns a int64 zero value if the -// pointer was nil. -func ToInt64(p *int64) (v int64) { - if p == nil { - return v - } - - return *p -} - -// ToInt64Slice returns a slice of int64 values, that are -// dereferenced if the passed in pointer was not nil. Returns a int64 -// zero value if the pointer was nil. -func ToInt64Slice(vs []*int64) []int64 { - ps := make([]int64, len(vs)) - for i, v := range vs { - ps[i] = ToInt64(v) - } - - return ps -} - -// ToInt64Map returns a map of int64 values, that are -// dereferenced if the passed in pointer was not nil. The int64 -// zero value is used if the pointer was nil. -func ToInt64Map(vs map[string]*int64) map[string]int64 { - ps := make(map[string]int64, len(vs)) - for k, v := range vs { - ps[k] = ToInt64(v) - } - - return ps -} - -// ToUint returns uint value dereferenced if the passed -// in pointer was not nil. Returns a uint zero value if the -// pointer was nil. -func ToUint(p *uint) (v uint) { - if p == nil { - return v - } - - return *p -} - -// ToUintSlice returns a slice of uint values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint -// zero value if the pointer was nil. -func ToUintSlice(vs []*uint) []uint { - ps := make([]uint, len(vs)) - for i, v := range vs { - ps[i] = ToUint(v) - } - - return ps -} - -// ToUintMap returns a map of uint values, that are -// dereferenced if the passed in pointer was not nil. The uint -// zero value is used if the pointer was nil. -func ToUintMap(vs map[string]*uint) map[string]uint { - ps := make(map[string]uint, len(vs)) - for k, v := range vs { - ps[k] = ToUint(v) - } - - return ps -} - -// ToUint8 returns uint8 value dereferenced if the passed -// in pointer was not nil. Returns a uint8 zero value if the -// pointer was nil. -func ToUint8(p *uint8) (v uint8) { - if p == nil { - return v - } - - return *p -} - -// ToUint8Slice returns a slice of uint8 values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint8 -// zero value if the pointer was nil. -func ToUint8Slice(vs []*uint8) []uint8 { - ps := make([]uint8, len(vs)) - for i, v := range vs { - ps[i] = ToUint8(v) - } - - return ps -} - -// ToUint8Map returns a map of uint8 values, that are -// dereferenced if the passed in pointer was not nil. The uint8 -// zero value is used if the pointer was nil. -func ToUint8Map(vs map[string]*uint8) map[string]uint8 { - ps := make(map[string]uint8, len(vs)) - for k, v := range vs { - ps[k] = ToUint8(v) - } - - return ps -} - -// ToUint16 returns uint16 value dereferenced if the passed -// in pointer was not nil. Returns a uint16 zero value if the -// pointer was nil. -func ToUint16(p *uint16) (v uint16) { - if p == nil { - return v - } - - return *p -} - -// ToUint16Slice returns a slice of uint16 values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint16 -// zero value if the pointer was nil. -func ToUint16Slice(vs []*uint16) []uint16 { - ps := make([]uint16, len(vs)) - for i, v := range vs { - ps[i] = ToUint16(v) - } - - return ps -} - -// ToUint16Map returns a map of uint16 values, that are -// dereferenced if the passed in pointer was not nil. The uint16 -// zero value is used if the pointer was nil. -func ToUint16Map(vs map[string]*uint16) map[string]uint16 { - ps := make(map[string]uint16, len(vs)) - for k, v := range vs { - ps[k] = ToUint16(v) - } - - return ps -} - -// ToUint32 returns uint32 value dereferenced if the passed -// in pointer was not nil. Returns a uint32 zero value if the -// pointer was nil. -func ToUint32(p *uint32) (v uint32) { - if p == nil { - return v - } - - return *p -} - -// ToUint32Slice returns a slice of uint32 values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint32 -// zero value if the pointer was nil. -func ToUint32Slice(vs []*uint32) []uint32 { - ps := make([]uint32, len(vs)) - for i, v := range vs { - ps[i] = ToUint32(v) - } - - return ps -} - -// ToUint32Map returns a map of uint32 values, that are -// dereferenced if the passed in pointer was not nil. The uint32 -// zero value is used if the pointer was nil. -func ToUint32Map(vs map[string]*uint32) map[string]uint32 { - ps := make(map[string]uint32, len(vs)) - for k, v := range vs { - ps[k] = ToUint32(v) - } - - return ps -} - -// ToUint64 returns uint64 value dereferenced if the passed -// in pointer was not nil. Returns a uint64 zero value if the -// pointer was nil. -func ToUint64(p *uint64) (v uint64) { - if p == nil { - return v - } - - return *p -} - -// ToUint64Slice returns a slice of uint64 values, that are -// dereferenced if the passed in pointer was not nil. Returns a uint64 -// zero value if the pointer was nil. -func ToUint64Slice(vs []*uint64) []uint64 { - ps := make([]uint64, len(vs)) - for i, v := range vs { - ps[i] = ToUint64(v) - } - - return ps -} - -// ToUint64Map returns a map of uint64 values, that are -// dereferenced if the passed in pointer was not nil. The uint64 -// zero value is used if the pointer was nil. -func ToUint64Map(vs map[string]*uint64) map[string]uint64 { - ps := make(map[string]uint64, len(vs)) - for k, v := range vs { - ps[k] = ToUint64(v) - } - - return ps -} - -// ToFloat32 returns float32 value dereferenced if the passed -// in pointer was not nil. Returns a float32 zero value if the -// pointer was nil. -func ToFloat32(p *float32) (v float32) { - if p == nil { - return v - } - - return *p -} - -// ToFloat32Slice returns a slice of float32 values, that are -// dereferenced if the passed in pointer was not nil. Returns a float32 -// zero value if the pointer was nil. -func ToFloat32Slice(vs []*float32) []float32 { - ps := make([]float32, len(vs)) - for i, v := range vs { - ps[i] = ToFloat32(v) - } - - return ps -} - -// ToFloat32Map returns a map of float32 values, that are -// dereferenced if the passed in pointer was not nil. The float32 -// zero value is used if the pointer was nil. -func ToFloat32Map(vs map[string]*float32) map[string]float32 { - ps := make(map[string]float32, len(vs)) - for k, v := range vs { - ps[k] = ToFloat32(v) - } - - return ps -} - -// ToFloat64 returns float64 value dereferenced if the passed -// in pointer was not nil. Returns a float64 zero value if the -// pointer was nil. -func ToFloat64(p *float64) (v float64) { - if p == nil { - return v - } - - return *p -} - -// ToFloat64Slice returns a slice of float64 values, that are -// dereferenced if the passed in pointer was not nil. Returns a float64 -// zero value if the pointer was nil. -func ToFloat64Slice(vs []*float64) []float64 { - ps := make([]float64, len(vs)) - for i, v := range vs { - ps[i] = ToFloat64(v) - } - - return ps -} - -// ToFloat64Map returns a map of float64 values, that are -// dereferenced if the passed in pointer was not nil. The float64 -// zero value is used if the pointer was nil. -func ToFloat64Map(vs map[string]*float64) map[string]float64 { - ps := make(map[string]float64, len(vs)) - for k, v := range vs { - ps[k] = ToFloat64(v) - } - - return ps -} - -// ToTime returns time.Time value dereferenced if the passed -// in pointer was not nil. Returns a time.Time zero value if the -// pointer was nil. -func ToTime(p *time.Time) (v time.Time) { - if p == nil { - return v - } - - return *p -} - -// ToTimeSlice returns a slice of time.Time values, that are -// dereferenced if the passed in pointer was not nil. Returns a time.Time -// zero value if the pointer was nil. -func ToTimeSlice(vs []*time.Time) []time.Time { - ps := make([]time.Time, len(vs)) - for i, v := range vs { - ps[i] = ToTime(v) - } - - return ps -} - -// ToTimeMap returns a map of time.Time values, that are -// dereferenced if the passed in pointer was not nil. The time.Time -// zero value is used if the pointer was nil. -func ToTimeMap(vs map[string]*time.Time) map[string]time.Time { - ps := make(map[string]time.Time, len(vs)) - for k, v := range vs { - ps[k] = ToTime(v) - } - - return ps -} - -// ToDuration returns time.Duration value dereferenced if the passed -// in pointer was not nil. Returns a time.Duration zero value if the -// pointer was nil. -func ToDuration(p *time.Duration) (v time.Duration) { - if p == nil { - return v - } - - return *p -} - -// ToDurationSlice returns a slice of time.Duration values, that are -// dereferenced if the passed in pointer was not nil. Returns a time.Duration -// zero value if the pointer was nil. -func ToDurationSlice(vs []*time.Duration) []time.Duration { - ps := make([]time.Duration, len(vs)) - for i, v := range vs { - ps[i] = ToDuration(v) - } - - return ps -} - -// ToDurationMap returns a map of time.Duration values, that are -// dereferenced if the passed in pointer was not nil. The time.Duration -// zero value is used if the pointer was nil. -func ToDurationMap(vs map[string]*time.Duration) map[string]time.Duration { - ps := make(map[string]time.Duration, len(vs)) - for k, v := range vs { - ps[k] = ToDuration(v) - } - - return ps -} diff --git a/vendor/github.com/aws/smithy-go/ptr/gen_scalars.go b/vendor/github.com/aws/smithy-go/ptr/gen_scalars.go deleted file mode 100644 index 97f01011..00000000 --- a/vendor/github.com/aws/smithy-go/ptr/gen_scalars.go +++ /dev/null @@ -1,83 +0,0 @@ -//go:build codegen -// +build codegen - -package ptr - -import "strings" - -func GetScalars() Scalars { - return Scalars{ - {Type: "bool"}, - {Type: "byte"}, - {Type: "string"}, - {Type: "int"}, - {Type: "int8"}, - {Type: "int16"}, - {Type: "int32"}, - {Type: "int64"}, - {Type: "uint"}, - {Type: "uint8"}, - {Type: "uint16"}, - {Type: "uint32"}, - {Type: "uint64"}, - {Type: "float32"}, - {Type: "float64"}, - {Type: "Time", Import: &Import{Path: "time"}}, - {Type: "Duration", Import: &Import{Path: "time"}}, - } -} - -// Import provides the import path and optional alias -type Import struct { - Path string - Alias string -} - -// Package returns the Go package name for the import. Returns alias if set. -func (i Import) Package() string { - if v := i.Alias; len(v) != 0 { - return v - } - - if v := i.Path; len(v) != 0 { - parts := strings.Split(v, "/") - pkg := parts[len(parts)-1] - return pkg - } - - return "" -} - -// Scalar provides the definition of a type to generate pointer utilities for. -type Scalar struct { - Type string - Import *Import -} - -// Name returns the exported function name for the type. -func (t Scalar) Name() string { - return strings.Title(t.Type) -} - -// Symbol returns the scalar's Go symbol with path if needed. -func (t Scalar) Symbol() string { - if t.Import != nil { - return t.Import.Package() + "." + t.Type - } - return t.Type -} - -// Scalars is a list of scalars. -type Scalars []Scalar - -// Imports returns all imports for the scalars. -func (ts Scalars) Imports() []*Import { - imports := []*Import{} - for _, t := range ts { - if v := t.Import; v != nil { - imports = append(imports, v) - } - } - - return imports -} diff --git a/vendor/github.com/aws/smithy-go/ptr/to_ptr.go b/vendor/github.com/aws/smithy-go/ptr/to_ptr.go deleted file mode 100644 index 0bfbbecb..00000000 --- a/vendor/github.com/aws/smithy-go/ptr/to_ptr.go +++ /dev/null @@ -1,499 +0,0 @@ -// Code generated by smithy-go/ptr/generate.go DO NOT EDIT. -package ptr - -import ( - "time" -) - -// Bool returns a pointer value for the bool value passed in. -func Bool(v bool) *bool { - return &v -} - -// BoolSlice returns a slice of bool pointers from the values -// passed in. -func BoolSlice(vs []bool) []*bool { - ps := make([]*bool, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// BoolMap returns a map of bool pointers from the values -// passed in. -func BoolMap(vs map[string]bool) map[string]*bool { - ps := make(map[string]*bool, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Byte returns a pointer value for the byte value passed in. -func Byte(v byte) *byte { - return &v -} - -// ByteSlice returns a slice of byte pointers from the values -// passed in. -func ByteSlice(vs []byte) []*byte { - ps := make([]*byte, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// ByteMap returns a map of byte pointers from the values -// passed in. -func ByteMap(vs map[string]byte) map[string]*byte { - ps := make(map[string]*byte, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// String returns a pointer value for the string value passed in. -func String(v string) *string { - return &v -} - -// StringSlice returns a slice of string pointers from the values -// passed in. -func StringSlice(vs []string) []*string { - ps := make([]*string, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// StringMap returns a map of string pointers from the values -// passed in. -func StringMap(vs map[string]string) map[string]*string { - ps := make(map[string]*string, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Int returns a pointer value for the int value passed in. -func Int(v int) *int { - return &v -} - -// IntSlice returns a slice of int pointers from the values -// passed in. -func IntSlice(vs []int) []*int { - ps := make([]*int, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// IntMap returns a map of int pointers from the values -// passed in. -func IntMap(vs map[string]int) map[string]*int { - ps := make(map[string]*int, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Int8 returns a pointer value for the int8 value passed in. -func Int8(v int8) *int8 { - return &v -} - -// Int8Slice returns a slice of int8 pointers from the values -// passed in. -func Int8Slice(vs []int8) []*int8 { - ps := make([]*int8, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Int8Map returns a map of int8 pointers from the values -// passed in. -func Int8Map(vs map[string]int8) map[string]*int8 { - ps := make(map[string]*int8, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Int16 returns a pointer value for the int16 value passed in. -func Int16(v int16) *int16 { - return &v -} - -// Int16Slice returns a slice of int16 pointers from the values -// passed in. -func Int16Slice(vs []int16) []*int16 { - ps := make([]*int16, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Int16Map returns a map of int16 pointers from the values -// passed in. -func Int16Map(vs map[string]int16) map[string]*int16 { - ps := make(map[string]*int16, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Int32 returns a pointer value for the int32 value passed in. -func Int32(v int32) *int32 { - return &v -} - -// Int32Slice returns a slice of int32 pointers from the values -// passed in. -func Int32Slice(vs []int32) []*int32 { - ps := make([]*int32, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Int32Map returns a map of int32 pointers from the values -// passed in. -func Int32Map(vs map[string]int32) map[string]*int32 { - ps := make(map[string]*int32, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Int64 returns a pointer value for the int64 value passed in. -func Int64(v int64) *int64 { - return &v -} - -// Int64Slice returns a slice of int64 pointers from the values -// passed in. -func Int64Slice(vs []int64) []*int64 { - ps := make([]*int64, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Int64Map returns a map of int64 pointers from the values -// passed in. -func Int64Map(vs map[string]int64) map[string]*int64 { - ps := make(map[string]*int64, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Uint returns a pointer value for the uint value passed in. -func Uint(v uint) *uint { - return &v -} - -// UintSlice returns a slice of uint pointers from the values -// passed in. -func UintSlice(vs []uint) []*uint { - ps := make([]*uint, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// UintMap returns a map of uint pointers from the values -// passed in. -func UintMap(vs map[string]uint) map[string]*uint { - ps := make(map[string]*uint, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Uint8 returns a pointer value for the uint8 value passed in. -func Uint8(v uint8) *uint8 { - return &v -} - -// Uint8Slice returns a slice of uint8 pointers from the values -// passed in. -func Uint8Slice(vs []uint8) []*uint8 { - ps := make([]*uint8, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Uint8Map returns a map of uint8 pointers from the values -// passed in. -func Uint8Map(vs map[string]uint8) map[string]*uint8 { - ps := make(map[string]*uint8, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Uint16 returns a pointer value for the uint16 value passed in. -func Uint16(v uint16) *uint16 { - return &v -} - -// Uint16Slice returns a slice of uint16 pointers from the values -// passed in. -func Uint16Slice(vs []uint16) []*uint16 { - ps := make([]*uint16, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Uint16Map returns a map of uint16 pointers from the values -// passed in. -func Uint16Map(vs map[string]uint16) map[string]*uint16 { - ps := make(map[string]*uint16, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Uint32 returns a pointer value for the uint32 value passed in. -func Uint32(v uint32) *uint32 { - return &v -} - -// Uint32Slice returns a slice of uint32 pointers from the values -// passed in. -func Uint32Slice(vs []uint32) []*uint32 { - ps := make([]*uint32, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Uint32Map returns a map of uint32 pointers from the values -// passed in. -func Uint32Map(vs map[string]uint32) map[string]*uint32 { - ps := make(map[string]*uint32, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Uint64 returns a pointer value for the uint64 value passed in. -func Uint64(v uint64) *uint64 { - return &v -} - -// Uint64Slice returns a slice of uint64 pointers from the values -// passed in. -func Uint64Slice(vs []uint64) []*uint64 { - ps := make([]*uint64, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Uint64Map returns a map of uint64 pointers from the values -// passed in. -func Uint64Map(vs map[string]uint64) map[string]*uint64 { - ps := make(map[string]*uint64, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Float32 returns a pointer value for the float32 value passed in. -func Float32(v float32) *float32 { - return &v -} - -// Float32Slice returns a slice of float32 pointers from the values -// passed in. -func Float32Slice(vs []float32) []*float32 { - ps := make([]*float32, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Float32Map returns a map of float32 pointers from the values -// passed in. -func Float32Map(vs map[string]float32) map[string]*float32 { - ps := make(map[string]*float32, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Float64 returns a pointer value for the float64 value passed in. -func Float64(v float64) *float64 { - return &v -} - -// Float64Slice returns a slice of float64 pointers from the values -// passed in. -func Float64Slice(vs []float64) []*float64 { - ps := make([]*float64, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// Float64Map returns a map of float64 pointers from the values -// passed in. -func Float64Map(vs map[string]float64) map[string]*float64 { - ps := make(map[string]*float64, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Time returns a pointer value for the time.Time value passed in. -func Time(v time.Time) *time.Time { - return &v -} - -// TimeSlice returns a slice of time.Time pointers from the values -// passed in. -func TimeSlice(vs []time.Time) []*time.Time { - ps := make([]*time.Time, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// TimeMap returns a map of time.Time pointers from the values -// passed in. -func TimeMap(vs map[string]time.Time) map[string]*time.Time { - ps := make(map[string]*time.Time, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} - -// Duration returns a pointer value for the time.Duration value passed in. -func Duration(v time.Duration) *time.Duration { - return &v -} - -// DurationSlice returns a slice of time.Duration pointers from the values -// passed in. -func DurationSlice(vs []time.Duration) []*time.Duration { - ps := make([]*time.Duration, len(vs)) - for i, v := range vs { - vv := v - ps[i] = &vv - } - - return ps -} - -// DurationMap returns a map of time.Duration pointers from the values -// passed in. -func DurationMap(vs map[string]time.Duration) map[string]*time.Duration { - ps := make(map[string]*time.Duration, len(vs)) - for k, v := range vs { - vv := v - ps[k] = &vv - } - - return ps -} diff --git a/vendor/github.com/aws/smithy-go/rand/doc.go b/vendor/github.com/aws/smithy-go/rand/doc.go deleted file mode 100644 index f8b25d56..00000000 --- a/vendor/github.com/aws/smithy-go/rand/doc.go +++ /dev/null @@ -1,3 +0,0 @@ -// Package rand provides utilities for creating and working with random value -// generators. -package rand diff --git a/vendor/github.com/aws/smithy-go/rand/rand.go b/vendor/github.com/aws/smithy-go/rand/rand.go deleted file mode 100644 index 9c479f62..00000000 --- a/vendor/github.com/aws/smithy-go/rand/rand.go +++ /dev/null @@ -1,31 +0,0 @@ -package rand - -import ( - "crypto/rand" - "fmt" - "io" - "math/big" -) - -func init() { - Reader = rand.Reader -} - -// Reader provides a random reader that can reset during testing. -var Reader io.Reader - -// Int63n returns a int64 between zero and value of max, read from an io.Reader source. -func Int63n(reader io.Reader, max int64) (int64, error) { - bi, err := rand.Int(reader, big.NewInt(max)) - if err != nil { - return 0, fmt.Errorf("failed to read random value, %w", err) - } - - return bi.Int64(), nil -} - -// CryptoRandInt63n returns a random int64 between zero and value of max -// obtained from the crypto rand source. -func CryptoRandInt63n(max int64) (int64, error) { - return Int63n(Reader, max) -} diff --git a/vendor/github.com/aws/smithy-go/rand/uuid.go b/vendor/github.com/aws/smithy-go/rand/uuid.go deleted file mode 100644 index dc81cbc6..00000000 --- a/vendor/github.com/aws/smithy-go/rand/uuid.go +++ /dev/null @@ -1,87 +0,0 @@ -package rand - -import ( - "encoding/hex" - "io" -) - -const dash byte = '-' - -// UUIDIdempotencyToken provides a utility to get idempotency tokens in the -// UUID format. -type UUIDIdempotencyToken struct { - uuid *UUID -} - -// NewUUIDIdempotencyToken returns a idempotency token provider returning -// tokens in the UUID random format using the reader provided. -func NewUUIDIdempotencyToken(r io.Reader) *UUIDIdempotencyToken { - return &UUIDIdempotencyToken{uuid: NewUUID(r)} -} - -// GetIdempotencyToken returns a random UUID value for Idempotency token. -func (u UUIDIdempotencyToken) GetIdempotencyToken() (string, error) { - return u.uuid.GetUUID() -} - -// UUID provides computing random UUID version 4 values from a random source -// reader. -type UUID struct { - randSrc io.Reader -} - -// NewUUID returns an initialized UUID value that can be used to retrieve -// random UUID version 4 values. -func NewUUID(r io.Reader) *UUID { - return &UUID{randSrc: r} -} - -// GetUUID returns a random UUID version 4 string representation sourced from the random reader the -// UUID was created with. Returns an error if unable to compute the UUID. -func (r *UUID) GetUUID() (string, error) { - var b [16]byte - if _, err := io.ReadFull(r.randSrc, b[:]); err != nil { - return "", err - } - r.makeUUIDv4(b[:]) - return format(b), nil -} - -// GetBytes returns a byte slice containing a random UUID version 4 sourced from the random reader the -// UUID was created with. Returns an error if unable to compute the UUID. -func (r *UUID) GetBytes() (u []byte, err error) { - u = make([]byte, 16) - if _, err = io.ReadFull(r.randSrc, u); err != nil { - return u, err - } - r.makeUUIDv4(u) - return u, nil -} - -func (r *UUID) makeUUIDv4(u []byte) { - // 13th character is "4" - u[6] = (u[6] & 0x0f) | 0x40 // Version 4 - // 17th character is "8", "9", "a", or "b" - u[8] = (u[8] & 0x3f) | 0x80 // Variant most significant bits are 10x where x can be either 1 or 0 -} - -// Format returns the canonical text representation of a UUID. -// This implementation is optimized to not use fmt. -// Example: 82e42f16-b6cc-4d5b-95f5-d403c4befd3d -func format(u [16]byte) string { - // https://en.wikipedia.org/wiki/Universally_unique_identifier#Version_4_.28random.29 - - var scratch [36]byte - - hex.Encode(scratch[:8], u[0:4]) - scratch[8] = dash - hex.Encode(scratch[9:13], u[4:6]) - scratch[13] = dash - hex.Encode(scratch[14:18], u[6:8]) - scratch[18] = dash - hex.Encode(scratch[19:23], u[8:10]) - scratch[23] = dash - hex.Encode(scratch[24:], u[10:]) - - return string(scratch[:]) -} diff --git a/vendor/github.com/aws/smithy-go/time/time.go b/vendor/github.com/aws/smithy-go/time/time.go deleted file mode 100644 index b552a09f..00000000 --- a/vendor/github.com/aws/smithy-go/time/time.go +++ /dev/null @@ -1,134 +0,0 @@ -package time - -import ( - "context" - "fmt" - "math/big" - "strings" - "time" -) - -const ( - // dateTimeFormat is a IMF-fixdate formatted RFC3339 section 5.6 - dateTimeFormatInput = "2006-01-02T15:04:05.999999999Z" - dateTimeFormatInputNoZ = "2006-01-02T15:04:05.999999999" - dateTimeFormatOutput = "2006-01-02T15:04:05.999Z" - - // httpDateFormat is a date time defined by RFC 7231#section-7.1.1.1 - // IMF-fixdate with no UTC offset. - httpDateFormat = "Mon, 02 Jan 2006 15:04:05 GMT" - // Additional formats needed for compatibility. - httpDateFormatSingleDigitDay = "Mon, _2 Jan 2006 15:04:05 GMT" - httpDateFormatSingleDigitDayTwoDigitYear = "Mon, _2 Jan 06 15:04:05 GMT" -) - -var millisecondFloat = big.NewFloat(1e3) - -// FormatDateTime formats value as a date-time, (RFC3339 section 5.6) -// -// Example: 1985-04-12T23:20:50.52Z -func FormatDateTime(value time.Time) string { - return value.UTC().Format(dateTimeFormatOutput) -} - -// ParseDateTime parses a string as a date-time, (RFC3339 section 5.6) -// -// Example: 1985-04-12T23:20:50.52Z -func ParseDateTime(value string) (time.Time, error) { - return tryParse(value, - dateTimeFormatInput, - dateTimeFormatInputNoZ, - time.RFC3339Nano, - time.RFC3339, - ) -} - -// FormatHTTPDate formats value as a http-date, (RFC 7231#section-7.1.1.1 IMF-fixdate) -// -// Example: Tue, 29 Apr 2014 18:30:38 GMT -func FormatHTTPDate(value time.Time) string { - return value.UTC().Format(httpDateFormat) -} - -// ParseHTTPDate parses a string as a http-date, (RFC 7231#section-7.1.1.1 IMF-fixdate) -// -// Example: Tue, 29 Apr 2014 18:30:38 GMT -func ParseHTTPDate(value string) (time.Time, error) { - return tryParse(value, - httpDateFormat, - httpDateFormatSingleDigitDay, - httpDateFormatSingleDigitDayTwoDigitYear, - time.RFC850, - time.ANSIC, - ) -} - -// FormatEpochSeconds returns value as a Unix time in seconds with with decimal precision -// -// Example: 1515531081.123 -func FormatEpochSeconds(value time.Time) float64 { - ms := value.UnixNano() / int64(time.Millisecond) - return float64(ms) / 1e3 -} - -// ParseEpochSeconds returns value as a Unix time in seconds with with decimal precision -// -// Example: 1515531081.123 -func ParseEpochSeconds(value float64) time.Time { - f := big.NewFloat(value) - f = f.Mul(f, millisecondFloat) - i, _ := f.Int64() - // Offset to `UTC` because time.Unix returns the time value based on system - // local setting. - return time.Unix(0, i*1e6).UTC() -} - -func tryParse(v string, formats ...string) (time.Time, error) { - var errs parseErrors - for _, f := range formats { - t, err := time.Parse(f, v) - if err != nil { - errs = append(errs, parseError{ - Format: f, - Err: err, - }) - continue - } - return t, nil - } - - return time.Time{}, fmt.Errorf("unable to parse time string, %w", errs) -} - -type parseErrors []parseError - -func (es parseErrors) Error() string { - var s strings.Builder - for _, e := range es { - fmt.Fprintf(&s, "\n * %q: %v", e.Format, e.Err) - } - - return "parse errors:" + s.String() -} - -type parseError struct { - Format string - Err error -} - -// SleepWithContext will wait for the timer duration to expire, or until the context -// is canceled. Whichever happens first. If the context is canceled the -// Context's error will be returned. -func SleepWithContext(ctx context.Context, dur time.Duration) error { - t := time.NewTimer(dur) - defer t.Stop() - - select { - case <-t.C: - break - case <-ctx.Done(): - return ctx.Err() - } - - return nil -} diff --git a/vendor/github.com/aws/smithy-go/tracing/context.go b/vendor/github.com/aws/smithy-go/tracing/context.go deleted file mode 100644 index a404ed9d..00000000 --- a/vendor/github.com/aws/smithy-go/tracing/context.go +++ /dev/null @@ -1,96 +0,0 @@ -package tracing - -import "context" - -type ( - operationTracerKey struct{} - spanLineageKey struct{} -) - -// GetSpan returns the active trace Span on the context. -// -// The boolean in the return indicates whether a Span was actually in the -// context, but a no-op implementation will be returned if not, so callers -// can generally disregard the boolean unless they wish to explicitly confirm -// presence/absence of a Span. -func GetSpan(ctx context.Context) (Span, bool) { - lineage := getLineage(ctx) - if len(lineage) == 0 { - return nopSpan{}, false - } - - return lineage[len(lineage)-1], true -} - -// WithSpan sets the active trace Span on the context. -func WithSpan(parent context.Context, span Span) context.Context { - lineage := getLineage(parent) - if len(lineage) == 0 { - return context.WithValue(parent, spanLineageKey{}, []Span{span}) - } - - lineage = append(lineage, span) - return context.WithValue(parent, spanLineageKey{}, lineage) -} - -// PopSpan pops the current Span off the context, setting the active Span on -// the returned Context back to its parent and returning the REMOVED one. -// -// PopSpan on a context with no active Span will return a no-op instance. -// -// This is mostly necessary for the runtime to manage base trace spans due to -// the wrapped-function nature of the middleware stack. End-users of Smithy -// clients SHOULD NOT generally be using this API. -func PopSpan(parent context.Context) (context.Context, Span) { - lineage := getLineage(parent) - if len(lineage) == 0 { - return parent, nopSpan{} - } - - span := lineage[len(lineage)-1] - lineage = lineage[:len(lineage)-1] - return context.WithValue(parent, spanLineageKey{}, lineage), span -} - -func getLineage(ctx context.Context) []Span { - v := ctx.Value(spanLineageKey{}) - if v == nil { - return nil - } - - return v.([]Span) -} - -// GetOperationTracer returns the embedded operation-scoped Tracer on a -// Context. -// -// The boolean in the return indicates whether a Tracer was actually in the -// context, but a no-op implementation will be returned if not, so callers -// can generally disregard the boolean unless they wish to explicitly confirm -// presence/absence of a Tracer. -func GetOperationTracer(ctx context.Context) (Tracer, bool) { - v := ctx.Value(operationTracerKey{}) - if v == nil { - return nopTracer{}, false - } - - return v.(Tracer), true -} - -// WithOperationTracer returns a child Context embedding the given Tracer. -// -// The runtime will use this embed a scoped tracer for client operations, -// Smithy/SDK client callers DO NOT need to do this explicitly. -func WithOperationTracer(parent context.Context, tracer Tracer) context.Context { - return context.WithValue(parent, operationTracerKey{}, tracer) -} - -// StartSpan is a convenience API for creating tracing Spans from a Context. -// -// StartSpan uses the operation-scoped Tracer, previously stored using -// [WithOperationTracer], to start the Span. If a Tracer has not been embedded -// the returned Span will be a no-op implementation. -func StartSpan(ctx context.Context, name string, opts ...SpanOption) (context.Context, Span) { - tracer, _ := GetOperationTracer(ctx) - return tracer.StartSpan(ctx, name, opts...) -} diff --git a/vendor/github.com/aws/smithy-go/tracing/nop.go b/vendor/github.com/aws/smithy-go/tracing/nop.go deleted file mode 100644 index 573d28b1..00000000 --- a/vendor/github.com/aws/smithy-go/tracing/nop.go +++ /dev/null @@ -1,32 +0,0 @@ -package tracing - -import "context" - -// NopTracerProvider is a no-op tracing implementation. -type NopTracerProvider struct{} - -var _ TracerProvider = (*NopTracerProvider)(nil) - -// Tracer returns a tracer which creates no-op spans. -func (NopTracerProvider) Tracer(string, ...TracerOption) Tracer { - return nopTracer{} -} - -type nopTracer struct{} - -var _ Tracer = (*nopTracer)(nil) - -func (nopTracer) StartSpan(ctx context.Context, name string, opts ...SpanOption) (context.Context, Span) { - return ctx, nopSpan{} -} - -type nopSpan struct{} - -var _ Span = (*nopSpan)(nil) - -func (nopSpan) Name() string { return "" } -func (nopSpan) Context() SpanContext { return SpanContext{} } -func (nopSpan) AddEvent(string, ...EventOption) {} -func (nopSpan) SetProperty(any, any) {} -func (nopSpan) SetStatus(SpanStatus) {} -func (nopSpan) End() {} diff --git a/vendor/github.com/aws/smithy-go/tracing/tracing.go b/vendor/github.com/aws/smithy-go/tracing/tracing.go deleted file mode 100644 index 089ed393..00000000 --- a/vendor/github.com/aws/smithy-go/tracing/tracing.go +++ /dev/null @@ -1,95 +0,0 @@ -// Package tracing defines tracing APIs to be used by Smithy clients. -package tracing - -import ( - "context" - - "github.com/aws/smithy-go" -) - -// SpanStatus records the "success" state of an observed span. -type SpanStatus int - -// Enumeration of SpanStatus. -const ( - SpanStatusUnset SpanStatus = iota - SpanStatusOK - SpanStatusError -) - -// SpanKind indicates the nature of the work being performed. -type SpanKind int - -// Enumeration of SpanKind. -const ( - SpanKindInternal SpanKind = iota - SpanKindClient - SpanKindServer - SpanKindProducer - SpanKindConsumer -) - -// TracerProvider is the entry point for creating client traces. -type TracerProvider interface { - Tracer(scope string, opts ...TracerOption) Tracer -} - -// TracerOption applies configuration to a tracer. -type TracerOption func(o *TracerOptions) - -// TracerOptions represent configuration for tracers. -type TracerOptions struct { - Properties smithy.Properties -} - -// Tracer is the entry point for creating observed client Spans. -// -// Spans created by tracers propagate by existing on the Context. Consumers of -// the API can use [GetSpan] to pull the active Span from a Context. -// -// Creation of child Spans is implicit through Context persistence. If -// CreateSpan is called with a Context that holds a Span, the result will be a -// child of that Span. -type Tracer interface { - StartSpan(ctx context.Context, name string, opts ...SpanOption) (context.Context, Span) -} - -// SpanOption applies configuration to a span. -type SpanOption func(o *SpanOptions) - -// SpanOptions represent configuration for span events. -type SpanOptions struct { - Kind SpanKind - Properties smithy.Properties -} - -// Span records a conceptually individual unit of work that takes place in a -// Smithy client operation. -type Span interface { - Name() string - Context() SpanContext - AddEvent(name string, opts ...EventOption) - SetStatus(status SpanStatus) - SetProperty(k, v any) - End() -} - -// EventOption applies configuration to a span event. -type EventOption func(o *EventOptions) - -// EventOptions represent configuration for span events. -type EventOptions struct { - Properties smithy.Properties -} - -// SpanContext uniquely identifies a Span. -type SpanContext struct { - TraceID string - SpanID string - IsRemote bool -} - -// IsValid is true when a span has nonzero trace and span IDs. -func (ctx *SpanContext) IsValid() bool { - return len(ctx.TraceID) != 0 && len(ctx.SpanID) != 0 -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/auth.go b/vendor/github.com/aws/smithy-go/transport/http/auth.go deleted file mode 100644 index 58e1ab5e..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/auth.go +++ /dev/null @@ -1,21 +0,0 @@ -package http - -import ( - "context" - - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/auth" -) - -// AuthScheme defines an HTTP authentication scheme. -type AuthScheme interface { - SchemeID() string - IdentityResolver(auth.IdentityResolverOptions) auth.IdentityResolver - Signer() Signer -} - -// Signer defines the interface through which HTTP requests are supplemented -// with an Identity. -type Signer interface { - SignRequest(context.Context, *Request, auth.Identity, smithy.Properties) error -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/auth_schemes.go b/vendor/github.com/aws/smithy-go/transport/http/auth_schemes.go deleted file mode 100644 index d60cf2a6..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/auth_schemes.go +++ /dev/null @@ -1,45 +0,0 @@ -package http - -import ( - "context" - - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/auth" -) - -// NewAnonymousScheme returns the anonymous HTTP auth scheme. -func NewAnonymousScheme() AuthScheme { - return &authScheme{ - schemeID: auth.SchemeIDAnonymous, - signer: &nopSigner{}, - } -} - -// authScheme is parameterized to generically implement the exported AuthScheme -// interface -type authScheme struct { - schemeID string - signer Signer -} - -var _ AuthScheme = (*authScheme)(nil) - -func (s *authScheme) SchemeID() string { - return s.schemeID -} - -func (s *authScheme) IdentityResolver(o auth.IdentityResolverOptions) auth.IdentityResolver { - return o.GetIdentityResolver(s.schemeID) -} - -func (s *authScheme) Signer() Signer { - return s.signer -} - -type nopSigner struct{} - -var _ Signer = (*nopSigner)(nil) - -func (*nopSigner) SignRequest(context.Context, *Request, auth.Identity, smithy.Properties) error { - return nil -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/checksum_middleware.go b/vendor/github.com/aws/smithy-go/transport/http/checksum_middleware.go deleted file mode 100644 index bc4ad6e7..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/checksum_middleware.go +++ /dev/null @@ -1,70 +0,0 @@ -package http - -import ( - "context" - "fmt" - - "github.com/aws/smithy-go/middleware" -) - -const contentMD5Header = "Content-Md5" - -// contentMD5Checksum provides a middleware to compute and set -// content-md5 checksum for a http request -type contentMD5Checksum struct { -} - -// AddContentChecksumMiddleware adds checksum middleware to middleware's -// build step. -func AddContentChecksumMiddleware(stack *middleware.Stack) error { - // This middleware must be executed before request body is set. - return stack.Build.Add(&contentMD5Checksum{}, middleware.Before) -} - -// ID returns the identifier for the checksum middleware -func (m *contentMD5Checksum) ID() string { return "ContentChecksum" } - -// HandleBuild adds behavior to compute md5 checksum and add content-md5 header -// on http request -func (m *contentMD5Checksum) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, -) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*Request) - if !ok { - return out, metadata, fmt.Errorf("unknown request type %T", req) - } - - // if Content-MD5 header is already present, return - if v := req.Header.Get(contentMD5Header); len(v) != 0 { - return next.HandleBuild(ctx, in) - } - - // fetch the request stream. - stream := req.GetStream() - // compute checksum if payload is explicit - if stream != nil { - if !req.IsStreamSeekable() { - return out, metadata, fmt.Errorf( - "unseekable stream is not supported for computing md5 checksum") - } - - v, err := computeMD5Checksum(stream) - if err != nil { - return out, metadata, fmt.Errorf("error computing md5 checksum, %w", err) - } - - // reset the request stream - if err := req.RewindStream(); err != nil { - return out, metadata, fmt.Errorf( - "error rewinding request stream after computing md5 checksum, %w", err) - } - - // set the 'Content-MD5' header - req.Header.Set(contentMD5Header, string(v)) - } - - // set md5 header value - return next.HandleBuild(ctx, in) -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/client.go b/vendor/github.com/aws/smithy-go/transport/http/client.go deleted file mode 100644 index 0fceae81..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/client.go +++ /dev/null @@ -1,161 +0,0 @@ -package http - -import ( - "context" - "fmt" - "net/http" - - smithy "github.com/aws/smithy-go" - "github.com/aws/smithy-go/metrics" - "github.com/aws/smithy-go/middleware" - "github.com/aws/smithy-go/tracing" -) - -// ClientDo provides the interface for custom HTTP client implementations. -type ClientDo interface { - Do(*http.Request) (*http.Response, error) -} - -// ClientDoFunc provides a helper to wrap a function as an HTTP client for -// round tripping requests. -type ClientDoFunc func(*http.Request) (*http.Response, error) - -// Do will invoke the underlying func, returning the result. -func (fn ClientDoFunc) Do(r *http.Request) (*http.Response, error) { - return fn(r) -} - -// ClientHandler wraps a client that implements the HTTP Do method. Standard -// implementation is http.Client. -type ClientHandler struct { - client ClientDo - - Meter metrics.Meter // For HTTP client metrics. -} - -// NewClientHandler returns an initialized middleware handler for the client. -// -// Deprecated: Use [NewClientHandlerWithOptions]. -func NewClientHandler(client ClientDo) ClientHandler { - return NewClientHandlerWithOptions(client) -} - -// NewClientHandlerWithOptions returns an initialized middleware handler for the client -// with applied options. -func NewClientHandlerWithOptions(client ClientDo, opts ...func(*ClientHandler)) ClientHandler { - h := ClientHandler{ - client: client, - } - for _, opt := range opts { - opt(&h) - } - if h.Meter == nil { - h.Meter = metrics.NopMeterProvider{}.Meter("") - } - return h -} - -// Handle implements the middleware Handler interface, that will invoke the -// underlying HTTP client. Requires the input to be a Smithy *Request. Returns -// a smithy *Response, or error if the request failed. -func (c ClientHandler) Handle(ctx context.Context, input interface{}) ( - out interface{}, metadata middleware.Metadata, err error, -) { - ctx, span := tracing.StartSpan(ctx, "DoHTTPRequest") - defer span.End() - - ctx, client, err := withMetrics(ctx, c.client, c.Meter) - if err != nil { - return nil, metadata, fmt.Errorf("instrument with HTTP metrics: %w", err) - } - - req, ok := input.(*Request) - if !ok { - return nil, metadata, fmt.Errorf("expect Smithy http.Request value as input, got unsupported type %T", input) - } - - builtRequest := req.Build(ctx) - if err := ValidateEndpointHost(builtRequest.Host); err != nil { - return nil, metadata, err - } - - span.SetProperty("http.method", req.Method) - span.SetProperty("http.request_content_length", -1) // at least indicate unknown - length, ok, err := req.StreamLength() - if err != nil { - return nil, metadata, err - } - if ok { - span.SetProperty("http.request_content_length", length) - } - - resp, err := client.Do(builtRequest) - if resp == nil { - // Ensure a http response value is always present to prevent unexpected - // panics. - resp = &http.Response{ - Header: http.Header{}, - Body: http.NoBody, - } - } - if err != nil { - err = &RequestSendError{Err: err} - - // Override the error with a context canceled error, if that was canceled. - select { - case <-ctx.Done(): - err = &smithy.CanceledError{Err: ctx.Err()} - default: - } - } - - // HTTP RoundTripper *should* close the request body. But this may not happen in a timely manner. - // So instead Smithy *Request Build wraps the body to be sent in a safe closer that will clear the - // stream reference so that it can be safely reused. - if builtRequest.Body != nil { - _ = builtRequest.Body.Close() - } - - span.SetProperty("net.protocol.version", fmt.Sprintf("%d.%d", resp.ProtoMajor, resp.ProtoMinor)) - span.SetProperty("http.status_code", resp.StatusCode) - span.SetProperty("http.response_content_length", resp.ContentLength) - - return &Response{Response: resp}, metadata, err -} - -// RequestSendError provides a generic request transport error. This error -// should wrap errors making HTTP client requests. -// -// The ClientHandler will wrap the HTTP client's error if the client request -// fails, and did not fail because of context canceled. -type RequestSendError struct { - Err error -} - -// ConnectionError returns that the error is related to not being able to send -// the request, or receive a response from the service. -func (e *RequestSendError) ConnectionError() bool { - return true -} - -// Unwrap returns the underlying error, if there was one. -func (e *RequestSendError) Unwrap() error { - return e.Err -} - -func (e *RequestSendError) Error() string { - return fmt.Sprintf("request send failed, %v", e.Err) -} - -// NopClient provides a client that ignores the request, and returns an empty -// successful HTTP response value. -type NopClient struct{} - -// Do ignores the request and returns a 200 status empty response. -func (NopClient) Do(r *http.Request) (*http.Response, error) { - return &http.Response{ - StatusCode: 200, - Header: http.Header{}, - Body: http.NoBody, - }, nil -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/doc.go b/vendor/github.com/aws/smithy-go/transport/http/doc.go deleted file mode 100644 index 07366ac8..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/doc.go +++ /dev/null @@ -1,5 +0,0 @@ -/* -Package http provides the HTTP transport client and request/response types -needed to round trip API operation calls with an service. -*/ -package http diff --git a/vendor/github.com/aws/smithy-go/transport/http/headerlist.go b/vendor/github.com/aws/smithy-go/transport/http/headerlist.go deleted file mode 100644 index cbc9deb4..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/headerlist.go +++ /dev/null @@ -1,163 +0,0 @@ -package http - -import ( - "fmt" - "strconv" - "strings" - "unicode" -) - -func splitHeaderListValues(vs []string, splitFn func(string) ([]string, error)) ([]string, error) { - values := make([]string, 0, len(vs)) - - for i := 0; i < len(vs); i++ { - parts, err := splitFn(vs[i]) - if err != nil { - return nil, err - } - values = append(values, parts...) - } - - return values, nil -} - -// SplitHeaderListValues attempts to split the elements of the slice by commas, -// and return a list of all values separated. Returns error if unable to -// separate the values. -func SplitHeaderListValues(vs []string) ([]string, error) { - return splitHeaderListValues(vs, quotedCommaSplit) -} - -func quotedCommaSplit(v string) (parts []string, err error) { - v = strings.TrimSpace(v) - - expectMore := true - for i := 0; i < len(v); i++ { - if unicode.IsSpace(rune(v[i])) { - continue - } - expectMore = false - - // leading space in part is ignored. - // Start of value must be non-space, or quote. - // - // - If quote, enter quoted mode, find next non-escaped quote to - // terminate the value. - // - Otherwise, find next comma to terminate value. - - remaining := v[i:] - - var value string - var valueLen int - if remaining[0] == '"' { - //------------------------------ - // Quoted value - //------------------------------ - var j int - var skipQuote bool - for j += 1; j < len(remaining); j++ { - if remaining[j] == '\\' || (remaining[j] != '\\' && skipQuote) { - skipQuote = !skipQuote - continue - } - if remaining[j] == '"' { - break - } - } - if j == len(remaining) || j == 1 { - return nil, fmt.Errorf("value %v missing closing double quote", - remaining) - } - valueLen = j + 1 - - tail := remaining[valueLen:] - var k int - for ; k < len(tail); k++ { - if !unicode.IsSpace(rune(tail[k])) && tail[k] != ',' { - return nil, fmt.Errorf("value %v has non-space trailing characters", - remaining) - } - if tail[k] == ',' { - expectMore = true - break - } - } - value = remaining[:valueLen] - value, err = strconv.Unquote(value) - if err != nil { - return nil, fmt.Errorf("failed to unquote value %v, %w", value, err) - } - - // Pad valueLen to include trailing space(s) so `i` is updated correctly. - valueLen += k - - } else { - //------------------------------ - // Unquoted value - //------------------------------ - - // Index of the next comma is the length of the value, or end of string. - valueLen = strings.Index(remaining, ",") - if valueLen != -1 { - expectMore = true - } else { - valueLen = len(remaining) - } - value = strings.TrimSpace(remaining[:valueLen]) - } - - i += valueLen - parts = append(parts, value) - - } - - if expectMore { - parts = append(parts, "") - } - - return parts, nil -} - -// SplitHTTPDateTimestampHeaderListValues attempts to split the HTTP-Date -// timestamp values in the slice by commas, and return a list of all values -// separated. The split is aware of the HTTP-Date timestamp format, and will skip -// comma within the timestamp value. Returns an error if unable to split the -// timestamp values. -func SplitHTTPDateTimestampHeaderListValues(vs []string) ([]string, error) { - return splitHeaderListValues(vs, splitHTTPDateHeaderValue) -} - -func splitHTTPDateHeaderValue(v string) ([]string, error) { - if n := strings.Count(v, ","); n <= 1 { - // Nothing to do if only contains a no, or single HTTPDate value - return []string{v}, nil - } else if n%2 == 0 { - return nil, fmt.Errorf("invalid timestamp HTTPDate header comma separations, %q", v) - } - - var parts []string - var i, j int - - var doSplit bool - for ; i < len(v); i++ { - if v[i] == ',' { - if doSplit { - doSplit = false - parts = append(parts, strings.TrimSpace(v[j:i])) - j = i + 1 - } else { - // Skip the first comma in the timestamp value since that - // separates the day from the rest of the timestamp. - // - // Tue, 17 Dec 2019 23:48:18 GMT - doSplit = true - } - } - } - // Add final part - if j < len(v) { - parts = append(parts, strings.TrimSpace(v[j:])) - } - - return parts, nil -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/host.go b/vendor/github.com/aws/smithy-go/transport/http/host.go deleted file mode 100644 index db9801be..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/host.go +++ /dev/null @@ -1,89 +0,0 @@ -package http - -import ( - "fmt" - "net" - "strconv" - "strings" -) - -// ValidateEndpointHost validates that the host string passed in is a valid RFC -// 3986 host. Returns error if the host is not valid. -func ValidateEndpointHost(host string) error { - var errors strings.Builder - var hostname string - var port string - var err error - - if strings.Contains(host, ":") { - hostname, port, err = net.SplitHostPort(host) - if err != nil { - errors.WriteString(fmt.Sprintf("\n endpoint %v, failed to parse, got ", host)) - errors.WriteString(err.Error()) - } - - if !ValidPortNumber(port) { - errors.WriteString(fmt.Sprintf("port number should be in range [0-65535], got %v", port)) - } - } else { - hostname = host - } - - labels := strings.Split(hostname, ".") - for i, label := range labels { - if i == len(labels)-1 && len(label) == 0 { - // Allow trailing dot for FQDN hosts. - continue - } - - if !ValidHostLabel(label) { - errors.WriteString("\nendpoint host domain labels must match \"[a-zA-Z0-9-]{1,63}\", but found: ") - errors.WriteString(label) - } - } - - if len(hostname) == 0 && len(port) != 0 { - errors.WriteString("\nendpoint host with port must not be empty") - } - - if len(hostname) > 255 { - errors.WriteString(fmt.Sprintf("\nendpoint host must be less than 255 characters, but was %d", len(hostname))) - } - - if len(errors.String()) > 0 { - return fmt.Errorf("invalid endpoint host%s", errors.String()) - } - return nil -} - -// ValidPortNumber returns whether the port is valid RFC 3986 port. -func ValidPortNumber(port string) bool { - i, err := strconv.Atoi(port) - if err != nil { - return false - } - - if i < 0 || i > 65535 { - return false - } - return true -} - -// ValidHostLabel returns whether the label is a valid RFC 3986 host label. -func ValidHostLabel(label string) bool { - if l := len(label); l == 0 || l > 63 { - return false - } - for _, r := range label { - switch { - case r >= '0' && r <= '9': - case r >= 'A' && r <= 'Z': - case r >= 'a' && r <= 'z': - case r == '-': - default: - return false - } - } - - return true -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/internal/io/safe.go b/vendor/github.com/aws/smithy-go/transport/http/internal/io/safe.go deleted file mode 100644 index 941a8d6b..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/internal/io/safe.go +++ /dev/null @@ -1,75 +0,0 @@ -package io - -import ( - "io" - "sync" -) - -// NewSafeReadCloser returns a new safeReadCloser that wraps readCloser. -func NewSafeReadCloser(readCloser io.ReadCloser) io.ReadCloser { - sr := &safeReadCloser{ - readCloser: readCloser, - } - - if _, ok := readCloser.(io.WriterTo); ok { - return &safeWriteToReadCloser{safeReadCloser: sr} - } - - return sr -} - -// safeWriteToReadCloser wraps a safeReadCloser but exposes a WriteTo interface implementation. This will panic -// if the underlying io.ReadClose does not support WriteTo. Use NewSafeReadCloser to ensure the proper handling of this -// type. -type safeWriteToReadCloser struct { - *safeReadCloser -} - -// WriteTo implements the io.WriteTo interface. -func (r *safeWriteToReadCloser) WriteTo(w io.Writer) (int64, error) { - r.safeReadCloser.mtx.Lock() - defer r.safeReadCloser.mtx.Unlock() - - if r.safeReadCloser.closed { - return 0, io.EOF - } - - return r.safeReadCloser.readCloser.(io.WriterTo).WriteTo(w) -} - -// safeReadCloser wraps a io.ReadCloser and presents an io.ReadCloser interface. When Close is called on safeReadCloser -// the underlying Close method will be executed, and then the reference to the reader will be dropped. This type -// is meant to be used with the net/http library which will retain a reference to the request body for the lifetime -// of a goroutine connection. Wrapping in this manner will ensure that no data race conditions are falsely reported. -// This type is thread-safe. -type safeReadCloser struct { - readCloser io.ReadCloser - closed bool - mtx sync.Mutex -} - -// Read reads up to len(p) bytes into p from the underlying read. If the reader is closed io.EOF will be returned. -func (r *safeReadCloser) Read(p []byte) (n int, err error) { - r.mtx.Lock() - defer r.mtx.Unlock() - if r.closed { - return 0, io.EOF - } - - return r.readCloser.Read(p) -} - -// Close calls the underlying io.ReadCloser's Close method, removes the reference to the reader, and returns any error -// reported from Close. Subsequent calls to Close will always return a nil error. -func (r *safeReadCloser) Close() error { - r.mtx.Lock() - defer r.mtx.Unlock() - if r.closed { - return nil - } - - r.closed = true - rc := r.readCloser - r.readCloser = nil - return rc.Close() -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/md5_checksum.go b/vendor/github.com/aws/smithy-go/transport/http/md5_checksum.go deleted file mode 100644 index 5d6a4b23..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/md5_checksum.go +++ /dev/null @@ -1,25 +0,0 @@ -package http - -import ( - "crypto/md5" - "encoding/base64" - "fmt" - "io" -) - -// computeMD5Checksum computes base64 md5 checksum of an io.Reader's contents. -// Returns the byte slice of md5 checksum and an error. -func computeMD5Checksum(r io.Reader) ([]byte, error) { - h := md5.New() - // copy errors may be assumed to be from the body. - _, err := io.Copy(h, r) - if err != nil { - return nil, fmt.Errorf("failed to read body: %w", err) - } - - // encode the md5 checksum in base64. - sum := h.Sum(nil) - sum64 := make([]byte, base64.StdEncoding.EncodedLen(len(sum))) - base64.StdEncoding.Encode(sum64, sum) - return sum64, nil -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/metrics.go b/vendor/github.com/aws/smithy-go/transport/http/metrics.go deleted file mode 100644 index d1beaa59..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/metrics.go +++ /dev/null @@ -1,198 +0,0 @@ -package http - -import ( - "context" - "crypto/tls" - "net/http" - "net/http/httptrace" - "sync/atomic" - "time" - - "github.com/aws/smithy-go/metrics" -) - -var now = time.Now - -// withMetrics instruments an HTTP client and context to collect HTTP metrics. -func withMetrics(parent context.Context, client ClientDo, meter metrics.Meter) ( - context.Context, ClientDo, error, -) { - hm, err := newHTTPMetrics(meter) - if err != nil { - return nil, nil, err - } - - ctx := httptrace.WithClientTrace(parent, &httptrace.ClientTrace{ - DNSStart: hm.DNSStart, - ConnectStart: hm.ConnectStart, - TLSHandshakeStart: hm.TLSHandshakeStart, - - GotConn: hm.GotConn(parent), - PutIdleConn: hm.PutIdleConn(parent), - ConnectDone: hm.ConnectDone(parent), - DNSDone: hm.DNSDone(parent), - TLSHandshakeDone: hm.TLSHandshakeDone(parent), - GotFirstResponseByte: hm.GotFirstResponseByte(parent), - }) - return ctx, &timedClientDo{client, hm}, nil -} - -type timedClientDo struct { - ClientDo - hm *httpMetrics -} - -func (c *timedClientDo) Do(r *http.Request) (*http.Response, error) { - c.hm.doStart.Store(now()) - resp, err := c.ClientDo.Do(r) - - c.hm.DoRequestDuration.Record(r.Context(), c.hm.doStart.Elapsed()) - return resp, err -} - -type httpMetrics struct { - DNSLookupDuration metrics.Float64Histogram // client.http.connections.dns_lookup_duration - ConnectDuration metrics.Float64Histogram // client.http.connections.acquire_duration - TLSHandshakeDuration metrics.Float64Histogram // client.http.connections.tls_handshake_duration - ConnectionUsage metrics.Int64UpDownCounter // client.http.connections.usage - - DoRequestDuration metrics.Float64Histogram // client.http.do_request_duration - TimeToFirstByte metrics.Float64Histogram // client.http.time_to_first_byte - - doStart safeTime - dnsStart safeTime - connectStart safeTime - tlsStart safeTime -} - -func newHTTPMetrics(meter metrics.Meter) (*httpMetrics, error) { - hm := &httpMetrics{} - - var err error - hm.DNSLookupDuration, err = meter.Float64Histogram("client.http.connections.dns_lookup_duration", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = "The time it takes a request to perform DNS lookup." - }) - if err != nil { - return nil, err - } - hm.ConnectDuration, err = meter.Float64Histogram("client.http.connections.acquire_duration", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = "The time it takes a request to acquire a connection." - }) - if err != nil { - return nil, err - } - hm.TLSHandshakeDuration, err = meter.Float64Histogram("client.http.connections.tls_handshake_duration", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = "The time it takes an HTTP request to perform the TLS handshake." - }) - if err != nil { - return nil, err - } - hm.ConnectionUsage, err = meter.Int64UpDownCounter("client.http.connections.usage", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "{connection}" - o.Description = "Current state of connections pool." - }) - if err != nil { - return nil, err - } - hm.DoRequestDuration, err = meter.Float64Histogram("client.http.do_request_duration", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = "Time spent performing an entire HTTP transaction." - }) - if err != nil { - return nil, err - } - hm.TimeToFirstByte, err = meter.Float64Histogram("client.http.time_to_first_byte", func(o *metrics.InstrumentOptions) { - o.UnitLabel = "s" - o.Description = "Time from start of transaction to when the first response byte is available." - }) - if err != nil { - return nil, err - } - - return hm, nil -} - -func (m *httpMetrics) DNSStart(httptrace.DNSStartInfo) { - m.dnsStart.Store(now()) -} - -func (m *httpMetrics) ConnectStart(string, string) { - m.connectStart.Store(now()) -} - -func (m *httpMetrics) TLSHandshakeStart() { - m.tlsStart.Store(now()) -} - -func (m *httpMetrics) GotConn(ctx context.Context) func(httptrace.GotConnInfo) { - return func(httptrace.GotConnInfo) { - m.addConnAcquired(ctx, 1) - } -} - -func (m *httpMetrics) PutIdleConn(ctx context.Context) func(error) { - return func(error) { - m.addConnAcquired(ctx, -1) - } -} - -func (m *httpMetrics) DNSDone(ctx context.Context) func(httptrace.DNSDoneInfo) { - return func(httptrace.DNSDoneInfo) { - m.DNSLookupDuration.Record(ctx, m.dnsStart.Elapsed()) - } -} - -func (m *httpMetrics) ConnectDone(ctx context.Context) func(string, string, error) { - return func(string, string, error) { - m.ConnectDuration.Record(ctx, m.connectStart.Elapsed()) - } -} - -func (m *httpMetrics) TLSHandshakeDone(ctx context.Context) func(tls.ConnectionState, error) { - return func(tls.ConnectionState, error) { - m.TLSHandshakeDuration.Record(ctx, m.tlsStart.Elapsed()) - } -} - -func (m *httpMetrics) GotFirstResponseByte(ctx context.Context) func() { - return func() { - m.TimeToFirstByte.Record(ctx, m.doStart.Elapsed()) - } -} - -func (m *httpMetrics) addConnAcquired(ctx context.Context, incr int64) { - m.ConnectionUsage.Add(ctx, incr, func(o *metrics.RecordMetricOptions) { - o.Properties.Set("state", "acquired") - }) -} - -// Not used: it is recommended to track acquired vs idle conn, but we can't -// determine when something is truly idle with the current HTTP client hooks -// available to us. -func (m *httpMetrics) addConnIdle(ctx context.Context, incr int64) { - m.ConnectionUsage.Add(ctx, incr, func(o *metrics.RecordMetricOptions) { - o.Properties.Set("state", "idle") - }) -} - -type safeTime struct { - atomic.Value // time.Time -} - -func (st *safeTime) Store(v time.Time) { - st.Value.Store(v) -} - -func (st *safeTime) Load() time.Time { - t, _ := st.Value.Load().(time.Time) - return t -} - -func (st *safeTime) Elapsed() float64 { - end := now() - elapsed := end.Sub(st.Load()) - return float64(elapsed) / 1e9 -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/middleware_close_response_body.go b/vendor/github.com/aws/smithy-go/transport/http/middleware_close_response_body.go deleted file mode 100644 index 914338f2..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/middleware_close_response_body.go +++ /dev/null @@ -1,79 +0,0 @@ -package http - -import ( - "context" - "io" - - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/middleware" -) - -// AddErrorCloseResponseBodyMiddleware adds the middleware to automatically -// close the response body of an operation request if the request response -// failed. -func AddErrorCloseResponseBodyMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&errorCloseResponseBodyMiddleware{}, "OperationDeserializer", middleware.Before) -} - -type errorCloseResponseBodyMiddleware struct{} - -func (*errorCloseResponseBodyMiddleware) ID() string { - return "ErrorCloseResponseBody" -} - -func (m *errorCloseResponseBodyMiddleware) HandleDeserialize( - ctx context.Context, input middleware.DeserializeInput, next middleware.DeserializeHandler, -) ( - output middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err := next.HandleDeserialize(ctx, input) - if err != nil { - if resp, ok := out.RawResponse.(*Response); ok && resp != nil && resp.Body != nil { - // Consume the full body to prevent TCP connection resets on some platforms - _, _ = io.Copy(io.Discard, resp.Body) - // Do not validate that the response closes successfully. - resp.Body.Close() - } - } - - return out, metadata, err -} - -// AddCloseResponseBodyMiddleware adds the middleware to automatically close -// the response body of an operation request, after the response had been -// deserialized. -func AddCloseResponseBodyMiddleware(stack *middleware.Stack) error { - return stack.Deserialize.Insert(&closeResponseBody{}, "OperationDeserializer", middleware.Before) -} - -type closeResponseBody struct{} - -func (*closeResponseBody) ID() string { - return "CloseResponseBody" -} - -func (m *closeResponseBody) HandleDeserialize( - ctx context.Context, input middleware.DeserializeInput, next middleware.DeserializeHandler, -) ( - output middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err := next.HandleDeserialize(ctx, input) - if err != nil { - return out, metadata, err - } - - if resp, ok := out.RawResponse.(*Response); ok { - // Consume the full body to prevent TCP connection resets on some platforms - _, copyErr := io.Copy(io.Discard, resp.Body) - if copyErr != nil { - middleware.GetLogger(ctx).Logf(logging.Warn, "failed to discard remaining HTTP response body, this may affect connection reuse") - } - - closeErr := resp.Body.Close() - if closeErr != nil { - middleware.GetLogger(ctx).Logf(logging.Warn, "failed to close HTTP response body, this may affect connection reuse") - } - } - - return out, metadata, err -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/middleware_content_length.go b/vendor/github.com/aws/smithy-go/transport/http/middleware_content_length.go deleted file mode 100644 index 9969389b..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/middleware_content_length.go +++ /dev/null @@ -1,84 +0,0 @@ -package http - -import ( - "context" - "fmt" - - "github.com/aws/smithy-go/middleware" -) - -// ComputeContentLength provides a middleware to set the content-length -// header for the length of a serialize request body. -type ComputeContentLength struct { -} - -// AddComputeContentLengthMiddleware adds ComputeContentLength to the middleware -// stack's Build step. -func AddComputeContentLengthMiddleware(stack *middleware.Stack) error { - return stack.Build.Add(&ComputeContentLength{}, middleware.After) -} - -// ID returns the identifier for the ComputeContentLength. -func (m *ComputeContentLength) ID() string { return "ComputeContentLength" } - -// HandleBuild adds the length of the serialized request to the HTTP header -// if the length can be determined. -func (m *ComputeContentLength) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, -) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*Request) - if !ok { - return out, metadata, fmt.Errorf("unknown request type %T", req) - } - - // do nothing if request content-length was set to 0 or above. - if req.ContentLength >= 0 { - return next.HandleBuild(ctx, in) - } - - // attempt to compute stream length - if n, ok, err := req.StreamLength(); err != nil { - return out, metadata, fmt.Errorf( - "failed getting length of request stream, %w", err) - } else if ok { - req.ContentLength = n - } - - return next.HandleBuild(ctx, in) -} - -// validateContentLength provides a middleware to validate the content-length -// is valid (greater than zero), for the serialized request payload. -type validateContentLength struct{} - -// ValidateContentLengthHeader adds middleware that validates request content-length -// is set to value greater than zero. -func ValidateContentLengthHeader(stack *middleware.Stack) error { - return stack.Build.Add(&validateContentLength{}, middleware.After) -} - -// ID returns the identifier for the ComputeContentLength. -func (m *validateContentLength) ID() string { return "ValidateContentLength" } - -// HandleBuild adds the length of the serialized request to the HTTP header -// if the length can be determined. -func (m *validateContentLength) HandleBuild( - ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler, -) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - req, ok := in.Request.(*Request) - if !ok { - return out, metadata, fmt.Errorf("unknown request type %T", req) - } - - // if request content-length was set to less than 0, return an error - if req.ContentLength < 0 { - return out, metadata, fmt.Errorf( - "content length for payload is required and must be at least 0") - } - - return next.HandleBuild(ctx, in) -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/middleware_header_comment.go b/vendor/github.com/aws/smithy-go/transport/http/middleware_header_comment.go deleted file mode 100644 index 855c2272..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/middleware_header_comment.go +++ /dev/null @@ -1,81 +0,0 @@ -package http - -import ( - "context" - "fmt" - "net/http" - - "github.com/aws/smithy-go/middleware" -) - -// WithHeaderComment instruments a middleware stack to append an HTTP field -// comment to the given header as specified in RFC 9110 -// (https://www.rfc-editor.org/rfc/rfc9110#name-comments). -// -// The header is case-insensitive. If the provided header exists when the -// middleware runs, the content will be inserted as-is enclosed in parentheses. -// -// Note that per the HTTP specification, comments are only allowed in fields -// containing "comment" as part of their field value definition, but this API -// will NOT verify whether the provided header is one of them. -// -// WithHeaderComment MAY be applied more than once to a middleware stack and/or -// more than once per header. -func WithHeaderComment(header, content string) func(*middleware.Stack) error { - return func(s *middleware.Stack) error { - m, err := getOrAddHeaderComment(s) - if err != nil { - return fmt.Errorf("get or add header comment: %v", err) - } - - m.values.Add(header, content) - return nil - } -} - -type headerCommentMiddleware struct { - values http.Header // hijack case-insensitive access APIs -} - -func (*headerCommentMiddleware) ID() string { - return "headerComment" -} - -func (m *headerCommentMiddleware) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) ( - out middleware.BuildOutput, metadata middleware.Metadata, err error, -) { - r, ok := in.Request.(*Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - for h, contents := range m.values { - for _, c := range contents { - if existing := r.Header.Get(h); existing != "" { - r.Header.Set(h, fmt.Sprintf("%s (%s)", existing, c)) - } - } - } - - return next.HandleBuild(ctx, in) -} - -func getOrAddHeaderComment(s *middleware.Stack) (*headerCommentMiddleware, error) { - id := (*headerCommentMiddleware)(nil).ID() - m, ok := s.Build.Get(id) - if !ok { - m := &headerCommentMiddleware{values: http.Header{}} - if err := s.Build.Add(m, middleware.After); err != nil { - return nil, fmt.Errorf("add build: %v", err) - } - - return m, nil - } - - hc, ok := m.(*headerCommentMiddleware) - if !ok { - return nil, fmt.Errorf("existing middleware w/ id %s is not *headerCommentMiddleware", id) - } - - return hc, nil -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/middleware_headers.go b/vendor/github.com/aws/smithy-go/transport/http/middleware_headers.go deleted file mode 100644 index eac32b4b..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/middleware_headers.go +++ /dev/null @@ -1,167 +0,0 @@ -package http - -import ( - "context" - "fmt" - - "github.com/aws/smithy-go/middleware" -) - -type isContentTypeAutoSet struct{} - -// SetIsContentTypeDefaultValue returns a Context specifying if the request's -// content-type header was set to a default value. -func SetIsContentTypeDefaultValue(ctx context.Context, isDefault bool) context.Context { - return context.WithValue(ctx, isContentTypeAutoSet{}, isDefault) -} - -// GetIsContentTypeDefaultValue returns if the content-type HTTP header on the -// request is a default value that was auto assigned by an operation -// serializer. Allows middleware post serialization to know if the content-type -// was auto set to a default value or not. -// -// Also returns false if the Context value was never updated to include if -// content-type was set to a default value. -func GetIsContentTypeDefaultValue(ctx context.Context) bool { - v, _ := ctx.Value(isContentTypeAutoSet{}).(bool) - return v -} - -// AddNoPayloadDefaultContentTypeRemover Adds the DefaultContentTypeRemover -// middleware to the stack after the operation serializer. This middleware will -// remove the content-type header from the request if it was set as a default -// value, and no request payload is present. -// -// Returns error if unable to add the middleware. -func AddNoPayloadDefaultContentTypeRemover(stack *middleware.Stack) (err error) { - err = stack.Serialize.Insert(removeDefaultContentType{}, - "OperationSerializer", middleware.After) - if err != nil { - return fmt.Errorf("failed to add %s serialize middleware, %w", - removeDefaultContentType{}.ID(), err) - } - - return nil -} - -// RemoveNoPayloadDefaultContentTypeRemover removes the -// DefaultContentTypeRemover middleware from the stack. Returns an error if -// unable to remove the middleware. -func RemoveNoPayloadDefaultContentTypeRemover(stack *middleware.Stack) (err error) { - _, err = stack.Serialize.Remove(removeDefaultContentType{}.ID()) - if err != nil { - return fmt.Errorf("failed to remove %s serialize middleware, %w", - removeDefaultContentType{}.ID(), err) - - } - return nil -} - -// removeDefaultContentType provides after serialization middleware that will -// remove the content-type header from an HTTP request if the header was set as -// a default value by the operation serializer, and there is no request payload. -type removeDefaultContentType struct{} - -// ID returns the middleware ID -func (removeDefaultContentType) ID() string { return "RemoveDefaultContentType" } - -// HandleSerialize implements the serialization middleware. -func (removeDefaultContentType) HandleSerialize( - ctx context.Context, input middleware.SerializeInput, next middleware.SerializeHandler, -) ( - out middleware.SerializeOutput, meta middleware.Metadata, err error, -) { - req, ok := input.Request.(*Request) - if !ok { - return out, meta, fmt.Errorf( - "unexpected request type %T for removeDefaultContentType middleware", - input.Request) - } - - if GetIsContentTypeDefaultValue(ctx) && req.GetStream() == nil { - req.Header.Del("Content-Type") - input.Request = req - } - - return next.HandleSerialize(ctx, input) -} - -type headerValue struct { - header string - value string - append bool -} - -type headerValueHelper struct { - headerValues []headerValue -} - -func (h *headerValueHelper) addHeaderValue(value headerValue) { - h.headerValues = append(h.headerValues, value) -} - -func (h *headerValueHelper) ID() string { - return "HTTPHeaderHelper" -} - -func (h *headerValueHelper) HandleBuild(ctx context.Context, in middleware.BuildInput, next middleware.BuildHandler) (out middleware.BuildOutput, metadata middleware.Metadata, err error) { - req, ok := in.Request.(*Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in.Request) - } - - for _, value := range h.headerValues { - if value.append { - req.Header.Add(value.header, value.value) - } else { - req.Header.Set(value.header, value.value) - } - } - - return next.HandleBuild(ctx, in) -} - -func getOrAddHeaderValueHelper(stack *middleware.Stack) (*headerValueHelper, error) { - id := (*headerValueHelper)(nil).ID() - m, ok := stack.Build.Get(id) - if !ok { - m = &headerValueHelper{} - err := stack.Build.Add(m, middleware.After) - if err != nil { - return nil, err - } - } - - requestUserAgent, ok := m.(*headerValueHelper) - if !ok { - return nil, fmt.Errorf("%T for %s middleware did not match expected type", m, id) - } - - return requestUserAgent, nil -} - -// AddHeaderValue returns a stack mutator that adds the header value pair to header. -// Appends to any existing values if present. -func AddHeaderValue(header string, value string) func(stack *middleware.Stack) error { - return func(stack *middleware.Stack) error { - helper, err := getOrAddHeaderValueHelper(stack) - if err != nil { - return err - } - helper.addHeaderValue(headerValue{header: header, value: value, append: true}) - return nil - } -} - -// SetHeaderValue returns a stack mutator that adds the header value pair to header. -// Replaces any existing values if present. -func SetHeaderValue(header string, value string) func(stack *middleware.Stack) error { - return func(stack *middleware.Stack) error { - helper, err := getOrAddHeaderValueHelper(stack) - if err != nil { - return err - } - helper.addHeaderValue(headerValue{header: header, value: value, append: false}) - return nil - } -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/middleware_http_logging.go b/vendor/github.com/aws/smithy-go/transport/http/middleware_http_logging.go deleted file mode 100644 index d5909b0a..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/middleware_http_logging.go +++ /dev/null @@ -1,75 +0,0 @@ -package http - -import ( - "context" - "fmt" - "net/http/httputil" - - "github.com/aws/smithy-go/logging" - "github.com/aws/smithy-go/middleware" -) - -// RequestResponseLogger is a deserialize middleware that will log the request and response HTTP messages and optionally -// their respective bodies. Will not perform any logging if none of the options are set. -type RequestResponseLogger struct { - LogRequest bool - LogRequestWithBody bool - - LogResponse bool - LogResponseWithBody bool -} - -// ID is the middleware identifier. -func (r *RequestResponseLogger) ID() string { - return "RequestResponseLogger" -} - -// HandleDeserialize will log the request and response HTTP messages if configured accordingly. -func (r *RequestResponseLogger) HandleDeserialize( - ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler, -) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - logger := middleware.GetLogger(ctx) - - if r.LogRequest || r.LogRequestWithBody { - smithyRequest, ok := in.Request.(*Request) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", in) - } - - rc := smithyRequest.Build(ctx) - reqBytes, err := httputil.DumpRequestOut(rc, r.LogRequestWithBody) - if err != nil { - return out, metadata, err - } - - logger.Logf(logging.Debug, "Request\n%v", string(reqBytes)) - - if r.LogRequestWithBody { - smithyRequest, err = smithyRequest.SetStream(rc.Body) - if err != nil { - return out, metadata, err - } - in.Request = smithyRequest - } - } - - out, metadata, err = next.HandleDeserialize(ctx, in) - - if (err == nil) && (r.LogResponse || r.LogResponseWithBody) { - smithyResponse, ok := out.RawResponse.(*Response) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type %T", out.RawResponse) - } - - respBytes, err := httputil.DumpResponse(smithyResponse.Response, r.LogResponseWithBody) - if err != nil { - return out, metadata, fmt.Errorf("failed to dump response %w", err) - } - - logger.Logf(logging.Debug, "Response\n%v", string(respBytes)) - } - - return out, metadata, err -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/middleware_metadata.go b/vendor/github.com/aws/smithy-go/transport/http/middleware_metadata.go deleted file mode 100644 index d6079b25..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/middleware_metadata.go +++ /dev/null @@ -1,51 +0,0 @@ -package http - -import ( - "context" - - "github.com/aws/smithy-go/middleware" -) - -type ( - hostnameImmutableKey struct{} - hostPrefixDisableKey struct{} -) - -// GetHostnameImmutable retrieves whether the endpoint hostname should be considered -// immutable or not. -// -// Scoped to stack values. Use middleware#ClearStackValues to clear all stack -// values. -func GetHostnameImmutable(ctx context.Context) (v bool) { - v, _ = middleware.GetStackValue(ctx, hostnameImmutableKey{}).(bool) - return v -} - -// SetHostnameImmutable sets or modifies whether the request's endpoint hostname -// should be considered immutable or not. -// -// Scoped to stack values. Use middleware#ClearStackValues to clear all stack -// values. -func SetHostnameImmutable(ctx context.Context, value bool) context.Context { - return middleware.WithStackValue(ctx, hostnameImmutableKey{}, value) -} - -// IsEndpointHostPrefixDisabled retrieves whether the hostname prefixing is -// disabled. -// -// Scoped to stack values. Use middleware#ClearStackValues to clear all stack -// values. -func IsEndpointHostPrefixDisabled(ctx context.Context) (v bool) { - v, _ = middleware.GetStackValue(ctx, hostPrefixDisableKey{}).(bool) - return v -} - -// DisableEndpointHostPrefix sets or modifies whether the request's endpoint host -// prefixing should be disabled. If value is true, endpoint host prefixing -// will be disabled. -// -// Scoped to stack values. Use middleware#ClearStackValues to clear all stack -// values. -func DisableEndpointHostPrefix(ctx context.Context, value bool) context.Context { - return middleware.WithStackValue(ctx, hostPrefixDisableKey{}, value) -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/middleware_min_proto.go b/vendor/github.com/aws/smithy-go/transport/http/middleware_min_proto.go deleted file mode 100644 index 326cb8a6..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/middleware_min_proto.go +++ /dev/null @@ -1,79 +0,0 @@ -package http - -import ( - "context" - "fmt" - "github.com/aws/smithy-go/middleware" - "strings" -) - -// MinimumProtocolError is an error type indicating that the established connection did not meet the expected minimum -// HTTP protocol version. -type MinimumProtocolError struct { - proto string - expectedProtoMajor int - expectedProtoMinor int -} - -// Error returns the error message. -func (m *MinimumProtocolError) Error() string { - return fmt.Sprintf("operation requires minimum HTTP protocol of HTTP/%d.%d, but was %s", - m.expectedProtoMajor, m.expectedProtoMinor, m.proto) -} - -// RequireMinimumProtocol is a deserialization middleware that asserts that the established HTTP connection -// meets the minimum major ad minor version. -type RequireMinimumProtocol struct { - ProtoMajor int - ProtoMinor int -} - -// AddRequireMinimumProtocol adds the RequireMinimumProtocol middleware to the stack using the provided minimum -// protocol major and minor version. -func AddRequireMinimumProtocol(stack *middleware.Stack, major, minor int) error { - return stack.Deserialize.Insert(&RequireMinimumProtocol{ - ProtoMajor: major, - ProtoMinor: minor, - }, "OperationDeserializer", middleware.Before) -} - -// ID returns the middleware identifier string. -func (r *RequireMinimumProtocol) ID() string { - return "RequireMinimumProtocol" -} - -// HandleDeserialize asserts that the established connection is a HTTP connection with the minimum major and minor -// protocol version. -func (r *RequireMinimumProtocol) HandleDeserialize( - ctx context.Context, in middleware.DeserializeInput, next middleware.DeserializeHandler, -) ( - out middleware.DeserializeOutput, metadata middleware.Metadata, err error, -) { - out, metadata, err = next.HandleDeserialize(ctx, in) - if err != nil { - return out, metadata, err - } - - response, ok := out.RawResponse.(*Response) - if !ok { - return out, metadata, fmt.Errorf("unknown transport type: %T", out.RawResponse) - } - - if !strings.HasPrefix(response.Proto, "HTTP") { - return out, metadata, &MinimumProtocolError{ - proto: response.Proto, - expectedProtoMajor: r.ProtoMajor, - expectedProtoMinor: r.ProtoMinor, - } - } - - if response.ProtoMajor < r.ProtoMajor || response.ProtoMinor < r.ProtoMinor { - return out, metadata, &MinimumProtocolError{ - proto: response.Proto, - expectedProtoMajor: r.ProtoMajor, - expectedProtoMinor: r.ProtoMinor, - } - } - - return out, metadata, err -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/properties.go b/vendor/github.com/aws/smithy-go/transport/http/properties.go deleted file mode 100644 index c65aa393..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/properties.go +++ /dev/null @@ -1,80 +0,0 @@ -package http - -import smithy "github.com/aws/smithy-go" - -type ( - sigV4SigningNameKey struct{} - sigV4SigningRegionKey struct{} - - sigV4ASigningNameKey struct{} - sigV4ASigningRegionsKey struct{} - - isUnsignedPayloadKey struct{} - disableDoubleEncodingKey struct{} -) - -// GetSigV4SigningName gets the signing name from Properties. -func GetSigV4SigningName(p *smithy.Properties) (string, bool) { - v, ok := p.Get(sigV4SigningNameKey{}).(string) - return v, ok -} - -// SetSigV4SigningName sets the signing name on Properties. -func SetSigV4SigningName(p *smithy.Properties, name string) { - p.Set(sigV4SigningNameKey{}, name) -} - -// GetSigV4SigningRegion gets the signing region from Properties. -func GetSigV4SigningRegion(p *smithy.Properties) (string, bool) { - v, ok := p.Get(sigV4SigningRegionKey{}).(string) - return v, ok -} - -// SetSigV4SigningRegion sets the signing region on Properties. -func SetSigV4SigningRegion(p *smithy.Properties, region string) { - p.Set(sigV4SigningRegionKey{}, region) -} - -// GetSigV4ASigningName gets the v4a signing name from Properties. -func GetSigV4ASigningName(p *smithy.Properties) (string, bool) { - v, ok := p.Get(sigV4ASigningNameKey{}).(string) - return v, ok -} - -// SetSigV4ASigningName sets the signing name on Properties. -func SetSigV4ASigningName(p *smithy.Properties, name string) { - p.Set(sigV4ASigningNameKey{}, name) -} - -// GetSigV4ASigningRegion gets the v4a signing region set from Properties. -func GetSigV4ASigningRegions(p *smithy.Properties) ([]string, bool) { - v, ok := p.Get(sigV4ASigningRegionsKey{}).([]string) - return v, ok -} - -// SetSigV4ASigningRegions sets the v4a signing region set on Properties. -func SetSigV4ASigningRegions(p *smithy.Properties, regions []string) { - p.Set(sigV4ASigningRegionsKey{}, regions) -} - -// GetIsUnsignedPayload gets whether the payload is unsigned from Properties. -func GetIsUnsignedPayload(p *smithy.Properties) (bool, bool) { - v, ok := p.Get(isUnsignedPayloadKey{}).(bool) - return v, ok -} - -// SetIsUnsignedPayload sets whether the payload is unsigned on Properties. -func SetIsUnsignedPayload(p *smithy.Properties, isUnsignedPayload bool) { - p.Set(isUnsignedPayloadKey{}, isUnsignedPayload) -} - -// GetDisableDoubleEncoding gets whether the payload is unsigned from Properties. -func GetDisableDoubleEncoding(p *smithy.Properties) (bool, bool) { - v, ok := p.Get(disableDoubleEncodingKey{}).(bool) - return v, ok -} - -// SetDisableDoubleEncoding sets whether the payload is unsigned on Properties. -func SetDisableDoubleEncoding(p *smithy.Properties, disableDoubleEncoding bool) { - p.Set(disableDoubleEncodingKey{}, disableDoubleEncoding) -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/request.go b/vendor/github.com/aws/smithy-go/transport/http/request.go deleted file mode 100644 index 5cbf6f10..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/request.go +++ /dev/null @@ -1,188 +0,0 @@ -package http - -import ( - "context" - "fmt" - "io" - "net/http" - "net/url" - "strings" - - iointernal "github.com/aws/smithy-go/transport/http/internal/io" -) - -// Request provides the HTTP specific request structure for HTTP specific -// middleware steps to use to serialize input, and send an operation's request. -type Request struct { - *http.Request - stream io.Reader - isStreamSeekable bool - streamStartPos int64 -} - -// NewStackRequest returns an initialized request ready to be populated with the -// HTTP request details. Returns empty interface so the function can be used as -// a parameter to the Smithy middleware Stack constructor. -func NewStackRequest() interface{} { - return &Request{ - Request: &http.Request{ - URL: &url.URL{}, - Header: http.Header{}, - ContentLength: -1, // default to unknown length - }, - } -} - -// IsHTTPS returns if the request is HTTPS. Returns false if no endpoint URL is set. -func (r *Request) IsHTTPS() bool { - if r.URL == nil { - return false - } - return strings.EqualFold(r.URL.Scheme, "https") -} - -// Clone returns a deep copy of the Request for the new context. A reference to -// the Stream is copied, but the underlying stream is not copied. -func (r *Request) Clone() *Request { - rc := *r - rc.Request = rc.Request.Clone(context.TODO()) - return &rc -} - -// StreamLength returns the number of bytes of the serialized stream attached -// to the request and ok set. If the length cannot be determined, an error will -// be returned. -func (r *Request) StreamLength() (size int64, ok bool, err error) { - return streamLength(r.stream, r.isStreamSeekable, r.streamStartPos) -} - -func streamLength(stream io.Reader, seekable bool, startPos int64) (size int64, ok bool, err error) { - if stream == nil { - return 0, true, nil - } - - if l, ok := stream.(interface{ Len() int }); ok { - return int64(l.Len()), true, nil - } - - if !seekable { - return 0, false, nil - } - - s := stream.(io.Seeker) - endOffset, err := s.Seek(0, io.SeekEnd) - if err != nil { - return 0, false, err - } - - // The reason to seek to streamStartPos instead of 0 is to ensure that the - // SDK only sends the stream from the starting position the user's - // application provided it to the SDK at. For example application opens a - // file, and wants to skip the first N bytes uploading the rest. The - // application would move the file's offset N bytes, then hand it off to - // the SDK to send the remaining. The SDK should respect that initial offset. - _, err = s.Seek(startPos, io.SeekStart) - if err != nil { - return 0, false, err - } - - return endOffset - startPos, true, nil -} - -// RewindStream will rewind the io.Reader to the relative start position if it -// is an io.Seeker. -func (r *Request) RewindStream() error { - // If there is no stream there is nothing to rewind. - if r.stream == nil { - return nil - } - - if !r.isStreamSeekable { - return fmt.Errorf("request stream is not seekable") - } - _, err := r.stream.(io.Seeker).Seek(r.streamStartPos, io.SeekStart) - return err -} - -// GetStream returns the request stream io.Reader if a stream is set. If no -// stream is present nil will be returned. -func (r *Request) GetStream() io.Reader { - return r.stream -} - -// IsStreamSeekable returns whether the stream is seekable. -func (r *Request) IsStreamSeekable() bool { - return r.isStreamSeekable -} - -// SetStream returns a clone of the request with the stream set to the provided -// reader. May return an error if the provided reader is seekable but returns -// an error. -func (r *Request) SetStream(reader io.Reader) (rc *Request, err error) { - rc = r.Clone() - - if reader == http.NoBody { - reader = nil - } - - var isStreamSeekable bool - var streamStartPos int64 - switch v := reader.(type) { - case io.Seeker: - n, err := v.Seek(0, io.SeekCurrent) - if err != nil { - return r, err - } - isStreamSeekable = true - streamStartPos = n - default: - // If the stream length can be determined, and is determined to be empty, - // use a nil stream to prevent confusion between empty vs not-empty - // streams. - length, ok, err := streamLength(reader, false, 0) - if err != nil { - return nil, err - } else if ok && length == 0 { - reader = nil - } - } - - rc.stream = reader - rc.isStreamSeekable = isStreamSeekable - rc.streamStartPos = streamStartPos - - return rc, err -} - -// Build returns a build standard HTTP request value from the Smithy request. -// The request's stream is wrapped in a safe container that allows it to be -// reused for subsequent attempts. -func (r *Request) Build(ctx context.Context) *http.Request { - req := r.Request.Clone(ctx) - - if r.stream == nil && req.ContentLength == -1 { - req.ContentLength = 0 - } - - switch stream := r.stream.(type) { - case *io.PipeReader: - req.Body = io.NopCloser(stream) - req.ContentLength = -1 - default: - // HTTP Client Request must only have a non-nil body if the - // ContentLength is explicitly unknown (-1) or non-zero. The HTTP - // Client will interpret a non-nil body and ContentLength 0 as - // "unknown". This is unwanted behavior. - if req.ContentLength != 0 && r.stream != nil { - req.Body = iointernal.NewSafeReadCloser(io.NopCloser(stream)) - } - } - - return req -} - -// RequestCloner is a function that can take an input request type and clone the request -// for use in a subsequent retry attempt. -func RequestCloner(v interface{}) interface{} { - return v.(*Request).Clone() -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/response.go b/vendor/github.com/aws/smithy-go/transport/http/response.go deleted file mode 100644 index 0c13bfcc..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/response.go +++ /dev/null @@ -1,34 +0,0 @@ -package http - -import ( - "fmt" - "net/http" -) - -// Response provides the HTTP specific response structure for HTTP specific -// middleware steps to use to deserialize the response from an operation call. -type Response struct { - *http.Response -} - -// ResponseError provides the HTTP centric error type wrapping the underlying -// error with the HTTP response value. -type ResponseError struct { - Response *Response - Err error -} - -// HTTPStatusCode returns the HTTP response status code received from the service. -func (e *ResponseError) HTTPStatusCode() int { return e.Response.StatusCode } - -// HTTPResponse returns the HTTP response received from the service. -func (e *ResponseError) HTTPResponse() *Response { return e.Response } - -// Unwrap returns the nested error if any, or nil. -func (e *ResponseError) Unwrap() error { return e.Err } - -func (e *ResponseError) Error() string { - return fmt.Sprintf( - "http response error StatusCode: %d, %v", - e.Response.StatusCode, e.Err) -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/time.go b/vendor/github.com/aws/smithy-go/transport/http/time.go deleted file mode 100644 index 607b196a..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/time.go +++ /dev/null @@ -1,13 +0,0 @@ -package http - -import ( - "time" - - smithytime "github.com/aws/smithy-go/time" -) - -// ParseTime parses a time string like the HTTP Date header. This uses a more -// relaxed rule set for date parsing compared to the standard library. -func ParseTime(text string) (t time.Time, err error) { - return smithytime.ParseHTTPDate(text) -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/url.go b/vendor/github.com/aws/smithy-go/transport/http/url.go deleted file mode 100644 index 60a5fc10..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/url.go +++ /dev/null @@ -1,44 +0,0 @@ -package http - -import "strings" - -// JoinPath returns an absolute URL path composed of the two paths provided. -// Enforces that the returned path begins with '/'. If added path is empty the -// returned path suffix will match the first parameter suffix. -func JoinPath(a, b string) string { - if len(a) == 0 { - a = "/" - } else if a[0] != '/' { - a = "/" + a - } - - if len(b) != 0 && b[0] == '/' { - b = b[1:] - } - - if len(b) != 0 && len(a) > 1 && a[len(a)-1] != '/' { - a = a + "/" - } - - return a + b -} - -// JoinRawQuery returns an absolute raw query expression. Any duplicate '&' -// will be collapsed to single separator between values. -func JoinRawQuery(a, b string) string { - a = strings.TrimFunc(a, isAmpersand) - b = strings.TrimFunc(b, isAmpersand) - - if len(a) == 0 { - return b - } - if len(b) == 0 { - return a - } - - return a + "&" + b -} - -func isAmpersand(v rune) bool { - return v == '&' -} diff --git a/vendor/github.com/aws/smithy-go/transport/http/user_agent.go b/vendor/github.com/aws/smithy-go/transport/http/user_agent.go deleted file mode 100644 index 71a7e0d8..00000000 --- a/vendor/github.com/aws/smithy-go/transport/http/user_agent.go +++ /dev/null @@ -1,37 +0,0 @@ -package http - -import ( - "strings" -) - -// UserAgentBuilder is a builder for a HTTP User-Agent string. -type UserAgentBuilder struct { - sb strings.Builder -} - -// NewUserAgentBuilder returns a new UserAgentBuilder. -func NewUserAgentBuilder() *UserAgentBuilder { - return &UserAgentBuilder{sb: strings.Builder{}} -} - -// AddKey adds the named component/product to the agent string -func (u *UserAgentBuilder) AddKey(key string) { - u.appendTo(key) -} - -// AddKeyValue adds the named key to the agent string with the given value. -func (u *UserAgentBuilder) AddKeyValue(key, value string) { - u.appendTo(key + "/" + value) -} - -// Build returns the constructed User-Agent string. May be called multiple times. -func (u *UserAgentBuilder) Build() string { - return u.sb.String() -} - -func (u *UserAgentBuilder) appendTo(value string) { - if u.sb.Len() > 0 { - u.sb.WriteRune(' ') - } - u.sb.WriteString(value) -} diff --git a/vendor/github.com/aws/smithy-go/validation.go b/vendor/github.com/aws/smithy-go/validation.go deleted file mode 100644 index b5eedc1f..00000000 --- a/vendor/github.com/aws/smithy-go/validation.go +++ /dev/null @@ -1,140 +0,0 @@ -package smithy - -import ( - "bytes" - "fmt" - "strings" -) - -// An InvalidParamsError provides wrapping of invalid parameter errors found when -// validating API operation input parameters. -type InvalidParamsError struct { - // Context is the base context of the invalid parameter group. - Context string - errs []InvalidParamError -} - -// Add adds a new invalid parameter error to the collection of invalid -// parameters. The context of the invalid parameter will be updated to reflect -// this collection. -func (e *InvalidParamsError) Add(err InvalidParamError) { - err.SetContext(e.Context) - e.errs = append(e.errs, err) -} - -// AddNested adds the invalid parameter errors from another InvalidParamsError -// value into this collection. The nested errors will have their nested context -// updated and base context to reflect the merging. -// -// Use for nested validations errors. -func (e *InvalidParamsError) AddNested(nestedCtx string, nested InvalidParamsError) { - for _, err := range nested.errs { - err.SetContext(e.Context) - err.AddNestedContext(nestedCtx) - e.errs = append(e.errs, err) - } -} - -// Len returns the number of invalid parameter errors -func (e *InvalidParamsError) Len() int { - return len(e.errs) -} - -// Error returns the string formatted form of the invalid parameters. -func (e InvalidParamsError) Error() string { - w := &bytes.Buffer{} - fmt.Fprintf(w, "%d validation error(s) found.\n", len(e.errs)) - - for _, err := range e.errs { - fmt.Fprintf(w, "- %s\n", err.Error()) - } - - return w.String() -} - -// Errs returns a slice of the invalid parameters -func (e InvalidParamsError) Errs() []error { - errs := make([]error, len(e.errs)) - for i := 0; i < len(errs); i++ { - errs[i] = e.errs[i] - } - - return errs -} - -// An InvalidParamError represents an invalid parameter error type. -type InvalidParamError interface { - error - - // Field name the error occurred on. - Field() string - - // SetContext updates the context of the error. - SetContext(string) - - // AddNestedContext updates the error's context to include a nested level. - AddNestedContext(string) -} - -type invalidParamError struct { - context string - nestedContext string - field string - reason string -} - -// Error returns the string version of the invalid parameter error. -func (e invalidParamError) Error() string { - return fmt.Sprintf("%s, %s.", e.reason, e.Field()) -} - -// Field Returns the field and context the error occurred. -func (e invalidParamError) Field() string { - sb := &strings.Builder{} - sb.WriteString(e.context) - if sb.Len() > 0 { - if len(e.nestedContext) == 0 || (len(e.nestedContext) > 0 && e.nestedContext[:1] != "[") { - sb.WriteRune('.') - } - } - if len(e.nestedContext) > 0 { - sb.WriteString(e.nestedContext) - sb.WriteRune('.') - } - sb.WriteString(e.field) - return sb.String() -} - -// SetContext updates the base context of the error. -func (e *invalidParamError) SetContext(ctx string) { - e.context = ctx -} - -// AddNestedContext prepends a context to the field's path. -func (e *invalidParamError) AddNestedContext(ctx string) { - if len(e.nestedContext) == 0 { - e.nestedContext = ctx - return - } - // Check if our nested context is an index into a slice or map - if e.nestedContext[:1] != "[" { - e.nestedContext = fmt.Sprintf("%s.%s", ctx, e.nestedContext) - return - } - e.nestedContext = ctx + e.nestedContext -} - -// An ParamRequiredError represents an required parameter error. -type ParamRequiredError struct { - invalidParamError -} - -// NewErrParamRequired creates a new required parameter error. -func NewErrParamRequired(field string) *ParamRequiredError { - return &ParamRequiredError{ - invalidParamError{ - field: field, - reason: fmt.Sprintf("missing required field"), - }, - } -} diff --git a/vendor/github.com/cihub/seelog/LICENSE.txt b/vendor/github.com/cihub/seelog/LICENSE.txt deleted file mode 100644 index 8c706814..00000000 --- a/vendor/github.com/cihub/seelog/LICENSE.txt +++ /dev/null @@ -1,24 +0,0 @@ -Copyright (c) 2012, Cloud Instruments Co., Ltd. -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - * Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - * Neither the name of the Cloud Instruments Co., Ltd. nor the - names of its contributors may be used to endorse or promote products - derived from this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY -DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/cihub/seelog/README.markdown b/vendor/github.com/cihub/seelog/README.markdown deleted file mode 100644 index 7dd1ab35..00000000 --- a/vendor/github.com/cihub/seelog/README.markdown +++ /dev/null @@ -1,116 +0,0 @@ -Seelog -======= - -Seelog is a powerful and easy-to-learn logging framework that provides functionality for flexible dispatching, filtering, and formatting log messages. -It is natively written in the [Go](http://golang.org/) programming language. - -[![Build Status](https://drone.io/github.com/cihub/seelog/status.png)](https://drone.io/github.com/cihub/seelog/latest) - -Features ------------------- - -* Xml configuring to be able to change logger parameters without recompilation -* Changing configurations on the fly without app restart -* Possibility to set different log configurations for different project files and functions -* Adjustable message formatting -* Simultaneous log output to multiple streams -* Choosing logger priority strategy to minimize performance hit -* Different output writers - * Console writer - * File writer - * Buffered writer (Chunk writer) - * Rolling log writer (Logging with rotation) - * SMTP writer - * Others... (See [Wiki](https://github.com/cihub/seelog/wiki)) -* Log message wrappers (JSON, XML, etc.) -* Global variables and functions for easy usage in standalone apps -* Functions for flexible usage in libraries - -Quick-start ------------ - -```go -package main - -import log "github.com/cihub/seelog" - -func main() { - defer log.Flush() - log.Info("Hello from Seelog!") -} -``` - -Installation ------------- - -If you don't have the Go development environment installed, visit the -[Getting Started](http://golang.org/doc/install.html) document and follow the instructions. Once you're ready, execute the following command: - -``` -go get -u github.com/cihub/seelog -``` - -*IMPORTANT*: If you are not using the latest release version of Go, check out this [wiki page](https://github.com/cihub/seelog/wiki/Notes-on-'go-get') - -Documentation ---------------- - -Seelog has github wiki pages, which contain detailed how-tos references: https://github.com/cihub/seelog/wiki - -Examples ---------------- - -Seelog examples can be found here: [seelog-examples](https://github.com/cihub/seelog-examples) - -Issues ---------------- - -Feel free to push issues that could make Seelog better: https://github.com/cihub/seelog/issues - -Changelog ---------------- -* **v2.6** : Config using code and custom formatters - * Configuration using code in addition to xml (All internal receiver/dispatcher/logger types are now exported). - * Custom formatters. Check [wiki](https://github.com/cihub/seelog/wiki/Custom-formatters) - * Bugfixes and internal improvements. -* **v2.5** : Interaction with other systems. Part 2: custom receivers - * Finished custom receivers feature. Check [wiki](https://github.com/cihub/seelog/wiki/custom-receivers) - * Added 'LoggerFromCustomReceiver' - * Added 'LoggerFromWriterWithMinLevelAndFormat' - * Added 'LoggerFromCustomReceiver' - * Added 'LoggerFromParamConfigAs...' -* **v2.4** : Interaction with other systems. Part 1: wrapping seelog - * Added configurable caller stack skip logic - * Added 'SetAdditionalStackDepth' to 'LoggerInterface' -* **v2.3** : Rethinking 'rolling' receiver - * Reimplemented 'rolling' receiver - * Added 'Max rolls' feature for 'rolling' receiver with type='date' - * Fixed 'rolling' receiver issue: renaming on Windows -* **v2.2** : go1.0 compatibility point [go1.0 tag] - * Fixed internal bugs - * Added 'ANSI n [;k]' format identifier: %EscN - * Made current release go1 compatible -* **v2.1** : Some new features - * Rolling receiver archiving option. - * Added format identifier: %Line - * Smtp: added paths to PEM files directories - * Added format identifier: %FuncShort - * Warn, Error and Critical methods now return an error -* **v2.0** : Second major release. BREAKING CHANGES. - * Support of binaries with stripped symbols - * Added log strategy: adaptive - * Critical message now forces Flush() - * Added predefined formats: xml-debug, xml-debug-short, xml, xml-short, json-debug, json-debug-short, json, json-short, debug, debug-short, fast - * Added receiver: conn (network connection writer) - * BREAKING CHANGE: added Tracef, Debugf, Infof, etc. to satisfy the print/printf principle - * Bug fixes -* **v1.0** : Initial release. Features: - * Xml config - * Changing configurations on the fly without app restart - * Contraints and exceptions - * Formatting - * Log strategies: sync, async loop, async timer - * Receivers: buffered, console, file, rolling, smtp - - - diff --git a/vendor/github.com/cihub/seelog/archive/archive.go b/vendor/github.com/cihub/seelog/archive/archive.go deleted file mode 100644 index 923036f2..00000000 --- a/vendor/github.com/cihub/seelog/archive/archive.go +++ /dev/null @@ -1,198 +0,0 @@ -package archive - -import ( - "archive/tar" - "archive/zip" - "fmt" - "io" - "io/ioutil" - "os" - "time" - - "github.com/cihub/seelog/archive/gzip" -) - -// Reader is the interface for reading files from an archive. -type Reader interface { - NextFile() (name string, err error) - io.Reader -} - -// ReadCloser is the interface that groups Reader with the Close method. -type ReadCloser interface { - Reader - io.Closer -} - -// Writer is the interface for writing files to an archived format. -type Writer interface { - NextFile(name string, fi os.FileInfo) error - io.Writer -} - -// WriteCloser is the interface that groups Writer with the Close method. -type WriteCloser interface { - Writer - io.Closer -} - -type nopCloser struct{ Reader } - -func (nopCloser) Close() error { return nil } - -// NopCloser returns a ReadCloser with a no-op Close method wrapping the -// provided Reader r. -func NopCloser(r Reader) ReadCloser { - return nopCloser{r} -} - -// Copy copies from src to dest until either EOF is reached on src or an error -// occurs. -// -// When the archive format of src matches that of dst, Copy streams the files -// directly into dst. Otherwise, copy buffers the contents to disk to compute -// headers before writing to dst. -func Copy(dst Writer, src Reader) error { - switch src := src.(type) { - case tarReader: - if dst, ok := dst.(tarWriter); ok { - return copyTar(dst, src) - } - case zipReader: - if dst, ok := dst.(zipWriter); ok { - return copyZip(dst, src) - } - // Switch on concrete type because gzip has no special methods - case *gzip.Reader: - if dst, ok := dst.(*gzip.Writer); ok { - _, err := io.Copy(dst, src) - return err - } - } - - return copyBuffer(dst, src) -} - -func copyBuffer(dst Writer, src Reader) (err error) { - const defaultFileMode = 0666 - - buf, err := ioutil.TempFile("", "archive_copy_buffer") - if err != nil { - return err - } - defer os.Remove(buf.Name()) // Do not care about failure removing temp - defer buf.Close() // Do not care about failure closing temp - for { - // Handle the next file - name, err := src.NextFile() - switch err { - case io.EOF: // Done copying - return nil - default: // Failed to write: bail out - return err - case nil: // Proceed below - } - - // Buffer the file - if _, err := io.Copy(buf, src); err != nil { - return fmt.Errorf("buffer to disk: %v", err) - } - - // Seek to the start of the file for full file copy - if _, err := buf.Seek(0, os.SEEK_SET); err != nil { - return err - } - - // Set desired file permissions - if err := os.Chmod(buf.Name(), defaultFileMode); err != nil { - return err - } - fi, err := buf.Stat() - if err != nil { - return err - } - - // Write the buffered file - if err := dst.NextFile(name, fi); err != nil { - return err - } - if _, err := io.Copy(dst, buf); err != nil { - return fmt.Errorf("copy to dst: %v", err) - } - if err := buf.Truncate(0); err != nil { - return err - } - if _, err := buf.Seek(0, os.SEEK_SET); err != nil { - return err - } - } -} - -type tarReader interface { - Next() (*tar.Header, error) - io.Reader -} - -type tarWriter interface { - WriteHeader(hdr *tar.Header) error - io.Writer -} - -type zipReader interface { - Files() []*zip.File -} - -type zipWriter interface { - CreateHeader(fh *zip.FileHeader) (io.Writer, error) -} - -func copyTar(w tarWriter, r tarReader) error { - for { - hdr, err := r.Next() - switch err { - case io.EOF: - return nil - default: // Handle error - return err - case nil: // Proceed below - } - - info := hdr.FileInfo() - // Skip directories - if info.IsDir() { - continue - } - if err := w.WriteHeader(hdr); err != nil { - return err - } - if _, err := io.Copy(w, r); err != nil { - return err - } - } -} - -func copyZip(zw zipWriter, r zipReader) error { - for _, f := range r.Files() { - if err := copyZipFile(zw, f); err != nil { - return err - } - } - return nil -} - -func copyZipFile(zw zipWriter, f *zip.File) error { - rc, err := f.Open() - if err != nil { - return err - } - defer rc.Close() // Read-only - - hdr := f.FileHeader - hdr.SetModTime(time.Now()) - w, err := zw.CreateHeader(&hdr) - if err != nil { - return err - } - _, err = io.Copy(w, rc) - return err -} diff --git a/vendor/github.com/cihub/seelog/archive/gzip/gzip.go b/vendor/github.com/cihub/seelog/archive/gzip/gzip.go deleted file mode 100644 index ea121018..00000000 --- a/vendor/github.com/cihub/seelog/archive/gzip/gzip.go +++ /dev/null @@ -1,64 +0,0 @@ -// Package gzip implements reading and writing of gzip format compressed files. -// See the compress/gzip package for more details. -package gzip - -import ( - "compress/gzip" - "fmt" - "io" - "os" -) - -// Reader is an io.Reader that can be read to retrieve uncompressed data from a -// gzip-format compressed file. -type Reader struct { - gzip.Reader - name string - isEOF bool -} - -// NewReader creates a new Reader reading the given reader. -func NewReader(r io.Reader, name string) (*Reader, error) { - gr, err := gzip.NewReader(r) - if err != nil { - return nil, err - } - return &Reader{ - Reader: *gr, - name: name, - }, nil -} - -// NextFile returns the file name. Calls subsequent to the first call will -// return EOF. -func (r *Reader) NextFile() (name string, err error) { - if r.isEOF { - return "", io.EOF - } - - r.isEOF = true - return r.name, nil -} - -// Writer is an io.WriteCloser. Writes to a Writer are compressed and written to w. -type Writer struct { - gzip.Writer - name string - noMoreFiles bool -} - -// NextFile never returns a next file, and should not be called more than once. -func (w *Writer) NextFile(name string, _ os.FileInfo) error { - if w.noMoreFiles { - return fmt.Errorf("gzip: only accepts one file: already received %q and now %q", w.name, name) - } - w.noMoreFiles = true - w.name = name - return nil -} - -// NewWriter returns a new Writer. Writes to the returned writer are compressed -// and written to w. -func NewWriter(w io.Writer) *Writer { - return &Writer{Writer: *gzip.NewWriter(w)} -} diff --git a/vendor/github.com/cihub/seelog/archive/tar/tar.go b/vendor/github.com/cihub/seelog/archive/tar/tar.go deleted file mode 100644 index 8dd87f57..00000000 --- a/vendor/github.com/cihub/seelog/archive/tar/tar.go +++ /dev/null @@ -1,72 +0,0 @@ -package tar - -import ( - "archive/tar" - "io" - "os" -) - -// Reader provides sequential access to the contents of a tar archive. -type Reader struct { - tar.Reader -} - -// NewReader creates a new Reader reading from r. -func NewReader(r io.Reader) *Reader { - return &Reader{Reader: *tar.NewReader(r)} -} - -// NextFile advances to the next file in the tar archive. -func (r *Reader) NextFile() (name string, err error) { - hdr, err := r.Next() - if err != nil { - return "", err - } - return hdr.Name, nil -} - -// Writer provides sequential writing of a tar archive in POSIX.1 format. -type Writer struct { - tar.Writer - closers []io.Closer -} - -// NewWriter creates a new Writer writing to w. -func NewWriter(w io.Writer) *Writer { - return &Writer{Writer: *tar.NewWriter(w)} -} - -// NewWriteMultiCloser creates a new Writer writing to w that also closes all -// closers in order on close. -func NewWriteMultiCloser(w io.WriteCloser, closers ...io.Closer) *Writer { - return &Writer{ - Writer: *tar.NewWriter(w), - closers: closers, - } -} - -// NextFile computes and writes a header and prepares to accept the file's -// contents. -func (w *Writer) NextFile(name string, fi os.FileInfo) error { - if name == "" { - name = fi.Name() - } - hdr, err := tar.FileInfoHeader(fi, name) - if err != nil { - return err - } - hdr.Name = name - return w.WriteHeader(hdr) -} - -// Close closes the tar archive and all other closers, flushing any unwritten -// data to the underlying writer. -func (w *Writer) Close() error { - err := w.Writer.Close() - for _, c := range w.closers { - if cerr := c.Close(); cerr != nil && err == nil { - err = cerr - } - } - return err -} diff --git a/vendor/github.com/cihub/seelog/archive/zip/zip.go b/vendor/github.com/cihub/seelog/archive/zip/zip.go deleted file mode 100644 index 4210b03b..00000000 --- a/vendor/github.com/cihub/seelog/archive/zip/zip.go +++ /dev/null @@ -1,89 +0,0 @@ -package zip - -import ( - "archive/zip" - "io" - "os" -) - -// Reader provides sequential access to the contents of a zip archive. -type Reader struct { - zip.Reader - unread []*zip.File - rc io.ReadCloser -} - -// NewReader returns a new Reader reading from r, which is assumed to have the -// given size in bytes. -func NewReader(r io.ReaderAt, size int64) (*Reader, error) { - zr, err := zip.NewReader(r, size) - if err != nil { - return nil, err - } - return &Reader{Reader: *zr}, nil -} - -// NextFile advances to the next file in the zip archive. -func (r *Reader) NextFile() (name string, err error) { - // Initialize unread - if r.unread == nil { - r.unread = r.Files()[:] - } - - // Close previous file - if r.rc != nil { - r.rc.Close() // Read-only - } - - if len(r.unread) == 0 { - return "", io.EOF - } - - // Open and return next unread - f := r.unread[0] - name, r.unread = f.Name, r.unread[1:] - r.rc, err = f.Open() - if err != nil { - return "", err - } - return name, nil -} - -func (r *Reader) Read(p []byte) (n int, err error) { - return r.rc.Read(p) -} - -// Files returns the full list of files in the zip archive. -func (r *Reader) Files() []*zip.File { - return r.File -} - -// Writer provides sequential writing of a zip archive.1 format. -type Writer struct { - zip.Writer - w io.Writer -} - -// NewWriter returns a new Writer writing to w. -func NewWriter(w io.Writer) *Writer { - return &Writer{Writer: *zip.NewWriter(w)} -} - -// NextFile computes and writes a header and prepares to accept the file's -// contents. -func (w *Writer) NextFile(name string, fi os.FileInfo) error { - if name == "" { - name = fi.Name() - } - hdr, err := zip.FileInfoHeader(fi) - if err != nil { - return err - } - hdr.Name = name - w.w, err = w.CreateHeader(hdr) - return err -} - -func (w *Writer) Write(p []byte) (n int, err error) { - return w.w.Write(p) -} diff --git a/vendor/github.com/cihub/seelog/behavior_adaptivelogger.go b/vendor/github.com/cihub/seelog/behavior_adaptivelogger.go deleted file mode 100644 index 0c640cae..00000000 --- a/vendor/github.com/cihub/seelog/behavior_adaptivelogger.go +++ /dev/null @@ -1,129 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "math" - "time" -) - -var ( - adaptiveLoggerMaxInterval = time.Minute - adaptiveLoggerMaxCriticalMsgCount = uint32(1000) -) - -// asyncAdaptiveLogger represents asynchronous adaptive logger which acts like -// an async timer logger, but its interval depends on the current message count -// in the queue. -// -// Interval = I, minInterval = m, maxInterval = M, criticalMsgCount = C, msgCount = c: -// I = m + (C - Min(c, C)) / C * (M - m) -type asyncAdaptiveLogger struct { - asyncLogger - minInterval time.Duration - criticalMsgCount uint32 - maxInterval time.Duration -} - -// NewAsyncLoopLogger creates a new asynchronous adaptive logger -func NewAsyncAdaptiveLogger( - config *logConfig, - minInterval time.Duration, - maxInterval time.Duration, - criticalMsgCount uint32) (*asyncAdaptiveLogger, error) { - - if minInterval <= 0 { - return nil, errors.New("async adaptive logger min interval should be > 0") - } - - if maxInterval > adaptiveLoggerMaxInterval { - return nil, fmt.Errorf("async adaptive logger max interval should be <= %s", - adaptiveLoggerMaxInterval) - } - - if criticalMsgCount <= 0 { - return nil, errors.New("async adaptive logger critical msg count should be > 0") - } - - if criticalMsgCount > adaptiveLoggerMaxCriticalMsgCount { - return nil, fmt.Errorf("async adaptive logger critical msg count should be <= %s", - adaptiveLoggerMaxInterval) - } - - asnAdaptiveLogger := new(asyncAdaptiveLogger) - - asnAdaptiveLogger.asyncLogger = *newAsyncLogger(config) - asnAdaptiveLogger.minInterval = minInterval - asnAdaptiveLogger.maxInterval = maxInterval - asnAdaptiveLogger.criticalMsgCount = criticalMsgCount - - go asnAdaptiveLogger.processQueue() - - return asnAdaptiveLogger, nil -} - -func (asnAdaptiveLogger *asyncAdaptiveLogger) processItem() (closed bool, itemCount int) { - asnAdaptiveLogger.queueHasElements.L.Lock() - defer asnAdaptiveLogger.queueHasElements.L.Unlock() - - for asnAdaptiveLogger.msgQueue.Len() == 0 && !asnAdaptiveLogger.Closed() { - asnAdaptiveLogger.queueHasElements.Wait() - } - - if asnAdaptiveLogger.Closed() { - return true, asnAdaptiveLogger.msgQueue.Len() - } - - asnAdaptiveLogger.processQueueElement() - return false, asnAdaptiveLogger.msgQueue.Len() - 1 -} - -// I = m + (C - Min(c, C)) / C * (M - m) => -// I = m + cDiff * mDiff, -// cDiff = (C - Min(c, C)) / C) -// mDiff = (M - m) -func (asnAdaptiveLogger *asyncAdaptiveLogger) calcAdaptiveInterval(msgCount int) time.Duration { - critCountF := float64(asnAdaptiveLogger.criticalMsgCount) - cDiff := (critCountF - math.Min(float64(msgCount), critCountF)) / critCountF - mDiff := float64(asnAdaptiveLogger.maxInterval - asnAdaptiveLogger.minInterval) - - return asnAdaptiveLogger.minInterval + time.Duration(cDiff*mDiff) -} - -func (asnAdaptiveLogger *asyncAdaptiveLogger) processQueue() { - for !asnAdaptiveLogger.Closed() { - closed, itemCount := asnAdaptiveLogger.processItem() - - if closed { - break - } - - interval := asnAdaptiveLogger.calcAdaptiveInterval(itemCount) - - <-time.After(interval) - } -} diff --git a/vendor/github.com/cihub/seelog/behavior_asynclogger.go b/vendor/github.com/cihub/seelog/behavior_asynclogger.go deleted file mode 100644 index 75231067..00000000 --- a/vendor/github.com/cihub/seelog/behavior_asynclogger.go +++ /dev/null @@ -1,142 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "container/list" - "fmt" - "sync" -) - -// MaxQueueSize is the critical number of messages in the queue that result in an immediate flush. -const ( - MaxQueueSize = 10000 -) - -type msgQueueItem struct { - level LogLevel - context LogContextInterface - message fmt.Stringer -} - -// asyncLogger represents common data for all asynchronous loggers -type asyncLogger struct { - commonLogger - msgQueue *list.List - queueHasElements *sync.Cond -} - -// newAsyncLogger creates a new asynchronous logger -func newAsyncLogger(config *logConfig) *asyncLogger { - asnLogger := new(asyncLogger) - - asnLogger.msgQueue = list.New() - asnLogger.queueHasElements = sync.NewCond(new(sync.Mutex)) - - asnLogger.commonLogger = *newCommonLogger(config, asnLogger) - - return asnLogger -} - -func (asnLogger *asyncLogger) innerLog( - level LogLevel, - context LogContextInterface, - message fmt.Stringer) { - - asnLogger.addMsgToQueue(level, context, message) -} - -func (asnLogger *asyncLogger) Close() { - asnLogger.m.Lock() - defer asnLogger.m.Unlock() - - if !asnLogger.Closed() { - asnLogger.flushQueue(true) - asnLogger.config.RootDispatcher.Flush() - - if err := asnLogger.config.RootDispatcher.Close(); err != nil { - reportInternalError(err) - } - - asnLogger.closedM.Lock() - asnLogger.closed = true - asnLogger.closedM.Unlock() - asnLogger.queueHasElements.Broadcast() - } -} - -func (asnLogger *asyncLogger) Flush() { - asnLogger.m.Lock() - defer asnLogger.m.Unlock() - - if !asnLogger.Closed() { - asnLogger.flushQueue(true) - asnLogger.config.RootDispatcher.Flush() - } -} - -func (asnLogger *asyncLogger) flushQueue(lockNeeded bool) { - if lockNeeded { - asnLogger.queueHasElements.L.Lock() - defer asnLogger.queueHasElements.L.Unlock() - } - - for asnLogger.msgQueue.Len() > 0 { - asnLogger.processQueueElement() - } -} - -func (asnLogger *asyncLogger) processQueueElement() { - if asnLogger.msgQueue.Len() > 0 { - backElement := asnLogger.msgQueue.Front() - msg, _ := backElement.Value.(msgQueueItem) - asnLogger.processLogMsg(msg.level, msg.message, msg.context) - asnLogger.msgQueue.Remove(backElement) - } -} - -func (asnLogger *asyncLogger) addMsgToQueue( - level LogLevel, - context LogContextInterface, - message fmt.Stringer) { - - if !asnLogger.Closed() { - asnLogger.queueHasElements.L.Lock() - defer asnLogger.queueHasElements.L.Unlock() - - if asnLogger.msgQueue.Len() >= MaxQueueSize { - fmt.Printf("Seelog queue overflow: more than %v messages in the queue. Flushing.\n", MaxQueueSize) - asnLogger.flushQueue(false) - } - - queueItem := msgQueueItem{level, context, message} - - asnLogger.msgQueue.PushBack(queueItem) - asnLogger.queueHasElements.Broadcast() - } else { - err := fmt.Errorf("queue closed! Cannot process element: %d %#v", level, message) - reportInternalError(err) - } -} diff --git a/vendor/github.com/cihub/seelog/behavior_asynclooplogger.go b/vendor/github.com/cihub/seelog/behavior_asynclooplogger.go deleted file mode 100644 index 972467b3..00000000 --- a/vendor/github.com/cihub/seelog/behavior_asynclooplogger.go +++ /dev/null @@ -1,69 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -// asyncLoopLogger represents asynchronous logger which processes the log queue in -// a 'for' loop -type asyncLoopLogger struct { - asyncLogger -} - -// NewAsyncLoopLogger creates a new asynchronous loop logger -func NewAsyncLoopLogger(config *logConfig) *asyncLoopLogger { - - asnLoopLogger := new(asyncLoopLogger) - - asnLoopLogger.asyncLogger = *newAsyncLogger(config) - - go asnLoopLogger.processQueue() - - return asnLoopLogger -} - -func (asnLoopLogger *asyncLoopLogger) processItem() (closed bool) { - asnLoopLogger.queueHasElements.L.Lock() - defer asnLoopLogger.queueHasElements.L.Unlock() - - for asnLoopLogger.msgQueue.Len() == 0 && !asnLoopLogger.Closed() { - asnLoopLogger.queueHasElements.Wait() - } - - if asnLoopLogger.Closed() { - return true - } - - asnLoopLogger.processQueueElement() - return false -} - -func (asnLoopLogger *asyncLoopLogger) processQueue() { - for !asnLoopLogger.Closed() { - closed := asnLoopLogger.processItem() - - if closed { - break - } - } -} diff --git a/vendor/github.com/cihub/seelog/behavior_asynctimerlogger.go b/vendor/github.com/cihub/seelog/behavior_asynctimerlogger.go deleted file mode 100644 index 8118f205..00000000 --- a/vendor/github.com/cihub/seelog/behavior_asynctimerlogger.go +++ /dev/null @@ -1,82 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "time" -) - -// asyncTimerLogger represents asynchronous logger which processes the log queue each -// 'duration' nanoseconds -type asyncTimerLogger struct { - asyncLogger - interval time.Duration -} - -// NewAsyncLoopLogger creates a new asynchronous loop logger -func NewAsyncTimerLogger(config *logConfig, interval time.Duration) (*asyncTimerLogger, error) { - - if interval <= 0 { - return nil, errors.New("async logger interval should be > 0") - } - - asnTimerLogger := new(asyncTimerLogger) - - asnTimerLogger.asyncLogger = *newAsyncLogger(config) - asnTimerLogger.interval = interval - - go asnTimerLogger.processQueue() - - return asnTimerLogger, nil -} - -func (asnTimerLogger *asyncTimerLogger) processItem() (closed bool) { - asnTimerLogger.queueHasElements.L.Lock() - defer asnTimerLogger.queueHasElements.L.Unlock() - - for asnTimerLogger.msgQueue.Len() == 0 && !asnTimerLogger.Closed() { - asnTimerLogger.queueHasElements.Wait() - } - - if asnTimerLogger.Closed() { - return true - } - - asnTimerLogger.processQueueElement() - return false -} - -func (asnTimerLogger *asyncTimerLogger) processQueue() { - for !asnTimerLogger.Closed() { - closed := asnTimerLogger.processItem() - - if closed { - break - } - - <-time.After(asnTimerLogger.interval) - } -} diff --git a/vendor/github.com/cihub/seelog/behavior_synclogger.go b/vendor/github.com/cihub/seelog/behavior_synclogger.go deleted file mode 100644 index 5a022ebc..00000000 --- a/vendor/github.com/cihub/seelog/behavior_synclogger.go +++ /dev/null @@ -1,75 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "fmt" -) - -// syncLogger performs logging in the same goroutine where 'Trace/Debug/...' -// func was called -type syncLogger struct { - commonLogger -} - -// NewSyncLogger creates a new synchronous logger -func NewSyncLogger(config *logConfig) *syncLogger { - syncLogger := new(syncLogger) - - syncLogger.commonLogger = *newCommonLogger(config, syncLogger) - - return syncLogger -} - -func (syncLogger *syncLogger) innerLog( - level LogLevel, - context LogContextInterface, - message fmt.Stringer) { - - syncLogger.processLogMsg(level, message, context) -} - -func (syncLogger *syncLogger) Close() { - syncLogger.m.Lock() - defer syncLogger.m.Unlock() - - if !syncLogger.Closed() { - if err := syncLogger.config.RootDispatcher.Close(); err != nil { - reportInternalError(err) - } - syncLogger.closedM.Lock() - syncLogger.closed = true - syncLogger.closedM.Unlock() - } -} - -func (syncLogger *syncLogger) Flush() { - syncLogger.m.Lock() - defer syncLogger.m.Unlock() - - if !syncLogger.Closed() { - syncLogger.config.RootDispatcher.Flush() - } -} diff --git a/vendor/github.com/cihub/seelog/cfg_config.go b/vendor/github.com/cihub/seelog/cfg_config.go deleted file mode 100644 index 76554fca..00000000 --- a/vendor/github.com/cihub/seelog/cfg_config.go +++ /dev/null @@ -1,212 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "bytes" - "encoding/xml" - "fmt" - "io" - "os" -) - -// LoggerFromConfigAsFile creates logger with config from file. File should contain valid seelog xml. -func LoggerFromConfigAsFile(fileName string) (LoggerInterface, error) { - file, err := os.Open(fileName) - if err != nil { - return nil, err - } - defer file.Close() - - conf, err := configFromReader(file) - if err != nil { - return nil, err - } - - return createLoggerFromFullConfig(conf) -} - -// LoggerFromConfigAsBytes creates a logger with config from bytes stream. Bytes should contain valid seelog xml. -func LoggerFromConfigAsBytes(data []byte) (LoggerInterface, error) { - conf, err := configFromReader(bytes.NewBuffer(data)) - if err != nil { - return nil, err - } - - return createLoggerFromFullConfig(conf) -} - -// LoggerFromConfigAsString creates a logger with config from a string. String should contain valid seelog xml. -func LoggerFromConfigAsString(data string) (LoggerInterface, error) { - return LoggerFromConfigAsBytes([]byte(data)) -} - -// LoggerFromParamConfigAsFile does the same as LoggerFromConfigAsFile, but includes special parser options. -// See 'CfgParseParams' comments. -func LoggerFromParamConfigAsFile(fileName string, parserParams *CfgParseParams) (LoggerInterface, error) { - file, err := os.Open(fileName) - if err != nil { - return nil, err - } - defer file.Close() - - conf, err := configFromReaderWithConfig(file, parserParams) - if err != nil { - return nil, err - } - - return createLoggerFromFullConfig(conf) -} - -// LoggerFromParamConfigAsBytes does the same as LoggerFromConfigAsBytes, but includes special parser options. -// See 'CfgParseParams' comments. -func LoggerFromParamConfigAsBytes(data []byte, parserParams *CfgParseParams) (LoggerInterface, error) { - conf, err := configFromReaderWithConfig(bytes.NewBuffer(data), parserParams) - if err != nil { - return nil, err - } - - return createLoggerFromFullConfig(conf) -} - -// LoggerFromParamConfigAsString does the same as LoggerFromConfigAsString, but includes special parser options. -// See 'CfgParseParams' comments. -func LoggerFromParamConfigAsString(data string, parserParams *CfgParseParams) (LoggerInterface, error) { - return LoggerFromParamConfigAsBytes([]byte(data), parserParams) -} - -// LoggerFromWriterWithMinLevel is shortcut for LoggerFromWriterWithMinLevelAndFormat(output, minLevel, DefaultMsgFormat) -func LoggerFromWriterWithMinLevel(output io.Writer, minLevel LogLevel) (LoggerInterface, error) { - return LoggerFromWriterWithMinLevelAndFormat(output, minLevel, DefaultMsgFormat) -} - -// LoggerFromWriterWithMinLevelAndFormat creates a proxy logger that uses io.Writer as the -// receiver with minimal level = minLevel and with specified format. -// -// All messages with level more or equal to minLevel will be written to output and -// formatted using the default seelog format. -// -// Can be called for usage with non-Seelog systems -func LoggerFromWriterWithMinLevelAndFormat(output io.Writer, minLevel LogLevel, format string) (LoggerInterface, error) { - constraints, err := NewMinMaxConstraints(minLevel, CriticalLvl) - if err != nil { - return nil, err - } - formatter, err := NewFormatter(format) - if err != nil { - return nil, err - } - dispatcher, err := NewSplitDispatcher(formatter, []interface{}{output}) - if err != nil { - return nil, err - } - - conf, err := newFullLoggerConfig(constraints, make([]*LogLevelException, 0), dispatcher, syncloggerTypeFromString, nil, nil) - if err != nil { - return nil, err - } - - return createLoggerFromFullConfig(conf) -} - -// LoggerFromXMLDecoder creates logger with config from a XML decoder starting from a specific node. -// It should contain valid seelog xml, except for root node name. -func LoggerFromXMLDecoder(xmlParser *xml.Decoder, rootNode xml.Token) (LoggerInterface, error) { - conf, err := configFromXMLDecoder(xmlParser, rootNode) - if err != nil { - return nil, err - } - - return createLoggerFromFullConfig(conf) -} - -// LoggerFromCustomReceiver creates a proxy logger that uses a CustomReceiver as the -// receiver. -// -// All messages will be sent to the specified custom receiver without additional -// formatting ('%Msg' format is used). -// -// Check CustomReceiver, RegisterReceiver for additional info. -// -// NOTE 1: CustomReceiver.AfterParse is only called when a receiver is instantiated -// by the config parser while parsing config. So, if you are not planning to use the -// same CustomReceiver for both proxying (via LoggerFromCustomReceiver call) and -// loading from config, just leave AfterParse implementation empty. -// -// NOTE 2: Unlike RegisterReceiver, LoggerFromCustomReceiver takes an already initialized -// instance that implements CustomReceiver. So, fill it with data and perform any initialization -// logic before calling this func and it won't be lost. -// -// So: -// * RegisterReceiver takes value just to get the reflect.Type from it and then -// instantiate it as many times as config is reloaded. -// -// * LoggerFromCustomReceiver takes value and uses it without modification and -// reinstantiation, directy passing it to the dispatcher tree. -func LoggerFromCustomReceiver(receiver CustomReceiver) (LoggerInterface, error) { - constraints, err := NewMinMaxConstraints(TraceLvl, CriticalLvl) - if err != nil { - return nil, err - } - - output, err := NewCustomReceiverDispatcherByValue(msgonlyformatter, receiver, "user-proxy", CustomReceiverInitArgs{}) - if err != nil { - return nil, err - } - dispatcher, err := NewSplitDispatcher(msgonlyformatter, []interface{}{output}) - if err != nil { - return nil, err - } - - conf, err := newFullLoggerConfig(constraints, make([]*LogLevelException, 0), dispatcher, syncloggerTypeFromString, nil, nil) - if err != nil { - return nil, err - } - - return createLoggerFromFullConfig(conf) -} - -func CloneLogger(logger LoggerInterface) (LoggerInterface, error) { - switch logger := logger.(type) { - default: - return nil, fmt.Errorf("unexpected type %T", logger) - case *asyncAdaptiveLogger: - clone, err := NewAsyncAdaptiveLogger(logger.commonLogger.config, logger.minInterval, logger.maxInterval, logger.criticalMsgCount) - if err != nil { - return nil, err - } - return clone, nil - case *asyncLoopLogger: - return NewAsyncLoopLogger(logger.commonLogger.config), nil - case *asyncTimerLogger: - clone, err := NewAsyncTimerLogger(logger.commonLogger.config, logger.interval) - if err != nil { - return nil, err - } - return clone, nil - case *syncLogger: - return NewSyncLogger(logger.commonLogger.config), nil - } -} diff --git a/vendor/github.com/cihub/seelog/cfg_errors.go b/vendor/github.com/cihub/seelog/cfg_errors.go deleted file mode 100644 index c1fb4d10..00000000 --- a/vendor/github.com/cihub/seelog/cfg_errors.go +++ /dev/null @@ -1,61 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" -) - -var ( - errNodeMustHaveChildren = errors.New("node must have children") - errNodeCannotHaveChildren = errors.New("node cannot have children") -) - -type unexpectedChildElementError struct { - baseError -} - -func newUnexpectedChildElementError(msg string) *unexpectedChildElementError { - custmsg := "Unexpected child element: " + msg - return &unexpectedChildElementError{baseError{message: custmsg}} -} - -type missingArgumentError struct { - baseError -} - -func newMissingArgumentError(nodeName, attrName string) *missingArgumentError { - custmsg := "Output '" + nodeName + "' has no '" + attrName + "' attribute" - return &missingArgumentError{baseError{message: custmsg}} -} - -type unexpectedAttributeError struct { - baseError -} - -func newUnexpectedAttributeError(nodeName, attr string) *unexpectedAttributeError { - custmsg := nodeName + " has unexpected attribute: " + attr - return &unexpectedAttributeError{baseError{message: custmsg}} -} diff --git a/vendor/github.com/cihub/seelog/cfg_logconfig.go b/vendor/github.com/cihub/seelog/cfg_logconfig.go deleted file mode 100644 index 6ba6f9a9..00000000 --- a/vendor/github.com/cihub/seelog/cfg_logconfig.go +++ /dev/null @@ -1,141 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" -) - -type loggerTypeFromString uint8 - -const ( - syncloggerTypeFromString = iota - asyncLooploggerTypeFromString - asyncTimerloggerTypeFromString - adaptiveLoggerTypeFromString - defaultloggerTypeFromString = asyncLooploggerTypeFromString -) - -const ( - syncloggerTypeFromStringStr = "sync" - asyncloggerTypeFromStringStr = "asyncloop" - asyncTimerloggerTypeFromStringStr = "asynctimer" - adaptiveLoggerTypeFromStringStr = "adaptive" -) - -// asyncTimerLoggerData represents specific data for async timer logger -type asyncTimerLoggerData struct { - AsyncInterval uint32 -} - -// adaptiveLoggerData represents specific data for adaptive timer logger -type adaptiveLoggerData struct { - MinInterval uint32 - MaxInterval uint32 - CriticalMsgCount uint32 -} - -var loggerTypeToStringRepresentations = map[loggerTypeFromString]string{ - syncloggerTypeFromString: syncloggerTypeFromStringStr, - asyncLooploggerTypeFromString: asyncloggerTypeFromStringStr, - asyncTimerloggerTypeFromString: asyncTimerloggerTypeFromStringStr, - adaptiveLoggerTypeFromString: adaptiveLoggerTypeFromStringStr, -} - -// getLoggerTypeFromString parses a string and returns a corresponding logger type, if successful. -func getLoggerTypeFromString(logTypeString string) (level loggerTypeFromString, found bool) { - for logType, logTypeStr := range loggerTypeToStringRepresentations { - if logTypeStr == logTypeString { - return logType, true - } - } - - return 0, false -} - -// logConfig stores logging configuration. Contains messages dispatcher, allowed log level rules -// (general constraints and exceptions) -type logConfig struct { - Constraints logLevelConstraints // General log level rules (>min and ' element. It takes the 'name' attribute - // of the element and tries to find a match in two places: - // 1) CfgParseParams.CustomReceiverProducers map - // 2) Global type map, filled by RegisterReceiver - // - // If a match is found in the CustomReceiverProducers map, parser calls the corresponding producer func - // passing the init args to it. The func takes exactly the same args as CustomReceiver.AfterParse. - // The producer func must return a correct receiver or an error. If case of error, seelog will behave - // in the same way as with any other config error. - // - // You may use this param to set custom producers in case you need to pass some context when instantiating - // a custom receiver or if you frequently change custom receivers with different parameters or in any other - // situation where package-level registering (RegisterReceiver) is not an option for you. - CustomReceiverProducers map[string]CustomReceiverProducer -} - -func (cfg *CfgParseParams) String() string { - return fmt.Sprintf("CfgParams: {custom_recs=%d}", len(cfg.CustomReceiverProducers)) -} - -type elementMapEntry struct { - constructor func(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) -} - -var elementMap map[string]elementMapEntry -var predefinedFormats map[string]*formatter - -func init() { - elementMap = map[string]elementMapEntry{ - fileWriterID: {createfileWriter}, - splitterDispatcherID: {createSplitter}, - customReceiverID: {createCustomReceiver}, - filterDispatcherID: {createFilter}, - consoleWriterID: {createConsoleWriter}, - rollingfileWriterID: {createRollingFileWriter}, - bufferedWriterID: {createbufferedWriter}, - smtpWriterID: {createSMTPWriter}, - connWriterID: {createconnWriter}, - } - - err := fillPredefinedFormats() - if err != nil { - panic(fmt.Sprintf("Seelog couldn't start: predefined formats creation failed. Error: %s", err.Error())) - } -} - -func fillPredefinedFormats() error { - predefinedFormatsWithoutPrefix := map[string]string{ - "xml-debug": `%Lev%Msg%RelFile%Func%Line`, - "xml-debug-short": `%Ns%l%Msg

%RelFile

%Func`, - "xml": `%Lev%Msg`, - "xml-short": `%Ns%l%Msg`, - - "json-debug": `{"time":%Ns,"lev":"%Lev","msg":"%Msg","path":"%RelFile","func":"%Func","line":"%Line"}`, - "json-debug-short": `{"t":%Ns,"l":"%Lev","m":"%Msg","p":"%RelFile","f":"%Func"}`, - "json": `{"time":%Ns,"lev":"%Lev","msg":"%Msg"}`, - "json-short": `{"t":%Ns,"l":"%Lev","m":"%Msg"}`, - - "debug": `[%LEVEL] %RelFile:%Func.%Line %Date %Time %Msg%n`, - "debug-short": `[%LEVEL] %Date %Time %Msg%n`, - "fast": `%Ns %l %Msg%n`, - } - - predefinedFormats = make(map[string]*formatter) - - for formatKey, format := range predefinedFormatsWithoutPrefix { - formatter, err := NewFormatter(format) - if err != nil { - return err - } - - predefinedFormats[predefinedPrefix+formatKey] = formatter - } - - return nil -} - -// configFromXMLDecoder parses data from a given XML decoder. -// Returns parsed config which can be used to create logger in case no errors occured. -// Returns error if format is incorrect or anything happened. -func configFromXMLDecoder(xmlParser *xml.Decoder, rootNode xml.Token) (*configForParsing, error) { - return configFromXMLDecoderWithConfig(xmlParser, rootNode, nil) -} - -// configFromXMLDecoderWithConfig parses data from a given XML decoder. -// Returns parsed config which can be used to create logger in case no errors occured. -// Returns error if format is incorrect or anything happened. -func configFromXMLDecoderWithConfig(xmlParser *xml.Decoder, rootNode xml.Token, cfg *CfgParseParams) (*configForParsing, error) { - _, ok := rootNode.(xml.StartElement) - if !ok { - return nil, errors.New("rootNode must be XML startElement") - } - - config, err := unmarshalNode(xmlParser, rootNode) - if err != nil { - return nil, err - } - if config == nil { - return nil, errors.New("xml has no content") - } - - return configFromXMLNodeWithConfig(config, cfg) -} - -// configFromReader parses data from a given reader. -// Returns parsed config which can be used to create logger in case no errors occured. -// Returns error if format is incorrect or anything happened. -func configFromReader(reader io.Reader) (*configForParsing, error) { - return configFromReaderWithConfig(reader, nil) -} - -// configFromReaderWithConfig parses data from a given reader. -// Returns parsed config which can be used to create logger in case no errors occured. -// Returns error if format is incorrect or anything happened. -func configFromReaderWithConfig(reader io.Reader, cfg *CfgParseParams) (*configForParsing, error) { - config, err := unmarshalConfig(reader) - if err != nil { - return nil, err - } - - if config.name != seelogConfigID { - return nil, errors.New("root xml tag must be '" + seelogConfigID + "'") - } - - return configFromXMLNodeWithConfig(config, cfg) -} - -func configFromXMLNodeWithConfig(config *xmlNode, cfg *CfgParseParams) (*configForParsing, error) { - err := checkUnexpectedAttribute( - config, - minLevelID, - maxLevelID, - levelsID, - loggerTypeFromStringAttr, - asyncLoggerIntervalAttr, - adaptLoggerMinIntervalAttr, - adaptLoggerMaxIntervalAttr, - adaptLoggerCriticalMsgCountAttr, - ) - if err != nil { - return nil, err - } - - err = checkExpectedElements(config, optionalElement(outputsID), optionalElement(formatsID), optionalElement(exceptionsID)) - if err != nil { - return nil, err - } - - constraints, err := getConstraints(config) - if err != nil { - return nil, err - } - - exceptions, err := getExceptions(config) - if err != nil { - return nil, err - } - err = checkDistinctExceptions(exceptions) - if err != nil { - return nil, err - } - - formats, err := getFormats(config) - if err != nil { - return nil, err - } - - dispatcher, err := getOutputsTree(config, formats, cfg) - if err != nil { - // If we open several files, but then fail to parse the config, we should close - // those files before reporting that config is invalid. - if dispatcher != nil { - dispatcher.Close() - } - - return nil, err - } - - loggerType, logData, err := getloggerTypeFromStringData(config) - if err != nil { - return nil, err - } - - return newFullLoggerConfig(constraints, exceptions, dispatcher, loggerType, logData, cfg) -} - -func getConstraints(node *xmlNode) (logLevelConstraints, error) { - minLevelStr, isMinLevel := node.attributes[minLevelID] - maxLevelStr, isMaxLevel := node.attributes[maxLevelID] - levelsStr, isLevels := node.attributes[levelsID] - - if isLevels && (isMinLevel && isMaxLevel) { - return nil, errors.New("for level declaration use '" + levelsID + "'' OR '" + minLevelID + - "', '" + maxLevelID + "'") - } - - offString := LogLevel(Off).String() - - if (isLevels && strings.TrimSpace(levelsStr) == offString) || - (isMinLevel && !isMaxLevel && minLevelStr == offString) { - - return NewOffConstraints() - } - - if isLevels { - levels, err := parseLevels(levelsStr) - if err != nil { - return nil, err - } - return NewListConstraints(levels) - } - - var minLevel = LogLevel(TraceLvl) - if isMinLevel { - found := true - minLevel, found = LogLevelFromString(minLevelStr) - if !found { - return nil, errors.New("declared " + minLevelID + " not found: " + minLevelStr) - } - } - - var maxLevel = LogLevel(CriticalLvl) - if isMaxLevel { - found := true - maxLevel, found = LogLevelFromString(maxLevelStr) - if !found { - return nil, errors.New("declared " + maxLevelID + " not found: " + maxLevelStr) - } - } - - return NewMinMaxConstraints(minLevel, maxLevel) -} - -func parseLevels(str string) ([]LogLevel, error) { - levelsStrArr := strings.Split(strings.Replace(str, " ", "", -1), ",") - var levels []LogLevel - for _, levelStr := range levelsStrArr { - level, found := LogLevelFromString(levelStr) - if !found { - return nil, errors.New("declared level not found: " + levelStr) - } - - levels = append(levels, level) - } - - return levels, nil -} - -func getExceptions(config *xmlNode) ([]*LogLevelException, error) { - var exceptions []*LogLevelException - - var exceptionsNode *xmlNode - for _, child := range config.children { - if child.name == exceptionsID { - exceptionsNode = child - break - } - } - - if exceptionsNode == nil { - return exceptions, nil - } - - err := checkUnexpectedAttribute(exceptionsNode) - if err != nil { - return nil, err - } - - err = checkExpectedElements(exceptionsNode, multipleMandatoryElements("exception")) - if err != nil { - return nil, err - } - - for _, exceptionNode := range exceptionsNode.children { - if exceptionNode.name != exceptionID { - return nil, errors.New("incorrect nested element in exceptions section: " + exceptionNode.name) - } - - err := checkUnexpectedAttribute(exceptionNode, minLevelID, maxLevelID, levelsID, funcPatternID, filePatternID) - if err != nil { - return nil, err - } - - constraints, err := getConstraints(exceptionNode) - if err != nil { - return nil, errors.New("incorrect " + exceptionsID + " node: " + err.Error()) - } - - funcPattern, isFuncPattern := exceptionNode.attributes[funcPatternID] - filePattern, isFilePattern := exceptionNode.attributes[filePatternID] - if !isFuncPattern { - funcPattern = "*" - } - if !isFilePattern { - filePattern = "*" - } - - exception, err := NewLogLevelException(funcPattern, filePattern, constraints) - if err != nil { - return nil, errors.New("incorrect exception node: " + err.Error()) - } - - exceptions = append(exceptions, exception) - } - - return exceptions, nil -} - -func checkDistinctExceptions(exceptions []*LogLevelException) error { - for i, exception := range exceptions { - for j, exception1 := range exceptions { - if i == j { - continue - } - - if exception.FuncPattern() == exception1.FuncPattern() && - exception.FilePattern() == exception1.FilePattern() { - - return fmt.Errorf("there are two or more duplicate exceptions. Func: %v, file %v", - exception.FuncPattern(), exception.FilePattern()) - } - } - } - - return nil -} - -func getFormats(config *xmlNode) (map[string]*formatter, error) { - formats := make(map[string]*formatter, 0) - - var formatsNode *xmlNode - for _, child := range config.children { - if child.name == formatsID { - formatsNode = child - break - } - } - - if formatsNode == nil { - return formats, nil - } - - err := checkUnexpectedAttribute(formatsNode) - if err != nil { - return nil, err - } - - err = checkExpectedElements(formatsNode, multipleMandatoryElements("format")) - if err != nil { - return nil, err - } - - for _, formatNode := range formatsNode.children { - if formatNode.name != formatID { - return nil, errors.New("incorrect nested element in " + formatsID + " section: " + formatNode.name) - } - - err := checkUnexpectedAttribute(formatNode, formatKeyAttrID, formatID) - if err != nil { - return nil, err - } - - id, isID := formatNode.attributes[formatKeyAttrID] - formatStr, isFormat := formatNode.attributes[formatAttrID] - if !isID { - return nil, errors.New("format has no '" + formatKeyAttrID + "' attribute") - } - if !isFormat { - return nil, errors.New("format[" + id + "] has no '" + formatAttrID + "' attribute") - } - - formatter, err := NewFormatter(formatStr) - if err != nil { - return nil, err - } - - formats[id] = formatter - } - - return formats, nil -} - -func getloggerTypeFromStringData(config *xmlNode) (logType loggerTypeFromString, logData interface{}, err error) { - logTypeStr, loggerTypeExists := config.attributes[loggerTypeFromStringAttr] - - if !loggerTypeExists { - return defaultloggerTypeFromString, nil, nil - } - - logType, found := getLoggerTypeFromString(logTypeStr) - - if !found { - return 0, nil, fmt.Errorf("unknown logger type: %s", logTypeStr) - } - - if logType == asyncTimerloggerTypeFromString { - intervalStr, intervalExists := config.attributes[asyncLoggerIntervalAttr] - if !intervalExists { - return 0, nil, newMissingArgumentError(config.name, asyncLoggerIntervalAttr) - } - - interval, err := strconv.ParseUint(intervalStr, 10, 32) - if err != nil { - return 0, nil, err - } - - logData = asyncTimerLoggerData{uint32(interval)} - } else if logType == adaptiveLoggerTypeFromString { - - // Min interval - minIntStr, minIntExists := config.attributes[adaptLoggerMinIntervalAttr] - if !minIntExists { - return 0, nil, newMissingArgumentError(config.name, adaptLoggerMinIntervalAttr) - } - minInterval, err := strconv.ParseUint(minIntStr, 10, 32) - if err != nil { - return 0, nil, err - } - - // Max interval - maxIntStr, maxIntExists := config.attributes[adaptLoggerMaxIntervalAttr] - if !maxIntExists { - return 0, nil, newMissingArgumentError(config.name, adaptLoggerMaxIntervalAttr) - } - maxInterval, err := strconv.ParseUint(maxIntStr, 10, 32) - if err != nil { - return 0, nil, err - } - - // Critical msg count - criticalMsgCountStr, criticalMsgCountExists := config.attributes[adaptLoggerCriticalMsgCountAttr] - if !criticalMsgCountExists { - return 0, nil, newMissingArgumentError(config.name, adaptLoggerCriticalMsgCountAttr) - } - criticalMsgCount, err := strconv.ParseUint(criticalMsgCountStr, 10, 32) - if err != nil { - return 0, nil, err - } - - logData = adaptiveLoggerData{uint32(minInterval), uint32(maxInterval), uint32(criticalMsgCount)} - } - - return logType, logData, nil -} - -func getOutputsTree(config *xmlNode, formats map[string]*formatter, cfg *CfgParseParams) (dispatcherInterface, error) { - var outputsNode *xmlNode - for _, child := range config.children { - if child.name == outputsID { - outputsNode = child - break - } - } - - if outputsNode != nil { - err := checkUnexpectedAttribute(outputsNode, outputFormatID) - if err != nil { - return nil, err - } - - formatter, err := getCurrentFormat(outputsNode, DefaultFormatter, formats) - if err != nil { - return nil, err - } - - output, err := createSplitter(outputsNode, formatter, formats, cfg) - if err != nil { - return nil, err - } - - dispatcher, ok := output.(dispatcherInterface) - if ok { - return dispatcher, nil - } - } - - console, err := NewConsoleWriter() - if err != nil { - return nil, err - } - return NewSplitDispatcher(DefaultFormatter, []interface{}{console}) -} - -func getCurrentFormat(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter) (*formatter, error) { - formatID, isFormatID := node.attributes[outputFormatID] - if !isFormatID { - return formatFromParent, nil - } - - format, ok := formats[formatID] - if ok { - return format, nil - } - - // Test for predefined format match - pdFormat, pdOk := predefinedFormats[formatID] - - if !pdOk { - return nil, errors.New("formatid = '" + formatID + "' doesn't exist") - } - - return pdFormat, nil -} - -func createInnerReceivers(node *xmlNode, format *formatter, formats map[string]*formatter, cfg *CfgParseParams) ([]interface{}, error) { - var outputs []interface{} - for _, childNode := range node.children { - entry, ok := elementMap[childNode.name] - if !ok { - return nil, errors.New("unnknown tag '" + childNode.name + "' in outputs section") - } - - output, err := entry.constructor(childNode, format, formats, cfg) - if err != nil { - return nil, err - } - - outputs = append(outputs, output) - } - - return outputs, nil -} - -func createSplitter(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - err := checkUnexpectedAttribute(node, outputFormatID) - if err != nil { - return nil, err - } - - if !node.hasChildren() { - return nil, errNodeMustHaveChildren - } - - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - - receivers, err := createInnerReceivers(node, currentFormat, formats, cfg) - if err != nil { - return nil, err - } - - return NewSplitDispatcher(currentFormat, receivers) -} - -func createCustomReceiver(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - dataCustomPrefixes := make(map[string]string) - // Expecting only 'formatid', 'name' and 'data-' attrs - for attr, attrval := range node.attributes { - isExpected := false - if attr == outputFormatID || - attr == customNameAttrID { - isExpected = true - } - if strings.HasPrefix(attr, customNameDataAttrPrefix) { - dataCustomPrefixes[attr[len(customNameDataAttrPrefix):]] = attrval - isExpected = true - } - if !isExpected { - return nil, newUnexpectedAttributeError(node.name, attr) - } - } - - if node.hasChildren() { - return nil, errNodeCannotHaveChildren - } - customName, hasCustomName := node.attributes[customNameAttrID] - if !hasCustomName { - return nil, newMissingArgumentError(node.name, customNameAttrID) - } - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - args := CustomReceiverInitArgs{ - XmlCustomAttrs: dataCustomPrefixes, - } - - if cfg != nil && cfg.CustomReceiverProducers != nil { - if prod, ok := cfg.CustomReceiverProducers[customName]; ok { - rec, err := prod(args) - if err != nil { - return nil, err - } - creceiver, err := NewCustomReceiverDispatcherByValue(currentFormat, rec, customName, args) - if err != nil { - return nil, err - } - err = rec.AfterParse(args) - if err != nil { - return nil, err - } - return creceiver, nil - } - } - - return NewCustomReceiverDispatcher(currentFormat, customName, args) -} - -func createFilter(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - err := checkUnexpectedAttribute(node, outputFormatID, filterLevelsAttrID) - if err != nil { - return nil, err - } - - if !node.hasChildren() { - return nil, errNodeMustHaveChildren - } - - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - - levelsStr, isLevels := node.attributes[filterLevelsAttrID] - if !isLevels { - return nil, newMissingArgumentError(node.name, filterLevelsAttrID) - } - - levels, err := parseLevels(levelsStr) - if err != nil { - return nil, err - } - - receivers, err := createInnerReceivers(node, currentFormat, formats, cfg) - if err != nil { - return nil, err - } - - return NewFilterDispatcher(currentFormat, receivers, levels...) -} - -func createfileWriter(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - err := checkUnexpectedAttribute(node, outputFormatID, pathID) - if err != nil { - return nil, err - } - - if node.hasChildren() { - return nil, errNodeCannotHaveChildren - } - - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - - path, isPath := node.attributes[pathID] - if !isPath { - return nil, newMissingArgumentError(node.name, pathID) - } - - fileWriter, err := NewFileWriter(path) - if err != nil { - return nil, err - } - - return NewFormattedWriter(fileWriter, currentFormat) -} - -// Creates new SMTP writer if encountered in the config file. -func createSMTPWriter(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - err := checkUnexpectedAttribute(node, outputFormatID, senderaddressID, senderNameID, hostNameID, hostPortID, userNameID, userPassID, subjectID) - if err != nil { - return nil, err - } - // Node must have children. - if !node.hasChildren() { - return nil, errNodeMustHaveChildren - } - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - senderAddress, ok := node.attributes[senderaddressID] - if !ok { - return nil, newMissingArgumentError(node.name, senderaddressID) - } - senderName, ok := node.attributes[senderNameID] - if !ok { - return nil, newMissingArgumentError(node.name, senderNameID) - } - // Process child nodes scanning for recipient email addresses and/or CA certificate paths. - var recipientAddresses []string - var caCertDirPaths []string - var mailHeaders []string - for _, childNode := range node.children { - switch childNode.name { - // Extract recipient address from child nodes. - case recipientID: - address, ok := childNode.attributes[addressID] - if !ok { - return nil, newMissingArgumentError(childNode.name, addressID) - } - recipientAddresses = append(recipientAddresses, address) - // Extract CA certificate file path from child nodes. - case cACertDirpathID: - path, ok := childNode.attributes[pathID] - if !ok { - return nil, newMissingArgumentError(childNode.name, pathID) - } - caCertDirPaths = append(caCertDirPaths, path) - - // Extract email headers from child nodes. - case mailHeaderID: - headerName, ok := childNode.attributes[mailHeaderNameID] - if !ok { - return nil, newMissingArgumentError(childNode.name, mailHeaderNameID) - } - - headerValue, ok := childNode.attributes[mailHeaderValueID] - if !ok { - return nil, newMissingArgumentError(childNode.name, mailHeaderValueID) - } - - // Build header line - mailHeaders = append(mailHeaders, fmt.Sprintf("%s: %s", headerName, headerValue)) - default: - return nil, newUnexpectedChildElementError(childNode.name) - } - } - hostName, ok := node.attributes[hostNameID] - if !ok { - return nil, newMissingArgumentError(node.name, hostNameID) - } - - hostPort, ok := node.attributes[hostPortID] - if !ok { - return nil, newMissingArgumentError(node.name, hostPortID) - } - - // Check if the string can really be converted into int. - if _, err := strconv.Atoi(hostPort); err != nil { - return nil, errors.New("invalid host port number") - } - - userName, ok := node.attributes[userNameID] - if !ok { - return nil, newMissingArgumentError(node.name, userNameID) - } - - userPass, ok := node.attributes[userPassID] - if !ok { - return nil, newMissingArgumentError(node.name, userPassID) - } - - // subject is optionally set by configuration. - // default value is defined by DefaultSubjectPhrase constant in the writers_smtpwriter.go - var subjectPhrase = DefaultSubjectPhrase - - subject, ok := node.attributes[subjectID] - if ok { - subjectPhrase = subject - } - - smtpWriter := NewSMTPWriter( - senderAddress, - senderName, - recipientAddresses, - hostName, - hostPort, - userName, - userPass, - caCertDirPaths, - subjectPhrase, - mailHeaders, - ) - - return NewFormattedWriter(smtpWriter, currentFormat) -} - -func createConsoleWriter(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - err := checkUnexpectedAttribute(node, outputFormatID) - if err != nil { - return nil, err - } - - if node.hasChildren() { - return nil, errNodeCannotHaveChildren - } - - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - - consoleWriter, err := NewConsoleWriter() - if err != nil { - return nil, err - } - - return NewFormattedWriter(consoleWriter, currentFormat) -} - -func createconnWriter(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - if node.hasChildren() { - return nil, errNodeCannotHaveChildren - } - - err := checkUnexpectedAttribute(node, outputFormatID, connWriterAddrAttr, connWriterNetAttr, connWriterReconnectOnMsgAttr, connWriterUseTLSAttr, connWriterInsecureSkipVerifyAttr) - if err != nil { - return nil, err - } - - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - - addr, isAddr := node.attributes[connWriterAddrAttr] - if !isAddr { - return nil, newMissingArgumentError(node.name, connWriterAddrAttr) - } - - net, isNet := node.attributes[connWriterNetAttr] - if !isNet { - return nil, newMissingArgumentError(node.name, connWriterNetAttr) - } - - reconnectOnMsg := false - reconnectOnMsgStr, isReconnectOnMsgStr := node.attributes[connWriterReconnectOnMsgAttr] - if isReconnectOnMsgStr { - if reconnectOnMsgStr == "true" { - reconnectOnMsg = true - } else if reconnectOnMsgStr == "false" { - reconnectOnMsg = false - } else { - return nil, errors.New("node '" + node.name + "' has incorrect '" + connWriterReconnectOnMsgAttr + "' attribute value") - } - } - - useTLS := false - useTLSStr, isUseTLSStr := node.attributes[connWriterUseTLSAttr] - if isUseTLSStr { - if useTLSStr == "true" { - useTLS = true - } else if useTLSStr == "false" { - useTLS = false - } else { - return nil, errors.New("node '" + node.name + "' has incorrect '" + connWriterUseTLSAttr + "' attribute value") - } - if useTLS { - insecureSkipVerify := false - insecureSkipVerifyStr, isInsecureSkipVerify := node.attributes[connWriterInsecureSkipVerifyAttr] - if isInsecureSkipVerify { - if insecureSkipVerifyStr == "true" { - insecureSkipVerify = true - } else if insecureSkipVerifyStr == "false" { - insecureSkipVerify = false - } else { - return nil, errors.New("node '" + node.name + "' has incorrect '" + connWriterInsecureSkipVerifyAttr + "' attribute value") - } - } - config := tls.Config{InsecureSkipVerify: insecureSkipVerify} - connWriter := newTLSWriter(net, addr, reconnectOnMsg, &config) - return NewFormattedWriter(connWriter, currentFormat) - } - } - - connWriter := NewConnWriter(net, addr, reconnectOnMsg) - - return NewFormattedWriter(connWriter, currentFormat) -} - -func createRollingFileWriter(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - if node.hasChildren() { - return nil, errNodeCannotHaveChildren - } - - rollingTypeStr, isRollingType := node.attributes[rollingFileTypeAttr] - if !isRollingType { - return nil, newMissingArgumentError(node.name, rollingFileTypeAttr) - } - - rollingType, ok := rollingTypeFromString(rollingTypeStr) - if !ok { - return nil, errors.New("unknown rolling file type: " + rollingTypeStr) - } - - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - - path, isPath := node.attributes[rollingFilePathAttr] - if !isPath { - return nil, newMissingArgumentError(node.name, rollingFilePathAttr) - } - - rollingArchiveStr, archiveAttrExists := node.attributes[rollingFileArchiveAttr] - - var rArchiveType rollingArchiveType - var rArchivePath string - var rArchiveExploded bool = false - if !archiveAttrExists { - rArchiveType = rollingArchiveNone - rArchivePath = "" - } else { - rArchiveType, ok = rollingArchiveTypeFromString(rollingArchiveStr) - if !ok { - return nil, errors.New("unknown rolling archive type: " + rollingArchiveStr) - } - - if rArchiveType == rollingArchiveNone { - rArchivePath = "" - } else { - if rArchiveExplodedAttr, ok := node.attributes[rollingFileArchiveExplodedAttr]; ok { - if rArchiveExploded, err = strconv.ParseBool(rArchiveExplodedAttr); err != nil { - return nil, fmt.Errorf("archive exploded should be true or false, but was %v", - rArchiveExploded) - } - } - - rArchivePath, ok = node.attributes[rollingFileArchivePathAttr] - if ok { - if rArchivePath == "" { - return nil, fmt.Errorf("empty archive path is not supported") - } - } else { - if rArchiveExploded { - rArchivePath = rollingArchiveDefaultExplodedName - - } else { - rArchivePath, err = rollingArchiveTypeDefaultName(rArchiveType, false) - if err != nil { - return nil, err - } - } - } - } - } - - nameMode := rollingNameMode(rollingNameModePostfix) - nameModeStr, ok := node.attributes[rollingFileNameModeAttr] - if ok { - mode, found := rollingNameModeFromString(nameModeStr) - if !found { - return nil, errors.New("unknown rolling filename mode: " + nameModeStr) - } else { - nameMode = mode - } - } - - if rollingType == rollingTypeSize { - err := checkUnexpectedAttribute(node, outputFormatID, rollingFileTypeAttr, rollingFilePathAttr, - rollingFileMaxSizeAttr, rollingFileMaxRollsAttr, rollingFileArchiveAttr, - rollingFileArchivePathAttr, rollingFileArchiveExplodedAttr, rollingFileNameModeAttr) - if err != nil { - return nil, err - } - - maxSizeStr, ok := node.attributes[rollingFileMaxSizeAttr] - if !ok { - return nil, newMissingArgumentError(node.name, rollingFileMaxSizeAttr) - } - - maxSize, err := strconv.ParseInt(maxSizeStr, 10, 64) - if err != nil { - return nil, err - } - - maxRolls := 0 - maxRollsStr, ok := node.attributes[rollingFileMaxRollsAttr] - if ok { - maxRolls, err = strconv.Atoi(maxRollsStr) - if err != nil { - return nil, err - } - } - - rollingWriter, err := NewRollingFileWriterSize(path, rArchiveType, rArchivePath, maxSize, maxRolls, nameMode, rArchiveExploded) - if err != nil { - return nil, err - } - - return NewFormattedWriter(rollingWriter, currentFormat) - - } else if rollingType == rollingTypeTime { - err := checkUnexpectedAttribute(node, outputFormatID, rollingFileTypeAttr, rollingFilePathAttr, - rollingFileDataPatternAttr, rollingFileArchiveAttr, rollingFileMaxRollsAttr, - rollingFileArchivePathAttr, rollingFileArchiveExplodedAttr, rollingFileNameModeAttr, - rollingFileFullNameAttr) - if err != nil { - return nil, err - } - - maxRolls := 0 - maxRollsStr, ok := node.attributes[rollingFileMaxRollsAttr] - if ok { - maxRolls, err = strconv.Atoi(maxRollsStr) - if err != nil { - return nil, err - } - } - - fullName := false - fn, ok := node.attributes[rollingFileFullNameAttr] - if ok { - if fn == "true" { - fullName = true - } else if fn == "false" { - fullName = false - } else { - return nil, errors.New("node '" + node.name + "' has incorrect '" + rollingFileFullNameAttr + "' attribute value") - } - } - - dataPattern, ok := node.attributes[rollingFileDataPatternAttr] - if !ok { - return nil, newMissingArgumentError(node.name, rollingFileDataPatternAttr) - } - - rollingWriter, err := NewRollingFileWriterTime(path, rArchiveType, rArchivePath, maxRolls, dataPattern, nameMode, rArchiveExploded, fullName) - if err != nil { - return nil, err - } - - return NewFormattedWriter(rollingWriter, currentFormat) - } - - return nil, errors.New("incorrect rolling writer type " + rollingTypeStr) -} - -func createbufferedWriter(node *xmlNode, formatFromParent *formatter, formats map[string]*formatter, cfg *CfgParseParams) (interface{}, error) { - err := checkUnexpectedAttribute(node, outputFormatID, bufferedSizeAttr, bufferedFlushPeriodAttr) - if err != nil { - return nil, err - } - - if !node.hasChildren() { - return nil, errNodeMustHaveChildren - } - - currentFormat, err := getCurrentFormat(node, formatFromParent, formats) - if err != nil { - return nil, err - } - - sizeStr, isSize := node.attributes[bufferedSizeAttr] - if !isSize { - return nil, newMissingArgumentError(node.name, bufferedSizeAttr) - } - - size, err := strconv.Atoi(sizeStr) - if err != nil { - return nil, err - } - - flushPeriod := 0 - flushPeriodStr, isFlushPeriod := node.attributes[bufferedFlushPeriodAttr] - if isFlushPeriod { - flushPeriod, err = strconv.Atoi(flushPeriodStr) - if err != nil { - return nil, err - } - } - - // Inner writer couldn't have its own format, so we pass 'currentFormat' as its parent format - receivers, err := createInnerReceivers(node, currentFormat, formats, cfg) - if err != nil { - return nil, err - } - - formattedWriter, ok := receivers[0].(*formattedWriter) - if !ok { - return nil, errors.New("buffered writer's child is not writer") - } - - // ... and then we check that it hasn't changed - if formattedWriter.Format() != currentFormat { - return nil, errors.New("inner writer cannot have his own format") - } - - bufferedWriter, err := NewBufferedWriter(formattedWriter.Writer(), size, time.Duration(flushPeriod)) - if err != nil { - return nil, err - } - - return NewFormattedWriter(bufferedWriter, currentFormat) -} - -// Returns an error if node has any attributes not listed in expectedAttrs. -func checkUnexpectedAttribute(node *xmlNode, expectedAttrs ...string) error { - for attr := range node.attributes { - isExpected := false - for _, expected := range expectedAttrs { - if attr == expected { - isExpected = true - break - } - } - if !isExpected { - return newUnexpectedAttributeError(node.name, attr) - } - } - - return nil -} - -type expectedElementInfo struct { - name string - mandatory bool - multiple bool -} - -func optionalElement(name string) expectedElementInfo { - return expectedElementInfo{name, false, false} -} -func mandatoryElement(name string) expectedElementInfo { - return expectedElementInfo{name, true, false} -} -func multipleElements(name string) expectedElementInfo { - return expectedElementInfo{name, false, true} -} -func multipleMandatoryElements(name string) expectedElementInfo { - return expectedElementInfo{name, true, true} -} - -func checkExpectedElements(node *xmlNode, elements ...expectedElementInfo) error { - for _, element := range elements { - count := 0 - for _, child := range node.children { - if child.name == element.name { - count++ - } - } - - if count == 0 && element.mandatory { - return errors.New(node.name + " does not have mandatory subnode - " + element.name) - } - if count > 1 && !element.multiple { - return errors.New(node.name + " has more then one subnode - " + element.name) - } - } - - for _, child := range node.children { - isExpected := false - for _, element := range elements { - if child.name == element.name { - isExpected = true - } - } - - if !isExpected { - return errors.New(node.name + " has unexpected child: " + child.name) - } - } - - return nil -} diff --git a/vendor/github.com/cihub/seelog/common_closer.go b/vendor/github.com/cihub/seelog/common_closer.go deleted file mode 100644 index 1319c221..00000000 --- a/vendor/github.com/cihub/seelog/common_closer.go +++ /dev/null @@ -1,25 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog diff --git a/vendor/github.com/cihub/seelog/common_constraints.go b/vendor/github.com/cihub/seelog/common_constraints.go deleted file mode 100644 index 7ec2fe5b..00000000 --- a/vendor/github.com/cihub/seelog/common_constraints.go +++ /dev/null @@ -1,162 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "strings" -) - -// Represents constraints which form a general rule for log levels selection -type logLevelConstraints interface { - IsAllowed(level LogLevel) bool -} - -// A minMaxConstraints represents constraints which use minimal and maximal allowed log levels. -type minMaxConstraints struct { - min LogLevel - max LogLevel -} - -// NewMinMaxConstraints creates a new minMaxConstraints struct with the specified min and max levels. -func NewMinMaxConstraints(min LogLevel, max LogLevel) (*minMaxConstraints, error) { - if min > max { - return nil, fmt.Errorf("min level can't be greater than max. Got min: %d, max: %d", min, max) - } - if min < TraceLvl || min > CriticalLvl { - return nil, fmt.Errorf("min level can't be less than Trace or greater than Critical. Got min: %d", min) - } - if max < TraceLvl || max > CriticalLvl { - return nil, fmt.Errorf("max level can't be less than Trace or greater than Critical. Got max: %d", max) - } - - return &minMaxConstraints{min, max}, nil -} - -// IsAllowed returns true, if log level is in [min, max] range (inclusive). -func (minMaxConstr *minMaxConstraints) IsAllowed(level LogLevel) bool { - return level >= minMaxConstr.min && level <= minMaxConstr.max -} - -func (minMaxConstr *minMaxConstraints) String() string { - return fmt.Sprintf("Min: %s. Max: %s", minMaxConstr.min, minMaxConstr.max) -} - -//======================================================= - -// A listConstraints represents constraints which use allowed log levels list. -type listConstraints struct { - allowedLevels map[LogLevel]bool -} - -// NewListConstraints creates a new listConstraints struct with the specified allowed levels. -func NewListConstraints(allowList []LogLevel) (*listConstraints, error) { - if allowList == nil { - return nil, errors.New("list can't be nil") - } - - allowLevels, err := createMapFromList(allowList) - if err != nil { - return nil, err - } - err = validateOffLevel(allowLevels) - if err != nil { - return nil, err - } - - return &listConstraints{allowLevels}, nil -} - -func (listConstr *listConstraints) String() string { - allowedList := "List: " - - listLevel := make([]string, len(listConstr.allowedLevels)) - - var logLevel LogLevel - i := 0 - for logLevel = TraceLvl; logLevel <= Off; logLevel++ { - if listConstr.allowedLevels[logLevel] { - listLevel[i] = logLevel.String() - i++ - } - } - - allowedList += strings.Join(listLevel, ",") - - return allowedList -} - -func createMapFromList(allowedList []LogLevel) (map[LogLevel]bool, error) { - allowedLevels := make(map[LogLevel]bool, 0) - for _, level := range allowedList { - if level < TraceLvl || level > Off { - return nil, fmt.Errorf("level can't be less than Trace or greater than Critical. Got level: %d", level) - } - allowedLevels[level] = true - } - return allowedLevels, nil -} -func validateOffLevel(allowedLevels map[LogLevel]bool) error { - if _, ok := allowedLevels[Off]; ok && len(allowedLevels) > 1 { - return errors.New("logLevel Off cant be mixed with other levels") - } - - return nil -} - -// IsAllowed returns true, if log level is in allowed log levels list. -// If the list contains the only item 'common.Off' then IsAllowed will always return false for any input values. -func (listConstr *listConstraints) IsAllowed(level LogLevel) bool { - for l := range listConstr.allowedLevels { - if l == level && level != Off { - return true - } - } - - return false -} - -// AllowedLevels returns allowed levels configuration as a map. -func (listConstr *listConstraints) AllowedLevels() map[LogLevel]bool { - return listConstr.allowedLevels -} - -//======================================================= - -type offConstraints struct { -} - -func NewOffConstraints() (*offConstraints, error) { - return &offConstraints{}, nil -} - -func (offConstr *offConstraints) IsAllowed(level LogLevel) bool { - return false -} - -func (offConstr *offConstraints) String() string { - return "Off constraint" -} diff --git a/vendor/github.com/cihub/seelog/common_context.go b/vendor/github.com/cihub/seelog/common_context.go deleted file mode 100644 index 230a76ca..00000000 --- a/vendor/github.com/cihub/seelog/common_context.go +++ /dev/null @@ -1,234 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "os" - "path/filepath" - "runtime" - "strings" - "sync" - "time" -) - -var ( - workingDir = "/" - stackCache map[uintptr]*logContext - stackCacheLock sync.RWMutex -) - -func init() { - wd, err := os.Getwd() - if err == nil { - workingDir = filepath.ToSlash(wd) + "/" - } - stackCache = make(map[uintptr]*logContext) -} - -// Represents runtime caller context. -type LogContextInterface interface { - // Caller's function name. - Func() string - // Caller's line number. - Line() int - // Caller's file short path (in slashed form). - ShortPath() string - // Caller's file full path (in slashed form). - FullPath() string - // Caller's file name (without path). - FileName() string - // True if the context is correct and may be used. - // If false, then an error in context evaluation occurred and - // all its other data may be corrupted. - IsValid() bool - // Time when log function was called. - CallTime() time.Time - // Custom context that can be set by calling logger.SetContext - CustomContext() interface{} -} - -// Returns context of the caller -func currentContext(custom interface{}) (LogContextInterface, error) { - return specifyContext(1, custom) -} - -func extractCallerInfo(skip int) (*logContext, error) { - var stack [1]uintptr - if runtime.Callers(skip+1, stack[:]) != 1 { - return nil, errors.New("error during runtime.Callers") - } - pc := stack[0] - - // do we have a cache entry? - stackCacheLock.RLock() - ctx, ok := stackCache[pc] - stackCacheLock.RUnlock() - if ok { - return ctx, nil - } - - // look up the details of the given caller - funcInfo := runtime.FuncForPC(pc) - if funcInfo == nil { - return nil, errors.New("error during runtime.FuncForPC") - } - - var shortPath string - fullPath, line := funcInfo.FileLine(pc) - if strings.HasPrefix(fullPath, workingDir) { - shortPath = fullPath[len(workingDir):] - } else { - shortPath = fullPath - } - funcName := funcInfo.Name() - if strings.HasPrefix(funcName, workingDir) { - funcName = funcName[len(workingDir):] - } - - ctx = &logContext{ - funcName: funcName, - line: line, - shortPath: shortPath, - fullPath: fullPath, - fileName: filepath.Base(fullPath), - } - - // save the details in the cache; note that it's possible we might - // have written an entry into the map in between the test above and - // this section, but the behaviour is still correct - stackCacheLock.Lock() - stackCache[pc] = ctx - stackCacheLock.Unlock() - return ctx, nil -} - -// Returns context of the function with placed "skip" stack frames of the caller -// If skip == 0 then behaves like currentContext -// Context is returned in any situation, even if error occurs. But, if an error -// occurs, the returned context is an error context, which contains no paths -// or names, but states that they can't be extracted. -func specifyContext(skip int, custom interface{}) (LogContextInterface, error) { - callTime := time.Now() - if skip < 0 { - err := fmt.Errorf("can not skip negative stack frames") - return &errorContext{callTime, err}, err - } - caller, err := extractCallerInfo(skip + 2) - if err != nil { - return &errorContext{callTime, err}, err - } - ctx := new(logContext) - *ctx = *caller - ctx.callTime = callTime - ctx.custom = custom - return ctx, nil -} - -// Represents a normal runtime caller context. -type logContext struct { - funcName string - line int - shortPath string - fullPath string - fileName string - callTime time.Time - custom interface{} -} - -func (context *logContext) IsValid() bool { - return true -} - -func (context *logContext) Func() string { - return context.funcName -} - -func (context *logContext) Line() int { - return context.line -} - -func (context *logContext) ShortPath() string { - return context.shortPath -} - -func (context *logContext) FullPath() string { - return context.fullPath -} - -func (context *logContext) FileName() string { - return context.fileName -} - -func (context *logContext) CallTime() time.Time { - return context.callTime -} - -func (context *logContext) CustomContext() interface{} { - return context.custom -} - -// Represents an error context -type errorContext struct { - errorTime time.Time - err error -} - -func (errContext *errorContext) getErrorText(prefix string) string { - return fmt.Sprintf("%s() error: %s", prefix, errContext.err) -} - -func (errContext *errorContext) IsValid() bool { - return false -} - -func (errContext *errorContext) Line() int { - return -1 -} - -func (errContext *errorContext) Func() string { - return errContext.getErrorText("Func") -} - -func (errContext *errorContext) ShortPath() string { - return errContext.getErrorText("ShortPath") -} - -func (errContext *errorContext) FullPath() string { - return errContext.getErrorText("FullPath") -} - -func (errContext *errorContext) FileName() string { - return errContext.getErrorText("FileName") -} - -func (errContext *errorContext) CallTime() time.Time { - return errContext.errorTime -} - -func (errContext *errorContext) CustomContext() interface{} { - return nil -} diff --git a/vendor/github.com/cihub/seelog/common_exception.go b/vendor/github.com/cihub/seelog/common_exception.go deleted file mode 100644 index 9acc2750..00000000 --- a/vendor/github.com/cihub/seelog/common_exception.go +++ /dev/null @@ -1,194 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "regexp" - "strings" -) - -// Used in rules creation to validate input file and func filters -var ( - fileFormatValidator = regexp.MustCompile(`[a-zA-Z0-9\\/ _\*\.]*`) - funcFormatValidator = regexp.MustCompile(`[a-zA-Z0-9_\*\.]*`) -) - -// LogLevelException represents an exceptional case used when you need some specific files or funcs to -// override general constraints and to use their own. -type LogLevelException struct { - funcPatternParts []string - filePatternParts []string - - funcPattern string - filePattern string - - constraints logLevelConstraints -} - -// NewLogLevelException creates a new exception. -func NewLogLevelException(funcPattern string, filePattern string, constraints logLevelConstraints) (*LogLevelException, error) { - if constraints == nil { - return nil, errors.New("constraints can not be nil") - } - - exception := new(LogLevelException) - - err := exception.initFuncPatternParts(funcPattern) - if err != nil { - return nil, err - } - exception.funcPattern = strings.Join(exception.funcPatternParts, "") - - err = exception.initFilePatternParts(filePattern) - if err != nil { - return nil, err - } - exception.filePattern = strings.Join(exception.filePatternParts, "") - - exception.constraints = constraints - - return exception, nil -} - -// MatchesContext returns true if context matches the patterns of this LogLevelException -func (logLevelEx *LogLevelException) MatchesContext(context LogContextInterface) bool { - return logLevelEx.match(context.Func(), context.FullPath()) -} - -// IsAllowed returns true if log level is allowed according to the constraints of this LogLevelException -func (logLevelEx *LogLevelException) IsAllowed(level LogLevel) bool { - return logLevelEx.constraints.IsAllowed(level) -} - -// FuncPattern returns the function pattern of a exception -func (logLevelEx *LogLevelException) FuncPattern() string { - return logLevelEx.funcPattern -} - -// FuncPattern returns the file pattern of a exception -func (logLevelEx *LogLevelException) FilePattern() string { - return logLevelEx.filePattern -} - -// initFuncPatternParts checks whether the func filter has a correct format and splits funcPattern on parts -func (logLevelEx *LogLevelException) initFuncPatternParts(funcPattern string) (err error) { - - if funcFormatValidator.FindString(funcPattern) != funcPattern { - return errors.New("func path \"" + funcPattern + "\" contains incorrect symbols. Only a-z A-Z 0-9 _ * . allowed)") - } - - logLevelEx.funcPatternParts = splitPattern(funcPattern) - return nil -} - -// Checks whether the file filter has a correct format and splits file patterns using splitPattern. -func (logLevelEx *LogLevelException) initFilePatternParts(filePattern string) (err error) { - - if fileFormatValidator.FindString(filePattern) != filePattern { - return errors.New("file path \"" + filePattern + "\" contains incorrect symbols. Only a-z A-Z 0-9 \\ / _ * . allowed)") - } - - logLevelEx.filePatternParts = splitPattern(filePattern) - return err -} - -func (logLevelEx *LogLevelException) match(funcPath string, filePath string) bool { - if !stringMatchesPattern(logLevelEx.funcPatternParts, funcPath) { - return false - } - return stringMatchesPattern(logLevelEx.filePatternParts, filePath) -} - -func (logLevelEx *LogLevelException) String() string { - str := fmt.Sprintf("Func: %s File: %s", logLevelEx.funcPattern, logLevelEx.filePattern) - - if logLevelEx.constraints != nil { - str += fmt.Sprintf("Constr: %s", logLevelEx.constraints) - } else { - str += "nil" - } - - return str -} - -// splitPattern splits pattern into strings and asterisks. Example: "ab*cde**f" -> ["ab", "*", "cde", "*", "f"] -func splitPattern(pattern string) []string { - var patternParts []string - var lastChar rune - for _, char := range pattern { - if char == '*' { - if lastChar != '*' { - patternParts = append(patternParts, "*") - } - } else { - if len(patternParts) != 0 && lastChar != '*' { - patternParts[len(patternParts)-1] += string(char) - } else { - patternParts = append(patternParts, string(char)) - } - } - lastChar = char - } - - return patternParts -} - -// stringMatchesPattern check whether testString matches pattern with asterisks. -// Standard regexp functionality is not used here because of performance issues. -func stringMatchesPattern(patternparts []string, testString string) bool { - if len(patternparts) == 0 { - return len(testString) == 0 - } - - part := patternparts[0] - if part != "*" { - index := strings.Index(testString, part) - if index == 0 { - return stringMatchesPattern(patternparts[1:], testString[len(part):]) - } - } else { - if len(patternparts) == 1 { - return true - } - - newTestString := testString - part = patternparts[1] - for { - index := strings.Index(newTestString, part) - if index == -1 { - break - } - - newTestString = newTestString[index+len(part):] - result := stringMatchesPattern(patternparts[2:], newTestString) - if result { - return true - } - } - } - return false -} diff --git a/vendor/github.com/cihub/seelog/common_flusher.go b/vendor/github.com/cihub/seelog/common_flusher.go deleted file mode 100644 index 0ef077c8..00000000 --- a/vendor/github.com/cihub/seelog/common_flusher.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -// flusherInterface represents all objects that have to do cleanup -// at certain moments of time (e.g. before app shutdown to avoid data loss) -type flusherInterface interface { - Flush() -} diff --git a/vendor/github.com/cihub/seelog/common_loglevel.go b/vendor/github.com/cihub/seelog/common_loglevel.go deleted file mode 100644 index d54ecf27..00000000 --- a/vendor/github.com/cihub/seelog/common_loglevel.go +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -// Log level type -type LogLevel uint8 - -// Log levels -const ( - TraceLvl = iota - DebugLvl - InfoLvl - WarnLvl - ErrorLvl - CriticalLvl - Off -) - -// Log level string representations (used in configuration files) -const ( - TraceStr = "trace" - DebugStr = "debug" - InfoStr = "info" - WarnStr = "warn" - ErrorStr = "error" - CriticalStr = "critical" - OffStr = "off" -) - -var levelToStringRepresentations = map[LogLevel]string{ - TraceLvl: TraceStr, - DebugLvl: DebugStr, - InfoLvl: InfoStr, - WarnLvl: WarnStr, - ErrorLvl: ErrorStr, - CriticalLvl: CriticalStr, - Off: OffStr, -} - -// LogLevelFromString parses a string and returns a corresponding log level, if sucessfull. -func LogLevelFromString(levelStr string) (level LogLevel, found bool) { - for lvl, lvlStr := range levelToStringRepresentations { - if lvlStr == levelStr { - return lvl, true - } - } - - return 0, false -} - -// LogLevelToString returns seelog string representation for a specified level. Returns "" for invalid log levels. -func (level LogLevel) String() string { - levelStr, ok := levelToStringRepresentations[level] - if ok { - return levelStr - } - - return "" -} diff --git a/vendor/github.com/cihub/seelog/dispatch_custom.go b/vendor/github.com/cihub/seelog/dispatch_custom.go deleted file mode 100644 index 383a7705..00000000 --- a/vendor/github.com/cihub/seelog/dispatch_custom.go +++ /dev/null @@ -1,242 +0,0 @@ -// Copyright (c) 2013 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "reflect" - "sort" -) - -var registeredReceivers = make(map[string]reflect.Type) - -// RegisterReceiver records a custom receiver type, identified by a value -// of that type (second argument), under the specified name. Registered -// names can be used in the "name" attribute of config items. -// -// RegisterReceiver takes the type of the receiver argument, without taking -// the value into the account. So do NOT enter any data to the second argument -// and only call it like: -// RegisterReceiver("somename", &MyReceiverType{}) -// -// After that, when a '' config tag with this name is used, -// a receiver of the specified type would be instantiated. Check -// CustomReceiver comments for interface details. -// -// NOTE 1: RegisterReceiver fails if you attempt to register different types -// with the same name. -// -// NOTE 2: RegisterReceiver registers those receivers that must be used in -// the configuration files ( items). Basically it is just the way -// you tell seelog config parser what should it do when it meets a -// tag with a specific name and data attributes. -// -// But If you are only using seelog as a proxy to an already instantiated -// CustomReceiver (via LoggerFromCustomReceiver func), you should not call RegisterReceiver. -func RegisterReceiver(name string, receiver CustomReceiver) { - newType := reflect.TypeOf(reflect.ValueOf(receiver).Elem().Interface()) - if t, ok := registeredReceivers[name]; ok && t != newType { - panic(fmt.Sprintf("duplicate types for %s: %s != %s", name, t, newType)) - } - registeredReceivers[name] = newType -} - -func customReceiverByName(name string) (creceiver CustomReceiver, err error) { - rt, ok := registeredReceivers[name] - if !ok { - return nil, fmt.Errorf("custom receiver name not registered: '%s'", name) - } - v, ok := reflect.New(rt).Interface().(CustomReceiver) - if !ok { - return nil, fmt.Errorf("cannot instantiate receiver with name='%s'", name) - } - return v, nil -} - -// CustomReceiverInitArgs represent arguments passed to the CustomReceiver.Init -// func when custom receiver is being initialized. -type CustomReceiverInitArgs struct { - // XmlCustomAttrs represent '' xml config item attributes that - // start with "data-". Map keys will be the attribute names without the "data-". - // Map values will the those attribute values. - // - // E.g. if you have a '' - // you will get map with 2 key-value pairs: "attr1"->"a1", "attr2"->"a2" - // - // Note that in custom items you can only use allowed attributes, like "name" and - // your custom attributes, starting with "data-". Any other will lead to a - // parsing error. - XmlCustomAttrs map[string]string -} - -// CustomReceiver is the interface that external custom seelog message receivers -// must implement in order to be able to process seelog messages. Those receivers -// are set in the xml config file using the tag. Check receivers reference -// wiki section on that. -// -// Use seelog.RegisterReceiver on the receiver type before using it. -type CustomReceiver interface { - // ReceiveMessage is called when the custom receiver gets seelog message from - // a parent dispatcher. - // - // Message, level and context args represent all data that was included in the seelog - // message at the time it was logged. - // - // The formatting is already applied to the message and depends on the config - // like with any other receiver. - // - // If you would like to inform seelog of an error that happened during the handling of - // the message, return a non-nil error. This way you'll end up seeing your error like - // any other internal seelog error. - ReceiveMessage(message string, level LogLevel, context LogContextInterface) error - - // AfterParse is called immediately after your custom receiver is instantiated by - // the xml config parser. So, if you need to do any startup logic after config parsing, - // like opening file or allocating any resources after the receiver is instantiated, do it here. - // - // If this func returns a non-nil error, then the loading procedure will fail. E.g. - // if you are loading a seelog xml config, the parser would not finish the loading - // procedure and inform about an error like with any other config error. - // - // If your custom logger needs some configuration, you can use custom attributes in - // your config. Check CustomReceiverInitArgs.XmlCustomAttrs comments. - // - // IMPORTANT: This func is NOT called when the LoggerFromCustomReceiver func is used - // to create seelog proxy logger using the custom receiver. This func is only called when - // receiver is instantiated from a config. - AfterParse(initArgs CustomReceiverInitArgs) error - - // Flush is called when the custom receiver gets a 'flush' directive from a - // parent receiver. If custom receiver implements some kind of buffering or - // queing, then the appropriate reaction on a flush message is synchronous - // flushing of all those queues/buffers. If custom receiver doesn't have - // such mechanisms, then flush implementation may be left empty. - Flush() - - // Close is called when the custom receiver gets a 'close' directive from a - // parent receiver. This happens when a top-level seelog dispatcher is sending - // 'close' to all child nodes and it means that current seelog logger is being closed. - // If you need to do any cleanup after your custom receiver is done, you should do - // it here. - Close() error -} - -type customReceiverDispatcher struct { - formatter *formatter - innerReceiver CustomReceiver - customReceiverName string - usedArgs CustomReceiverInitArgs -} - -// NewCustomReceiverDispatcher creates a customReceiverDispatcher which dispatches data to a specific receiver created -// using a tag in the config file. -func NewCustomReceiverDispatcher(formatter *formatter, customReceiverName string, cArgs CustomReceiverInitArgs) (*customReceiverDispatcher, error) { - if formatter == nil { - return nil, errors.New("formatter cannot be nil") - } - if len(customReceiverName) == 0 { - return nil, errors.New("custom receiver name cannot be empty") - } - - creceiver, err := customReceiverByName(customReceiverName) - if err != nil { - return nil, err - } - err = creceiver.AfterParse(cArgs) - if err != nil { - return nil, err - } - disp := &customReceiverDispatcher{formatter, creceiver, customReceiverName, cArgs} - - return disp, nil -} - -// NewCustomReceiverDispatcherByValue is basically the same as NewCustomReceiverDispatcher, but using -// a specific CustomReceiver value instead of instantiating a new one by type. -func NewCustomReceiverDispatcherByValue(formatter *formatter, customReceiver CustomReceiver, name string, cArgs CustomReceiverInitArgs) (*customReceiverDispatcher, error) { - if formatter == nil { - return nil, errors.New("formatter cannot be nil") - } - if customReceiver == nil { - return nil, errors.New("customReceiver cannot be nil") - } - disp := &customReceiverDispatcher{formatter, customReceiver, name, cArgs} - - return disp, nil -} - -// CustomReceiver implementation. Check CustomReceiver comments. -func (disp *customReceiverDispatcher) Dispatch( - message string, - level LogLevel, - context LogContextInterface, - errorFunc func(err error)) { - - defer func() { - if err := recover(); err != nil { - errorFunc(fmt.Errorf("panic in custom receiver '%s'.Dispatch: %s", reflect.TypeOf(disp.innerReceiver), err)) - } - }() - - err := disp.innerReceiver.ReceiveMessage(disp.formatter.Format(message, level, context), level, context) - if err != nil { - errorFunc(err) - } -} - -// CustomReceiver implementation. Check CustomReceiver comments. -func (disp *customReceiverDispatcher) Flush() { - disp.innerReceiver.Flush() -} - -// CustomReceiver implementation. Check CustomReceiver comments. -func (disp *customReceiverDispatcher) Close() error { - disp.innerReceiver.Flush() - - err := disp.innerReceiver.Close() - if err != nil { - return err - } - - return nil -} - -func (disp *customReceiverDispatcher) String() string { - datas := "" - skeys := make([]string, 0, len(disp.usedArgs.XmlCustomAttrs)) - for i := range disp.usedArgs.XmlCustomAttrs { - skeys = append(skeys, i) - } - sort.Strings(skeys) - for _, key := range skeys { - datas += fmt.Sprintf("<%s, %s> ", key, disp.usedArgs.XmlCustomAttrs[key]) - } - - str := fmt.Sprintf("Custom receiver %s [fmt='%s'],[data='%s'],[inner='%s']\n", - disp.customReceiverName, disp.formatter.String(), datas, disp.innerReceiver) - - return str -} diff --git a/vendor/github.com/cihub/seelog/dispatch_dispatcher.go b/vendor/github.com/cihub/seelog/dispatch_dispatcher.go deleted file mode 100644 index 2bd3b4a4..00000000 --- a/vendor/github.com/cihub/seelog/dispatch_dispatcher.go +++ /dev/null @@ -1,189 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "io" -) - -// A dispatcherInterface is used to dispatch message to all underlying receivers. -// Dispatch logic depends on given context and log level. Any errors are reported using errorFunc. -// Also, as underlying receivers may have a state, dispatcher has a ShuttingDown method which performs -// an immediate cleanup of all data that is stored in the receivers -type dispatcherInterface interface { - flusherInterface - io.Closer - Dispatch(message string, level LogLevel, context LogContextInterface, errorFunc func(err error)) -} - -type dispatcher struct { - formatter *formatter - writers []*formattedWriter - dispatchers []dispatcherInterface -} - -// Creates a dispatcher which dispatches data to a list of receivers. -// Each receiver should be either a Dispatcher or io.Writer, otherwise an error will be returned -func createDispatcher(formatter *formatter, receivers []interface{}) (*dispatcher, error) { - if formatter == nil { - return nil, errors.New("formatter cannot be nil") - } - if receivers == nil || len(receivers) == 0 { - return nil, errors.New("receivers cannot be nil or empty") - } - - disp := &dispatcher{formatter, make([]*formattedWriter, 0), make([]dispatcherInterface, 0)} - for _, receiver := range receivers { - writer, ok := receiver.(*formattedWriter) - if ok { - disp.writers = append(disp.writers, writer) - continue - } - - ioWriter, ok := receiver.(io.Writer) - if ok { - writer, err := NewFormattedWriter(ioWriter, disp.formatter) - if err != nil { - return nil, err - } - disp.writers = append(disp.writers, writer) - continue - } - - dispInterface, ok := receiver.(dispatcherInterface) - if ok { - disp.dispatchers = append(disp.dispatchers, dispInterface) - continue - } - - return nil, errors.New("method can receive either io.Writer or dispatcherInterface") - } - - return disp, nil -} - -func (disp *dispatcher) Dispatch( - message string, - level LogLevel, - context LogContextInterface, - errorFunc func(err error)) { - - for _, writer := range disp.writers { - err := writer.Write(message, level, context) - if err != nil { - errorFunc(err) - } - } - - for _, dispInterface := range disp.dispatchers { - dispInterface.Dispatch(message, level, context, errorFunc) - } -} - -// Flush goes through all underlying writers which implement flusherInterface interface -// and closes them. Recursively performs the same action for underlying dispatchers -func (disp *dispatcher) Flush() { - for _, disp := range disp.Dispatchers() { - disp.Flush() - } - - for _, formatWriter := range disp.Writers() { - flusher, ok := formatWriter.Writer().(flusherInterface) - if ok { - flusher.Flush() - } - } -} - -// Close goes through all underlying writers which implement io.Closer interface -// and closes them. Recursively performs the same action for underlying dispatchers -// Before closing, writers are flushed to prevent loss of any buffered data, so -// a call to Flush() func before Close() is not necessary -func (disp *dispatcher) Close() error { - for _, disp := range disp.Dispatchers() { - disp.Flush() - err := disp.Close() - if err != nil { - return err - } - } - - for _, formatWriter := range disp.Writers() { - flusher, ok := formatWriter.Writer().(flusherInterface) - if ok { - flusher.Flush() - } - - closer, ok := formatWriter.Writer().(io.Closer) - if ok { - err := closer.Close() - if err != nil { - return err - } - } - } - - return nil -} - -func (disp *dispatcher) Writers() []*formattedWriter { - return disp.writers -} - -func (disp *dispatcher) Dispatchers() []dispatcherInterface { - return disp.dispatchers -} - -func (disp *dispatcher) String() string { - str := "formatter: " + disp.formatter.String() + "\n" - - str += " ->Dispatchers:" - - if len(disp.dispatchers) == 0 { - str += "none\n" - } else { - str += "\n" - - for _, disp := range disp.dispatchers { - str += fmt.Sprintf(" ->%s", disp) - } - } - - str += " ->Writers:" - - if len(disp.writers) == 0 { - str += "none\n" - } else { - str += "\n" - - for _, writer := range disp.writers { - str += fmt.Sprintf(" ->%s\n", writer) - } - } - - return str -} diff --git a/vendor/github.com/cihub/seelog/dispatch_filterdispatcher.go b/vendor/github.com/cihub/seelog/dispatch_filterdispatcher.go deleted file mode 100644 index 9de8a722..00000000 --- a/vendor/github.com/cihub/seelog/dispatch_filterdispatcher.go +++ /dev/null @@ -1,66 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "fmt" -) - -// A filterDispatcher writes the given message to underlying receivers only if message log level -// is in the allowed list. -type filterDispatcher struct { - *dispatcher - allowList map[LogLevel]bool -} - -// NewFilterDispatcher creates a new filterDispatcher using a list of allowed levels. -func NewFilterDispatcher(formatter *formatter, receivers []interface{}, allowList ...LogLevel) (*filterDispatcher, error) { - disp, err := createDispatcher(formatter, receivers) - if err != nil { - return nil, err - } - - allows := make(map[LogLevel]bool) - for _, allowLevel := range allowList { - allows[allowLevel] = true - } - - return &filterDispatcher{disp, allows}, nil -} - -func (filter *filterDispatcher) Dispatch( - message string, - level LogLevel, - context LogContextInterface, - errorFunc func(err error)) { - isAllowed, ok := filter.allowList[level] - if ok && isAllowed { - filter.dispatcher.Dispatch(message, level, context, errorFunc) - } -} - -func (filter *filterDispatcher) String() string { - return fmt.Sprintf("filterDispatcher ->\n%s", filter.dispatcher) -} diff --git a/vendor/github.com/cihub/seelog/dispatch_splitdispatcher.go b/vendor/github.com/cihub/seelog/dispatch_splitdispatcher.go deleted file mode 100644 index 1d0fe7ea..00000000 --- a/vendor/github.com/cihub/seelog/dispatch_splitdispatcher.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "fmt" -) - -// A splitDispatcher just writes the given message to underlying receivers. (Splits the message stream.) -type splitDispatcher struct { - *dispatcher -} - -func NewSplitDispatcher(formatter *formatter, receivers []interface{}) (*splitDispatcher, error) { - disp, err := createDispatcher(formatter, receivers) - if err != nil { - return nil, err - } - - return &splitDispatcher{disp}, nil -} - -func (splitter *splitDispatcher) String() string { - return fmt.Sprintf("splitDispatcher ->\n%s", splitter.dispatcher.String()) -} diff --git a/vendor/github.com/cihub/seelog/doc.go b/vendor/github.com/cihub/seelog/doc.go deleted file mode 100644 index 2734c9cb..00000000 --- a/vendor/github.com/cihub/seelog/doc.go +++ /dev/null @@ -1,175 +0,0 @@ -// Copyright (c) 2014 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -/* -Package seelog implements logging functionality with flexible dispatching, filtering, and formatting. - -Creation - -To create a logger, use one of the following constructors: - func LoggerFromConfigAsBytes - func LoggerFromConfigAsFile - func LoggerFromConfigAsString - func LoggerFromWriterWithMinLevel - func LoggerFromWriterWithMinLevelAndFormat - func LoggerFromCustomReceiver (check https://github.com/cihub/seelog/wiki/Custom-receivers) -Example: - import log "github.com/cihub/seelog" - - func main() { - logger, err := log.LoggerFromConfigAsFile("seelog.xml") - if err != nil { - panic(err) - } - defer logger.Flush() - ... use logger ... - } -The "defer" line is important because if you are using asynchronous logger behavior, without this line you may end up losing some -messages when you close your application because they are processed in another non-blocking goroutine. To avoid that you -explicitly defer flushing all messages before closing. - -Usage - -Logger created using one of the LoggerFrom* funcs can be used directly by calling one of the main log funcs. -Example: - import log "github.com/cihub/seelog" - - func main() { - logger, err := log.LoggerFromConfigAsFile("seelog.xml") - if err != nil { - panic(err) - } - defer logger.Flush() - logger.Trace("test") - logger.Debugf("var = %s", "abc") - } - -Having loggers as variables is convenient if you are writing your own package with internal logging or if you have -several loggers with different options. -But for most standalone apps it is more convenient to use package level funcs and vars. There is a package level -var 'Current' made for it. You can replace it with another logger using 'ReplaceLogger' and then use package level funcs: - import log "github.com/cihub/seelog" - - func main() { - logger, err := log.LoggerFromConfigAsFile("seelog.xml") - if err != nil { - panic(err) - } - log.ReplaceLogger(logger) - defer log.Flush() - log.Trace("test") - log.Debugf("var = %s", "abc") - } -Last lines - log.Trace("test") - log.Debugf("var = %s", "abc") -do the same as - log.Current.Trace("test") - log.Current.Debugf("var = %s", "abc") -In this example the 'Current' logger was replaced using a 'ReplaceLogger' call and became equal to 'logger' variable created from config. -This way you are able to use package level funcs instead of passing the logger variable. - -Configuration - -Main seelog point is to configure logger via config files and not the code. -The configuration is read by LoggerFrom* funcs. These funcs read xml configuration from different sources and try -to create a logger using it. - -All the configuration features are covered in detail in the official wiki: https://github.com/cihub/seelog/wiki. -There are many sections covering different aspects of seelog, but the most important for understanding configs are: - https://github.com/cihub/seelog/wiki/Constraints-and-exceptions - https://github.com/cihub/seelog/wiki/Dispatchers-and-receivers - https://github.com/cihub/seelog/wiki/Formatting - https://github.com/cihub/seelog/wiki/Logger-types -After you understand these concepts, check the 'Reference' section on the main wiki page to get the up-to-date -list of dispatchers, receivers, formats, and logger types. - -Here is an example config with all these features: - - - - - - - - - - - - - - - - - - - - - -This config represents a logger with adaptive timeout between log messages (check logger types reference) which -logs to console, all.log, and errors.log depending on the log level. Its output formats also depend on log level. This logger will only -use log level 'debug' and higher (minlevel is set) for all files with names that don't start with 'test'. For files starting with 'test' -this logger prohibits all levels below 'error'. - -Configuration using code - -Although configuration using code is not recommended, it is sometimes needed and it is possible to do with seelog. Basically, what -you need to do to get started is to create constraints, exceptions and a dispatcher tree (same as with config). Most of the New* -functions in this package are used to provide such capabilities. - -Here is an example of configuration in code, that demonstrates an async loop logger that logs to a simple split dispatcher with -a console receiver using a specified format and is filtered using a top-level min-max constraints and one expection for -the 'main.go' file. So, this is basically a demonstration of configuration of most of the features: - - package main - - import log "github.com/cihub/seelog" - - func main() { - defer log.Flush() - log.Info("Hello from Seelog!") - - consoleWriter, _ := log.NewConsoleWriter() - formatter, _ := log.NewFormatter("%Level %Msg %File%n") - root, _ := log.NewSplitDispatcher(formatter, []interface{}{consoleWriter}) - constraints, _ := log.NewMinMaxConstraints(log.TraceLvl, log.CriticalLvl) - specificConstraints, _ := log.NewListConstraints([]log.LogLevel{log.InfoLvl, log.ErrorLvl}) - ex, _ := log.NewLogLevelException("*", "*main.go", specificConstraints) - exceptions := []*log.LogLevelException{ex} - - logger := log.NewAsyncLoopLogger(log.NewLoggerConfig(constraints, exceptions, root)) - log.ReplaceLogger(logger) - - log.Trace("This should not be seen") - log.Debug("This should not be seen") - log.Info("Test") - log.Error("Test2") - } - -Examples - -To learn seelog features faster you should check the examples package: https://github.com/cihub/seelog-examples -It contains many example configs and usecases. -*/ -package seelog diff --git a/vendor/github.com/cihub/seelog/format.go b/vendor/github.com/cihub/seelog/format.go deleted file mode 100644 index ec47b457..00000000 --- a/vendor/github.com/cihub/seelog/format.go +++ /dev/null @@ -1,466 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "bytes" - "errors" - "fmt" - "strconv" - "strings" - "unicode" - "unicode/utf8" -) - -// FormatterSymbol is a special symbol used in config files to mark special format aliases. -const ( - FormatterSymbol = '%' -) - -const ( - formatterParameterStart = '(' - formatterParameterEnd = ')' -) - -// Time and date formats used for %Date and %Time aliases. -const ( - DateDefaultFormat = "2006-01-02" - TimeFormat = "15:04:05" -) - -var DefaultMsgFormat = "%Ns [%Level] %Msg%n" - -var ( - DefaultFormatter *formatter - msgonlyformatter *formatter -) - -func init() { - var err error - if DefaultFormatter, err = NewFormatter(DefaultMsgFormat); err != nil { - reportInternalError(fmt.Errorf("error during creating DefaultFormatter: %s", err)) - } - if msgonlyformatter, err = NewFormatter("%Msg"); err != nil { - reportInternalError(fmt.Errorf("error during creating msgonlyformatter: %s", err)) - } -} - -// FormatterFunc represents one formatter object that starts with '%' sign in the 'format' attribute -// of the 'format' config item. These special symbols are replaced with context values or special -// strings when message is written to byte receiver. -// -// Check https://github.com/cihub/seelog/wiki/Formatting for details. -// Full list (with descriptions) of formatters: https://github.com/cihub/seelog/wiki/Format-reference -// -// FormatterFunc takes raw log message, level, log context and returns a string, number (of any type) or any object -// that can be evaluated as string. -type FormatterFunc func(message string, level LogLevel, context LogContextInterface) interface{} - -// FormatterFuncCreator is a factory of FormatterFunc objects. It is used to generate parameterized -// formatters (such as %Date or %EscM) and custom user formatters. -type FormatterFuncCreator func(param string) FormatterFunc - -var formatterFuncs = map[string]FormatterFunc{ - "Level": formatterLevel, - "Lev": formatterLev, - "LEVEL": formatterLEVEL, - "LEV": formatterLEV, - "l": formatterl, - "Msg": formatterMsg, - "FullPath": formatterFullPath, - "File": formatterFile, - "RelFile": formatterRelFile, - "Func": FormatterFunction, - "FuncShort": FormatterFunctionShort, - "Line": formatterLine, - "Time": formatterTime, - "UTCTime": formatterUTCTime, - "Ns": formatterNs, - "UTCNs": formatterUTCNs, - "r": formatterr, - "n": formattern, - "t": formattert, -} - -var formatterFuncsParameterized = map[string]FormatterFuncCreator{ - "Date": createDateTimeFormatterFunc, - "UTCDate": createUTCDateTimeFormatterFunc, - "EscM": createANSIEscapeFunc, -} - -func errorAliasReserved(name string) error { - return fmt.Errorf("cannot use '%s' as custom formatter name. Name is reserved", name) -} - -// RegisterCustomFormatter registers a new custom formatter factory with a given name. If returned error is nil, -// then this name (prepended by '%' symbol) can be used in 'format' attributes in configuration and -// it will be treated like the standard parameterized formatter identifiers. -// -// RegisterCustomFormatter needs to be called before creating a logger for it to take effect. The general recommendation -// is to call it once in 'init' func of your application or any initializer func. -// -// For usage examples, check https://github.com/cihub/seelog/wiki/Custom-formatters. -// -// Name must only consist of letters (unicode.IsLetter). -// -// Name must not be one of the already registered standard formatter names -// (https://github.com/cihub/seelog/wiki/Format-reference) and previously registered -// custom format names. To avoid any potential name conflicts (in future releases), it is recommended -// to start your custom formatter name with a namespace (e.g. 'MyCompanySomething') or a 'Custom' keyword. -func RegisterCustomFormatter(name string, creator FormatterFuncCreator) error { - if _, ok := formatterFuncs[name]; ok { - return errorAliasReserved(name) - } - if _, ok := formatterFuncsParameterized[name]; ok { - return errorAliasReserved(name) - } - formatterFuncsParameterized[name] = creator - return nil -} - -// formatter is used to write messages in a specific format, inserting such additional data -// as log level, date/time, etc. -type formatter struct { - fmtStringOriginal string - fmtString string - formatterFuncs []FormatterFunc -} - -// NewFormatter creates a new formatter using a format string -func NewFormatter(formatString string) (*formatter, error) { - fmtr := new(formatter) - fmtr.fmtStringOriginal = formatString - if err := buildFormatterFuncs(fmtr); err != nil { - return nil, err - } - return fmtr, nil -} - -func buildFormatterFuncs(formatter *formatter) error { - var ( - fsbuf = new(bytes.Buffer) - fsolm1 = len(formatter.fmtStringOriginal) - 1 - ) - for i := 0; i <= fsolm1; i++ { - if char := formatter.fmtStringOriginal[i]; char != FormatterSymbol { - fsbuf.WriteByte(char) - continue - } - // Check if the index is at the end of the string. - if i == fsolm1 { - return fmt.Errorf("format error: %c cannot be last symbol", FormatterSymbol) - } - // Check if the formatter symbol is doubled and skip it as nonmatching. - if formatter.fmtStringOriginal[i+1] == FormatterSymbol { - fsbuf.WriteRune(FormatterSymbol) - i++ - continue - } - function, ni, err := formatter.extractFormatterFunc(i + 1) - if err != nil { - return err - } - // Append formatting string "%v". - fsbuf.Write([]byte{37, 118}) - i = ni - formatter.formatterFuncs = append(formatter.formatterFuncs, function) - } - formatter.fmtString = fsbuf.String() - return nil -} - -func (formatter *formatter) extractFormatterFunc(index int) (FormatterFunc, int, error) { - letterSequence := formatter.extractLetterSequence(index) - if len(letterSequence) == 0 { - return nil, 0, fmt.Errorf("format error: lack of formatter after %c at %d", FormatterSymbol, index) - } - - function, formatterLength, ok := formatter.findFormatterFunc(letterSequence) - if ok { - return function, index + formatterLength - 1, nil - } - - function, formatterLength, ok, err := formatter.findFormatterFuncParametrized(letterSequence, index) - if err != nil { - return nil, 0, err - } - if ok { - return function, index + formatterLength - 1, nil - } - - return nil, 0, errors.New("format error: unrecognized formatter at " + strconv.Itoa(index) + ": " + letterSequence) -} - -func (formatter *formatter) extractLetterSequence(index int) string { - letters := "" - - bytesToParse := []byte(formatter.fmtStringOriginal[index:]) - runeCount := utf8.RuneCount(bytesToParse) - for i := 0; i < runeCount; i++ { - rune, runeSize := utf8.DecodeRune(bytesToParse) - bytesToParse = bytesToParse[runeSize:] - - if unicode.IsLetter(rune) { - letters += string(rune) - } else { - break - } - } - return letters -} - -func (formatter *formatter) findFormatterFunc(letters string) (FormatterFunc, int, bool) { - currentVerb := letters - for i := 0; i < len(letters); i++ { - function, ok := formatterFuncs[currentVerb] - if ok { - return function, len(currentVerb), ok - } - currentVerb = currentVerb[:len(currentVerb)-1] - } - - return nil, 0, false -} - -func (formatter *formatter) findFormatterFuncParametrized(letters string, lettersStartIndex int) (FormatterFunc, int, bool, error) { - currentVerb := letters - for i := 0; i < len(letters); i++ { - functionCreator, ok := formatterFuncsParameterized[currentVerb] - if ok { - parameter := "" - parameterLen := 0 - isVerbEqualsLetters := i == 0 // if not, then letter goes after formatter, and formatter is parameterless - if isVerbEqualsLetters { - userParameter := "" - var err error - userParameter, parameterLen, ok, err = formatter.findparameter(lettersStartIndex + len(currentVerb)) - if ok { - parameter = userParameter - } else if err != nil { - return nil, 0, false, err - } - } - - return functionCreator(parameter), len(currentVerb) + parameterLen, true, nil - } - - currentVerb = currentVerb[:len(currentVerb)-1] - } - - return nil, 0, false, nil -} - -func (formatter *formatter) findparameter(startIndex int) (string, int, bool, error) { - if len(formatter.fmtStringOriginal) == startIndex || formatter.fmtStringOriginal[startIndex] != formatterParameterStart { - return "", 0, false, nil - } - - endIndex := strings.Index(formatter.fmtStringOriginal[startIndex:], string(formatterParameterEnd)) - if endIndex == -1 { - return "", 0, false, fmt.Errorf("Unmatched parenthesis or invalid parameter at %d: %s", - startIndex, formatter.fmtStringOriginal[startIndex:]) - } - endIndex += startIndex - - length := endIndex - startIndex + 1 - - return formatter.fmtStringOriginal[startIndex+1 : endIndex], length, true, nil -} - -// Format processes a message with special formatters, log level, and context. Returns formatted string -// with all formatter identifiers changed to appropriate values. -func (formatter *formatter) Format(message string, level LogLevel, context LogContextInterface) string { - if len(formatter.formatterFuncs) == 0 { - return formatter.fmtString - } - - params := make([]interface{}, len(formatter.formatterFuncs)) - for i, function := range formatter.formatterFuncs { - params[i] = function(message, level, context) - } - - return fmt.Sprintf(formatter.fmtString, params...) -} - -func (formatter *formatter) String() string { - return formatter.fmtStringOriginal -} - -//===================================================== - -const ( - wrongLogLevel = "WRONG_LOGLEVEL" - wrongEscapeCode = "WRONG_ESCAPE" -) - -var levelToString = map[LogLevel]string{ - TraceLvl: "Trace", - DebugLvl: "Debug", - InfoLvl: "Info", - WarnLvl: "Warn", - ErrorLvl: "Error", - CriticalLvl: "Critical", - Off: "Off", -} - -var levelToShortString = map[LogLevel]string{ - TraceLvl: "Trc", - DebugLvl: "Dbg", - InfoLvl: "Inf", - WarnLvl: "Wrn", - ErrorLvl: "Err", - CriticalLvl: "Crt", - Off: "Off", -} - -var levelToShortestString = map[LogLevel]string{ - TraceLvl: "t", - DebugLvl: "d", - InfoLvl: "i", - WarnLvl: "w", - ErrorLvl: "e", - CriticalLvl: "c", - Off: "o", -} - -func formatterLevel(message string, level LogLevel, context LogContextInterface) interface{} { - levelStr, ok := levelToString[level] - if !ok { - return wrongLogLevel - } - return levelStr -} - -func formatterLev(message string, level LogLevel, context LogContextInterface) interface{} { - levelStr, ok := levelToShortString[level] - if !ok { - return wrongLogLevel - } - return levelStr -} - -func formatterLEVEL(message string, level LogLevel, context LogContextInterface) interface{} { - return strings.ToTitle(formatterLevel(message, level, context).(string)) -} - -func formatterLEV(message string, level LogLevel, context LogContextInterface) interface{} { - return strings.ToTitle(formatterLev(message, level, context).(string)) -} - -func formatterl(message string, level LogLevel, context LogContextInterface) interface{} { - levelStr, ok := levelToShortestString[level] - if !ok { - return wrongLogLevel - } - return levelStr -} - -func formatterMsg(message string, level LogLevel, context LogContextInterface) interface{} { - return message -} - -func formatterFullPath(message string, level LogLevel, context LogContextInterface) interface{} { - return context.FullPath() -} - -func formatterFile(message string, level LogLevel, context LogContextInterface) interface{} { - return context.FileName() -} - -func formatterRelFile(message string, level LogLevel, context LogContextInterface) interface{} { - return context.ShortPath() -} - -func FormatterFunction(message string, level LogLevel, context LogContextInterface) interface{} { - return context.Func() -} - -func FormatterFunctionShort(message string, level LogLevel, context LogContextInterface) interface{} { - f := context.Func() - spl := strings.Split(f, ".") - return spl[len(spl)-1] -} - -func formatterLine(message string, level LogLevel, context LogContextInterface) interface{} { - return context.Line() -} - -func formatterTime(message string, level LogLevel, context LogContextInterface) interface{} { - return context.CallTime().Format(TimeFormat) -} - -func formatterUTCTime(message string, level LogLevel, context LogContextInterface) interface{} { - return context.CallTime().UTC().Format(TimeFormat) -} - -func formatterNs(message string, level LogLevel, context LogContextInterface) interface{} { - return context.CallTime().UnixNano() -} - -func formatterUTCNs(message string, level LogLevel, context LogContextInterface) interface{} { - return context.CallTime().UTC().UnixNano() -} - -func formatterr(message string, level LogLevel, context LogContextInterface) interface{} { - return "\r" -} - -func formattern(message string, level LogLevel, context LogContextInterface) interface{} { - return "\n" -} - -func formattert(message string, level LogLevel, context LogContextInterface) interface{} { - return "\t" -} - -func createDateTimeFormatterFunc(dateTimeFormat string) FormatterFunc { - format := dateTimeFormat - if format == "" { - format = DateDefaultFormat - } - return func(message string, level LogLevel, context LogContextInterface) interface{} { - return context.CallTime().Format(format) - } -} - -func createUTCDateTimeFormatterFunc(dateTimeFormat string) FormatterFunc { - format := dateTimeFormat - if format == "" { - format = DateDefaultFormat - } - return func(message string, level LogLevel, context LogContextInterface) interface{} { - return context.CallTime().UTC().Format(format) - } -} - -func createANSIEscapeFunc(escapeCodeString string) FormatterFunc { - return func(message string, level LogLevel, context LogContextInterface) interface{} { - if len(escapeCodeString) == 0 { - return wrongEscapeCode - } - - return fmt.Sprintf("%c[%sm", 0x1B, escapeCodeString) - } -} diff --git a/vendor/github.com/cihub/seelog/internals_baseerror.go b/vendor/github.com/cihub/seelog/internals_baseerror.go deleted file mode 100644 index c0b271d7..00000000 --- a/vendor/github.com/cihub/seelog/internals_baseerror.go +++ /dev/null @@ -1,10 +0,0 @@ -package seelog - -// Base struct for custom errors. -type baseError struct { - message string -} - -func (be baseError) Error() string { - return be.message -} diff --git a/vendor/github.com/cihub/seelog/internals_fsutils.go b/vendor/github.com/cihub/seelog/internals_fsutils.go deleted file mode 100644 index c0a0e0e4..00000000 --- a/vendor/github.com/cihub/seelog/internals_fsutils.go +++ /dev/null @@ -1,320 +0,0 @@ -package seelog - -import ( - "fmt" - "io" - "os" - "path/filepath" - "sync" -) - -// File and directory permitions. -const ( - defaultFilePermissions = 0666 - defaultDirectoryPermissions = 0767 -) - -const ( - // Max number of directories can be read asynchronously. - maxDirNumberReadAsync = 1000 -) - -type cannotOpenFileError struct { - baseError -} - -func newCannotOpenFileError(fname string) *cannotOpenFileError { - return &cannotOpenFileError{baseError{message: "Cannot open file: " + fname}} -} - -type notDirectoryError struct { - baseError -} - -func newNotDirectoryError(dname string) *notDirectoryError { - return ¬DirectoryError{baseError{message: dname + " is not directory"}} -} - -// fileFilter is a filtering criteria function for '*os.File'. -// Must return 'false' to set aside the given file. -type fileFilter func(os.FileInfo, *os.File) bool - -// filePathFilter is a filtering creteria function for file path. -// Must return 'false' to set aside the given file. -type filePathFilter func(filePath string) bool - -// GetSubdirNames returns a list of directories found in -// the given one with dirPath. -func getSubdirNames(dirPath string) ([]string, error) { - fi, err := os.Stat(dirPath) - if err != nil { - return nil, err - } - if !fi.IsDir() { - return nil, newNotDirectoryError(dirPath) - } - dd, err := os.Open(dirPath) - // Cannot open file. - if err != nil { - if dd != nil { - dd.Close() - } - return nil, err - } - defer dd.Close() - // TODO: Improve performance by buffering reading. - allEntities, err := dd.Readdir(-1) - if err != nil { - return nil, err - } - subDirs := []string{} - for _, entity := range allEntities { - if entity.IsDir() { - subDirs = append(subDirs, entity.Name()) - } - } - return subDirs, nil -} - -// getSubdirAbsPaths recursively visit all the subdirectories -// starting from the given directory and returns absolute paths for them. -func getAllSubdirAbsPaths(dirPath string) (res []string, err error) { - dps, err := getSubdirAbsPaths(dirPath) - if err != nil { - res = []string{} - return - } - res = append(res, dps...) - for _, dp := range dps { - sdps, err := getAllSubdirAbsPaths(dp) - if err != nil { - return []string{}, err - } - res = append(res, sdps...) - } - return -} - -// getSubdirAbsPaths supplies absolute paths for all subdirectiries in a given directory. -// Input: (I1) dirPath - absolute path of a directory in question. -// Out: (O1) - slice of subdir asbolute paths; (O2) - error of the operation. -// Remark: If error (O2) is non-nil then (O1) is nil and vice versa. -func getSubdirAbsPaths(dirPath string) ([]string, error) { - sdns, err := getSubdirNames(dirPath) - if err != nil { - return nil, err - } - rsdns := []string{} - for _, sdn := range sdns { - rsdns = append(rsdns, filepath.Join(dirPath, sdn)) - } - return rsdns, nil -} - -// getOpenFilesInDir supplies a slice of os.File pointers to files located in the directory. -// Remark: Ignores files for which fileFilter returns false -func getOpenFilesInDir(dirPath string, fFilter fileFilter) ([]*os.File, error) { - dfi, err := os.Open(dirPath) - if err != nil { - return nil, newCannotOpenFileError("Cannot open directory " + dirPath) - } - defer dfi.Close() - // Size of read buffer (i.e. chunk of items read at a time). - rbs := 64 - resFiles := []*os.File{} -L: - for { - // Read directory entities by reasonable chuncks - // to prevent overflows on big number of files. - fis, e := dfi.Readdir(rbs) - switch e { - // It's OK. - case nil: - // Do nothing, just continue cycle. - case io.EOF: - break L - // Something went wrong. - default: - return nil, e - } - // THINK: Maybe, use async running. - for _, fi := range fis { - // NB: On Linux this could be a problem as - // there are lots of file types available. - if !fi.IsDir() { - f, e := os.Open(filepath.Join(dirPath, fi.Name())) - if e != nil { - if f != nil { - f.Close() - } - // THINK: Add nil as indicator that a problem occurred. - resFiles = append(resFiles, nil) - continue - } - // Check filter condition. - if fFilter != nil && !fFilter(fi, f) { - continue - } - resFiles = append(resFiles, f) - } - } - } - return resFiles, nil -} - -func isRegular(m os.FileMode) bool { - return m&os.ModeType == 0 -} - -// getDirFilePaths return full paths of the files located in the directory. -// Remark: Ignores files for which fileFilter returns false. -func getDirFilePaths(dirPath string, fpFilter filePathFilter, pathIsName bool) ([]string, error) { - dfi, err := os.Open(dirPath) - if err != nil { - return nil, newCannotOpenFileError("Cannot open directory " + dirPath) - } - defer dfi.Close() - - var absDirPath string - if !filepath.IsAbs(dirPath) { - absDirPath, err = filepath.Abs(dirPath) - if err != nil { - return nil, fmt.Errorf("cannot get absolute path of directory: %s", err.Error()) - } - } else { - absDirPath = dirPath - } - - // TODO: check if dirPath is really directory. - // Size of read buffer (i.e. chunk of items read at a time). - rbs := 2 << 5 - filePaths := []string{} - - var fp string -L: - for { - // Read directory entities by reasonable chuncks - // to prevent overflows on big number of files. - fis, e := dfi.Readdir(rbs) - switch e { - // It's OK. - case nil: - // Do nothing, just continue cycle. - case io.EOF: - break L - // Indicate that something went wrong. - default: - return nil, e - } - // THINK: Maybe, use async running. - for _, fi := range fis { - // NB: Should work on every Windows and non-Windows OS. - if isRegular(fi.Mode()) { - if pathIsName { - fp = fi.Name() - } else { - // Build full path of a file. - fp = filepath.Join(absDirPath, fi.Name()) - } - // Check filter condition. - if fpFilter != nil && !fpFilter(fp) { - continue - } - filePaths = append(filePaths, fp) - } - } - } - return filePaths, nil -} - -// getOpenFilesByDirectoryAsync runs async reading directories 'dirPaths' and inserts pairs -// in map 'filesInDirMap': Key - directory name, value - *os.File slice. -func getOpenFilesByDirectoryAsync( - dirPaths []string, - fFilter fileFilter, - filesInDirMap map[string][]*os.File, -) error { - n := len(dirPaths) - if n > maxDirNumberReadAsync { - return fmt.Errorf("number of input directories to be read exceeded max value %d", maxDirNumberReadAsync) - } - type filesInDirResult struct { - DirName string - Files []*os.File - Error error - } - dirFilesChan := make(chan *filesInDirResult, n) - var wg sync.WaitGroup - // Register n goroutines which are going to do work. - wg.Add(n) - for i := 0; i < n; i++ { - // Launch asynchronously the piece of work. - go func(dirPath string) { - fs, e := getOpenFilesInDir(dirPath, fFilter) - dirFilesChan <- &filesInDirResult{filepath.Base(dirPath), fs, e} - // Mark the current goroutine as finished (work is done). - wg.Done() - }(dirPaths[i]) - } - // Wait for all goroutines to finish their work. - wg.Wait() - // Close the error channel to let for-range clause - // get all the buffered values without blocking and quit in the end. - close(dirFilesChan) - for fidr := range dirFilesChan { - if fidr.Error == nil { - // THINK: What will happen if the key is already present? - filesInDirMap[fidr.DirName] = fidr.Files - } else { - return fidr.Error - } - } - return nil -} - -// fileExists return flag whether a given file exists -// and operation error if an unclassified failure occurs. -func fileExists(path string) (bool, error) { - _, err := os.Stat(path) - if err != nil { - if os.IsNotExist(err) { - return false, nil - } - return false, err - } - return true, nil -} - -// createDirectory makes directory with a given name -// making all parent directories if necessary. -func createDirectory(dirPath string) error { - var dPath string - var err error - if !filepath.IsAbs(dirPath) { - dPath, err = filepath.Abs(dirPath) - if err != nil { - return err - } - } else { - dPath = dirPath - } - exists, err := fileExists(dPath) - if err != nil { - return err - } - if exists { - return nil - } - return os.MkdirAll(dPath, os.ModeDir) -} - -// tryRemoveFile gives a try removing the file -// only ignoring an error when the file does not exist. -func tryRemoveFile(filePath string) (err error) { - err = os.Remove(filePath) - if os.IsNotExist(err) { - err = nil - return - } - return -} diff --git a/vendor/github.com/cihub/seelog/internals_xmlnode.go b/vendor/github.com/cihub/seelog/internals_xmlnode.go deleted file mode 100644 index 98588493..00000000 --- a/vendor/github.com/cihub/seelog/internals_xmlnode.go +++ /dev/null @@ -1,175 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "encoding/xml" - "errors" - "fmt" - "io" - "strings" -) - -type xmlNode struct { - name string - attributes map[string]string - children []*xmlNode - value string -} - -func newNode() *xmlNode { - node := new(xmlNode) - node.children = make([]*xmlNode, 0) - node.attributes = make(map[string]string) - return node -} - -func (node *xmlNode) String() string { - str := fmt.Sprintf("<%s", node.name) - - for attrName, attrVal := range node.attributes { - str += fmt.Sprintf(" %s=\"%s\"", attrName, attrVal) - } - - str += ">" - str += node.value - - if len(node.children) != 0 { - for _, child := range node.children { - str += fmt.Sprintf("%s", child) - } - } - - str += fmt.Sprintf("", node.name) - - return str -} - -func (node *xmlNode) unmarshal(startEl xml.StartElement) error { - node.name = startEl.Name.Local - - for _, v := range startEl.Attr { - _, alreadyExists := node.attributes[v.Name.Local] - if alreadyExists { - return errors.New("tag '" + node.name + "' has duplicated attribute: '" + v.Name.Local + "'") - } - node.attributes[v.Name.Local] = v.Value - } - - return nil -} - -func (node *xmlNode) add(child *xmlNode) { - if node.children == nil { - node.children = make([]*xmlNode, 0) - } - - node.children = append(node.children, child) -} - -func (node *xmlNode) hasChildren() bool { - return node.children != nil && len(node.children) > 0 -} - -//============================================= - -func unmarshalConfig(reader io.Reader) (*xmlNode, error) { - xmlParser := xml.NewDecoder(reader) - - config, err := unmarshalNode(xmlParser, nil) - if err != nil { - return nil, err - } - if config == nil { - return nil, errors.New("xml has no content") - } - - nextConfigEntry, err := unmarshalNode(xmlParser, nil) - if nextConfigEntry != nil { - return nil, errors.New("xml contains more than one root element") - } - - return config, nil -} - -func unmarshalNode(xmlParser *xml.Decoder, curToken xml.Token) (node *xmlNode, err error) { - firstLoop := true - for { - var tok xml.Token - if firstLoop && curToken != nil { - tok = curToken - firstLoop = false - } else { - tok, err = getNextToken(xmlParser) - if err != nil || tok == nil { - return - } - } - - switch tt := tok.(type) { - case xml.SyntaxError: - err = errors.New(tt.Error()) - return - case xml.CharData: - value := strings.TrimSpace(string([]byte(tt))) - if node != nil { - node.value += value - } - case xml.StartElement: - if node == nil { - node = newNode() - err := node.unmarshal(tt) - if err != nil { - return nil, err - } - } else { - childNode, childErr := unmarshalNode(xmlParser, tok) - if childErr != nil { - return nil, childErr - } - - if childNode != nil { - node.add(childNode) - } else { - return - } - } - case xml.EndElement: - return - } - } -} - -func getNextToken(xmlParser *xml.Decoder) (tok xml.Token, err error) { - if tok, err = xmlParser.Token(); err != nil { - if err == io.EOF { - err = nil - return - } - return - } - - return -} diff --git a/vendor/github.com/cihub/seelog/log.go b/vendor/github.com/cihub/seelog/log.go deleted file mode 100644 index f775e1fd..00000000 --- a/vendor/github.com/cihub/seelog/log.go +++ /dev/null @@ -1,307 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "sync" - "time" -) - -const ( - staticFuncCallDepth = 3 // See 'commonLogger.log' method comments - loggerFuncCallDepth = 3 -) - -// Current is the logger used in all package level convenience funcs like 'Trace', 'Debug', 'Flush', etc. -var Current LoggerInterface - -// Default logger that is created from an empty config: "". It is not closed by a ReplaceLogger call. -var Default LoggerInterface - -// Disabled logger that doesn't produce any output in any circumstances. It is neither closed nor flushed by a ReplaceLogger call. -var Disabled LoggerInterface - -var pkgOperationsMutex *sync.Mutex - -func init() { - pkgOperationsMutex = new(sync.Mutex) - var err error - - if Default == nil { - Default, err = LoggerFromConfigAsBytes([]byte("")) - } - - if Disabled == nil { - Disabled, err = LoggerFromConfigAsBytes([]byte("")) - } - - if err != nil { - panic(fmt.Sprintf("Seelog couldn't start. Error: %s", err.Error())) - } - - Current = Default -} - -func createLoggerFromFullConfig(config *configForParsing) (LoggerInterface, error) { - if config.LogType == syncloggerTypeFromString { - return NewSyncLogger(&config.logConfig), nil - } else if config.LogType == asyncLooploggerTypeFromString { - return NewAsyncLoopLogger(&config.logConfig), nil - } else if config.LogType == asyncTimerloggerTypeFromString { - logData := config.LoggerData - if logData == nil { - return nil, errors.New("async timer data not set") - } - - asyncInt, ok := logData.(asyncTimerLoggerData) - if !ok { - return nil, errors.New("invalid async timer data") - } - - logger, err := NewAsyncTimerLogger(&config.logConfig, time.Duration(asyncInt.AsyncInterval)) - if !ok { - return nil, err - } - - return logger, nil - } else if config.LogType == adaptiveLoggerTypeFromString { - logData := config.LoggerData - if logData == nil { - return nil, errors.New("adaptive logger parameters not set") - } - - adaptData, ok := logData.(adaptiveLoggerData) - if !ok { - return nil, errors.New("invalid adaptive logger parameters") - } - - logger, err := NewAsyncAdaptiveLogger( - &config.logConfig, - time.Duration(adaptData.MinInterval), - time.Duration(adaptData.MaxInterval), - adaptData.CriticalMsgCount, - ) - if err != nil { - return nil, err - } - - return logger, nil - } - return nil, errors.New("invalid config log type/data") -} - -// UseLogger sets the 'Current' package level logger variable to the specified value. -// This variable is used in all Trace/Debug/... package level convenience funcs. -// -// Example: -// -// after calling -// seelog.UseLogger(somelogger) -// the following: -// seelog.Debug("abc") -// will be equal to -// somelogger.Debug("abc") -// -// IMPORTANT: UseLogger do NOT close the previous logger (only flushes it). So if -// you constantly use it to replace loggers and don't close them in other code, you'll -// end up having memory leaks. -// -// To safely replace loggers, use ReplaceLogger. -func UseLogger(logger LoggerInterface) error { - if logger == nil { - return errors.New("logger can not be nil") - } - - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - - oldLogger := Current - Current = logger - - if oldLogger != nil { - oldLogger.Flush() - } - - return nil -} - -// ReplaceLogger acts as UseLogger but the logger that was previously -// used is disposed (except Default and Disabled loggers). -// -// Example: -// import log "github.com/cihub/seelog" -// -// func main() { -// logger, err := log.LoggerFromConfigAsFile("seelog.xml") -// -// if err != nil { -// panic(err) -// } -// -// log.ReplaceLogger(logger) -// defer log.Flush() -// -// log.Trace("test") -// log.Debugf("var = %s", "abc") -// } -func ReplaceLogger(logger LoggerInterface) error { - if logger == nil { - return errors.New("logger can not be nil") - } - - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - - defer func() { - if err := recover(); err != nil { - reportInternalError(fmt.Errorf("recovered from panic during ReplaceLogger: %s", err)) - } - }() - - if Current == Default { - Current.Flush() - } else if Current != nil && !Current.Closed() && Current != Disabled { - Current.Flush() - Current.Close() - } - - Current = logger - - return nil -} - -// Tracef formats message according to format specifier -// and writes to default logger with log level = Trace. -func Tracef(format string, params ...interface{}) { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - Current.traceWithCallDepth(staticFuncCallDepth, newLogFormattedMessage(format, params)) -} - -// Debugf formats message according to format specifier -// and writes to default logger with log level = Debug. -func Debugf(format string, params ...interface{}) { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - Current.debugWithCallDepth(staticFuncCallDepth, newLogFormattedMessage(format, params)) -} - -// Infof formats message according to format specifier -// and writes to default logger with log level = Info. -func Infof(format string, params ...interface{}) { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - Current.infoWithCallDepth(staticFuncCallDepth, newLogFormattedMessage(format, params)) -} - -// Warnf formats message according to format specifier and writes to default logger with log level = Warn -func Warnf(format string, params ...interface{}) error { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - message := newLogFormattedMessage(format, params) - Current.warnWithCallDepth(staticFuncCallDepth, message) - return errors.New(message.String()) -} - -// Errorf formats message according to format specifier and writes to default logger with log level = Error -func Errorf(format string, params ...interface{}) error { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - message := newLogFormattedMessage(format, params) - Current.errorWithCallDepth(staticFuncCallDepth, message) - return errors.New(message.String()) -} - -// Criticalf formats message according to format specifier and writes to default logger with log level = Critical -func Criticalf(format string, params ...interface{}) error { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - message := newLogFormattedMessage(format, params) - Current.criticalWithCallDepth(staticFuncCallDepth, message) - return errors.New(message.String()) -} - -// Trace formats message using the default formats for its operands and writes to default logger with log level = Trace -func Trace(v ...interface{}) { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - Current.traceWithCallDepth(staticFuncCallDepth, newLogMessage(v)) -} - -// Debug formats message using the default formats for its operands and writes to default logger with log level = Debug -func Debug(v ...interface{}) { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - Current.debugWithCallDepth(staticFuncCallDepth, newLogMessage(v)) -} - -// Info formats message using the default formats for its operands and writes to default logger with log level = Info -func Info(v ...interface{}) { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - Current.infoWithCallDepth(staticFuncCallDepth, newLogMessage(v)) -} - -// Warn formats message using the default formats for its operands and writes to default logger with log level = Warn -func Warn(v ...interface{}) error { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - message := newLogMessage(v) - Current.warnWithCallDepth(staticFuncCallDepth, message) - return errors.New(message.String()) -} - -// Error formats message using the default formats for its operands and writes to default logger with log level = Error -func Error(v ...interface{}) error { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - message := newLogMessage(v) - Current.errorWithCallDepth(staticFuncCallDepth, message) - return errors.New(message.String()) -} - -// Critical formats message using the default formats for its operands and writes to default logger with log level = Critical -func Critical(v ...interface{}) error { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - message := newLogMessage(v) - Current.criticalWithCallDepth(staticFuncCallDepth, message) - return errors.New(message.String()) -} - -// Flush immediately processes all currently queued messages and all currently buffered messages. -// It is a blocking call which returns only after the queue is empty and all the buffers are empty. -// -// If Flush is called for a synchronous logger (type='sync'), it only flushes buffers (e.g. '' receivers) -// , because there is no queue. -// -// Call this method when your app is going to shut down not to lose any log messages. -func Flush() { - pkgOperationsMutex.Lock() - defer pkgOperationsMutex.Unlock() - Current.Flush() -} diff --git a/vendor/github.com/cihub/seelog/logger.go b/vendor/github.com/cihub/seelog/logger.go deleted file mode 100644 index fc96aed4..00000000 --- a/vendor/github.com/cihub/seelog/logger.go +++ /dev/null @@ -1,370 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "os" - "sync" -) - -func reportInternalError(err error) { - fmt.Fprintf(os.Stderr, "seelog internal error: %s\n", err) -} - -// LoggerInterface represents structs capable of logging Seelog messages -type LoggerInterface interface { - - // Tracef formats message according to format specifier - // and writes to log with level = Trace. - Tracef(format string, params ...interface{}) - - // Debugf formats message according to format specifier - // and writes to log with level = Debug. - Debugf(format string, params ...interface{}) - - // Infof formats message according to format specifier - // and writes to log with level = Info. - Infof(format string, params ...interface{}) - - // Warnf formats message according to format specifier - // and writes to log with level = Warn. - Warnf(format string, params ...interface{}) error - - // Errorf formats message according to format specifier - // and writes to log with level = Error. - Errorf(format string, params ...interface{}) error - - // Criticalf formats message according to format specifier - // and writes to log with level = Critical. - Criticalf(format string, params ...interface{}) error - - // Trace formats message using the default formats for its operands - // and writes to log with level = Trace - Trace(v ...interface{}) - - // Debug formats message using the default formats for its operands - // and writes to log with level = Debug - Debug(v ...interface{}) - - // Info formats message using the default formats for its operands - // and writes to log with level = Info - Info(v ...interface{}) - - // Warn formats message using the default formats for its operands - // and writes to log with level = Warn - Warn(v ...interface{}) error - - // Error formats message using the default formats for its operands - // and writes to log with level = Error - Error(v ...interface{}) error - - // Critical formats message using the default formats for its operands - // and writes to log with level = Critical - Critical(v ...interface{}) error - - traceWithCallDepth(callDepth int, message fmt.Stringer) - debugWithCallDepth(callDepth int, message fmt.Stringer) - infoWithCallDepth(callDepth int, message fmt.Stringer) - warnWithCallDepth(callDepth int, message fmt.Stringer) - errorWithCallDepth(callDepth int, message fmt.Stringer) - criticalWithCallDepth(callDepth int, message fmt.Stringer) - - // Close flushes all the messages in the logger and closes it. It cannot be used after this operation. - Close() - - // Flush flushes all the messages in the logger. - Flush() - - // Closed returns true if the logger was previously closed. - Closed() bool - - // SetAdditionalStackDepth sets the additional number of frames to skip by runtime.Caller - // when getting function information needed to print seelog format identifiers such as %Func or %File. - // - // This func may be used when you wrap seelog funcs and want to print caller info of you own - // wrappers instead of seelog func callers. In this case you should set depth = 1. If you then - // wrap your wrapper, you should set depth = 2, etc. - // - // NOTE: Incorrect depth value may lead to errors in runtime.Caller evaluation or incorrect - // function/file names in log files. Do not use it if you are not going to wrap seelog funcs. - // You may reset the value to default using a SetAdditionalStackDepth(0) call. - SetAdditionalStackDepth(depth int) error - - // Sets logger context that can be used in formatter funcs and custom receivers - SetContext(context interface{}) -} - -// innerLoggerInterface is an internal logging interface -type innerLoggerInterface interface { - innerLog(level LogLevel, context LogContextInterface, message fmt.Stringer) - Flush() -} - -// [file path][func name][level] -> [allowed] -type allowedContextCache map[string]map[string]map[LogLevel]bool - -// commonLogger contains all common data needed for logging and contains methods used to log messages. -type commonLogger struct { - config *logConfig // Config used for logging - contextCache allowedContextCache // Caches whether log is enabled for specific "full path-func name-level" sets - closed bool // 'true' when all writers are closed, all data is flushed, logger is unusable. Must be accessed while holding closedM - closedM sync.RWMutex - m sync.Mutex // Mutex for main operations - unusedLevels []bool - innerLogger innerLoggerInterface - addStackDepth int // Additional stack depth needed for correct seelog caller context detection - customContext interface{} -} - -func newCommonLogger(config *logConfig, internalLogger innerLoggerInterface) *commonLogger { - cLogger := new(commonLogger) - - cLogger.config = config - cLogger.contextCache = make(allowedContextCache) - cLogger.unusedLevels = make([]bool, Off) - cLogger.fillUnusedLevels() - cLogger.innerLogger = internalLogger - - return cLogger -} - -func (cLogger *commonLogger) SetAdditionalStackDepth(depth int) error { - if depth < 0 { - return fmt.Errorf("negative depth: %d", depth) - } - cLogger.m.Lock() - cLogger.addStackDepth = depth - cLogger.m.Unlock() - return nil -} - -func (cLogger *commonLogger) Tracef(format string, params ...interface{}) { - cLogger.traceWithCallDepth(loggerFuncCallDepth, newLogFormattedMessage(format, params)) -} - -func (cLogger *commonLogger) Debugf(format string, params ...interface{}) { - cLogger.debugWithCallDepth(loggerFuncCallDepth, newLogFormattedMessage(format, params)) -} - -func (cLogger *commonLogger) Infof(format string, params ...interface{}) { - cLogger.infoWithCallDepth(loggerFuncCallDepth, newLogFormattedMessage(format, params)) -} - -func (cLogger *commonLogger) Warnf(format string, params ...interface{}) error { - message := newLogFormattedMessage(format, params) - cLogger.warnWithCallDepth(loggerFuncCallDepth, message) - return errors.New(message.String()) -} - -func (cLogger *commonLogger) Errorf(format string, params ...interface{}) error { - message := newLogFormattedMessage(format, params) - cLogger.errorWithCallDepth(loggerFuncCallDepth, message) - return errors.New(message.String()) -} - -func (cLogger *commonLogger) Criticalf(format string, params ...interface{}) error { - message := newLogFormattedMessage(format, params) - cLogger.criticalWithCallDepth(loggerFuncCallDepth, message) - return errors.New(message.String()) -} - -func (cLogger *commonLogger) Trace(v ...interface{}) { - cLogger.traceWithCallDepth(loggerFuncCallDepth, newLogMessage(v)) -} - -func (cLogger *commonLogger) Debug(v ...interface{}) { - cLogger.debugWithCallDepth(loggerFuncCallDepth, newLogMessage(v)) -} - -func (cLogger *commonLogger) Info(v ...interface{}) { - cLogger.infoWithCallDepth(loggerFuncCallDepth, newLogMessage(v)) -} - -func (cLogger *commonLogger) Warn(v ...interface{}) error { - message := newLogMessage(v) - cLogger.warnWithCallDepth(loggerFuncCallDepth, message) - return errors.New(message.String()) -} - -func (cLogger *commonLogger) Error(v ...interface{}) error { - message := newLogMessage(v) - cLogger.errorWithCallDepth(loggerFuncCallDepth, message) - return errors.New(message.String()) -} - -func (cLogger *commonLogger) Critical(v ...interface{}) error { - message := newLogMessage(v) - cLogger.criticalWithCallDepth(loggerFuncCallDepth, message) - return errors.New(message.String()) -} - -func (cLogger *commonLogger) SetContext(c interface{}) { - cLogger.customContext = c -} - -func (cLogger *commonLogger) traceWithCallDepth(callDepth int, message fmt.Stringer) { - cLogger.log(TraceLvl, message, callDepth) -} - -func (cLogger *commonLogger) debugWithCallDepth(callDepth int, message fmt.Stringer) { - cLogger.log(DebugLvl, message, callDepth) -} - -func (cLogger *commonLogger) infoWithCallDepth(callDepth int, message fmt.Stringer) { - cLogger.log(InfoLvl, message, callDepth) -} - -func (cLogger *commonLogger) warnWithCallDepth(callDepth int, message fmt.Stringer) { - cLogger.log(WarnLvl, message, callDepth) -} - -func (cLogger *commonLogger) errorWithCallDepth(callDepth int, message fmt.Stringer) { - cLogger.log(ErrorLvl, message, callDepth) -} - -func (cLogger *commonLogger) criticalWithCallDepth(callDepth int, message fmt.Stringer) { - cLogger.log(CriticalLvl, message, callDepth) - cLogger.innerLogger.Flush() -} - -func (cLogger *commonLogger) Closed() bool { - cLogger.closedM.RLock() - defer cLogger.closedM.RUnlock() - return cLogger.closed -} - -func (cLogger *commonLogger) fillUnusedLevels() { - for i := 0; i < len(cLogger.unusedLevels); i++ { - cLogger.unusedLevels[i] = true - } - - cLogger.fillUnusedLevelsByContraint(cLogger.config.Constraints) - - for _, exception := range cLogger.config.Exceptions { - cLogger.fillUnusedLevelsByContraint(exception) - } -} - -func (cLogger *commonLogger) fillUnusedLevelsByContraint(constraint logLevelConstraints) { - for i := 0; i < len(cLogger.unusedLevels); i++ { - if constraint.IsAllowed(LogLevel(i)) { - cLogger.unusedLevels[i] = false - } - } -} - -// stackCallDepth is used to indicate the call depth of 'log' func. -// This depth level is used in the runtime.Caller(...) call. See -// common_context.go -> specifyContext, extractCallerInfo for details. -func (cLogger *commonLogger) log(level LogLevel, message fmt.Stringer, stackCallDepth int) { - if cLogger.unusedLevels[level] { - return - } - cLogger.m.Lock() - defer cLogger.m.Unlock() - - if cLogger.Closed() { - return - } - context, _ := specifyContext(stackCallDepth+cLogger.addStackDepth, cLogger.customContext) - // Context errors are not reported because there are situations - // in which context errors are normal Seelog usage cases. For - // example in executables with stripped symbols. - // Error contexts are returned instead. See common_context.go. - /*if err != nil { - reportInternalError(err) - return - }*/ - cLogger.innerLogger.innerLog(level, context, message) -} - -func (cLogger *commonLogger) processLogMsg(level LogLevel, message fmt.Stringer, context LogContextInterface) { - defer func() { - if err := recover(); err != nil { - reportInternalError(fmt.Errorf("recovered from panic during message processing: %s", err)) - } - }() - if cLogger.config.IsAllowed(level, context) { - cLogger.config.RootDispatcher.Dispatch(message.String(), level, context, reportInternalError) - } -} - -func (cLogger *commonLogger) isAllowed(level LogLevel, context LogContextInterface) bool { - funcMap, ok := cLogger.contextCache[context.FullPath()] - if !ok { - funcMap = make(map[string]map[LogLevel]bool, 0) - cLogger.contextCache[context.FullPath()] = funcMap - } - - levelMap, ok := funcMap[context.Func()] - if !ok { - levelMap = make(map[LogLevel]bool, 0) - funcMap[context.Func()] = levelMap - } - - isAllowValue, ok := levelMap[level] - if !ok { - isAllowValue = cLogger.config.IsAllowed(level, context) - levelMap[level] = isAllowValue - } - - return isAllowValue -} - -type logMessage struct { - params []interface{} -} - -type logFormattedMessage struct { - format string - params []interface{} -} - -func newLogMessage(params []interface{}) fmt.Stringer { - message := new(logMessage) - - message.params = params - - return message -} - -func newLogFormattedMessage(format string, params []interface{}) *logFormattedMessage { - message := new(logFormattedMessage) - - message.params = params - message.format = format - - return message -} - -func (message *logMessage) String() string { - return fmt.Sprint(message.params...) -} - -func (message *logFormattedMessage) String() string { - return fmt.Sprintf(message.format, message.params...) -} diff --git a/vendor/github.com/cihub/seelog/writers_bufferedwriter.go b/vendor/github.com/cihub/seelog/writers_bufferedwriter.go deleted file mode 100644 index 37d75c82..00000000 --- a/vendor/github.com/cihub/seelog/writers_bufferedwriter.go +++ /dev/null @@ -1,161 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "bufio" - "errors" - "fmt" - "io" - "sync" - "time" -) - -// bufferedWriter stores data in memory and flushes it every flushPeriod or when buffer is full -type bufferedWriter struct { - flushPeriod time.Duration // data flushes interval (in microseconds) - bufferMutex *sync.Mutex // mutex for buffer operations syncronization - innerWriter io.Writer // inner writer - buffer *bufio.Writer // buffered wrapper for inner writer - bufferSize int // max size of data chunk in bytes -} - -// NewBufferedWriter creates a new buffered writer struct. -// bufferSize -- size of memory buffer in bytes -// flushPeriod -- period in which data flushes from memory buffer in milliseconds. 0 - turn off this functionality -func NewBufferedWriter(innerWriter io.Writer, bufferSize int, flushPeriod time.Duration) (*bufferedWriter, error) { - - if innerWriter == nil { - return nil, errors.New("argument is nil: innerWriter") - } - if flushPeriod < 0 { - return nil, fmt.Errorf("flushPeriod can not be less than 0. Got: %d", flushPeriod) - } - - if bufferSize <= 0 { - return nil, fmt.Errorf("bufferSize can not be less or equal to 0. Got: %d", bufferSize) - } - - buffer := bufio.NewWriterSize(innerWriter, bufferSize) - - /*if err != nil { - return nil, err - }*/ - - newWriter := new(bufferedWriter) - - newWriter.innerWriter = innerWriter - newWriter.buffer = buffer - newWriter.bufferSize = bufferSize - newWriter.flushPeriod = flushPeriod * 1e6 - newWriter.bufferMutex = new(sync.Mutex) - - if flushPeriod != 0 { - go newWriter.flushPeriodically() - } - - return newWriter, nil -} - -func (bufWriter *bufferedWriter) writeBigChunk(bytes []byte) (n int, err error) { - bufferedLen := bufWriter.buffer.Buffered() - - n, err = bufWriter.flushInner() - if err != nil { - return - } - - written, writeErr := bufWriter.innerWriter.Write(bytes) - return bufferedLen + written, writeErr -} - -// Sends data to buffer manager. Waits until all buffers are full. -func (bufWriter *bufferedWriter) Write(bytes []byte) (n int, err error) { - - bufWriter.bufferMutex.Lock() - defer bufWriter.bufferMutex.Unlock() - - bytesLen := len(bytes) - - if bytesLen > bufWriter.bufferSize { - return bufWriter.writeBigChunk(bytes) - } - - if bytesLen > bufWriter.buffer.Available() { - n, err = bufWriter.flushInner() - if err != nil { - return - } - } - - bufWriter.buffer.Write(bytes) - - return len(bytes), nil -} - -func (bufWriter *bufferedWriter) Close() error { - closer, ok := bufWriter.innerWriter.(io.Closer) - if ok { - return closer.Close() - } - - return nil -} - -func (bufWriter *bufferedWriter) Flush() { - - bufWriter.bufferMutex.Lock() - defer bufWriter.bufferMutex.Unlock() - - bufWriter.flushInner() -} - -func (bufWriter *bufferedWriter) flushInner() (n int, err error) { - bufferedLen := bufWriter.buffer.Buffered() - flushErr := bufWriter.buffer.Flush() - - return bufWriter.buffer.Buffered() - bufferedLen, flushErr -} - -func (bufWriter *bufferedWriter) flushBuffer() { - bufWriter.bufferMutex.Lock() - defer bufWriter.bufferMutex.Unlock() - - bufWriter.buffer.Flush() -} - -func (bufWriter *bufferedWriter) flushPeriodically() { - if bufWriter.flushPeriod > 0 { - ticker := time.NewTicker(bufWriter.flushPeriod) - for { - <-ticker.C - bufWriter.flushBuffer() - } - } -} - -func (bufWriter *bufferedWriter) String() string { - return fmt.Sprintf("bufferedWriter size: %d, flushPeriod: %d", bufWriter.bufferSize, bufWriter.flushPeriod) -} diff --git a/vendor/github.com/cihub/seelog/writers_connwriter.go b/vendor/github.com/cihub/seelog/writers_connwriter.go deleted file mode 100644 index d199894e..00000000 --- a/vendor/github.com/cihub/seelog/writers_connwriter.go +++ /dev/null @@ -1,144 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "crypto/tls" - "fmt" - "io" - "net" -) - -// connWriter is used to write to a stream-oriented network connection. -type connWriter struct { - innerWriter io.WriteCloser - reconnectOnMsg bool - reconnect bool - net string - addr string - useTLS bool - configTLS *tls.Config -} - -// Creates writer to the address addr on the network netName. -// Connection will be opened on each write if reconnectOnMsg = true -func NewConnWriter(netName string, addr string, reconnectOnMsg bool) *connWriter { - newWriter := new(connWriter) - - newWriter.net = netName - newWriter.addr = addr - newWriter.reconnectOnMsg = reconnectOnMsg - - return newWriter -} - -// Creates a writer that uses SSL/TLS -func newTLSWriter(netName string, addr string, reconnectOnMsg bool, config *tls.Config) *connWriter { - newWriter := new(connWriter) - - newWriter.net = netName - newWriter.addr = addr - newWriter.reconnectOnMsg = reconnectOnMsg - newWriter.useTLS = true - newWriter.configTLS = config - - return newWriter -} - -func (connWriter *connWriter) Close() error { - if connWriter.innerWriter == nil { - return nil - } - - return connWriter.innerWriter.Close() -} - -func (connWriter *connWriter) Write(bytes []byte) (n int, err error) { - if connWriter.neededConnectOnMsg() { - err = connWriter.connect() - if err != nil { - return 0, err - } - } - - if connWriter.reconnectOnMsg { - defer connWriter.innerWriter.Close() - } - - n, err = connWriter.innerWriter.Write(bytes) - if err != nil { - connWriter.reconnect = true - } - - return -} - -func (connWriter *connWriter) String() string { - return fmt.Sprintf("Conn writer: [%s, %s, %v]", connWriter.net, connWriter.addr, connWriter.reconnectOnMsg) -} - -func (connWriter *connWriter) connect() error { - if connWriter.innerWriter != nil { - connWriter.innerWriter.Close() - connWriter.innerWriter = nil - } - - if connWriter.useTLS { - conn, err := tls.Dial(connWriter.net, connWriter.addr, connWriter.configTLS) - if err != nil { - return err - } - connWriter.innerWriter = conn - - return nil - } - - conn, err := net.Dial(connWriter.net, connWriter.addr) - if err != nil { - return err - } - - tcpConn, ok := conn.(*net.TCPConn) - if ok { - tcpConn.SetKeepAlive(true) - } - - connWriter.innerWriter = conn - - return nil -} - -func (connWriter *connWriter) neededConnectOnMsg() bool { - if connWriter.reconnect { - connWriter.reconnect = false - return true - } - - if connWriter.innerWriter == nil { - return true - } - - return connWriter.reconnectOnMsg -} diff --git a/vendor/github.com/cihub/seelog/writers_consolewriter.go b/vendor/github.com/cihub/seelog/writers_consolewriter.go deleted file mode 100644 index 3eb79afa..00000000 --- a/vendor/github.com/cihub/seelog/writers_consolewriter.go +++ /dev/null @@ -1,47 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import "fmt" - -// consoleWriter is used to write to console -type consoleWriter struct { -} - -// Creates a new console writer. Returns error, if the console writer couldn't be created. -func NewConsoleWriter() (writer *consoleWriter, err error) { - newWriter := new(consoleWriter) - - return newWriter, nil -} - -// Create folder and file on WriteLog/Write first call -func (console *consoleWriter) Write(bytes []byte) (int, error) { - return fmt.Print(string(bytes)) -} - -func (console *consoleWriter) String() string { - return "Console writer" -} diff --git a/vendor/github.com/cihub/seelog/writers_filewriter.go b/vendor/github.com/cihub/seelog/writers_filewriter.go deleted file mode 100644 index 8d3ae270..00000000 --- a/vendor/github.com/cihub/seelog/writers_filewriter.go +++ /dev/null @@ -1,92 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "fmt" - "io" - "os" - "path/filepath" -) - -// fileWriter is used to write to a file. -type fileWriter struct { - innerWriter io.WriteCloser - fileName string -} - -// Creates a new file and a corresponding writer. Returns error, if the file couldn't be created. -func NewFileWriter(fileName string) (writer *fileWriter, err error) { - newWriter := new(fileWriter) - newWriter.fileName = fileName - - return newWriter, nil -} - -func (fw *fileWriter) Close() error { - if fw.innerWriter != nil { - err := fw.innerWriter.Close() - if err != nil { - return err - } - fw.innerWriter = nil - } - return nil -} - -// Create folder and file on WriteLog/Write first call -func (fw *fileWriter) Write(bytes []byte) (n int, err error) { - if fw.innerWriter == nil { - if err := fw.createFile(); err != nil { - return 0, err - } - } - return fw.innerWriter.Write(bytes) -} - -func (fw *fileWriter) createFile() error { - folder, _ := filepath.Split(fw.fileName) - var err error - - if 0 != len(folder) { - err = os.MkdirAll(folder, defaultDirectoryPermissions) - if err != nil { - return err - } - } - - // If exists - fw.innerWriter, err = os.OpenFile(fw.fileName, os.O_WRONLY|os.O_APPEND|os.O_CREATE, defaultFilePermissions) - - if err != nil { - return err - } - - return nil -} - -func (fw *fileWriter) String() string { - return fmt.Sprintf("File writer: %s", fw.fileName) -} diff --git a/vendor/github.com/cihub/seelog/writers_formattedwriter.go b/vendor/github.com/cihub/seelog/writers_formattedwriter.go deleted file mode 100644 index bf44a410..00000000 --- a/vendor/github.com/cihub/seelog/writers_formattedwriter.go +++ /dev/null @@ -1,62 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "errors" - "fmt" - "io" -) - -type formattedWriter struct { - writer io.Writer - formatter *formatter -} - -func NewFormattedWriter(writer io.Writer, formatter *formatter) (*formattedWriter, error) { - if formatter == nil { - return nil, errors.New("formatter can not be nil") - } - - return &formattedWriter{writer, formatter}, nil -} - -func (formattedWriter *formattedWriter) Write(message string, level LogLevel, context LogContextInterface) error { - str := formattedWriter.formatter.Format(message, level, context) - _, err := formattedWriter.writer.Write([]byte(str)) - return err -} - -func (formattedWriter *formattedWriter) String() string { - return fmt.Sprintf("writer: %s, format: %s", formattedWriter.writer, formattedWriter.formatter) -} - -func (formattedWriter *formattedWriter) Writer() io.Writer { - return formattedWriter.writer -} - -func (formattedWriter *formattedWriter) Format() *formatter { - return formattedWriter.formatter -} diff --git a/vendor/github.com/cihub/seelog/writers_rollingfilewriter.go b/vendor/github.com/cihub/seelog/writers_rollingfilewriter.go deleted file mode 100644 index 9535a579..00000000 --- a/vendor/github.com/cihub/seelog/writers_rollingfilewriter.go +++ /dev/null @@ -1,763 +0,0 @@ -// Copyright (c) 2013 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "fmt" - "io" - "io/ioutil" - "os" - "path/filepath" - "sort" - "strconv" - "strings" - "sync" - "time" - - "github.com/cihub/seelog/archive" - "github.com/cihub/seelog/archive/gzip" - "github.com/cihub/seelog/archive/tar" - "github.com/cihub/seelog/archive/zip" -) - -// Common constants -const ( - rollingLogHistoryDelimiter = "." -) - -// Types of the rolling writer: roll by date, by time, etc. -type rollingType uint8 - -const ( - rollingTypeSize = iota - rollingTypeTime -) - -// Types of the rolled file naming mode: prefix, postfix, etc. -type rollingNameMode uint8 - -const ( - rollingNameModePostfix = iota - rollingNameModePrefix -) - -var rollingNameModesStringRepresentation = map[rollingNameMode]string{ - rollingNameModePostfix: "postfix", - rollingNameModePrefix: "prefix", -} - -func rollingNameModeFromString(rollingNameStr string) (rollingNameMode, bool) { - for tp, tpStr := range rollingNameModesStringRepresentation { - if tpStr == rollingNameStr { - return tp, true - } - } - - return 0, false -} - -var rollingTypesStringRepresentation = map[rollingType]string{ - rollingTypeSize: "size", - rollingTypeTime: "date", -} - -func rollingTypeFromString(rollingTypeStr string) (rollingType, bool) { - for tp, tpStr := range rollingTypesStringRepresentation { - if tpStr == rollingTypeStr { - return tp, true - } - } - - return 0, false -} - -// Old logs archivation type. -type rollingArchiveType uint8 - -const ( - rollingArchiveNone = iota - rollingArchiveZip - rollingArchiveGzip -) - -var rollingArchiveTypesStringRepresentation = map[rollingArchiveType]string{ - rollingArchiveNone: "none", - rollingArchiveZip: "zip", - rollingArchiveGzip: "gzip", -} - -type archiver func(f *os.File, exploded bool) archive.WriteCloser - -type unarchiver func(f *os.File) (archive.ReadCloser, error) - -type compressionType struct { - extension string - handleMultipleEntries bool - archiver archiver - unarchiver unarchiver -} - -var compressionTypes = map[rollingArchiveType]compressionType{ - rollingArchiveZip: { - extension: ".zip", - handleMultipleEntries: true, - archiver: func(f *os.File, _ bool) archive.WriteCloser { - return zip.NewWriter(f) - }, - unarchiver: func(f *os.File) (archive.ReadCloser, error) { - fi, err := f.Stat() - if err != nil { - return nil, err - } - r, err := zip.NewReader(f, fi.Size()) - if err != nil { - return nil, err - } - return archive.NopCloser(r), nil - }, - }, - rollingArchiveGzip: { - extension: ".gz", - handleMultipleEntries: false, - archiver: func(f *os.File, exploded bool) archive.WriteCloser { - gw := gzip.NewWriter(f) - if exploded { - return gw - } - return tar.NewWriteMultiCloser(gw, gw) - }, - unarchiver: func(f *os.File) (archive.ReadCloser, error) { - gr, err := gzip.NewReader(f, f.Name()) - if err != nil { - return nil, err - } - - // Determine if the gzip is a tar - tr := tar.NewReader(gr) - _, err = tr.Next() - isTar := err == nil - - // Reset to beginning of file - if _, err := f.Seek(0, os.SEEK_SET); err != nil { - return nil, err - } - gr.Reset(f) - - if isTar { - return archive.NopCloser(tar.NewReader(gr)), nil - } - return gr, nil - }, - }, -} - -func (compressionType *compressionType) rollingArchiveTypeName(name string, exploded bool) string { - if !compressionType.handleMultipleEntries && !exploded { - return name + ".tar" + compressionType.extension - } else { - return name + compressionType.extension - } - -} - -func rollingArchiveTypeFromString(rollingArchiveTypeStr string) (rollingArchiveType, bool) { - for tp, tpStr := range rollingArchiveTypesStringRepresentation { - if tpStr == rollingArchiveTypeStr { - return tp, true - } - } - - return 0, false -} - -// Default names for different archive types -var rollingArchiveDefaultExplodedName = "old" - -func rollingArchiveTypeDefaultName(archiveType rollingArchiveType, exploded bool) (string, error) { - compressionType, ok := compressionTypes[archiveType] - if !ok { - return "", fmt.Errorf("cannot get default filename for archive type = %v", archiveType) - } - return compressionType.rollingArchiveTypeName("log", exploded), nil -} - -// rollerVirtual is an interface that represents all virtual funcs that are -// called in different rolling writer subtypes. -type rollerVirtual interface { - needsToRoll() bool // Returns true if needs to switch to another file. - isFileRollNameValid(rname string) bool // Returns true if logger roll file name (postfix/prefix/etc.) is ok. - sortFileRollNamesAsc(fs []string) ([]string, error) // Sorts logger roll file names in ascending order of their creation by logger. - - // getNewHistoryRollFileName is called whenever we are about to roll the - // current log file. It returns the name the current log file should be - // rolled to. - getNewHistoryRollFileName(otherHistoryFiles []string) string - - getCurrentFileName() string -} - -// rollingFileWriter writes received messages to a file, until time interval passes -// or file exceeds a specified limit. After that the current log file is renamed -// and writer starts to log into a new file. You can set a limit for such renamed -// files count, if you want, and then the rolling writer would delete older ones when -// the files count exceed the specified limit. -type rollingFileWriter struct { - fileName string // log file name - currentDirPath string - currentFile *os.File - currentName string - currentFileSize int64 - rollingType rollingType // Rolling mode (Files roll by size/date/...) - archiveType rollingArchiveType - archivePath string - archiveExploded bool - fullName bool - maxRolls int - nameMode rollingNameMode - self rollerVirtual // Used for virtual calls - rollLock sync.Mutex -} - -func newRollingFileWriter(fpath string, rtype rollingType, atype rollingArchiveType, apath string, maxr int, namemode rollingNameMode, - archiveExploded bool, fullName bool) (*rollingFileWriter, error) { - rw := new(rollingFileWriter) - rw.currentDirPath, rw.fileName = filepath.Split(fpath) - if len(rw.currentDirPath) == 0 { - rw.currentDirPath = "." - } - - rw.rollingType = rtype - rw.archiveType = atype - rw.archivePath = apath - rw.nameMode = namemode - rw.maxRolls = maxr - rw.archiveExploded = archiveExploded - rw.fullName = fullName - return rw, nil -} - -func (rw *rollingFileWriter) hasRollName(file string) bool { - switch rw.nameMode { - case rollingNameModePostfix: - rname := rw.fileName + rollingLogHistoryDelimiter - return strings.HasPrefix(file, rname) - case rollingNameModePrefix: - rname := rollingLogHistoryDelimiter + rw.fileName - return strings.HasSuffix(file, rname) - } - return false -} - -func (rw *rollingFileWriter) createFullFileName(originalName, rollname string) string { - switch rw.nameMode { - case rollingNameModePostfix: - return originalName + rollingLogHistoryDelimiter + rollname - case rollingNameModePrefix: - return rollname + rollingLogHistoryDelimiter + originalName - } - return "" -} - -func (rw *rollingFileWriter) getSortedLogHistory() ([]string, error) { - files, err := getDirFilePaths(rw.currentDirPath, nil, true) - if err != nil { - return nil, err - } - var validRollNames []string - for _, file := range files { - if rw.hasRollName(file) { - rname := rw.getFileRollName(file) - if rw.self.isFileRollNameValid(rname) { - validRollNames = append(validRollNames, rname) - } - } - } - sortedTails, err := rw.self.sortFileRollNamesAsc(validRollNames) - if err != nil { - return nil, err - } - validSortedFiles := make([]string, len(sortedTails)) - for i, v := range sortedTails { - validSortedFiles[i] = rw.createFullFileName(rw.fileName, v) - } - return validSortedFiles, nil -} - -func (rw *rollingFileWriter) createFileAndFolderIfNeeded(first bool) error { - var err error - - if len(rw.currentDirPath) != 0 { - err = os.MkdirAll(rw.currentDirPath, defaultDirectoryPermissions) - - if err != nil { - return err - } - } - rw.currentName = rw.self.getCurrentFileName() - filePath := filepath.Join(rw.currentDirPath, rw.currentName) - - // This will either open the existing file (without truncating it) or - // create if necessary. Append mode avoids any race conditions. - rw.currentFile, err = os.OpenFile(filePath, os.O_WRONLY|os.O_APPEND|os.O_CREATE, defaultFilePermissions) - if err != nil { - return err - } - - stat, err := rw.currentFile.Stat() - if err != nil { - rw.currentFile.Close() - rw.currentFile = nil - return err - } - - rw.currentFileSize = stat.Size() - return nil -} - -func (rw *rollingFileWriter) archiveExplodedLogs(logFilename string, compressionType compressionType) (err error) { - closeWithError := func(c io.Closer) { - if cerr := c.Close(); cerr != nil && err == nil { - err = cerr - } - } - - rollPath := filepath.Join(rw.currentDirPath, logFilename) - src, err := os.Open(rollPath) - if err != nil { - return err - } - defer src.Close() // Read-only - - // Buffer to a temporary file on the same partition - // Note: archivePath is a path to a directory when handling exploded logs - dst, err := rw.tempArchiveFile(rw.archivePath) - if err != nil { - return err - } - defer func() { - closeWithError(dst) - if err != nil { - os.Remove(dst.Name()) // Can't do anything when we fail to remove temp file - return - } - - // Finalize archive by swapping the buffered archive into place - err = os.Rename(dst.Name(), filepath.Join(rw.archivePath, - compressionType.rollingArchiveTypeName(logFilename, true))) - }() - - // archive entry - w := compressionType.archiver(dst, true) - defer closeWithError(w) - fi, err := src.Stat() - if err != nil { - return err - } - if err := w.NextFile(logFilename, fi); err != nil { - return err - } - _, err = io.Copy(w, src) - return err -} - -func (rw *rollingFileWriter) archiveUnexplodedLogs(compressionType compressionType, rollsToDelete int, history []string) (err error) { - closeWithError := func(c io.Closer) { - if cerr := c.Close(); cerr != nil && err == nil { - err = cerr - } - } - - // Buffer to a temporary file on the same partition - // Note: archivePath is a path to a file when handling unexploded logs - dst, err := rw.tempArchiveFile(filepath.Dir(rw.archivePath)) - if err != nil { - return err - } - defer func() { - closeWithError(dst) - if err != nil { - os.Remove(dst.Name()) // Can't do anything when we fail to remove temp file - return - } - - // Finalize archive by moving the buffered archive into place - err = os.Rename(dst.Name(), rw.archivePath) - }() - - w := compressionType.archiver(dst, false) - defer closeWithError(w) - - src, err := os.Open(rw.archivePath) - switch { - // Archive exists - case err == nil: - defer src.Close() // Read-only - - r, err := compressionType.unarchiver(src) - if err != nil { - return err - } - defer r.Close() // Read-only - - if err := archive.Copy(w, r); err != nil { - return err - } - - // Failed to stat - case !os.IsNotExist(err): - return err - } - - // Add new files to the archive - for i := 0; i < rollsToDelete; i++ { - rollPath := filepath.Join(rw.currentDirPath, history[i]) - src, err := os.Open(rollPath) - if err != nil { - return err - } - defer src.Close() // Read-only - fi, err := src.Stat() - if err != nil { - return err - } - if err := w.NextFile(src.Name(), fi); err != nil { - return err - } - if _, err := io.Copy(w, src); err != nil { - return err - } - } - return nil -} - -func (rw *rollingFileWriter) deleteOldRolls(history []string) error { - if rw.maxRolls <= 0 { - return nil - } - - rollsToDelete := len(history) - rw.maxRolls - if rollsToDelete <= 0 { - return nil - } - - if rw.archiveType != rollingArchiveNone { - if rw.archiveExploded { - os.MkdirAll(rw.archivePath, defaultDirectoryPermissions) - - // Archive logs - for i := 0; i < rollsToDelete; i++ { - rw.archiveExplodedLogs(history[i], compressionTypes[rw.archiveType]) - } - } else { - os.MkdirAll(filepath.Dir(rw.archivePath), defaultDirectoryPermissions) - - rw.archiveUnexplodedLogs(compressionTypes[rw.archiveType], rollsToDelete, history) - } - } - - var err error - // In all cases (archive files or not) the files should be deleted. - for i := 0; i < rollsToDelete; i++ { - // Try best to delete files without breaking the loop. - if err = tryRemoveFile(filepath.Join(rw.currentDirPath, history[i])); err != nil { - reportInternalError(err) - } - } - - return nil -} - -func (rw *rollingFileWriter) getFileRollName(fileName string) string { - switch rw.nameMode { - case rollingNameModePostfix: - return fileName[len(rw.fileName+rollingLogHistoryDelimiter):] - case rollingNameModePrefix: - return fileName[:len(fileName)-len(rw.fileName+rollingLogHistoryDelimiter)] - } - return "" -} - -func (rw *rollingFileWriter) roll() error { - // First, close current file. - err := rw.currentFile.Close() - if err != nil { - return err - } - rw.currentFile = nil - - // Current history of all previous log files. - // For file roller it may be like this: - // * ... - // * file.log.4 - // * file.log.5 - // * file.log.6 - // - // For date roller it may look like this: - // * ... - // * file.log.11.Aug.13 - // * file.log.15.Aug.13 - // * file.log.16.Aug.13 - // Sorted log history does NOT include current file. - history, err := rw.getSortedLogHistory() - if err != nil { - return err - } - // Renames current file to create a new roll history entry - // For file roller it may be like this: - // * ... - // * file.log.4 - // * file.log.5 - // * file.log.6 - // n file.log.7 <---- RENAMED (from file.log) - newHistoryName := rw.createFullFileName(rw.fileName, - rw.self.getNewHistoryRollFileName(history)) - - err = os.Rename(filepath.Join(rw.currentDirPath, rw.currentName), filepath.Join(rw.currentDirPath, newHistoryName)) - if err != nil { - return err - } - - // Finally, add the newly added history file to the history archive - // and, if after that the archive exceeds the allowed max limit, older rolls - // must the removed/archived. - history = append(history, newHistoryName) - if len(history) > rw.maxRolls { - err = rw.deleteOldRolls(history) - if err != nil { - return err - } - } - - return nil -} - -func (rw *rollingFileWriter) Write(bytes []byte) (n int, err error) { - rw.rollLock.Lock() - defer rw.rollLock.Unlock() - - if rw.self.needsToRoll() { - if err := rw.roll(); err != nil { - return 0, err - } - } - - if rw.currentFile == nil { - err := rw.createFileAndFolderIfNeeded(true) - if err != nil { - return 0, err - } - } - - n, err = rw.currentFile.Write(bytes) - rw.currentFileSize += int64(n) - return n, err -} - -func (rw *rollingFileWriter) Close() error { - if rw.currentFile != nil { - e := rw.currentFile.Close() - if e != nil { - return e - } - rw.currentFile = nil - } - return nil -} - -func (rw *rollingFileWriter) tempArchiveFile(archiveDir string) (*os.File, error) { - tmp := filepath.Join(archiveDir, ".seelog_tmp") - if err := os.MkdirAll(tmp, defaultDirectoryPermissions); err != nil { - return nil, err - } - return ioutil.TempFile(tmp, "archived_logs") -} - -// ============================================================================================= -// Different types of rolling writers -// ============================================================================================= - -// -------------------------------------------------- -// Rolling writer by SIZE -// -------------------------------------------------- - -// rollingFileWriterSize performs roll when file exceeds a specified limit. -type rollingFileWriterSize struct { - *rollingFileWriter - maxFileSize int64 -} - -func NewRollingFileWriterSize(fpath string, atype rollingArchiveType, apath string, maxSize int64, maxRolls int, namemode rollingNameMode, archiveExploded bool) (*rollingFileWriterSize, error) { - rw, err := newRollingFileWriter(fpath, rollingTypeSize, atype, apath, maxRolls, namemode, archiveExploded, false) - if err != nil { - return nil, err - } - rws := &rollingFileWriterSize{rw, maxSize} - rws.self = rws - return rws, nil -} - -func (rws *rollingFileWriterSize) needsToRoll() bool { - return rws.currentFileSize >= rws.maxFileSize -} - -func (rws *rollingFileWriterSize) isFileRollNameValid(rname string) bool { - if len(rname) == 0 { - return false - } - _, err := strconv.Atoi(rname) - return err == nil -} - -type rollSizeFileTailsSlice []string - -func (p rollSizeFileTailsSlice) Len() int { - return len(p) -} -func (p rollSizeFileTailsSlice) Less(i, j int) bool { - v1, _ := strconv.Atoi(p[i]) - v2, _ := strconv.Atoi(p[j]) - return v1 < v2 -} -func (p rollSizeFileTailsSlice) Swap(i, j int) { - p[i], p[j] = p[j], p[i] -} - -func (rws *rollingFileWriterSize) sortFileRollNamesAsc(fs []string) ([]string, error) { - ss := rollSizeFileTailsSlice(fs) - sort.Sort(ss) - return ss, nil -} - -func (rws *rollingFileWriterSize) getNewHistoryRollFileName(otherLogFiles []string) string { - v := 0 - if len(otherLogFiles) != 0 { - latest := otherLogFiles[len(otherLogFiles)-1] - v, _ = strconv.Atoi(rws.getFileRollName(latest)) - } - return fmt.Sprintf("%d", v+1) -} - -func (rws *rollingFileWriterSize) getCurrentFileName() string { - return rws.fileName -} - -func (rws *rollingFileWriterSize) String() string { - return fmt.Sprintf("Rolling file writer (By SIZE): filename: %s, archive: %s, archivefile: %s, maxFileSize: %v, maxRolls: %v", - rws.fileName, - rollingArchiveTypesStringRepresentation[rws.archiveType], - rws.archivePath, - rws.maxFileSize, - rws.maxRolls) -} - -// -------------------------------------------------- -// Rolling writer by TIME -// -------------------------------------------------- - -// rollingFileWriterTime performs roll when a specified time interval has passed. -type rollingFileWriterTime struct { - *rollingFileWriter - timePattern string - currentTimeFileName string -} - -func NewRollingFileWriterTime(fpath string, atype rollingArchiveType, apath string, maxr int, - timePattern string, namemode rollingNameMode, archiveExploded bool, fullName bool) (*rollingFileWriterTime, error) { - - rw, err := newRollingFileWriter(fpath, rollingTypeTime, atype, apath, maxr, namemode, archiveExploded, fullName) - if err != nil { - return nil, err - } - rws := &rollingFileWriterTime{rw, timePattern, ""} - rws.self = rws - return rws, nil -} - -func (rwt *rollingFileWriterTime) needsToRoll() bool { - newName := time.Now().Format(rwt.timePattern) - - if rwt.currentTimeFileName == "" { - // first run; capture the current name - rwt.currentTimeFileName = newName - return false - } - - return newName != rwt.currentTimeFileName -} - -func (rwt *rollingFileWriterTime) isFileRollNameValid(rname string) bool { - if len(rname) == 0 { - return false - } - _, err := time.ParseInLocation(rwt.timePattern, rname, time.Local) - return err == nil -} - -type rollTimeFileTailsSlice struct { - data []string - pattern string -} - -func (p rollTimeFileTailsSlice) Len() int { - return len(p.data) -} - -func (p rollTimeFileTailsSlice) Less(i, j int) bool { - t1, _ := time.ParseInLocation(p.pattern, p.data[i], time.Local) - t2, _ := time.ParseInLocation(p.pattern, p.data[j], time.Local) - return t1.Before(t2) -} - -func (p rollTimeFileTailsSlice) Swap(i, j int) { - p.data[i], p.data[j] = p.data[j], p.data[i] -} - -func (rwt *rollingFileWriterTime) sortFileRollNamesAsc(fs []string) ([]string, error) { - ss := rollTimeFileTailsSlice{data: fs, pattern: rwt.timePattern} - sort.Sort(ss) - return ss.data, nil -} - -func (rwt *rollingFileWriterTime) getNewHistoryRollFileName(_ []string) string { - newFileName := rwt.currentTimeFileName - rwt.currentTimeFileName = time.Now().Format(rwt.timePattern) - return newFileName -} - -func (rwt *rollingFileWriterTime) getCurrentFileName() string { - if rwt.fullName { - return rwt.createFullFileName(rwt.fileName, time.Now().Format(rwt.timePattern)) - } - return rwt.fileName -} - -func (rwt *rollingFileWriterTime) String() string { - return fmt.Sprintf("Rolling file writer (By TIME): filename: %s, archive: %s, archivefile: %s, pattern: %s, maxRolls: %v", - rwt.fileName, - rollingArchiveTypesStringRepresentation[rwt.archiveType], - rwt.archivePath, - rwt.timePattern, - rwt.maxRolls) -} diff --git a/vendor/github.com/cihub/seelog/writers_smtpwriter.go b/vendor/github.com/cihub/seelog/writers_smtpwriter.go deleted file mode 100644 index 31b79438..00000000 --- a/vendor/github.com/cihub/seelog/writers_smtpwriter.go +++ /dev/null @@ -1,214 +0,0 @@ -// Copyright (c) 2012 - Cloud Instruments Co., Ltd. -// -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions are met: -// -// 1. Redistributions of source code must retain the above copyright notice, this -// list of conditions and the following disclaimer. -// 2. Redistributions in binary form must reproduce the above copyright notice, -// this list of conditions and the following disclaimer in the documentation -// and/or other materials provided with the distribution. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -// ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND -// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -package seelog - -import ( - "crypto/tls" - "crypto/x509" - "errors" - "fmt" - "io/ioutil" - "net/smtp" - "path/filepath" - "strings" -) - -const ( - // Default subject phrase for sending emails. - DefaultSubjectPhrase = "Diagnostic message from server: " - - // Message subject pattern composed according to RFC 5321. - rfc5321SubjectPattern = "From: %s <%s>\nSubject: %s\n\n" -) - -// smtpWriter is used to send emails via given SMTP-server. -type smtpWriter struct { - auth smtp.Auth - hostName string - hostPort string - hostNameWithPort string - senderAddress string - senderName string - recipientAddresses []string - caCertDirPaths []string - mailHeaders []string - subject string -} - -// NewSMTPWriter returns a new SMTP-writer. -func NewSMTPWriter(sa, sn string, ras []string, hn, hp, un, pwd string, cacdps []string, subj string, headers []string) *smtpWriter { - return &smtpWriter{ - auth: smtp.PlainAuth("", un, pwd, hn), - hostName: hn, - hostPort: hp, - hostNameWithPort: fmt.Sprintf("%s:%s", hn, hp), - senderAddress: sa, - senderName: sn, - recipientAddresses: ras, - caCertDirPaths: cacdps, - subject: subj, - mailHeaders: headers, - } -} - -func prepareMessage(senderAddr, senderName, subject string, body []byte, headers []string) []byte { - headerLines := fmt.Sprintf(rfc5321SubjectPattern, senderName, senderAddr, subject) - // Build header lines if configured. - if headers != nil && len(headers) > 0 { - headerLines += strings.Join(headers, "\n") - headerLines += "\n" - } - return append([]byte(headerLines), body...) -} - -// getTLSConfig gets paths of PEM files with certificates, -// host server name and tries to create an appropriate TLS.Config. -func getTLSConfig(pemFileDirPaths []string, hostName string) (config *tls.Config, err error) { - if pemFileDirPaths == nil || len(pemFileDirPaths) == 0 { - err = errors.New("invalid PEM file paths") - return - } - pemEncodedContent := []byte{} - var ( - e error - bytes []byte - ) - // Create a file-filter-by-extension, set aside non-pem files. - pemFilePathFilter := func(fp string) bool { - if filepath.Ext(fp) == ".pem" { - return true - } - return false - } - for _, pemFileDirPath := range pemFileDirPaths { - pemFilePaths, err := getDirFilePaths(pemFileDirPath, pemFilePathFilter, false) - if err != nil { - return nil, err - } - - // Put together all the PEM files to decode them as a whole byte slice. - for _, pfp := range pemFilePaths { - if bytes, e = ioutil.ReadFile(pfp); e == nil { - pemEncodedContent = append(pemEncodedContent, bytes...) - } else { - return nil, fmt.Errorf("cannot read file: %s: %s", pfp, e.Error()) - } - } - } - config = &tls.Config{RootCAs: x509.NewCertPool(), ServerName: hostName} - isAppended := config.RootCAs.AppendCertsFromPEM(pemEncodedContent) - if !isAppended { - // Extract this into a separate error. - err = errors.New("invalid PEM content") - return - } - return -} - -// SendMail accepts TLS configuration, connects to the server at addr, -// switches to TLS if possible, authenticates with mechanism a if possible, -// and then sends an email from address from, to addresses to, with message msg. -func sendMailWithTLSConfig(config *tls.Config, addr string, a smtp.Auth, from string, to []string, msg []byte) error { - c, err := smtp.Dial(addr) - if err != nil { - return err - } - // Check if the server supports STARTTLS extension. - if ok, _ := c.Extension("STARTTLS"); ok { - if err = c.StartTLS(config); err != nil { - return err - } - } - // Check if the server supports AUTH extension and use given smtp.Auth. - if a != nil { - if isSupported, _ := c.Extension("AUTH"); isSupported { - if err = c.Auth(a); err != nil { - return err - } - } - } - // Portion of code from the official smtp.SendMail function, - // see http://golang.org/src/pkg/net/smtp/smtp.go. - if err = c.Mail(from); err != nil { - return err - } - for _, addr := range to { - if err = c.Rcpt(addr); err != nil { - return err - } - } - w, err := c.Data() - if err != nil { - return err - } - _, err = w.Write(msg) - if err != nil { - return err - } - err = w.Close() - if err != nil { - return err - } - return c.Quit() -} - -// Write pushes a text message properly composed according to RFC 5321 -// to a post server, which sends it to the recipients. -func (smtpw *smtpWriter) Write(data []byte) (int, error) { - var err error - - if smtpw.caCertDirPaths == nil { - err = smtp.SendMail( - smtpw.hostNameWithPort, - smtpw.auth, - smtpw.senderAddress, - smtpw.recipientAddresses, - prepareMessage(smtpw.senderAddress, smtpw.senderName, smtpw.subject, data, smtpw.mailHeaders), - ) - } else { - config, e := getTLSConfig(smtpw.caCertDirPaths, smtpw.hostName) - if e != nil { - return 0, e - } - err = sendMailWithTLSConfig( - config, - smtpw.hostNameWithPort, - smtpw.auth, - smtpw.senderAddress, - smtpw.recipientAddresses, - prepareMessage(smtpw.senderAddress, smtpw.senderName, smtpw.subject, data, smtpw.mailHeaders), - ) - } - if err != nil { - return 0, err - } - return len(data), nil -} - -// Close closes down SMTP-connection. -func (smtpw *smtpWriter) Close() error { - // Do nothing as Write method opens and closes connection automatically. - return nil -} diff --git a/vendor/github.com/coredns/caddy/.gitattributes b/vendor/github.com/coredns/caddy/.gitattributes deleted file mode 100644 index 0cfea0b8..00000000 --- a/vendor/github.com/coredns/caddy/.gitattributes +++ /dev/null @@ -1,21 +0,0 @@ -# shell scripts should not use tabs to indent! -*.bash text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -*.sh text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 - -# files for systemd (shell-similar) -*.path text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -*.service text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -*.timer text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 - -# go fmt will enforce this, but in case a user has not called "go fmt" allow GIT to catch this: -*.go text eol=lf core.whitespace whitespace=indent-with-non-tab,trailing-space,tabwidth=4 -go.mod text eol=lf -go.sum text eol=lf - -*.txt text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -*.tpl text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -*.htm text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -*.html text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -*.md text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -*.yml text eol=lf core.whitespace whitespace=tab-in-indent,trailing-space,tabwidth=2 -.git* text eol=auto core.whitespace whitespace=trailing-space diff --git a/vendor/github.com/coredns/caddy/.gitignore b/vendor/github.com/coredns/caddy/.gitignore deleted file mode 100644 index d996add1..00000000 --- a/vendor/github.com/coredns/caddy/.gitignore +++ /dev/null @@ -1,22 +0,0 @@ -.DS_Store -Thumbs.db -_gitignore/ -Vagrantfile -.vagrant/ -/.idea - -dist/builds/ -dist/release/ - -error.log -access.log - -/*.conf -Caddyfile -!caddyfile/ - -og_static/ - -.vscode/ - -*.bat diff --git a/vendor/github.com/coredns/caddy/LICENSE.txt b/vendor/github.com/coredns/caddy/LICENSE.txt deleted file mode 100644 index 8dada3ed..00000000 --- a/vendor/github.com/coredns/caddy/LICENSE.txt +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/coredns/caddy/README.md b/vendor/github.com/coredns/caddy/README.md deleted file mode 100644 index 71f4cd4c..00000000 --- a/vendor/github.com/coredns/caddy/README.md +++ /dev/null @@ -1,203 +0,0 @@ -THIS IS A FORK OF CADDY v1 - EVERYTHING IS STRIPPED EXCEPT THE PIECES NEEDED IN COREDNS. - -Issues are not enabled in this repository. Please raise any issues in coredns/coredns. - ---- - - -Caddy is a **production-ready** open-source web server that is fast, easy to use, and makes you more productive. - -Available for Windows, Mac, Linux, BSD, Solaris, and [Android](https://github.com/caddyserver/caddy/wiki/Running-Caddy-on-Android). - -

- Thanks to our special sponsor: -

- Relica - Cross-platform file backup to the cloud, local disks, or other computers -

- -## Menu - -- [Features](#features) -- [Install](#install) -- [Quick Start](#quick-start) -- [Running in Production](#running-in-production) -- [Contributing](#contributing) -- [Donors](#donors) -- [About the Project](#about-the-project) - -## Features - -- **Easy configuration** with the Caddyfile -- **Automatic HTTPS** on by default (via [Let's Encrypt](https://letsencrypt.org)) -- **HTTP/2** by default -- **Virtual hosting** so multiple sites just work -- Experimental **QUIC support** for cutting-edge transmissions -- TLS session ticket **key rotation** for more secure connections -- **Extensible with plugins** because a convenient web server is a helpful one -- **Runs anywhere** with **no external dependencies** (not even libc) - -[See a more complete list of features built into Caddy.](https://caddyserver.com/#features) On top of all those, Caddy does even more with plugins: choose which plugins you want at [download](https://caddyserver.com/download). - -Altogether, Caddy can do things other web servers simply cannot do. Its features and plugins save you time and mistakes, and will cheer you up. Your Caddy instance takes care of the details for you! - - -

- Powered by -
- CertMagic -

- - -## Install - -Caddy binaries have no dependencies and are available for every platform. Get Caddy any of these ways: - -- **[Download page](https://caddyserver.com/download)** (RECOMMENDED) allows you to customize your build in the browser -- **[Latest release](https://github.com/caddyserver/caddy/releases/latest)** for pre-built, vanilla binaries -- **[AWS Marketplace](https://aws.amazon.com/marketplace/pp/B07J1WNK75?qid=1539015041932&sr=0-1&ref_=srh_res_product_title&cl_spe=C)** makes it easy to deploy directly to your cloud environment. -Get Caddy on the AWS Marketplace - - -## Build - -To build from source you need **[Git](https://git-scm.com/downloads)** and **[Go](https://golang.org/doc/install)** (1.13 or newer). - -**To build Caddy without plugins:** - -- Run `go get github.com/caddyserver/caddy/caddy` - -Caddy will be installed to your `$GOPATH/bin` folder. - -With these instructions, the binary will not have embedded version information (see [golang/go#29228](https://github.com/golang/go/issues/29228)), but it is fine for a quick start. - -**To build Caddy with plugins (and with version information):** - -There is no need to modify the Caddy code to build it with plugins. We will create a simple Go module with our own `main()` that you can use to make custom Caddy builds. -- Create a new folder anywhere and within create a Go file (with an extension of `.go`, such as `main.go`) with the contents below, adjusting to import the plugins you want to include: -```go -package main - -import ( - "github.com/caddyserver/caddy/caddy/caddymain" - - // plug in plugins here, for example: - // _ "import/path/here" -) - -func main() { - // optional: disable telemetry - // caddymain.EnableTelemetry = false - caddymain.Run() -} -``` -3. `go mod init caddy` -4. Run `go get github.com/caddyserver/caddy` -5. `go install` will then create your binary at `$GOPATH/bin`, or `go build` will put it in the current directory. - -**To install Caddy's source code for development:** - -- Run `git clone https://github.com/caddyserver/caddy.git` in any folder (doesn't have to be in GOPATH). - -You can make changes to the source code from that clone and checkout any commit or tag you wish to develop on. - -When building from source, telemetry is enabled by default. You can disable it by changing `caddymain.EnableTelemetry = false` in run.go, or use the `-disabled-metrics` flag at runtime to disable only certain metrics. - - -## Quick Start - -To serve static files from the current working directory, run: - -``` -caddy -``` - -Caddy's default port is 2015, so open your browser to [http://localhost:2015](http://localhost:2015). - -### Go from 0 to HTTPS in 5 seconds - -If the `caddy` binary has permission to bind to low ports and your domain name's DNS records point to the machine you're on: - -``` -caddy -host example.com -``` - -This command serves static files from the current directory over HTTPS. Certificates are automatically obtained and renewed for you! Caddy is also automatically configuring ports 80 and 443 for you, and redirecting HTTP to HTTPS. Cool, huh? - -### Customizing your site - -To customize how your site is served, create a file named Caddyfile by your site and paste this into it: - -```plain -localhost - -push -browse -websocket /echo cat -ext .html -log /var/log/access.log -proxy /api 127.0.0.1:7005 -header /api Access-Control-Allow-Origin * -``` - -When you run `caddy` in that directory, it will automatically find and use that Caddyfile. - -This simple file enables server push (via Link headers), allows directory browsing (for folders without an index file), hosts a WebSocket echo server at /echo, serves clean URLs, logs requests to an access log, proxies all API requests to a backend on port 7005, and adds the coveted `Access-Control-Allow-Origin: *` header for all responses from the API. - -Wow! Caddy can do a lot with just a few lines. - -### Doing more with Caddy - -To host multiple sites and do more with the Caddyfile, please see the [Caddyfile tutorial](https://caddyserver.com/tutorial/caddyfile). - -Sites with qualifying hostnames are served over [HTTPS by default](https://caddyserver.com/docs/automatic-https). - -Caddy has a nice little command line interface. Run `caddy -h` to view basic help or see the [CLI documentation](https://caddyserver.com/docs/cli) for details. - - -## Running in Production - -Caddy is production-ready if you find it to be a good fit for your site and workflow. - -**Running as root:** We advise against this. You can still listen on ports < 1024 on Linux using setcap like so: `sudo setcap cap_net_bind_service=+ep ./caddy` - -The Caddy project does not officially maintain any system-specific integrations nor suggest how to administer your own system. But your download file includes [unofficial resources](https://github.com/caddyserver/caddy/tree/master/dist/init) contributed by the community that you may find helpful for running Caddy in production. - -How you choose to run Caddy is up to you. Many users are satisfied with `nohup caddy &`. Others use `screen`. Users who need Caddy to come back up after reboots either do so in the script that caused the reboot, add a command to an init script, or configure a service with their OS. - -If you have questions or concerns about Caddy' underlying crypto implementations, consult Go's [crypto packages](https://golang.org/pkg/crypto), starting with their documentation, then issues, then the code itself; as Caddy uses mainly those libraries. - - -## Contributing - -**[Join our forum](https://caddy.community) where you can chat with other Caddy users and developers!** To get familiar with the code base, try [Caddy code search on Sourcegraph](https://sourcegraph.com/github.com/caddyserver/caddy/)! - -Please see our [contributing guidelines](https://github.com/caddyserver/caddy/blob/master/.github/CONTRIBUTING.md) for instructions. If you want to write a plugin, check out the [developer wiki](https://github.com/caddyserver/caddy/wiki). - -We use GitHub issues and pull requests only for discussing bug reports and the development of specific changes. We welcome all other topics on the [forum](https://caddy.community)! - -If you want to contribute to the documentation, please [submit an issue](https://github.com/caddyserver/caddy/issues/new) describing the change that should be made. - -### Good First Issue - -If you are looking for somewhere to start and would like to help out by working on an existing issue, take a look at our [`Good First Issue`](https://github.com/caddyserver/caddy/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22) tag - -Thanks for making Caddy -- and the Web -- better! - - -## Donors - -- [DigitalOcean](https://m.do.co/c/6d7bdafccf96) is hosting the Caddy project. -- [DNSimple](https://dnsimple.link/resolving-caddy) provides DNS services for Caddy's sites. -- [DNS Spy](https://dnsspy.io) keeps an eye on Caddy's DNS properties. - -We thank them for their services. **If you want to help keep Caddy free, please [become a sponsor](https://github.com/sponsors/mholt)!** - - -## About the Project - -Caddy was born out of the need for a "batteries-included" web server that runs anywhere and doesn't have to take its configuration with it. Caddy took inspiration from [spark](https://github.com/rif/spark), [nginx](https://github.com/nginx/nginx), lighttpd, -[Websocketd](https://github.com/joewalnes/websocketd) and [Vagrant](https://www.vagrantup.com/), which provides a pleasant mixture of features from each of them. - -**The name "Caddy" is trademarked:** The name of the software is "Caddy", not "Caddy Server" or "CaddyServer". Please call it "Caddy" or, if you wish to clarify, "the Caddy web server". See [brand guidelines](https://caddyserver.com/brand). Caddy is a registered trademark of Light Code Labs, LLC. - -*Author on Twitter: [@mholt6](https://twitter.com/mholt6)* diff --git a/vendor/github.com/coredns/caddy/assets.go b/vendor/github.com/coredns/caddy/assets.go deleted file mode 100644 index 893653fe..00000000 --- a/vendor/github.com/coredns/caddy/assets.go +++ /dev/null @@ -1,48 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddy - -import ( - "os" - "path/filepath" - "runtime" -) - -// AssetsPath returns the path to the folder -// where the application may store data. If -// CADDYPATH env variable is set, that value -// is used. Otherwise, the path is the result -// of evaluating "$HOME/.caddy". -func AssetsPath() string { - if caddyPath := os.Getenv("CADDYPATH"); caddyPath != "" { - return caddyPath - } - return filepath.Join(userHomeDir(), ".caddy") -} - -// userHomeDir returns the user's home directory according to -// environment variables. -// -// Credit: http://stackoverflow.com/a/7922977/1048862 -func userHomeDir() string { - if runtime.GOOS == "windows" { - home := os.Getenv("HOMEDRIVE") + os.Getenv("HOMEPATH") - if home == "" { - home = os.Getenv("USERPROFILE") - } - return home - } - return os.Getenv("HOME") -} diff --git a/vendor/github.com/coredns/caddy/caddy.go b/vendor/github.com/coredns/caddy/caddy.go deleted file mode 100644 index a868ae06..00000000 --- a/vendor/github.com/coredns/caddy/caddy.go +++ /dev/null @@ -1,1043 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Copyright 2024 MWS -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package caddy implements the Caddy server manager. -// -// To use this package: -// -// 1. Set the AppName and AppVersion variables. -// 2. Call LoadCaddyfile() to get the Caddyfile. -// Pass in the name of the server type (like "http"). -// Make sure the server type's package is imported -// (import _ "github.com/coredns/caddy/caddyhttp"). -// 3. Call caddy.Start() to start Caddy. You get back -// an Instance, on which you can call Restart() to -// restart it or Stop() to stop it. -// -// You should call Wait() on your instance to wait for -// all servers to quit before your process exits. -package caddy - -import ( - "bytes" - "encoding/gob" - "fmt" - "io" - "io/ioutil" - "log" - "net" - "os" - "strconv" - "strings" - "sync" - "time" - - "github.com/coredns/caddy/caddyfile" -) - -// Configurable application parameters -var ( - // AppName is the name of the application. - AppName string - - // AppVersion is the version of the application. - AppVersion string - - // Quiet mode will not show any informative output on initialization. - Quiet bool - - // PidFile is the path to the pidfile to create. - PidFile string - - // GracefulTimeout is the maximum duration of a graceful shutdown. - GracefulTimeout time.Duration - - // isUpgrade will be set to true if this process - // was started as part of an upgrade, where a parent - // Caddy process started this one. - isUpgrade = os.Getenv("CADDY__UPGRADE") == "1" - - // started will be set to true when the first - // instance is started; it never gets set to - // false after that. - started bool - - // mu protects the variables 'isUpgrade' and 'started'. - mu sync.Mutex -) - -func init() { - OnProcessExit = append(OnProcessExit, func() { - if PidFile != "" { - os.Remove(PidFile) - } - }) -} - -// Instance contains the state of servers created as a result of -// calling Start and can be used to access or control those servers. -// It is literally an instance of a server type. Instance values -// should NOT be copied. Use *Instance for safety. -type Instance struct { - // serverType is the name of the instance's server type - serverType string - - // caddyfileInput is the input configuration text used for this process - caddyfileInput Input - - // wg is used to wait for all servers to shut down - wg *sync.WaitGroup - - // context is the context created for this instance, - // used to coordinate the setting up of the server type - context Context - - // servers is the list of servers with their listeners - servers []ServerListener - - // these callbacks execute when certain events occur - OnFirstStartup []func() error // starting, not as part of a restart - OnStartup []func() error // starting, even as part of a restart - OnRestart []func() error // before restart commences - OnRestartFailed []func() error // if restart failed - OnShutdown []func() error // stopping, even as part of a restart - OnFinalShutdown []func() error // stopping, not as part of a restart - - // storing values on an instance is preferable to - // global state because these will get garbage- - // collected after in-process reloads when the - // old instances are destroyed; use StorageMu - // to access this value safely - Storage map[interface{}]interface{} - StorageMu sync.RWMutex -} - -// Instances returns the list of instances. -func Instances() []*Instance { - return instances -} - -// Servers returns the ServerListeners in i. -func (i *Instance) Servers() []ServerListener { return i.servers } - -// Stop stops all servers contained in i. It does NOT -// execute shutdown callbacks. -func (i *Instance) Stop() error { - // stop the servers - for _, s := range i.servers { - if gs, ok := s.server.(GracefulServer); ok { - if err := gs.Stop(); err != nil { - log.Printf("[ERROR] Stopping %s: %v", gs.Address(), err) - } - } - } - - // splice i out of instance list, causing it to be garbage-collected - instancesMu.Lock() - for j, other := range instances { - if other == i { - instances = append(instances[:j], instances[j+1:]...) - break - } - } - instancesMu.Unlock() - - return nil -} - -// ShutdownCallbacks executes all the shutdown callbacks of i, -// including ones that are scheduled only for the final shutdown -// of i. An error returned from one does not stop execution of -// the rest. All the non-nil errors will be returned. -func (i *Instance) ShutdownCallbacks() []error { - var errs []error - for _, shutdownFunc := range i.OnShutdown { - err := shutdownFunc() - if err != nil { - errs = append(errs, err) - } - } - for _, finalShutdownFunc := range i.OnFinalShutdown { - err := finalShutdownFunc() - if err != nil { - errs = append(errs, err) - } - } - return errs -} - -// Restart replaces the servers in i with new servers created from -// executing the newCaddyfile. Upon success, it returns the new -// instance to replace i. Upon failure, i will not be replaced. -func (i *Instance) Restart(newCaddyfile Input) (*Instance, error) { - log.Println("[INFO] Reloading") - - i.wg.Add(1) - defer i.wg.Done() - - var err error - // if something went wrong on restart then run onRestartFailed callbacks - defer func() { - r := recover() - if err != nil || r != nil { - for _, fn := range i.OnRestartFailed { - if err := fn(); err != nil { - log.Printf("[ERROR] Restart failed callback returned error: %v", err) - } - } - if err != nil { - log.Printf("[ERROR] Restart failed: %v", err) - } - if r != nil { - log.Printf("[PANIC] Restart: %v", r) - } - } - }() - - // run restart callbacks - for _, fn := range i.OnRestart { - err = fn() - if err != nil { - return i, err - } - } - - if newCaddyfile == nil { - newCaddyfile = i.caddyfileInput - } - - // Add file descriptors of all the sockets that are capable of it - restartFds := make(map[string][]restartTriple) - for _, s := range i.servers { - gs, srvOk := s.server.(GracefulServer) - ln, lnOk := s.listener.(Listener) - pc, pcOk := s.packet.(PacketConn) - if srvOk { - if lnOk && pcOk { - restartFds[gs.Address()] = append(restartFds[gs.Address()], restartTriple{server: gs, listener: ln, packet: pc}) - continue - } - if lnOk { - restartFds[gs.Address()] = append(restartFds[gs.Address()], restartTriple{server: gs, listener: ln}) - continue - } - if pcOk { - restartFds[gs.Address()] = append(restartFds[gs.Address()], restartTriple{server: gs, packet: pc}) - continue - } - } - } - - // create new instance; if the restart fails, it is simply discarded - newInst := &Instance{serverType: newCaddyfile.ServerType(), wg: i.wg, Storage: make(map[interface{}]interface{})} - - // attempt to start new instance - err = startWithListenerFds(newCaddyfile, newInst, restartFds) - if err != nil { - return i, fmt.Errorf("starting with listener file descriptors: %v", err) - } - - // success! stop the old instance - err = i.Stop() - if err != nil { - return i, err - } - for _, shutdownFunc := range i.OnShutdown { - err = shutdownFunc() - if err != nil { - return i, err - } - } - - // Execute instantiation events - EmitEvent(InstanceStartupEvent, newInst) - - log.Println("[INFO] Reloading complete") - - return newInst, nil -} - -// SaveServer adds s and its associated listener ln to the -// internally-kept list of servers that is running. For -// saved servers, graceful restarts will be provided. -func (i *Instance) SaveServer(s Server, ln net.Listener) { - i.servers = append(i.servers, ServerListener{server: s, listener: ln}) -} - -// TCPServer is a type that can listen and serve connections. -// A TCPServer must associate with exactly zero or one net.Listeners. -type TCPServer interface { - // Listen starts listening by creating a new listener - // and returning it. It does not start accepting - // connections. For UDP-only servers, this method - // can be a no-op that returns (nil, nil). - Listen() (net.Listener, error) - - // Serve starts serving using the provided listener. - // Serve must start the server loop nearly immediately, - // or at least not return any errors before the server - // loop begins. Serve blocks indefinitely, or in other - // words, until the server is stopped. For UDP-only - // servers, this method can be a no-op that returns nil. - Serve(net.Listener) error -} - -// UDPServer is a type that can listen and serve packets. -// A UDPServer must associate with exactly zero or one net.PacketConns. -type UDPServer interface { - // ListenPacket starts listening by creating a new packetconn - // and returning it. It does not start accepting connections. - // TCP-only servers may leave this method blank and return - // (nil, nil). - ListenPacket() (net.PacketConn, error) - - // ServePacket starts serving using the provided packetconn. - // ServePacket must start the server loop nearly immediately, - // or at least not return any errors before the server - // loop begins. ServePacket blocks indefinitely, or in other - // words, until the server is stopped. For TCP-only servers, - // this method can be a no-op that returns nil. - ServePacket(net.PacketConn) error -} - -// Server is a type that can listen and serve. It supports both -// TCP and UDP, although the UDPServer interface can be used -// for more than just UDP. -// -// If the server uses TCP, it should implement TCPServer completely. -// If it uses UDP or some other protocol, it should implement -// UDPServer completely. If it uses both, both interfaces should be -// fully implemented. Any unimplemented methods should be made as -// no-ops that simply return nil values. -type Server interface { - TCPServer - UDPServer -} - -// Stopper is a type that can stop serving. The stop -// does not necessarily have to be graceful. -type Stopper interface { - // Stop stops the server. It blocks until the - // server is completely stopped. - Stop() error -} - -// GracefulServer is a Server and Stopper, the stopping -// of which is graceful (whatever that means for the kind -// of server being implemented). It must be able to return -// the address it is configured to listen on so that its -// listener can be paired with it upon graceful restarts. -// The net.Listener that a GracefulServer creates must -// implement the Listener interface for restarts to be -// graceful (assuming the listener is for TCP). -type GracefulServer interface { - Server - Stopper - - // Address returns the address the server should - // listen on; it is used to pair the server to - // its listener during a graceful/zero-downtime - // restart. Thus when implementing this method, - // you must not access a listener to get the - // address; you must store the address the - // server is to serve on some other way. - Address() string - - // WrapListener wraps a listener with the - // listener middlewares configured for this - // server, if any. - WrapListener(net.Listener) net.Listener -} - -// Listener is a net.Listener with an underlying file descriptor. -// A server's listener should implement this interface if it is -// to support zero-downtime reloads. -type Listener interface { - net.Listener - File() (*os.File, error) -} - -// PacketConn is a net.PacketConn with an underlying file descriptor. -// A server's packetconn should implement this interface if it is -// to support zero-downtime reloads (in sofar this holds true for datagram -// connections). -type PacketConn interface { - net.PacketConn - File() (*os.File, error) -} - -// AfterStartup is an interface that can be implemented -// by a server type that wants to run some code after all -// servers for the same Instance have started. -type AfterStartup interface { - OnStartupComplete() -} - -// LoadCaddyfile loads a Caddyfile by calling the plugged in -// Caddyfile loader methods. An error is returned if more than -// one loader returns a non-nil Caddyfile input. If no loaders -// load a Caddyfile, the default loader is used. If no default -// loader is registered or it returns nil, the server type's -// default Caddyfile is loaded. If the server type does not -// specify any default Caddyfile value, then an empty Caddyfile -// is returned. Consequently, this function never returns a nil -// value as long as there are no errors. -func LoadCaddyfile(serverType string) (Input, error) { - // If we are finishing an upgrade, we must obtain the Caddyfile - // from our parent process, regardless of configured loaders. - if IsUpgrade() { - err := gob.NewDecoder(os.Stdin).Decode(&loadedGob) - if err != nil { - return nil, err - } - return loadedGob.Caddyfile, nil - } - - // Ask plugged-in loaders for a Caddyfile - cdyfile, err := loadCaddyfileInput(serverType) - if err != nil { - return nil, err - } - - // Otherwise revert to default - if cdyfile == nil { - cdyfile = DefaultInput(serverType) - } - - // Still nil? Geez. - if cdyfile == nil { - cdyfile = CaddyfileInput{ServerTypeName: serverType} - } - - return cdyfile, nil -} - -// Wait blocks until all of i's servers have stopped. -func (i *Instance) Wait() { - i.wg.Wait() -} - -// CaddyfileFromPipe loads the Caddyfile input from f if f is -// not interactive input. f is assumed to be a pipe or stream, -// such as os.Stdin. If f is not a pipe, no error is returned -// but the Input value will be nil. An error is only returned -// if there was an error reading the pipe, even if the length -// of what was read is 0. -func CaddyfileFromPipe(f *os.File, serverType string) (Input, error) { - fi, err := f.Stat() - if err == nil && fi.Mode()&os.ModeCharDevice == 0 { - // Note that a non-nil error is not a problem. Windows - // will not create a stdin if there is no pipe, which - // produces an error when calling Stat(). But Unix will - // make one either way, which is why we also check that - // bitmask. - // NOTE: Reading from stdin after this fails (e.g. for the let's encrypt email address) (OS X) - confBody, err := ioutil.ReadAll(f) - if err != nil { - return nil, err - } - return CaddyfileInput{ - Contents: confBody, - Filepath: f.Name(), - ServerTypeName: serverType, - }, nil - } - - // not having input from the pipe is not itself an error, - // just means no input to return. - return nil, nil -} - -// Caddyfile returns the Caddyfile used to create i. -func (i *Instance) Caddyfile() Input { - return i.caddyfileInput -} - -// Start starts Caddy with the given Caddyfile. -// -// This function blocks until all the servers are listening. -func Start(cdyfile Input) (*Instance, error) { - inst := &Instance{serverType: cdyfile.ServerType(), wg: new(sync.WaitGroup), Storage: make(map[interface{}]interface{})} - err := startWithListenerFds(cdyfile, inst, nil) - if err != nil { - return inst, err - } - signalSuccessToParent() - if pidErr := writePidFile(); pidErr != nil { - log.Printf("[ERROR] Could not write pidfile: %v", pidErr) - } - - // Execute instantiation events - EmitEvent(InstanceStartupEvent, inst) - - return inst, nil -} - -func startWithListenerFds(cdyfile Input, inst *Instance, restartFds map[string][]restartTriple) error { - // save this instance in the list now so that - // plugins can access it if need be, for example - // the caddytls package, so it can perform cert - // renewals while starting up; we just have to - // remove the instance from the list later if - // it fails - instancesMu.Lock() - instances = append(instances, inst) - instancesMu.Unlock() - var err error - defer func() { - if err != nil { - instancesMu.Lock() - for i, otherInst := range instances { - if otherInst == inst { - instances = append(instances[:i], instances[i+1:]...) - break - } - } - instancesMu.Unlock() - } - }() - - if cdyfile == nil { - cdyfile = CaddyfileInput{} - } - - err = ValidateAndExecuteDirectives(cdyfile, inst, false) - if err != nil { - return err - } - - slist, err := inst.context.MakeServers() - if err != nil { - return err - } - - // run startup callbacks - if !IsUpgrade() && restartFds == nil { - // first startup means not a restart or upgrade - for _, firstStartupFunc := range inst.OnFirstStartup { - err = firstStartupFunc() - if err != nil { - return err - } - } - } - for _, startupFunc := range inst.OnStartup { - err = startupFunc() - if err != nil { - return err - } - } - - err = startServers(slist, inst, restartFds) - if err != nil { - return err - } - - // run any AfterStartup callbacks if this is not - // part of a restart; then show file descriptor notice - if restartFds == nil { - for _, srvln := range inst.servers { - if srv, ok := srvln.server.(AfterStartup); ok { - srv.OnStartupComplete() - } - } - if !Quiet { - for _, srvln := range inst.servers { - // only show FD notice if the listener is not nil. - // This can happen when only serving UDP or TCP - if srvln.listener == nil { - continue - } - if !IsLoopback(srvln.listener.Addr().String()) { - checkFdlimit() - break - } - } - } - } - - mu.Lock() - started = true - mu.Unlock() - - return nil -} - -// ValidateAndExecuteDirectives will load the server blocks from cdyfile -// by parsing it, then execute the directives configured by it and store -// the resulting server blocks into inst. If justValidate is true, parse -// callbacks will not be executed between directives, since the purpose -// is only to check the input for valid syntax. -func ValidateAndExecuteDirectives(cdyfile Input, inst *Instance, justValidate bool) error { - // If parsing only inst will be nil, create an instance for this function call only. - if justValidate { - inst = &Instance{serverType: cdyfile.ServerType(), wg: new(sync.WaitGroup), Storage: make(map[interface{}]interface{})} - } - - stypeName := cdyfile.ServerType() - - stype, err := getServerType(stypeName) - if err != nil { - return err - } - - inst.caddyfileInput = cdyfile - - sblocks, err := loadServerBlocks(stypeName, cdyfile.Path(), bytes.NewReader(cdyfile.Body())) - if err != nil { - return err - } - - inst.context = stype.NewContext(inst) - if inst.context == nil { - return fmt.Errorf("server type %s produced a nil Context", stypeName) - } - - sblocks, err = inst.context.InspectServerBlocks(cdyfile.Path(), sblocks) - if err != nil { - return fmt.Errorf("error inspecting server blocks: %v", err) - } - - return executeDirectives(inst, cdyfile.Path(), stype.Directives(), sblocks, justValidate) -} - -func executeDirectives(inst *Instance, filename string, - directives []string, sblocks []caddyfile.ServerBlock, justValidate bool) error { - // map of server block ID to map of directive name to whatever. - storages := make(map[int]map[string]interface{}) - - // It is crucial that directives are executed in the proper order. - // We loop with the directives on the outer loop so we execute - // a directive for all server blocks before going to the next directive. - // This is important mainly due to the parsing callbacks (below). - for _, dir := range directives { - for i, sb := range sblocks { - var once sync.Once - if _, ok := storages[i]; !ok { - storages[i] = make(map[string]interface{}) - } - - for j, key := range sb.Keys { - // Execute directive if it is in the server block - if tokens, ok := sb.Tokens[dir]; ok { - controller := &Controller{ - instance: inst, - Key: key, - Dispenser: caddyfile.NewDispenserTokens(filename, tokens), - OncePerServerBlock: func(f func() error) error { - var err error - once.Do(func() { - err = f() - }) - return err - }, - ServerBlockIndex: i, - ServerBlockKeyIndex: j, - ServerBlockKeys: sb.Keys, - ServerBlockStorage: storages[i][dir], - } - - // only set up directives for the first key in a block - if j > 0 { - continue - } - - setup, err := DirectiveAction(inst.serverType, dir) - if err != nil { - return err - } - - err = setup(controller) - if err != nil { - return err - } - - storages[i][dir] = controller.ServerBlockStorage // persist for this server block - } - } - } - - if !justValidate { - // See if there are any callbacks to execute after this directive - if allCallbacks, ok := parsingCallbacks[inst.serverType]; ok { - callbacks := allCallbacks[dir] - for _, callback := range callbacks { - if err := callback(inst.context); err != nil { - return err - } - } - } - } - } - - return nil -} - -func startServers(serverList []Server, inst *Instance, restartFds map[string][]restartTriple) error { - errChan := make(chan error, len(serverList)) - - // used for signaling to error logging goroutine to terminate - stopChan := make(chan struct{}) - // used to track termination of servers - stopWg := &sync.WaitGroup{} - - for _, s := range serverList { - var ( - ln net.Listener - pc net.PacketConn - err error - ) - - // if performing an upgrade, obtain listener file descriptors - // from parent process - if IsUpgrade() { - if gs, ok := s.(GracefulServer); ok { - addr := gs.Address() - if fdIndex, ok := loadedGob.ListenerFds["tcp"+addr]; ok { - file := os.NewFile(fdIndex, "") - ln, err = net.FileListener(file) - if err != nil { - return fmt.Errorf("making listener from file: %v", err) - } - err = file.Close() - if err != nil { - return fmt.Errorf("closing copy of listener file: %v", err) - } - } - if fdIndex, ok := loadedGob.ListenerFds["udp"+addr]; ok { - file := os.NewFile(fdIndex, "") - pc, err = net.FilePacketConn(file) - if err != nil { - return fmt.Errorf("making packet connection from file: %v", err) - } - err = file.Close() - if err != nil { - return fmt.Errorf("closing copy of packet connection file: %v", err) - } - } - ln = gs.WrapListener(ln) - } - } - - // If this is a reload and s is a GracefulServer, - // reuse the listener for a graceful restart. - if gs, ok := s.(GracefulServer); ok && restartFds != nil { - addr := gs.Address() - // Multiple servers may use the same addr (SO_REUSEPORT option set), so it's important to ensure - // that we don't reuse the same listener/packetconn. - // We'll create new listeners in case there are no more available triples for the same address. - if triples, ok := restartFds[addr]; ok && len(triples) > 0 { - // Take first available triple - old := triples[0] - // Remove reused triple from restartFds - triples[0] = triples[len(triples)-1] - restartFds[addr] = triples[:len(triples)-1] - - // listener - if old.listener != nil { - file, err := old.listener.File() - if err != nil { - return fmt.Errorf("getting old listener file: %v", err) - } - ln, err = net.FileListener(file) - if err != nil { - return fmt.Errorf("getting file listener: %v", err) - } - err = file.Close() - if err != nil { - return fmt.Errorf("closing copy of listener file: %v", err) - } - } - // packetconn - if old.packet != nil { - file, err := old.packet.File() - if err != nil { - return fmt.Errorf("getting old packet file: %v", err) - } - pc, err = net.FilePacketConn(file) - if err != nil { - return fmt.Errorf("getting file packet connection: %v", err) - } - err = file.Close() - if err != nil { - return fmt.Errorf("close copy of packet file: %v", err) - } - } - ln = gs.WrapListener(ln) - } - } - - if ln == nil { - ln, err = s.Listen() - if err != nil { - return fmt.Errorf("Listen: %v", err) - } - } - if pc == nil { - pc, err = s.ListenPacket() - if err != nil { - return fmt.Errorf("ListenPacket: %v", err) - } - } - - inst.servers = append(inst.servers, ServerListener{server: s, listener: ln, packet: pc}) - } - - for _, s := range inst.servers { - inst.wg.Add(2) - stopWg.Add(2) - func(s Server, ln net.Listener, pc net.PacketConn, inst *Instance) { - go func() { - defer func() { - inst.wg.Done() - stopWg.Done() - }() - errChan <- s.Serve(ln) - }() - - go func() { - defer func() { - inst.wg.Done() - stopWg.Done() - }() - errChan <- s.ServePacket(pc) - }() - }(s.server, s.listener, s.packet, inst) - } - - // Log errors that may be returned from Serve() calls, - // these errors should only be occurring in the server loop. - go func() { - for { - select { - case err := <-errChan: - if err != nil { - if !strings.Contains(err.Error(), "use of closed network connection") { - // this error is normal when closing the listener; see https://github.com/golang/go/issues/4373 - log.Println(err) - } - } - case <-stopChan: - return - } - } - }() - - go func() { - stopWg.Wait() - stopChan <- struct{}{} - }() - - return nil -} - -func getServerType(serverType string) (ServerType, error) { - stype, ok := serverTypes[serverType] - if ok { - return stype, nil - } - if len(serverTypes) == 0 { - return ServerType{}, fmt.Errorf("no server types plugged in") - } - if serverType == "" { - if len(serverTypes) == 1 { - for _, stype := range serverTypes { - return stype, nil - } - } - return ServerType{}, fmt.Errorf("multiple server types available; must choose one") - } - return ServerType{}, fmt.Errorf("unknown server type '%s'", serverType) -} - -func loadServerBlocks(serverType, filename string, input io.Reader) ([]caddyfile.ServerBlock, error) { - validDirectives := ValidDirectives(serverType) - serverBlocks, err := caddyfile.Parse(filename, input, validDirectives) - if err != nil { - return nil, err - } - if len(serverBlocks) == 0 && serverTypes[serverType].DefaultInput != nil { - newInput := serverTypes[serverType].DefaultInput() - serverBlocks, err = caddyfile.Parse(newInput.Path(), - bytes.NewReader(newInput.Body()), validDirectives) - if err != nil { - return nil, err - } - } - return serverBlocks, nil -} - -// Stop stops ALL servers. It blocks until they are all stopped. -// It does NOT execute shutdown callbacks, and it deletes all -// instances after stopping is completed. Do not re-use any -// references to old instances after calling Stop. -func Stop() error { - // This awkward for loop is to avoid a deadlock since - // inst.Stop() also acquires the instancesMu lock. - for { - instancesMu.Lock() - if len(instances) == 0 { - instancesMu.Unlock() - break - } - inst := instances[0] - instancesMu.Unlock() - // Increase the instance waitgroup so that the last wait() call in - // caddymain/run.go blocks until this server instance has shut down - inst.wg.Add(1) - defer inst.wg.Done() - if err := inst.Stop(); err != nil { - log.Printf("[ERROR] Stopping %s: %v", inst.serverType, err) - } - } - return nil -} - -// IsLoopback returns true if the hostname of addr looks -// explicitly like a common local hostname. addr must only -// be a host or a host:port combination. -func IsLoopback(addr string) bool { - host, _, err := net.SplitHostPort(strings.ToLower(addr)) - if err != nil { - host = addr // happens if the addr is just a hostname - } - return host == "localhost" || - strings.Trim(host, "[]") == "::1" || - strings.HasPrefix(host, "127.") -} - -// IsInternal returns true if the IP of addr -// belongs to a private network IP range. addr must only -// be an IP or an IP:port combination. -// Loopback addresses are considered false. -func IsInternal(addr string) bool { - privateNetworks := []string{ - "10.0.0.0/8", - "172.16.0.0/12", - "192.168.0.0/16", - "fc00::/7", - } - - host, _, err := net.SplitHostPort(addr) - if err != nil { - host = addr // happens if the addr is just a hostname, missing port - // if we encounter an error, the brackets need to be stripped - // because SplitHostPort didn't do it for us - host = strings.Trim(host, "[]") - } - ip := net.ParseIP(host) - if ip == nil { - return false - } - for _, privateNetwork := range privateNetworks { - _, ipnet, _ := net.ParseCIDR(privateNetwork) - if ipnet.Contains(ip) { - return true - } - } - return false -} - -// Started returns true if at least one instance has been -// started by this package. It never gets reset to false -// once it is set to true. -func Started() bool { - mu.Lock() - defer mu.Unlock() - return started -} - -// CaddyfileInput represents a Caddyfile as input -// and is simply a convenient way to implement -// the Input interface. -type CaddyfileInput struct { - Filepath string - Contents []byte - ServerTypeName string -} - -// Body returns c.Contents. -func (c CaddyfileInput) Body() []byte { return c.Contents } - -// Path returns c.Filepath. -func (c CaddyfileInput) Path() string { return c.Filepath } - -// ServerType returns c.ServerType. -func (c CaddyfileInput) ServerType() string { return c.ServerTypeName } - -// Input represents a Caddyfile; its contents and file path -// (which should include the file name at the end of the path). -// If path does not apply (e.g. piped input) you may use -// any understandable value. The path is mainly used for logging, -// error messages, and debugging. -type Input interface { - // Gets the Caddyfile contents - Body() []byte - - // Gets the path to the origin file - Path() string - - // The type of server this input is intended for - ServerType() string -} - -// DefaultInput returns the default Caddyfile input -// to use when it is otherwise empty or missing. -// It uses the default host and port (depends on -// host, e.g. localhost is 2015, otherwise 443) and -// root. -func DefaultInput(serverType string) Input { - if _, ok := serverTypes[serverType]; !ok { - return nil - } - if serverTypes[serverType].DefaultInput == nil { - return nil - } - return serverTypes[serverType].DefaultInput() -} - -// writePidFile writes the process ID to the file at PidFile. -// It does nothing if PidFile is not set. -func writePidFile() error { - if PidFile == "" { - return nil - } - pid := []byte(strconv.Itoa(os.Getpid()) + "\n") - return ioutil.WriteFile(PidFile, pid, 0644) -} - -type restartTriple struct { - server GracefulServer - listener Listener - packet PacketConn -} - -var ( - // instances is the list of running Instances. - instances []*Instance - - // instancesMu protects instances. - instancesMu sync.Mutex -) - -var ( - // DefaultConfigFile is the name of the configuration file that is loaded - // by default if no other file is specified. - DefaultConfigFile = "Caddyfile" -) - -// CtxKey is a value type for use with context.WithValue. -type CtxKey string diff --git a/vendor/github.com/coredns/caddy/caddyfile/dispenser.go b/vendor/github.com/coredns/caddy/caddyfile/dispenser.go deleted file mode 100644 index c7b3f4c1..00000000 --- a/vendor/github.com/coredns/caddy/caddyfile/dispenser.go +++ /dev/null @@ -1,260 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddyfile - -import ( - "errors" - "fmt" - "io" - "strings" -) - -// Dispenser is a type that dispenses tokens, similarly to a lexer, -// except that it can do so with some notion of structure and has -// some really convenient methods. -type Dispenser struct { - filename string - tokens []Token - cursor int - nesting int -} - -// NewDispenser returns a Dispenser, ready to use for parsing the given input. -func NewDispenser(filename string, input io.Reader) Dispenser { - tokens, _ := allTokens(input) // ignoring error because nothing to do with it - return Dispenser{ - filename: filename, - tokens: tokens, - cursor: -1, - } -} - -// NewDispenserTokens returns a Dispenser filled with the given tokens. -func NewDispenserTokens(filename string, tokens []Token) Dispenser { - return Dispenser{ - filename: filename, - tokens: tokens, - cursor: -1, - } -} - -// Next loads the next token. Returns true if a token -// was loaded; false otherwise. If false, all tokens -// have been consumed. -func (d *Dispenser) Next() bool { - if d.cursor < len(d.tokens)-1 { - d.cursor++ - return true - } - return false -} - -// NextArg loads the next token if it is on the same -// line. Returns true if a token was loaded; false -// otherwise. If false, all tokens on the line have -// been consumed. It handles imported tokens correctly. -func (d *Dispenser) NextArg() bool { - if d.cursor < 0 { - d.cursor++ - return true - } - if d.cursor >= len(d.tokens) { - return false - } - if d.cursor < len(d.tokens)-1 && - d.tokens[d.cursor].File == d.tokens[d.cursor+1].File && - d.tokens[d.cursor].Line+d.numLineBreaks(d.cursor) == d.tokens[d.cursor+1].Line { - d.cursor++ - return true - } - return false -} - -// NextLine loads the next token only if it is not on the same -// line as the current token, and returns true if a token was -// loaded; false otherwise. If false, there is not another token -// or it is on the same line. It handles imported tokens correctly. -func (d *Dispenser) NextLine() bool { - if d.cursor < 0 { - d.cursor++ - return true - } - if d.cursor >= len(d.tokens) { - return false - } - if d.cursor < len(d.tokens)-1 && - (d.tokens[d.cursor].File != d.tokens[d.cursor+1].File || - d.tokens[d.cursor].Line+d.numLineBreaks(d.cursor) < d.tokens[d.cursor+1].Line) { - d.cursor++ - return true - } - return false -} - -// NextBlock can be used as the condition of a for loop -// to load the next token as long as it opens a block or -// is already in a block. It returns true if a token was -// loaded, or false when the block's closing curly brace -// was loaded and thus the block ended. Nested blocks are -// not supported. -func (d *Dispenser) NextBlock() bool { - if d.nesting > 0 { - d.Next() - if d.Val() == "}" { - d.nesting-- - return false - } - return true - } - if !d.NextArg() { // block must open on same line - return false - } - if d.Val() != "{" { - d.cursor-- // roll back if not opening brace - return false - } - d.Next() - if d.Val() == "}" { - // Open and then closed right away - return false - } - d.nesting++ - return true -} - -// Val gets the text of the current token. If there is no token -// loaded, it returns empty string. -func (d *Dispenser) Val() string { - if d.cursor < 0 || d.cursor >= len(d.tokens) { - return "" - } - return d.tokens[d.cursor].Text -} - -// Line gets the line number of the current token. If there is no token -// loaded, it returns 0. -func (d *Dispenser) Line() int { - if d.cursor < 0 || d.cursor >= len(d.tokens) { - return 0 - } - return d.tokens[d.cursor].Line -} - -// File gets the filename of the current token. If there is no token loaded, -// it returns the filename originally given when parsing started. -func (d *Dispenser) File() string { - if d.cursor < 0 || d.cursor >= len(d.tokens) { - return d.filename - } - if tokenFilename := d.tokens[d.cursor].File; tokenFilename != "" { - return tokenFilename - } - return d.filename -} - -// Args is a convenience function that loads the next arguments -// (tokens on the same line) into an arbitrary number of strings -// pointed to in targets. If there are fewer tokens available -// than string pointers, the remaining strings will not be changed -// and false will be returned. If there were enough tokens available -// to fill the arguments, then true will be returned. -func (d *Dispenser) Args(targets ...*string) bool { - enough := true - for i := 0; i < len(targets); i++ { - if !d.NextArg() { - enough = false - break - } - *targets[i] = d.Val() - } - return enough -} - -// RemainingArgs loads any more arguments (tokens on the same line) -// into a slice and returns them. Open curly brace tokens also indicate -// the end of arguments, and the curly brace is not included in -// the return value nor is it loaded. -func (d *Dispenser) RemainingArgs() []string { - var args []string - - for d.NextArg() { - if d.Val() == "{" { - d.cursor-- - break - } - args = append(args, d.Val()) - } - - return args -} - -// ArgErr returns an argument error, meaning that another -// argument was expected but not found. In other words, -// a line break or open curly brace was encountered instead of -// an argument. -func (d *Dispenser) ArgErr() error { - if d.Val() == "{" { - return d.Err("Unexpected token '{', expecting argument") - } - return d.Errf("Wrong argument count or unexpected line ending after '%s'", d.Val()) -} - -// SyntaxErr creates a generic syntax error which explains what was -// found and what was expected. -func (d *Dispenser) SyntaxErr(expected string) error { - msg := fmt.Sprintf("%s:%d - Syntax error: Unexpected token '%s', expecting '%s'", d.File(), d.Line(), d.Val(), expected) - return errors.New(msg) -} - -// EOFErr returns an error indicating that the dispenser reached -// the end of the input when searching for the next token. -func (d *Dispenser) EOFErr() error { - return d.Errf("Unexpected EOF") -} - -// Err generates a custom parse-time error with a message of msg. -func (d *Dispenser) Err(msg string) error { - msg = fmt.Sprintf("%s:%d - Error during parsing: %s", d.File(), d.Line(), msg) - return errors.New(msg) -} - -// Errf is like Err, but for formatted error messages -func (d *Dispenser) Errf(format string, args ...interface{}) error { - return d.Err(fmt.Sprintf(format, args...)) -} - -// numLineBreaks counts how many line breaks are in the token -// value given by the token index tknIdx. It returns 0 if the -// token does not exist or there are no line breaks. -func (d *Dispenser) numLineBreaks(tknIdx int) int { - if tknIdx < 0 || tknIdx >= len(d.tokens) { - return 0 - } - return strings.Count(d.tokens[tknIdx].Text, "\n") -} - -// isNewLine determines whether the current token is on a different -// line (higher line number) than the previous token. It handles imported -// tokens correctly. If there isn't a previous token, it returns true. -func (d *Dispenser) isNewLine() bool { - if d.cursor < 1 { - return true - } - if d.cursor > len(d.tokens)-1 { - return false - } - return d.tokens[d.cursor-1].File != d.tokens[d.cursor].File || - d.tokens[d.cursor-1].Line+d.numLineBreaks(d.cursor-1) < d.tokens[d.cursor].Line -} diff --git a/vendor/github.com/coredns/caddy/caddyfile/json.go b/vendor/github.com/coredns/caddy/caddyfile/json.go deleted file mode 100644 index 0d37e8e9..00000000 --- a/vendor/github.com/coredns/caddy/caddyfile/json.go +++ /dev/null @@ -1,198 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddyfile - -import ( - "bytes" - "encoding/json" - "fmt" - "sort" - "strconv" - "strings" -) - -const filename = "Caddyfile" - -// ToJSON converts caddyfile to its JSON representation. -func ToJSON(caddyfile []byte) ([]byte, error) { - var j EncodedCaddyfile - - serverBlocks, err := Parse(filename, bytes.NewReader(caddyfile), nil) - if err != nil { - return nil, err - } - - for _, sb := range serverBlocks { - block := EncodedServerBlock{ - Keys: sb.Keys, - Body: [][]interface{}{}, - } - - // Extract directives deterministically by sorting them - var directives = make([]string, len(sb.Tokens)) - for dir := range sb.Tokens { - directives = append(directives, dir) - } - sort.Strings(directives) - - // Convert each directive's tokens into our JSON structure - for _, dir := range directives { - disp := NewDispenserTokens(filename, sb.Tokens[dir]) - for disp.Next() { - block.Body = append(block.Body, constructLine(&disp)) - } - } - - // tack this block onto the end of the list - j = append(j, block) - } - - result, err := json.Marshal(j) - if err != nil { - return nil, err - } - - return result, nil -} - -// constructLine transforms tokens into a JSON-encodable structure; -// but only one line at a time, to be used at the top-level of -// a server block only (where the first token on each line is a -// directive) - not to be used at any other nesting level. -func constructLine(d *Dispenser) []interface{} { - var args []interface{} - - args = append(args, d.Val()) - - for d.NextArg() { - if d.Val() == "{" { - args = append(args, constructBlock(d)) - continue - } - args = append(args, d.Val()) - } - - return args -} - -// constructBlock recursively processes tokens into a -// JSON-encodable structure. To be used in a directive's -// block. Goes to end of block. -func constructBlock(d *Dispenser) [][]interface{} { - block := [][]interface{}{} - - for d.Next() { - if d.Val() == "}" { - break - } - block = append(block, constructLine(d)) - } - - return block -} - -// FromJSON converts JSON-encoded jsonBytes to Caddyfile text -func FromJSON(jsonBytes []byte) ([]byte, error) { - var j EncodedCaddyfile - var result string - - err := json.Unmarshal(jsonBytes, &j) - if err != nil { - return nil, err - } - - for sbPos, sb := range j { - if sbPos > 0 { - result += "\n\n" - } - for i, key := range sb.Keys { - if i > 0 { - result += ", " - } - //result += standardizeScheme(key) - result += key - } - result += jsonToText(sb.Body, 1) - } - - return []byte(result), nil -} - -// jsonToText recursively transforms a scope of JSON into plain -// Caddyfile text. -func jsonToText(scope interface{}, depth int) string { - var result string - - switch val := scope.(type) { - case string: - if strings.ContainsAny(val, "\" \n\t\r") { - result += `"` + strings.Replace(val, "\"", "\\\"", -1) + `"` - } else { - result += val - } - case int: - result += strconv.Itoa(val) - case float64: - result += fmt.Sprintf("%v", val) - case bool: - result += fmt.Sprintf("%t", val) - case [][]interface{}: - result += " {\n" - for _, arg := range val { - result += strings.Repeat("\t", depth) + jsonToText(arg, depth+1) + "\n" - } - result += strings.Repeat("\t", depth-1) + "}" - case []interface{}: - for i, v := range val { - if block, ok := v.([]interface{}); ok { - result += "{\n" - for _, arg := range block { - result += strings.Repeat("\t", depth) + jsonToText(arg, depth+1) + "\n" - } - result += strings.Repeat("\t", depth-1) + "}" - continue - } - result += jsonToText(v, depth) - if i < len(val)-1 { - result += " " - } - } - } - - return result -} - -// TODO: Will this function come in handy somewhere else? -/* -// standardizeScheme turns an address like host:https into https://host, -// or "host:" into "host". -func standardizeScheme(addr string) string { - if hostname, port, err := net.SplitHostPort(addr); err == nil { - if port == "http" || port == "https" { - addr = port + "://" + hostname - } - } - return strings.TrimSuffix(addr, ":") -} -*/ - -// EncodedCaddyfile encapsulates a slice of EncodedServerBlocks. -type EncodedCaddyfile []EncodedServerBlock - -// EncodedServerBlock represents a server block ripe for encoding. -type EncodedServerBlock struct { - Keys []string `json:"keys"` - Body [][]interface{} `json:"body"` -} diff --git a/vendor/github.com/coredns/caddy/caddyfile/lexer.go b/vendor/github.com/coredns/caddy/caddyfile/lexer.go deleted file mode 100644 index f928772e..00000000 --- a/vendor/github.com/coredns/caddy/caddyfile/lexer.go +++ /dev/null @@ -1,153 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddyfile - -import ( - "bufio" - "io" - "unicode" -) - -type ( - // lexer is a utility which can get values, token by - // token, from a Reader. A token is a word, and tokens - // are separated by whitespace. A word can be enclosed - // in quotes if it contains whitespace. - lexer struct { - reader *bufio.Reader - token Token - line int - } - - // Token represents a single parsable unit. - Token struct { - File string - Line int - Text string - } -) - -// load prepares the lexer to scan an input for tokens. -// It discards any leading byte order mark. -func (l *lexer) load(input io.Reader) error { - l.reader = bufio.NewReader(input) - l.line = 1 - - // discard byte order mark, if present - firstCh, _, err := l.reader.ReadRune() - if err != nil { - if err == io.EOF { - return nil - } - return err - } - if firstCh != 0xFEFF { - err := l.reader.UnreadRune() - if err != nil { - return err - } - } - - return nil -} - -// next loads the next token into the lexer. -// A token is delimited by whitespace, unless -// the token starts with a quotes character (") -// in which case the token goes until the closing -// quotes (the enclosing quotes are not included). -// Inside quoted strings, quotes may be escaped -// with a preceding \ character. No other chars -// may be escaped. The rest of the line is skipped -// if a "#" character is read in. Returns true if -// a token was loaded; false otherwise. -func (l *lexer) next() bool { - var val []rune - var comment, quoted, escaped bool - - makeToken := func() bool { - l.token.Text = string(val) - return true - } - - for { - ch, _, err := l.reader.ReadRune() - if err != nil { - if len(val) > 0 { - return makeToken() - } - if err == io.EOF { - return false - } - panic(err) - } - - if quoted { - if !escaped { - if ch == '\\' { - escaped = true - continue - } else if ch == '"' { - quoted = false - return makeToken() - } - } - if ch == '\n' { - l.line++ - } - if escaped { - // only escape quotes - if ch != '"' { - val = append(val, '\\') - } - } - val = append(val, ch) - escaped = false - continue - } - - if unicode.IsSpace(ch) { - if ch == '\r' { - continue - } - if ch == '\n' { - l.line++ - comment = false - } - if len(val) > 0 { - return makeToken() - } - continue - } - - if ch == '#' { - comment = true - } - - if comment { - continue - } - - if len(val) == 0 { - l.token = Token{Line: l.line} - if ch == '"' { - quoted = true - continue - } - } - - val = append(val, ch) - } -} diff --git a/vendor/github.com/coredns/caddy/caddyfile/parse.go b/vendor/github.com/coredns/caddy/caddyfile/parse.go deleted file mode 100644 index 32d7a2b5..00000000 --- a/vendor/github.com/coredns/caddy/caddyfile/parse.go +++ /dev/null @@ -1,490 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddyfile - -import ( - "io" - "log" - "os" - "path/filepath" - "strings" -) - -// Parse parses the input just enough to group tokens, in -// order, by server block. No further parsing is performed. -// Server blocks are returned in the order in which they appear. -// Directives that do not appear in validDirectives will cause -// an error. If you do not want to check for valid directives, -// pass in nil instead. -func Parse(filename string, input io.Reader, validDirectives []string) ([]ServerBlock, error) { - p := parser{Dispenser: NewDispenser(filename, input), validDirectives: validDirectives} - return p.parseAll() -} - -// allTokens lexes the entire input, but does not parse it. -// It returns all the tokens from the input, unstructured -// and in order. -func allTokens(input io.Reader) ([]Token, error) { - l := new(lexer) - err := l.load(input) - if err != nil { - return nil, err - } - var tokens []Token - for l.next() { - tokens = append(tokens, l.token) - } - return tokens, nil -} - -type parser struct { - Dispenser - block ServerBlock // current server block being parsed - validDirectives []string // a directive must be valid or it's an error - eof bool // if we encounter a valid EOF in a hard place - definedSnippets map[string][]Token -} - -func (p *parser) parseAll() ([]ServerBlock, error) { - var blocks []ServerBlock - - for p.Next() { - err := p.parseOne() - if err != nil { - return blocks, err - } - if len(p.block.Keys) > 0 { - blocks = append(blocks, p.block) - } - } - - return blocks, nil -} - -func (p *parser) parseOne() error { - p.block = ServerBlock{Tokens: make(map[string][]Token)} - - return p.begin() -} - -func (p *parser) begin() error { - if len(p.tokens) == 0 { - return nil - } - - err := p.addresses() - - if err != nil { - return err - } - - if p.eof { - // this happens if the Caddyfile consists of only - // a line of addresses and nothing else - return nil - } - - if ok, name := p.isSnippet(); ok { - if p.definedSnippets == nil { - p.definedSnippets = map[string][]Token{} - } - if _, found := p.definedSnippets[name]; found { - return p.Errf("redeclaration of previously declared snippet %s", name) - } - // consume all tokens til matched close brace - tokens, err := p.snippetTokens() - if err != nil { - return err - } - p.definedSnippets[name] = tokens - // empty block keys so we don't save this block as a real server. - p.block.Keys = nil - return nil - } - - return p.blockContents() -} - -func (p *parser) addresses() error { - var expectingAnother bool - - for { - tkn := replaceEnvVars(p.Val()) - - // special case: import directive replaces tokens during parse-time - if tkn == "import" && p.isNewLine() { - err := p.doImport() - if err != nil { - return err - } - continue - } - - // Open brace definitely indicates end of addresses - if tkn == "{" { - if expectingAnother { - return p.Errf("Expected another address but had '%s' - check for extra comma", tkn) - } - break - } - - if tkn != "" { // empty token possible if user typed "" - // Trailing comma indicates another address will follow, which - // may possibly be on the next line - if tkn[len(tkn)-1] == ',' { - tkn = tkn[:len(tkn)-1] - expectingAnother = true - } else { - expectingAnother = false // but we may still see another one on this line - } - - p.block.Keys = append(p.block.Keys, tkn) - } - - // Advance token and possibly break out of loop or return error - hasNext := p.Next() - if expectingAnother && !hasNext { - return p.EOFErr() - } - if !hasNext { - p.eof = true - break // EOF - } - if !expectingAnother && p.isNewLine() { - break - } - } - - return nil -} - -func (p *parser) blockContents() error { - errOpenCurlyBrace := p.openCurlyBrace() - if errOpenCurlyBrace != nil { - // single-server configs don't need curly braces - p.cursor-- - } - - err := p.directives() - if err != nil { - return err - } - - // Only look for close curly brace if there was an opening - if errOpenCurlyBrace == nil { - err = p.closeCurlyBrace() - if err != nil { - return err - } - } - - return nil -} - -// directives parses through all the lines for directives -// and it expects the next token to be the first -// directive. It goes until EOF or closing curly brace -// which ends the server block. -func (p *parser) directives() error { - for p.Next() { - // end of server block - if p.Val() == "}" { - break - } - - // special case: import directive replaces tokens during parse-time - if p.Val() == "import" { - err := p.doImport() - if err != nil { - return err - } - p.cursor-- // cursor is advanced when we continue, so roll back one more - continue - } - - // normal case: parse a directive on this line - if err := p.directive(); err != nil { - return err - } - } - return nil -} - -// doImport swaps out the import directive and its argument -// (a total of 2 tokens) with the tokens in the specified file -// or globbing pattern. When the function returns, the cursor -// is on the token before where the import directive was. In -// other words, call Next() to access the first token that was -// imported. -func (p *parser) doImport() error { - // syntax checks - if !p.NextArg() { - return p.ArgErr() - } - importPattern := replaceEnvVars(p.Val()) - if importPattern == "" { - return p.Err("Import requires a non-empty filepath") - } - if p.NextArg() { - return p.Err("Import takes only one argument (glob pattern or file)") - } - // splice out the import directive and its argument (2 tokens total) - tokensBefore := p.tokens[:p.cursor-1] - tokensAfter := p.tokens[p.cursor+1:] - var importedTokens []Token - - // first check snippets. That is a simple, non-recursive replacement - if p.definedSnippets != nil && p.definedSnippets[importPattern] != nil { - importedTokens = p.definedSnippets[importPattern] - } else { - // make path relative to the file of the _token_ being processed rather - // than current working directory (issue #867) and then use glob to get - // list of matching filenames - absFile, err := filepath.Abs(p.Dispenser.File()) - if err != nil { - return p.Errf("Failed to get absolute path of file: %s: %v", p.Dispenser.filename, err) - } - - var matches []string - var globPattern string - if !filepath.IsAbs(importPattern) { - globPattern = filepath.Join(filepath.Dir(absFile), importPattern) - } else { - globPattern = importPattern - } - if strings.Count(globPattern, "*") > 1 || strings.Count(globPattern, "?") > 1 || - (strings.Contains(globPattern, "[") && strings.Contains(globPattern, "]")) { - // See issue #2096 - a pattern with many glob expansions can hang for too long - return p.Errf("Glob pattern may only contain one wildcard (*), but has others: %s", globPattern) - } - matches, err = filepath.Glob(globPattern) - - if err != nil { - return p.Errf("Failed to use import pattern %s: %v", importPattern, err) - } - if len(matches) == 0 { - if strings.ContainsAny(globPattern, "*?[]") { - log.Printf("[WARNING] No files matching import glob pattern: %s", importPattern) - } else { - return p.Errf("File to import not found: %s", importPattern) - } - } - - // collect all the imported tokens - - for _, importFile := range matches { - newTokens, err := p.doSingleImport(importFile) - if err != nil { - return err - } - importedTokens = append(importedTokens, newTokens...) - } - } - - // splice the imported tokens in the place of the import statement - // and rewind cursor so Next() will land on first imported token - p.tokens = append(tokensBefore, append(importedTokens, tokensAfter...)...) - p.cursor-- - - return nil -} - -// doSingleImport lexes the individual file at importFile and returns -// its tokens or an error, if any. -func (p *parser) doSingleImport(importFile string) ([]Token, error) { - file, err := os.Open(importFile) - if err != nil { - return nil, p.Errf("Could not import %s: %v", importFile, err) - } - defer file.Close() - - if info, err := file.Stat(); err != nil { - return nil, p.Errf("Could not import %s: %v", importFile, err) - } else if info.IsDir() { - return nil, p.Errf("Could not import %s: is a directory", importFile) - } - - importedTokens, err := allTokens(file) - if err != nil { - return nil, p.Errf("Could not read tokens while importing %s: %v", importFile, err) - } - - // Tack the file path onto these tokens so errors show the imported file's name - // (we use full, absolute path to avoid bugs: issue #1892) - filename, err := filepath.Abs(importFile) - if err != nil { - return nil, p.Errf("Failed to get absolute path of file: %s: %v", p.Dispenser.filename, err) - } - for i := 0; i < len(importedTokens); i++ { - importedTokens[i].File = filename - } - - return importedTokens, nil -} - -// directive collects tokens until the directive's scope -// closes (either end of line or end of curly brace block). -// It expects the currently-loaded token to be a directive -// (or } that ends a server block). The collected tokens -// are loaded into the current server block for later use -// by directive setup functions. -func (p *parser) directive() error { - dir := replaceEnvVars(p.Val()) - nesting := 0 - - // TODO: More helpful error message ("did you mean..." or "maybe you need to install its server type") - if !p.validDirective(dir) { - return p.Errf("Unknown directive '%s'", dir) - } - - // The directive itself is appended as a relevant token - p.block.Tokens[dir] = append(p.block.Tokens[dir], p.tokens[p.cursor]) - - for p.Next() { - if p.Val() == "{" { - nesting++ - } else if p.isNewLine() && nesting == 0 { - p.cursor-- // read too far - break - } else if p.Val() == "}" && nesting > 0 { - nesting-- - } else if p.Val() == "}" && nesting == 0 { - return p.Err("Unexpected '}' because no matching opening brace") - } else if p.Val() == "import" && p.isNewLine() { - if err := p.doImport(); err != nil { - return err - } - p.cursor-- // cursor is advanced when we continue, so roll back one more - continue - } - p.tokens[p.cursor].Text = replaceEnvVars(p.tokens[p.cursor].Text) - p.block.Tokens[dir] = append(p.block.Tokens[dir], p.tokens[p.cursor]) - } - - if nesting > 0 { - return p.EOFErr() - } - return nil -} - -// openCurlyBrace expects the current token to be an -// opening curly brace. This acts like an assertion -// because it returns an error if the token is not -// a opening curly brace. It does NOT advance the token. -func (p *parser) openCurlyBrace() error { - if p.Val() != "{" { - return p.SyntaxErr("{") - } - return nil -} - -// closeCurlyBrace expects the current token to be -// a closing curly brace. This acts like an assertion -// because it returns an error if the token is not -// a closing curly brace. It does NOT advance the token. -func (p *parser) closeCurlyBrace() error { - if p.Val() != "}" { - return p.SyntaxErr("}") - } - return nil -} - -// validDirective returns true if dir is in p.validDirectives. -func (p *parser) validDirective(dir string) bool { - if p.validDirectives == nil { - return true - } - for _, d := range p.validDirectives { - if d == dir { - return true - } - } - return false -} - -// replaceEnvVars replaces environment variables that appear in the token -// and understands both the $UNIX and %WINDOWS% syntaxes. -func replaceEnvVars(s string) string { - s = replaceEnvReferences(s, "{%", "%}") - s = replaceEnvReferences(s, "{$", "}") - return s -} - -// replaceEnvReferences performs the actual replacement of env variables -// in s, given the placeholder start and placeholder end strings. -func replaceEnvReferences(s, refStart, refEnd string) string { - index := strings.Index(s, refStart) - for index != -1 { - endIndex := strings.Index(s[index:], refEnd) - if endIndex == -1 { - break - } - - endIndex += index - if endIndex > index+len(refStart) { - ref := s[index : endIndex+len(refEnd)] - s = strings.Replace(s, ref, os.Getenv(ref[len(refStart):len(ref)-len(refEnd)]), -1) - } else { - return s - } - index = strings.Index(s, refStart) - } - return s -} - -// ServerBlock associates any number of keys (usually addresses -// of some sort) with tokens (grouped by directive name). -type ServerBlock struct { - Keys []string - Tokens map[string][]Token -} - -func (p *parser) isSnippet() (bool, string) { - keys := p.block.Keys - // A snippet block is a single key with parens. Nothing else qualifies. - if len(keys) == 1 && strings.HasPrefix(keys[0], "(") && strings.HasSuffix(keys[0], ")") { - return true, strings.TrimSuffix(keys[0][1:], ")") - } - return false, "" -} - -// read and store everything in a block for later replay. -func (p *parser) snippetTokens() ([]Token, error) { - // TODO: disallow imports in snippets for simplicity at import time - // snippet must have curlies. - err := p.openCurlyBrace() - if err != nil { - return nil, err - } - count := 1 - tokens := []Token{} - for p.Next() { - if p.Val() == "}" { - count-- - if count == 0 { - break - } - } - if p.Val() == "{" { - count++ - } - tokens = append(tokens, p.tokens[p.cursor]) - } - // make sure we're matched up - if count != 0 { - return nil, p.SyntaxErr("}") - } - return tokens, nil -} diff --git a/vendor/github.com/coredns/caddy/commands.go b/vendor/github.com/coredns/caddy/commands.go deleted file mode 100644 index 74796e1d..00000000 --- a/vendor/github.com/coredns/caddy/commands.go +++ /dev/null @@ -1,133 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddy - -import ( - "errors" - "runtime" - "unicode" - - "github.com/flynn/go-shlex" -) - -var runtimeGoos = runtime.GOOS - -// SplitCommandAndArgs takes a command string and parses it shell-style into the -// command and its separate arguments. -func SplitCommandAndArgs(command string) (cmd string, args []string, err error) { - var parts []string - - if runtimeGoos == "windows" { - parts = parseWindowsCommand(command) // parse it Windows-style - } else { - parts, err = parseUnixCommand(command) // parse it Unix-style - if err != nil { - err = errors.New("error parsing command: " + err.Error()) - return - } - } - - if len(parts) == 0 { - err = errors.New("no command contained in '" + command + "'") - return - } - - cmd = parts[0] - if len(parts) > 1 { - args = parts[1:] - } - - return -} - -// parseUnixCommand parses a unix style command line and returns the -// command and its arguments or an error -func parseUnixCommand(cmd string) ([]string, error) { - return shlex.Split(cmd) -} - -// parseWindowsCommand parses windows command lines and -// returns the command and the arguments as an array. It -// should be able to parse commonly used command lines. -// Only basic syntax is supported: -// - spaces in double quotes are not token delimiters -// - double quotes are escaped by either backspace or another double quote -// - except for the above case backspaces are path separators (not special) -// -// Many sources point out that escaping quotes using backslash can be unsafe. -// Use two double quotes when possible. (Source: http://stackoverflow.com/a/31413730/2616179 ) -// -// This function has to be used on Windows instead -// of the shlex package because this function treats backslash -// characters properly. -func parseWindowsCommand(cmd string) []string { - const backslash = '\\' - const quote = '"' - - var parts []string - var part string - var inQuotes bool - var lastRune rune - - for i, ch := range cmd { - - if i != 0 { - lastRune = rune(cmd[i-1]) - } - - if ch == backslash { - // put it in the part - for now we don't know if it's an - // escaping char or path separator - part += string(ch) - continue - } - - if ch == quote { - if lastRune == backslash { - // remove the backslash from the part and add the escaped quote instead - part = part[:len(part)-1] - part += string(ch) - continue - } - - if lastRune == quote { - // revert the last change of the inQuotes state - // it was an escaping quote - inQuotes = !inQuotes - part += string(ch) - continue - } - - // normal escaping quotes - inQuotes = !inQuotes - continue - - } - - if unicode.IsSpace(ch) && !inQuotes && len(part) > 0 { - parts = append(parts, part) - part = "" - continue - } - - part += string(ch) - } - - if len(part) > 0 { - parts = append(parts, part) - } - - return parts -} diff --git a/vendor/github.com/coredns/caddy/controller.go b/vendor/github.com/coredns/caddy/controller.go deleted file mode 100644 index 5b9a2ec4..00000000 --- a/vendor/github.com/coredns/caddy/controller.go +++ /dev/null @@ -1,145 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddy - -import ( - "strings" - - "github.com/coredns/caddy/caddyfile" -) - -// Controller is given to the setup function of directives which -// gives them access to be able to read tokens with which to -// configure themselves. It also stores state for the setup -// functions, can get the current context, and can be used to -// identify a particular server block using the Key field. -type Controller struct { - caddyfile.Dispenser - - // The instance in which the setup is occurring - instance *Instance - - // Key is the key from the top of the server block, usually - // an address, hostname, or identifier of some sort. - Key string - - // OncePerServerBlock is a function that executes f - // exactly once per server block, no matter how many - // hosts are associated with it. If it is the first - // time, the function f is executed immediately - // (not deferred) and may return an error which is - // returned by OncePerServerBlock. - OncePerServerBlock func(f func() error) error - - // ServerBlockIndex is the 0-based index of the - // server block as it appeared in the input. - ServerBlockIndex int - - // ServerBlockKeyIndex is the 0-based index of this - // key as it appeared in the input at the head of the - // server block. - ServerBlockKeyIndex int - - // ServerBlockKeys is a list of keys that are - // associated with this server block. All these - // keys, consequently, share the same tokens. - ServerBlockKeys []string - - // ServerBlockStorage is used by a directive's - // setup function to persist state between all - // the keys on a server block. - ServerBlockStorage interface{} -} - -// ServerType gets the name of the server type that is being set up. -func (c *Controller) ServerType() string { - return c.instance.serverType -} - -// OnFirstStartup adds fn to the list of callback functions to execute -// when the server is about to be started NOT as part of a restart. -func (c *Controller) OnFirstStartup(fn func() error) { - c.instance.OnFirstStartup = append(c.instance.OnFirstStartup, fn) -} - -// OnStartup adds fn to the list of callback functions to execute -// when the server is about to be started (including restarts). -func (c *Controller) OnStartup(fn func() error) { - c.instance.OnStartup = append(c.instance.OnStartup, fn) -} - -// OnRestart adds fn to the list of callback functions to execute -// when the server is about to be restarted. -func (c *Controller) OnRestart(fn func() error) { - c.instance.OnRestart = append(c.instance.OnRestart, fn) -} - -// OnRestartFailed adds fn to the list of callback functions to execute -// if the server failed to restart. -func (c *Controller) OnRestartFailed(fn func() error) { - c.instance.OnRestartFailed = append(c.instance.OnRestartFailed, fn) -} - -// OnShutdown adds fn to the list of callback functions to execute -// when the server is about to be shut down (including restarts). -func (c *Controller) OnShutdown(fn func() error) { - c.instance.OnShutdown = append(c.instance.OnShutdown, fn) -} - -// OnFinalShutdown adds fn to the list of callback functions to execute -// when the server is about to be shut down NOT as part of a restart. -func (c *Controller) OnFinalShutdown(fn func() error) { - c.instance.OnFinalShutdown = append(c.instance.OnFinalShutdown, fn) -} - -// Context gets the context associated with the instance associated with c. -func (c *Controller) Context() Context { - return c.instance.context -} - -// Get safely gets a value from the Instance's storage. -func (c *Controller) Get(key interface{}) interface{} { - c.instance.StorageMu.RLock() - defer c.instance.StorageMu.RUnlock() - return c.instance.Storage[key] -} - -// Set safely sets a value on the Instance's storage. -func (c *Controller) Set(key, val interface{}) { - c.instance.StorageMu.Lock() - c.instance.Storage[key] = val - c.instance.StorageMu.Unlock() -} - -// NewTestController creates a new Controller for -// the server type and input specified. The filename -// is "Testfile". If the server type is not empty and -// is plugged in, a context will be created so that -// the results of setup functions can be checked for -// correctness. -// -// Used only for testing, but exported so plugins can -// use this for convenience. -func NewTestController(serverType, input string) *Controller { - testInst := &Instance{serverType: serverType, Storage: make(map[interface{}]interface{})} - if stype, err := getServerType(serverType); err == nil { - testInst.context = stype.NewContext(testInst) - } - return &Controller{ - instance: testInst, - Dispenser: caddyfile.NewDispenser("Testfile", strings.NewReader(input)), - OncePerServerBlock: func(f func() error) error { return f() }, - } -} diff --git a/vendor/github.com/coredns/caddy/onevent/hook/config.go b/vendor/github.com/coredns/caddy/onevent/hook/config.go deleted file mode 100644 index 6d3cc699..00000000 --- a/vendor/github.com/coredns/caddy/onevent/hook/config.go +++ /dev/null @@ -1,20 +0,0 @@ -package hook - -import ( - "github.com/coredns/caddy" -) - -// Config describes how Hook should be configured and used. -type Config struct { - ID string - Event caddy.EventName - Command string - Args []string -} - -// SupportedEvents is a map of supported events. -var SupportedEvents = map[string]caddy.EventName{ - "startup": caddy.InstanceStartupEvent, - "shutdown": caddy.ShutdownEvent, - "certrenew": caddy.CertRenewEvent, -} diff --git a/vendor/github.com/coredns/caddy/onevent/hook/hook.go b/vendor/github.com/coredns/caddy/onevent/hook/hook.go deleted file mode 100644 index 1c727c33..00000000 --- a/vendor/github.com/coredns/caddy/onevent/hook/hook.go +++ /dev/null @@ -1,41 +0,0 @@ -package hook - -import ( - "log" - "os" - "os/exec" - "strings" - - "github.com/coredns/caddy" -) - -// Hook executes a command. -func (cfg *Config) Hook(event caddy.EventName, info interface{}) error { - if event != cfg.Event { - return nil - } - - nonblock := false - if len(cfg.Args) >= 1 && cfg.Args[len(cfg.Args)-1] == "&" { - // Run command in background; non-blocking - nonblock = true - cfg.Args = cfg.Args[:len(cfg.Args)-1] - } - - // Execute command. - cmd := exec.Command(cfg.Command, cfg.Args...) - cmd.Stdin = os.Stdin - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr - if nonblock { - log.Printf("[INFO] Nonblocking Command \"%s %s\" with ID %s", cfg.Command, strings.Join(cfg.Args, " "), cfg.ID) - return cmd.Start() - } - log.Printf("[INFO] Blocking Command \"%s %s\" with ID %s", cfg.Command, strings.Join(cfg.Args, " "), cfg.ID) - err := cmd.Run() - if err != nil { - return err - } - - return nil -} diff --git a/vendor/github.com/coredns/caddy/onevent/on.go b/vendor/github.com/coredns/caddy/onevent/on.go deleted file mode 100644 index 413771c9..00000000 --- a/vendor/github.com/coredns/caddy/onevent/on.go +++ /dev/null @@ -1,71 +0,0 @@ -package onevent - -import ( - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/caddy/onevent/hook" - "github.com/google/uuid" -) - -func init() { - // Register Directive. - caddy.RegisterPlugin("on", caddy.Plugin{Action: setup}) -} - -func setup(c *caddy.Controller) error { - config, err := onParse(c) - if err != nil { - return err - } - - // Register Event Hooks. - err = c.OncePerServerBlock(func() error { - for _, cfg := range config { - caddy.RegisterEventHook("on-"+cfg.ID, cfg.Hook) - } - return nil - }) - if err != nil { - return err - } - - return nil -} - -func onParse(c *caddy.Controller) ([]*hook.Config, error) { - var config []*hook.Config - - for c.Next() { - cfg := new(hook.Config) - - if !c.NextArg() { - return config, c.ArgErr() - } - - // Configure Event. - event, ok := hook.SupportedEvents[strings.ToLower(c.Val())] - if !ok { - return config, c.Errf("Wrong event name or event not supported: '%s'", c.Val()) - } - cfg.Event = event - - // Assign an unique ID. - cfg.ID = uuid.New().String() - - args := c.RemainingArgs() - - // Extract command and arguments. - command, args, err := caddy.SplitCommandAndArgs(strings.Join(args, " ")) - if err != nil { - return config, c.Err(err.Error()) - } - - cfg.Command = command - cfg.Args = args - - config = append(config, cfg) - } - - return config, nil -} diff --git a/vendor/github.com/coredns/caddy/plugins.go b/vendor/github.com/coredns/caddy/plugins.go deleted file mode 100644 index a4f70c46..00000000 --- a/vendor/github.com/coredns/caddy/plugins.go +++ /dev/null @@ -1,450 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddy - -import ( - "fmt" - "log" - "net" - "sort" - "sync" - - "github.com/coredns/caddy/caddyfile" -) - -// These are all the registered plugins. -var ( - // serverTypes is a map of registered server types. - serverTypes = make(map[string]ServerType) - - // plugins is a map of server type to map of plugin name to - // Plugin. These are the "general" plugins that may or may - // not be associated with a specific server type. If it's - // applicable to multiple server types or the server type is - // irrelevant, the key is empty string (""). But all plugins - // must have a name. - plugins = make(map[string]map[string]Plugin) - - // eventHooks is a map of hook name to Hook. All hooks plugins - // must have a name. - eventHooks = &sync.Map{} - - // parsingCallbacks maps server type to map of directive - // to list of callback functions. These aren't really - // plugins on their own, but are often registered from - // plugins. - parsingCallbacks = make(map[string]map[string][]ParsingCallback) - - // caddyfileLoaders is the list of all Caddyfile loaders - // in registration order. - caddyfileLoaders []caddyfileLoader -) - -// DescribePlugins returns a string describing the registered plugins. -func DescribePlugins() string { - pl := ListPlugins() - - str := "" - for _, name := range pl["others"] { - if len(name) > 3 { - str += name[4:] + "\n" // drop dns. prefix caddy adds - } else { - str += name + "\n" - } - } - - return str -} - -// ListPlugins makes a list of the registered plugins, -// keyed by plugin type. -func ListPlugins() map[string][]string { - p := make(map[string][]string) - - // server type plugins - for name := range serverTypes { - p["server_types"] = append(p["server_types"], name) - } - - // caddyfile loaders in registration order - for _, loader := range caddyfileLoaders { - p["caddyfile_loaders"] = append(p["caddyfile_loaders"], loader.name) - } - if defaultCaddyfileLoader.name != "" { - p["caddyfile_loaders"] = append(p["caddyfile_loaders"], defaultCaddyfileLoader.name) - } - - // List the event hook plugins - eventHooks.Range(func(k, _ interface{}) bool { - p["event_hooks"] = append(p["event_hooks"], k.(string)) - return true - }) - - // alphabetize the rest of the plugins - var others []string - for stype, stypePlugins := range plugins { - for name := range stypePlugins { - var s string - if stype != "" { - s = stype + "." - } - s += name - others = append(others, s) - } - } - - sort.Strings(others) - for _, name := range others { - p["others"] = append(p["others"], name) - } - - return p -} - -// ValidDirectives returns the list of all directives that are -// recognized for the server type serverType. However, not all -// directives may be installed. This makes it possible to give -// more helpful error messages, like "did you mean ..." or -// "maybe you need to plug in ...". -func ValidDirectives(serverType string) []string { - stype, err := getServerType(serverType) - if err != nil { - return nil - } - return stype.Directives() -} - -// ServerListener pairs a server to its listener and/or packetconn. -type ServerListener struct { - server Server - listener net.Listener - packet net.PacketConn -} - -// LocalAddr returns the local network address of the packetconn. It returns -// nil when it is not set. -func (s ServerListener) LocalAddr() net.Addr { - if s.packet == nil { - return nil - } - return s.packet.LocalAddr() -} - -// Addr returns the listener's network address. It returns nil when it is -// not set. -func (s ServerListener) Addr() net.Addr { - if s.listener == nil { - return nil - } - return s.listener.Addr() -} - -// Context is a type which carries a server type through -// the load and setup phase; it maintains the state -// between loading the Caddyfile, then executing its -// directives, then making the servers for Caddy to -// manage. Typically, such state involves configuration -// structs, etc. -type Context interface { - // Called after the Caddyfile is parsed into server - // blocks but before the directives are executed, - // this method gives you an opportunity to inspect - // the server blocks and prepare for the execution - // of directives. Return the server blocks (which - // you may modify, if desired) and an error, if any. - // The first argument is the name or path to the - // configuration file (Caddyfile). - // - // This function can be a no-op and simply return its - // input if there is nothing to do here. - InspectServerBlocks(string, []caddyfile.ServerBlock) ([]caddyfile.ServerBlock, error) - - // This is what Caddy calls to make server instances. - // By this time, all directives have been executed and, - // presumably, the context has enough state to produce - // server instances for Caddy to start. - MakeServers() ([]Server, error) -} - -// RegisterServerType registers a server type srv by its -// name, typeName. -func RegisterServerType(typeName string, srv ServerType) { - if _, ok := serverTypes[typeName]; ok { - panic("server type already registered") - } - serverTypes[typeName] = srv -} - -// ServerType contains information about a server type. -type ServerType struct { - // Function that returns the list of directives, in - // execution order, that are valid for this server - // type. Directives should be one word if possible - // and lower-cased. - Directives func() []string - - // DefaultInput returns a default config input if none - // is otherwise loaded. This is optional, but highly - // recommended, otherwise a blank Caddyfile will be - // used. - DefaultInput func() Input - - // The function that produces a new server type context. - // This will be called when a new Caddyfile is being - // loaded, parsed, and executed independently of any - // startup phases before this one. It's a way to keep - // each set of server instances separate and to reduce - // the amount of global state you need. - NewContext func(inst *Instance) Context -} - -// Plugin is a type which holds information about a plugin. -type Plugin struct { - // ServerType is the type of server this plugin is for. - // Can be empty if not applicable, or if the plugin - // can associate with any server type. - ServerType string - - // Action is the plugin's setup function, if associated - // with a directive in the Caddyfile. - Action SetupFunc -} - -// RegisterPlugin plugs in plugin. All plugins should register -// themselves, even if they do not perform an action associated -// with a directive. It is important for the process to know -// which plugins are available. -// -// The plugin MUST have a name: lower case and one word. -// If this plugin has an action, it must be the name of -// the directive that invokes it. A name is always required -// and must be unique for the server type. -func RegisterPlugin(name string, plugin Plugin) { - if name == "" { - panic("plugin must have a name") - } - if _, ok := plugins[plugin.ServerType]; !ok { - plugins[plugin.ServerType] = make(map[string]Plugin) - } - if _, dup := plugins[plugin.ServerType][name]; dup { - panic("plugin named " + name + " already registered for server type " + plugin.ServerType) - } - plugins[plugin.ServerType][name] = plugin -} - -// EventName represents the name of an event used with event hooks. -type EventName string - -// Define names for the various events -const ( - StartupEvent EventName = "startup" - ShutdownEvent = "shutdown" - CertRenewEvent = "certrenew" - InstanceStartupEvent = "instancestartup" - InstanceRestartEvent = "instancerestart" -) - -// EventHook is a type which holds information about a startup hook plugin. -type EventHook func(eventType EventName, eventInfo interface{}) error - -// RegisterEventHook plugs in hook. All the hooks should register themselves -// and they must have a name. -func RegisterEventHook(name string, hook EventHook) { - if name == "" { - panic("event hook must have a name") - } - _, dup := eventHooks.LoadOrStore(name, hook) - if dup { - panic("hook named " + name + " already registered") - } -} - -// EmitEvent executes the different hooks passing the EventType as an -// argument. This is a blocking function. Hook developers should -// use 'go' keyword if they don't want to block Caddy. -func EmitEvent(event EventName, info interface{}) { - eventHooks.Range(func(k, v interface{}) bool { - err := v.(EventHook)(event, info) - if err != nil { - log.Printf("error on '%s' hook: %v", k.(string), err) - } - return true - }) -} - -// cloneEventHooks return a clone of the event hooks *sync.Map -func cloneEventHooks() *sync.Map { - c := &sync.Map{} - eventHooks.Range(func(k, v interface{}) bool { - c.Store(k, v) - return true - }) - return c -} - -// purgeEventHooks purges all event hooks from the map -func purgeEventHooks() { - eventHooks.Range(func(k, _ interface{}) bool { - eventHooks.Delete(k) - return true - }) -} - -// restoreEventHooks restores eventHooks with a provided *sync.Map -func restoreEventHooks(m *sync.Map) { - // Purge old event hooks - purgeEventHooks() - - // Restore event hooks - m.Range(func(k, v interface{}) bool { - eventHooks.Store(k, v) - return true - }) -} - -// ParsingCallback is a function that is called after -// a directive's setup functions have been executed -// for all the server blocks. -type ParsingCallback func(Context) error - -// RegisterParsingCallback registers callback to be called after -// executing the directive afterDir for server type serverType. -func RegisterParsingCallback(serverType, afterDir string, callback ParsingCallback) { - if _, ok := parsingCallbacks[serverType]; !ok { - parsingCallbacks[serverType] = make(map[string][]ParsingCallback) - } - parsingCallbacks[serverType][afterDir] = append(parsingCallbacks[serverType][afterDir], callback) -} - -// SetupFunc is used to set up a plugin, or in other words, -// execute a directive. It will be called once per key for -// each server block it appears in. -type SetupFunc func(c *Controller) error - -// DirectiveAction gets the action for directive dir of -// server type serverType. -func DirectiveAction(serverType, dir string) (SetupFunc, error) { - if stypePlugins, ok := plugins[serverType]; ok { - if plugin, ok := stypePlugins[dir]; ok { - return plugin.Action, nil - } - } - if genericPlugins, ok := plugins[""]; ok { - if plugin, ok := genericPlugins[dir]; ok { - return plugin.Action, nil - } - } - return nil, fmt.Errorf("no action found for directive '%s' with server type '%s' (missing a plugin?)", - dir, serverType) -} - -// Loader is a type that can load a Caddyfile. -// It is passed the name of the server type. -// It returns an error only if something went -// wrong, not simply if there is no Caddyfile -// for this loader to load. -// -// A Loader should only load the Caddyfile if -// a certain condition or requirement is met, -// as returning a non-nil Input value along with -// another Loader will result in an error. -// In other words, loading the Caddyfile must -// be deliberate & deterministic, not haphazard. -// -// The exception is the default Caddyfile loader, -// which will be called only if no other Caddyfile -// loaders return a non-nil Input. The default -// loader may always return an Input value. -type Loader interface { - Load(serverType string) (Input, error) -} - -// LoaderFunc is a convenience type similar to http.HandlerFunc -// that allows you to use a plain function as a Load() method. -type LoaderFunc func(serverType string) (Input, error) - -// Load loads a Caddyfile. -func (lf LoaderFunc) Load(serverType string) (Input, error) { - return lf(serverType) -} - -// RegisterCaddyfileLoader registers loader named name. -func RegisterCaddyfileLoader(name string, loader Loader) { - caddyfileLoaders = append(caddyfileLoaders, caddyfileLoader{name: name, loader: loader}) -} - -// SetDefaultCaddyfileLoader registers loader by name -// as the default Caddyfile loader if no others produce -// a Caddyfile. If another Caddyfile loader has already -// been set as the default, this replaces it. -// -// Do not call RegisterCaddyfileLoader on the same -// loader; that would be redundant. -func SetDefaultCaddyfileLoader(name string, loader Loader) { - defaultCaddyfileLoader = caddyfileLoader{name: name, loader: loader} -} - -// loadCaddyfileInput iterates the registered Caddyfile loaders -// and, if needed, calls the default loader, to load a Caddyfile. -// It is an error if any of the loaders return an error or if -// more than one loader returns a Caddyfile. -func loadCaddyfileInput(serverType string) (Input, error) { - var loadedBy string - var caddyfileToUse Input - for _, l := range caddyfileLoaders { - cdyfile, err := l.loader.Load(serverType) - if err != nil { - return nil, fmt.Errorf("loading Caddyfile via %s: %v", l.name, err) - } - if cdyfile != nil { - if caddyfileToUse != nil { - return nil, fmt.Errorf("Caddyfile loaded multiple times; first by %s, then by %s", loadedBy, l.name) - } - loaderUsed = l - caddyfileToUse = cdyfile - loadedBy = l.name - } - } - if caddyfileToUse == nil && defaultCaddyfileLoader.loader != nil { - cdyfile, err := defaultCaddyfileLoader.loader.Load(serverType) - if err != nil { - return nil, err - } - if cdyfile != nil { - loaderUsed = defaultCaddyfileLoader - caddyfileToUse = cdyfile - } - } - return caddyfileToUse, nil -} - -// OnProcessExit is a list of functions to run when the process -// exits -- they are ONLY for cleanup and should not block, -// return errors, or do anything fancy. They will be run with -// every signal, even if "shutdown callbacks" are not executed. -// This variable must only be modified in the main goroutine -// from init() functions. -var OnProcessExit []func() - -// caddyfileLoader pairs the name of a loader to the loader. -type caddyfileLoader struct { - name string - loader Loader -} - -var ( - defaultCaddyfileLoader caddyfileLoader // the default loader if all else fail - loaderUsed caddyfileLoader // the loader that was used (relevant for reloads) -) diff --git a/vendor/github.com/coredns/caddy/rlimit_nonposix.go b/vendor/github.com/coredns/caddy/rlimit_nonposix.go deleted file mode 100644 index 05ca942d..00000000 --- a/vendor/github.com/coredns/caddy/rlimit_nonposix.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build windows plan9 nacl js - -package caddy - -// checkFdlimit issues a warning if the OS limit for -// max file descriptors is below a recommended minimum. -func checkFdlimit() { -} diff --git a/vendor/github.com/coredns/caddy/rlimit_posix.go b/vendor/github.com/coredns/caddy/rlimit_posix.go deleted file mode 100644 index 9e85bf66..00000000 --- a/vendor/github.com/coredns/caddy/rlimit_posix.go +++ /dev/null @@ -1,37 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build !windows,!plan9,!nacl,!js - -package caddy - -import ( - "fmt" - "syscall" -) - -// checkFdlimit issues a warning if the OS limit for -// max file descriptors is below a recommended minimum. -func checkFdlimit() { - const min = 8192 - - // Warn if ulimit is too low for production sites - rlimit := &syscall.Rlimit{} - err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, rlimit) - if err == nil && rlimit.Cur < min { - fmt.Printf("WARNING: File descriptor limit %d is too low for production servers. "+ - "At least %d is recommended. Fix with `ulimit -n %d`.\n", rlimit.Cur, min, min) - } - -} diff --git a/vendor/github.com/coredns/caddy/sigtrap.go b/vendor/github.com/coredns/caddy/sigtrap.go deleted file mode 100644 index ac61c59c..00000000 --- a/vendor/github.com/coredns/caddy/sigtrap.go +++ /dev/null @@ -1,103 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddy - -import ( - "log" - "os" - "os/signal" - "sync" -) - -// TrapSignals create signal handlers for all applicable signals for this -// system. If your Go program uses signals, this is a rather invasive -// function; best to implement them yourself in that case. Signals are not -// required for the caddy package to function properly, but this is a -// convenient way to allow the user to control this part of your program. -func TrapSignals() { - trapSignalsCrossPlatform() - trapSignalsPosix() -} - -// trapSignalsCrossPlatform captures SIGINT, which triggers forceful -// shutdown that executes shutdown callbacks first. A second interrupt -// signal will exit the process immediately. -func trapSignalsCrossPlatform() { - go func() { - shutdown := make(chan os.Signal, 1) - signal.Notify(shutdown, os.Interrupt) - - for i := 0; true; i++ { - <-shutdown - - if i > 0 { - log.Println("[INFO] SIGINT: Force quit") - for _, f := range OnProcessExit { - f() // important cleanup actions only - } - os.Exit(2) - } - - log.Println("[INFO] SIGINT: Shutting down") - - // important cleanup actions before shutdown callbacks - for _, f := range OnProcessExit { - f() - } - - go func() { - os.Exit(executeShutdownCallbacks("SIGINT")) - }() - } - }() -} - -// executeShutdownCallbacks executes the shutdown callbacks as initiated -// by signame. It logs any errors and returns the recommended exit status. -// This function is idempotent; subsequent invocations always return 0. -func executeShutdownCallbacks(signame string) (exitCode int) { - shutdownCallbacksOnce.Do(func() { - // execute third-party shutdown hooks - EmitEvent(ShutdownEvent, signame) - - errs := allShutdownCallbacks() - if len(errs) > 0 { - for _, err := range errs { - log.Printf("[ERROR] %s shutdown: %v", signame, err) - } - exitCode = 4 - } - }) - return -} - -// allShutdownCallbacks executes all the shutdown callbacks -// for all the instances, and returns all the errors generated -// during their execution. An error executing one shutdown -// callback does not stop execution of others. Only one shutdown -// callback is executed at a time. -func allShutdownCallbacks() []error { - var errs []error - instancesMu.Lock() - for _, inst := range instances { - errs = append(errs, inst.ShutdownCallbacks()...) - } - instancesMu.Unlock() - return errs -} - -// shutdownCallbacksOnce ensures that shutdown callbacks -// for all instances are only executed once. -var shutdownCallbacksOnce sync.Once diff --git a/vendor/github.com/coredns/caddy/sigtrap_nonposix.go b/vendor/github.com/coredns/caddy/sigtrap_nonposix.go deleted file mode 100644 index 517e3a2e..00000000 --- a/vendor/github.com/coredns/caddy/sigtrap_nonposix.go +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build windows plan9 nacl js - -package caddy - -func trapSignalsPosix() {} diff --git a/vendor/github.com/coredns/caddy/sigtrap_posix.go b/vendor/github.com/coredns/caddy/sigtrap_posix.go deleted file mode 100644 index 0784c199..00000000 --- a/vendor/github.com/coredns/caddy/sigtrap_posix.go +++ /dev/null @@ -1,106 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// +build !windows,!plan9,!nacl,!js - -package caddy - -import ( - "log" - "os" - "os/signal" - "syscall" -) - -// trapSignalsPosix captures POSIX-only signals. -func trapSignalsPosix() { - go func() { - sigchan := make(chan os.Signal, 1) - signal.Notify(sigchan, syscall.SIGTERM, syscall.SIGHUP, syscall.SIGQUIT, syscall.SIGUSR1, syscall.SIGUSR2) - - for sig := range sigchan { - switch sig { - case syscall.SIGQUIT: - log.Println("[INFO] SIGQUIT: Quitting process immediately") - for _, f := range OnProcessExit { - f() // only perform important cleanup actions - } - os.Exit(0) - - case syscall.SIGTERM: - log.Println("[INFO] SIGTERM: Shutting down servers then terminating") - exitCode := executeShutdownCallbacks("SIGTERM") - for _, f := range OnProcessExit { - f() // only perform important cleanup actions - } - err := Stop() - if err != nil { - log.Printf("[ERROR] SIGTERM stop: %v", err) - exitCode = 3 - } - - os.Exit(exitCode) - - case syscall.SIGUSR1: - log.Println("[INFO] SIGUSR1: Reloading") - - // Start with the existing Caddyfile - caddyfileToUse, inst, err := getCurrentCaddyfile() - if err != nil { - log.Printf("[ERROR] SIGUSR1: %v", err) - continue - } - if loaderUsed.loader == nil { - // This also should never happen - log.Println("[ERROR] SIGUSR1: no Caddyfile loader with which to reload Caddyfile") - continue - } - - // Load the updated Caddyfile - newCaddyfile, err := loaderUsed.loader.Load(inst.serverType) - if err != nil { - log.Printf("[ERROR] SIGUSR1: loading updated Caddyfile: %v", err) - continue - } - if newCaddyfile != nil { - caddyfileToUse = newCaddyfile - } - - // Backup old event hooks - oldEventHooks := cloneEventHooks() - - // Purge the old event hooks - purgeEventHooks() - - // Kick off the restart; our work is done - EmitEvent(InstanceRestartEvent, nil) - _, err = inst.Restart(caddyfileToUse) - if err != nil { - restoreEventHooks(oldEventHooks) - - log.Printf("[ERROR] SIGUSR1: %v", err) - } - - case syscall.SIGUSR2: - log.Println("[INFO] SIGUSR2: Upgrading") - if err := Upgrade(); err != nil { - log.Printf("[ERROR] SIGUSR2: upgrading: %v", err) - } - - case syscall.SIGHUP: - // ignore; this signal is sometimes sent outside of the user's control - } - } - }() -} diff --git a/vendor/github.com/coredns/caddy/upgrade.go b/vendor/github.com/coredns/caddy/upgrade.go deleted file mode 100644 index c35f9b1c..00000000 --- a/vendor/github.com/coredns/caddy/upgrade.go +++ /dev/null @@ -1,232 +0,0 @@ -// Copyright 2015 Light Code Labs, LLC -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddy - -import ( - "encoding/gob" - "fmt" - "io/ioutil" - "log" - "os" - "os/exec" - "sync" -) - -func init() { - // register CaddyfileInput with gob so it knows into - // which concrete type to decode an Input interface - gob.Register(CaddyfileInput{}) -} - -// IsUpgrade returns true if this process is part of an upgrade -// where a parent caddy process spawned this one to upgrade -// the binary. -func IsUpgrade() bool { - mu.Lock() - defer mu.Unlock() - return isUpgrade -} - -// Upgrade re-launches the process, preserving the listeners -// for a graceful upgrade. It does NOT load new configuration; -// it only starts the process anew with the current config. -// This makes it possible to perform zero-downtime binary upgrades. -// -// TODO: For more information when debugging, see: -// https://forum.golangbridge.org/t/bind-address-already-in-use-even-after-listener-closed/1510?u=matt -// https://github.com/mholt/shared-conn -func Upgrade() error { - log.Println("[INFO] Upgrading") - - // use existing Caddyfile; do not change configuration during upgrade - currentCaddyfile, _, err := getCurrentCaddyfile() - if err != nil { - return err - } - - if len(os.Args) == 0 { // this should never happen, but... - os.Args = []string{""} - } - - // tell the child that it's a restart - env := os.Environ() - if !IsUpgrade() { - env = append(env, "CADDY__UPGRADE=1") - } - - // prepare our payload to the child process - cdyfileGob := transferGob{ - ListenerFds: make(map[string]uintptr), - Caddyfile: currentCaddyfile, - } - - // prepare a pipe to the fork's stdin so it can get the Caddyfile - rpipe, wpipe, err := os.Pipe() - if err != nil { - return err - } - - // prepare a pipe that the child process will use to communicate - // its success with us by sending > 0 bytes - sigrpipe, sigwpipe, err := os.Pipe() - if err != nil { - return err - } - - // pass along relevant file descriptors to child process; ordering - // is very important since we rely on these being in certain positions. - extraFiles := []*os.File{sigwpipe} // fd 3 - - // add file descriptors of all the sockets - for i, j := 0, 0; ; i++ { - instancesMu.Lock() - if i >= len(instances) { - instancesMu.Unlock() - break - } - inst := instances[i] - instancesMu.Unlock() - - for _, s := range inst.servers { - gs, gracefulOk := s.server.(GracefulServer) - ln, lnOk := s.listener.(Listener) - pc, pcOk := s.packet.(PacketConn) - if gracefulOk { - if lnOk { - lnFile, _ := ln.File() - extraFiles = append(extraFiles, lnFile) - cdyfileGob.ListenerFds["tcp"+gs.Address()] = uintptr(4 + j) // 4 fds come before any of the listeners - j++ - } - if pcOk { - pcFile, _ := pc.File() - extraFiles = append(extraFiles, pcFile) - cdyfileGob.ListenerFds["udp"+gs.Address()] = uintptr(4 + j) // 4 fds come before any of the listeners - j++ - } - } - } - } - - // set up the command - cmd := exec.Command(os.Args[0], os.Args[1:]...) - cmd.Stdin = rpipe // fd 0 - cmd.Stdout = os.Stdout // fd 1 - cmd.Stderr = os.Stderr // fd 2 - cmd.ExtraFiles = extraFiles - cmd.Env = env - - // spawn the child process - err = cmd.Start() - if err != nil { - return err - } - - // immediately close our dup'ed fds and the write end of our signal pipe - for _, f := range extraFiles { - err = f.Close() - if err != nil { - return err - } - } - - // feed Caddyfile to the child - err = gob.NewEncoder(wpipe).Encode(cdyfileGob) - if err != nil { - return err - } - err = wpipe.Close() - if err != nil { - return err - } - - // determine whether child startup succeeded - answer, readErr := ioutil.ReadAll(sigrpipe) - if len(answer) == 0 { - cmdErr := cmd.Wait() // get exit status - errStr := fmt.Sprintf("child failed to initialize: %v", cmdErr) - if readErr != nil { - errStr += fmt.Sprintf(" - additionally, error communicating with child process: %v", readErr) - } - return fmt.Errorf(errStr) - } - - // looks like child is successful; we can exit gracefully. - log.Println("[INFO] Upgrade finished") - return Stop() -} - -// getCurrentCaddyfile gets the Caddyfile used by the -// current (first) Instance and returns both of them. -func getCurrentCaddyfile() (Input, *Instance, error) { - instancesMu.Lock() - if len(instances) == 0 { - instancesMu.Unlock() - return nil, nil, fmt.Errorf("no server instances are fully running") - } - inst := instances[0] - instancesMu.Unlock() - - currentCaddyfile := inst.caddyfileInput - if currentCaddyfile == nil { - // hmm, did spawning process forget to close stdin? Anyhow, this is unusual. - return nil, inst, fmt.Errorf("no Caddyfile to reload (was stdin left open?)") - } - return currentCaddyfile, inst, nil -} - -// signalSuccessToParent tells the parent our status using pipe at index 3. -// If this process is not a restart, this function does nothing. -// Calling this function once this process has successfully initialized -// is vital so that the parent process can unblock and kill itself. -// This function is idempotent; it executes at most once per process. -func signalSuccessToParent() { - signalParentOnce.Do(func() { - if IsUpgrade() { - ppipe := os.NewFile(3, "") // parent is reading from pipe at index 3 - _, err := ppipe.Write([]byte("success")) // we must send some bytes to the parent - if err != nil { - log.Printf("[ERROR] Communicating successful init to parent: %v", err) - } - ppipe.Close() - } - }) -} - -// signalParentOnce is used to make sure that the parent is only -// signaled once; doing so more than once breaks whatever socket is -// at fd 4 (TODO: the reason for this is still unclear - to reproduce, -// call Stop() and Start() in succession at least once after a -// restart, then try loading first host of Caddyfile in the browser -// - this was pre-v0.9; this code and godoc is borrowed from the -// implementation then, but I'm not sure if it's been fixed yet, as -// of v0.10.7). Do not use this directly; call signalSuccessToParent -// instead. -var signalParentOnce sync.Once - -// transferGob is used if this is a child process as part of -// a graceful upgrade; it is used to map listeners to their -// index in the list of inherited file descriptors. This -// variable is not safe for concurrent access. -var loadedGob transferGob - -// transferGob maps bind address to index of the file descriptor -// in the Files array passed to the child process. It also contains -// the Caddyfile contents and any other state needed by the new process. -// Used only during graceful upgrades. -type transferGob struct { - ListenerFds map[string]uintptr - Caddyfile Input -} diff --git a/vendor/github.com/coredns/coredns/LICENSE b/vendor/github.com/coredns/coredns/LICENSE deleted file mode 100644 index 12497312..00000000 --- a/vendor/github.com/coredns/coredns/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2016-2020 The CoreDNS authors and contributors - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/address.go b/vendor/github.com/coredns/coredns/core/dnsserver/address.go deleted file mode 100644 index 872e44cb..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/address.go +++ /dev/null @@ -1,86 +0,0 @@ -package dnsserver - -import ( - "fmt" - "net" - "strings" -) - -type zoneAddr struct { - Zone string - Port string - Transport string // dns, tls or grpc - Address string // used for bound zoneAddr - validation of overlapping -} - -// String returns the string representation of z. -func (z zoneAddr) String() string { - s := z.Transport + "://" + z.Zone + ":" + z.Port - if z.Address != "" { - s += " on " + z.Address - } - return s -} - -// SplitProtocolHostPort splits a full formed address like "dns://[::1]:53" into parts. -func SplitProtocolHostPort(address string) (protocol string, ip string, port string, err error) { - parts := strings.Split(address, "://") - switch len(parts) { - case 1: - ip, port, err := net.SplitHostPort(parts[0]) - return "", ip, port, err - case 2: - ip, port, err := net.SplitHostPort(parts[1]) - return parts[0], ip, port, err - default: - return "", "", "", fmt.Errorf("provided value is not in an address format : %s", address) - } -} - -type zoneOverlap struct { - registeredAddr map[zoneAddr]zoneAddr // each zoneAddr is registered once by its key - unboundOverlap map[zoneAddr]zoneAddr // the "no bind" equiv ZoneAddr is registered by its original key -} - -func newOverlapZone() *zoneOverlap { - return &zoneOverlap{registeredAddr: make(map[zoneAddr]zoneAddr), unboundOverlap: make(map[zoneAddr]zoneAddr)} -} - -// registerAndCheck adds a new zoneAddr for validation, it returns information about existing or overlapping with already registered -// we consider that an unbound address is overlapping all bound addresses for same zone, same port -func (zo *zoneOverlap) registerAndCheck(z zoneAddr) (existingZone *zoneAddr, overlappingZone *zoneAddr) { - existingZone, overlappingZone = zo.check(z) - if existingZone != nil || overlappingZone != nil { - return existingZone, overlappingZone - } - // there is no overlap, keep the current zoneAddr for future checks - zo.registeredAddr[z] = z - zo.unboundOverlap[z.unbound()] = z - return nil, nil -} - -// check validates a zoneAddr for overlap without registering it -func (zo *zoneOverlap) check(z zoneAddr) (existingZone *zoneAddr, overlappingZone *zoneAddr) { - if exist, ok := zo.registeredAddr[z]; ok { - // exact same zone already registered - return &exist, nil - } - uz := z.unbound() - if already, ok := zo.unboundOverlap[uz]; ok { - if z.Address == "" { - // current is not bound to an address, but there is already another zone with a bind address registered - return nil, &already - } - if _, ok := zo.registeredAddr[uz]; ok { - // current zone is bound to an address, but there is already an overlapping zone+port with no bind address - return nil, &uz - } - } - // there is no overlap - return nil, nil -} - -// unbound returns an unbound version of the zoneAddr -func (z zoneAddr) unbound() zoneAddr { - return zoneAddr{Zone: z.Zone, Address: "", Port: z.Port, Transport: z.Transport} -} diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/config.go b/vendor/github.com/coredns/coredns/core/dnsserver/config.go deleted file mode 100644 index 27f5c210..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/config.go +++ /dev/null @@ -1,109 +0,0 @@ -package dnsserver - -import ( - "context" - "crypto/tls" - "fmt" - "net/http" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/request" -) - -// Config configuration for a single server. -type Config struct { - // The zone of the site. - Zone string - - // one or several hostnames to bind the server to. - // defaults to a single empty string that denote the wildcard address - ListenHosts []string - - // The port to listen on. - Port string - - // The number of servers that will listen on one port. - // By default, one server will be running. - NumSockets int - - // Root points to a base directory we find user defined "things". - // First consumer is the file plugin to looks for zone files in this place. - Root string - - // Debug controls the panic/recover mechanism that is enabled by default. - Debug bool - - // Stacktrace controls including stacktrace as part of log from recover mechanism, it is disabled by default. - Stacktrace bool - - // The transport we implement, normally just "dns" over TCP/UDP, but could be - // DNS-over-TLS or DNS-over-gRPC. - Transport string - - // If this function is not nil it will be used to inspect and validate - // HTTP requests. Although this isn't referenced in-tree, external plugins - // may depend on it. - HTTPRequestValidateFunc func(*http.Request) bool - - // FilterFuncs is used to further filter access - // to this handler. E.g. to limit access to a reverse zone - // on a non-octet boundary, i.e. /17 - FilterFuncs []FilterFunc - - // ViewName is the name of the Viewer PLugin defined in the Config - ViewName string - - // TLSConfig when listening for encrypted connections (gRPC, DNS-over-TLS). - TLSConfig *tls.Config - - // Timeouts for TCP, TLS and HTTPS servers. - ReadTimeout time.Duration - WriteTimeout time.Duration - IdleTimeout time.Duration - - // TSIG secrets, [name]key. - TsigSecret map[string]string - - // Plugin stack. - Plugin []plugin.Plugin - - // Compiled plugin stack. - pluginChain plugin.Handler - - // Plugin interested in announcing that they exist, so other plugin can call methods - // on them should register themselves here. The name should be the name as return by the - // Handler's Name method. - registry map[string]plugin.Handler - - // firstConfigInBlock is used to reference the first config in a server block, for the - // purpose of sharing single instance of each plugin among all zones in a server block. - firstConfigInBlock *Config - - // metaCollector references the first MetadataCollector plugin, if one exists - metaCollector MetadataCollector -} - -// FilterFunc is a function that filters requests from the Config -type FilterFunc func(context.Context, *request.Request) bool - -// keyForConfig builds a key for identifying the configs during setup time -func keyForConfig(blocIndex int, blocKeyIndex int) string { - return fmt.Sprintf("%d:%d", blocIndex, blocKeyIndex) -} - -// GetConfig gets the Config that corresponds to c. -// If none exist nil is returned. -func GetConfig(c *caddy.Controller) *Config { - ctx := c.Context().(*dnsContext) - key := keyForConfig(c.ServerBlockIndex, c.ServerBlockKeyIndex) - if cfg, ok := ctx.keysToConfigs[key]; ok { - return cfg - } - // we should only get here during tests because directive - // actions typically skip the server blocks where we make - // the configs. - ctx.saveConfig(key, &Config{ListenHosts: []string{""}}) - return GetConfig(c) -} diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/https.go b/vendor/github.com/coredns/coredns/core/dnsserver/https.go deleted file mode 100644 index 015c52ec..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/https.go +++ /dev/null @@ -1,65 +0,0 @@ -package dnsserver - -import ( - "net" - "net/http" - - "github.com/miekg/dns" -) - -// DoHWriter is a dns.ResponseWriter that adds more specific LocalAddr and RemoteAddr methods. -type DoHWriter struct { - // raddr is the remote's address. This can be optionally set. - raddr net.Addr - // laddr is our address. This can be optionally set. - laddr net.Addr - - // request is the HTTP request we're currently handling. - request *http.Request - - // Msg is a response to be written to the client. - Msg *dns.Msg -} - -// WriteMsg stores the message to be written to the client. -func (d *DoHWriter) WriteMsg(m *dns.Msg) error { - d.Msg = m - return nil -} - -// Write stores the message to be written to the client. -func (d *DoHWriter) Write(b []byte) (int, error) { - d.Msg = new(dns.Msg) - return len(b), d.Msg.Unpack(b) -} - -// RemoteAddr returns the remote address. -func (d *DoHWriter) RemoteAddr() net.Addr { - return d.raddr -} - -// LocalAddr returns the local address. -func (d *DoHWriter) LocalAddr() net.Addr { - return d.laddr -} - -// Request returns the HTTP request. -func (d *DoHWriter) Request() *http.Request { - return d.request -} - -// Close no-op implementation. -func (d *DoHWriter) Close() error { - return nil -} - -// TsigStatus no-op implementation. -func (d *DoHWriter) TsigStatus() error { - return nil -} - -// TsigTimersOnly no-op implementation. -func (d *DoHWriter) TsigTimersOnly(_ bool) {} - -// Hijack no-op implementation. -func (d *DoHWriter) Hijack() {} diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/onstartup.go b/vendor/github.com/coredns/coredns/core/dnsserver/onstartup.go deleted file mode 100644 index 572b3589..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/onstartup.go +++ /dev/null @@ -1,57 +0,0 @@ -package dnsserver - -import ( - "fmt" - "regexp" - "sort" - - "github.com/coredns/coredns/plugin/pkg/dnsutil" -) - -// checkZoneSyntax() checks whether the given string match 1035 Preferred Syntax or not. -// The root zone, and all reverse zones always return true even though they technically don't meet 1035 Preferred Syntax -func checkZoneSyntax(zone string) bool { - if zone == "." || dnsutil.IsReverse(zone) != 0 { - return true - } - regex1035PreferredSyntax, _ := regexp.MatchString(`^(([A-Za-z]([A-Za-z0-9-]*[A-Za-z0-9])?)\.)+$`, zone) - return regex1035PreferredSyntax -} - -// startUpZones creates the text that we show when starting up: -// grpc://example.com.:1055 -// example.com.:1053 on 127.0.0.1 -func startUpZones(protocol, addr string, zones map[string][]*Config) string { - s := "" - - keys := make([]string, len(zones)) - i := 0 - - for k := range zones { - keys[i] = k - i++ - } - sort.Strings(keys) - - for _, zone := range keys { - if !checkZoneSyntax(zone) { - s += fmt.Sprintf("Warning: Domain %q does not follow RFC1035 preferred syntax\n", zone) - } - // split addr into protocol, IP and Port - _, ip, port, err := SplitProtocolHostPort(addr) - - if err != nil { - // this should not happen, but we need to take care of it anyway - s += fmt.Sprintln(protocol + zone + ":" + addr) - continue - } - if ip == "" { - s += fmt.Sprintln(protocol + zone + ":" + port) - continue - } - // if the server is listening on a specific address let's make it visible in the log, - // so one can differentiate between all active listeners - s += fmt.Sprintln(protocol + zone + ":" + port + " on " + ip) - } - return s -} diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/quic.go b/vendor/github.com/coredns/coredns/core/dnsserver/quic.go deleted file mode 100644 index 5c2890a7..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/quic.go +++ /dev/null @@ -1,60 +0,0 @@ -package dnsserver - -import ( - "encoding/binary" - "net" - - "github.com/miekg/dns" - "github.com/quic-go/quic-go" -) - -type DoQWriter struct { - localAddr net.Addr - remoteAddr net.Addr - stream quic.Stream - Msg *dns.Msg -} - -func (w *DoQWriter) Write(b []byte) (int, error) { - b = AddPrefix(b) - return w.stream.Write(b) -} - -func (w *DoQWriter) WriteMsg(m *dns.Msg) error { - bytes, err := m.Pack() - if err != nil { - return err - } - - _, err = w.Write(bytes) - if err != nil { - return err - } - - return w.Close() -} - -// Close sends the STREAM FIN signal. -// The server MUST send the response(s) on the same stream and MUST -// indicate, after the last response, through the STREAM FIN -// mechanism that no further data will be sent on that stream. -// See https://www.rfc-editor.org/rfc/rfc9250#section-4.2-7 -func (w *DoQWriter) Close() error { - return w.stream.Close() -} - -// AddPrefix adds a 2-byte prefix with the DNS message length. -func AddPrefix(b []byte) (m []byte) { - m = make([]byte, 2+len(b)) - binary.BigEndian.PutUint16(m, uint16(len(b))) - copy(m[2:], b) - - return m -} - -// These methods implement the dns.ResponseWriter interface from Go DNS. -func (w *DoQWriter) TsigStatus() error { return nil } -func (w *DoQWriter) TsigTimersOnly(b bool) {} -func (w *DoQWriter) Hijack() {} -func (w *DoQWriter) LocalAddr() net.Addr { return w.localAddr } -func (w *DoQWriter) RemoteAddr() net.Addr { return w.remoteAddr } diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/register.go b/vendor/github.com/coredns/coredns/core/dnsserver/register.go deleted file mode 100644 index 73b63bb7..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/register.go +++ /dev/null @@ -1,368 +0,0 @@ -package dnsserver - -import ( - "fmt" - "net" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/caddy/caddyfile" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/parse" - "github.com/coredns/coredns/plugin/pkg/transport" - - "github.com/miekg/dns" -) - -const serverType = "dns" - -func init() { - caddy.RegisterServerType(serverType, caddy.ServerType{ - Directives: func() []string { return Directives }, - DefaultInput: func() caddy.Input { - return caddy.CaddyfileInput{ - Filepath: "Corefile", - Contents: []byte(".:" + Port + " {\nwhoami\nlog\n}\n"), - ServerTypeName: serverType, - } - }, - NewContext: newContext, - }) -} - -func newContext(i *caddy.Instance) caddy.Context { - return &dnsContext{keysToConfigs: make(map[string]*Config)} -} - -type dnsContext struct { - keysToConfigs map[string]*Config - - // configs is the master list of all site configs. - configs []*Config -} - -func (h *dnsContext) saveConfig(key string, cfg *Config) { - h.configs = append(h.configs, cfg) - h.keysToConfigs[key] = cfg -} - -// Compile-time check to ensure dnsContext implements the caddy.Context interface -var _ caddy.Context = &dnsContext{} - -// InspectServerBlocks make sure that everything checks out before -// executing directives and otherwise prepares the directives to -// be parsed and executed. -func (h *dnsContext) InspectServerBlocks(sourceFile string, serverBlocks []caddyfile.ServerBlock) ([]caddyfile.ServerBlock, error) { - // Normalize and check all the zone names and check for duplicates - for ib, s := range serverBlocks { - // Walk the s.Keys and expand any reverse address in their proper DNS in-addr zones. If the expansions leads for - // more than one reverse zone, replace the current value and add the rest to s.Keys. - zoneAddrs := []zoneAddr{} - for ik, k := range s.Keys { - trans, k1 := parse.Transport(k) // get rid of any dns:// or other scheme. - hosts, port, err := plugin.SplitHostPort(k1) - // We need to make this a fully qualified domain name to catch all errors here and not later when - // plugin.Normalize is called again on these strings, with the prime difference being that the domain - // name is fully qualified. This was found by fuzzing where "ȶ" is deemed OK, but "ȶ." is not (might be a - // bug in miekg/dns actually). But here we were checking ȶ, which is OK, and later we barf in ȶ. leading to - // "index out of range". - for ih := range hosts { - _, _, err := plugin.SplitHostPort(dns.Fqdn(hosts[ih])) - if err != nil { - return nil, err - } - } - if err != nil { - return nil, err - } - - if port == "" { - switch trans { - case transport.DNS: - port = Port - case transport.TLS: - port = transport.TLSPort - case transport.QUIC: - port = transport.QUICPort - case transport.GRPC: - port = transport.GRPCPort - case transport.HTTPS: - port = transport.HTTPSPort - } - } - - if len(hosts) > 1 { - s.Keys[ik] = hosts[0] + ":" + port // replace for the first - for _, h := range hosts[1:] { // add the rest - s.Keys = append(s.Keys, h+":"+port) - } - } - for i := range hosts { - zoneAddrs = append(zoneAddrs, zoneAddr{Zone: dns.Fqdn(hosts[i]), Port: port, Transport: trans}) - } - } - - serverBlocks[ib].Keys = s.Keys // important to save back the new keys that are potentially created here. - - var firstConfigInBlock *Config - - for ik := range s.Keys { - za := zoneAddrs[ik] - s.Keys[ik] = za.String() - // Save the config to our master list, and key it for lookups. - cfg := &Config{ - Zone: za.Zone, - ListenHosts: []string{""}, - Port: za.Port, - Transport: za.Transport, - } - - // Set reference to the first config in the current block. - // This is used later by MakeServers to share a single plugin list - // for all zones in a server block. - if ik == 0 { - firstConfigInBlock = cfg - } - cfg.firstConfigInBlock = firstConfigInBlock - - keyConfig := keyForConfig(ib, ik) - h.saveConfig(keyConfig, cfg) - } - } - return serverBlocks, nil -} - -// MakeServers uses the newly-created siteConfigs to create and return a list of server instances. -func (h *dnsContext) MakeServers() ([]caddy.Server, error) { - // Copy parameters from first config in the block to all other config in the same block - propagateConfigParams(h.configs) - - // we must map (group) each config to a bind address - groups, err := groupConfigsByListenAddr(h.configs) - if err != nil { - return nil, err - } - - // then we create a server for each group - var servers []caddy.Server - for addr, group := range groups { - serversForGroup, err := makeServersForGroup(addr, group) - if err != nil { - return nil, err - } - servers = append(servers, serversForGroup...) - } - - // For each server config, check for View Filter plugins - for _, c := range h.configs { - // Add filters in the plugin.cfg order for consistent filter func evaluation order. - for _, d := range Directives { - if vf, ok := c.registry[d].(Viewer); ok { - if c.ViewName != "" { - return nil, fmt.Errorf("multiple views defined in server block") - } - c.ViewName = vf.ViewName() - c.FilterFuncs = append(c.FilterFuncs, vf.Filter) - } - } - } - - // Verify that there is no overlap on the zones and listen addresses - // for unfiltered server configs - errValid := h.validateZonesAndListeningAddresses() - if errValid != nil { - return nil, errValid - } - - return servers, nil -} - -// AddPlugin adds a plugin to a site's plugin stack. -func (c *Config) AddPlugin(m plugin.Plugin) { - c.Plugin = append(c.Plugin, m) -} - -// registerHandler adds a handler to a site's handler registration. Handlers -// -// use this to announce that they exist to other plugin. -func (c *Config) registerHandler(h plugin.Handler) { - if c.registry == nil { - c.registry = make(map[string]plugin.Handler) - } - - // Just overwrite... - c.registry[h.Name()] = h -} - -// Handler returns the plugin handler that has been added to the config under its name. -// This is useful to inspect if a certain plugin is active in this server. -// Note that this is order dependent and the order is defined in directives.go, i.e. if your plugin -// comes before the plugin you are checking; it will not be there (yet). -func (c *Config) Handler(name string) plugin.Handler { - if c.registry == nil { - return nil - } - if h, ok := c.registry[name]; ok { - return h - } - return nil -} - -// Handlers returns a slice of plugins that have been registered. This can be used to -// inspect and interact with registered plugins but cannot be used to remove or add plugins. -// Note that this is order dependent and the order is defined in directives.go, i.e. if your plugin -// comes before the plugin you are checking; it will not be there (yet). -func (c *Config) Handlers() []plugin.Handler { - if c.registry == nil { - return nil - } - hs := make([]plugin.Handler, 0, len(c.registry)) - for _, k := range Directives { - registry := c.Handler(k) - if registry != nil { - hs = append(hs, registry) - } - } - return hs -} - -func (h *dnsContext) validateZonesAndListeningAddresses() error { - //Validate Zone and addresses - checker := newOverlapZone() - for _, conf := range h.configs { - for _, h := range conf.ListenHosts { - // Validate the overlapping of ZoneAddr - akey := zoneAddr{Transport: conf.Transport, Zone: conf.Zone, Address: h, Port: conf.Port} - var existZone, overlapZone *zoneAddr - if len(conf.FilterFuncs) > 0 { - // This config has filters. Check for overlap with other (unfiltered) configs. - existZone, overlapZone = checker.check(akey) - } else { - // This config has no filters. Check for overlap with other (unfiltered) configs, - // and register the zone to prevent subsequent zones from overlapping with it. - existZone, overlapZone = checker.registerAndCheck(akey) - } - if existZone != nil { - return fmt.Errorf("cannot serve %s - it is already defined", akey.String()) - } - if overlapZone != nil { - return fmt.Errorf("cannot serve %s - zone overlap listener capacity with %v", akey.String(), overlapZone.String()) - } - } - } - return nil -} - -// propagateConfigParams copies the necessary parameters from first config in the block -// to all other config in the same block. Doing this results in zones -// sharing the same plugin instances and settings as other zones in -// the same block. -func propagateConfigParams(configs []*Config) { - for _, c := range configs { - c.Plugin = c.firstConfigInBlock.Plugin - c.ListenHosts = c.firstConfigInBlock.ListenHosts - c.Debug = c.firstConfigInBlock.Debug - c.Stacktrace = c.firstConfigInBlock.Stacktrace - c.NumSockets = c.firstConfigInBlock.NumSockets - - // Fork TLSConfig for each encrypted connection - c.TLSConfig = c.firstConfigInBlock.TLSConfig.Clone() - c.ReadTimeout = c.firstConfigInBlock.ReadTimeout - c.WriteTimeout = c.firstConfigInBlock.WriteTimeout - c.IdleTimeout = c.firstConfigInBlock.IdleTimeout - c.TsigSecret = c.firstConfigInBlock.TsigSecret - } -} - -// groupConfigsByListenAddr groups site configs by their listen -// (bind) address, so sites that use the same listener can be served -// on the same server instance. The return value maps the listen -// address (what you pass into net.Listen) to the list of site configs. -// This function does NOT vet the configs to ensure they are compatible. -func groupConfigsByListenAddr(configs []*Config) (map[string][]*Config, error) { - groups := make(map[string][]*Config) - for _, conf := range configs { - for _, h := range conf.ListenHosts { - addr, err := net.ResolveTCPAddr("tcp", net.JoinHostPort(h, conf.Port)) - if err != nil { - return nil, err - } - addrstr := conf.Transport + "://" + addr.String() - groups[addrstr] = append(groups[addrstr], conf) - } - } - - return groups, nil -} - -// makeServersForGroup creates servers for a specific transport and group. -// It creates as many servers as specified in the NumSockets configuration. -// If the NumSockets param is not specified, one server is created by default. -func makeServersForGroup(addr string, group []*Config) ([]caddy.Server, error) { - // that is impossible, but better to check - if len(group) == 0 { - return nil, fmt.Errorf("no configs for group defined") - } - // create one server by default if no NumSockets specified - numSockets := 1 - if group[0].NumSockets > 0 { - numSockets = group[0].NumSockets - } - - var servers []caddy.Server - for range numSockets { - // switch on addr - switch tr, _ := parse.Transport(addr); tr { - case transport.DNS: - s, err := NewServer(addr, group) - if err != nil { - return nil, err - } - servers = append(servers, s) - - case transport.TLS: - s, err := NewServerTLS(addr, group) - if err != nil { - return nil, err - } - servers = append(servers, s) - - case transport.QUIC: - s, err := NewServerQUIC(addr, group) - if err != nil { - return nil, err - } - servers = append(servers, s) - - case transport.GRPC: - s, err := NewServergRPC(addr, group) - if err != nil { - return nil, err - } - servers = append(servers, s) - - case transport.HTTPS: - s, err := NewServerHTTPS(addr, group) - if err != nil { - return nil, err - } - servers = append(servers, s) - } - } - return servers, nil -} - -// DefaultPort is the default port. -const DefaultPort = transport.Port - -// These "soft defaults" are configurable by -// command line flags, etc. -var ( - // Port is the port we listen on by default. - Port = DefaultPort - - // GracefulTimeout is the maximum duration of a graceful shutdown. - GracefulTimeout time.Duration -) - -var _ caddy.GracefulServer = new(Server) diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/server.go b/vendor/github.com/coredns/coredns/core/dnsserver/server.go deleted file mode 100644 index 2107e8d0..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/server.go +++ /dev/null @@ -1,458 +0,0 @@ -// Package dnsserver implements all the interfaces from Caddy, so that CoreDNS can be a servertype plugin. -package dnsserver - -import ( - "context" - "fmt" - "net" - "runtime" - "runtime/debug" - "strings" - "sync" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/metrics/vars" - "github.com/coredns/coredns/plugin/pkg/edns" - "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/pkg/rcode" - "github.com/coredns/coredns/plugin/pkg/reuseport" - "github.com/coredns/coredns/plugin/pkg/trace" - "github.com/coredns/coredns/plugin/pkg/transport" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" - ot "github.com/opentracing/opentracing-go" -) - -// Server represents an instance of a server, which serves -// DNS requests at a particular address (host and port). A -// server is capable of serving numerous zones on -// the same address and the listener may be stopped for -// graceful termination (POSIX only). -type Server struct { - Addr string // Address we listen on - - server [2]*dns.Server // 0 is a net.Listener, 1 is a net.PacketConn (a *UDPConn) in our case. - m sync.Mutex // protects the servers - - zones map[string][]*Config // zones keyed by their address - dnsWg sync.WaitGroup // used to wait on outstanding connections - graceTimeout time.Duration // the maximum duration of a graceful shutdown - trace trace.Trace // the trace plugin for the server - debug bool // disable recover() - stacktrace bool // enable stacktrace in recover error log - classChaos bool // allow non-INET class queries - idleTimeout time.Duration // Idle timeout for TCP - readTimeout time.Duration // Read timeout for TCP - writeTimeout time.Duration // Write timeout for TCP - - tsigSecret map[string]string -} - -// MetadataCollector is a plugin that can retrieve metadata functions from all metadata providing plugins -type MetadataCollector interface { - Collect(context.Context, request.Request) context.Context -} - -// NewServer returns a new CoreDNS server and compiles all plugins in to it. By default CH class -// queries are blocked unless queries from enableChaos are loaded. -func NewServer(addr string, group []*Config) (*Server, error) { - s := &Server{ - Addr: addr, - zones: make(map[string][]*Config), - graceTimeout: 5 * time.Second, - idleTimeout: 10 * time.Second, - readTimeout: 3 * time.Second, - writeTimeout: 5 * time.Second, - tsigSecret: make(map[string]string), - } - - // We have to bound our wg with one increment - // to prevent a "race condition" that is hard-coded - // into sync.WaitGroup.Wait() - basically, an add - // with a positive delta must be guaranteed to - // occur before Wait() is called on the wg. - // In a way, this kind of acts as a safety barrier. - s.dnsWg.Add(1) - - for _, site := range group { - if site.Debug { - s.debug = true - log.D.Set() - } - s.stacktrace = site.Stacktrace - - // append the config to the zone's configs - s.zones[site.Zone] = append(s.zones[site.Zone], site) - - // set timeouts - if site.ReadTimeout != 0 { - s.readTimeout = site.ReadTimeout - } - if site.WriteTimeout != 0 { - s.writeTimeout = site.WriteTimeout - } - if site.IdleTimeout != 0 { - s.idleTimeout = site.IdleTimeout - } - - // copy tsig secrets - for key, secret := range site.TsigSecret { - s.tsigSecret[key] = secret - } - - // compile custom plugin for everything - var stack plugin.Handler - for i := len(site.Plugin) - 1; i >= 0; i-- { - stack = site.Plugin[i](stack) - - // register the *handler* also - site.registerHandler(stack) - - // If the current plugin is a MetadataCollector, bookmark it for later use. This loop traverses the plugin - // list backwards, so the first MetadataCollector plugin wins. - if mdc, ok := stack.(MetadataCollector); ok { - site.metaCollector = mdc - } - - if s.trace == nil && stack.Name() == "trace" { - // we have to stash away the plugin, not the - // Tracer object, because the Tracer won't be initialized yet - if t, ok := stack.(trace.Trace); ok { - s.trace = t - } - } - // Unblock CH class queries when any of these plugins are loaded. - if _, ok := EnableChaos[stack.Name()]; ok { - s.classChaos = true - } - } - site.pluginChain = stack - } - - if !s.debug { - // When reloading we need to explicitly disable debug logging if it is now disabled. - log.D.Clear() - } - - return s, nil -} - -// Compile-time check to ensure Server implements the caddy.GracefulServer interface -var _ caddy.GracefulServer = &Server{} - -// Serve starts the server with an existing listener. It blocks until the server stops. -// This implements caddy.TCPServer interface. -func (s *Server) Serve(l net.Listener) error { - s.m.Lock() - - s.server[tcp] = &dns.Server{Listener: l, - Net: "tcp", - TsigSecret: s.tsigSecret, - MaxTCPQueries: tcpMaxQueries, - ReadTimeout: s.readTimeout, - WriteTimeout: s.writeTimeout, - IdleTimeout: func() time.Duration { - return s.idleTimeout - }, - Handler: dns.HandlerFunc(func(w dns.ResponseWriter, r *dns.Msg) { - ctx := context.WithValue(context.Background(), Key{}, s) - ctx = context.WithValue(ctx, LoopKey{}, 0) - s.ServeDNS(ctx, w, r) - })} - - s.m.Unlock() - - return s.server[tcp].ActivateAndServe() -} - -// ServePacket starts the server with an existing packetconn. It blocks until the server stops. -// This implements caddy.UDPServer interface. -func (s *Server) ServePacket(p net.PacketConn) error { - s.m.Lock() - s.server[udp] = &dns.Server{PacketConn: p, Net: "udp", Handler: dns.HandlerFunc(func(w dns.ResponseWriter, r *dns.Msg) { - ctx := context.WithValue(context.Background(), Key{}, s) - ctx = context.WithValue(ctx, LoopKey{}, 0) - s.ServeDNS(ctx, w, r) - }), TsigSecret: s.tsigSecret} - s.m.Unlock() - - return s.server[udp].ActivateAndServe() -} - -// Listen implements caddy.TCPServer interface. -func (s *Server) Listen() (net.Listener, error) { - l, err := reuseport.Listen("tcp", s.Addr[len(transport.DNS+"://"):]) - if err != nil { - return nil, err - } - return l, nil -} - -// WrapListener Listen implements caddy.GracefulServer interface. -func (s *Server) WrapListener(ln net.Listener) net.Listener { - return ln -} - -// ListenPacket implements caddy.UDPServer interface. -func (s *Server) ListenPacket() (net.PacketConn, error) { - p, err := reuseport.ListenPacket("udp", s.Addr[len(transport.DNS+"://"):]) - if err != nil { - return nil, err - } - - return p, nil -} - -// Stop stops the server. It blocks until the server is -// totally stopped. On POSIX systems, it will wait for -// connections to close (up to a max timeout of a few -// seconds); on Windows it will close the listener -// immediately. -// This implements Caddy.Stopper interface. -func (s *Server) Stop() (err error) { - if runtime.GOOS != "windows" { - // force connections to close after timeout - done := make(chan struct{}) - go func() { - s.dnsWg.Done() // decrement our initial increment used as a barrier - s.dnsWg.Wait() - close(done) - }() - - // Wait for remaining connections to finish or - // force them all to close after timeout - select { - case <-time.After(s.graceTimeout): - case <-done: - } - } - - // Close the listener now; this stops the server without delay - s.m.Lock() - for _, s1 := range s.server { - // We might not have started and initialized the full set of servers - if s1 != nil { - err = s1.Shutdown() - } - } - s.m.Unlock() - return -} - -// Address together with Stop() implement caddy.GracefulServer. -func (s *Server) Address() string { return s.Addr } - -// ServeDNS is the entry point for every request to the address that -// is bound to. It acts as a multiplexer for the requests zonename as -// defined in the request so that the correct zone -// (configuration and plugin stack) will handle the request. -func (s *Server) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) { - // The default dns.Mux checks the question section size, but we have our - // own mux here. Check if we have a question section. If not drop them here. - if r == nil || len(r.Question) == 0 { - errorAndMetricsFunc(s.Addr, w, r, dns.RcodeServerFailure) - return - } - - if !s.debug { - defer func() { - // In case the user doesn't enable error plugin, we still - // need to make sure that we stay alive up here - if rec := recover(); rec != nil { - if s.stacktrace { - log.Errorf("Recovered from panic in server: %q %v\n%s", s.Addr, rec, string(debug.Stack())) - } else { - log.Errorf("Recovered from panic in server: %q %v", s.Addr, rec) - } - vars.Panic.Inc() - errorAndMetricsFunc(s.Addr, w, r, dns.RcodeServerFailure) - } - }() - } - - if !s.classChaos && r.Question[0].Qclass != dns.ClassINET { - errorAndMetricsFunc(s.Addr, w, r, dns.RcodeRefused) - return - } - - if m, err := edns.Version(r); err != nil { // Wrong EDNS version, return at once. - w.WriteMsg(m) - return - } - - // Wrap the response writer in a ScrubWriter so we automatically make the reply fit in the client's buffer. - w = request.NewScrubWriter(r, w) - - q := strings.ToLower(r.Question[0].Name) - var ( - off int - end bool - dshandler *Config - ) - - for { - if z, ok := s.zones[q[off:]]; ok { - for _, h := range z { - if h.pluginChain == nil { // zone defined, but has not got any plugins - errorAndMetricsFunc(s.Addr, w, r, dns.RcodeRefused) - return - } - - if h.metaCollector != nil { - // Collect metadata now, so it can be used before we send a request down the plugin chain. - ctx = h.metaCollector.Collect(ctx, request.Request{Req: r, W: w}) - } - - // If all filter funcs pass, use this config. - if passAllFilterFuncs(ctx, h.FilterFuncs, &request.Request{Req: r, W: w}) { - if h.ViewName != "" { - // if there was a view defined for this Config, set the view name in the context - ctx = context.WithValue(ctx, ViewKey{}, h.ViewName) - } - if r.Question[0].Qtype != dns.TypeDS { - rcode, _ := h.pluginChain.ServeDNS(ctx, w, r) - if !plugin.ClientWrite(rcode) { - errorFunc(s.Addr, w, r, rcode) - } - return - } - // The type is DS, keep the handler, but keep on searching as maybe we are serving - // the parent as well and the DS should be routed to it - this will probably *misroute* DS - // queries to a possibly grand parent, but there is no way for us to know at this point - // if there is an actual delegation from grandparent -> parent -> zone. - // In all fairness: direct DS queries should not be needed. - dshandler = h - } - } - } - off, end = dns.NextLabel(q, off) - if end { - break - } - } - - if r.Question[0].Qtype == dns.TypeDS && dshandler != nil && dshandler.pluginChain != nil { - // DS request, and we found a zone, use the handler for the query. - rcode, _ := dshandler.pluginChain.ServeDNS(ctx, w, r) - if !plugin.ClientWrite(rcode) { - errorFunc(s.Addr, w, r, rcode) - } - return - } - - // Wildcard match, if we have found nothing try the root zone as a last resort. - if z, ok := s.zones["."]; ok { - for _, h := range z { - if h.pluginChain == nil { - continue - } - - if h.metaCollector != nil { - // Collect metadata now, so it can be used before we send a request down the plugin chain. - ctx = h.metaCollector.Collect(ctx, request.Request{Req: r, W: w}) - } - - // If all filter funcs pass, use this config. - if passAllFilterFuncs(ctx, h.FilterFuncs, &request.Request{Req: r, W: w}) { - if h.ViewName != "" { - // if there was a view defined for this Config, set the view name in the context - ctx = context.WithValue(ctx, ViewKey{}, h.ViewName) - } - rcode, _ := h.pluginChain.ServeDNS(ctx, w, r) - if !plugin.ClientWrite(rcode) { - errorFunc(s.Addr, w, r, rcode) - } - return - } - } - } - - // Still here? Error out with REFUSED. - errorAndMetricsFunc(s.Addr, w, r, dns.RcodeRefused) -} - -// passAllFilterFuncs returns true if all filter funcs evaluate to true for the given request -func passAllFilterFuncs(ctx context.Context, filterFuncs []FilterFunc, req *request.Request) bool { - for _, ff := range filterFuncs { - if !ff(ctx, req) { - return false - } - } - return true -} - -// OnStartupComplete lists the sites served by this server -// and any relevant information, assuming Quiet is false. -func (s *Server) OnStartupComplete() { - if Quiet { - return - } - - out := startUpZones("", s.Addr, s.zones) - if out != "" { - fmt.Print(out) - } -} - -// Tracer returns the tracer in the server if defined. -func (s *Server) Tracer() ot.Tracer { - if s.trace == nil { - return nil - } - - return s.trace.Tracer() -} - -// errorFunc responds to an DNS request with an error. -func errorFunc(server string, w dns.ResponseWriter, r *dns.Msg, rc int) { - state := request.Request{W: w, Req: r} - - answer := new(dns.Msg) - answer.SetRcode(r, rc) - state.SizeAndDo(answer) - - w.WriteMsg(answer) -} - -func errorAndMetricsFunc(server string, w dns.ResponseWriter, r *dns.Msg, rc int) { - state := request.Request{W: w, Req: r} - - answer := new(dns.Msg) - answer.SetRcode(r, rc) - state.SizeAndDo(answer) - - vars.Report(server, state, vars.Dropped, "", rcode.ToString(rc), "" /* plugin */, answer.Len(), time.Now()) - - w.WriteMsg(answer) -} - -const ( - tcp = 0 - udp = 1 - - tcpMaxQueries = -1 -) - -type ( - // Key is the context key for the current server added to the context. - Key struct{} - - // LoopKey is the context key to detect server wide loops. - LoopKey struct{} - - // ViewKey is the context key for the current view, if defined - ViewKey struct{} -) - -// EnableChaos is a map with plugin names for which we should open CH class queries as we block these by default. -var EnableChaos = map[string]struct{}{ - "chaos": {}, - "forward": {}, - "proxy": {}, -} - -// Quiet mode will not show any informative output on initialization. -var Quiet bool diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/server_grpc.go b/vendor/github.com/coredns/coredns/core/dnsserver/server_grpc.go deleted file mode 100644 index 9d7a95ac..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/server_grpc.go +++ /dev/null @@ -1,184 +0,0 @@ -package dnsserver - -import ( - "context" - "crypto/tls" - "errors" - "fmt" - "net" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/pb" - "github.com/coredns/coredns/plugin/pkg/reuseport" - "github.com/coredns/coredns/plugin/pkg/transport" - - "github.com/grpc-ecosystem/grpc-opentracing/go/otgrpc" - "github.com/miekg/dns" - "github.com/opentracing/opentracing-go" - "google.golang.org/grpc" - "google.golang.org/grpc/peer" -) - -// ServergRPC represents an instance of a DNS-over-gRPC server. -type ServergRPC struct { - *Server - *pb.UnimplementedDnsServiceServer - grpcServer *grpc.Server - listenAddr net.Addr - tlsConfig *tls.Config -} - -// NewServergRPC returns a new CoreDNS GRPC server and compiles all plugin in to it. -func NewServergRPC(addr string, group []*Config) (*ServergRPC, error) { - s, err := NewServer(addr, group) - if err != nil { - return nil, err - } - // The *tls* plugin must make sure that multiple conflicting - // TLS configuration returns an error: it can only be specified once. - var tlsConfig *tls.Config - for _, z := range s.zones { - for _, conf := range z { - // Should we error if some configs *don't* have TLS? - tlsConfig = conf.TLSConfig - } - } - // http/2 is required when using gRPC. We need to specify it in next protos - // or the upgrade won't happen. - if tlsConfig != nil { - tlsConfig.NextProtos = []string{"h2"} - } - - return &ServergRPC{Server: s, tlsConfig: tlsConfig}, nil -} - -// Compile-time check to ensure Server implements the caddy.GracefulServer interface -var _ caddy.GracefulServer = &Server{} - -// Serve implements caddy.TCPServer interface. -func (s *ServergRPC) Serve(l net.Listener) error { - s.m.Lock() - s.listenAddr = l.Addr() - s.m.Unlock() - - if s.Tracer() != nil { - onlyIfParent := func(parentSpanCtx opentracing.SpanContext, method string, req, resp interface{}) bool { - return parentSpanCtx != nil - } - intercept := otgrpc.OpenTracingServerInterceptor(s.Tracer(), otgrpc.IncludingSpans(onlyIfParent)) - s.grpcServer = grpc.NewServer(grpc.UnaryInterceptor(intercept)) - } else { - s.grpcServer = grpc.NewServer() - } - - pb.RegisterDnsServiceServer(s.grpcServer, s) - - if s.tlsConfig != nil { - l = tls.NewListener(l, s.tlsConfig) - } - return s.grpcServer.Serve(l) -} - -// ServePacket implements caddy.UDPServer interface. -func (s *ServergRPC) ServePacket(p net.PacketConn) error { return nil } - -// Listen implements caddy.TCPServer interface. -func (s *ServergRPC) Listen() (net.Listener, error) { - l, err := reuseport.Listen("tcp", s.Addr[len(transport.GRPC+"://"):]) - if err != nil { - return nil, err - } - return l, nil -} - -// ListenPacket implements caddy.UDPServer interface. -func (s *ServergRPC) ListenPacket() (net.PacketConn, error) { return nil, nil } - -// OnStartupComplete lists the sites served by this server -// and any relevant information, assuming Quiet is false. -func (s *ServergRPC) OnStartupComplete() { - if Quiet { - return - } - - out := startUpZones(transport.GRPC+"://", s.Addr, s.zones) - if out != "" { - fmt.Print(out) - } -} - -// Stop stops the server. It blocks until the server is -// totally stopped. -func (s *ServergRPC) Stop() (err error) { - s.m.Lock() - defer s.m.Unlock() - if s.grpcServer != nil { - s.grpcServer.GracefulStop() - } - return -} - -// Query is the main entry-point into the gRPC server. From here we call ServeDNS like -// any normal server. We use a custom responseWriter to pick up the bytes we need to write -// back to the client as a protobuf. -func (s *ServergRPC) Query(ctx context.Context, in *pb.DnsPacket) (*pb.DnsPacket, error) { - msg := new(dns.Msg) - err := msg.Unpack(in.Msg) - if err != nil { - return nil, err - } - - p, ok := peer.FromContext(ctx) - if !ok { - return nil, errors.New("no peer in gRPC context") - } - - a, ok := p.Addr.(*net.TCPAddr) - if !ok { - return nil, fmt.Errorf("no TCP peer in gRPC context: %v", p.Addr) - } - - w := &gRPCresponse{localAddr: s.listenAddr, remoteAddr: a, Msg: msg} - - dnsCtx := context.WithValue(ctx, Key{}, s.Server) - dnsCtx = context.WithValue(dnsCtx, LoopKey{}, 0) - s.ServeDNS(dnsCtx, w, msg) - - packed, err := w.Msg.Pack() - if err != nil { - return nil, err - } - - return &pb.DnsPacket{Msg: packed}, nil -} - -// Shutdown stops the server (non gracefully). -func (s *ServergRPC) Shutdown() error { - if s.grpcServer != nil { - s.grpcServer.Stop() - } - return nil -} - -type gRPCresponse struct { - localAddr net.Addr - remoteAddr net.Addr - Msg *dns.Msg -} - -// Write is the hack that makes this work. It does not actually write the message -// but returns the bytes we need to write in r. We can then pick this up in Query -// and write a proper protobuf back to the client. -func (r *gRPCresponse) Write(b []byte) (int, error) { - r.Msg = new(dns.Msg) - return len(b), r.Msg.Unpack(b) -} - -// These methods implement the dns.ResponseWriter interface from Go DNS. -func (r *gRPCresponse) Close() error { return nil } -func (r *gRPCresponse) TsigStatus() error { return nil } -func (r *gRPCresponse) TsigTimersOnly(b bool) {} -func (r *gRPCresponse) Hijack() {} -func (r *gRPCresponse) LocalAddr() net.Addr { return r.localAddr } -func (r *gRPCresponse) RemoteAddr() net.Addr { return r.remoteAddr } -func (r *gRPCresponse) WriteMsg(m *dns.Msg) error { r.Msg = m; return nil } diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/server_https.go b/vendor/github.com/coredns/coredns/core/dnsserver/server_https.go deleted file mode 100644 index 09c7d620..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/server_https.go +++ /dev/null @@ -1,209 +0,0 @@ -package dnsserver - -import ( - "context" - "crypto/tls" - "fmt" - stdlog "log" - "net" - "net/http" - "strconv" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/plugin/metrics/vars" - "github.com/coredns/coredns/plugin/pkg/dnsutil" - "github.com/coredns/coredns/plugin/pkg/doh" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/pkg/response" - "github.com/coredns/coredns/plugin/pkg/reuseport" - "github.com/coredns/coredns/plugin/pkg/transport" -) - -// ServerHTTPS represents an instance of a DNS-over-HTTPS server. -type ServerHTTPS struct { - *Server - httpsServer *http.Server - listenAddr net.Addr - tlsConfig *tls.Config - validRequest func(*http.Request) bool -} - -// loggerAdapter is a simple adapter around CoreDNS logger made to implement io.Writer in order to log errors from HTTP server -type loggerAdapter struct { -} - -func (l *loggerAdapter) Write(p []byte) (n int, err error) { - clog.Debug(string(p)) - return len(p), nil -} - -// HTTPRequestKey is the context key for the current processed HTTP request (if current processed request was done over DOH) -type HTTPRequestKey struct{} - -// NewServerHTTPS returns a new CoreDNS HTTPS server and compiles all plugins in to it. -func NewServerHTTPS(addr string, group []*Config) (*ServerHTTPS, error) { - s, err := NewServer(addr, group) - if err != nil { - return nil, err - } - // The *tls* plugin must make sure that multiple conflicting - // TLS configuration returns an error: it can only be specified once. - var tlsConfig *tls.Config - for _, z := range s.zones { - for _, conf := range z { - // Should we error if some configs *don't* have TLS? - tlsConfig = conf.TLSConfig - } - } - - // http/2 is recommended when using DoH. We need to specify it in next protos - // or the upgrade won't happen. - if tlsConfig != nil { - tlsConfig.NextProtos = []string{"h2", "http/1.1"} - } - - // Use a custom request validation func or use the standard DoH path check. - var validator func(*http.Request) bool - for _, z := range s.zones { - for _, conf := range z { - validator = conf.HTTPRequestValidateFunc - } - } - if validator == nil { - validator = func(r *http.Request) bool { return r.URL.Path == doh.Path } - } - - srv := &http.Server{ - ReadTimeout: s.readTimeout, - WriteTimeout: s.writeTimeout, - IdleTimeout: s.idleTimeout, - ErrorLog: stdlog.New(&loggerAdapter{}, "", 0), - } - sh := &ServerHTTPS{ - Server: s, tlsConfig: tlsConfig, httpsServer: srv, validRequest: validator, - } - sh.httpsServer.Handler = sh - - return sh, nil -} - -// Compile-time check to ensure Server implements the caddy.GracefulServer interface -var _ caddy.GracefulServer = &Server{} - -// Serve implements caddy.TCPServer interface. -func (s *ServerHTTPS) Serve(l net.Listener) error { - s.m.Lock() - s.listenAddr = l.Addr() - s.m.Unlock() - - if s.tlsConfig != nil { - l = tls.NewListener(l, s.tlsConfig) - } - return s.httpsServer.Serve(l) -} - -// ServePacket implements caddy.UDPServer interface. -func (s *ServerHTTPS) ServePacket(p net.PacketConn) error { return nil } - -// Listen implements caddy.TCPServer interface. -func (s *ServerHTTPS) Listen() (net.Listener, error) { - l, err := reuseport.Listen("tcp", s.Addr[len(transport.HTTPS+"://"):]) - if err != nil { - return nil, err - } - return l, nil -} - -// ListenPacket implements caddy.UDPServer interface. -func (s *ServerHTTPS) ListenPacket() (net.PacketConn, error) { return nil, nil } - -// OnStartupComplete lists the sites served by this server -// and any relevant information, assuming Quiet is false. -func (s *ServerHTTPS) OnStartupComplete() { - if Quiet { - return - } - - out := startUpZones(transport.HTTPS+"://", s.Addr, s.zones) - if out != "" { - fmt.Print(out) - } -} - -// Stop stops the server. It blocks until the server is totally stopped. -func (s *ServerHTTPS) Stop() error { - s.m.Lock() - defer s.m.Unlock() - if s.httpsServer != nil { - s.httpsServer.Shutdown(context.Background()) - } - return nil -} - -// ServeHTTP is the handler that gets the HTTP request and converts to the dns format, calls the plugin -// chain, converts it back and write it to the client. -func (s *ServerHTTPS) ServeHTTP(w http.ResponseWriter, r *http.Request) { - if !s.validRequest(r) { - http.Error(w, "", http.StatusNotFound) - s.countResponse(http.StatusNotFound) - return - } - - msg, err := doh.RequestToMsg(r) - if err != nil { - http.Error(w, err.Error(), http.StatusBadRequest) - s.countResponse(http.StatusBadRequest) - return - } - - // Create a DoHWriter with the correct addresses in it. - h, p, _ := net.SplitHostPort(r.RemoteAddr) - port, _ := strconv.Atoi(p) - dw := &DoHWriter{ - laddr: s.listenAddr, - raddr: &net.TCPAddr{IP: net.ParseIP(h), Port: port}, - request: r, - } - - // We just call the normal chain handler - all error handling is done there. - // We should expect a packet to be returned that we can send to the client. - ctx := context.WithValue(context.Background(), Key{}, s.Server) - ctx = context.WithValue(ctx, LoopKey{}, 0) - ctx = context.WithValue(ctx, HTTPRequestKey{}, r) - s.ServeDNS(ctx, dw, msg) - - // See section 4.2.1 of RFC 8484. - // We are using code 500 to indicate an unexpected situation when the chain - // handler has not provided any response message. - if dw.Msg == nil { - http.Error(w, "No response", http.StatusInternalServerError) - s.countResponse(http.StatusInternalServerError) - return - } - - buf, _ := dw.Msg.Pack() - - mt, _ := response.Typify(dw.Msg, time.Now().UTC()) - age := dnsutil.MinimalTTL(dw.Msg, mt) - - w.Header().Set("Content-Type", doh.MimeType) - w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%d", uint32(age.Seconds()))) - w.Header().Set("Content-Length", strconv.Itoa(len(buf))) - w.WriteHeader(http.StatusOK) - s.countResponse(http.StatusOK) - - w.Write(buf) -} - -func (s *ServerHTTPS) countResponse(status int) { - vars.HTTPSResponsesCount.WithLabelValues(s.Addr, strconv.Itoa(status)).Inc() -} - -// Shutdown stops the server (non gracefully). -func (s *ServerHTTPS) Shutdown() error { - if s.httpsServer != nil { - s.httpsServer.Shutdown(context.Background()) - } - return nil -} diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/server_quic.go b/vendor/github.com/coredns/coredns/core/dnsserver/server_quic.go deleted file mode 100644 index ba7867cf..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/server_quic.go +++ /dev/null @@ -1,346 +0,0 @@ -package dnsserver - -import ( - "context" - "crypto/tls" - "encoding/binary" - "errors" - "fmt" - "io" - "math" - "net" - - "github.com/coredns/coredns/plugin/metrics/vars" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/pkg/reuseport" - "github.com/coredns/coredns/plugin/pkg/transport" - - "github.com/miekg/dns" - "github.com/quic-go/quic-go" -) - -const ( - // DoQCodeNoError is used when the connection or stream needs to be - // closed, but there is no error to signal. - DoQCodeNoError quic.ApplicationErrorCode = 0 - - // DoQCodeInternalError signals that the DoQ implementation encountered - // an internal error and is incapable of pursuing the transaction or the - // connection. - DoQCodeInternalError quic.ApplicationErrorCode = 1 - - // DoQCodeProtocolError signals that the DoQ implementation encountered - // a protocol error and is forcibly aborting the connection. - DoQCodeProtocolError quic.ApplicationErrorCode = 2 -) - -// ServerQUIC represents an instance of a DNS-over-QUIC server. -type ServerQUIC struct { - *Server - listenAddr net.Addr - tlsConfig *tls.Config - quicConfig *quic.Config - quicListener *quic.Listener -} - -// NewServerQUIC returns a new CoreDNS QUIC server and compiles all plugin in to it. -func NewServerQUIC(addr string, group []*Config) (*ServerQUIC, error) { - s, err := NewServer(addr, group) - if err != nil { - return nil, err - } - // The *tls* plugin must make sure that multiple conflicting - // TLS configuration returns an error: it can only be specified once. - var tlsConfig *tls.Config - for _, z := range s.zones { - for _, conf := range z { - // Should we error if some configs *don't* have TLS? - tlsConfig = conf.TLSConfig - } - } - - if tlsConfig != nil { - tlsConfig.NextProtos = []string{"doq"} - } - - var quicConfig *quic.Config - quicConfig = &quic.Config{ - MaxIdleTimeout: s.idleTimeout, - MaxIncomingStreams: math.MaxUint16, - MaxIncomingUniStreams: math.MaxUint16, - // Enable 0-RTT by default for all connections on the server-side. - Allow0RTT: true, - } - - return &ServerQUIC{Server: s, tlsConfig: tlsConfig, quicConfig: quicConfig}, nil -} - -// ServePacket implements caddy.UDPServer interface. -func (s *ServerQUIC) ServePacket(p net.PacketConn) error { - s.m.Lock() - s.listenAddr = s.quicListener.Addr() - s.m.Unlock() - - return s.ServeQUIC() -} - -// ServeQUIC listens for incoming QUIC packets. -func (s *ServerQUIC) ServeQUIC() error { - for { - conn, err := s.quicListener.Accept(context.Background()) - if err != nil { - if s.isExpectedErr(err) { - s.closeQUICConn(conn, DoQCodeNoError) - return err - } - - s.closeQUICConn(conn, DoQCodeInternalError) - return err - } - - go s.serveQUICConnection(conn) - } -} - -// serveQUICConnection handles a new QUIC connection. It waits for new streams -// and passes them to serveQUICStream. -func (s *ServerQUIC) serveQUICConnection(conn quic.Connection) { - for { - // In DoQ, one query consumes one stream. - // The client MUST select the next available client-initiated bidirectional - // stream for each subsequent query on a QUIC connection. - stream, err := conn.AcceptStream(context.Background()) - if err != nil { - if s.isExpectedErr(err) { - s.closeQUICConn(conn, DoQCodeNoError) - return - } - - s.closeQUICConn(conn, DoQCodeInternalError) - return - } - - go s.serveQUICStream(stream, conn) - } -} - -func (s *ServerQUIC) serveQUICStream(stream quic.Stream, conn quic.Connection) { - buf, err := readDOQMessage(stream) - - // io.EOF does not really mean that there's any error, it is just - // the STREAM FIN indicating that there will be no data to read - // anymore from this stream. - if err != nil && err != io.EOF { - s.closeQUICConn(conn, DoQCodeProtocolError) - - return - } - - req := &dns.Msg{} - err = req.Unpack(buf) - if err != nil { - clog.Debugf("unpacking quic packet: %s", err) - s.closeQUICConn(conn, DoQCodeProtocolError) - - return - } - - if !validRequest(req) { - // If a peer encounters such an error condition, it is considered a - // fatal error. It SHOULD forcibly abort the connection using QUIC's - // CONNECTION_CLOSE mechanism and SHOULD use the DoQ error code - // DOQ_PROTOCOL_ERROR. - // See https://www.rfc-editor.org/rfc/rfc9250#section-4.3.3-3 - s.closeQUICConn(conn, DoQCodeProtocolError) - - return - } - - w := &DoQWriter{ - localAddr: conn.LocalAddr(), - remoteAddr: conn.RemoteAddr(), - stream: stream, - Msg: req, - } - - dnsCtx := context.WithValue(stream.Context(), Key{}, s.Server) - dnsCtx = context.WithValue(dnsCtx, LoopKey{}, 0) - s.ServeDNS(dnsCtx, w, req) - s.countResponse(DoQCodeNoError) -} - -// ListenPacket implements caddy.UDPServer interface. -func (s *ServerQUIC) ListenPacket() (net.PacketConn, error) { - p, err := reuseport.ListenPacket("udp", s.Addr[len(transport.QUIC+"://"):]) - if err != nil { - return nil, err - } - - s.m.Lock() - defer s.m.Unlock() - - s.quicListener, err = quic.Listen(p, s.tlsConfig, s.quicConfig) - if err != nil { - return nil, err - } - - return p, nil -} - -// OnStartupComplete lists the sites served by this server -// and any relevant information, assuming Quiet is false. -func (s *ServerQUIC) OnStartupComplete() { - if Quiet { - return - } - - out := startUpZones(transport.QUIC+"://", s.Addr, s.zones) - if out != "" { - fmt.Print(out) - } -} - -// Stop stops the server non-gracefully. It blocks until the server is totally stopped. -func (s *ServerQUIC) Stop() error { - s.m.Lock() - defer s.m.Unlock() - - if s.quicListener != nil { - return s.quicListener.Close() - } - - return nil -} - -// Serve implements caddy.TCPServer interface. -func (s *ServerQUIC) Serve(l net.Listener) error { return nil } - -// Listen implements caddy.TCPServer interface. -func (s *ServerQUIC) Listen() (net.Listener, error) { return nil, nil } - -// closeQUICConn quietly closes the QUIC connection. -func (s *ServerQUIC) closeQUICConn(conn quic.Connection, code quic.ApplicationErrorCode) { - if conn == nil { - return - } - - clog.Debugf("closing quic conn %s with code %d", conn.LocalAddr(), code) - err := conn.CloseWithError(code, "") - if err != nil { - clog.Debugf("failed to close quic connection with code %d: %s", code, err) - } - - // DoQCodeNoError metrics are already registered after s.ServeDNS() - if code != DoQCodeNoError { - s.countResponse(code) - } -} - -// validRequest checks for protocol errors in the unpacked DNS message. -// See https://www.rfc-editor.org/rfc/rfc9250.html#name-protocol-errors -func validRequest(req *dns.Msg) (ok bool) { - // 1. a client or server receives a message with a non-zero Message ID. - if req.Id != 0 { - return false - } - - // 2. an implementation receives a message containing the edns-tcp-keepalive - // EDNS(0) Option [RFC7828]. - if opt := req.IsEdns0(); opt != nil { - for _, option := range opt.Option { - if option.Option() == dns.EDNS0TCPKEEPALIVE { - clog.Debug("client sent EDNS0 TCP keepalive option") - - return false - } - } - } - - // 3. the client or server does not indicate the expected STREAM FIN after - // sending requests or responses. - // - // This is quite problematic to validate this case since this would imply - // we have to wait until STREAM FIN is arrived before we start processing - // the message. So we're consciously ignoring this case in this - // implementation. - - // 4. a server receives a "replayable" transaction in 0-RTT data - // - // The information necessary to validate this is not exposed by quic-go. - - return true -} - -// readDOQMessage reads a DNS over QUIC (DOQ) message from the given stream -// and returns the message bytes. -// Drafts of the RFC9250 did not require the 2-byte prefixed message length. -// Thus, we are only supporting the official version (DoQ v1). -func readDOQMessage(r io.Reader) ([]byte, error) { - // All DNS messages (queries and responses) sent over DoQ connections MUST - // be encoded as a 2-octet length field followed by the message content as - // specified in [RFC1035]. - // See https://www.rfc-editor.org/rfc/rfc9250.html#section-4.2-4 - sizeBuf := make([]byte, 2) - _, err := io.ReadFull(r, sizeBuf) - if err != nil { - return nil, err - } - - size := binary.BigEndian.Uint16(sizeBuf) - - if size == 0 { - return nil, fmt.Errorf("message size is 0: probably unsupported DoQ version") - } - - buf := make([]byte, size) - _, err = io.ReadFull(r, buf) - - // A client or server receives a STREAM FIN before receiving all the bytes - // for a message indicated in the 2-octet length field. - // See https://www.rfc-editor.org/rfc/rfc9250#section-4.3.3-2.2 - if size != uint16(len(buf)) { - return nil, fmt.Errorf("message size does not match 2-byte prefix") - } - - return buf, err -} - -// isExpectedErr returns true if err is an expected error, likely related to -// the current implementation. -func (s *ServerQUIC) isExpectedErr(err error) bool { - if err == nil { - return false - } - - // This error is returned when the QUIC listener was closed by us. As - // graceful shutdown is not implemented, the connection will be abruptly - // closed but there is no error to signal. - if errors.Is(err, quic.ErrServerClosed) { - return true - } - - // This error happens when the connection was closed due to a DoQ - // protocol error but there's still something to read in the closed stream. - // For example, when the message was sent without the prefixed length. - var qAppErr *quic.ApplicationError - if errors.As(err, &qAppErr) && qAppErr.ErrorCode == 2 { - return true - } - - // When a connection hits the idle timeout, quic.AcceptStream() returns - // an IdleTimeoutError. In this, case, we should just drop the connection - // with DoQCodeNoError. - var qIdleErr *quic.IdleTimeoutError - return errors.As(err, &qIdleErr) -} - -func (s *ServerQUIC) countResponse(code quic.ApplicationErrorCode) { - switch code { - case DoQCodeNoError: - vars.QUICResponsesCount.WithLabelValues(s.Addr, "0x0").Inc() - case DoQCodeInternalError: - vars.QUICResponsesCount.WithLabelValues(s.Addr, "0x1").Inc() - case DoQCodeProtocolError: - vars.QUICResponsesCount.WithLabelValues(s.Addr, "0x2").Inc() - } -} diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/server_tls.go b/vendor/github.com/coredns/coredns/core/dnsserver/server_tls.go deleted file mode 100644 index f2251efb..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/server_tls.go +++ /dev/null @@ -1,103 +0,0 @@ -package dnsserver - -import ( - "context" - "crypto/tls" - "fmt" - "net" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/plugin/pkg/reuseport" - "github.com/coredns/coredns/plugin/pkg/transport" - - "github.com/miekg/dns" -) - -// ServerTLS represents an instance of a TLS-over-DNS-server. -type ServerTLS struct { - *Server - tlsConfig *tls.Config -} - -// NewServerTLS returns a new CoreDNS TLS server and compiles all plugin in to it. -func NewServerTLS(addr string, group []*Config) (*ServerTLS, error) { - s, err := NewServer(addr, group) - if err != nil { - return nil, err - } - // The *tls* plugin must make sure that multiple conflicting - // TLS configuration returns an error: it can only be specified once. - var tlsConfig *tls.Config - for _, z := range s.zones { - for _, conf := range z { - // Should we error if some configs *don't* have TLS? - tlsConfig = conf.TLSConfig - } - } - - return &ServerTLS{Server: s, tlsConfig: tlsConfig}, nil -} - -// Compile-time check to ensure Server implements the caddy.GracefulServer interface -var _ caddy.GracefulServer = &Server{} - -// Serve implements caddy.TCPServer interface. -func (s *ServerTLS) Serve(l net.Listener) error { - s.m.Lock() - - if s.tlsConfig != nil { - l = tls.NewListener(l, s.tlsConfig) - } - - // Only fill out the TCP server for this one. - s.server[tcp] = &dns.Server{Listener: l, - Net: "tcp-tls", - MaxTCPQueries: tlsMaxQueries, - ReadTimeout: s.readTimeout, - WriteTimeout: s.writeTimeout, - IdleTimeout: func() time.Duration { - return s.idleTimeout - }, - Handler: dns.HandlerFunc(func(w dns.ResponseWriter, r *dns.Msg) { - ctx := context.WithValue(context.Background(), Key{}, s.Server) - ctx = context.WithValue(ctx, LoopKey{}, 0) - s.ServeDNS(ctx, w, r) - })} - - s.m.Unlock() - - return s.server[tcp].ActivateAndServe() -} - -// ServePacket implements caddy.UDPServer interface. -func (s *ServerTLS) ServePacket(p net.PacketConn) error { return nil } - -// Listen implements caddy.TCPServer interface. -func (s *ServerTLS) Listen() (net.Listener, error) { - l, err := reuseport.Listen("tcp", s.Addr[len(transport.TLS+"://"):]) - if err != nil { - return nil, err - } - return l, nil -} - -// ListenPacket implements caddy.UDPServer interface. -func (s *ServerTLS) ListenPacket() (net.PacketConn, error) { return nil, nil } - -// OnStartupComplete lists the sites served by this server -// and any relevant information, assuming Quiet is false. -func (s *ServerTLS) OnStartupComplete() { - if Quiet { - return - } - - out := startUpZones(transport.TLS+"://", s.Addr, s.zones) - if out != "" { - fmt.Print(out) - } -} - -const ( - tlsMaxQueries = -1 -) diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/view.go b/vendor/github.com/coredns/coredns/core/dnsserver/view.go deleted file mode 100644 index ac797839..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/view.go +++ /dev/null @@ -1,20 +0,0 @@ -package dnsserver - -import ( - "context" - - "github.com/coredns/coredns/request" -) - -// Viewer - If Viewer is implemented by a plugin in a server block, its Filter() -// is added to the server block's filter functions when starting the server. When a running server -// serves a DNS request, it will route the request to the first Config (server block) that passes -// all its filter functions. -type Viewer interface { - // Filter returns true if the server should use the server block in which the implementing plugin resides, and the - // name of the view for metrics logging. - Filter(ctx context.Context, req *request.Request) bool - - // ViewName returns the name of the view - ViewName() string -} diff --git a/vendor/github.com/coredns/coredns/core/dnsserver/zdirectives.go b/vendor/github.com/coredns/coredns/core/dnsserver/zdirectives.go deleted file mode 100644 index 56174955..00000000 --- a/vendor/github.com/coredns/coredns/core/dnsserver/zdirectives.go +++ /dev/null @@ -1,66 +0,0 @@ -// generated by directives_generate.go; DO NOT EDIT - -package dnsserver - -// Directives are registered in the order they should be -// executed. -// -// Ordering is VERY important. Every plugin will -// feel the effects of all other plugin below -// (after) them during a request, but they must not -// care what plugin above them are doing. -var Directives = []string{ - "root", - "metadata", - "geoip", - "cancel", - "tls", - "timeouts", - "multisocket", - "reload", - "nsid", - "bufsize", - "bind", - "debug", - "trace", - "ready", - "health", - "pprof", - "prometheus", - "errors", - "log", - "dnstap", - "local", - "dns64", - "acl", - "any", - "chaos", - "loadbalance", - "tsig", - "cache", - "rewrite", - "header", - "dnssec", - "autopath", - "minimal", - "template", - "transfer", - "hosts", - "route53", - "azure", - "clouddns", - "k8s_external", - "kubernetes", - "file", - "auto", - "secondary", - "etcd", - "loop", - "forward", - "grpc", - "erratic", - "whoami", - "on", - "sign", - "view", -} diff --git a/vendor/github.com/coredns/coredns/core/plugin/zplugin.go b/vendor/github.com/coredns/coredns/core/plugin/zplugin.go deleted file mode 100644 index 12bb4ce1..00000000 --- a/vendor/github.com/coredns/coredns/core/plugin/zplugin.go +++ /dev/null @@ -1,60 +0,0 @@ -// generated by directives_generate.go; DO NOT EDIT - -package plugin - -import ( - // Include all plugins. - _ "github.com/coredns/caddy/onevent" - _ "github.com/coredns/coredns/plugin/acl" - _ "github.com/coredns/coredns/plugin/any" - _ "github.com/coredns/coredns/plugin/auto" - _ "github.com/coredns/coredns/plugin/autopath" - _ "github.com/coredns/coredns/plugin/azure" - _ "github.com/coredns/coredns/plugin/bind" - _ "github.com/coredns/coredns/plugin/bufsize" - _ "github.com/coredns/coredns/plugin/cache" - _ "github.com/coredns/coredns/plugin/cancel" - _ "github.com/coredns/coredns/plugin/chaos" - _ "github.com/coredns/coredns/plugin/clouddns" - _ "github.com/coredns/coredns/plugin/debug" - _ "github.com/coredns/coredns/plugin/dns64" - _ "github.com/coredns/coredns/plugin/dnssec" - _ "github.com/coredns/coredns/plugin/dnstap" - _ "github.com/coredns/coredns/plugin/erratic" - _ "github.com/coredns/coredns/plugin/errors" - _ "github.com/coredns/coredns/plugin/etcd" - _ "github.com/coredns/coredns/plugin/file" - _ "github.com/coredns/coredns/plugin/forward" - _ "github.com/coredns/coredns/plugin/geoip" - _ "github.com/coredns/coredns/plugin/grpc" - _ "github.com/coredns/coredns/plugin/header" - _ "github.com/coredns/coredns/plugin/health" - _ "github.com/coredns/coredns/plugin/hosts" - _ "github.com/coredns/coredns/plugin/k8s_external" - _ "github.com/coredns/coredns/plugin/kubernetes" - _ "github.com/coredns/coredns/plugin/loadbalance" - _ "github.com/coredns/coredns/plugin/local" - _ "github.com/coredns/coredns/plugin/log" - _ "github.com/coredns/coredns/plugin/loop" - _ "github.com/coredns/coredns/plugin/metadata" - _ "github.com/coredns/coredns/plugin/metrics" - _ "github.com/coredns/coredns/plugin/minimal" - _ "github.com/coredns/coredns/plugin/multisocket" - _ "github.com/coredns/coredns/plugin/nsid" - _ "github.com/coredns/coredns/plugin/pprof" - _ "github.com/coredns/coredns/plugin/ready" - _ "github.com/coredns/coredns/plugin/reload" - _ "github.com/coredns/coredns/plugin/rewrite" - _ "github.com/coredns/coredns/plugin/root" - _ "github.com/coredns/coredns/plugin/route53" - _ "github.com/coredns/coredns/plugin/secondary" - _ "github.com/coredns/coredns/plugin/sign" - _ "github.com/coredns/coredns/plugin/template" - _ "github.com/coredns/coredns/plugin/timeouts" - _ "github.com/coredns/coredns/plugin/tls" - _ "github.com/coredns/coredns/plugin/trace" - _ "github.com/coredns/coredns/plugin/transfer" - _ "github.com/coredns/coredns/plugin/tsig" - _ "github.com/coredns/coredns/plugin/view" - _ "github.com/coredns/coredns/plugin/whoami" -) diff --git a/vendor/github.com/coredns/coredns/coremain/run.go b/vendor/github.com/coredns/coredns/coremain/run.go deleted file mode 100644 index 6816dc69..00000000 --- a/vendor/github.com/coredns/coredns/coremain/run.go +++ /dev/null @@ -1,198 +0,0 @@ -// Package coremain contains the functions for starting CoreDNS. -package coremain - -import ( - "flag" - "fmt" - "log" - "os" - "path/filepath" - "runtime" - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - - "go.uber.org/automaxprocs/maxprocs" -) - -func init() { - caddy.DefaultConfigFile = "Corefile" - caddy.Quiet = true // don't show init stuff from caddy - setVersion() - - flag.StringVar(&conf, "conf", "", "Corefile to load (default \""+caddy.DefaultConfigFile+"\")") - flag.BoolVar(&plugins, "plugins", false, "List installed plugins") - flag.StringVar(&caddy.PidFile, "pidfile", "", "Path to write pid file") - flag.BoolVar(&version, "version", false, "Show version") - flag.BoolVar(&dnsserver.Quiet, "quiet", false, "Quiet mode (no initialization output)") - - caddy.RegisterCaddyfileLoader("flag", caddy.LoaderFunc(confLoader)) - caddy.SetDefaultCaddyfileLoader("default", caddy.LoaderFunc(defaultLoader)) - - flag.StringVar(&dnsserver.Port, serverType+".port", dnsserver.DefaultPort, "Default port") - flag.StringVar(&dnsserver.Port, "p", dnsserver.DefaultPort, "Default port") - - caddy.AppName = CoreName - caddy.AppVersion = CoreVersion -} - -// Run is CoreDNS's main() function. -func Run() { - caddy.TrapSignals() - flag.Parse() - - if len(flag.Args()) > 0 { - mustLogFatal(fmt.Errorf("extra command line arguments: %s", flag.Args())) - } - - log.SetOutput(os.Stdout) - log.SetFlags(LogFlags) - - if version { - showVersion() - os.Exit(0) - } - if plugins { - fmt.Println(caddy.DescribePlugins()) - os.Exit(0) - } - - _, err := maxprocs.Set(maxprocs.Logger(log.Printf)) - if err != nil { - log.Println("[WARNING] Failed to set GOMAXPROCS:", err) - } - - // Get Corefile input - corefile, err := caddy.LoadCaddyfile(serverType) - if err != nil { - mustLogFatal(err) - } - - // Start your engines - instance, err := caddy.Start(corefile) - if err != nil { - mustLogFatal(err) - } - - if !dnsserver.Quiet { - showVersion() - } - - // Twiddle your thumbs - instance.Wait() -} - -// mustLogFatal wraps log.Fatal() in a way that ensures the -// output is always printed to stderr so the user can see it -// if the user is still there, even if the process log was not -// enabled. If this process is an upgrade, however, and the user -// might not be there anymore, this just logs to the process -// log and exits. -func mustLogFatal(args ...interface{}) { - if !caddy.IsUpgrade() { - log.SetOutput(os.Stderr) - } - log.Fatal(args...) -} - -// confLoader loads the Caddyfile using the -conf flag. -func confLoader(serverType string) (caddy.Input, error) { - if conf == "" { - return nil, nil - } - - if conf == "stdin" { - return caddy.CaddyfileFromPipe(os.Stdin, serverType) - } - - contents, err := os.ReadFile(filepath.Clean(conf)) - if err != nil { - return nil, err - } - return caddy.CaddyfileInput{ - Contents: contents, - Filepath: conf, - ServerTypeName: serverType, - }, nil -} - -// defaultLoader loads the Corefile from the current working directory. -func defaultLoader(serverType string) (caddy.Input, error) { - contents, err := os.ReadFile(caddy.DefaultConfigFile) - if err != nil { - if os.IsNotExist(err) { - return nil, nil - } - return nil, err - } - return caddy.CaddyfileInput{ - Contents: contents, - Filepath: caddy.DefaultConfigFile, - ServerTypeName: serverType, - }, nil -} - -// showVersion prints the version that is starting. -func showVersion() { - fmt.Print(versionString()) - fmt.Print(releaseString()) - if devBuild && gitShortStat != "" { - fmt.Printf("%s\n%s\n", gitShortStat, gitFilesModified) - } -} - -// versionString returns the CoreDNS version as a string. -func versionString() string { - return fmt.Sprintf("%s-%s\n", caddy.AppName, caddy.AppVersion) -} - -// releaseString returns the release information related to CoreDNS version: -// /, , -// e.g., -// linux/amd64, go1.8.3, a6d2d7b5 -func releaseString() string { - return fmt.Sprintf("%s/%s, %s, %s\n", runtime.GOOS, runtime.GOARCH, runtime.Version(), GitCommit) -} - -// setVersion figures out the version information -// based on variables set by -ldflags. -func setVersion() { - // A development build is one that's not at a tag or has uncommitted changes - devBuild = gitTag == "" || gitShortStat != "" - - // Only set the appVersion if -ldflags was used - if gitNearestTag != "" || gitTag != "" { - if devBuild && gitNearestTag != "" { - appVersion = fmt.Sprintf("%s (+%s %s)", strings.TrimPrefix(gitNearestTag, "v"), GitCommit, buildDate) - } else if gitTag != "" { - appVersion = strings.TrimPrefix(gitTag, "v") - } - } -} - -// Flags that control program flow or startup -var ( - conf string - version bool - plugins bool - - // LogFlags are initially set to 0 for no extra output - LogFlags int -) - -// Build information obtained with the help of -ldflags -var ( - // nolint - appVersion = "(untracked dev build)" // inferred at startup - devBuild = true // inferred at startup - - buildDate string // date -u - gitTag string // git describe --exact-match HEAD 2> /dev/null - gitNearestTag string // git describe --abbrev=0 --tags HEAD - gitShortStat string // git diff-index --shortstat - gitFilesModified string // git diff-index --name-only HEAD - - // Gitcommit contains the commit where we built CoreDNS from. - GitCommit string -) diff --git a/vendor/github.com/coredns/coredns/coremain/version.go b/vendor/github.com/coredns/coredns/coremain/version.go deleted file mode 100644 index 7fcc8dd7..00000000 --- a/vendor/github.com/coredns/coredns/coremain/version.go +++ /dev/null @@ -1,8 +0,0 @@ -package coremain - -// Various CoreDNS constants. -const ( - CoreVersion = "1.12.1" - CoreName = "CoreDNS" - serverType = "dns" -) diff --git a/vendor/github.com/coredns/coredns/pb/Makefile b/vendor/github.com/coredns/coredns/pb/Makefile deleted file mode 100644 index 7e8cdaf2..00000000 --- a/vendor/github.com/coredns/coredns/pb/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -# Generate the Go files from the dns.proto protobuf, you need the utilities -# from: https://github.com/golang/protobuf to make this work. -# The generate dns.pb.go is checked into git, so for normal builds we don't need -# to run this generation step. -# Note: The following has been used when regenerate pb: -# curl -OL https://github.com/protocolbuffers/protobuf/releases/download/v3.19.4/protoc-3.19.4-linux-x86_64.zip -# go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.27.1 -# go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2.0 -# export PATH="$PATH:$(go env GOPATH)/bin" -# rm pb/dns.pb.go pb/dns_grpc.pb.go -# make pb - -all: dns.pb.go - -dns.pb.go: dns.proto - protoc --go_out=. --go-grpc_out=. dns.proto - -.PHONY: clean -clean: - rm dns.pb.go diff --git a/vendor/github.com/coredns/coredns/pb/dns.pb.go b/vendor/github.com/coredns/coredns/pb/dns.pb.go deleted file mode 100644 index e2a311cc..00000000 --- a/vendor/github.com/coredns/coredns/pb/dns.pb.go +++ /dev/null @@ -1,147 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// versions: -// protoc-gen-go v1.27.1 -// protoc v3.19.4 -// source: dns.proto - -package pb - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - reflect "reflect" - sync "sync" -) - -const ( - // Verify that this generated code is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) - // Verify that runtime/protoimpl is sufficiently up-to-date. - _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) -) - -type DnsPacket struct { - state protoimpl.MessageState - sizeCache protoimpl.SizeCache - unknownFields protoimpl.UnknownFields - - Msg []byte `protobuf:"bytes,1,opt,name=msg,proto3" json:"msg,omitempty"` -} - -func (x *DnsPacket) Reset() { - *x = DnsPacket{} - if protoimpl.UnsafeEnabled { - mi := &file_dns_proto_msgTypes[0] - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - ms.StoreMessageInfo(mi) - } -} - -func (x *DnsPacket) String() string { - return protoimpl.X.MessageStringOf(x) -} - -func (*DnsPacket) ProtoMessage() {} - -func (x *DnsPacket) ProtoReflect() protoreflect.Message { - mi := &file_dns_proto_msgTypes[0] - if protoimpl.UnsafeEnabled && x != nil { - ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) - if ms.LoadMessageInfo() == nil { - ms.StoreMessageInfo(mi) - } - return ms - } - return mi.MessageOf(x) -} - -// Deprecated: Use DnsPacket.ProtoReflect.Descriptor instead. -func (*DnsPacket) Descriptor() ([]byte, []int) { - return file_dns_proto_rawDescGZIP(), []int{0} -} - -func (x *DnsPacket) GetMsg() []byte { - if x != nil { - return x.Msg - } - return nil -} - -var File_dns_proto protoreflect.FileDescriptor - -var file_dns_proto_rawDesc = []byte{ - 0x0a, 0x09, 0x64, 0x6e, 0x73, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x0b, 0x63, 0x6f, 0x72, - 0x65, 0x64, 0x6e, 0x73, 0x2e, 0x64, 0x6e, 0x73, 0x22, 0x1d, 0x0a, 0x09, 0x44, 0x6e, 0x73, 0x50, - 0x61, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x6d, 0x73, 0x67, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x0c, 0x52, 0x03, 0x6d, 0x73, 0x67, 0x32, 0x45, 0x0a, 0x0a, 0x44, 0x6e, 0x73, 0x53, 0x65, - 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x37, 0x0a, 0x05, 0x51, 0x75, 0x65, 0x72, 0x79, 0x12, 0x16, - 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x64, 0x6e, 0x73, 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x44, 0x6e, 0x73, - 0x50, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x1a, 0x16, 0x2e, 0x63, 0x6f, 0x72, 0x65, 0x64, 0x6e, 0x73, - 0x2e, 0x64, 0x6e, 0x73, 0x2e, 0x44, 0x6e, 0x73, 0x50, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x42, 0x06, - 0x5a, 0x04, 0x2e, 0x3b, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, -} - -var ( - file_dns_proto_rawDescOnce sync.Once - file_dns_proto_rawDescData = file_dns_proto_rawDesc -) - -func file_dns_proto_rawDescGZIP() []byte { - file_dns_proto_rawDescOnce.Do(func() { - file_dns_proto_rawDescData = protoimpl.X.CompressGZIP(file_dns_proto_rawDescData) - }) - return file_dns_proto_rawDescData -} - -var file_dns_proto_msgTypes = make([]protoimpl.MessageInfo, 1) -var file_dns_proto_goTypes = []interface{}{ - (*DnsPacket)(nil), // 0: coredns.dns.DnsPacket -} -var file_dns_proto_depIdxs = []int32{ - 0, // 0: coredns.dns.DnsService.Query:input_type -> coredns.dns.DnsPacket - 0, // 1: coredns.dns.DnsService.Query:output_type -> coredns.dns.DnsPacket - 1, // [1:2] is the sub-list for method output_type - 0, // [0:1] is the sub-list for method input_type - 0, // [0:0] is the sub-list for extension type_name - 0, // [0:0] is the sub-list for extension extendee - 0, // [0:0] is the sub-list for field type_name -} - -func init() { file_dns_proto_init() } -func file_dns_proto_init() { - if File_dns_proto != nil { - return - } - if !protoimpl.UnsafeEnabled { - file_dns_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*DnsPacket); i { - case 0: - return &v.state - case 1: - return &v.sizeCache - case 2: - return &v.unknownFields - default: - return nil - } - } - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_dns_proto_rawDesc, - NumEnums: 0, - NumMessages: 1, - NumExtensions: 0, - NumServices: 1, - }, - GoTypes: file_dns_proto_goTypes, - DependencyIndexes: file_dns_proto_depIdxs, - MessageInfos: file_dns_proto_msgTypes, - }.Build() - File_dns_proto = out.File - file_dns_proto_rawDesc = nil - file_dns_proto_goTypes = nil - file_dns_proto_depIdxs = nil -} diff --git a/vendor/github.com/coredns/coredns/pb/dns.proto b/vendor/github.com/coredns/coredns/pb/dns.proto deleted file mode 100644 index ee24cb0b..00000000 --- a/vendor/github.com/coredns/coredns/pb/dns.proto +++ /dev/null @@ -1,12 +0,0 @@ -syntax = "proto3"; - -package coredns.dns; -option go_package = ".;pb"; - -message DnsPacket { - bytes msg = 1; -} - -service DnsService { - rpc Query (DnsPacket) returns (DnsPacket); -} diff --git a/vendor/github.com/coredns/coredns/pb/dns_grpc.pb.go b/vendor/github.com/coredns/coredns/pb/dns_grpc.pb.go deleted file mode 100644 index 6ff3faf1..00000000 --- a/vendor/github.com/coredns/coredns/pb/dns_grpc.pb.go +++ /dev/null @@ -1,105 +0,0 @@ -// Code generated by protoc-gen-go-grpc. DO NOT EDIT. -// versions: -// - protoc-gen-go-grpc v1.2.0 -// - protoc v3.19.4 -// source: dns.proto - -package pb - -import ( - context "context" - grpc "google.golang.org/grpc" - codes "google.golang.org/grpc/codes" - status "google.golang.org/grpc/status" -) - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the grpc package it is being compiled against. -// Requires gRPC-Go v1.32.0 or later. -const _ = grpc.SupportPackageIsVersion7 - -// DnsServiceClient is the client API for DnsService service. -// -// For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream. -type DnsServiceClient interface { - Query(ctx context.Context, in *DnsPacket, opts ...grpc.CallOption) (*DnsPacket, error) -} - -type dnsServiceClient struct { - cc grpc.ClientConnInterface -} - -func NewDnsServiceClient(cc grpc.ClientConnInterface) DnsServiceClient { - return &dnsServiceClient{cc} -} - -func (c *dnsServiceClient) Query(ctx context.Context, in *DnsPacket, opts ...grpc.CallOption) (*DnsPacket, error) { - out := new(DnsPacket) - err := c.cc.Invoke(ctx, "/coredns.dns.DnsService/Query", in, out, opts...) - if err != nil { - return nil, err - } - return out, nil -} - -// DnsServiceServer is the server API for DnsService service. -// All implementations must embed UnimplementedDnsServiceServer -// for forward compatibility -type DnsServiceServer interface { - Query(context.Context, *DnsPacket) (*DnsPacket, error) - mustEmbedUnimplementedDnsServiceServer() -} - -// UnimplementedDnsServiceServer must be embedded to have forward compatible implementations. -type UnimplementedDnsServiceServer struct { -} - -func (UnimplementedDnsServiceServer) Query(context.Context, *DnsPacket) (*DnsPacket, error) { - return nil, status.Errorf(codes.Unimplemented, "method Query not implemented") -} -func (UnimplementedDnsServiceServer) mustEmbedUnimplementedDnsServiceServer() {} - -// UnsafeDnsServiceServer may be embedded to opt out of forward compatibility for this service. -// Use of this interface is not recommended, as added methods to DnsServiceServer will -// result in compilation errors. -type UnsafeDnsServiceServer interface { - mustEmbedUnimplementedDnsServiceServer() -} - -func RegisterDnsServiceServer(s grpc.ServiceRegistrar, srv DnsServiceServer) { - s.RegisterService(&DnsService_ServiceDesc, srv) -} - -func _DnsService_Query_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { - in := new(DnsPacket) - if err := dec(in); err != nil { - return nil, err - } - if interceptor == nil { - return srv.(DnsServiceServer).Query(ctx, in) - } - info := &grpc.UnaryServerInfo{ - Server: srv, - FullMethod: "/coredns.dns.DnsService/Query", - } - handler := func(ctx context.Context, req interface{}) (interface{}, error) { - return srv.(DnsServiceServer).Query(ctx, req.(*DnsPacket)) - } - return interceptor(ctx, in, info, handler) -} - -// DnsService_ServiceDesc is the grpc.ServiceDesc for DnsService service. -// It's only intended for direct use with grpc.RegisterService, -// and not to be introspected or modified (even as a copy) -var DnsService_ServiceDesc = grpc.ServiceDesc{ - ServiceName: "coredns.dns.DnsService", - HandlerType: (*DnsServiceServer)(nil), - Methods: []grpc.MethodDesc{ - { - MethodName: "Query", - Handler: _DnsService_Query_Handler, - }, - }, - Streams: []grpc.StreamDesc{}, - Metadata: "dns.proto", -} diff --git a/vendor/github.com/coredns/coredns/plugin/acl/README.md b/vendor/github.com/coredns/coredns/plugin/acl/README.md deleted file mode 100644 index d957d24e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/acl/README.md +++ /dev/null @@ -1,110 +0,0 @@ -# acl - -## Name - -*acl* - enforces access control policies on source ip and prevents unauthorized access to DNS servers. - -## Description - -With `acl` enabled, users are able to block or filter suspicious DNS queries by configuring IP filter rule sets, i.e. allowing authorized queries or blocking unauthorized queries. - - -When evaluating the rule sets, _acl_ uses the source IP of the TCP/UDP headers of the DNS query received by CoreDNS. -This source IP will be different than the IP of the client originating the request in cases where the source IP of the request is changed in transit. For example: -* if the request passes though an intermediate forwarding DNS server or recursive DNS server before reaching CoreDNS -* if the request traverses a Source NAT before reaching CoreDNS - -This plugin can be used multiple times per Server Block. - -## Syntax - -``` -acl [ZONES...] { - ACTION [type QTYPE...] [net SOURCE...] -} -``` - -- **ZONES** zones it should be authoritative for. If empty, the zones from the configuration block are used. -- **ACTION** (*allow*, *block*, *filter*, or *drop*) defines the way to deal with DNS queries matched by this rule. The default action is *allow*, which means a DNS query not matched by any rules will be allowed to recurse. The difference between *block* and *filter* is that block returns status code of *REFUSED* while filter returns an empty set *NOERROR*. *drop* however returns no response to the client. -- **QTYPE** is the query type to match for the requests to be allowed or blocked. Common resource record types are supported. `*` stands for all record types. The default behavior for an omitted `type QTYPE...` is to match all kinds of DNS queries (same as `type *`). -- **SOURCE** is the source IP address to match for the requests to be allowed or blocked. Typical CIDR notation and single IP address are supported. `*` stands for all possible source IP addresses. - -## Examples - -To demonstrate the usage of plugin acl, here we provide some typical examples. - -Block all DNS queries with record type A from 192.168.0.0/16: - -~~~ corefile -. { - acl { - block type A net 192.168.0.0/16 - } -} -~~~ - -Filter all DNS queries with record type A from 192.168.0.0/16: - -~~~ corefile -. { - acl { - filter type A net 192.168.0.0/16 - } -} -~~~ - -Block all DNS queries from 192.168.0.0/16 except for 192.168.1.0/24: - -~~~ corefile -. { - acl { - allow net 192.168.1.0/24 - block net 192.168.0.0/16 - } -} -~~~ - -Allow only DNS queries from 192.168.0.0/24 and 192.168.1.0/24: - -~~~ corefile -. { - acl { - allow net 192.168.0.0/24 192.168.1.0/24 - block - } -} -~~~ - -Block all DNS queries from 192.168.1.0/24 towards a.example.org: - -~~~ corefile -example.org { - acl a.example.org { - block net 192.168.1.0/24 - } -} -~~~ - -Drop all DNS queries from 192.0.2.0/24: - -~~~ corefile -. { - acl { - drop net 192.0.2.0/24 - } -} -~~~ - -## Metrics - -If monitoring is enabled (via the _prometheus_ plugin) then the following metrics are exported: - -- `coredns_acl_blocked_requests_total{server, zone, view}` - counter of DNS requests being blocked. - -- `coredns_acl_filtered_requests_total{server, zone, view}` - counter of DNS requests being filtered. - -- `coredns_acl_allowed_requests_total{server, view}` - counter of DNS requests being allowed. - -- `coredns_acl_dropped_requests_total{server, zone, view}` - counter of DNS requests being dropped. - -The `server` and `zone` labels are explained in the _metrics_ plugin documentation. diff --git a/vendor/github.com/coredns/coredns/plugin/acl/acl.go b/vendor/github.com/coredns/coredns/plugin/acl/acl.go deleted file mode 100644 index 26323263..00000000 --- a/vendor/github.com/coredns/coredns/plugin/acl/acl.go +++ /dev/null @@ -1,151 +0,0 @@ -package acl - -import ( - "context" - "net" - "strings" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/metrics" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/request" - - "github.com/infobloxopen/go-trees/iptree" - "github.com/miekg/dns" -) - -// ACL enforces access control policies on DNS queries. -type ACL struct { - Next plugin.Handler - - Rules []rule -} - -// rule defines a list of Zones and some ACL policies which will be -// enforced on them. -type rule struct { - zones []string - policies []policy -} - -// action defines the action against queries. -type action int - -// policy defines the ACL policy for DNS queries. -// A policy performs the specified action (block/allow) on all DNS queries -// matched by source IP or QTYPE. -type policy struct { - action action - qtypes map[uint16]struct{} - filter *iptree.Tree -} - -const ( - // actionNone does nothing on the queries. - actionNone = iota - // actionAllow allows authorized queries to recurse. - actionAllow - // actionBlock blocks unauthorized queries towards protected DNS zones. - actionBlock - // actionFilter returns empty sets for queries towards protected DNS zones. - actionFilter - // actionDrop does not respond for queries towards the protected DNS zones. - actionDrop -) - -var log = clog.NewWithPlugin("acl") - -// ServeDNS implements the plugin.Handler interface. -func (a ACL) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - -RulesCheckLoop: - for _, rule := range a.Rules { - // check zone. - zone := plugin.Zones(rule.zones).Matches(state.Name()) - if zone == "" { - continue - } - - action := matchWithPolicies(rule.policies, w, r) - switch action { - case actionDrop: - { - RequestDropCount.WithLabelValues(metrics.WithServer(ctx), zone, metrics.WithView(ctx)).Inc() - return dns.RcodeSuccess, nil - } - case actionBlock: - { - m := new(dns.Msg). - SetRcode(r, dns.RcodeRefused). - SetEdns0(4096, true) - ede := dns.EDNS0_EDE{InfoCode: dns.ExtendedErrorCodeBlocked} - m.IsEdns0().Option = append(m.IsEdns0().Option, &ede) - w.WriteMsg(m) - RequestBlockCount.WithLabelValues(metrics.WithServer(ctx), zone, metrics.WithView(ctx)).Inc() - return dns.RcodeSuccess, nil - } - case actionAllow: - { - break RulesCheckLoop - } - case actionFilter: - { - m := new(dns.Msg). - SetRcode(r, dns.RcodeSuccess). - SetEdns0(4096, true) - ede := dns.EDNS0_EDE{InfoCode: dns.ExtendedErrorCodeFiltered} - m.IsEdns0().Option = append(m.IsEdns0().Option, &ede) - w.WriteMsg(m) - RequestFilterCount.WithLabelValues(metrics.WithServer(ctx), zone, metrics.WithView(ctx)).Inc() - return dns.RcodeSuccess, nil - } - } - } - - RequestAllowCount.WithLabelValues(metrics.WithServer(ctx), metrics.WithView(ctx)).Inc() - return plugin.NextOrFailure(state.Name(), a.Next, ctx, w, r) -} - -// matchWithPolicies matches the DNS query with a list of ACL polices and returns suitable -// action against the query. -func matchWithPolicies(policies []policy, w dns.ResponseWriter, r *dns.Msg) action { - state := request.Request{W: w, Req: r} - - var ip net.IP - if idx := strings.IndexByte(state.IP(), '%'); idx >= 0 { - ip = net.ParseIP(state.IP()[:idx]) - } else { - ip = net.ParseIP(state.IP()) - } - - // if the parsing did not return a proper response then we simply return 'actionBlock' to - // block the query - if ip == nil { - log.Errorf("Blocking request. Unable to parse source address: %v", state.IP()) - return actionBlock - } - qtype := state.QType() - for _, policy := range policies { - // dns.TypeNone matches all query types. - _, matchAll := policy.qtypes[dns.TypeNone] - _, match := policy.qtypes[qtype] - if !matchAll && !match { - continue - } - - _, contained := policy.filter.GetByIP(ip) - if !contained { - continue - } - - // matched. - return policy.action - } - return actionNone -} - -// Name implements the plugin.Handler interface. -func (a ACL) Name() string { - return "acl" -} diff --git a/vendor/github.com/coredns/coredns/plugin/acl/metrics.go b/vendor/github.com/coredns/coredns/plugin/acl/metrics.go deleted file mode 100644 index a8d82325..00000000 --- a/vendor/github.com/coredns/coredns/plugin/acl/metrics.go +++ /dev/null @@ -1,39 +0,0 @@ -package acl - -import ( - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -var ( - // RequestBlockCount is the number of DNS requests being blocked. - RequestBlockCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: pluginName, - Name: "blocked_requests_total", - Help: "Counter of DNS requests being blocked.", - }, []string{"server", "zone", "view"}) - // RequestFilterCount is the number of DNS requests being filtered. - RequestFilterCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: pluginName, - Name: "filtered_requests_total", - Help: "Counter of DNS requests being filtered.", - }, []string{"server", "zone", "view"}) - // RequestAllowCount is the number of DNS requests being Allowed. - RequestAllowCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: pluginName, - Name: "allowed_requests_total", - Help: "Counter of DNS requests being allowed.", - }, []string{"server", "view"}) - // RequestDropCount is the number of DNS requests being dropped. - RequestDropCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: pluginName, - Name: "dropped_requests_total", - Help: "Counter of DNS requests being dropped.", - }, []string{"server", "zone", "view"}) -) diff --git a/vendor/github.com/coredns/coredns/plugin/acl/setup.go b/vendor/github.com/coredns/coredns/plugin/acl/setup.go deleted file mode 100644 index 189acc6c..00000000 --- a/vendor/github.com/coredns/coredns/plugin/acl/setup.go +++ /dev/null @@ -1,154 +0,0 @@ -package acl - -import ( - "net" - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - - "github.com/infobloxopen/go-trees/iptree" - "github.com/miekg/dns" -) - -const pluginName = "acl" - -func init() { plugin.Register(pluginName, setup) } - -func newDefaultFilter() *iptree.Tree { - defaultFilter := iptree.NewTree() - _, IPv4All, _ := net.ParseCIDR("0.0.0.0/0") - _, IPv6All, _ := net.ParseCIDR("::/0") - defaultFilter.InplaceInsertNet(IPv4All, struct{}{}) - defaultFilter.InplaceInsertNet(IPv6All, struct{}{}) - return defaultFilter -} - -func setup(c *caddy.Controller) error { - a, err := parse(c) - if err != nil { - return plugin.Error(pluginName, err) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - a.Next = next - return a - }) - - return nil -} - -func parse(c *caddy.Controller) (ACL, error) { - a := ACL{} - for c.Next() { - r := rule{} - args := c.RemainingArgs() - r.zones = plugin.OriginsFromArgsOrServerBlock(args, c.ServerBlockKeys) - - for c.NextBlock() { - p := policy{} - - action := strings.ToLower(c.Val()) - if action == "allow" { - p.action = actionAllow - } else if action == "block" { - p.action = actionBlock - } else if action == "filter" { - p.action = actionFilter - } else if action == "drop" { - p.action = actionDrop - } else { - return a, c.Errf("unexpected token %q; expect 'allow', 'block', 'filter' or 'drop'", c.Val()) - } - - p.qtypes = make(map[uint16]struct{}) - p.filter = iptree.NewTree() - - hasTypeSection := false - hasNetSection := false - - remainingTokens := c.RemainingArgs() - for len(remainingTokens) > 0 { - if !isPreservedIdentifier(remainingTokens[0]) { - return a, c.Errf("unexpected token %q; expect 'type | net'", remainingTokens[0]) - } - section := strings.ToLower(remainingTokens[0]) - - i := 1 - var tokens []string - for ; i < len(remainingTokens) && !isPreservedIdentifier(remainingTokens[i]); i++ { - tokens = append(tokens, remainingTokens[i]) - } - remainingTokens = remainingTokens[i:] - - if len(tokens) == 0 { - return a, c.Errf("no token specified in %q section", section) - } - - switch section { - case "type": - hasTypeSection = true - for _, token := range tokens { - if token == "*" { - p.qtypes[dns.TypeNone] = struct{}{} - break - } - qtype, ok := dns.StringToType[token] - if !ok { - return a, c.Errf("unexpected token %q; expect legal QTYPE", token) - } - p.qtypes[qtype] = struct{}{} - } - case "net": - hasNetSection = true - for _, token := range tokens { - if token == "*" { - p.filter = newDefaultFilter() - break - } - token = normalize(token) - _, source, err := net.ParseCIDR(token) - if err != nil { - return a, c.Errf("illegal CIDR notation %q", token) - } - p.filter.InplaceInsertNet(source, struct{}{}) - } - default: - return a, c.Errf("unexpected token %q; expect 'type | net'", section) - } - } - - // optional `type` section means all record types. - if !hasTypeSection { - p.qtypes[dns.TypeNone] = struct{}{} - } - - // optional `net` means all ip addresses. - if !hasNetSection { - p.filter = newDefaultFilter() - } - - r.policies = append(r.policies, p) - } - a.Rules = append(a.Rules, r) - } - return a, nil -} - -func isPreservedIdentifier(token string) bool { - identifier := strings.ToLower(token) - return identifier == "type" || identifier == "net" -} - -// normalize appends '/32' for any single IPv4 address and '/128' for IPv6. -func normalize(rawNet string) string { - if idx := strings.IndexAny(rawNet, "/"); idx >= 0 { - return rawNet - } - - if idx := strings.IndexAny(rawNet, ":"); idx >= 0 { - return rawNet + "/128" - } - return rawNet + "/32" -} diff --git a/vendor/github.com/coredns/coredns/plugin/any/README.md b/vendor/github.com/coredns/coredns/plugin/any/README.md deleted file mode 100644 index 25e4ecf4..00000000 --- a/vendor/github.com/coredns/coredns/plugin/any/README.md +++ /dev/null @@ -1,36 +0,0 @@ - -# any - -## Name - -*any* - gives a minimal response to ANY queries. - -## Description - -*any* basically blocks ANY queries by responding to them with a short HINFO reply. See [RFC -8482](https://tools.ietf.org/html/rfc8482) for details. - -## Syntax - -~~~ txt -any -~~~ - -## Examples - -~~~ corefile -example.org { - whoami - any -} -~~~ - -A `dig +nocmd ANY example.org +noall +answer` now returns: - -~~~ txt -example.org. 8482 IN HINFO "ANY obsoleted" "See RFC 8482" -~~~ - -## See Also - -[RFC 8482](https://tools.ietf.org/html/rfc8482). diff --git a/vendor/github.com/coredns/coredns/plugin/any/any.go b/vendor/github.com/coredns/coredns/plugin/any/any.go deleted file mode 100644 index 9a05e37b..00000000 --- a/vendor/github.com/coredns/coredns/plugin/any/any.go +++ /dev/null @@ -1,32 +0,0 @@ -package any - -import ( - "context" - - "github.com/coredns/coredns/plugin" - - "github.com/miekg/dns" -) - -// Any is a plugin that returns a HINFO reply to ANY queries. -type Any struct { - Next plugin.Handler -} - -// ServeDNS implements the plugin.Handler interface. -func (a Any) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - if r.Question[0].Qtype != dns.TypeANY { - return plugin.NextOrFailure(a.Name(), a.Next, ctx, w, r) - } - - m := new(dns.Msg) - m.SetReply(r) - hdr := dns.RR_Header{Name: r.Question[0].Name, Ttl: 8482, Class: dns.ClassINET, Rrtype: dns.TypeHINFO} - m.Answer = []dns.RR{&dns.HINFO{Hdr: hdr, Cpu: "ANY obsoleted", Os: "See RFC 8482"}} - - w.WriteMsg(m) - return 0, nil -} - -// Name implements the Handler interface. -func (a Any) Name() string { return "any" } diff --git a/vendor/github.com/coredns/coredns/plugin/any/setup.go b/vendor/github.com/coredns/coredns/plugin/any/setup.go deleted file mode 100644 index 5c8a93b9..00000000 --- a/vendor/github.com/coredns/coredns/plugin/any/setup.go +++ /dev/null @@ -1,20 +0,0 @@ -package any - -import ( - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("any", setup) } - -func setup(c *caddy.Controller) error { - a := Any{} - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - a.Next = next - return a - }) - - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/auto/README.md b/vendor/github.com/coredns/coredns/plugin/auto/README.md deleted file mode 100644 index 661e419a..00000000 --- a/vendor/github.com/coredns/coredns/plugin/auto/README.md +++ /dev/null @@ -1,82 +0,0 @@ -# auto - -## Name - -*auto* - enables serving zone data from an RFC 1035-style master file, which is automatically picked up from disk. - -## Description - -The *auto* plugin is used for an "old-style" DNS server. It serves from a preloaded file that exists -on disk. If the zone file contains signatures (i.e. is signed, i.e. using DNSSEC) correct DNSSEC answers -are returned. Only NSEC is supported! If you use this setup *you* are responsible for re-signing the -zonefile. New or changed zones are automatically picked up from disk only when SOA's serial changes. If the zones are not updated via a zone transfer, the serial must be manually changed. - -## Syntax - -~~~ -auto [ZONES...] { - directory DIR [REGEXP ORIGIN_TEMPLATE] - reload DURATION -} -~~~ - -**ZONES** zones it should be authoritative for. If empty, the zones from the configuration block -are used. - -* `directory` loads zones from the specified **DIR**. If a file name matches **REGEXP** it will be - used to extract the origin. **ORIGIN_TEMPLATE** will be used as a template for the origin. Strings - like `{}` are replaced with the respective matches in the file name, e.g. `{1}` is the - first match, `{2}` is the second. The default is: `db\.(.*) {1}` i.e. from a file with the - name `db.example.com`, the extracted origin will be `example.com`. -* `reload` interval to perform reloads of zones if SOA version changes and zonefiles. It specifies how often CoreDNS should scan the directory to watch for file removal and addition. Default is one minute. - Value of `0` means to not scan for changes and reload. eg. `30s` checks zonefile every 30 seconds - and reloads zone when serial changes. - -For enabling zone transfers look at the *transfer* plugin. - -All directives from the *file* plugin are supported. Note that *auto* will load all zones found, -even though the directive might only receive queries for a specific zone. I.e: - -~~~ corefile -. { - auto example.org { - directory /etc/coredns/zones - } -} -~~~ -Will happily pick up a zone for `example.COM`, except it will never be queried, because the *auto* -directive only is authoritative for `example.ORG`. - -## Examples - -Load `org` domains from `/etc/coredns/zones/org` and allow transfers to the internet, but send -notifies to 10.240.1.1 - -~~~ corefile -org { - auto { - directory /etc/coredns/zones/org - } - transfer { - to * - to 10.240.1.1 - } -} -~~~ - -Load `org` domains from `/etc/coredns/zones/org` and looks for file names as `www.db.example.org`, -where `example.org` is the origin. Scan every 45 seconds. - -~~~ corefile -org { - auto { - directory /etc/coredns/zones/org www\.db\.(.*) {1} - reload 45s - } -} -~~~ - -## Also - -Use the *root* plugin to help you specify the location of the zone files. See the *transfer* plugin -to enable outgoing zone transfers. diff --git a/vendor/github.com/coredns/coredns/plugin/auto/auto.go b/vendor/github.com/coredns/coredns/plugin/auto/auto.go deleted file mode 100644 index 581004b2..00000000 --- a/vendor/github.com/coredns/coredns/plugin/auto/auto.go +++ /dev/null @@ -1,100 +0,0 @@ -// Package auto implements an on-the-fly loading file backend. -package auto - -import ( - "context" - "regexp" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/file" - "github.com/coredns/coredns/plugin/metrics" - "github.com/coredns/coredns/plugin/pkg/upstream" - "github.com/coredns/coredns/plugin/transfer" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -type ( - // Auto holds the zones and the loader configuration for automatically loading zones. - Auto struct { - Next plugin.Handler - *Zones - - metrics *metrics.Metrics - transfer *transfer.Transfer - loader - } - - loader struct { - directory string - template string - re *regexp.Regexp - - ReloadInterval time.Duration - upstream *upstream.Upstream // Upstream for looking up names during the resolution process. - } -) - -// ServeDNS implements the plugin.Handler interface. -func (a Auto) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - qname := state.Name() - - // Precheck with the origins, i.e. are we allowed to look here? - zone := plugin.Zones(a.Zones.Origins()).Matches(qname) - if zone == "" { - return plugin.NextOrFailure(a.Name(), a.Next, ctx, w, r) - } - - // Now the real zone. - zone = plugin.Zones(a.Zones.Names()).Matches(qname) - if zone == "" { - return plugin.NextOrFailure(a.Name(), a.Next, ctx, w, r) - } - - a.Zones.RLock() - z, ok := a.Zones.Z[zone] - a.Zones.RUnlock() - - if !ok || z == nil { - return dns.RcodeServerFailure, nil - } - - // If transfer is not loaded, we'll see these, answer with refused (no transfer allowed). - if state.QType() == dns.TypeAXFR || state.QType() == dns.TypeIXFR { - return dns.RcodeRefused, nil - } - - answer, ns, extra, result := z.Lookup(ctx, state, qname) - - m := new(dns.Msg) - m.SetReply(r) - m.Authoritative = true - m.Answer, m.Ns, m.Extra = answer, ns, extra - - switch result { - case file.Success: - case file.NoData: - case file.NameError: - m.Rcode = dns.RcodeNameError - case file.Delegation: - m.Authoritative = false - case file.ServerFailure: - // If the result is SERVFAIL and the answer is non-empty, then the SERVFAIL came from an - // external CNAME lookup and the answer contains the CNAME with no target record. We should - // write the CNAME record to the client instead of sending an empty SERVFAIL response. - if len(m.Answer) == 0 { - return dns.RcodeServerFailure, nil - } - // The rcode in the response should be the rcode received from the target lookup. RFC 6604 section 3 - m.Rcode = dns.RcodeServerFailure - } - - w.WriteMsg(m) - return dns.RcodeSuccess, nil -} - -// Name implements the Handler interface. -func (a Auto) Name() string { return "auto" } diff --git a/vendor/github.com/coredns/coredns/plugin/auto/regexp.go b/vendor/github.com/coredns/coredns/plugin/auto/regexp.go deleted file mode 100644 index fa424ec7..00000000 --- a/vendor/github.com/coredns/coredns/plugin/auto/regexp.go +++ /dev/null @@ -1,20 +0,0 @@ -package auto - -// rewriteToExpand rewrites our template string to one that we can give to regexp.ExpandString. This basically -// involves prefixing any '{' with a '$'. -func rewriteToExpand(s string) string { - // Pretty dumb at the moment, every { will get a $ prefixed. - // Also wasteful as we build the string with +=. This is OKish - // as we do this during config parsing. - - copy := "" - - for _, c := range s { - if c == '{' { - copy += "$" - } - copy += string(c) - } - - return copy -} diff --git a/vendor/github.com/coredns/coredns/plugin/auto/setup.go b/vendor/github.com/coredns/coredns/plugin/auto/setup.go deleted file mode 100644 index ced88136..00000000 --- a/vendor/github.com/coredns/coredns/plugin/auto/setup.go +++ /dev/null @@ -1,177 +0,0 @@ -package auto - -import ( - "errors" - "os" - "path/filepath" - "regexp" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/metrics" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/pkg/upstream" - "github.com/coredns/coredns/plugin/transfer" -) - -var log = clog.NewWithPlugin("auto") - -func init() { plugin.Register("auto", setup) } - -func setup(c *caddy.Controller) error { - a, err := autoParse(c) - if err != nil { - return plugin.Error("auto", err) - } - - c.OnStartup(func() error { - m := dnsserver.GetConfig(c).Handler("prometheus") - if m != nil { - (&a).metrics = m.(*metrics.Metrics) - } - t := dnsserver.GetConfig(c).Handler("transfer") - if t != nil { - (&a).transfer = t.(*transfer.Transfer) - } - return nil - }) - - walkChan := make(chan bool) - - c.OnStartup(func() error { - err := a.Walk() - if err != nil { - return err - } - if err := a.Notify(); err != nil { - log.Warning(err) - } - if a.loader.ReloadInterval == 0 { - return nil - } - go func() { - ticker := time.NewTicker(a.loader.ReloadInterval) - defer ticker.Stop() - for { - select { - case <-walkChan: - return - case <-ticker.C: - a.Walk() - if err := a.Notify(); err != nil { - log.Warning(err) - } - } - } - }() - return nil - }) - - c.OnShutdown(func() error { - close(walkChan) - for _, z := range a.Zones.Z { - z.Lock() - z.OnShutdown() - z.Unlock() - } - return nil - }) - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - a.Next = next - return a - }) - - return nil -} - -func autoParse(c *caddy.Controller) (Auto, error) { - nilInterval := -1 * time.Second - var a = Auto{ - loader: loader{ - template: "${1}", - re: regexp.MustCompile(`db\.(.*)`), - ReloadInterval: nilInterval, - }, - Zones: &Zones{}, - } - - config := dnsserver.GetConfig(c) - - for c.Next() { - // auto [ZONES...] - args := c.RemainingArgs() - a.Zones.origins = plugin.OriginsFromArgsOrServerBlock(args, c.ServerBlockKeys) - a.loader.upstream = upstream.New() - - for c.NextBlock() { - switch c.Val() { - case "directory": // directory DIR [REGEXP TEMPLATE] - if !c.NextArg() { - return a, c.ArgErr() - } - a.loader.directory = c.Val() - if !filepath.IsAbs(a.loader.directory) && config.Root != "" { - a.loader.directory = filepath.Join(config.Root, a.loader.directory) - } - _, err := os.Stat(a.loader.directory) - if err != nil { - if os.IsNotExist(err) { - log.Warningf("Directory does not exist: %s", a.loader.directory) - } else { - return a, c.Errf("Unable to access root path '%s': %v", a.loader.directory, err) - } - } - - // regexp template - if c.NextArg() { - a.loader.re, err = regexp.Compile(c.Val()) - if err != nil { - return a, err - } - if a.loader.re.NumSubexp() == 0 { - return a, c.Errf("Need at least one sub expression") - } - - if !c.NextArg() { - return a, c.ArgErr() - } - a.loader.template = rewriteToExpand(c.Val()) - } - - if c.NextArg() { - return Auto{}, c.ArgErr() - } - - case "reload": - t := c.RemainingArgs() - if len(t) < 1 { - return a, errors.New("reload duration value is expected") - } - d, err := time.ParseDuration(t[0]) - if d < 0 { - err = errors.New("invalid duration") - } - if err != nil { - return a, plugin.Error("file", err) - } - a.loader.ReloadInterval = d - - case "upstream": - // remove soon - c.RemainingArgs() // eat remaining args - - default: - return Auto{}, c.Errf("unknown property '%s'", c.Val()) - } - } - } - - if a.loader.ReloadInterval == nilInterval { - a.loader.ReloadInterval = 60 * time.Second - } - - return a, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/auto/walk.go b/vendor/github.com/coredns/coredns/plugin/auto/walk.go deleted file mode 100644 index 38f63759..00000000 --- a/vendor/github.com/coredns/coredns/plugin/auto/walk.go +++ /dev/null @@ -1,107 +0,0 @@ -package auto - -import ( - "os" - "path/filepath" - "regexp" - - "github.com/coredns/coredns/plugin/file" - - "github.com/miekg/dns" -) - -// Walk will recursively walk of the file under l.directory and adds the one that match l.re. -func (a Auto) Walk() error { - // TODO(miek): should add something so that we don't stomp on each other. - - toDelete := make(map[string]bool) - for _, n := range a.Zones.Names() { - toDelete[n] = true - } - - filepath.Walk(a.loader.directory, func(path string, info os.FileInfo, e error) error { - if e != nil { - log.Warningf("error reading %v: %v", path, e) - } - if info == nil || info.IsDir() { - return nil - } - - match, origin := matches(a.loader.re, info.Name(), a.loader.template) - if !match { - return nil - } - - if z, ok := a.Zones.Z[origin]; ok { - // we already have this zone - toDelete[origin] = false - z.SetFile(path) - return nil - } - - reader, err := os.Open(filepath.Clean(path)) - if err != nil { - log.Warningf("Opening %s failed: %s", path, err) - return nil - } - defer reader.Close() - - // Serial for loading a zone is 0, because it is a new zone. - zo, err := file.Parse(reader, origin, path, 0) - if err != nil { - log.Warningf("Parse zone `%s': %v", origin, err) - return nil - } - - zo.ReloadInterval = a.loader.ReloadInterval - zo.Upstream = a.loader.upstream - - a.Zones.Add(zo, origin, a.transfer) - - if a.metrics != nil { - a.metrics.AddZone(origin) - } - - log.Infof("Inserting zone `%s' from: %s", origin, path) - - toDelete[origin] = false - - return nil - }) - - for origin, ok := range toDelete { - if !ok { - continue - } - - if a.metrics != nil { - a.metrics.RemoveZone(origin) - } - - a.Zones.Remove(origin) - - log.Infof("Deleting zone `%s'", origin) - } - - return nil -} - -// matches re to filename, if it is a match, the subexpression will be used to expand -// template to an origin. When match is true that origin is returned. Origin is fully qualified. -func matches(re *regexp.Regexp, filename, template string) (match bool, origin string) { - base := filepath.Base(filename) - - matches := re.FindStringSubmatchIndex(base) - if matches == nil { - return false, "" - } - - by := re.ExpandString(nil, template, base, matches) - if by == nil { - return false, "" - } - - origin = dns.Fqdn(string(by)) - - return true, origin -} diff --git a/vendor/github.com/coredns/coredns/plugin/auto/xfr.go b/vendor/github.com/coredns/coredns/plugin/auto/xfr.go deleted file mode 100644 index e6a9ba5a..00000000 --- a/vendor/github.com/coredns/coredns/plugin/auto/xfr.go +++ /dev/null @@ -1,31 +0,0 @@ -package auto - -import ( - "github.com/coredns/coredns/plugin/transfer" - - "github.com/miekg/dns" -) - -// Transfer implements the transfer.Transfer interface. -func (a Auto) Transfer(zone string, serial uint32) (<-chan []dns.RR, error) { - a.Zones.RLock() - z, ok := a.Zones.Z[zone] - a.Zones.RUnlock() - - if !ok || z == nil { - return nil, transfer.ErrNotAuthoritative - } - return z.Transfer(serial) -} - -// Notify sends notifies for all zones with secondaries configured with the transfer plugin -func (a Auto) Notify() error { - var err error - for _, origin := range a.Zones.Names() { - e := a.transfer.Notify(origin) - if e != nil { - err = e - } - } - return err -} diff --git a/vendor/github.com/coredns/coredns/plugin/auto/zone.go b/vendor/github.com/coredns/coredns/plugin/auto/zone.go deleted file mode 100644 index bb811861..00000000 --- a/vendor/github.com/coredns/coredns/plugin/auto/zone.go +++ /dev/null @@ -1,77 +0,0 @@ -// Package auto implements a on-the-fly loading file backend. -package auto - -import ( - "sync" - - "github.com/coredns/coredns/plugin/file" - "github.com/coredns/coredns/plugin/transfer" -) - -// Zones maps zone names to a *Zone. This keeps track of what zones we have loaded at -// any one time. -type Zones struct { - Z map[string]*file.Zone // A map mapping zone (origin) to the Zone's data. - names []string // All the keys from the map Z as a string slice. - - origins []string // Any origins from the server block. - - sync.RWMutex -} - -// Names returns the names from z. -func (z *Zones) Names() []string { - z.RLock() - n := z.names - z.RUnlock() - return n -} - -// Origins returns the origins from z. -func (z *Zones) Origins() []string { - // doesn't need locking, because there aren't multiple Go routines accessing it. - return z.origins -} - -// Zones returns a zone with origin name from z, nil when not found. -func (z *Zones) Zones(name string) *file.Zone { - z.RLock() - zo := z.Z[name] - z.RUnlock() - return zo -} - -// Add adds a new zone into z. If z.ReloadInterval is not zero, the -// reload goroutine is started. -func (z *Zones) Add(zo *file.Zone, name string, t *transfer.Transfer) { - z.Lock() - - if z.Z == nil { - z.Z = make(map[string]*file.Zone) - } - - z.Z[name] = zo - z.names = append(z.names, name) - zo.Reload(t) - - z.Unlock() -} - -// Remove removes the zone named name from z. It also stops the zone's reload goroutine. -func (z *Zones) Remove(name string) { - z.Lock() - - if zo, ok := z.Z[name]; ok { - zo.OnShutdown() - } - - delete(z.Z, name) - - // TODO(miek): just regenerate Names (might be bad if you have a lot of zones...) - z.names = []string{} - for n := range z.Z { - z.names = append(z.names, n) - } - - z.Unlock() -} diff --git a/vendor/github.com/coredns/coredns/plugin/autopath/README.md b/vendor/github.com/coredns/coredns/plugin/autopath/README.md deleted file mode 100644 index 64b022e0..00000000 --- a/vendor/github.com/coredns/coredns/plugin/autopath/README.md +++ /dev/null @@ -1,68 +0,0 @@ -# autopath - -## Name - -*autopath* - allows for server-side search path completion. - -## Description - -If the *autopath* plugin sees a query that matches the first element of the configured search path, it will -follow the chain of search path elements and return the first reply that is not NXDOMAIN. On any -failures, the original reply is returned. Because *autopath* returns a reply for a name that wasn't -the original question, it will add a CNAME that points from the original name (with the search path -element in it) to the name of this answer. - -**Note**: There are several known issues, see the "Bugs" section below. - -## Syntax - -~~~ -autopath [ZONE...] RESOLV-CONF -~~~ - -* **ZONES** zones *autopath* should be authoritative for. -* **RESOLV-CONF** points to a `resolv.conf` like file or uses a special syntax to point to another - plugin. For instance `@kubernetes`, will call out to the kubernetes plugin (for each - query) to retrieve the search list it should use. - -If a plugin implements the `AutoPather` interface then it can be used by *autopath*. - -## Metrics - -If monitoring is enabled (via the *prometheus* plugin) then the following metric is exported: - -* `coredns_autopath_success_total{server}` - counter of successfully autopath-ed queries. - -The `server` label is explained in the *metrics* plugin documentation. - -## Examples - -~~~ -autopath my-resolv.conf -~~~ - -Use `my-resolv.conf` as the file to get the search path from. This file only needs to have one line: -`search domain1 domain2 ...` - -~~~ -autopath @kubernetes -~~~ - -Use the search path dynamically retrieved from the *kubernetes* plugin. - -## Bugs - -In Kubernetes, *autopath* can derive the wrong namespace of a client Pod (and therefore wrong search -path) in the following case. To properly build the search path of a client *autopath* needs to know -the namespace of the a Pod making a DNS request. To do this, it relies on the *kubernetes* plugin's -Pod cache to resolve the client's IP address to a Pod. The Pod cache is maintained by an API watch -on Pods. When Pod IP assignments change, the Kubernetes API notifies CoreDNS via the API watch. -However, that notification is not instantaneous. In the case that a Pod is deleted, and its IP is -immediately provisioned to a Pod in another namespace, and that new Pod make a DNS lookup *before* -the API watch can notify CoreDNS of the change, *autopath* will resolve the IP to the previous Pod's -namespace. - -In Kubernetes, *autopath* is not compatible with Pods running from Windows nodes. - -If the server side search ultimately results in a negative answer (e.g. `NXDOMAIN`), then the client -will fruitlessly search all paths manually, thus negating the *autopath* optimization. diff --git a/vendor/github.com/coredns/coredns/plugin/autopath/autopath.go b/vendor/github.com/coredns/coredns/plugin/autopath/autopath.go deleted file mode 100644 index f6b3488e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/autopath/autopath.go +++ /dev/null @@ -1,157 +0,0 @@ -/* -Package autopath implements autopathing. This is a hack; it shortcuts the -client's search path resolution by performing these lookups on the server... - -The server has a copy (via AutoPathFunc) of the client's search path and on -receiving a query it first establishes if the suffix matches the FIRST configured -element. If no match can be found the query will be forwarded up the plugin -chain without interference (if, and only if, 'fallthrough' has been set). - -If the query is deemed to fall in the search path the server will perform the -queries with each element of the search path appended in sequence until a -non-NXDOMAIN answer has been found. That reply will then be returned to the -client - with some CNAME hackery to let the client accept the reply. - -If all queries return NXDOMAIN we return the original as-is and let the client -continue searching. The client will go to the next element in the search path, -but we won’t do any more autopathing. It means that in the failure case, you do -more work, since the server looks it up, then the client still needs to go -through the search path. - -It is assume the search path ordering is identical between server and client. - -Plugins implementing autopath, must have a function called `AutoPath` of type -autopath.Func. Note the searchpath must be ending with the empty string. - -I.e: - - func (m Plugins ) AutoPath(state request.Request) []string { - return []string{"first", "second", "last", ""} - } -*/ -package autopath - -import ( - "context" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/metrics" - "github.com/coredns/coredns/plugin/pkg/dnsutil" - "github.com/coredns/coredns/plugin/pkg/nonwriter" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Func defines the function plugin should implement to return a search -// path to the autopath plugin. The last element of the slice must be the empty string. -// If Func returns a nil slice, no autopathing will be done. -type Func func(request.Request) []string - -// AutoPather defines the interface that a plugin should implement in order to be -// used by AutoPath. -type AutoPather interface { - AutoPath(request.Request) []string -} - -// AutoPath performs autopath: service side search path completion. -type AutoPath struct { - Next plugin.Handler - Zones []string - - // Search always includes "" as the last element, so we try the base query with out any search paths added as well. - search []string - searchFunc Func -} - -// ServeDNS implements the plugin.Handle interface. -func (a *AutoPath) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - - zone := plugin.Zones(a.Zones).Matches(state.Name()) - if zone == "" { - return plugin.NextOrFailure(a.Name(), a.Next, ctx, w, r) - } - - // Check if autopath should be done, searchFunc takes precedence over the local configured search path. - var err error - searchpath := a.search - - if a.searchFunc != nil { - searchpath = a.searchFunc(state) - } - - if len(searchpath) == 0 { - return plugin.NextOrFailure(a.Name(), a.Next, ctx, w, r) - } - - if !firstInSearchPath(state.Name(), searchpath) { - return plugin.NextOrFailure(a.Name(), a.Next, ctx, w, r) - } - - origQName := state.QName() - - // Establish base name of the query. I.e what was originally asked. - base, err := dnsutil.TrimZone(state.QName(), searchpath[0]) - if err != nil { - return dns.RcodeServerFailure, err - } - - firstReply := new(dns.Msg) - firstRcode := 0 - var firstErr error - - ar := r.Copy() - // Walk the search path and see if we can get a non-nxdomain - if they all fail we return the first - // query we've done and return that as-is. This means the client will do the search path walk again... - for i, s := range searchpath { - newQName := base + "." + s - ar.Question[0].Name = newQName - nw := nonwriter.New(w) - - rcode, err := plugin.NextOrFailure(a.Name(), a.Next, ctx, nw, ar) - if err != nil { - // Return now - not sure if this is the best. We should also check if the write has happened. - return rcode, err - } - if i == 0 { - firstReply = nw.Msg - firstRcode = rcode - firstErr = err - } - - if !plugin.ClientWrite(rcode) { - continue - } - - if nw.Msg.Rcode == dns.RcodeNameError { - continue - } - - msg := nw.Msg - cnamer(msg, origQName) - - // Write whatever non-nxdomain answer we've found. - w.WriteMsg(msg) - autoPathCount.WithLabelValues(metrics.WithServer(ctx)).Add(1) - return rcode, err - } - if plugin.ClientWrite(firstRcode) { - w.WriteMsg(firstReply) - } - return firstRcode, firstErr -} - -// Name implements the Handler interface. -func (a *AutoPath) Name() string { return "autopath" } - -// firstInSearchPath checks if name is equal to are a sibling of the first element in the search path. -func firstInSearchPath(name string, searchpath []string) bool { - if name == searchpath[0] { - return true - } - if dns.IsSubDomain(searchpath[0], name) { - return true - } - return false -} diff --git a/vendor/github.com/coredns/coredns/plugin/autopath/cname.go b/vendor/github.com/coredns/coredns/plugin/autopath/cname.go deleted file mode 100644 index 3b2c60f4..00000000 --- a/vendor/github.com/coredns/coredns/plugin/autopath/cname.go +++ /dev/null @@ -1,25 +0,0 @@ -package autopath - -import ( - "strings" - - "github.com/miekg/dns" -) - -// cnamer will prefix the answer section with a cname that points from original qname to the -// name of the first RR. It will also update the question section and put original in there. -func cnamer(m *dns.Msg, original string) { - for _, a := range m.Answer { - if strings.EqualFold(original, a.Header().Name) { - continue - } - m.Answer = append(m.Answer, nil) - copy(m.Answer[1:], m.Answer) - m.Answer[0] = &dns.CNAME{ - Hdr: dns.RR_Header{Name: original, Rrtype: dns.TypeCNAME, Class: dns.ClassINET, Ttl: a.Header().Ttl}, - Target: a.Header().Name, - } - break - } - m.Question[0].Name = original -} diff --git a/vendor/github.com/coredns/coredns/plugin/autopath/metrics.go b/vendor/github.com/coredns/coredns/plugin/autopath/metrics.go deleted file mode 100644 index 65a6cbd8..00000000 --- a/vendor/github.com/coredns/coredns/plugin/autopath/metrics.go +++ /dev/null @@ -1,18 +0,0 @@ -package autopath - -import ( - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -var ( - // autoPathCount is counter of successfully autopath-ed queries. - autoPathCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "autopath", - Name: "success_total", - Help: "Counter of requests that did autopath.", - }, []string{"server"}) -) diff --git a/vendor/github.com/coredns/coredns/plugin/autopath/setup.go b/vendor/github.com/coredns/coredns/plugin/autopath/setup.go deleted file mode 100644 index a041e364..00000000 --- a/vendor/github.com/coredns/coredns/plugin/autopath/setup.go +++ /dev/null @@ -1,70 +0,0 @@ -package autopath - -import ( - "fmt" - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - - "github.com/miekg/dns" -) - -func init() { plugin.Register("autopath", setup) } - -func setup(c *caddy.Controller) error { - ap, mw, err := autoPathParse(c) - if err != nil { - return plugin.Error("autopath", err) - } - - // Do this in OnStartup, so all plugin has been initialized. - c.OnStartup(func() error { - m := dnsserver.GetConfig(c).Handler(mw) - if m == nil { - return nil - } - if x, ok := m.(AutoPather); ok { - ap.searchFunc = x.AutoPath - } else { - return plugin.Error("autopath", fmt.Errorf("%s does not implement the AutoPather interface", mw)) - } - return nil - }) - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - ap.Next = next - return ap - }) - - return nil -} - -func autoPathParse(c *caddy.Controller) (*AutoPath, string, error) { - ap := &AutoPath{} - mw := "" - - for c.Next() { - zoneAndresolv := c.RemainingArgs() - if len(zoneAndresolv) < 1 { - return ap, "", fmt.Errorf("no resolv-conf specified") - } - resolv := zoneAndresolv[len(zoneAndresolv)-1] - if strings.HasPrefix(resolv, "@") { - mw = resolv[1:] - } else { - // assume file on disk - rc, err := dns.ClientConfigFromFile(resolv) - if err != nil { - return ap, "", fmt.Errorf("failed to parse %q: %v", resolv, err) - } - ap.search = rc.Search - plugin.Zones(ap.search).Normalize() - ap.search = append(ap.search, "") // sentinel value as demanded. - } - zones := zoneAndresolv[:len(zoneAndresolv)-1] - ap.Zones = plugin.OriginsFromArgsOrServerBlock(zones, c.ServerBlockKeys) - } - return ap, mw, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/azure/README.md b/vendor/github.com/coredns/coredns/plugin/azure/README.md deleted file mode 100644 index f5ed5abf..00000000 --- a/vendor/github.com/coredns/coredns/plugin/azure/README.md +++ /dev/null @@ -1,60 +0,0 @@ -# azure - -## Name - -*azure* - enables serving zone data from Microsoft Azure DNS service. - -## Description - -The azure plugin is useful for serving zones from Microsoft Azure DNS. The *azure* plugin supports -all the DNS records supported by Azure, viz. A, AAAA, CNAME, MX, NS, PTR, SOA, SRV, and TXT -record types. NS record type is not supported by azure private DNS. - -## Syntax - -~~~ txt -azure RESOURCE_GROUP:ZONE... { - tenant TENANT_ID - client CLIENT_ID - secret CLIENT_SECRET - subscription SUBSCRIPTION_ID - environment ENVIRONMENT - fallthrough [ZONES...] - access private -} -~~~ - -* **RESOURCE_GROUP:ZONE** is the resource group to which the hosted zones belongs on Azure, - and **ZONE** the zone that contains data. - -* **CLIENT_ID** and **CLIENT_SECRET** are the credentials for Azure, and `tenant` specifies the - **TENANT_ID** to be used. **SUBSCRIPTION_ID** is the subscription ID. All of these are needed - to access the data in Azure. - -* `environment` specifies the Azure **ENVIRONMENT**. - -* `fallthrough` If zone matches and no record can be generated, pass request to the next plugin. - If **ZONES** is omitted, then fallthrough happens for all zones for which the plugin is - authoritative. - -* `access` specifies if the zone is `public` or `private`. Default is `public`. - -## Examples - -Enable the *azure* plugin with Azure credentials for private zones `example.org`, `example.private`: - -~~~ txt -example.org { - azure resource_group_foo:example.org resource_group_foo:example.private { - tenant 123abc-123abc-123abc-123abc - client 123abc-123abc-123abc-234xyz - subscription 123abc-123abc-123abc-563abc - secret mysecret - access private - } -} -~~~ - -## See Also - -The [Azure DNS Overview](https://docs.microsoft.com/en-us/azure/dns/dns-overview). diff --git a/vendor/github.com/coredns/coredns/plugin/azure/azure.go b/vendor/github.com/coredns/coredns/plugin/azure/azure.go deleted file mode 100644 index e236a08b..00000000 --- a/vendor/github.com/coredns/coredns/plugin/azure/azure.go +++ /dev/null @@ -1,352 +0,0 @@ -package azure - -import ( - "context" - "fmt" - "net" - "sync" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/file" - "github.com/coredns/coredns/plugin/pkg/fall" - "github.com/coredns/coredns/plugin/pkg/upstream" - "github.com/coredns/coredns/request" - - publicdns "github.com/Azure/azure-sdk-for-go/profiles/latest/dns/mgmt/dns" - privatedns "github.com/Azure/azure-sdk-for-go/profiles/latest/privatedns/mgmt/privatedns" - "github.com/miekg/dns" -) - -type zone struct { - id string - z *file.Zone - zone string - private bool -} - -type zones map[string][]*zone - -// Azure is the core struct of the azure plugin. -type Azure struct { - zoneNames []string - publicClient publicdns.RecordSetsClient - privateClient privatedns.RecordSetsClient - upstream *upstream.Upstream - zMu sync.RWMutex - zones zones - - Next plugin.Handler - Fall fall.F -} - -// New validates the input DNS zones and initializes the Azure struct. -func New(ctx context.Context, publicClient publicdns.RecordSetsClient, privateClient privatedns.RecordSetsClient, keys map[string][]string, accessMap map[string]string) (*Azure, error) { - zones := make(map[string][]*zone, len(keys)) - names := make([]string, len(keys)) - var private bool - - for resourceGroup, znames := range keys { - for _, name := range znames { - switch accessMap[resourceGroup+name] { - case "public": - if _, err := publicClient.ListAllByDNSZone(context.Background(), resourceGroup, name, nil, ""); err != nil { - return nil, err - } - private = false - case "private": - if _, err := privateClient.ListComplete(context.Background(), resourceGroup, name, nil, ""); err != nil { - return nil, err - } - private = true - } - - fqdn := dns.Fqdn(name) - if _, ok := zones[fqdn]; !ok { - names = append(names, fqdn) - } - zones[fqdn] = append(zones[fqdn], &zone{id: resourceGroup, zone: name, private: private, z: file.NewZone(fqdn, "")}) - } - } - - return &Azure{ - publicClient: publicClient, - privateClient: privateClient, - zones: zones, - zoneNames: names, - upstream: upstream.New(), - }, nil -} - -// Run updates the zone from azure. -func (h *Azure) Run(ctx context.Context) error { - if err := h.updateZones(ctx); err != nil { - return err - } - go func() { - delay := 1 * time.Minute - timer := time.NewTimer(delay) - defer timer.Stop() - for { - timer.Reset(delay) - select { - case <-ctx.Done(): - log.Debugf("Breaking out of Azure update loop for %v: %v", h.zoneNames, ctx.Err()) - return - case <-timer.C: - if err := h.updateZones(ctx); err != nil && ctx.Err() == nil { - log.Errorf("Failed to update zones %v: %v", h.zoneNames, err) - } - } - } - }() - return nil -} - -func (h *Azure) updateZones(ctx context.Context) error { - var err error - var publicSet publicdns.RecordSetListResultPage - var privateSet privatedns.RecordSetListResultPage - errs := make([]string, 0) - for zName, z := range h.zones { - for i, hostedZone := range z { - newZ := file.NewZone(zName, "") - if hostedZone.private { - for privateSet, err = h.privateClient.List(ctx, hostedZone.id, hostedZone.zone, nil, ""); privateSet.NotDone(); err = privateSet.NextWithContext(ctx) { - updateZoneFromPrivateResourceSet(privateSet, newZ) - } - } else { - for publicSet, err = h.publicClient.ListByDNSZone(ctx, hostedZone.id, hostedZone.zone, nil, ""); publicSet.NotDone(); err = publicSet.NextWithContext(ctx) { - updateZoneFromPublicResourceSet(publicSet, newZ) - } - } - if err != nil { - errs = append(errs, fmt.Sprintf("failed to list resource records for %v from azure: %v", hostedZone.zone, err)) - } - newZ.Upstream = h.upstream - h.zMu.Lock() - (*z[i]).z = newZ - h.zMu.Unlock() - } - } - - if len(errs) != 0 { - return fmt.Errorf("errors updating zones: %v", errs) - } - return nil -} - -func updateZoneFromPublicResourceSet(recordSet publicdns.RecordSetListResultPage, newZ *file.Zone) { - for _, result := range *(recordSet.Response().Value) { - resultFqdn := *(result.RecordSetProperties.Fqdn) - resultTTL := uint32(*(result.RecordSetProperties.TTL)) - if result.RecordSetProperties.ARecords != nil { - for _, A := range *(result.RecordSetProperties.ARecords) { - a := &dns.A{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: resultTTL}, - A: net.ParseIP(*(A.Ipv4Address))} - newZ.Insert(a) - } - } - - if result.RecordSetProperties.AaaaRecords != nil { - for _, AAAA := range *(result.RecordSetProperties.AaaaRecords) { - aaaa := &dns.AAAA{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: resultTTL}, - AAAA: net.ParseIP(*(AAAA.Ipv6Address))} - newZ.Insert(aaaa) - } - } - - if result.RecordSetProperties.MxRecords != nil { - for _, MX := range *(result.RecordSetProperties.MxRecords) { - mx := &dns.MX{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeMX, Class: dns.ClassINET, Ttl: resultTTL}, - Preference: uint16(*(MX.Preference)), - Mx: dns.Fqdn(*(MX.Exchange))} - newZ.Insert(mx) - } - } - - if result.RecordSetProperties.PtrRecords != nil { - for _, PTR := range *(result.RecordSetProperties.PtrRecords) { - ptr := &dns.PTR{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypePTR, Class: dns.ClassINET, Ttl: resultTTL}, - Ptr: dns.Fqdn(*(PTR.Ptrdname))} - newZ.Insert(ptr) - } - } - - if result.RecordSetProperties.SrvRecords != nil { - for _, SRV := range *(result.RecordSetProperties.SrvRecords) { - srv := &dns.SRV{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeSRV, Class: dns.ClassINET, Ttl: resultTTL}, - Priority: uint16(*(SRV.Priority)), - Weight: uint16(*(SRV.Weight)), - Port: uint16(*(SRV.Port)), - Target: dns.Fqdn(*(SRV.Target))} - newZ.Insert(srv) - } - } - - if result.RecordSetProperties.TxtRecords != nil { - for _, TXT := range *(result.RecordSetProperties.TxtRecords) { - txt := &dns.TXT{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeTXT, Class: dns.ClassINET, Ttl: resultTTL}, - Txt: *(TXT.Value)} - newZ.Insert(txt) - } - } - - if result.RecordSetProperties.NsRecords != nil { - for _, NS := range *(result.RecordSetProperties.NsRecords) { - ns := &dns.NS{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeNS, Class: dns.ClassINET, Ttl: resultTTL}, - Ns: *(NS.Nsdname)} - newZ.Insert(ns) - } - } - - if result.RecordSetProperties.SoaRecord != nil { - SOA := result.RecordSetProperties.SoaRecord - soa := &dns.SOA{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeSOA, Class: dns.ClassINET, Ttl: resultTTL}, - Minttl: uint32(*(SOA.MinimumTTL)), - Expire: uint32(*(SOA.ExpireTime)), - Retry: uint32(*(SOA.RetryTime)), - Refresh: uint32(*(SOA.RefreshTime)), - Serial: uint32(*(SOA.SerialNumber)), - Mbox: dns.Fqdn(*(SOA.Email)), - Ns: *(SOA.Host)} - newZ.Insert(soa) - } - - if result.RecordSetProperties.CnameRecord != nil { - CNAME := result.RecordSetProperties.CnameRecord.Cname - cname := &dns.CNAME{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeCNAME, Class: dns.ClassINET, Ttl: resultTTL}, - Target: dns.Fqdn(*CNAME)} - newZ.Insert(cname) - } - } -} - -func updateZoneFromPrivateResourceSet(recordSet privatedns.RecordSetListResultPage, newZ *file.Zone) { - for _, result := range *(recordSet.Response().Value) { - resultFqdn := *(result.RecordSetProperties.Fqdn) - resultTTL := uint32(*(result.RecordSetProperties.TTL)) - if result.RecordSetProperties.ARecords != nil { - for _, A := range *(result.RecordSetProperties.ARecords) { - a := &dns.A{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: resultTTL}, - A: net.ParseIP(*(A.Ipv4Address))} - newZ.Insert(a) - } - } - if result.RecordSetProperties.AaaaRecords != nil { - for _, AAAA := range *(result.RecordSetProperties.AaaaRecords) { - aaaa := &dns.AAAA{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: resultTTL}, - AAAA: net.ParseIP(*(AAAA.Ipv6Address))} - newZ.Insert(aaaa) - } - } - - if result.RecordSetProperties.MxRecords != nil { - for _, MX := range *(result.RecordSetProperties.MxRecords) { - mx := &dns.MX{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeMX, Class: dns.ClassINET, Ttl: resultTTL}, - Preference: uint16(*(MX.Preference)), - Mx: dns.Fqdn(*(MX.Exchange))} - newZ.Insert(mx) - } - } - - if result.RecordSetProperties.PtrRecords != nil { - for _, PTR := range *(result.RecordSetProperties.PtrRecords) { - ptr := &dns.PTR{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypePTR, Class: dns.ClassINET, Ttl: resultTTL}, - Ptr: dns.Fqdn(*(PTR.Ptrdname))} - newZ.Insert(ptr) - } - } - - if result.RecordSetProperties.SrvRecords != nil { - for _, SRV := range *(result.RecordSetProperties.SrvRecords) { - srv := &dns.SRV{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeSRV, Class: dns.ClassINET, Ttl: resultTTL}, - Priority: uint16(*(SRV.Priority)), - Weight: uint16(*(SRV.Weight)), - Port: uint16(*(SRV.Port)), - Target: dns.Fqdn(*(SRV.Target))} - newZ.Insert(srv) - } - } - - if result.RecordSetProperties.TxtRecords != nil { - for _, TXT := range *(result.RecordSetProperties.TxtRecords) { - txt := &dns.TXT{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeTXT, Class: dns.ClassINET, Ttl: resultTTL}, - Txt: *(TXT.Value)} - newZ.Insert(txt) - } - } - - if result.RecordSetProperties.SoaRecord != nil { - SOA := result.RecordSetProperties.SoaRecord - soa := &dns.SOA{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeSOA, Class: dns.ClassINET, Ttl: resultTTL}, - Minttl: uint32(*(SOA.MinimumTTL)), - Expire: uint32(*(SOA.ExpireTime)), - Retry: uint32(*(SOA.RetryTime)), - Refresh: uint32(*(SOA.RefreshTime)), - Serial: uint32(*(SOA.SerialNumber)), - Mbox: dns.Fqdn(*(SOA.Email)), - Ns: dns.Fqdn(*(SOA.Host))} - newZ.Insert(soa) - } - - if result.RecordSetProperties.CnameRecord != nil { - CNAME := result.RecordSetProperties.CnameRecord.Cname - cname := &dns.CNAME{Hdr: dns.RR_Header{Name: resultFqdn, Rrtype: dns.TypeCNAME, Class: dns.ClassINET, Ttl: resultTTL}, - Target: dns.Fqdn(*CNAME)} - newZ.Insert(cname) - } - } -} - -// ServeDNS implements the plugin.Handler interface. -func (h *Azure) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - qname := state.Name() - - zone := plugin.Zones(h.zoneNames).Matches(qname) - if zone == "" { - return plugin.NextOrFailure(h.Name(), h.Next, ctx, w, r) - } - - zones, ok := h.zones[zone] // ok true if we are authoritative for the zone. - if !ok || zones == nil { - return dns.RcodeServerFailure, nil - } - - m := new(dns.Msg) - m.SetReply(r) - m.Authoritative = true - var result file.Result - for _, z := range zones { - h.zMu.RLock() - m.Answer, m.Ns, m.Extra, result = z.z.Lookup(ctx, state, qname) - h.zMu.RUnlock() - - // record type exists for this name (NODATA). - if len(m.Answer) != 0 || result == file.NoData { - break - } - } - - if len(m.Answer) == 0 && result != file.NoData && h.Fall.Through(qname) { - return plugin.NextOrFailure(h.Name(), h.Next, ctx, w, r) - } - - switch result { - case file.Success: - case file.NoData: - case file.NameError: - m.Rcode = dns.RcodeNameError - case file.Delegation: - m.Authoritative = false - case file.ServerFailure: - return dns.RcodeServerFailure, nil - } - - w.WriteMsg(m) - return dns.RcodeSuccess, nil -} - -// Name implements plugin.Handler.Name. -func (h *Azure) Name() string { return "azure" } diff --git a/vendor/github.com/coredns/coredns/plugin/azure/setup.go b/vendor/github.com/coredns/coredns/plugin/azure/setup.go deleted file mode 100644 index 6cabe059..00000000 --- a/vendor/github.com/coredns/coredns/plugin/azure/setup.go +++ /dev/null @@ -1,144 +0,0 @@ -package azure - -import ( - "context" - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/fall" - clog "github.com/coredns/coredns/plugin/pkg/log" - - publicAzureDNS "github.com/Azure/azure-sdk-for-go/profiles/latest/dns/mgmt/dns" - privateAzureDNS "github.com/Azure/azure-sdk-for-go/profiles/latest/privatedns/mgmt/privatedns" - azurerest "github.com/Azure/go-autorest/autorest/azure" - "github.com/Azure/go-autorest/autorest/azure/auth" -) - -var log = clog.NewWithPlugin("azure") - -func init() { plugin.Register("azure", setup) } - -func setup(c *caddy.Controller) error { - env, keys, accessMap, fall, err := parse(c) - if err != nil { - return plugin.Error("azure", err) - } - ctx, cancel := context.WithCancel(context.Background()) - - publicDNSClient := publicAzureDNS.NewRecordSetsClient(env.Values[auth.SubscriptionID]) - if publicDNSClient.Authorizer, err = env.GetAuthorizer(); err != nil { - cancel() - return plugin.Error("azure", err) - } - - privateDNSClient := privateAzureDNS.NewRecordSetsClient(env.Values[auth.SubscriptionID]) - if privateDNSClient.Authorizer, err = env.GetAuthorizer(); err != nil { - cancel() - return plugin.Error("azure", err) - } - - h, err := New(ctx, publicDNSClient, privateDNSClient, keys, accessMap) - if err != nil { - cancel() - return plugin.Error("azure", err) - } - h.Fall = fall - if err := h.Run(ctx); err != nil { - cancel() - return plugin.Error("azure", err) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - h.Next = next - return h - }) - c.OnShutdown(func() error { cancel(); return nil }) - return nil -} - -func parse(c *caddy.Controller) (auth.EnvironmentSettings, map[string][]string, map[string]string, fall.F, error) { - resourceGroupMapping := map[string][]string{} - accessMap := map[string]string{} - resourceGroupSet := map[string]struct{}{} - azureEnv := azurerest.PublicCloud - env := auth.EnvironmentSettings{Values: map[string]string{}} - - var fall fall.F - var access string - var resourceGroup string - var zoneName string - - for c.Next() { - args := c.RemainingArgs() - - for i := 0; i < len(args); i++ { - parts := strings.SplitN(args[i], ":", 2) - if len(parts) != 2 { - return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid resource group/zone: %q", args[i]) - } - resourceGroup, zoneName = parts[0], parts[1] - if resourceGroup == "" || zoneName == "" { - return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid resource group/zone: %q", args[i]) - } - if _, ok := resourceGroupSet[resourceGroup+zoneName]; ok { - return env, resourceGroupMapping, accessMap, fall, c.Errf("conflicting zone: %q", args[i]) - } - - resourceGroupSet[resourceGroup+zoneName] = struct{}{} - accessMap[resourceGroup+zoneName] = "public" - resourceGroupMapping[resourceGroup] = append(resourceGroupMapping[resourceGroup], zoneName) - } - - for c.NextBlock() { - switch c.Val() { - case "subscription": - if !c.NextArg() { - return env, resourceGroupMapping, accessMap, fall, c.ArgErr() - } - env.Values[auth.SubscriptionID] = c.Val() - case "tenant": - if !c.NextArg() { - return env, resourceGroupMapping, accessMap, fall, c.ArgErr() - } - env.Values[auth.TenantID] = c.Val() - case "client": - if !c.NextArg() { - return env, resourceGroupMapping, accessMap, fall, c.ArgErr() - } - env.Values[auth.ClientID] = c.Val() - case "secret": - if !c.NextArg() { - return env, resourceGroupMapping, accessMap, fall, c.ArgErr() - } - env.Values[auth.ClientSecret] = c.Val() - case "environment": - if !c.NextArg() { - return env, resourceGroupMapping, accessMap, fall, c.ArgErr() - } - var err error - if azureEnv, err = azurerest.EnvironmentFromName(c.Val()); err != nil { - return env, resourceGroupMapping, accessMap, fall, c.Errf("cannot set azure environment: %q", err.Error()) - } - case "fallthrough": - fall.SetZonesFromArgs(c.RemainingArgs()) - case "access": - if !c.NextArg() { - return env, resourceGroupMapping, accessMap, fall, c.ArgErr() - } - access = c.Val() - if access != "public" && access != "private" { - return env, resourceGroupMapping, accessMap, fall, c.Errf("invalid access value: can be public/private, found: %s", access) - } - accessMap[resourceGroup+zoneName] = access - default: - return env, resourceGroupMapping, accessMap, fall, c.Errf("unknown property: %q", c.Val()) - } - } - } - - env.Values[auth.Resource] = azureEnv.ResourceManagerEndpoint - env.Environment = azureEnv - return env, resourceGroupMapping, accessMap, fall, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/backend.go b/vendor/github.com/coredns/coredns/plugin/backend.go deleted file mode 100644 index a0217c96..00000000 --- a/vendor/github.com/coredns/coredns/plugin/backend.go +++ /dev/null @@ -1,40 +0,0 @@ -package plugin - -import ( - "context" - - "github.com/coredns/coredns/plugin/etcd/msg" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// ServiceBackend defines a (dynamic) backend that returns a slice of service definitions. -type ServiceBackend interface { - // Services communicates with the backend to retrieve the service definitions. Exact indicates - // on exact match should be returned. - Services(ctx context.Context, state request.Request, exact bool, opt Options) ([]msg.Service, error) - - // Reverse communicates with the backend to retrieve service definition based on a IP address - // instead of a name. I.e. a reverse DNS lookup. - Reverse(ctx context.Context, state request.Request, exact bool, opt Options) ([]msg.Service, error) - - // Lookup is used to find records else where. - Lookup(ctx context.Context, state request.Request, name string, typ uint16) (*dns.Msg, error) - - // Returns _all_ services that matches a certain name. - // Note: it does not implement a specific service. - Records(ctx context.Context, state request.Request, exact bool) ([]msg.Service, error) - - // IsNameError returns true if err indicated a record not found condition - IsNameError(err error) bool - - // Serial returns a SOA serial number to construct a SOA record. - Serial(state request.Request) uint32 - - // MinTTL returns the minimum TTL to be used in the SOA record. - MinTTL(state request.Request) uint32 -} - -// Options are extra options that can be specified for a lookup. -type Options struct{} diff --git a/vendor/github.com/coredns/coredns/plugin/backend_lookup.go b/vendor/github.com/coredns/coredns/plugin/backend_lookup.go deleted file mode 100644 index 371b9666..00000000 --- a/vendor/github.com/coredns/coredns/plugin/backend_lookup.go +++ /dev/null @@ -1,562 +0,0 @@ -package plugin - -import ( - "context" - "fmt" - "math" - "net" - - "github.com/coredns/coredns/plugin/etcd/msg" - "github.com/coredns/coredns/plugin/pkg/dnsutil" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -const maxCnameChainLength = 10 - -// A returns A records from Backend or an error. -func A(ctx context.Context, b ServiceBackend, zone string, state request.Request, previousRecords []dns.RR, opt Options) (records []dns.RR, truncated bool, err error) { - services, err := checkForApex(ctx, b, zone, state, opt) - if err != nil { - return nil, false, err - } - - dup := make(map[string]struct{}) - - for _, serv := range services { - what, ip := serv.HostType() - - switch what { - case dns.TypeCNAME: - if Name(state.Name()).Matches(dns.Fqdn(serv.Host)) { - // x CNAME x is a direct loop, don't add those - // in etcd/skydns w.x CNAME x is also direct loop due to the "recursive" nature of search results - continue - } - - newRecord := serv.NewCNAME(state.QName(), serv.Host) - if len(previousRecords) > maxCnameChainLength { - // don't add it, and just continue - continue - } - if dnsutil.DuplicateCNAME(newRecord, previousRecords) { - continue - } - if dns.IsSubDomain(zone, dns.Fqdn(serv.Host)) { - state1 := state.NewWithQuestion(serv.Host, state.QType()) - state1.Zone = zone - nextRecords, tc, err := A(ctx, b, zone, state1, append(previousRecords, newRecord), opt) - - if err == nil { - // Not only have we found something we should add the CNAME and the IP addresses. - if len(nextRecords) > 0 { - records = append(records, newRecord) - records = append(records, nextRecords...) - } - } - if tc { - truncated = true - } - continue - } - // This means we can not complete the CNAME, try to look else where. - target := newRecord.Target - // Lookup - m1, e1 := b.Lookup(ctx, state, target, state.QType()) - if e1 != nil { - continue - } - if m1.Truncated { - truncated = true - } - // Len(m1.Answer) > 0 here is well? - records = append(records, newRecord) - records = append(records, m1.Answer...) - continue - - case dns.TypeA: - if _, ok := dup[serv.Host]; !ok { - dup[serv.Host] = struct{}{} - records = append(records, serv.NewA(state.QName(), ip)) - } - - case dns.TypeAAAA: - // nada - } - } - return records, truncated, nil -} - -// AAAA returns AAAA records from Backend or an error. -func AAAA(ctx context.Context, b ServiceBackend, zone string, state request.Request, previousRecords []dns.RR, opt Options) (records []dns.RR, truncated bool, err error) { - services, err := checkForApex(ctx, b, zone, state, opt) - if err != nil { - return nil, false, err - } - - dup := make(map[string]struct{}) - - for _, serv := range services { - what, ip := serv.HostType() - - switch what { - case dns.TypeCNAME: - // Try to resolve as CNAME if it's not an IP, but only if we don't create loops. - if Name(state.Name()).Matches(dns.Fqdn(serv.Host)) { - // x CNAME x is a direct loop, don't add those - // in etcd/skydns w.x CNAME x is also direct loop due to the "recursive" nature of search results - continue - } - - newRecord := serv.NewCNAME(state.QName(), serv.Host) - if len(previousRecords) > maxCnameChainLength { - // don't add it, and just continue - continue - } - if dnsutil.DuplicateCNAME(newRecord, previousRecords) { - continue - } - if dns.IsSubDomain(zone, dns.Fqdn(serv.Host)) { - state1 := state.NewWithQuestion(serv.Host, state.QType()) - state1.Zone = zone - nextRecords, tc, err := AAAA(ctx, b, zone, state1, append(previousRecords, newRecord), opt) - - if err == nil { - // Not only have we found something we should add the CNAME and the IP addresses. - if len(nextRecords) > 0 { - records = append(records, newRecord) - records = append(records, nextRecords...) - } - } - if tc { - truncated = true - } - continue - } - // This means we can not complete the CNAME, try to look else where. - target := newRecord.Target - m1, e1 := b.Lookup(ctx, state, target, state.QType()) - if e1 != nil { - continue - } - if m1.Truncated { - truncated = true - } - // Len(m1.Answer) > 0 here is well? - records = append(records, newRecord) - records = append(records, m1.Answer...) - continue - // both here again - - case dns.TypeA: - // nada - - case dns.TypeAAAA: - if _, ok := dup[serv.Host]; !ok { - dup[serv.Host] = struct{}{} - records = append(records, serv.NewAAAA(state.QName(), ip)) - } - } - } - return records, truncated, nil -} - -// SRV returns SRV records from the Backend. -// If the Target is not a name but an IP address, a name is created on the fly. -func SRV(ctx context.Context, b ServiceBackend, zone string, state request.Request, opt Options) (records, extra []dns.RR, err error) { - services, err := b.Services(ctx, state, false, opt) - if err != nil { - return nil, nil, err - } - - dup := make(map[item]struct{}) - lookup := make(map[string]struct{}) - - // Looping twice to get the right weight vs priority. This might break because we may drop duplicate SRV records latter on. - w := make(map[int]int) - for _, serv := range services { - weight := 100 - if serv.Weight != 0 { - weight = serv.Weight - } - if _, ok := w[serv.Priority]; !ok { - w[serv.Priority] = weight - continue - } - w[serv.Priority] += weight - } - for _, serv := range services { - // Don't add the entry if the port is -1 (invalid). The kubernetes plugin uses port -1 when a service/endpoint - // does not have any declared ports. - if serv.Port == -1 { - continue - } - w1 := 100.0 / float64(w[serv.Priority]) - if serv.Weight == 0 { - w1 *= 100 - } else { - w1 *= float64(serv.Weight) - } - weight := uint16(math.Floor(w1)) - // weight should be at least 1 - if weight == 0 { - weight = 1 - } - - what, ip := serv.HostType() - - switch what { - case dns.TypeCNAME: - srv := serv.NewSRV(state.QName(), weight) - records = append(records, srv) - - if _, ok := lookup[srv.Target]; ok { - break - } - - lookup[srv.Target] = struct{}{} - - if !dns.IsSubDomain(zone, srv.Target) { - m1, e1 := b.Lookup(ctx, state, srv.Target, dns.TypeA) - if e1 == nil { - extra = append(extra, m1.Answer...) - } - - m1, e1 = b.Lookup(ctx, state, srv.Target, dns.TypeAAAA) - if e1 == nil { - // If we have seen CNAME's we *assume* that they are already added. - for _, a := range m1.Answer { - if _, ok := a.(*dns.CNAME); !ok { - extra = append(extra, a) - } - } - } - break - } - // Internal name, we should have some info on them, either v4 or v6 - // Clients expect a complete answer, because we are a recursor in their view. - state1 := state.NewWithQuestion(srv.Target, dns.TypeA) - addr, _, e1 := A(ctx, b, zone, state1, nil, opt) - if e1 == nil { - extra = append(extra, addr...) - } - // TODO(miek): AAAA as well here. - - case dns.TypeA, dns.TypeAAAA: - addr := serv.Host - serv.Host = msg.Domain(serv.Key) - srv := serv.NewSRV(state.QName(), weight) - - if ok := isDuplicate(dup, srv.Target, "", srv.Port); !ok { - records = append(records, srv) - } - - if ok := isDuplicate(dup, srv.Target, addr, 0); !ok { - extra = append(extra, newAddress(serv, srv.Target, ip, what)) - } - } - } - return records, extra, nil -} - -// MX returns MX records from the Backend. If the Target is not a name but an IP address, a name is created on the fly. -func MX(ctx context.Context, b ServiceBackend, zone string, state request.Request, opt Options) (records, extra []dns.RR, err error) { - services, err := b.Services(ctx, state, false, opt) - if err != nil { - return nil, nil, err - } - - dup := make(map[item]struct{}) - lookup := make(map[string]struct{}) - for _, serv := range services { - if !serv.Mail { - continue - } - what, ip := serv.HostType() - switch what { - case dns.TypeCNAME: - mx := serv.NewMX(state.QName()) - records = append(records, mx) - if _, ok := lookup[mx.Mx]; ok { - break - } - - lookup[mx.Mx] = struct{}{} - - if !dns.IsSubDomain(zone, mx.Mx) { - m1, e1 := b.Lookup(ctx, state, mx.Mx, dns.TypeA) - if e1 == nil { - extra = append(extra, m1.Answer...) - } - - m1, e1 = b.Lookup(ctx, state, mx.Mx, dns.TypeAAAA) - if e1 == nil { - // If we have seen CNAME's we *assume* that they are already added. - for _, a := range m1.Answer { - if _, ok := a.(*dns.CNAME); !ok { - extra = append(extra, a) - } - } - } - break - } - // Internal name - state1 := state.NewWithQuestion(mx.Mx, dns.TypeA) - addr, _, e1 := A(ctx, b, zone, state1, nil, opt) - if e1 == nil { - extra = append(extra, addr...) - } - // TODO(miek): AAAA as well here. - - case dns.TypeA, dns.TypeAAAA: - addr := serv.Host - serv.Host = msg.Domain(serv.Key) - mx := serv.NewMX(state.QName()) - - if ok := isDuplicate(dup, mx.Mx, "", mx.Preference); !ok { - records = append(records, mx) - } - // Fake port to be 0 for address... - if ok := isDuplicate(dup, serv.Host, addr, 0); !ok { - extra = append(extra, newAddress(serv, serv.Host, ip, what)) - } - } - } - return records, extra, nil -} - -// CNAME returns CNAME records from the backend or an error. -func CNAME(ctx context.Context, b ServiceBackend, zone string, state request.Request, opt Options) (records []dns.RR, err error) { - services, err := b.Services(ctx, state, true, opt) - if err != nil { - return nil, err - } - - if len(services) > 0 { - serv := services[0] - if ip := net.ParseIP(serv.Host); ip == nil { - records = append(records, serv.NewCNAME(state.QName(), serv.Host)) - } - } - return records, nil -} - -// TXT returns TXT records from Backend or an error. -func TXT(ctx context.Context, b ServiceBackend, zone string, state request.Request, previousRecords []dns.RR, opt Options) (records []dns.RR, truncated bool, err error) { - services, err := b.Services(ctx, state, false, opt) - if err != nil { - return nil, false, err - } - - dup := make(map[string]struct{}) - - for _, serv := range services { - what, _ := serv.HostType() - - switch what { - case dns.TypeCNAME: - if Name(state.Name()).Matches(dns.Fqdn(serv.Host)) { - // x CNAME x is a direct loop, don't add those - // in etcd/skydns w.x CNAME x is also direct loop due to the "recursive" nature of search results - continue - } - - newRecord := serv.NewCNAME(state.QName(), serv.Host) - if len(previousRecords) > maxCnameChainLength { - // don't add it, and just continue - continue - } - if dnsutil.DuplicateCNAME(newRecord, previousRecords) { - continue - } - if dns.IsSubDomain(zone, dns.Fqdn(serv.Host)) { - state1 := state.NewWithQuestion(serv.Host, state.QType()) - state1.Zone = zone - nextRecords, tc, err := TXT(ctx, b, zone, state1, append(previousRecords, newRecord), opt) - if tc { - truncated = true - } - if err == nil { - // Not only have we found something we should add the CNAME and the IP addresses. - if len(nextRecords) > 0 { - records = append(records, newRecord) - records = append(records, nextRecords...) - } - } - continue - } - // This means we can not complete the CNAME, try to look else where. - target := newRecord.Target - // Lookup - m1, e1 := b.Lookup(ctx, state, target, state.QType()) - if e1 != nil { - continue - } - // Len(m1.Answer) > 0 here is well? - records = append(records, newRecord) - records = append(records, m1.Answer...) - continue - - case dns.TypeTXT: - if _, ok := dup[serv.Text]; !ok { - dup[serv.Text] = struct{}{} - records = append(records, serv.NewTXT(state.QName())) - } - } - } - - return records, truncated, nil -} - -// PTR returns the PTR records from the backend, only services that have a domain name as host are included. -func PTR(ctx context.Context, b ServiceBackend, zone string, state request.Request, opt Options) (records []dns.RR, err error) { - services, err := b.Reverse(ctx, state, true, opt) - if err != nil { - return nil, err - } - - dup := make(map[string]struct{}) - - for _, serv := range services { - if ip := net.ParseIP(serv.Host); ip == nil { - if _, ok := dup[serv.Host]; !ok { - dup[serv.Host] = struct{}{} - records = append(records, serv.NewPTR(state.QName(), serv.Host)) - } - } - } - return records, nil -} - -// NS returns NS records from the backend -func NS(ctx context.Context, b ServiceBackend, zone string, state request.Request, opt Options) (records, extra []dns.RR, err error) { - // NS record for this zone live in a special place, ns.dns.. Fake our lookup. - // only a tad bit fishy... - old := state.QName() - - state.Clear() - state.Req.Question[0].Name = dnsutil.Join("ns.dns.", zone) - services, err := b.Services(ctx, state, false, opt) - if err != nil { - return nil, nil, err - } - // ... and reset - state.Req.Question[0].Name = old - - seen := map[string]bool{} - - for _, serv := range services { - what, ip := serv.HostType() - switch what { - case dns.TypeCNAME: - return nil, nil, fmt.Errorf("NS record must be an IP address: %s", serv.Host) - - case dns.TypeA, dns.TypeAAAA: - serv.Host = msg.Domain(serv.Key) - ns := serv.NewNS(state.QName()) - extra = append(extra, newAddress(serv, ns.Ns, ip, what)) - if _, ok := seen[ns.Ns]; ok { - continue - } - seen[ns.Ns] = true - records = append(records, ns) - } - } - return records, extra, nil -} - -// SOA returns a SOA record from the backend. -func SOA(ctx context.Context, b ServiceBackend, zone string, state request.Request, opt Options) ([]dns.RR, error) { - minTTL := b.MinTTL(state) - ttl := uint32(300) - if minTTL < ttl { - ttl = minTTL - } - - header := dns.RR_Header{Name: zone, Rrtype: dns.TypeSOA, Ttl: ttl, Class: dns.ClassINET} - - Mbox := dnsutil.Join(hostmaster, zone) - Ns := dnsutil.Join("ns.dns", zone) - - soa := &dns.SOA{Hdr: header, - Mbox: Mbox, - Ns: Ns, - Serial: b.Serial(state), - Refresh: 7200, - Retry: 1800, - Expire: 86400, - Minttl: minTTL, - } - return []dns.RR{soa}, nil -} - -// BackendError writes an error response to the client. -func BackendError(ctx context.Context, b ServiceBackend, zone string, rcode int, state request.Request, err error, opt Options) (int, error) { - m := new(dns.Msg) - m.SetRcode(state.Req, rcode) - m.Authoritative = true - m.Ns, _ = SOA(ctx, b, zone, state, opt) - - state.W.WriteMsg(m) - // Return success as the rcode to signal we have written to the client. - return dns.RcodeSuccess, err -} - -func newAddress(s msg.Service, name string, ip net.IP, what uint16) dns.RR { - hdr := dns.RR_Header{Name: name, Rrtype: what, Class: dns.ClassINET, Ttl: s.TTL} - - if what == dns.TypeA { - return &dns.A{Hdr: hdr, A: ip} - } - // Should always be dns.TypeAAAA - return &dns.AAAA{Hdr: hdr, AAAA: ip} -} - -// checkForApex checks the special apex.dns directory for records that will be returned as A or AAAA. -func checkForApex(ctx context.Context, b ServiceBackend, zone string, state request.Request, opt Options) ([]msg.Service, error) { - if state.Name() != zone { - return b.Services(ctx, state, false, opt) - } - - // If the zone name itself is queried we fake the query to search for a special entry - // this is equivalent to the NS search code. - old := state.QName() - state.Clear() - state.Req.Question[0].Name = dnsutil.Join("apex.dns", zone) - - services, err := b.Services(ctx, state, false, opt) - if err == nil { - state.Req.Question[0].Name = old - return services, err - } - - state.Req.Question[0].Name = old - return b.Services(ctx, state, false, opt) -} - -// item holds records. -type item struct { - name string // name of the record (either owner or something else unique). - port uint16 // port of the record (used for address records, A and AAAA). - addr string // address of the record (A and AAAA). -} - -// isDuplicate uses m to see if the combo (name, addr, port) already exists. If it does -// not exist already IsDuplicate will also add the record to the map. -func isDuplicate(m map[item]struct{}, name, addr string, port uint16) bool { - if addr != "" { - _, ok := m[item{name, 0, addr}] - if !ok { - m[item{name, 0, addr}] = struct{}{} - } - return ok - } - _, ok := m[item{name, port, ""}] - if !ok { - m[item{name, port, ""}] = struct{}{} - } - return ok -} - -const hostmaster = "hostmaster" diff --git a/vendor/github.com/coredns/coredns/plugin/bind/README.md b/vendor/github.com/coredns/coredns/plugin/bind/README.md deleted file mode 100644 index 0633e95e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/bind/README.md +++ /dev/null @@ -1,113 +0,0 @@ -# bind - -## Name - -*bind* - overrides the host to which the server should bind. - -## Description - -Normally, the listener binds to the wildcard host. However, you may want the listener to bind to -another IP instead. - -If several addresses are provided, a listener will be open on each of the IP provided. - -Each address has to be an IP or name of one of the interfaces of the host. Bind by interface name, binds to the IPs on that interface at the time of startup or reload (reload will happen with a SIGHUP or if the config file changes). - -If the given argument is an interface name, and that interface has several IP addresses, CoreDNS will listen on all of the interface IP addresses (including IPv4 and IPv6). - -## Syntax - -In its basic form, a simple bind uses this syntax: - -~~~ txt -bind ADDRESS|IFACE ... -~~~ - -You can also exclude some addresses with their IP address or interface name in expanded syntax: - -~~~ -bind ADDRESS|IFACE ... { - except ADDRESS|IFACE ... -} -~~~ - - - -* **ADDRESS|IFACE** is an IP address or interface name to bind to. -When several addresses are provided a listener will be opened on each of the addresses. Please read the *Description* for more details. -* `except`, excludes interfaces or IP addresses to bind to. `except` option only excludes addresses for the current `bind` directive if multiple `bind` directives are used in the same server block. -## Examples - -To make your socket accessible only to that machine, bind to IP 127.0.0.1 (localhost): - -~~~ corefile -. { - bind 127.0.0.1 -} -~~~ - -To allow processing DNS requests only local host on both IPv4 and IPv6 stacks, use the syntax: - -~~~ corefile -. { - bind 127.0.0.1 ::1 -} -~~~ - -If the configuration comes up with several *bind* plugins, all addresses are consolidated together: -The following sample is equivalent to the preceding: - -~~~ corefile -. { - bind 127.0.0.1 - bind ::1 -} -~~~ - -The following server block, binds on localhost with its interface name (both "127.0.0.1" and "::1"): - -~~~ corefile -. { - bind lo -} -~~~ - -You can exclude some addresses by their IP or interface name (The following will only listen on `::1` or whatever addresses have been assigned to the `lo` interface): - -~~~ corefile -. { - bind lo { - except 127.0.0.1 - } -} -~~~ - -## Bugs - -### Avoiding Listener Contention - -TL;DR, When adding the _bind_ plugin to a server block, it must also be added to all other server blocks that listen on the same port. - -When more than one server block is configured to listen to a common port, those server blocks must either -all use the _bind_ plugin, or all use default binding (no _bind_ plugin). Note that "port" here refers the TCP/UDP port that -a server block is configured to serve (default 53) - not a network interface. For two server blocks listening on the same port, -if one uses the bind plugin and the other does not, two separate listeners will be created that will contend for serving -packets destined to the same address. Doing so will result in unpredictable behavior (requests may be randomly -served by either server). This happens because *without* the *bind* plugin, a server will bind to all -interfaces, and this will collide with another server if it's using *bind* to listen to an address -on the same port. For example, the following creates two servers that both listen on 127.0.0.1:53, -which would result in unpredictable behavior for queries in `a.bad.example.com`: - -``` -a.bad.example.com { - bind 127.0.0.1 - forward . 1.2.3.4 -} - -bad.example.com { - forward . 5.6.7.8 -} -``` - -Also on MacOS there is an (open) bug where this doesn't work properly. See - for details, but no solution. diff --git a/vendor/github.com/coredns/coredns/plugin/bind/bind.go b/vendor/github.com/coredns/coredns/plugin/bind/bind.go deleted file mode 100644 index cada8fa9..00000000 --- a/vendor/github.com/coredns/coredns/plugin/bind/bind.go +++ /dev/null @@ -1,17 +0,0 @@ -// Package bind allows binding to a specific interface instead of bind to all of them. -package bind - -import ( - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("bind", setup) } - -type bind struct { - Next plugin.Handler - addrs []string - except []string -} - -// Name implements plugin.Handler. -func (b *bind) Name() string { return "bind" } diff --git a/vendor/github.com/coredns/coredns/plugin/bind/setup.go b/vendor/github.com/coredns/coredns/plugin/bind/setup.go deleted file mode 100644 index f1b9dcda..00000000 --- a/vendor/github.com/coredns/coredns/plugin/bind/setup.go +++ /dev/null @@ -1,108 +0,0 @@ -package bind - -import ( - "errors" - "fmt" - "net" - "slices" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/log" -) - -func setup(c *caddy.Controller) error { - config := dnsserver.GetConfig(c) - // addresses will be consolidated over all BIND directives available in that BlocServer - all := []string{} - ifaces, err := net.Interfaces() - if err != nil { - log.Warning(plugin.Error("bind", fmt.Errorf("failed to get interfaces list, cannot bind by interface name: %s", err))) - } - - for c.Next() { - b, err := parse(c) - if err != nil { - return plugin.Error("bind", err) - } - - ips, err := listIP(b.addrs, ifaces) - if err != nil { - return plugin.Error("bind", err) - } - - except, err := listIP(b.except, ifaces) - if err != nil { - return plugin.Error("bind", err) - } - - for _, ip := range ips { - if !slices.Contains(except, ip) { - all = append(all, ip) - } - } - } - - config.ListenHosts = all - return nil -} - -func parse(c *caddy.Controller) (*bind, error) { - b := &bind{} - b.addrs = c.RemainingArgs() - if len(b.addrs) == 0 { - return nil, errors.New("at least one address or interface name is expected") - } - for c.NextBlock() { - switch c.Val() { - case "except": - b.except = c.RemainingArgs() - if len(b.except) == 0 { - return nil, errors.New("at least one address or interface must be given to except subdirective") - } - default: - return nil, fmt.Errorf("invalid option %q", c.Val()) - } - } - return b, nil -} - -// listIP returns a list of IP addresses from a list of arguments which can be either IP-Address or Interface-Name. -func listIP(args []string, ifaces []net.Interface) ([]string, error) { - all := []string{} - var isIface bool - for _, a := range args { - isIface = false - for _, iface := range ifaces { - if a == iface.Name { - isIface = true - addrs, err := iface.Addrs() - if err != nil { - return nil, fmt.Errorf("failed to get the IP addresses of the interface: %q", a) - } - for _, addr := range addrs { - if ipnet, ok := addr.(*net.IPNet); ok { - ipa, err := net.ResolveIPAddr("ip", ipnet.IP.String()) - if err == nil { - if len(ipnet.IP) == net.IPv6len && - (ipnet.IP.IsLinkLocalMulticast() || ipnet.IP.IsLinkLocalUnicast()) { - if ipa.Zone == "" { - ipa.Zone = iface.Name - } - } - all = append(all, ipa.String()) - } - } - } - } - } - if !isIface { - if net.ParseIP(a) == nil { - return nil, fmt.Errorf("not a valid IP address or interface name: %q", a) - } - all = append(all, a) - } - } - return all, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/bufsize/README.md b/vendor/github.com/coredns/coredns/plugin/bufsize/README.md deleted file mode 100644 index 0dc96235..00000000 --- a/vendor/github.com/coredns/coredns/plugin/bufsize/README.md +++ /dev/null @@ -1,43 +0,0 @@ -# bufsize -## Name -*bufsize* - limits EDNS0 buffer size to prevent IP fragmentation. - -## Description -*bufsize* limits a requester's UDP payload size to within a maximum value. -If a request with an OPT RR has a bufsize greater than the limit, the bufsize -of the request will be reduced. Otherwise the request is unaffected. -It prevents IP fragmentation, mitigating certain DNS vulnerabilities. -It cannot increase UDP size requested by the client, it can be reduced only. -This will only affect queries that have -an OPT RR ([EDNS(0)](https://www.rfc-editor.org/rfc/rfc6891)). - -## Syntax -```txt -bufsize [SIZE] -``` - -**[SIZE]** is an int value for setting the buffer size. -The default value is 1232, and the value must be within 512 - 4096. -Only one argument is acceptable, and it covers both IPv4 and IPv6. - -## Examples -Enable limiting the buffer size of outgoing query to the resolver (172.31.0.10): -```corefile -. { - bufsize 1100 - forward . 172.31.0.10 - log -} -``` - -Enable limiting the buffer size as an authoritative nameserver: -```corefile -. { - bufsize 1220 - file db.example.org - log -} -``` - -## Considerations -- Setting 1232 bytes to bufsize may avoid fragmentation on the majority of networks in use today, but it depends on the MTU of the physical network links. diff --git a/vendor/github.com/coredns/coredns/plugin/bufsize/bufsize.go b/vendor/github.com/coredns/coredns/plugin/bufsize/bufsize.go deleted file mode 100644 index 00556c2b..00000000 --- a/vendor/github.com/coredns/coredns/plugin/bufsize/bufsize.go +++ /dev/null @@ -1,27 +0,0 @@ -// Package bufsize implements a plugin that clamps EDNS0 buffer size preventing packet fragmentation. -package bufsize - -import ( - "context" - - "github.com/coredns/coredns/plugin" - - "github.com/miekg/dns" -) - -// Bufsize implements bufsize plugin. -type Bufsize struct { - Next plugin.Handler - Size int -} - -// ServeDNS implements the plugin.Handler interface. -func (buf Bufsize) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - if option := r.IsEdns0(); option != nil && int(option.UDPSize()) > buf.Size { - option.SetUDPSize(uint16(buf.Size)) - } - return plugin.NextOrFailure(buf.Name(), buf.Next, ctx, w, r) -} - -// Name implements the Handler interface. -func (buf Bufsize) Name() string { return "bufsize" } diff --git a/vendor/github.com/coredns/coredns/plugin/bufsize/setup.go b/vendor/github.com/coredns/coredns/plugin/bufsize/setup.go deleted file mode 100644 index 56113e63..00000000 --- a/vendor/github.com/coredns/coredns/plugin/bufsize/setup.go +++ /dev/null @@ -1,52 +0,0 @@ -package bufsize - -import ( - "strconv" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("bufsize", setup) } - -func setup(c *caddy.Controller) error { - bufsize, err := parse(c) - if err != nil { - return plugin.Error("bufsize", err) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - return Bufsize{Next: next, Size: bufsize} - }) - - return nil -} - -func parse(c *caddy.Controller) (int, error) { - // value from http://www.dnsflagday.net/2020/ - const defaultBufSize = 1232 - for c.Next() { - args := c.RemainingArgs() - switch len(args) { - case 0: - // Nothing specified; use defaultBufSize - return defaultBufSize, nil - case 1: - // Specified value is needed to verify - bufsize, err := strconv.Atoi(args[0]) - if err != nil { - return -1, plugin.Error("bufsize", c.ArgErr()) - } - // Follows RFC 6891 - if bufsize < 512 || bufsize > 4096 { - return -1, plugin.Error("bufsize", c.ArgErr()) - } - return bufsize, nil - default: - // Only 1 argument is acceptable - return -1, plugin.Error("bufsize", c.ArgErr()) - } - } - return -1, plugin.Error("bufsize", c.ArgErr()) -} diff --git a/vendor/github.com/coredns/coredns/plugin/cache/README.md b/vendor/github.com/coredns/coredns/plugin/cache/README.md deleted file mode 100644 index d516a91d..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/README.md +++ /dev/null @@ -1,144 +0,0 @@ -# cache - -## Name - -*cache* - enables a frontend cache. - -## Description - -With *cache* enabled, all records except zone transfers and metadata records will be cached for up to -3600s. Caching is mostly useful in a scenario when fetching data from the backend (upstream, -database, etc.) is expensive. - -*Cache* will pass DNSSEC (DNSSEC OK; DO) options through the plugin for upstream queries. - -This plugin can only be used once per Server Block. - -## Syntax - -~~~ txt -cache [TTL] [ZONES...] -~~~ - -* **TTL** max TTL in seconds. If not specified, the maximum TTL will be used, which is 3600 for - NOERROR responses and 1800 for denial of existence ones. - Setting a TTL of 300: `cache 300` would cache records up to 300 seconds. -* **ZONES** zones it should cache for. If empty, the zones from the configuration block are used. - -Each element in the cache is cached according to its TTL (with **TTL** as the max). -A cache is divided into 256 shards, each holding up to 39 items by default - for a total size -of 256 * 39 = 9984 items. - -If you want more control: - -~~~ txt -cache [TTL] [ZONES...] { - success CAPACITY [TTL] [MINTTL] - denial CAPACITY [TTL] [MINTTL] - prefetch AMOUNT [[DURATION] [PERCENTAGE%]] - serve_stale [DURATION] [REFRESH_MODE] - servfail DURATION - disable success|denial [ZONES...] - keepttl -} -~~~ - -* **TTL** and **ZONES** as above. -* `success`, override the settings for caching successful responses. **CAPACITY** indicates the maximum - number of packets we cache before we start evicting (*randomly*). **TTL** overrides the cache maximum TTL. - **MINTTL** overrides the cache minimum TTL (default 5), which can be useful to limit queries to the backend. -* `denial`, override the settings for caching denial of existence responses. **CAPACITY** indicates the maximum - number of packets we cache before we start evicting (LRU). **TTL** overrides the cache maximum TTL. - **MINTTL** overrides the cache minimum TTL (default 5), which can be useful to limit queries to the backend. - There is a third category (`error`) but those responses are never cached. -* `prefetch` will prefetch popular items when they are about to be expunged from the cache. - Popular means **AMOUNT** queries have been seen with no gaps of **DURATION** or more between them. - **DURATION** defaults to 1m. Prefetching will happen when the TTL drops below **PERCENTAGE**, - which defaults to `10%`, or latest 1 second before TTL expiration. Values should be in the range `[10%, 90%]`. - Note the percent sign is mandatory. **PERCENTAGE** is treated as an `int`. -* `serve_stale`, when serve\_stale is set, cache will always serve an expired entry to a client if there is one - available as long as it has not been expired for longer than **DURATION** (default 1 hour). By default, the _cache_ plugin will - attempt to refresh the cache entry after sending the expired cache entry to the client. The - responses have a TTL of 0. **REFRESH_MODE** controls the timing of the expired cache entry refresh. - `verify` will first verify that an entry is still unavailable from the source before sending the expired entry to the client. - `immediate` will immediately send the expired entry to the client before - checking to see if the entry is available from the source. **REFRESH_MODE** defaults to `immediate`. Setting this - value to `verify` can lead to increased latency when serving stale responses, but will prevent stale entries - from ever being served if an updated response can be retrieved from the source. -* `servfail` cache SERVFAIL responses for **DURATION**. Setting **DURATION** to 0 will disable caching of SERVFAIL - responses. If this option is not set, SERVFAIL responses will be cached for 5 seconds. **DURATION** may not be - greater than 5 minutes. -* `disable` disable the success or denial cache for the listed **ZONES**. If no **ZONES** are given, the specified - cache will be disabled for all zones. -* `keepttl` do not age TTL when serving responses from cache. The entry will still be removed from cache - when the TTL expires as normal, but until it expires responses will include the original TTL instead - of the remaining TTL. This can be useful if CoreDNS is used as an authoritative server and you want - to serve a consistent TTL to downstream clients. This is **NOT** recommended when CoreDNS is caching - records it is not authoritative for because it could result in downstream clients using stale answers. - -## Capacity and Eviction - -If **CAPACITY** _is not_ specified, the default cache size is 9984 per cache. The minimum allowed cache size is 1024. -If **CAPACITY** _is_ specified, the actual cache size used will be rounded down to the nearest number divisible by 256 (so all shards are equal in size). - -Eviction is done per shard. In effect, when a shard reaches capacity, items are evicted from that shard. -Since shards don't fill up perfectly evenly, evictions will occur before the entire cache reaches full capacity. -Each shard capacity is equal to the total cache size / number of shards (256). Eviction is random, not TTL based. -Entries with 0 TTL will remain in the cache until randomly evicted when the shard reaches capacity. - -## Metrics - -If monitoring is enabled (via the *prometheus* plugin) then the following metrics are exported: - -* `coredns_cache_entries{server, type, zones, view}` - Total elements in the cache by cache type. -* `coredns_cache_hits_total{server, type, zones, view}` - Counter of cache hits by cache type. -* `coredns_cache_misses_total{server, zones, view}` - Counter of cache misses. - Deprecated, derive misses from cache hits/requests counters. -* `coredns_cache_requests_total{server, zones, view}` - Counter of cache requests. -* `coredns_cache_prefetch_total{server, zones, view}` - Counter of times the cache has prefetched a cached item. -* `coredns_cache_drops_total{server, zones, view}` - Counter of responses excluded from the cache due to request/response question name mismatch. -* `coredns_cache_served_stale_total{server, zones, view}` - Counter of requests served from stale cache entries. -* `coredns_cache_evictions_total{server, type, zones, view}` - Counter of cache evictions. - -Cache types are either "denial" or "success". `Server` is the server handling the request, see the -prometheus plugin for documentation. - -## Examples - -Enable caching for all zones, but cap everything to a TTL of 10 seconds: - -~~~ corefile -. { - cache 10 - whoami -} -~~~ - -Proxy to Google Public DNS and only cache responses for example.org (or below). - -~~~ corefile -. { - forward . 8.8.8.8:53 - cache example.org -} -~~~ - -Enable caching for `example.org`, keep a positive cache size of 5000 and a negative cache size of 2500: - -~~~ corefile -example.org { - cache { - success 5000 - denial 2500 - } -} -~~~ - -Enable caching for `example.org`, but do not cache denials in `sub.example.org`: - -~~~ corefile -example.org { - cache { - disable denial sub.example.org - } -} -~~~ diff --git a/vendor/github.com/coredns/coredns/plugin/cache/cache.go b/vendor/github.com/coredns/coredns/plugin/cache/cache.go deleted file mode 100644 index 1378263b..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/cache.go +++ /dev/null @@ -1,320 +0,0 @@ -// Package cache implements a cache. -package cache - -import ( - "hash/fnv" - "net" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/cache" - "github.com/coredns/coredns/plugin/pkg/dnsutil" - "github.com/coredns/coredns/plugin/pkg/response" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Cache is a plugin that looks up responses in a cache and caches replies. -// It has a success and a denial of existence cache. -type Cache struct { - Next plugin.Handler - Zones []string - - zonesMetricLabel string - viewMetricLabel string - - ncache *cache.Cache - ncap int - nttl time.Duration - minnttl time.Duration - - pcache *cache.Cache - pcap int - pttl time.Duration - minpttl time.Duration - failttl time.Duration // TTL for caching SERVFAIL responses - - // Prefetch. - prefetch int - duration time.Duration - percentage int - - // Stale serve - staleUpTo time.Duration - verifyStale bool - - // Positive/negative zone exceptions - pexcept []string - nexcept []string - - // Keep ttl option - keepttl bool - - // Testing. - now func() time.Time -} - -// New returns an initialized Cache with default settings. It's up to the -// caller to set the Next handler. -func New() *Cache { - return &Cache{ - Zones: []string{"."}, - pcap: defaultCap, - pcache: cache.New(defaultCap), - pttl: maxTTL, - minpttl: minTTL, - ncap: defaultCap, - ncache: cache.New(defaultCap), - nttl: maxNTTL, - minnttl: minNTTL, - failttl: minNTTL, - prefetch: 0, - duration: 1 * time.Minute, - percentage: 10, - now: time.Now, - } -} - -// key returns key under which we store the item, -1 will be returned if we don't store the message. -// Currently we do not cache Truncated, errors zone transfers or dynamic update messages. -// qname holds the already lowercased qname. -func key(qname string, m *dns.Msg, t response.Type, do, cd bool) (bool, uint64) { - // We don't store truncated responses. - if m.Truncated { - return false, 0 - } - // Nor errors or Meta or Update. - if t == response.OtherError || t == response.Meta || t == response.Update { - return false, 0 - } - - return true, hash(qname, m.Question[0].Qtype, do, cd) -} - -var one = []byte("1") -var zero = []byte("0") - -func hash(qname string, qtype uint16, do, cd bool) uint64 { - h := fnv.New64() - - if do { - h.Write(one) - } else { - h.Write(zero) - } - - if cd { - h.Write(one) - } else { - h.Write(zero) - } - - h.Write([]byte{byte(qtype >> 8)}) - h.Write([]byte{byte(qtype)}) - h.Write([]byte(qname)) - return h.Sum64() -} - -func computeTTL(msgTTL, minTTL, maxTTL time.Duration) time.Duration { - ttl := msgTTL - if ttl < minTTL { - ttl = minTTL - } - if ttl > maxTTL { - ttl = maxTTL - } - return ttl -} - -// ResponseWriter is a response writer that caches the reply message. -type ResponseWriter struct { - dns.ResponseWriter - *Cache - state request.Request - server string // Server handling the request. - - do bool // When true the original request had the DO bit set. - cd bool // When true the original request had the CD bit set. - ad bool // When true the original request had the AD bit set. - prefetch bool // When true write nothing back to the client. - remoteAddr net.Addr - - wildcardFunc func() string // function to retrieve wildcard name that synthesized the result. - - pexcept []string // positive zone exceptions - nexcept []string // negative zone exceptions -} - -// newPrefetchResponseWriter returns a Cache ResponseWriter to be used in -// prefetch requests. It ensures RemoteAddr() can be called even after the -// original connection has already been closed. -func newPrefetchResponseWriter(server string, state request.Request, c *Cache) *ResponseWriter { - // Resolve the address now, the connection might be already closed when the - // actual prefetch request is made. - addr := state.W.RemoteAddr() - // The protocol of the client triggering a cache prefetch doesn't matter. - // The address type is used by request.Proto to determine the response size, - // and using TCP ensures the message isn't unnecessarily truncated. - if u, ok := addr.(*net.UDPAddr); ok { - addr = &net.TCPAddr{IP: u.IP, Port: u.Port, Zone: u.Zone} - } - - return &ResponseWriter{ - ResponseWriter: state.W, - Cache: c, - state: state, - server: server, - do: state.Do(), - cd: state.Req.CheckingDisabled, - prefetch: true, - remoteAddr: addr, - } -} - -// RemoteAddr implements the dns.ResponseWriter interface. -func (w *ResponseWriter) RemoteAddr() net.Addr { - if w.remoteAddr != nil { - return w.remoteAddr - } - return w.ResponseWriter.RemoteAddr() -} - -// WriteMsg implements the dns.ResponseWriter interface. -func (w *ResponseWriter) WriteMsg(res *dns.Msg) error { - mt, _ := response.Typify(res, w.now().UTC()) - - // key returns empty string for anything we don't want to cache. - hasKey, key := key(w.state.Name(), res, mt, w.do, w.cd) - - msgTTL := dnsutil.MinimalTTL(res, mt) - var duration time.Duration - if mt == response.NameError || mt == response.NoData { - duration = computeTTL(msgTTL, w.minnttl, w.nttl) - } else if mt == response.ServerError { - duration = w.failttl - } else { - duration = computeTTL(msgTTL, w.minpttl, w.pttl) - } - - if hasKey && duration > 0 { - if w.state.Match(res) { - w.set(res, key, mt, duration) - cacheSize.WithLabelValues(w.server, Success, w.zonesMetricLabel, w.viewMetricLabel).Set(float64(w.pcache.Len())) - cacheSize.WithLabelValues(w.server, Denial, w.zonesMetricLabel, w.viewMetricLabel).Set(float64(w.ncache.Len())) - } else { - // Don't log it, but increment counter - cacheDrops.WithLabelValues(w.server, w.zonesMetricLabel, w.viewMetricLabel).Inc() - } - } - - if w.prefetch { - return nil - } - - // Apply capped TTL to this reply to avoid jarring TTL experience 1799 -> 8 (e.g.) - ttl := uint32(duration.Seconds()) - res.Answer = filterRRSlice(res.Answer, ttl, false) - res.Ns = filterRRSlice(res.Ns, ttl, false) - res.Extra = filterRRSlice(res.Extra, ttl, false) - - if !w.do && !w.ad { - // unset AD bit if requester is not OK with DNSSEC - // But retain AD bit if requester set the AD bit in the request, per RFC6840 5.7-5.8 - res.AuthenticatedData = false - } - - return w.ResponseWriter.WriteMsg(res) -} - -func (w *ResponseWriter) set(m *dns.Msg, key uint64, mt response.Type, duration time.Duration) { - // duration is expected > 0 - // and key is valid - switch mt { - case response.NoError, response.Delegation: - if plugin.Zones(w.pexcept).Matches(m.Question[0].Name) != "" { - // zone is in exception list, do not cache - return - } - i := newItem(m, w.now(), duration) - if w.wildcardFunc != nil { - i.wildcard = w.wildcardFunc() - } - if w.pcache.Add(key, i) { - evictions.WithLabelValues(w.server, Success, w.zonesMetricLabel, w.viewMetricLabel).Inc() - } - // when pre-fetching, remove the negative cache entry if it exists - if w.prefetch { - w.ncache.Remove(key) - } - - case response.NameError, response.NoData, response.ServerError: - if plugin.Zones(w.nexcept).Matches(m.Question[0].Name) != "" { - // zone is in exception list, do not cache - return - } - i := newItem(m, w.now(), duration) - if w.wildcardFunc != nil { - i.wildcard = w.wildcardFunc() - } - if w.ncache.Add(key, i) { - evictions.WithLabelValues(w.server, Denial, w.zonesMetricLabel, w.viewMetricLabel).Inc() - } - - case response.OtherError: - // don't cache these - default: - log.Warningf("Caching called with unknown classification: %d", mt) - } -} - -// Write implements the dns.ResponseWriter interface. -func (w *ResponseWriter) Write(buf []byte) (int, error) { - log.Warning("Caching called with Write: not caching reply") - if w.prefetch { - return 0, nil - } - n, err := w.ResponseWriter.Write(buf) - return n, err -} - -// verifyStaleResponseWriter is a response writer that only writes messages if they should replace a -// stale cache entry, and otherwise discards them. -type verifyStaleResponseWriter struct { - *ResponseWriter - refreshed bool // set to true if the last WriteMsg wrote to ResponseWriter, false otherwise. -} - -// newVerifyStaleResponseWriter returns a ResponseWriter to be used when verifying stale cache -// entries. It only forward writes if an entry was successfully refreshed according to RFC8767, -// section 4 (response is NoError or NXDomain), and ignores any other response. -func newVerifyStaleResponseWriter(w *ResponseWriter) *verifyStaleResponseWriter { - return &verifyStaleResponseWriter{ - w, - false, - } -} - -// WriteMsg implements the dns.ResponseWriter interface. -func (w *verifyStaleResponseWriter) WriteMsg(res *dns.Msg) error { - w.refreshed = false - if res.Rcode == dns.RcodeSuccess || res.Rcode == dns.RcodeNameError { - w.refreshed = true - return w.ResponseWriter.WriteMsg(res) // stores to the cache and send to client - } - return nil // else discard -} - -const ( - maxTTL = dnsutil.MaximumDefaulTTL - minTTL = dnsutil.MinimalDefaultTTL - maxNTTL = dnsutil.MaximumDefaulTTL / 2 - minNTTL = dnsutil.MinimalDefaultTTL - - defaultCap = 10000 // default capacity of the cache. - - // Success is the class for caching positive caching. - Success = "success" - // Denial is the class defined for negative caching. - Denial = "denial" -) diff --git a/vendor/github.com/coredns/coredns/plugin/cache/dnssec.go b/vendor/github.com/coredns/coredns/plugin/cache/dnssec.go deleted file mode 100644 index ec5ff41c..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/dnssec.go +++ /dev/null @@ -1,24 +0,0 @@ -package cache - -import "github.com/miekg/dns" - -// filterRRSlice filters out OPT RRs, and sets all RR TTLs to ttl. -// If dup is true the RRs in rrs are _copied_ into the slice that is -// returned. -func filterRRSlice(rrs []dns.RR, ttl uint32, dup bool) []dns.RR { - j := 0 - rs := make([]dns.RR, len(rrs)) - for _, r := range rrs { - if r.Header().Rrtype == dns.TypeOPT { - continue - } - r.Header().Ttl = ttl - if dup { - rs[j] = dns.Copy(r) - } else { - rs[j] = r - } - j++ - } - return rs[:j] -} diff --git a/vendor/github.com/coredns/coredns/plugin/cache/freq/freq.go b/vendor/github.com/coredns/coredns/plugin/cache/freq/freq.go deleted file mode 100644 index f545f222..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/freq/freq.go +++ /dev/null @@ -1,55 +0,0 @@ -// Package freq keeps track of last X seen events. The events themselves are not stored -// here. So the Freq type should be added next to the thing it is tracking. -package freq - -import ( - "sync" - "time" -) - -// Freq tracks the frequencies of things. -type Freq struct { - // Last time we saw a query for this element. - last time.Time - // Number of this in the last time slice. - hits int - - sync.RWMutex -} - -// New returns a new initialized Freq. -func New(t time.Time) *Freq { - return &Freq{last: t, hits: 0} -} - -// Update updates the number of hits. Last time seen will be set to now. -// If the last time we've seen this entity is within now - d, we increment hits, otherwise -// we reset hits to 1. It returns the number of hits. -func (f *Freq) Update(d time.Duration, now time.Time) int { - earliest := now.Add(-1 * d) - f.Lock() - defer f.Unlock() - if f.last.Before(earliest) { - f.last = now - f.hits = 1 - return f.hits - } - f.last = now - f.hits++ - return f.hits -} - -// Hits returns the number of hits that we have seen, according to the updates we have done to f. -func (f *Freq) Hits() int { - f.RLock() - defer f.RUnlock() - return f.hits -} - -// Reset resets f to time t and hits to hits. -func (f *Freq) Reset(t time.Time, hits int) { - f.Lock() - defer f.Unlock() - f.last = t - f.hits = hits -} diff --git a/vendor/github.com/coredns/coredns/plugin/cache/fuzz.go b/vendor/github.com/coredns/coredns/plugin/cache/fuzz.go deleted file mode 100644 index 43f4d260..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/fuzz.go +++ /dev/null @@ -1,12 +0,0 @@ -//go:build gofuzz - -package cache - -import ( - "github.com/coredns/coredns/plugin/pkg/fuzz" -) - -// Fuzz fuzzes cache. -func Fuzz(data []byte) int { - return fuzz.Do(New(), data) -} diff --git a/vendor/github.com/coredns/coredns/plugin/cache/handler.go b/vendor/github.com/coredns/coredns/plugin/cache/handler.go deleted file mode 100644 index 38a8bfeb..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/handler.go +++ /dev/null @@ -1,157 +0,0 @@ -package cache - -import ( - "context" - "math" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/metadata" - "github.com/coredns/coredns/plugin/metrics" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// ServeDNS implements the plugin.Handler interface. -func (c *Cache) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - rc := r.Copy() // We potentially modify r, to prevent other plugins from seeing this (r is a pointer), copy r into rc. - state := request.Request{W: w, Req: rc} - do := state.Do() - cd := r.CheckingDisabled - ad := r.AuthenticatedData - - zone := plugin.Zones(c.Zones).Matches(state.Name()) - if zone == "" { - return plugin.NextOrFailure(c.Name(), c.Next, ctx, w, rc) - } - - now := c.now().UTC() - server := metrics.WithServer(ctx) - - // On cache refresh, we will just use the DO bit from the incoming query for the refresh since we key our cache - // with the query DO bit. That means two separate cache items for the query DO bit true or false. In the situation - // in which upstream doesn't support DNSSEC, the two cache items will effectively be the same. Regardless, any - // DNSSEC RRs in the response are written to cache with the response. - - ttl := 0 - i := c.getIgnoreTTL(now, state, server) - if i == nil { - crr := &ResponseWriter{ResponseWriter: w, Cache: c, state: state, server: server, do: do, ad: ad, cd: cd, - nexcept: c.nexcept, pexcept: c.pexcept, wildcardFunc: wildcardFunc(ctx)} - return c.doRefresh(ctx, state, crr) - } - ttl = i.ttl(now) - if ttl < 0 { - // serve stale behavior - if c.verifyStale { - crr := &ResponseWriter{ResponseWriter: w, Cache: c, state: state, server: server, do: do, cd: cd} - cw := newVerifyStaleResponseWriter(crr) - ret, err := c.doRefresh(ctx, state, cw) - if cw.refreshed { - return ret, err - } - } - - // Adjust the time to get a 0 TTL in the reply built from a stale item. - now = now.Add(time.Duration(ttl) * time.Second) - if !c.verifyStale { - cw := newPrefetchResponseWriter(server, state, c) - go c.doPrefetch(ctx, state, cw, i, now) - } - servedStale.WithLabelValues(server, c.zonesMetricLabel, c.viewMetricLabel).Inc() - } else if c.shouldPrefetch(i, now) { - cw := newPrefetchResponseWriter(server, state, c) - go c.doPrefetch(ctx, state, cw, i, now) - } - - if i.wildcard != "" { - // Set wildcard source record name to metadata - metadata.SetValueFunc(ctx, "zone/wildcard", func() string { - return i.wildcard - }) - } - - if c.keepttl { - // If keepttl is enabled we fake the current time to the stored - // one so that we always get the original TTL - now = i.stored - } - resp := i.toMsg(r, now, do, ad) - w.WriteMsg(resp) - return dns.RcodeSuccess, nil -} - -func wildcardFunc(ctx context.Context) func() string { - return func() string { - // Get wildcard source record name from metadata - if f := metadata.ValueFunc(ctx, "zone/wildcard"); f != nil { - return f() - } - return "" - } -} - -func (c *Cache) doPrefetch(ctx context.Context, state request.Request, cw *ResponseWriter, i *item, now time.Time) { - cachePrefetches.WithLabelValues(cw.server, c.zonesMetricLabel, c.viewMetricLabel).Inc() - c.doRefresh(ctx, state, cw) - - // When prefetching we loose the item i, and with it the frequency - // that we've gathered sofar. See we copy the frequencies info back - // into the new item that was stored in the cache. - if i1 := c.exists(state); i1 != nil { - i1.Freq.Reset(now, i.Freq.Hits()) - } -} - -func (c *Cache) doRefresh(ctx context.Context, state request.Request, cw dns.ResponseWriter) (int, error) { - return plugin.NextOrFailure(c.Name(), c.Next, ctx, cw, state.Req) -} - -func (c *Cache) shouldPrefetch(i *item, now time.Time) bool { - if c.prefetch <= 0 { - return false - } - i.Freq.Update(c.duration, now) - threshold := int(math.Ceil(float64(c.percentage) / 100 * float64(i.origTTL))) - return i.Freq.Hits() >= c.prefetch && i.ttl(now) <= threshold -} - -// Name implements the Handler interface. -func (c *Cache) Name() string { return "cache" } - -// getIgnoreTTL unconditionally returns an item if it exists in the cache. -func (c *Cache) getIgnoreTTL(now time.Time, state request.Request, server string) *item { - k := hash(state.Name(), state.QType(), state.Do(), state.Req.CheckingDisabled) - cacheRequests.WithLabelValues(server, c.zonesMetricLabel, c.viewMetricLabel).Inc() - - if i, ok := c.ncache.Get(k); ok { - itm := i.(*item) - ttl := itm.ttl(now) - if itm.matches(state) && (ttl > 0 || (c.staleUpTo > 0 && -ttl < int(c.staleUpTo.Seconds()))) { - cacheHits.WithLabelValues(server, Denial, c.zonesMetricLabel, c.viewMetricLabel).Inc() - return i.(*item) - } - } - if i, ok := c.pcache.Get(k); ok { - itm := i.(*item) - ttl := itm.ttl(now) - if itm.matches(state) && (ttl > 0 || (c.staleUpTo > 0 && -ttl < int(c.staleUpTo.Seconds()))) { - cacheHits.WithLabelValues(server, Success, c.zonesMetricLabel, c.viewMetricLabel).Inc() - return i.(*item) - } - } - cacheMisses.WithLabelValues(server, c.zonesMetricLabel, c.viewMetricLabel).Inc() - return nil -} - -func (c *Cache) exists(state request.Request) *item { - k := hash(state.Name(), state.QType(), state.Do(), state.Req.CheckingDisabled) - if i, ok := c.ncache.Get(k); ok { - return i.(*item) - } - if i, ok := c.pcache.Get(k); ok { - return i.(*item) - } - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/cache/item.go b/vendor/github.com/coredns/coredns/plugin/cache/item.go deleted file mode 100644 index c5aeccdc..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/item.go +++ /dev/null @@ -1,107 +0,0 @@ -package cache - -import ( - "strings" - "time" - - "github.com/coredns/coredns/plugin/cache/freq" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -type item struct { - Name string - QType uint16 - Rcode int - AuthenticatedData bool - RecursionAvailable bool - Answer []dns.RR - Ns []dns.RR - Extra []dns.RR - wildcard string - - origTTL uint32 - stored time.Time - - *freq.Freq -} - -func newItem(m *dns.Msg, now time.Time, d time.Duration) *item { - i := new(item) - if len(m.Question) != 0 { - i.Name = m.Question[0].Name - i.QType = m.Question[0].Qtype - } - i.Rcode = m.Rcode - i.AuthenticatedData = m.AuthenticatedData - i.RecursionAvailable = m.RecursionAvailable - i.Answer = m.Answer - i.Ns = m.Ns - i.Extra = make([]dns.RR, len(m.Extra)) - // Don't copy OPT records as these are hop-by-hop. - j := 0 - for _, e := range m.Extra { - if e.Header().Rrtype == dns.TypeOPT { - continue - } - i.Extra[j] = e - j++ - } - i.Extra = i.Extra[:j] - - i.origTTL = uint32(d.Seconds()) - i.stored = now.UTC() - - i.Freq = new(freq.Freq) - - return i -} - -// toMsg turns i into a message, it tailors the reply to m. -// The Authoritative bit should be set to 0, but some client stub resolver implementations, most notably, -// on some legacy systems(e.g. ubuntu 14.04 with glib version 2.20), low-level glibc function `getaddrinfo` -// useb by Python/Ruby/etc.. will discard answers that do not have this bit set. -// So we're forced to always set this to 1; regardless if the answer came from the cache or not. -// On newer systems(e.g. ubuntu 16.04 with glib version 2.23), this issue is resolved. -// So we may set this bit back to 0 in the future ? -func (i *item) toMsg(m *dns.Msg, now time.Time, do bool, ad bool) *dns.Msg { - m1 := new(dns.Msg) - m1.SetReply(m) - - // Set this to true as some DNS clients discard the *entire* packet when it's non-authoritative. - // This is probably not according to spec, but the bit itself is not super useful as this point, so - // just set it to true. - m1.Authoritative = true - m1.AuthenticatedData = i.AuthenticatedData - if !do && !ad { - // When DNSSEC was not wanted, it can't be authenticated data. - // However, retain the AD bit if the requester set the AD bit, per RFC6840 5.7-5.8 - m1.AuthenticatedData = false - } - m1.RecursionAvailable = i.RecursionAvailable - m1.Rcode = i.Rcode - - m1.Answer = make([]dns.RR, len(i.Answer)) - m1.Ns = make([]dns.RR, len(i.Ns)) - m1.Extra = make([]dns.RR, len(i.Extra)) - - ttl := uint32(i.ttl(now)) - m1.Answer = filterRRSlice(i.Answer, ttl, true) - m1.Ns = filterRRSlice(i.Ns, ttl, true) - m1.Extra = filterRRSlice(i.Extra, ttl, true) - - return m1 -} - -func (i *item) ttl(now time.Time) int { - ttl := int(i.origTTL) - int(now.UTC().Sub(i.stored).Seconds()) - return ttl -} - -func (i *item) matches(state request.Request) bool { - if state.QType() == i.QType && strings.EqualFold(state.QName(), i.Name) { - return true - } - return false -} diff --git a/vendor/github.com/coredns/coredns/plugin/cache/metrics.go b/vendor/github.com/coredns/coredns/plugin/cache/metrics.go deleted file mode 100644 index 77edb028..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/metrics.go +++ /dev/null @@ -1,67 +0,0 @@ -package cache - -import ( - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -var ( - // cacheSize is total elements in the cache by cache type. - cacheSize = promauto.NewGaugeVec(prometheus.GaugeOpts{ - Namespace: plugin.Namespace, - Subsystem: "cache", - Name: "entries", - Help: "The number of elements in the cache.", - }, []string{"server", "type", "zones", "view"}) - // cacheRequests is a counter of all requests through the cache. - cacheRequests = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "cache", - Name: "requests_total", - Help: "The count of cache requests.", - }, []string{"server", "zones", "view"}) - // cacheHits is counter of cache hits by cache type. - cacheHits = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "cache", - Name: "hits_total", - Help: "The count of cache hits.", - }, []string{"server", "type", "zones", "view"}) - // cacheMisses is the counter of cache misses. - Deprecated - cacheMisses = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "cache", - Name: "misses_total", - Help: "The count of cache misses. Deprecated, derive misses from cache hits/requests counters.", - }, []string{"server", "zones", "view"}) - // cachePrefetches is the number of time the cache has prefetched a cached item. - cachePrefetches = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "cache", - Name: "prefetch_total", - Help: "The number of times the cache has prefetched a cached item.", - }, []string{"server", "zones", "view"}) - // cacheDrops is the number responses that are not cached, because the reply is malformed. - cacheDrops = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "cache", - Name: "drops_total", - Help: "The number responses that are not cached, because the reply is malformed.", - }, []string{"server", "zones", "view"}) - // servedStale is the number of requests served from stale cache entries. - servedStale = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "cache", - Name: "served_stale_total", - Help: "The number of requests served from stale cache entries.", - }, []string{"server", "zones", "view"}) - // evictions is the counter of cache evictions. - evictions = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "cache", - Name: "evictions_total", - Help: "The count of cache evictions.", - }, []string{"server", "type", "zones", "view"}) -) diff --git a/vendor/github.com/coredns/coredns/plugin/cache/setup.go b/vendor/github.com/coredns/coredns/plugin/cache/setup.go deleted file mode 100644 index f8278b87..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cache/setup.go +++ /dev/null @@ -1,261 +0,0 @@ -package cache - -import ( - "errors" - "fmt" - "strconv" - "strings" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/cache" - clog "github.com/coredns/coredns/plugin/pkg/log" -) - -var log = clog.NewWithPlugin("cache") - -func init() { plugin.Register("cache", setup) } - -func setup(c *caddy.Controller) error { - ca, err := cacheParse(c) - if err != nil { - return plugin.Error("cache", err) - } - - c.OnStartup(func() error { - ca.viewMetricLabel = dnsserver.GetConfig(c).ViewName - return nil - }) - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - ca.Next = next - return ca - }) - - return nil -} - -func cacheParse(c *caddy.Controller) (*Cache, error) { - ca := New() - - j := 0 - for c.Next() { - if j > 0 { - return nil, plugin.ErrOnce - } - j++ - - // cache [ttl] [zones..] - args := c.RemainingArgs() - if len(args) > 0 { - // first args may be just a number, then it is the ttl, if not it is a zone - ttl, err := strconv.Atoi(args[0]) - if err == nil { - // Reserve 0 (and smaller for future things) - if ttl <= 0 { - return nil, fmt.Errorf("cache TTL can not be zero or negative: %d", ttl) - } - ca.pttl = time.Duration(ttl) * time.Second - ca.nttl = time.Duration(ttl) * time.Second - args = args[1:] - } - } - origins := plugin.OriginsFromArgsOrServerBlock(args, c.ServerBlockKeys) - - // Refinements? In an extra block. - for c.NextBlock() { - switch c.Val() { - // first number is cap, second is an new ttl - case Success: - args := c.RemainingArgs() - if len(args) == 0 { - return nil, c.ArgErr() - } - pcap, err := strconv.Atoi(args[0]) - if err != nil { - return nil, err - } - ca.pcap = pcap - if len(args) > 1 { - pttl, err := strconv.Atoi(args[1]) - if err != nil { - return nil, err - } - // Reserve 0 (and smaller for future things) - if pttl <= 0 { - return nil, fmt.Errorf("cache TTL can not be zero or negative: %d", pttl) - } - ca.pttl = time.Duration(pttl) * time.Second - if len(args) > 2 { - minpttl, err := strconv.Atoi(args[2]) - if err != nil { - return nil, err - } - // Reserve < 0 - if minpttl < 0 { - return nil, fmt.Errorf("cache min TTL can not be negative: %d", minpttl) - } - ca.minpttl = time.Duration(minpttl) * time.Second - } - } - case Denial: - args := c.RemainingArgs() - if len(args) == 0 { - return nil, c.ArgErr() - } - ncap, err := strconv.Atoi(args[0]) - if err != nil { - return nil, err - } - ca.ncap = ncap - if len(args) > 1 { - nttl, err := strconv.Atoi(args[1]) - if err != nil { - return nil, err - } - // Reserve 0 (and smaller for future things) - if nttl <= 0 { - return nil, fmt.Errorf("cache TTL can not be zero or negative: %d", nttl) - } - ca.nttl = time.Duration(nttl) * time.Second - if len(args) > 2 { - minnttl, err := strconv.Atoi(args[2]) - if err != nil { - return nil, err - } - // Reserve < 0 - if minnttl < 0 { - return nil, fmt.Errorf("cache min TTL can not be negative: %d", minnttl) - } - ca.minnttl = time.Duration(minnttl) * time.Second - } - } - case "prefetch": - args := c.RemainingArgs() - if len(args) == 0 || len(args) > 3 { - return nil, c.ArgErr() - } - amount, err := strconv.Atoi(args[0]) - if err != nil { - return nil, err - } - if amount < 0 { - return nil, fmt.Errorf("prefetch amount should be positive: %d", amount) - } - ca.prefetch = amount - - if len(args) > 1 { - dur, err := time.ParseDuration(args[1]) - if err != nil { - return nil, err - } - ca.duration = dur - } - if len(args) > 2 { - pct := args[2] - if x := pct[len(pct)-1]; x != '%' { - return nil, fmt.Errorf("last character of percentage should be `%%`, but is: %q", x) - } - pct = pct[:len(pct)-1] - - num, err := strconv.Atoi(pct) - if err != nil { - return nil, err - } - if num < 10 || num > 90 { - return nil, fmt.Errorf("percentage should fall in range [10, 90]: %d", num) - } - ca.percentage = num - } - - case "serve_stale": - args := c.RemainingArgs() - if len(args) > 2 { - return nil, c.ArgErr() - } - ca.staleUpTo = 1 * time.Hour - if len(args) > 0 { - d, err := time.ParseDuration(args[0]) - if err != nil { - return nil, err - } - if d < 0 { - return nil, errors.New("invalid negative duration for serve_stale") - } - ca.staleUpTo = d - } - ca.verifyStale = false - if len(args) > 1 { - mode := strings.ToLower(args[1]) - if mode != "immediate" && mode != "verify" { - return nil, fmt.Errorf("invalid value for serve_stale refresh mode: %s", mode) - } - ca.verifyStale = mode == "verify" - } - case "servfail": - args := c.RemainingArgs() - if len(args) != 1 { - return nil, c.ArgErr() - } - d, err := time.ParseDuration(args[0]) - if err != nil { - return nil, err - } - if d < 0 { - return nil, errors.New("invalid negative ttl for servfail") - } - if d > 5*time.Minute { - // RFC 2308 prohibits caching SERVFAIL longer than 5 minutes - return nil, errors.New("caching SERVFAIL responses over 5 minutes is not permitted") - } - ca.failttl = d - case "disable": - // disable [success|denial] [zones]... - args := c.RemainingArgs() - if len(args) < 1 { - return nil, c.ArgErr() - } - - var zones []string - if len(args) > 1 { - for _, z := range args[1:] { // args[1:] define the list of zones to disable - nz := plugin.Name(z).Normalize() - if nz == "" { - return nil, fmt.Errorf("invalid disabled zone: %s", z) - } - zones = append(zones, nz) - } - } else { - // if no zones specified, default to root - zones = []string{"."} - } - - switch args[0] { // args[0] defines which cache to disable - case Denial: - ca.nexcept = zones - case Success: - ca.pexcept = zones - default: - return nil, fmt.Errorf("cache type for disable must be %q or %q", Success, Denial) - } - case "keepttl": - args := c.RemainingArgs() - if len(args) != 0 { - return nil, c.ArgErr() - } - ca.keepttl = true - default: - return nil, c.ArgErr() - } - } - - ca.Zones = origins - ca.zonesMetricLabel = strings.Join(origins, ",") - ca.pcache = cache.New(ca.pcap) - ca.ncache = cache.New(ca.ncap) - } - - return ca, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/cancel/README.md b/vendor/github.com/coredns/coredns/plugin/cancel/README.md deleted file mode 100644 index 64f585a2..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cancel/README.md +++ /dev/null @@ -1,47 +0,0 @@ -# cancel - -## Name - -*cancel* - cancels a request's context after 5001 milliseconds. - -## Description - -The *cancel* plugin creates a canceling context for each request. It adds a timeout that gets -triggered after 5001 milliseconds. - -The 5001 number was chosen because the default timeout for DNS clients is 5 seconds, after that they -give up. - -A plugin interested in the cancellation status should call `plugin.Done()` on the context. If the -context was canceled due to a timeout the plugin should not write anything back to the client and -return a value indicating CoreDNS should not either; a zero return value should suffice for that. - -## Syntax - -~~~ txt -cancel [TIMEOUT] -~~~ - -* **TIMEOUT** allows setting a custom timeout. The default timeout is 5001 milliseconds (`5001 ms`) - -## Examples - -~~~ corefile -example.org { - cancel - whoami -} -~~~ - -Or with a custom timeout: - -~~~ corefile -example.org { - cancel 1s - whoami -} -~~~ - -## See Also - -The Go documentation for the context package. diff --git a/vendor/github.com/coredns/coredns/plugin/cancel/cancel.go b/vendor/github.com/coredns/coredns/plugin/cancel/cancel.go deleted file mode 100644 index 23f5de41..00000000 --- a/vendor/github.com/coredns/coredns/plugin/cancel/cancel.go +++ /dev/null @@ -1,66 +0,0 @@ -// Package cancel implements a plugin adds a canceling context to each request. -package cancel - -import ( - "context" - "fmt" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - - "github.com/miekg/dns" -) - -func init() { plugin.Register("cancel", setup) } - -func setup(c *caddy.Controller) error { - ca := Cancel{} - - for c.Next() { - args := c.RemainingArgs() - switch len(args) { - case 0: - ca.timeout = 5001 * time.Millisecond - case 1: - dur, err := time.ParseDuration(args[0]) - if err != nil { - return plugin.Error("cancel", fmt.Errorf("invalid duration: %q", args[0])) - } - if dur <= 0 { - return plugin.Error("cancel", fmt.Errorf("invalid negative duration: %q", args[0])) - } - ca.timeout = dur - default: - return plugin.Error("cancel", c.ArgErr()) - } - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - ca.Next = next - return ca - }) - - return nil -} - -// Cancel is a plugin that adds a canceling context to each request's context. -type Cancel struct { - timeout time.Duration - Next plugin.Handler -} - -// ServeDNS implements the plugin.Handler interface. -func (c Cancel) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - ctx, cancel := context.WithTimeout(ctx, c.timeout) - - code, err := plugin.NextOrFailure(c.Name(), c.Next, ctx, w, r) - - cancel() - - return code, err -} - -// Name implements the Handler interface. -func (c Cancel) Name() string { return "cancel" } diff --git a/vendor/github.com/coredns/coredns/plugin/chaos/README.md b/vendor/github.com/coredns/coredns/plugin/chaos/README.md deleted file mode 100644 index 9ce5216a..00000000 --- a/vendor/github.com/coredns/coredns/plugin/chaos/README.md +++ /dev/null @@ -1,51 +0,0 @@ -# chaos - -## Name - -*chaos* - allows for responding to TXT queries in the CH class. - -## Description - -This is useful for retrieving version or author information from the server by querying a TXT record -for a special domain name in the CH class. - -## Syntax - -~~~ -chaos [VERSION] [AUTHORS...] -~~~ - -* **VERSION** is the version to return. Defaults to `CoreDNS-`, if not set. -* **AUTHORS** is what authors to return. This defaults to all GitHub handles in the OWNERS files. - -Note that you have to make sure that this plugin will get actual queries for the -following zones: `version.bind`, `version.server`, `authors.bind`, `hostname.bind` and -`id.server`. - -## Examples - -Specify all the zones in full. - -~~~ corefile -version.bind version.server authors.bind hostname.bind id.server { - chaos CoreDNS-001 info@coredns.io -} -~~~ - -Or just default to `.`: - -~~~ corefile -. { - chaos CoreDNS-001 info@coredns.io -} -~~~ - -And test with `dig`: - -~~~ txt -% dig @localhost CH TXT version.bind -... -;; ANSWER SECTION: -version.bind. 0 CH TXT "CoreDNS-001" -... -~~~ diff --git a/vendor/github.com/coredns/coredns/plugin/chaos/chaos.go b/vendor/github.com/coredns/coredns/plugin/chaos/chaos.go deleted file mode 100644 index f4d758a7..00000000 --- a/vendor/github.com/coredns/coredns/plugin/chaos/chaos.go +++ /dev/null @@ -1,58 +0,0 @@ -// Package chaos implements a plugin that answer to 'CH version.bind TXT' type queries. -package chaos - -import ( - "context" - "math/rand" - "os" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Chaos allows CoreDNS to reply to CH TXT queries and return author or -// version information. -type Chaos struct { - Next plugin.Handler - Version string - Authors []string -} - -// ServeDNS implements the plugin.Handler interface. -func (c Chaos) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - if state.QClass() != dns.ClassCHAOS || state.QType() != dns.TypeTXT { - return plugin.NextOrFailure(c.Name(), c.Next, ctx, w, r) - } - - m := new(dns.Msg) - m.SetReply(r) - - hdr := dns.RR_Header{Name: state.QName(), Rrtype: dns.TypeTXT, Class: dns.ClassCHAOS, Ttl: 0} - switch state.Name() { - default: - return plugin.NextOrFailure(c.Name(), c.Next, ctx, w, r) - case "authors.bind.": - rnd := rand.New(rand.NewSource(time.Now().Unix())) - - for _, i := range rnd.Perm(len(c.Authors)) { - m.Answer = append(m.Answer, &dns.TXT{Hdr: hdr, Txt: []string{c.Authors[i]}}) - } - case "version.bind.", "version.server.": - m.Answer = []dns.RR{&dns.TXT{Hdr: hdr, Txt: []string{c.Version}}} - case "hostname.bind.", "id.server.": - hostname, err := os.Hostname() - if err != nil { - hostname = "localhost" - } - m.Answer = []dns.RR{&dns.TXT{Hdr: hdr, Txt: []string{trim(hostname)}}} - } - w.WriteMsg(m) - return 0, nil -} - -// Name implements the Handler interface. -func (c Chaos) Name() string { return "chaos" } diff --git a/vendor/github.com/coredns/coredns/plugin/chaos/fuzz.go b/vendor/github.com/coredns/coredns/plugin/chaos/fuzz.go deleted file mode 100644 index 001cf1de..00000000 --- a/vendor/github.com/coredns/coredns/plugin/chaos/fuzz.go +++ /dev/null @@ -1,13 +0,0 @@ -//go:build gofuzz - -package chaos - -import ( - "github.com/coredns/coredns/plugin/pkg/fuzz" -) - -// Fuzz fuzzes cache. -func Fuzz(data []byte) int { - c := Chaos{} - return fuzz.Do(c, data) -} diff --git a/vendor/github.com/coredns/coredns/plugin/chaos/setup.go b/vendor/github.com/coredns/coredns/plugin/chaos/setup.go deleted file mode 100644 index ce0eb7a6..00000000 --- a/vendor/github.com/coredns/coredns/plugin/chaos/setup.go +++ /dev/null @@ -1,66 +0,0 @@ -//go:generate go run owners_generate.go - -package chaos - -import ( - "sort" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("chaos", setup) } - -func setup(c *caddy.Controller) error { - version, authors, err := parse(c) - if err != nil { - return plugin.Error("chaos", err) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - return Chaos{Next: next, Version: version, Authors: authors} - }) - - return nil -} - -func parse(c *caddy.Controller) (string, []string, error) { - // Set here so we pick up AppName and AppVersion that get set in coremain's init(). - chaosVersion = caddy.AppName + "-" + caddy.AppVersion - version := "" - - if c.Next() { - args := c.RemainingArgs() - if len(args) == 0 { - return trim(chaosVersion), Owners, nil - } - if len(args) == 1 { - return trim(args[0]), Owners, nil - } - - version = args[0] - authors := make(map[string]struct{}) - for _, a := range args[1:] { - authors[a] = struct{}{} - } - list := []string{} - for k := range authors { - k = trim(k) // limit size to 255 chars - list = append(list, k) - } - sort.Strings(list) - return version, list, nil - } - - return version, Owners, nil -} - -func trim(s string) string { - if len(s) < 256 { - return s - } - return s[:255] -} - -var chaosVersion string diff --git a/vendor/github.com/coredns/coredns/plugin/chaos/zowners.go b/vendor/github.com/coredns/coredns/plugin/chaos/zowners.go deleted file mode 100644 index 419ca3cf..00000000 --- a/vendor/github.com/coredns/coredns/plugin/chaos/zowners.go +++ /dev/null @@ -1,4 +0,0 @@ -package chaos - -// Owners are all GitHub handlers of all maintainers. -var Owners = []string{"Tantalor93", "bradbeam", "chrisohaver", "darshanime", "dilyevsky", "ekleiner", "greenpau", "ihac", "inigohu", "isolus", "jameshartig", "johnbelamaric", "miekg", "mqasimsarfraz", "nchrisdk", "nitisht", "pmoroney", "rajansandeep", "rdrozhdzh", "rtreffer", "snebel29", "stp-ip", "superq", "varyoo", "ykhr53", "yongtang", "zouyee"} diff --git a/vendor/github.com/coredns/coredns/plugin/clouddns/README.md b/vendor/github.com/coredns/coredns/plugin/clouddns/README.md deleted file mode 100644 index 1e122813..00000000 --- a/vendor/github.com/coredns/coredns/plugin/clouddns/README.md +++ /dev/null @@ -1,73 +0,0 @@ -# clouddns - -## Name - -*clouddns* - enables serving zone data from GCP Cloud DNS. - -## Description - -The *clouddns* plugin is useful for serving zones from resource record -sets in GCP Cloud DNS. This plugin supports all [Google Cloud DNS -records](https://cloud.google.com/dns/docs/overview#supported_dns_record_types). This plugin can -be used when CoreDNS is deployed on GCP or elsewhere. Note that this plugin accesses the resource -records through the Google Cloud API. For records in a privately hosted zone, it is not necessary to -place CoreDNS and this plugin in the associated VPC network. In fact the private hosted zone could -be created without any associated VPC and this plugin could still access the resource records under -the hosted zone. - -## Syntax - -~~~ txt -clouddns [ZONE:PROJECT_ID:HOSTED_ZONE_NAME...] { - credentials [FILENAME] - fallthrough [ZONES...] -} -~~~ - -* **ZONE** the name of the domain to be accessed. When there are multiple zones with overlapping - domains (private vs. public hosted zone), CoreDNS does the lookup in the given order here. - Therefore, for a non-existing resource record, SOA response will be from the rightmost zone. - -* **PROJECT\_ID** the project ID of the Google Cloud project. - -* **HOSTED\_ZONE\_NAME** the name of the hosted zone that contains the resource record sets to be - accessed. - -* `credentials` is used for reading the credential file from **FILENAME** (normally a .json file). - This field is optional. If this field is not provided then authentication will be done automatically, - e.g., through environmental variable `GOOGLE_APPLICATION_CREDENTIALS`. Please see - Google Cloud's [authentication method](https://cloud.google.com/docs/authentication) for more details. - -* `fallthrough` If zone matches and no record can be generated, pass request to the next plugin. - If **[ZONES...]** is omitted, then fallthrough happens for all zones for which the plugin is - authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then - only queries for those zones will be subject to fallthrough. - -## Examples - -Enable clouddns with implicit GCP credentials and resolve CNAMEs via 10.0.0.1: - -~~~ txt -example.org { - clouddns example.org.:gcp-example-project:example-zone - forward . 10.0.0.1 -} -~~~ - -Enable clouddns with fallthrough: - -~~~ txt -example.org { - clouddns example.org.:gcp-example-project:example-zone example.com.:gcp-example-project:example-zone-2 { - fallthrough example.gov. - } -} -~~~ - -Enable clouddns with multiple hosted zones with the same domain: - -~~~ txt -. { - clouddns example.org.:gcp-example-project:example-zone example.com.:gcp-example-project:other-example-zone -} -~~~ diff --git a/vendor/github.com/coredns/coredns/plugin/clouddns/clouddns.go b/vendor/github.com/coredns/coredns/plugin/clouddns/clouddns.go deleted file mode 100644 index 0e31a40c..00000000 --- a/vendor/github.com/coredns/coredns/plugin/clouddns/clouddns.go +++ /dev/null @@ -1,227 +0,0 @@ -// Package clouddns implements a plugin that returns resource records -// from GCP Cloud DNS. -package clouddns - -import ( - "context" - "errors" - "fmt" - "strings" - "sync" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/file" - "github.com/coredns/coredns/plugin/pkg/fall" - "github.com/coredns/coredns/plugin/pkg/upstream" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" - gcp "google.golang.org/api/dns/v1" -) - -// CloudDNS is a plugin that returns RR from GCP Cloud DNS. -type CloudDNS struct { - Next plugin.Handler - Fall fall.F - - zoneNames []string - client gcpDNS - upstream *upstream.Upstream - - zMu sync.RWMutex - zones zones -} - -type zone struct { - projectName string - zoneName string - z *file.Zone - dns string -} - -type zones map[string][]*zone - -// New reads from the keys map which uses domain names as its key and a colon separated -// string of project name and hosted zone name lists as its values, validates -// that each domain name/zone id pair does exist, and returns a new *CloudDNS. -// In addition to this, upstream is passed for doing recursive queries against CNAMEs. -// Returns error if it cannot verify any given domain name/zone id pair. -func New(ctx context.Context, c gcpDNS, keys map[string][]string, up *upstream.Upstream) (*CloudDNS, error) { - zones := make(map[string][]*zone, len(keys)) - zoneNames := make([]string, 0, len(keys)) - for dnsName, hostedZoneDetails := range keys { - for _, hostedZone := range hostedZoneDetails { - ss := strings.SplitN(hostedZone, ":", 2) - if len(ss) != 2 { - return nil, errors.New("either project or zone name missing") - } - err := c.zoneExists(ss[0], ss[1]) - if err != nil { - return nil, err - } - fqdnDNSName := dns.Fqdn(dnsName) - if _, ok := zones[fqdnDNSName]; !ok { - zoneNames = append(zoneNames, fqdnDNSName) - } - zones[fqdnDNSName] = append(zones[fqdnDNSName], &zone{projectName: ss[0], zoneName: ss[1], dns: fqdnDNSName, z: file.NewZone(fqdnDNSName, "")}) - } - } - return &CloudDNS{ - client: c, - zoneNames: zoneNames, - zones: zones, - upstream: up, - }, nil -} - -// Run executes first update, spins up an update forever-loop. -// Returns error if first update fails. -func (h *CloudDNS) Run(ctx context.Context) error { - if err := h.updateZones(ctx); err != nil { - return err - } - go func() { - delay := 1 * time.Minute - timer := time.NewTimer(delay) - defer timer.Stop() - for { - timer.Reset(delay) - select { - case <-ctx.Done(): - log.Debugf("Breaking out of CloudDNS update loop for %v: %v", h.zoneNames, ctx.Err()) - return - case <-timer.C: - if err := h.updateZones(ctx); err != nil && ctx.Err() == nil /* Don't log error if ctx expired. */ { - log.Errorf("Failed to update zones %v: %v", h.zoneNames, err) - } - } - } - }() - return nil -} - -// ServeDNS implements the plugin.Handler interface. -func (h *CloudDNS) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - qname := state.Name() - - zName := plugin.Zones(h.zoneNames).Matches(qname) - if zName == "" { - return plugin.NextOrFailure(h.Name(), h.Next, ctx, w, r) - } - - z, ok := h.zones[zName] // ok true if we are authoritative for the zone - if !ok || z == nil { - return dns.RcodeServerFailure, nil - } - - m := new(dns.Msg) - m.SetReply(r) - m.Authoritative = true - var result file.Result - - for _, hostedZone := range z { - h.zMu.RLock() - m.Answer, m.Ns, m.Extra, result = hostedZone.z.Lookup(ctx, state, qname) - h.zMu.RUnlock() - - // Take the answer if it's non-empty OR if there is another - // record type exists for this name (NODATA). - if len(m.Answer) != 0 || result == file.NoData { - break - } - } - - if len(m.Answer) == 0 && result != file.NoData && h.Fall.Through(qname) { - return plugin.NextOrFailure(h.Name(), h.Next, ctx, w, r) - } - - switch result { - case file.Success: - case file.NoData: - case file.NameError: - m.Rcode = dns.RcodeNameError - case file.Delegation: - m.Authoritative = false - case file.ServerFailure: - return dns.RcodeServerFailure, nil - } - - w.WriteMsg(m) - return dns.RcodeSuccess, nil -} - -func updateZoneFromRRS(rrs *gcp.ResourceRecordSetsListResponse, z *file.Zone) error { - for _, rr := range rrs.Rrsets { - var rfc1035 string - var r dns.RR - var err error - for _, value := range rr.Rrdatas { - if rr.Type == "CNAME" || rr.Type == "PTR" { - value = dns.Fqdn(value) - } - // Assemble RFC 1035 conforming record to pass into dns scanner. - rfc1035 = fmt.Sprintf("%s %d IN %s %s", dns.Fqdn(rr.Name), rr.Ttl, rr.Type, value) - r, err = dns.NewRR(rfc1035) - if err != nil { - return fmt.Errorf("failed to parse resource record: %v", err) - } - - err = z.Insert(r) - if err != nil { - return fmt.Errorf("failed to insert record: %v", err) - } - } - } - return nil -} - -// updateZones re-queries resource record sets for each zone and updates the -// zone object. -// Returns error if any zones error'ed out, but waits for other zones to -// complete first. -func (h *CloudDNS) updateZones(ctx context.Context) error { - errc := make(chan error) - defer close(errc) - for zName, z := range h.zones { - go func(zName string, z []*zone) { - var err error - var rrListResponse *gcp.ResourceRecordSetsListResponse - defer func() { - errc <- err - }() - - for i, hostedZone := range z { - newZ := file.NewZone(zName, "") - newZ.Upstream = h.upstream - rrListResponse, err = h.client.listRRSets(ctx, hostedZone.projectName, hostedZone.zoneName) - if err != nil { - err = fmt.Errorf("failed to list resource records for %v:%v:%v from gcp: %v", zName, hostedZone.projectName, hostedZone.zoneName, err) - return - } - updateZoneFromRRS(rrListResponse, newZ) - - h.zMu.Lock() - (*z[i]).z = newZ - h.zMu.Unlock() - } - }(zName, z) - } - // Collect errors (if any). This will also sync on all zones updates - // completion. - var errs []string - for i := 0; i < len(h.zones); i++ { - err := <-errc - if err != nil { - errs = append(errs, err.Error()) - } - } - if len(errs) != 0 { - return fmt.Errorf("errors updating zones: %v", errs) - } - return nil -} - -// Name implements the Handler interface. -func (h *CloudDNS) Name() string { return "clouddns" } diff --git a/vendor/github.com/coredns/coredns/plugin/clouddns/gcp.go b/vendor/github.com/coredns/coredns/plugin/clouddns/gcp.go deleted file mode 100644 index b02ab2bd..00000000 --- a/vendor/github.com/coredns/coredns/plugin/clouddns/gcp.go +++ /dev/null @@ -1,40 +0,0 @@ -package clouddns - -import ( - "context" - - gcp "google.golang.org/api/dns/v1" -) - -type gcpDNS interface { - zoneExists(projectName, hostedZoneName string) error - listRRSets(ctx context.Context, projectName, hostedZoneName string) (*gcp.ResourceRecordSetsListResponse, error) -} - -type gcpClient struct { - *gcp.Service -} - -// zoneExists is a wrapper method around `gcp.Service.ManagedZones.Get` -// it checks if the provided zone name for a given project exists. -func (c gcpClient) zoneExists(projectName, hostedZoneName string) error { - _, err := c.ManagedZones.Get(projectName, hostedZoneName).Do() - if err != nil { - return err - } - return nil -} - -// listRRSets is a wrapper method around `gcp.Service.ResourceRecordSets.List` -// it fetches and returns the record sets for a hosted zone. -func (c gcpClient) listRRSets(ctx context.Context, projectName, hostedZoneName string) (*gcp.ResourceRecordSetsListResponse, error) { - req := c.ResourceRecordSets.List(projectName, hostedZoneName) - var rs []*gcp.ResourceRecordSet - if err := req.Pages(ctx, func(page *gcp.ResourceRecordSetsListResponse) error { - rs = append(rs, page.Rrsets...) - return nil - }); err != nil { - return nil, err - } - return &gcp.ResourceRecordSetsListResponse{Rrsets: rs}, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/clouddns/setup.go b/vendor/github.com/coredns/coredns/plugin/clouddns/setup.go deleted file mode 100644 index cfd7eecd..00000000 --- a/vendor/github.com/coredns/coredns/plugin/clouddns/setup.go +++ /dev/null @@ -1,108 +0,0 @@ -package clouddns - -import ( - "context" - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/fall" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/pkg/upstream" - - gcp "google.golang.org/api/dns/v1" - "google.golang.org/api/option" -) - -var log = clog.NewWithPlugin("clouddns") - -func init() { plugin.Register("clouddns", setup) } - -// exposed for testing -var f = func(ctx context.Context, opt option.ClientOption) (gcpDNS, error) { - var err error - var client *gcp.Service - if opt != nil { - client, err = gcp.NewService(ctx, opt) - } else { - // if credentials file is not provided in the Corefile - // authenticate the client using env variables - client, err = gcp.NewService(ctx) - } - return gcpClient{client}, err -} - -func setup(c *caddy.Controller) error { - for c.Next() { - keyPairs := map[string]struct{}{} - keys := map[string][]string{} - - var fall fall.F - up := upstream.New() - - args := c.RemainingArgs() - - for i := 0; i < len(args); i++ { - parts := strings.SplitN(args[i], ":", 3) - if len(parts) != 3 { - return plugin.Error("clouddns", c.Errf("invalid zone %q", args[i])) - } - dnsName, projectName, hostedZone := parts[0], parts[1], parts[2] - if dnsName == "" || projectName == "" || hostedZone == "" { - return plugin.Error("clouddns", c.Errf("invalid zone %q", args[i])) - } - if _, ok := keyPairs[args[i]]; ok { - return plugin.Error("clouddns", c.Errf("conflict zone %q", args[i])) - } - - keyPairs[args[i]] = struct{}{} - keys[dnsName] = append(keys[dnsName], projectName+":"+hostedZone) - } - - var opt option.ClientOption - for c.NextBlock() { - switch c.Val() { - case "upstream": - c.RemainingArgs() - case "credentials": - if c.NextArg() { - opt = option.WithCredentialsFile(c.Val()) - } else { - return plugin.Error("clouddns", c.ArgErr()) - } - case "fallthrough": - fall.SetZonesFromArgs(c.RemainingArgs()) - default: - return plugin.Error("clouddns", c.Errf("unknown property %q", c.Val())) - } - } - - ctx, cancel := context.WithCancel(context.Background()) - client, err := f(ctx, opt) - if err != nil { - cancel() - return err - } - - h, err := New(ctx, client, keys, up) - if err != nil { - cancel() - return plugin.Error("clouddns", c.Errf("failed to create plugin: %v", err)) - } - h.Fall = fall - - if err := h.Run(ctx); err != nil { - cancel() - return plugin.Error("clouddns", c.Errf("failed to initialize plugin: %v", err)) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - h.Next = next - return h - }) - c.OnShutdown(func() error { cancel(); return nil }) - } - - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/debug/README.md b/vendor/github.com/coredns/coredns/plugin/debug/README.md deleted file mode 100644 index 43767231..00000000 --- a/vendor/github.com/coredns/coredns/plugin/debug/README.md +++ /dev/null @@ -1,51 +0,0 @@ -# debug - -## Name - -*debug* - disables the automatic recovery upon a crash so that you'll get a nice stack trace. - -## Description - -Normally CoreDNS will recover from panics; using *debug* inhibits this. The main use of *debug* is -to help in testing. A side effect of using *debug* is that `log.Debug` and `log.Debugf` messages -will be printed to standard output. - -Note that the *errors* plugin (if loaded) will also set a `recover`, negating this setting. - -Enabling this plugin is process-wide: enabling *debug* in at least one server block enables -debug mode globally. - -## Syntax - -~~~ txt -debug -~~~ - -Some plugins will send debug log DNS messages. This is done in the following format: - -~~~ -debug: 000000 00 0a 01 00 00 01 00 00 00 00 00 01 07 65 78 61 -debug: 000010 6d 70 6c 65 05 6c 6f 63 61 6c 00 00 01 00 01 00 -debug: 000020 00 29 10 00 00 00 80 00 00 00 -debug: 00002a -~~~ - -Using `text2pcap` (part of Wireshark), this can be converted back to binary, with the following -command line: `text2pcap -i 17 -u 53,53`, where 17 is the protocol (UDP) and 53 are the ports. These -ports allow Wireshark to detect these packets as DNS messages. - -Each plugin can decide whether to dump messages to aid in debugging. - -## Examples - -Disable the ability to recover from crashes and show debug logging: - -~~~ corefile -. { - debug -} -~~~ - -## See Also - -. diff --git a/vendor/github.com/coredns/coredns/plugin/debug/debug.go b/vendor/github.com/coredns/coredns/plugin/debug/debug.go deleted file mode 100644 index 7fb6861f..00000000 --- a/vendor/github.com/coredns/coredns/plugin/debug/debug.go +++ /dev/null @@ -1,22 +0,0 @@ -package debug - -import ( - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("debug", setup) } - -func setup(c *caddy.Controller) error { - config := dnsserver.GetConfig(c) - - for c.Next() { - if c.NextArg() { - return plugin.Error("debug", c.ArgErr()) - } - config.Debug = true - } - - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/debug/pcap.go b/vendor/github.com/coredns/coredns/plugin/debug/pcap.go deleted file mode 100644 index 493478a4..00000000 --- a/vendor/github.com/coredns/coredns/plugin/debug/pcap.go +++ /dev/null @@ -1,72 +0,0 @@ -package debug - -import ( - "bytes" - "fmt" - - "github.com/coredns/coredns/plugin/pkg/log" - - "github.com/miekg/dns" -) - -// Hexdump converts the dns message m to a hex dump Wireshark can import. -// See https://www.wireshark.org/docs/man-pages/text2pcap.html. -// This output looks like this: -// -// 00000 dc bd 01 00 00 01 00 00 00 00 00 01 07 65 78 61 -// 000010 6d 70 6c 65 05 6c 6f 63 61 6c 00 00 01 00 01 00 -// 000020 00 29 10 00 00 00 80 00 00 00 -// 00002a -// -// Hexdump will use log.Debug to write the dump to the log, each line -// is prefixed with 'debug: ' so the data can be easily extracted. -// -// msg will prefix the pcap dump. -func Hexdump(m *dns.Msg, v ...interface{}) { - if !log.D.Value() { - return - } - - buf, _ := m.Pack() - if len(buf) == 0 { - return - } - - out := "\n" + string(hexdump(buf)) - v = append(v, out) - log.Debug(v...) -} - -// Hexdumpf dumps a DNS message as Hexdump, but allows a format string. -func Hexdumpf(m *dns.Msg, format string, v ...interface{}) { - if !log.D.Value() { - return - } - - buf, _ := m.Pack() - if len(buf) == 0 { - return - } - - format += "\n%s" - v = append(v, hexdump(buf)) - log.Debugf(format, v...) -} - -func hexdump(data []byte) []byte { - b := new(bytes.Buffer) - - newline := "" - for i := 0; i < len(data); i++ { - if i%16 == 0 { - fmt.Fprintf(b, "%s%s%06x", newline, prefix, i) - newline = "\n" - } - fmt.Fprintf(b, " %02x", data[i]) - } - fmt.Fprintf(b, "\n%s%06x", prefix, len(data)) - - return b.Bytes() -} - -const prefix = "debug: " diff --git a/vendor/github.com/coredns/coredns/plugin/dns64/README.md b/vendor/github.com/coredns/coredns/plugin/dns64/README.md deleted file mode 100644 index 79755748..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dns64/README.md +++ /dev/null @@ -1,106 +0,0 @@ -# dns64 - -## Name - -*dns64* - enables DNS64 IPv6 transition mechanism. - -## Description - -The *dns64* plugin will when asked for a domain's AAAA records, but only finds A records, -synthesizes the AAAA records from the A records. - -The synthesis is *only* performed **if the query came in via IPv6**. - -This translation is for IPv6-only networks that have [NAT64](https://en.wikipedia.org/wiki/NAT64). - -## Syntax - -~~~ -dns64 [PREFIX] -~~~ - -* **PREFIX** defines a custom prefix instead of the default `64:ff9b::/96`. - -Or use this slightly longer form with more options: - -~~~ -dns64 [PREFIX] { - [translate_all] - prefix PREFIX - [allow_ipv4] -} -~~~ - -* `prefix` specifies any local IPv6 prefix to use, instead of the well known prefix (64:ff9b::/96) -* `translate_all` translates all queries, including responses that have AAAA results. -* `allow_ipv4` Allow translating queries if they come in over IPv4, default is IPv6 only translation. - -## Examples - -Translate with the default well known prefix. Applies to all queries (if they came in over IPv6). - -~~~ -. { - dns64 -} -~~~ - -Use a custom prefix. - -~~~ corefile -. { - dns64 64:1337::/96 -} -~~~ - -Or -~~~ corefile -. { - dns64 { - prefix 64:1337::/96 - } -} -~~~ - -Enable translation even if an existing AAAA record is present. - -~~~ corefile -. { - dns64 { - translate_all - } -} -~~~ - -Apply translation even to the requests which arrived over IPv4 network. Warning, the `allow_ipv4` feature will apply -translations to requests coming from dual-stack clients. This means that a request for a client that sends an `AAAA` -that would normal result in an `NXDOMAIN` would get a translated result. -This may cause unwanted IPv6 dns64 traffic when a dualstack client would normally use the result of an `A` record request. - -~~~ corefile -. { - dns64 { - allow_ipv4 - } -} -~~~ - -## Metrics - -If monitoring is enabled (via the _prometheus_ plugin) then the following metrics are exported: - -- `coredns_dns64_requests_translated_total{server}` - counter of DNS requests translated - -The `server` label is explained in the _prometheus_ plugin documentation. - -## Bugs - -Not all features required by DNS64 are implemented, only basic AAAA synthesis. - -* Support "mapping of separate IPv4 ranges to separate IPv6 prefixes" -* Resolve PTR records -* Make resolver DNSSEC aware. See: [RFC 6147 Section 3](https://tools.ietf.org/html/rfc6147#section-3) - -## See Also - -See [RFC 6147](https://tools.ietf.org/html/rfc6147) for more information on the DNS64 mechanism. diff --git a/vendor/github.com/coredns/coredns/plugin/dns64/dns64.go b/vendor/github.com/coredns/coredns/plugin/dns64/dns64.go deleted file mode 100644 index 0a6176fc..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dns64/dns64.go +++ /dev/null @@ -1,208 +0,0 @@ -// Package dns64 implements a plugin that performs DNS64. -// -// See: RFC 6147 (https://tools.ietf.org/html/rfc6147) -package dns64 - -import ( - "context" - "errors" - "net" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/metrics" - "github.com/coredns/coredns/plugin/pkg/nonwriter" - "github.com/coredns/coredns/plugin/pkg/response" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// UpstreamInt wraps the Upstream API for dependency injection during testing -type UpstreamInt interface { - Lookup(ctx context.Context, state request.Request, name string, typ uint16) (*dns.Msg, error) -} - -// DNS64 performs DNS64. -type DNS64 struct { - Next plugin.Handler - Prefix *net.IPNet - TranslateAll bool // Not comply with 5.1.1 - AllowIPv4 bool - Upstream UpstreamInt -} - -// ServeDNS implements the plugin.Handler interface. -func (d *DNS64) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - // Don't proxy if we don't need to. - if !d.requestShouldIntercept(&request.Request{W: w, Req: r}) { - return plugin.NextOrFailure(d.Name(), d.Next, ctx, w, r) - } - - // Pass the request to the next plugin in the chain, but intercept the response. - nw := nonwriter.New(w) - origRc, origErr := d.Next.ServeDNS(ctx, nw, r) - if nw.Msg == nil { // somehow we didn't get a response (or raw bytes were written) - return origRc, origErr - } - - // If the response doesn't need DNS64, short-circuit. - if !d.responseShouldDNS64(nw.Msg) { - w.WriteMsg(nw.Msg) - return origRc, origErr - } - - // otherwise do the actual DNS64 request and response synthesis - msg, err := d.DoDNS64(ctx, w, r, nw.Msg) - if err != nil { - // err means we weren't able to even issue the A request - // to CoreDNS upstream - return dns.RcodeServerFailure, err - } - - RequestsTranslatedCount.WithLabelValues(metrics.WithServer(ctx)).Inc() - w.WriteMsg(msg) - return msg.MsgHdr.Rcode, nil -} - -// Name implements the Handler interface. -func (d *DNS64) Name() string { return "dns64" } - -// requestShouldIntercept returns true if the request represents one that is eligible -// for DNS64 rewriting: -// 1. The request came in over IPv6 or the 'allow_ipv4' option is set -// 2. The request is of type AAAA -// 3. The request is of class INET -func (d *DNS64) requestShouldIntercept(req *request.Request) bool { - // Make sure that request came in over IPv4 unless AllowIPv4 option is enabled. - // Translating requests without taking into consideration client (source) IP might be problematic in dual-stack networks. - if !d.AllowIPv4 && req.Family() == 1 { - return false - } - - // Do not modify if question is not AAAA or not of class IN. See RFC 6147 5.1 - return req.QType() == dns.TypeAAAA && req.QClass() == dns.ClassINET -} - -// responseShouldDNS64 returns true if the response indicates we should attempt -// DNS64 rewriting: -// 1. The response has no valid (RFC 5.1.4) AAAA records (RFC 5.1.1) -// 2. The response code (RCODE) is not 3 (Name Error) (RFC 5.1.2) -// -// Note that requestShouldIntercept must also have been true, so the request -// is known to be of type AAAA. -func (d *DNS64) responseShouldDNS64(origResponse *dns.Msg) bool { - ty, _ := response.Typify(origResponse, time.Now().UTC()) - - // Handle NameError normally. See RFC 6147 5.1.2 - // All other error types are "equivalent" to empty response - if ty == response.NameError { - return false - } - - // If we've configured to always translate, well, then always translate. - if d.TranslateAll { - return true - } - - // if response includes AAAA record, no need to rewrite - for _, rr := range origResponse.Answer { - if rr.Header().Rrtype == dns.TypeAAAA { - return false - } - } - return true -} - -// DoDNS64 takes an (empty) response to an AAAA question, issues the A request, -// and synthesizes the answer. Returns the response message, or error on internal failure. -func (d *DNS64) DoDNS64(ctx context.Context, w dns.ResponseWriter, r *dns.Msg, origResponse *dns.Msg) (*dns.Msg, error) { - req := request.Request{W: w, Req: r} // req is unused - resp, err := d.Upstream.Lookup(ctx, req, req.Name(), dns.TypeA) - if err != nil { - return nil, err - } - out := d.Synthesize(r, origResponse, resp) - return out, nil -} - -// Synthesize merges the AAAA response and the records from the A response -func (d *DNS64) Synthesize(origReq, origResponse, resp *dns.Msg) *dns.Msg { - ret := dns.Msg{} - ret.SetReply(origReq) - - // persist truncated state of AAAA response - ret.Truncated = resp.Truncated - - // 5.3.2: DNS64 MUST pass the additional section unchanged - ret.Extra = resp.Extra - ret.Ns = resp.Ns - - // 5.1.7: The TTL is the minimum of the A RR and the SOA RR. If SOA is - // unknown, then the TTL is the minimum of A TTL and 600 - SOATtl := uint32(600) // Default NS record TTL - for _, ns := range origResponse.Ns { - if ns.Header().Rrtype == dns.TypeSOA { - SOATtl = ns.Header().Ttl - } - } - - ret.Answer = make([]dns.RR, 0, len(resp.Answer)) - // convert A records to AAAA records - for _, rr := range resp.Answer { - header := rr.Header() - // 5.3.3: All other RR's MUST be returned unchanged - if header.Rrtype != dns.TypeA { - ret.Answer = append(ret.Answer, rr) - continue - } - - aaaa, _ := to6(d.Prefix, rr.(*dns.A).A) - - // ttl is min of SOA TTL and A TTL - ttl := SOATtl - if rr.Header().Ttl < ttl { - ttl = rr.Header().Ttl - } - - // Replace A answer with a DNS64 AAAA answer - ret.Answer = append(ret.Answer, &dns.AAAA{ - Hdr: dns.RR_Header{ - Name: header.Name, - Rrtype: dns.TypeAAAA, - Class: header.Class, - Ttl: ttl, - }, - AAAA: aaaa, - }) - } - return &ret -} - -// to6 takes a prefix and IPv4 address and returns an IPv6 address according to RFC 6052. -func to6(prefix *net.IPNet, addr net.IP) (net.IP, error) { - addr = addr.To4() - if addr == nil { - return nil, errors.New("not a valid IPv4 address") - } - - n, _ := prefix.Mask.Size() - // Assumes prefix has been validated during setup - v6 := make([]byte, 16) - i, j := 0, 0 - - for ; i < n/8; i++ { - v6[i] = prefix.IP[i] - } - for ; i < 8; i, j = i+1, j+1 { - v6[i] = addr[j] - } - if i == 8 { - i++ - } - for ; j < 4; i, j = i+1, j+1 { - v6[i] = addr[j] - } - - return v6, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/dns64/metrics.go b/vendor/github.com/coredns/coredns/plugin/dns64/metrics.go deleted file mode 100644 index 95523166..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dns64/metrics.go +++ /dev/null @@ -1,18 +0,0 @@ -package dns64 - -import ( - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -var ( - // RequestsTranslatedCount is the number of DNS requests translated by dns64. - RequestsTranslatedCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: pluginName, - Name: "requests_translated_total", - Help: "Counter of DNS requests translated by dns64.", - }, []string{"server"}) -) diff --git a/vendor/github.com/coredns/coredns/plugin/dns64/setup.go b/vendor/github.com/coredns/coredns/plugin/dns64/setup.go deleted file mode 100644 index 5e061875..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dns64/setup.go +++ /dev/null @@ -1,92 +0,0 @@ -package dns64 - -import ( - "net" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/upstream" -) - -const pluginName = "dns64" - -func init() { plugin.Register(pluginName, setup) } - -func setup(c *caddy.Controller) error { - dns64, err := dns64Parse(c) - if err != nil { - return plugin.Error(pluginName, err) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - dns64.Next = next - return dns64 - }) - - return nil -} - -func dns64Parse(c *caddy.Controller) (*DNS64, error) { - _, defaultPref, _ := net.ParseCIDR("64:ff9b::/96") - dns64 := &DNS64{ - Upstream: upstream.New(), - Prefix: defaultPref, - } - - for c.Next() { - args := c.RemainingArgs() - if len(args) == 1 { - pref, err := parsePrefix(c, args[0]) - - if err != nil { - return nil, err - } - dns64.Prefix = pref - continue - } - if len(args) > 0 { - return nil, c.ArgErr() - } - - for c.NextBlock() { - switch c.Val() { - case "prefix": - if !c.NextArg() { - return nil, c.ArgErr() - } - pref, err := parsePrefix(c, c.Val()) - - if err != nil { - return nil, err - } - dns64.Prefix = pref - case "translate_all": - dns64.TranslateAll = true - case "allow_ipv4": - dns64.AllowIPv4 = true - default: - return nil, c.Errf("unknown property '%s'", c.Val()) - } - } - } - return dns64, nil -} - -func parsePrefix(c *caddy.Controller, addr string) (*net.IPNet, error) { - _, pref, err := net.ParseCIDR(addr) - if err != nil { - return nil, err - } - - // Test for valid prefix - n, total := pref.Mask.Size() - if total != 128 { - return nil, c.Errf("invalid netmask %d IPv6 address: %q", total, pref) - } - if n%8 != 0 || n < 32 || n > 96 { - return nil, c.Errf("invalid prefix length %q", pref) - } - - return pref, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/README.md b/vendor/github.com/coredns/coredns/plugin/dnssec/README.md deleted file mode 100644 index f586ca9f..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/README.md +++ /dev/null @@ -1,119 +0,0 @@ -# dnssec - -## Name - -*dnssec* - enables on-the-fly DNSSEC signing of served data. - -## Description - -With *dnssec*, any reply that doesn't (or can't) do DNSSEC will get signed on the fly. Authenticated -denial of existence is implemented with NSEC black lies. Using ECDSA as an algorithm is preferred as -this leads to smaller signatures (compared to RSA). NSEC3 is *not* supported. - -This plugin can only be used once per Server Block. - -## Syntax - -~~~ -dnssec [ZONES... ] { - key file|aws_secretsmanager KEY... - cache_capacity CAPACITY -} -~~~ - -The signing behavior depends on the keys specified. If multiple keys are specified of which there is -at least one key with the SEP bit set and at least one key with the SEP bit unset, signing will happen -in split ZSK/KSK mode. DNSKEY records will be signed with all keys that have the SEP bit set. All other -records will be signed with all keys that do not have the SEP bit set. - -In any other case, each specified key will be treated as a CSK (common signing key), forgoing the -ZSK/KSK split. All signing operations are done online. -Authenticated denial of existence is implemented with NSEC black lies. Using ECDSA as an algorithm -is preferred as this leads to smaller signatures (compared to RSA). NSEC3 is *not* supported. - -As the *dnssec* plugin can't see the original TTL of the RRSets it signs, it will always use 3600s -as the value. - -If multiple *dnssec* plugins are specified in the same zone, the last one specified will be -used. - -* **ZONES** zones that should be signed. If empty, the zones from the configuration block - are used. - -* `key file` indicates that **KEY** file(s) should be read from disk. When multiple keys are specified, RRsets - will be signed with all keys. Generating a key can be done with `dnssec-keygen`: `dnssec-keygen -a - ECDSAP256SHA256 `. A key created for zone *A* can be safely used for zone *B*. The name of the - key file can be specified in one of the following formats - - * basename of the generated key `Kexample.org+013+45330` - * generated public key `Kexample.org+013+45330.key` - * generated private key `Kexample.org+013+45330.private` - -* `key aws_secretsmanager` indicates that **KEY** secret(s) should be read from AWS Secrets Manager. Secret - names or ARNs may be used. After generating the keys as described in the `key file` section, you can - store them in AWS Secrets Manager using the following AWS CLI v2 command: - - ```sh - aws secretsmanager create-secret --name "Kexample.org.+013+45330" \ - --description "DNSSEC keys for example.org" \ - --secret-string "$(jq -n --arg key "$(cat Kexample.org.+013+45330.key)" \ - --arg private "$(cat Kexample.org.+013+45330.private)" \ - '{key: $key, private: $private}')" - ``` - - This command reads the contents of the `.key` and `.private` files, constructs a JSON object, and stores it - as a new secret in AWS Secrets Manager with the specified name and description. CoreDNS will then fetch - the key data from AWS Secrets Manager when using the `key aws_secretsmanager` directive. - - [AWS SDK for Go V2](https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/#specifying-credentials) is used - for authentication with AWS Secrets Manager. Make sure the provided AWS credentials have the necessary - permissions (e.g., `secretsmanager:GetSecretValue`) to access the specified secrets in AWS Secrets Manager. - -* `cache_capacity` indicates the capacity of the cache. The dnssec plugin uses a cache to store - RRSIGs. The default for **CAPACITY** is 10000. - -## Metrics - -If monitoring is enabled (via the *prometheus* plugin) then the following metrics are exported: - -* `coredns_dnssec_cache_entries{server, type}` - total elements in the cache, type is "signature". -* `coredns_dnssec_cache_hits_total{server}` - Counter of cache hits. -* `coredns_dnssec_cache_misses_total{server}` - Counter of cache misses. - -The label `server` indicated the server handling the request, see the *metrics* plugin for details. - -## Examples - -Sign responses for `example.org` with the key "Kexample.org.+013+45330.key". - -~~~ corefile -example.org { - dnssec { - key file Kexample.org.+013+45330 - } - whoami -} -~~~ - -Sign responses for `example.org` with the key stored in AWS Secrets Manager under the secret name -"Kexample.org.+013+45330". - -~~~ -example.org { - dnssec { - key aws_secretsmanager Kexample.org.+013+45330 - } - whoami -} -~~~ - -Sign responses for a kubernetes zone with the key "Kcluster.local+013+45129.key". - -~~~ -cluster.local { - kubernetes - dnssec { - key file Kcluster.local+013+45129 - } -} -~~~ diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/black_lies.go b/vendor/github.com/coredns/coredns/plugin/dnssec/black_lies.go deleted file mode 100644 index d01fa7c8..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/black_lies.go +++ /dev/null @@ -1,79 +0,0 @@ -package dnssec - -import ( - "strings" - - "github.com/coredns/coredns/plugin/pkg/response" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// nsec returns an NSEC useful for NXDOMAIN responses. -// See https://tools.ietf.org/html/draft-valsorda-dnsop-black-lies-00 -// For example, a request for the non-existing name a.example.com would -// cause the following NSEC record to be generated: -// -// a.example.com. 3600 IN NSEC \000.a.example.com. ( RRSIG NSEC ... ) -// -// This inturn makes every NXDOMAIN answer a NODATA one, don't forget to flip -// the header rcode to NOERROR. -func (d Dnssec) nsec(state request.Request, mt response.Type, ttl, incep, expir uint32, server string) ([]dns.RR, error) { - nsec := &dns.NSEC{} - nsec.Hdr = dns.RR_Header{Name: state.QName(), Ttl: ttl, Class: dns.ClassINET, Rrtype: dns.TypeNSEC} - nsec.NextDomain = "\\000." + state.QName() - if state.QName() == "." { - nsec.NextDomain = "\\000." // If You want to play as root server - } - if state.Name() == state.Zone { - nsec.TypeBitMap = filter18(state.QType(), apexBitmap, mt) - } else if mt == response.Delegation || state.QType() == dns.TypeDS { - nsec.TypeBitMap = delegationBitmap[:] - if mt == response.Delegation { - labels := dns.SplitDomainName(state.QName()) - labels[0] += "\\000" - nsec.NextDomain = strings.Join(labels, ".") + "." - } - } else { - nsec.TypeBitMap = filter14(state.QType(), zoneBitmap, mt) - } - - sigs, err := d.sign([]dns.RR{nsec}, state.Zone, ttl, incep, expir, server) - if err != nil { - return nil, err - } - - return append(sigs, nsec), nil -} - -// The NSEC bit maps we return. -var ( - delegationBitmap = [...]uint16{dns.TypeA, dns.TypeNS, dns.TypeHINFO, dns.TypeTXT, dns.TypeAAAA, dns.TypeLOC, dns.TypeSRV, dns.TypeCERT, dns.TypeSSHFP, dns.TypeRRSIG, dns.TypeNSEC, dns.TypeTLSA, dns.TypeHIP, dns.TypeOPENPGPKEY, dns.TypeSPF} - zoneBitmap = [...]uint16{dns.TypeA, dns.TypeHINFO, dns.TypeTXT, dns.TypeAAAA, dns.TypeLOC, dns.TypeSRV, dns.TypeCERT, dns.TypeSSHFP, dns.TypeRRSIG, dns.TypeNSEC, dns.TypeTLSA, dns.TypeHIP, dns.TypeOPENPGPKEY, dns.TypeSPF} - apexBitmap = [...]uint16{dns.TypeA, dns.TypeNS, dns.TypeSOA, dns.TypeHINFO, dns.TypeMX, dns.TypeTXT, dns.TypeAAAA, dns.TypeLOC, dns.TypeSRV, dns.TypeCERT, dns.TypeSSHFP, dns.TypeRRSIG, dns.TypeNSEC, dns.TypeDNSKEY, dns.TypeTLSA, dns.TypeHIP, dns.TypeOPENPGPKEY, dns.TypeSPF} -) - -// filter14 filters out t from bitmap (if it exists). If mt is not an NODATA response, just return the entire bitmap. -func filter14(t uint16, bitmap [14]uint16, mt response.Type) []uint16 { - if mt != response.NoData && mt != response.NameError || t == dns.TypeNSEC { - return zoneBitmap[:] - } - for i := range bitmap { - if bitmap[i] == t { - return append(bitmap[:i], bitmap[i+1:]...) - } - } - return zoneBitmap[:] // make a slice -} - -func filter18(t uint16, bitmap [18]uint16, mt response.Type) []uint16 { - if mt != response.NoData && mt != response.NameError || t == dns.TypeNSEC { - return apexBitmap[:] - } - for i := range bitmap { - if bitmap[i] == t { - return append(bitmap[:i], bitmap[i+1:]...) - } - } - return apexBitmap[:] // make a slice -} diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/cache.go b/vendor/github.com/coredns/coredns/plugin/dnssec/cache.go deleted file mode 100644 index d80f5c1b..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/cache.go +++ /dev/null @@ -1,48 +0,0 @@ -package dnssec - -import ( - "hash/fnv" - "io" - "time" - - "github.com/coredns/coredns/plugin/pkg/cache" - - "github.com/miekg/dns" -) - -// hash serializes the RRset and returns a signature cache key. -func hash(rrs []dns.RR) uint64 { - h := fnv.New64() - // we need to hash the entire RRset to pick the correct sig, if the rrset - // changes for whatever reason we should resign. - // We could use wirefmt, or the string format, both create garbage when creating - // the hash key. And of course is a uint64 big enough? - for _, rr := range rrs { - io.WriteString(h, rr.String()) - } - return h.Sum64() -} - -func periodicClean(c *cache.Cache, stop <-chan struct{}) { - tick := time.NewTicker(8 * time.Hour) - defer tick.Stop() - for { - select { - case <-tick.C: - // we sign for 8 days, check if a signature in the cache reached 75% of that (i.e. 6), if found delete - // the signature - is75 := time.Now().UTC().Add(twoDays) - c.Walk(func(items map[uint64]interface{}, key uint64) bool { - for _, rr := range items[key].([]dns.RR) { - if !rr.(*dns.RRSIG).ValidityPeriod(is75) { - delete(items, key) - } - } - return true - }) - - case <-stop: - return - } - } -} diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/dnskey.go b/vendor/github.com/coredns/coredns/plugin/dnssec/dnskey.go deleted file mode 100644 index cfe59845..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/dnskey.go +++ /dev/null @@ -1,169 +0,0 @@ -package dnssec - -import ( - "context" - "crypto" - "crypto/ecdsa" - "crypto/rsa" - "encoding/json" - "errors" - "os" - "path/filepath" - "strings" - "time" - - "github.com/coredns/coredns/request" - - "github.com/aws/aws-sdk-go-v2/config" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager" - "github.com/miekg/dns" - "golang.org/x/crypto/ed25519" -) - -// DNSKEY holds a DNSSEC public and private key used for on-the-fly signing. -type DNSKEY struct { - K *dns.DNSKEY - D *dns.DS - s crypto.Signer - tag uint16 -} - -// SecretKeyData represents the structure of the DNS keys stored in AWS Secrets Manager. -type SecretKeyData struct { - Key string `json:"key"` - Private string `json:"private"` -} - -// ParseKeyFile read a DNSSEC keyfile as generated by dnssec-keygen or other -// utilities. It adds ".key" for the public key and ".private" for the private key. -func ParseKeyFile(pubFile, privFile string) (*DNSKEY, error) { - f, e := os.Open(filepath.Clean(pubFile)) - if e != nil { - return nil, e - } - defer f.Close() - k, e := dns.ReadRR(f, pubFile) - if e != nil { - return nil, e - } - - f, e = os.Open(filepath.Clean(privFile)) - if e != nil { - return nil, e - } - defer f.Close() - - dk, ok := k.(*dns.DNSKEY) - if !ok { - return nil, errors.New("no public key found") - } - p, e := dk.ReadPrivateKey(f, privFile) - if e != nil { - return nil, e - } - - if s, ok := p.(*rsa.PrivateKey); ok { - return &DNSKEY{K: dk, D: dk.ToDS(dns.SHA256), s: s, tag: dk.KeyTag()}, nil - } - if s, ok := p.(*ecdsa.PrivateKey); ok { - return &DNSKEY{K: dk, D: dk.ToDS(dns.SHA256), s: s, tag: dk.KeyTag()}, nil - } - if s, ok := p.(ed25519.PrivateKey); ok { - return &DNSKEY{K: dk, D: dk.ToDS(dns.SHA256), s: s, tag: dk.KeyTag()}, nil - } - return &DNSKEY{K: dk, D: dk.ToDS(dns.SHA256), s: nil, tag: 0}, errors.New("no private key found") -} - -// ParseKeyFromAWSSecretsManager retrieves and parses a DNSSEC key pair from AWS Secrets Manager. -func ParseKeyFromAWSSecretsManager(secretID string) (*DNSKEY, error) { - // Load the AWS SDK configuration - cfg, err := config.LoadDefaultConfig(context.TODO()) - if err != nil { - return nil, err - } - - // Create a Secrets Manager client - client := secretsmanager.NewFromConfig(cfg) - - // Retrieve the secret value - input := &secretsmanager.GetSecretValueInput{ - SecretId: &secretID, - } - result, err := client.GetSecretValue(context.TODO(), input) - if err != nil { - return nil, err - } - - // Parse the secret string into SecretKeyData - var secretData SecretKeyData - err = json.Unmarshal([]byte(*result.SecretString), &secretData) - if err != nil { - return nil, err - } - - // Parse the public key - rr, err := dns.NewRR(secretData.Key) - if err != nil { - return nil, err - } - dk, ok := rr.(*dns.DNSKEY) - if !ok { - return nil, errors.New("invalid public key format") - } - - // Parse the private key - p, err := dk.ReadPrivateKey(strings.NewReader(secretData.Private), secretID) - if err != nil { - return nil, err - } - - // Create the DNSKEY structure - var s crypto.Signer - var tag uint16 - switch key := p.(type) { - case *rsa.PrivateKey: - s = key - tag = dk.KeyTag() - case *ecdsa.PrivateKey: - s = key - tag = dk.KeyTag() - case ed25519.PrivateKey: - s = key - tag = dk.KeyTag() - default: - return nil, errors.New("unsupported key type") - } - - return &DNSKEY{K: dk, D: dk.ToDS(dns.SHA256), s: s, tag: tag}, nil -} - -// getDNSKEY returns the correct DNSKEY to the client. Signatures are added when do is true. -func (d Dnssec) getDNSKEY(state request.Request, zone string, do bool, server string) *dns.Msg { - keys := make([]dns.RR, len(d.keys)) - for i, k := range d.keys { - keys[i] = dns.Copy(k.K) - keys[i].Header().Name = zone - } - m := new(dns.Msg) - m.SetReply(state.Req) - m.Answer = keys - if !do { - return m - } - - incep, expir := incepExpir(time.Now().UTC()) - if sigs, err := d.sign(keys, zone, 3600, incep, expir, server); err == nil { - m.Answer = append(m.Answer, sigs...) - } - return m -} - -// Return true if, and only if, this is a zone key with the SEP bit unset. This implies a ZSK (rfc4034 2.1.1). -func (k DNSKEY) isZSK() bool { - return k.K.Flags&(1<<8) == (1<<8) && k.K.Flags&1 == 0 -} - -// Return true if, and only if, this is a zone key with the SEP bit set. This implies a KSK (rfc4034 2.1.1). -func (k DNSKEY) isKSK() bool { - return k.K.Flags&(1<<8) == (1<<8) && k.K.Flags&1 == 1 -} diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/dnssec.go b/vendor/github.com/coredns/coredns/plugin/dnssec/dnssec.go deleted file mode 100644 index edda7a80..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/dnssec.go +++ /dev/null @@ -1,179 +0,0 @@ -// Package dnssec implements a plugin that signs responses on-the-fly using -// NSEC black lies. -package dnssec - -import ( - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/cache" - "github.com/coredns/coredns/plugin/pkg/response" - "github.com/coredns/coredns/plugin/pkg/singleflight" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Dnssec signs the reply on-the-fly. -type Dnssec struct { - Next plugin.Handler - - zones []string - keys []*DNSKEY - splitkeys bool - inflight *singleflight.Group - cache *cache.Cache -} - -// New returns a new Dnssec. -func New(zones []string, keys []*DNSKEY, splitkeys bool, next plugin.Handler, c *cache.Cache) Dnssec { - return Dnssec{Next: next, - zones: zones, - keys: keys, - splitkeys: splitkeys, - cache: c, - inflight: new(singleflight.Group), - } -} - -// Sign signs the message in state. it takes care of negative or nodata responses. It -// uses NSEC black lies for authenticated denial of existence. For delegations it -// will insert DS records and sign those. -// Signatures will be cached for a short while. By default we sign for 8 days, -// starting 3 hours ago. -func (d Dnssec) Sign(state request.Request, now time.Time, server string) *dns.Msg { - req := state.Req - - incep, expir := incepExpir(now) - - mt, _ := response.Typify(req, time.Now().UTC()) // TODO(miek): need opt record here? - if mt == response.Delegation { - // We either sign DS or NSEC of DS. - ttl := req.Ns[0].Header().Ttl - - ds := []dns.RR{} - for i := range req.Ns { - if req.Ns[i].Header().Rrtype == dns.TypeDS { - ds = append(ds, req.Ns[i]) - } - } - if len(ds) == 0 { - if sigs, err := d.nsec(state, mt, ttl, incep, expir, server); err == nil { - req.Ns = append(req.Ns, sigs...) - } - } else if sigs, err := d.sign(ds, state.Zone, ttl, incep, expir, server); err == nil { - req.Ns = append(req.Ns, sigs...) - } - return req - } - - if mt == response.NameError || mt == response.NoData { - if req.Ns[0].Header().Rrtype != dns.TypeSOA || len(req.Ns) > 1 { - return req - } - - ttl := req.Ns[0].Header().Ttl - - if sigs, err := d.sign(req.Ns, state.Zone, ttl, incep, expir, server); err == nil { - req.Ns = append(req.Ns, sigs...) - } - if sigs, err := d.nsec(state, mt, ttl, incep, expir, server); err == nil { - req.Ns = append(req.Ns, sigs...) - } - if len(req.Ns) > 1 { // actually added nsec and sigs, reset the rcode - req.Rcode = dns.RcodeSuccess - if state.QType() == dns.TypeNSEC { // If original query was NSEC move Ns to Answer without SOA - req.Answer = req.Ns[len(req.Ns)-2 : len(req.Ns)] - req.Ns = nil - } - } - return req - } - - for _, r := range rrSets(req.Answer) { - ttl := r[0].Header().Ttl - if sigs, err := d.sign(r, state.Zone, ttl, incep, expir, server); err == nil { - req.Answer = append(req.Answer, sigs...) - } - } - for _, r := range rrSets(req.Ns) { - ttl := r[0].Header().Ttl - if sigs, err := d.sign(r, state.Zone, ttl, incep, expir, server); err == nil { - req.Ns = append(req.Ns, sigs...) - } - } - for _, r := range rrSets(req.Extra) { - ttl := r[0].Header().Ttl - if sigs, err := d.sign(r, state.Zone, ttl, incep, expir, server); err == nil { - req.Extra = append(req.Extra, sigs...) - } - } - return req -} - -func (d Dnssec) sign(rrs []dns.RR, signerName string, ttl, incep, expir uint32, server string) ([]dns.RR, error) { - k := hash(rrs) - sgs, ok := d.get(k, server) - if ok { - return sgs, nil - } - - sigs, err := d.inflight.Do(k, func() (interface{}, error) { - var sigs []dns.RR - for _, k := range d.keys { - if d.splitkeys { - if len(rrs) > 0 && rrs[0].Header().Rrtype == dns.TypeDNSKEY { - // We are signing a DNSKEY RRSet. With split keys, we need to use a KSK here. - if !k.isKSK() { - continue - } - } else { - // For non-DNSKEY RRSets, we want to use a ZSK. - if !k.isZSK() { - continue - } - } - } - sig := k.newRRSIG(signerName, ttl, incep, expir) - if e := sig.Sign(k.s, rrs); e != nil { - return sigs, e - } - sigs = append(sigs, sig) - } - d.set(k, sigs) - return sigs, nil - }) - return sigs.([]dns.RR), err -} - -func (d Dnssec) set(key uint64, sigs []dns.RR) { d.cache.Add(key, sigs) } - -func (d Dnssec) get(key uint64, server string) ([]dns.RR, bool) { - if s, ok := d.cache.Get(key); ok { - // we sign for 8 days, check if a signature in the cache reached 3/4 of that - is75 := time.Now().UTC().Add(twoDays) - for _, rr := range s.([]dns.RR) { - if !rr.(*dns.RRSIG).ValidityPeriod(is75) { - cacheMisses.WithLabelValues(server).Inc() - return nil, false - } - } - - cacheHits.WithLabelValues(server).Inc() - return s.([]dns.RR), true - } - cacheMisses.WithLabelValues(server).Inc() - return nil, false -} - -func incepExpir(now time.Time) (uint32, uint32) { - incep := uint32(now.Add(-3 * time.Hour).Unix()) // -(2+1) hours, be sure to catch daylight saving time and such - expir := uint32(now.Add(eightDays).Unix()) // sign for 8 days - return incep, expir -} - -const ( - eightDays = 8 * 24 * time.Hour - twoDays = 2 * 24 * time.Hour - defaultCap = 10000 // default capacity of the cache. -) diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/handler.go b/vendor/github.com/coredns/coredns/plugin/dnssec/handler.go deleted file mode 100644 index 1ab70ab6..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/handler.go +++ /dev/null @@ -1,50 +0,0 @@ -package dnssec - -import ( - "context" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/metrics" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// ServeDNS implements the plugin.Handler interface. -func (d Dnssec) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - - do := state.Do() - qname := state.Name() - qtype := state.QType() - zone := plugin.Zones(d.zones).Matches(qname) - if zone == "" { - return plugin.NextOrFailure(d.Name(), d.Next, ctx, w, r) - } - - state.Zone = zone - server := metrics.WithServer(ctx) - - // Intercept queries for DNSKEY, but only if one of the zones matches the qname, otherwise we let - // the query through. - if qtype == dns.TypeDNSKEY { - for _, z := range d.zones { - if qname == z { - resp := d.getDNSKEY(state, z, do, server) - resp.Authoritative = true - w.WriteMsg(resp) - return dns.RcodeSuccess, nil - } - } - } - - if do { - drr := &ResponseWriter{w, d, server} - return plugin.NextOrFailure(d.Name(), d.Next, ctx, drr, r) - } - - return plugin.NextOrFailure(d.Name(), d.Next, ctx, w, r) -} - -// Name implements the Handler interface. -func (d Dnssec) Name() string { return "dnssec" } diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/metrics.go b/vendor/github.com/coredns/coredns/plugin/dnssec/metrics.go deleted file mode 100644 index e69dbf5c..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/metrics.go +++ /dev/null @@ -1,32 +0,0 @@ -package dnssec - -import ( - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -var ( - // cacheSize is the number of elements in the dnssec cache. - cacheSize = promauto.NewGaugeVec(prometheus.GaugeOpts{ - Namespace: plugin.Namespace, - Subsystem: "dnssec", - Name: "cache_entries", - Help: "The number of elements in the dnssec cache.", - }, []string{"server", "type"}) - // cacheHits is the count of cache hits. - cacheHits = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "dnssec", - Name: "cache_hits_total", - Help: "The count of cache hits.", - }, []string{"server"}) - // cacheMisses is the count of cache misses. - cacheMisses = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "dnssec", - Name: "cache_misses_total", - Help: "The count of cache misses.", - }, []string{"server"}) -) diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/responsewriter.go b/vendor/github.com/coredns/coredns/plugin/dnssec/responsewriter.go deleted file mode 100644 index 355b3177..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/responsewriter.go +++ /dev/null @@ -1,43 +0,0 @@ -package dnssec - -import ( - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// ResponseWriter signs the response on the fly. -type ResponseWriter struct { - dns.ResponseWriter - d Dnssec - server string // server label for metrics. -} - -// WriteMsg implements the dns.ResponseWriter interface. -func (d *ResponseWriter) WriteMsg(res *dns.Msg) error { - // By definition we should sign anything that comes back, we should still figure out for - // which zone it should be. - state := request.Request{W: d.ResponseWriter, Req: res} - - zone := plugin.Zones(d.d.zones).Matches(state.Name()) - if zone == "" { - return d.ResponseWriter.WriteMsg(res) - } - state.Zone = zone - - res = d.d.Sign(state, time.Now().UTC(), d.server) - cacheSize.WithLabelValues(d.server, "signature").Set(float64(d.d.cache.Len())) - // No need for EDNS0 trickery, as that is handled by the server. - - return d.ResponseWriter.WriteMsg(res) -} - -// Write implements the dns.ResponseWriter interface. -func (d *ResponseWriter) Write(buf []byte) (int, error) { - log.Warning("Dnssec called with Write: not signing reply") - n, err := d.ResponseWriter.Write(buf) - return n, err -} diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/rrsig.go b/vendor/github.com/coredns/coredns/plugin/dnssec/rrsig.go deleted file mode 100644 index 250a6035..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/rrsig.go +++ /dev/null @@ -1,53 +0,0 @@ -package dnssec - -import "github.com/miekg/dns" - -// newRRSIG returns a new RRSIG, with all fields filled out, except the signed data. -func (k *DNSKEY) newRRSIG(signerName string, ttl, incep, expir uint32) *dns.RRSIG { - sig := new(dns.RRSIG) - - sig.Hdr.Rrtype = dns.TypeRRSIG - sig.Algorithm = k.K.Algorithm - sig.KeyTag = k.tag - sig.SignerName = signerName - sig.Hdr.Ttl = ttl - sig.OrigTtl = origTTL - - sig.Inception = incep - sig.Expiration = expir - - return sig -} - -type rrset struct { - qname string - qtype uint16 -} - -// rrSets returns rrs as a map of RRsets. It skips RRSIG and OPT records as those don't need to be signed. -func rrSets(rrs []dns.RR) map[rrset][]dns.RR { - m := make(map[rrset][]dns.RR) - - for _, r := range rrs { - if r.Header().Rrtype == dns.TypeRRSIG || r.Header().Rrtype == dns.TypeOPT { - continue - } - - if s, ok := m[rrset{r.Header().Name, r.Header().Rrtype}]; ok { - s = append(s, r) - m[rrset{r.Header().Name, r.Header().Rrtype}] = s - continue - } - - s := make([]dns.RR, 1, 3) - s[0] = r - m[rrset{r.Header().Name, r.Header().Rrtype}] = s - } - - if len(m) > 0 { - return m - } - return nil -} - -const origTTL = 3600 diff --git a/vendor/github.com/coredns/coredns/plugin/dnssec/setup.go b/vendor/github.com/coredns/coredns/plugin/dnssec/setup.go deleted file mode 100644 index 9a87c41c..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnssec/setup.go +++ /dev/null @@ -1,159 +0,0 @@ -package dnssec - -import ( - "fmt" - "path/filepath" - "strconv" - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/cache" - clog "github.com/coredns/coredns/plugin/pkg/log" -) - -var log = clog.NewWithPlugin("dnssec") - -func init() { plugin.Register("dnssec", setup) } - -func setup(c *caddy.Controller) error { - zones, keys, capacity, splitkeys, err := dnssecParse(c) - if err != nil { - return plugin.Error("dnssec", err) - } - - ca := cache.New(capacity) - stop := make(chan struct{}) - - c.OnShutdown(func() error { - close(stop) - return nil - }) - c.OnStartup(func() error { - go periodicClean(ca, stop) - return nil - }) - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - return New(zones, keys, splitkeys, next, ca) - }) - - return nil -} - -func dnssecParse(c *caddy.Controller) ([]string, []*DNSKEY, int, bool, error) { - zones := []string{} - keys := []*DNSKEY{} - capacity := defaultCap - - i := 0 - for c.Next() { - if i > 0 { - return nil, nil, 0, false, plugin.ErrOnce - } - i++ - - // dnssec [zones...] - zones = plugin.OriginsFromArgsOrServerBlock(c.RemainingArgs(), c.ServerBlockKeys) - - for c.NextBlock() { - switch x := c.Val(); x { - case "key": - k, e := keyParse(c) - if e != nil { - return nil, nil, 0, false, e - } - keys = append(keys, k...) - case "cache_capacity": - if !c.NextArg() { - return nil, nil, 0, false, c.ArgErr() - } - value := c.Val() - cacheCap, err := strconv.Atoi(value) - if err != nil { - return nil, nil, 0, false, err - } - capacity = cacheCap - default: - return nil, nil, 0, false, c.Errf("unknown property '%s'", x) - } - } - } - // Check if we have both KSKs and ZSKs. - zsk, ksk := 0, 0 - for _, k := range keys { - if k.isKSK() { - ksk++ - } else if k.isZSK() { - zsk++ - } - } - splitkeys := zsk > 0 && ksk > 0 - - // Check if each keys owner name can actually sign the zones we want them to sign. - for _, k := range keys { - kname := plugin.Name(k.K.Header().Name) - ok := false - for i := range zones { - if kname.Matches(zones[i]) { - ok = true - break - } - } - if !ok { - return zones, keys, capacity, splitkeys, fmt.Errorf("key %s (keyid: %d) can not sign any of the zones", string(kname), k.tag) - } - } - - return zones, keys, capacity, splitkeys, nil -} - -func keyParse(c *caddy.Controller) ([]*DNSKEY, error) { - keys := []*DNSKEY{} - config := dnsserver.GetConfig(c) - - if !c.NextArg() { - return nil, c.ArgErr() - } - value := c.Val() - if value == "file" { - ks := c.RemainingArgs() - if len(ks) == 0 { - return nil, c.ArgErr() - } - - for _, k := range ks { - base := k - // Kmiek.nl.+013+26205.key, handle .private or without extension: Kmiek.nl.+013+26205 - if strings.HasSuffix(k, ".key") { - base = k[:len(k)-4] - } - if strings.HasSuffix(k, ".private") { - base = k[:len(k)-8] - } - if !filepath.IsAbs(base) && config.Root != "" { - base = filepath.Join(config.Root, base) - } - k, err := ParseKeyFile(base+".key", base+".private") - if err != nil { - return nil, err - } - keys = append(keys, k) - } - } else if value == "aws_secretsmanager" { - ks := c.RemainingArgs() - if len(ks) == 0 { - return nil, c.ArgErr() - } - - for _, k := range ks { - k, err := ParseKeyFromAWSSecretsManager(k) - if err != nil { - return nil, err - } - keys = append(keys, k) - } - } - return keys, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/dnstap/README.md b/vendor/github.com/coredns/coredns/plugin/dnstap/README.md deleted file mode 100644 index 5ec188d3..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnstap/README.md +++ /dev/null @@ -1,175 +0,0 @@ -# dnstap - -## Name - -*dnstap* - enables logging to dnstap. - -## Description - -dnstap is a flexible, structured binary log format for DNS software; see https://dnstap.info. With this -plugin you make CoreDNS output dnstap logging. - -Every message is sent to the socket as soon as it comes in, the *dnstap* plugin has a buffer of -10000 messages, above that number dnstap messages will be dropped (this is logged). - -## Syntax - -~~~ txt -dnstap SOCKET [full] [writebuffer] [queue] { - [identity IDENTITY] - [version VERSION] - [extra EXTRA] - [skipverify] -} -~~~ - -* **SOCKET** is the socket (path) supplied to the dnstap command line tool. -* `full` to include the wire-format DNS message. -* **IDENTITY** to override the identity of the server. Defaults to the hostname. -* **VERSION** to override the version field. Defaults to the CoreDNS version. -* **EXTRA** to define "extra" field in dnstap payload, [metadata](../metadata/) replacement available here. -* `skipverify` to skip tls verification during connection. Default to be secure - -## Examples - -Log information about client requests and responses to */tmp/dnstap.sock*. - -~~~ txt -dnstap /tmp/dnstap.sock -~~~ - -Log information about client requests and responses and tcp write buffer is 1024*Mb and queue is 2048*10000. - -~~~ txt -dnstap /tmp/dnstap.sock full 1024 2048 -~~~ - -Log information including the wire-format DNS message about client requests and responses to */tmp/dnstap.sock*. - -~~~ txt -dnstap unix:///tmp/dnstap.sock full -~~~ - -Log to a remote endpoint. - -~~~ txt -dnstap tcp://127.0.0.1:6000 full -~~~ - -Log to a remote endpoint by FQDN. - -~~~ txt -dnstap tcp://example.com:6000 full -~~~ - -Log to a socket, overriding the default identity and version. - -~~~ txt -dnstap /tmp/dnstap.sock { - identity my-dns-server1 - version MyDNSServer-1.2.3 -} -~~~ - -Log to a socket, customize the "extra" field in dnstap payload. You may use metadata provided by other plugins in the extra field. - -~~~ txt -forward . 8.8.8.8 -metadata -dnstap /tmp/dnstap.sock { - extra "upstream: {/forward/upstream}" -} -~~~ - -Log to a remote TLS endpoint. - -~~~ txt -dnstap tls://127.0.0.1:6000 full { - skipverify -} -~~~ - -You can use _dnstap_ more than once to define multiple taps. The following logs information including the -wire-format DNS message about client requests and responses to */tmp/dnstap.sock*, -and also sends client requests and responses without wire-format DNS messages to a remote FQDN. - -~~~ txt -dnstap /tmp/dnstap.sock full -dnstap tcp://example.com:6000 -~~~ - -## Command Line Tool - -Dnstap has a command line tool that can be used to inspect the logging. The tool can be found -at GitHub: . It's written in Go. - -The following command listens on the given socket and decodes messages to stdout. - -~~~ sh -$ dnstap -u /tmp/dnstap.sock -~~~ - -The following command listens on the given socket and saves message payloads to a binary dnstap-format log file. - -~~~ sh -$ dnstap -u /tmp/dnstap.sock -w /tmp/test.dnstap -~~~ - -Listen for dnstap messages on port 6000. - -~~~ sh -$ dnstap -l 127.0.0.1:6000 -~~~ - -## Using Dnstap in your plugin - -In your setup function, collect and store a list of all *dnstap* plugins loaded in the config: - -~~~ go -x := &ExamplePlugin{} - -c.OnStartup(func() error { - if taph := dnsserver.GetConfig(c).Handler("dnstap"); taph != nil { - for tapPlugin, ok := taph.(*dnstap.Dnstap); ok; tapPlugin, ok = tapPlugin.Next.(*dnstap.Dnstap) { - x.tapPlugins = append(x.tapPlugins, tapPlugin) - } - } - return nil -}) -~~~ - -And then in your plugin: - -~~~ go -import ( - "github.com/coredns/coredns/plugin/dnstap/msg" - "github.com/coredns/coredns/request" - - tap "github.com/dnstap/golang-dnstap" -) - -func (x ExamplePlugin) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - for _, tapPlugin := range x.tapPlugins { - q := new(msg.Msg) - msg.SetQueryTime(q, time.Now()) - msg.SetQueryAddress(q, w.RemoteAddr()) - if tapPlugin.IncludeRawMessage { - buf, _ := r.Pack() // r has been seen packed/unpacked before, this should not fail - q.QueryMessage = buf - } - msg.SetType(q, tap.Message_CLIENT_QUERY) - - // if no metadata interpretation is needed, just send the message - tapPlugin.TapMessage(q) - - // OR: to interpret the metadata in "extra" field, give more context info - tapPlugin.TapMessageWithMetadata(ctx, q, request.Request{W: w, Req: query}) - } - // ... -} -~~~ - -## See Also - -The website [dnstap.info](https://dnstap.info) has info on the dnstap protocol. The *forward* -plugin's `dnstap.go` uses dnstap to tap messages sent to an upstream. diff --git a/vendor/github.com/coredns/coredns/plugin/dnstap/encoder.go b/vendor/github.com/coredns/coredns/plugin/dnstap/encoder.go deleted file mode 100644 index 93d3e73d..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnstap/encoder.go +++ /dev/null @@ -1,40 +0,0 @@ -package dnstap - -import ( - "io" - "time" - - tap "github.com/dnstap/golang-dnstap" - fs "github.com/farsightsec/golang-framestream" - "google.golang.org/protobuf/proto" -) - -// encoder wraps a golang-framestream.Encoder. -type encoder struct { - fs *fs.Encoder -} - -func newEncoder(w io.Writer, timeout time.Duration) (*encoder, error) { - fs, err := fs.NewEncoder(w, &fs.EncoderOptions{ - ContentType: []byte("protobuf:dnstap.Dnstap"), - Bidirectional: true, - Timeout: timeout, - }) - if err != nil { - return nil, err - } - return &encoder{fs}, nil -} - -func (e *encoder) writeMsg(msg *tap.Dnstap) error { - buf, err := proto.Marshal(msg) - if err != nil { - return err - } - - _, err = e.fs.Write(buf) // n < len(buf) should return an error? - return err -} - -func (e *encoder) flush() error { return e.fs.Flush() } -func (e *encoder) close() error { return e.fs.Close() } diff --git a/vendor/github.com/coredns/coredns/plugin/dnstap/handler.go b/vendor/github.com/coredns/coredns/plugin/dnstap/handler.go deleted file mode 100644 index d322aab9..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnstap/handler.go +++ /dev/null @@ -1,87 +0,0 @@ -package dnstap - -import ( - "context" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/dnstap/msg" - "github.com/coredns/coredns/plugin/pkg/replacer" - "github.com/coredns/coredns/request" - - tap "github.com/dnstap/golang-dnstap" - "github.com/miekg/dns" -) - -// Dnstap is the dnstap handler. -type Dnstap struct { - Next plugin.Handler - io tapper - repl replacer.Replacer - - // IncludeRawMessage will include the raw DNS message into the dnstap messages if true. - IncludeRawMessage bool - Identity []byte - Version []byte - ExtraFormat string - MultipleTcpWriteBuf int // *Mb - MultipleQueue int // *10000 -} - -// TapMessage sends the message m to the dnstap interface, without populating "Extra" field. -func (h *Dnstap) TapMessage(m *tap.Message) { - if h.ExtraFormat == "" { - h.tapWithExtra(m, nil) - } else { - h.tapWithExtra(m, []byte(h.ExtraFormat)) - } -} - -// TapMessageWithMetadata sends the message m to the dnstap interface, with "Extra" field being populated. -func (h *Dnstap) TapMessageWithMetadata(ctx context.Context, m *tap.Message, state request.Request) { - if h.ExtraFormat == "" { - h.tapWithExtra(m, nil) - return - } - extraStr := h.repl.Replace(ctx, state, nil, h.ExtraFormat) - h.tapWithExtra(m, []byte(extraStr)) -} - -func (h *Dnstap) tapWithExtra(m *tap.Message, extra []byte) { - t := tap.Dnstap_MESSAGE - h.io.Dnstap(&tap.Dnstap{Type: &t, Message: m, Identity: h.Identity, Version: h.Version, Extra: extra}) -} - -func (h *Dnstap) tapQuery(ctx context.Context, w dns.ResponseWriter, query *dns.Msg, queryTime time.Time) { - q := new(tap.Message) - msg.SetQueryTime(q, queryTime) - msg.SetQueryAddress(q, w.RemoteAddr()) - - if h.IncludeRawMessage { - buf, _ := query.Pack() - q.QueryMessage = buf - } - msg.SetType(q, tap.Message_CLIENT_QUERY) - state := request.Request{W: w, Req: query} - h.TapMessageWithMetadata(ctx, q, state) -} - -// ServeDNS logs the client query and response to dnstap and passes the dnstap Context. -func (h *Dnstap) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - rw := &ResponseWriter{ - ResponseWriter: w, - Dnstap: h, - query: r, - ctx: ctx, - queryTime: time.Now(), - } - - // The query tap message should be sent before sending the query to the - // forwarder. Otherwise, the tap messages will come out out of order. - h.tapQuery(ctx, w, r, rw.queryTime) - - return plugin.NextOrFailure(h.Name(), h.Next, ctx, rw, r) -} - -// Name implements the plugin.Plugin interface. -func (h *Dnstap) Name() string { return "dnstap" } diff --git a/vendor/github.com/coredns/coredns/plugin/dnstap/io.go b/vendor/github.com/coredns/coredns/plugin/dnstap/io.go deleted file mode 100644 index 4a6af6cb..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnstap/io.go +++ /dev/null @@ -1,145 +0,0 @@ -package dnstap - -import ( - "crypto/tls" - "net" - "sync/atomic" - "time" - - tap "github.com/dnstap/golang-dnstap" -) - -const ( - tcpWriteBufSize = 1024 * 1024 // there is no good explanation for why this number has this value. - queueSize = 10000 // idem. - - tcpTimeout = 4 * time.Second - flushTimeout = 1 * time.Second - - skipVerify = false // by default, every tls connection is verified to be secure -) - -// tapper interface is used in testing to mock the Dnstap method. -type tapper interface { - Dnstap(*tap.Dnstap) -} - -// dio implements the Tapper interface. -type dio struct { - endpoint string - proto string - enc *encoder - queue chan *tap.Dnstap - dropped uint32 - quit chan struct{} - flushTimeout time.Duration - tcpTimeout time.Duration - skipVerify bool - tcpWriteBufSize int -} - -// newIO returns a new and initialized pointer to a dio. -func newIO(proto, endpoint string, multipleQueue int, multipleTcpWriteBuf int) *dio { - return &dio{ - endpoint: endpoint, - proto: proto, - queue: make(chan *tap.Dnstap, multipleQueue*queueSize), - quit: make(chan struct{}), - flushTimeout: flushTimeout, - tcpTimeout: tcpTimeout, - skipVerify: skipVerify, - tcpWriteBufSize: multipleTcpWriteBuf * tcpWriteBufSize, - } -} - -func (d *dio) dial() error { - var conn net.Conn - var err error - - if d.proto == "tls" { - config := &tls.Config{ - InsecureSkipVerify: d.skipVerify, - } - dialer := &net.Dialer{ - Timeout: d.tcpTimeout, - } - conn, err = tls.DialWithDialer(dialer, "tcp", d.endpoint, config) - if err != nil { - return err - } - } else { - conn, err = net.DialTimeout(d.proto, d.endpoint, d.tcpTimeout) - if err != nil { - return err - } - } - - if tcpConn, ok := conn.(*net.TCPConn); ok { - tcpConn.SetWriteBuffer(d.tcpWriteBufSize) - tcpConn.SetNoDelay(false) - } - - d.enc, err = newEncoder(conn, d.tcpTimeout) - return err -} - -// Connect connects to the dnstap endpoint. -func (d *dio) connect() error { - err := d.dial() - go d.serve() - return err -} - -// Dnstap enqueues the payload for log. -func (d *dio) Dnstap(payload *tap.Dnstap) { - select { - case d.queue <- payload: - default: - atomic.AddUint32(&d.dropped, 1) - } -} - -// close waits until the I/O routine is finished to return. -func (d *dio) close() { close(d.quit) } - -func (d *dio) write(payload *tap.Dnstap) error { - if d.enc == nil { - atomic.AddUint32(&d.dropped, 1) - return nil - } - if err := d.enc.writeMsg(payload); err != nil { - atomic.AddUint32(&d.dropped, 1) - return err - } - return nil -} - -func (d *dio) serve() { - timeout := time.NewTimer(d.flushTimeout) - defer timeout.Stop() - for { - timeout.Reset(d.flushTimeout) - select { - case <-d.quit: - if d.enc == nil { - return - } - d.enc.flush() - d.enc.close() - return - case payload := <-d.queue: - if err := d.write(payload); err != nil { - d.dial() - } - case <-timeout.C: - if dropped := atomic.SwapUint32(&d.dropped, 0); dropped > 0 { - log.Warningf("Dropped dnstap messages: %d", dropped) - } - if d.enc == nil { - d.dial() - } else { - d.enc.flush() - } - } - } -} diff --git a/vendor/github.com/coredns/coredns/plugin/dnstap/msg/msg.go b/vendor/github.com/coredns/coredns/plugin/dnstap/msg/msg.go deleted file mode 100644 index f9d84c45..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnstap/msg/msg.go +++ /dev/null @@ -1,97 +0,0 @@ -package msg - -import ( - "fmt" - "net" - "time" - - tap "github.com/dnstap/golang-dnstap" -) - -var ( - protoUDP = tap.SocketProtocol_UDP - protoTCP = tap.SocketProtocol_TCP - familyINET = tap.SocketFamily_INET - familyINET6 = tap.SocketFamily_INET6 -) - -// SetQueryAddress adds the query address to the message. This also sets the SocketFamily and SocketProtocol. -func SetQueryAddress(t *tap.Message, addr net.Addr) error { - t.SocketFamily = &familyINET - switch a := addr.(type) { - case *net.TCPAddr: - t.SocketProtocol = &protoTCP - t.QueryAddress = a.IP - - p := uint32(a.Port) - t.QueryPort = &p - - if a.IP.To4() == nil { - t.SocketFamily = &familyINET6 - } - return nil - case *net.UDPAddr: - t.SocketProtocol = &protoUDP - t.QueryAddress = a.IP - - p := uint32(a.Port) - t.QueryPort = &p - - if a.IP.To4() == nil { - t.SocketFamily = &familyINET6 - } - return nil - default: - return fmt.Errorf("unknown address type: %T", a) - } -} - -// SetResponseAddress the response address to the message. This also sets the SocketFamily and SocketProtocol. -func SetResponseAddress(t *tap.Message, addr net.Addr) error { - t.SocketFamily = &familyINET - switch a := addr.(type) { - case *net.TCPAddr: - t.SocketProtocol = &protoTCP - t.ResponseAddress = a.IP - - p := uint32(a.Port) - t.ResponsePort = &p - - if a.IP.To4() == nil { - t.SocketFamily = &familyINET6 - } - return nil - case *net.UDPAddr: - t.SocketProtocol = &protoUDP - t.ResponseAddress = a.IP - - p := uint32(a.Port) - t.ResponsePort = &p - - if a.IP.To4() == nil { - t.SocketFamily = &familyINET6 - } - return nil - default: - return fmt.Errorf("unknown address type: %T", a) - } -} - -// SetQueryTime sets the time of the query in t. -func SetQueryTime(t *tap.Message, ti time.Time) { - qts := uint64(ti.Unix()) - qtn := uint32(ti.Nanosecond()) - t.QueryTimeSec = &qts - t.QueryTimeNsec = &qtn -} - -// SetResponseTime sets the time of the response in t. -func SetResponseTime(t *tap.Message, ti time.Time) { - rts := uint64(ti.Unix()) - rtn := uint32(ti.Nanosecond()) - t.ResponseTimeSec = &rts - t.ResponseTimeNsec = &rtn -} - -// SetType sets the type in t. -func SetType(t *tap.Message, typ tap.Message_Type) { t.Type = &typ } diff --git a/vendor/github.com/coredns/coredns/plugin/dnstap/setup.go b/vendor/github.com/coredns/coredns/plugin/dnstap/setup.go deleted file mode 100644 index 5e6b31d3..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnstap/setup.go +++ /dev/null @@ -1,152 +0,0 @@ -package dnstap - -import ( - "net/url" - "os" - "strconv" - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/pkg/replacer" -) - -var log = clog.NewWithPlugin("dnstap") - -func init() { plugin.Register("dnstap", setup) } - -func parseConfig(c *caddy.Controller) ([]*Dnstap, error) { - dnstaps := []*Dnstap{} - - for c.Next() { // directive name - d := Dnstap{ - MultipleTcpWriteBuf: 1, - MultipleQueue: 1, - } - endpoint := "" - d.repl = replacer.New() - - args := c.RemainingArgs() - - if len(args) == 0 { - return nil, c.ArgErr() - } - - endpoint = args[0] - - if len(args) >= 3 { - d.MultipleTcpWriteBuf, _ = strconv.Atoi(args[2]) - } - - if len(args) >= 4 { - d.MultipleQueue, _ = strconv.Atoi(args[3]) - } - - var dio *dio - if strings.HasPrefix(endpoint, "tls://") { - // remote network endpoint - endpointURL, err := url.Parse(endpoint) - if err != nil { - return nil, c.ArgErr() - } - dio = newIO("tls", endpointURL.Host, d.MultipleQueue, d.MultipleTcpWriteBuf) - d.io = dio - } else if strings.HasPrefix(endpoint, "tcp://") { - // remote network endpoint - endpointURL, err := url.Parse(endpoint) - if err != nil { - return nil, c.ArgErr() - } - dio = newIO("tcp", endpointURL.Host, d.MultipleQueue, d.MultipleTcpWriteBuf) - d.io = dio - } else { - endpoint = strings.TrimPrefix(endpoint, "unix://") - dio = newIO("unix", endpoint, d.MultipleQueue, d.MultipleTcpWriteBuf) - d.io = dio - } - - d.IncludeRawMessage = len(args) >= 2 && args[1] == "full" - - hostname, _ := os.Hostname() - d.Identity = []byte(hostname) - d.Version = []byte(caddy.AppName + "-" + caddy.AppVersion) - - for c.NextBlock() { - switch c.Val() { - case "skipverify": - { - dio.skipVerify = true - } - case "identity": - { - if !c.NextArg() { - return nil, c.ArgErr() - } - d.Identity = []byte(c.Val()) - } - case "version": - { - if !c.NextArg() { - return nil, c.ArgErr() - } - d.Version = []byte(c.Val()) - } - case "extra": - { - if !c.NextArg() { - return nil, c.ArgErr() - } - d.ExtraFormat = c.Val() - } - } - } - dnstaps = append(dnstaps, &d) - } - return dnstaps, nil -} - -func setup(c *caddy.Controller) error { - dnstaps, err := parseConfig(c) - if err != nil { - return plugin.Error("dnstap", err) - } - - for i := range dnstaps { - dnstap := dnstaps[i] - c.OnStartup(func() error { - if err := dnstap.io.(*dio).connect(); err != nil { - log.Errorf("No connection to dnstap endpoint: %s", err) - } - return nil - }) - - c.OnRestart(func() error { - dnstap.io.(*dio).close() - return nil - }) - - c.OnFinalShutdown(func() error { - dnstap.io.(*dio).close() - return nil - }) - - if i == len(dnstaps)-1 { - // last dnstap plugin in block: point next to next plugin - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - dnstap.Next = next - return dnstap - }) - } else { - // not last dnstap plugin in block: point next to next dnstap - nextDnstap := dnstaps[i+1] - dnsserver.GetConfig(c).AddPlugin(func(plugin.Handler) plugin.Handler { - dnstap.Next = nextDnstap - return dnstap - }) - } - } - - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/dnstap/writer.go b/vendor/github.com/coredns/coredns/plugin/dnstap/writer.go deleted file mode 100644 index 9ef6e620..00000000 --- a/vendor/github.com/coredns/coredns/plugin/dnstap/writer.go +++ /dev/null @@ -1,44 +0,0 @@ -package dnstap - -import ( - "context" - "time" - - "github.com/coredns/coredns/plugin/dnstap/msg" - "github.com/coredns/coredns/request" - - tap "github.com/dnstap/golang-dnstap" - "github.com/miekg/dns" -) - -// ResponseWriter captures the client response and logs the query to dnstap. -type ResponseWriter struct { - queryTime time.Time - query *dns.Msg - ctx context.Context - dns.ResponseWriter - *Dnstap -} - -// WriteMsg writes back the response to the client and THEN works on logging the request and response to dnstap. -func (w *ResponseWriter) WriteMsg(resp *dns.Msg) error { - err := w.ResponseWriter.WriteMsg(resp) - if err != nil { - return err - } - - r := new(tap.Message) - msg.SetQueryTime(r, w.queryTime) - msg.SetResponseTime(r, time.Now()) - msg.SetQueryAddress(r, w.RemoteAddr()) - - if w.IncludeRawMessage { - buf, _ := resp.Pack() - r.ResponseMessage = buf - } - - msg.SetType(r, tap.Message_CLIENT_RESPONSE) - state := request.Request{W: w.ResponseWriter, Req: w.query} - w.TapMessageWithMetadata(w.ctx, r, state) - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/done.go b/vendor/github.com/coredns/coredns/plugin/done.go deleted file mode 100644 index c6ff8633..00000000 --- a/vendor/github.com/coredns/coredns/plugin/done.go +++ /dev/null @@ -1,13 +0,0 @@ -package plugin - -import "context" - -// Done is a non-blocking function that returns true if the context has been canceled. -func Done(ctx context.Context) bool { - select { - case <-ctx.Done(): - return true - default: - return false - } -} diff --git a/vendor/github.com/coredns/coredns/plugin/erratic/README.md b/vendor/github.com/coredns/coredns/plugin/erratic/README.md deleted file mode 100644 index 5e2b06bc..00000000 --- a/vendor/github.com/coredns/coredns/plugin/erratic/README.md +++ /dev/null @@ -1,89 +0,0 @@ -# erratic - -## Name - -*erratic* - a plugin useful for testing client behavior. - -## Description - -*erratic* returns a static response to all queries, but the responses can be delayed, -dropped or truncated. The *erratic* plugin will respond to every A or AAAA query. For -any other type it will return a SERVFAIL response (except AXFR). The reply for A will return -192.0.2.53 ([RFC 5737](https://tools.ietf.org/html/rfc5737)), for AAAA it returns 2001:DB8::53 ([RFC -3849](https://tools.ietf.org/html/rfc3849)). For an AXFR request it will respond with a small -zone transfer. - -## Syntax - -~~~ txt -erratic { - drop [AMOUNT] - truncate [AMOUNT] - delay [AMOUNT [DURATION]] -} -~~~ - -* `drop`: drop 1 per **AMOUNT** of queries, the default is 2. -* `truncate`: truncate 1 per **AMOUNT** of queries, the default is 2. -* `delay`: delay 1 per **AMOUNT** of queries for **DURATION**, the default for **AMOUNT** is 2 and - the default for **DURATION** is 100ms. - -In case of a zone transfer and truncate the final SOA record *isn't* added to the response. - -## Ready - -This plugin reports readiness to the ready plugin. - -## Examples - -~~~ corefile -example.org { - erratic { - drop 3 - } -} -~~~ - -Or even shorter if the defaults suit you. Note this only drops queries, it does not delay them. - -~~~ corefile -example.org { - erratic -} -~~~ - -Delay 1 in 3 queries for 50ms - -~~~ corefile -example.org { - erratic { - delay 3 50ms - } -} -~~~ - -Delay 1 in 3 and truncate 1 in 5. - -~~~ corefile -example.org { - erratic { - delay 3 5ms - truncate 5 - } -} -~~~ - -Drop every second query. - -~~~ corefile -example.org { - erratic { - drop 2 - truncate 2 - } -} -~~~ - -## See Also - -[RFC 3849](https://tools.ietf.org/html/rfc3849) and [RFC 5737](https://tools.ietf.org/html/rfc5737). diff --git a/vendor/github.com/coredns/coredns/plugin/erratic/autopath.go b/vendor/github.com/coredns/coredns/plugin/erratic/autopath.go deleted file mode 100644 index 0e29fffe..00000000 --- a/vendor/github.com/coredns/coredns/plugin/erratic/autopath.go +++ /dev/null @@ -1,8 +0,0 @@ -package erratic - -import "github.com/coredns/coredns/request" - -// AutoPath implements the AutoPathFunc call from the autopath plugin. -func (e *Erratic) AutoPath(state request.Request) []string { - return []string{"a.example.org.", "b.example.org.", ""} -} diff --git a/vendor/github.com/coredns/coredns/plugin/erratic/erratic.go b/vendor/github.com/coredns/coredns/plugin/erratic/erratic.go deleted file mode 100644 index da7f68a6..00000000 --- a/vendor/github.com/coredns/coredns/plugin/erratic/erratic.go +++ /dev/null @@ -1,109 +0,0 @@ -// Package erratic implements a plugin that returns erratic answers (delayed, dropped). -package erratic - -import ( - "context" - "sync/atomic" - "time" - - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Erratic is a plugin that returns erratic responses to each client. -type Erratic struct { - q uint64 // counter of queries - drop uint64 - delay uint64 - truncate uint64 - - duration time.Duration - large bool // undocumented feature; return large responses for A request (>512B, to test compression). -} - -// ServeDNS implements the plugin.Handler interface. -func (e *Erratic) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - drop := false - delay := false - trunc := false - - queryNr := atomic.LoadUint64(&e.q) - atomic.AddUint64(&e.q, 1) - - if e.drop > 0 && queryNr%e.drop == 0 { - drop = true - } - if e.delay > 0 && queryNr%e.delay == 0 { - delay = true - } - if e.truncate > 0 && queryNr&e.truncate == 0 { - trunc = true - } - - m := new(dns.Msg) - m.SetReply(r) - m.Authoritative = true - if trunc { - m.Truncated = true - } - - // small dance to copy rrA or rrAAAA into a non-pointer var that allows us to overwrite the ownername - // in a non-racy way. - switch state.QType() { - case dns.TypeA: - rr := *(rrA.(*dns.A)) - rr.Header().Name = state.QName() - m.Answer = append(m.Answer, &rr) - if e.large { - for i := 0; i < 29; i++ { - m.Answer = append(m.Answer, &rr) - } - } - case dns.TypeAAAA: - rr := *(rrAAAA.(*dns.AAAA)) - rr.Header().Name = state.QName() - m.Answer = append(m.Answer, &rr) - case dns.TypeAXFR: - if drop { - return 0, nil - } - if delay { - time.Sleep(e.duration) - } - - xfr(state, trunc) - return 0, nil - - default: - if drop { - return 0, nil - } - if delay { - time.Sleep(e.duration) - } - // coredns will return error. - return dns.RcodeServerFailure, nil - } - - if drop { - return 0, nil - } - - if delay { - time.Sleep(e.duration) - } - - w.WriteMsg(m) - - return 0, nil -} - -// Name implements the Handler interface. -func (e *Erratic) Name() string { return "erratic" } - -var ( - rrA, _ = dns.NewRR(". IN 0 A 192.0.2.53") - rrAAAA, _ = dns.NewRR(". IN 0 AAAA 2001:DB8::53") -) diff --git a/vendor/github.com/coredns/coredns/plugin/erratic/ready.go b/vendor/github.com/coredns/coredns/plugin/erratic/ready.go deleted file mode 100644 index d5f18a6d..00000000 --- a/vendor/github.com/coredns/coredns/plugin/erratic/ready.go +++ /dev/null @@ -1,13 +0,0 @@ -package erratic - -import "sync/atomic" - -// Ready returns true if the number of received queries is in the range [3, 5). All other values return false. -// To aid in testing we want to this flip between ready and not ready. -func (e *Erratic) Ready() bool { - q := atomic.LoadUint64(&e.q) - if q >= 3 && q < 5 { - return true - } - return false -} diff --git a/vendor/github.com/coredns/coredns/plugin/erratic/setup.go b/vendor/github.com/coredns/coredns/plugin/erratic/setup.go deleted file mode 100644 index 524473c4..00000000 --- a/vendor/github.com/coredns/coredns/plugin/erratic/setup.go +++ /dev/null @@ -1,113 +0,0 @@ -package erratic - -import ( - "fmt" - "strconv" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("erratic", setup) } - -func setup(c *caddy.Controller) error { - e, err := parseErratic(c) - if err != nil { - return plugin.Error("erratic", err) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - return e - }) - - return nil -} - -func parseErratic(c *caddy.Controller) (*Erratic, error) { - e := &Erratic{drop: 2} - drop := false // true if we've seen the drop keyword - - for c.Next() { // 'erratic' - for c.NextBlock() { - switch c.Val() { - case "drop": - args := c.RemainingArgs() - if len(args) > 1 { - return nil, c.ArgErr() - } - - if len(args) == 0 { - continue - } - - amount, err := strconv.ParseInt(args[0], 10, 32) - if err != nil { - return nil, err - } - if amount < 0 { - return nil, fmt.Errorf("illegal amount value given %q", args[0]) - } - e.drop = uint64(amount) - drop = true - case "delay": - args := c.RemainingArgs() - if len(args) > 2 { - return nil, c.ArgErr() - } - - // Defaults. - e.delay = 2 - e.duration = 100 * time.Millisecond - if len(args) == 0 { - continue - } - - amount, err := strconv.ParseInt(args[0], 10, 32) - if err != nil { - return nil, err - } - if amount < 0 { - return nil, fmt.Errorf("illegal amount value given %q", args[0]) - } - e.delay = uint64(amount) - - if len(args) > 1 { - duration, err := time.ParseDuration(args[1]) - if err != nil { - return nil, err - } - e.duration = duration - } - case "truncate": - args := c.RemainingArgs() - if len(args) > 1 { - return nil, c.ArgErr() - } - - if len(args) == 0 { - continue - } - - amount, err := strconv.ParseInt(args[0], 10, 32) - if err != nil { - return nil, err - } - if amount < 0 { - return nil, fmt.Errorf("illegal amount value given %q", args[0]) - } - e.truncate = uint64(amount) - case "large": - e.large = true - default: - return nil, c.Errf("unknown property '%s'", c.Val()) - } - } - } - if (e.delay > 0 || e.truncate > 0) && !drop { // delay is set, but we've haven't seen a drop keyword, remove default drop stuff - e.drop = 0 - } - - return e, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/erratic/xfr.go b/vendor/github.com/coredns/coredns/plugin/erratic/xfr.go deleted file mode 100644 index e1ec77ee..00000000 --- a/vendor/github.com/coredns/coredns/plugin/erratic/xfr.go +++ /dev/null @@ -1,57 +0,0 @@ -package erratic - -import ( - "strings" - "sync" - - "github.com/coredns/coredns/plugin/test" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// allRecords returns a small zone file. The first RR must be a SOA. -func allRecords(name string) []dns.RR { - var rrs = []dns.RR{ - test.SOA("xx. 0 IN SOA sns.dns.icann.org. noc.dns.icann.org. 2018050825 7200 3600 1209600 3600"), - test.NS("xx. 0 IN NS b.xx."), - test.NS("xx. 0 IN NS a.xx."), - test.AAAA("a.xx. 0 IN AAAA 2001:bd8::53"), - test.AAAA("b.xx. 0 IN AAAA 2001:500::54"), - } - - for _, r := range rrs { - r.Header().Name = strings.Replace(r.Header().Name, "xx.", name, 1) - - if n, ok := r.(*dns.NS); ok { - n.Ns = strings.Replace(n.Ns, "xx.", name, 1) - } - } - return rrs -} - -func xfr(state request.Request, truncate bool) { - rrs := allRecords(state.QName()) - - ch := make(chan *dns.Envelope) - tr := new(dns.Transfer) - - go func() { - // So the rrs we have don't have a closing SOA, only add that when truncate is false, - // so we send an incomplete AXFR. - if !truncate { - rrs = append(rrs, rrs[0]) - } - - ch <- &dns.Envelope{RR: rrs} - close(ch) - }() - - wg := new(sync.WaitGroup) - wg.Add(1) - go func() { - tr.Out(state.W, state.Req, ch) - wg.Done() - }() - wg.Wait() -} diff --git a/vendor/github.com/coredns/coredns/plugin/errors/README.md b/vendor/github.com/coredns/coredns/plugin/errors/README.md deleted file mode 100644 index 27ba1058..00000000 --- a/vendor/github.com/coredns/coredns/plugin/errors/README.md +++ /dev/null @@ -1,65 +0,0 @@ -# errors - -## Name - -*errors* - enables error logging. - -## Description - -Any errors encountered during the query processing will be printed to standard output. The errors of particular type can be consolidated and printed once per some period of time. - -This plugin can only be used once per Server Block. - -## Syntax - -The basic syntax is: - -~~~ -errors -~~~ - -Extra knobs are available with an expanded syntax: - -~~~ -errors { - stacktrace - consolidate DURATION REGEXP [LEVEL] -} -~~~ - -Option `stacktrace` will log a stacktrace during panic recovery. - -Option `consolidate` allows collecting several error messages matching the regular expression **REGEXP** during **DURATION**. After the **DURATION** since receiving the first such message, the consolidated message will be printed to standard output with -log level, which is configurable by optional option **LEVEL**. Supported options for **LEVEL** option are `warning`,`error`,`info` and `debug`. -~~~ -2 errors like '^read udp .* i/o timeout$' occurred in last 30s -~~~ - -Multiple `consolidate` options with different **DURATION** and **REGEXP** are allowed. In case if some error message corresponds to several defined regular expressions the message will be associated with the first appropriate **REGEXP**. - -For better performance, it's recommended to use the `^` or `$` metacharacters in regular expression when filtering error messages by prefix or suffix, e.g. `^failed to .*`, or `.* timeout$`. - -## Examples - -Use the *whoami* to respond to queries in the example.org domain and Log errors to standard output. - -~~~ corefile -example.org { - whoami - errors -} -~~~ - -Use the *forward* plugin to resolve queries via 8.8.8.8 and print consolidated messages -for errors with suffix " i/o timeout" as warnings, -and errors with prefix "Failed to " as errors. - -~~~ corefile -. { - forward . 8.8.8.8 - errors { - consolidate 5m ".* i/o timeout$" warning - consolidate 30s "^Failed to .+" - } -} -~~~ diff --git a/vendor/github.com/coredns/coredns/plugin/errors/errors.go b/vendor/github.com/coredns/coredns/plugin/errors/errors.go deleted file mode 100644 index c045f699..00000000 --- a/vendor/github.com/coredns/coredns/plugin/errors/errors.go +++ /dev/null @@ -1,104 +0,0 @@ -// Package errors implements an error handling plugin. -package errors - -import ( - "context" - "regexp" - "sync/atomic" - "time" - "unsafe" - - "github.com/coredns/coredns/plugin" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -var log = clog.NewWithPlugin("errors") - -type pattern struct { - ptimer unsafe.Pointer - count uint32 - period time.Duration - pattern *regexp.Regexp - logCallback func(format string, v ...interface{}) -} - -func (p *pattern) timer() *time.Timer { - return (*time.Timer)(atomic.LoadPointer(&p.ptimer)) -} - -func (p *pattern) setTimer(t *time.Timer) { - atomic.StorePointer(&p.ptimer, unsafe.Pointer(t)) -} - -// errorHandler handles DNS errors (and errors from other plugin). -type errorHandler struct { - patterns []*pattern - stopFlag uint32 - Next plugin.Handler -} - -func newErrorHandler() *errorHandler { - return &errorHandler{} -} - -func (h *errorHandler) logPattern(i int) { - cnt := atomic.SwapUint32(&h.patterns[i].count, 0) - if cnt > 0 { - h.patterns[i].logCallback("%d errors like '%s' occurred in last %s", - cnt, h.patterns[i].pattern.String(), h.patterns[i].period) - } -} - -func (h *errorHandler) inc(i int) bool { - if atomic.LoadUint32(&h.stopFlag) > 0 { - return false - } - if atomic.AddUint32(&h.patterns[i].count, 1) == 1 { - ind := i - t := time.AfterFunc(h.patterns[ind].period, func() { - h.logPattern(ind) - }) - h.patterns[ind].setTimer(t) - if atomic.LoadUint32(&h.stopFlag) > 0 && t.Stop() { - h.logPattern(ind) - } - } - return true -} - -func (h *errorHandler) stop() { - atomic.StoreUint32(&h.stopFlag, 1) - for i := range h.patterns { - t := h.patterns[i].timer() - if t != nil && t.Stop() { - h.logPattern(i) - } - } -} - -// ServeDNS implements the plugin.Handler interface. -func (h *errorHandler) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - rcode, err := plugin.NextOrFailure(h.Name(), h.Next, ctx, w, r) - - if err != nil { - strErr := err.Error() - for i := range h.patterns { - if h.patterns[i].pattern.MatchString(strErr) { - if h.inc(i) { - return rcode, err - } - break - } - } - state := request.Request{W: w, Req: r} - log.Errorf("%d %s %s: %s", rcode, state.Name(), state.Type(), strErr) - } - - return rcode, err -} - -// Name implements the plugin.Handler interface. -func (h *errorHandler) Name() string { return "errors" } diff --git a/vendor/github.com/coredns/coredns/plugin/errors/setup.go b/vendor/github.com/coredns/coredns/plugin/errors/setup.go deleted file mode 100644 index c040e102..00000000 --- a/vendor/github.com/coredns/coredns/plugin/errors/setup.go +++ /dev/null @@ -1,109 +0,0 @@ -package errors - -import ( - "regexp" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("errors", setup) } - -func setup(c *caddy.Controller) error { - handler, err := errorsParse(c) - if err != nil { - return plugin.Error("errors", err) - } - - c.OnShutdown(func() error { - handler.stop() - return nil - }) - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - handler.Next = next - return handler - }) - - return nil -} - -func errorsParse(c *caddy.Controller) (*errorHandler, error) { - handler := newErrorHandler() - - i := 0 - for c.Next() { - if i > 0 { - return nil, plugin.ErrOnce - } - i++ - - args := c.RemainingArgs() - switch len(args) { - case 0: - case 1: - if args[0] != "stdout" { - return nil, c.Errf("invalid log file: %s", args[0]) - } - default: - return nil, c.ArgErr() - } - - for c.NextBlock() { - switch c.Val() { - case "stacktrace": - dnsserver.GetConfig(c).Stacktrace = true - case "consolidate": - pattern, err := parseConsolidate(c) - if err != nil { - return nil, err - } - handler.patterns = append(handler.patterns, pattern) - default: - return handler, c.SyntaxErr("Unknown field " + c.Val()) - } - } - } - return handler, nil -} - -func parseConsolidate(c *caddy.Controller) (*pattern, error) { - args := c.RemainingArgs() - if len(args) < 2 || len(args) > 3 { - return nil, c.ArgErr() - } - p, err := time.ParseDuration(args[0]) - if err != nil { - return nil, c.Err(err.Error()) - } - re, err := regexp.Compile(args[1]) - if err != nil { - return nil, c.Err(err.Error()) - } - lc, err := parseLogLevel(c, args) - if err != nil { - return nil, err - } - return &pattern{period: p, pattern: re, logCallback: lc}, nil -} - -func parseLogLevel(c *caddy.Controller, args []string) (func(format string, v ...interface{}), error) { - if len(args) != 3 { - return log.Errorf, nil - } - - switch args[2] { - case "warning": - return log.Warningf, nil - case "error": - return log.Errorf, nil - case "info": - return log.Infof, nil - case "debug": - return log.Debugf, nil - default: - return nil, c.Errf("unknown log level argument in consolidate: %s", args[2]) - } -} diff --git a/vendor/github.com/coredns/coredns/plugin/etcd/README.md b/vendor/github.com/coredns/coredns/plugin/etcd/README.md deleted file mode 100644 index 0c7f1ea3..00000000 --- a/vendor/github.com/coredns/coredns/plugin/etcd/README.md +++ /dev/null @@ -1,236 +0,0 @@ -# etcd - -## Name - -*etcd* - enables SkyDNS service discovery from etcd. - -## Description - -The *etcd* plugin implements the (older) SkyDNS service discovery service. It is *not* suitable as -a generic DNS zone data plugin. Only a subset of DNS record types are implemented, and subdomains -and delegations are not handled at all. The plugin will also recursively descend the tree and return -all records found, see "Special Behavior" below for details. - -The data in the etcd instance has to be encoded as -a [message](https://github.com/skynetservices/skydns/blob/2fcff74cdc9f9a7dd64189a447ef27ac354b725f/msg/service.go#L26) -like [SkyDNS](https://github.com/skynetservices/skydns). It works just like SkyDNS. - -The *etcd* plugin makes extensive use of the *forward* plugin to forward and query other servers in the -network - if that plugin has been enabled as well. - -## Syntax - -~~~ -etcd [ZONES...] -~~~ - -* **ZONES** zones *etcd* should be authoritative for. - -The path will default to `/skydns` the local etcd3 proxy (http://localhost:2379). If no zones are -specified the block's zone will be used as the zone. - - -~~~ -etcd [ZONES...] { - fallthrough [ZONES...] - path PATH - endpoint ENDPOINT... - credentials USERNAME PASSWORD - tls CERT KEY CACERT -} -~~~ - -* `fallthrough` If zone matches but no record can be generated, pass request to the next plugin. - If **[ZONES...]** is omitted, then fallthrough happens for all zones for which the plugin - is authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then only - queries for those zones will be subject to fallthrough. -* **PATH** the path inside etcd. Defaults to "/skydns". -* **ENDPOINT** the etcd endpoints. Defaults to "http://localhost:2379". -* `credentials` is used to set the **USERNAME** and **PASSWORD** for accessing the etcd cluster. -* `tls` followed by: - - * no arguments, if the server certificate is signed by a system-installed CA and no client cert is needed - * a single argument that is the CA PEM file, if the server cert is not signed by a system CA and no client cert is needed - * two arguments - path to cert PEM file, the path to private key PEM file - if the server certificate is signed by a system-installed CA and a client certificate is needed - * three arguments - path to cert PEM file, path to client private key PEM file, path to CA PEM - file - if the server certificate is not signed by a system-installed CA and client certificate - is needed. - -## Special Behaviour - -The *etcd* plugin leverages directory structure to look for related entries. For example -an entry `/skydns/test/skydns/mx` would have entries like `/skydns/test/skydns/mx/a`, -`/skydns/test/skydns/mx/b` and so on. Similarly a directory `/skydns/test/skydns/mx1` will have all -`mx1` entries. Note this plugin will search through the entire (sub)tree for records. In case of the -first example, a query for `mx.skydns.test` will return both the contents of the `a` and `b` records. -If the directory extends deeper those records are returned as well. - -With etcd3, support for [hierarchical keys are -dropped](https://coreos.com/etcd/docs/latest/learning/api.html). This means there are no directories -but only flat keys with prefixes in etcd3. To accommodate lookups, the *etcd* plugin now does a lookup -on prefix `/skydns/test/skydns/mx/` to search for entries like `/skydns/test/skydns/mx/a` etc, and -if there is nothing found on `/skydns/test/skydns/mx/`, it looks for `/skydns/test/skydns/mx` to -find entries like `/skydns/test/skydns/mx1`. - -This causes two lookups from CoreDNS to etcd in certain cases. - -## Examples - -This is the default SkyDNS setup, with everything specified in full: - -~~~ corefile -skydns.local { - etcd { - path /skydns - endpoint http://localhost:2379 - } - prometheus - cache - loadbalance -} - -. { - forward . 8.8.8.8:53 8.8.4.4:53 - cache -} -~~~ - -Or a setup where we use `/etc/resolv.conf` as the basis for the proxy and the upstream -when resolving external pointing CNAMEs. - -~~~ corefile -skydns.local { - etcd { - path /skydns - } - cache -} - -. { - forward . /etc/resolv.conf - cache -} -~~~ - -Multiple endpoints are supported as well. - -~~~ -etcd skydns.local { - endpoint http://localhost:2379 http://localhost:4001 -... -~~~ -Before getting started with these examples, please setup `etcdctl` (with `etcdv3` API) as explained -[here](https://coreos.com/etcd/docs/latest/dev-guide/interacting_v3.html). This will help you to put -sample keys in your etcd server. - -If you prefer, you can use `curl` to populate the `etcd` server, but with `curl` the -endpoint URL depends on the version of `etcd`. For instance, `etcd v3.2` or before uses only -[CLIENT-URL]/v3alpha/* while `etcd v3.5` or later uses [CLIENT-URL]/v3/* . Also, Key and Value must -be base64 encoded in the JSON payload. With `etcdctl` these details are automatically taken care -of. You can check [this document](https://github.com/coreos/etcd/blob/master/Documentation/dev-guide/api_grpc_gateway.md#notes) -for details. - -### Reverse zones - -Reverse zones are supported. You need to make CoreDNS aware of the fact that you are also -authoritative for the reverse. For instance if you want to add the reverse for 10.0.0.0/24, you'll -need to add the zone `0.0.10.in-addr.arpa` to the list of zones. Showing a snippet of a Corefile: - -~~~ -etcd skydns.local 10.0.0.0/24 { -... -~~~ - -Next you'll need to populate the zone with reverse records, here we add a reverse for -10.0.0.127 pointing to reverse.skydns.local. - -~~~ -% etcdctl put /skydns/arpa/in-addr/10/0/0/127 '{"host":"reverse.skydns.local."}' -~~~ - -Querying with dig: - -~~~ sh -% dig @localhost -x 10.0.0.127 +short -reverse.skydns.local. -~~~ - -### Zone name as A record - -The zone name itself can be used as an `A` record. This behavior can be achieved by writing special -entries to the ETCD path of your zone. If your zone is named `skydns.local` for example, you can -create an `A` record for this zone as follows: - -~~~ -% etcdctl put /skydns/local/skydns/ '{"host":"1.1.1.1","ttl":60}' -~~~ - -If you query the zone name itself, you will receive the created `A` record: - -~~~ sh -% dig +short skydns.local @localhost -1.1.1.1 -~~~ - -If you would like to use DNS RR for the zone name, you can set the following: -~~~ -% etcdctl put /skydns/local/skydns/x1 '{"host":"1.1.1.1","ttl":60}' -% etcdctl put /skydns/local/skydns/x2 '{"host":"1.1.1.2","ttl":60}' -~~~ - -If you query the zone name now, you will get the following response: - -~~~ sh -% dig +short skydns.local @localhost -1.1.1.1 -1.1.1.2 -~~~ - -### Zone name as AAAA record - -If you would like to use `AAAA` records for the zone name too, you can set the following: -~~~ -% etcdctl put /skydns/local/skydns/x3 '{"host":"2003::8:1","ttl":60}' -% etcdctl put /skydns/local/skydns/x4 '{"host":"2003::8:2","ttl":60}' -~~~ - -If you query the zone name for `AAAA` now, you will get the following response: -~~~ sh -% dig +short skydns.local AAAA @localhost -2003::8:1 -2003::8:2 -~~~ - -### SRV record - -If you would like to use `SRV` records, you can set the following: -~~~ -% etcdctl put /skydns/local/skydns/x5 '{"host":"skydns-local.server","ttl":60,"priority":10,"port":8080}' -~~~ -Please notice that the key `host` is the `target` in `SRV`, so it should be a domain name. - -If you query the zone name for `SRV` now, you will get the following response: - -~~~ sh -% dig +short skydns.local SRV @localhost -10 100 8080 skydns-local.server. -~~~ - -### TXT record - -If you would like to use `TXT` records, you can set the following: -~~~ -% etcdctl put /skydns/local/skydns/x6 '{"ttl":60,"text":"this is a random text message."}' -% etcdctl put /skydns/local/skydns/x7 '{"ttl":60,"text":"this is a another random text message."}' -~~~ - -If you query the zone name for `TXT` now, you will get the following response: -~~~ sh -% dig +short skydns.local TXT @localhost -"this is a random text message." -"this is a another random text message." -~~~ - -## See Also - -If you want to `round robin` A and AAAA responses look at the *loadbalance* plugin. diff --git a/vendor/github.com/coredns/coredns/plugin/etcd/etcd.go b/vendor/github.com/coredns/coredns/plugin/etcd/etcd.go deleted file mode 100644 index a7867302..00000000 --- a/vendor/github.com/coredns/coredns/plugin/etcd/etcd.go +++ /dev/null @@ -1,193 +0,0 @@ -// Package etcd provides the etcd version 3 backend plugin. -package etcd - -import ( - "context" - "encoding/json" - "errors" - "fmt" - "strings" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/etcd/msg" - "github.com/coredns/coredns/plugin/pkg/fall" - "github.com/coredns/coredns/plugin/pkg/upstream" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" - "go.etcd.io/etcd/api/v3/mvccpb" - etcdcv3 "go.etcd.io/etcd/client/v3" -) - -const ( - priority = 10 // default priority when nothing is set - ttl = 300 // default ttl when nothing is set - etcdTimeout = 5 * time.Second -) - -var errKeyNotFound = errors.New("key not found") - -// Etcd is a plugin talks to an etcd cluster. -type Etcd struct { - Next plugin.Handler - Fall fall.F - Zones []string - PathPrefix string - Upstream *upstream.Upstream - Client *etcdcv3.Client - - endpoints []string // Stored here as well, to aid in testing. -} - -// Services implements the ServiceBackend interface. -func (e *Etcd) Services(ctx context.Context, state request.Request, exact bool, opt plugin.Options) (services []msg.Service, err error) { - services, err = e.Records(ctx, state, exact) - if err != nil { - return - } - - services = msg.Group(services) - return -} - -// Reverse implements the ServiceBackend interface. -func (e *Etcd) Reverse(ctx context.Context, state request.Request, exact bool, opt plugin.Options) (services []msg.Service, err error) { - return e.Services(ctx, state, exact, opt) -} - -// Lookup implements the ServiceBackend interface. -func (e *Etcd) Lookup(ctx context.Context, state request.Request, name string, typ uint16) (*dns.Msg, error) { - return e.Upstream.Lookup(ctx, state, name, typ) -} - -// IsNameError implements the ServiceBackend interface. -func (e *Etcd) IsNameError(err error) bool { - return err == errKeyNotFound -} - -// Records looks up records in etcd. If exact is true, it will lookup just this -// name. This is used when find matches when completing SRV lookups for instance. -func (e *Etcd) Records(ctx context.Context, state request.Request, exact bool) ([]msg.Service, error) { - name := state.Name() - - path, star := msg.PathWithWildcard(name, e.PathPrefix) - r, err := e.get(ctx, path, !exact) - if err != nil { - return nil, err - } - segments := strings.Split(msg.Path(name, e.PathPrefix), "/") - return e.loopNodes(r.Kvs, segments, star, state.QType()) -} - -func (e *Etcd) get(ctx context.Context, path string, recursive bool) (*etcdcv3.GetResponse, error) { - ctx, cancel := context.WithTimeout(ctx, etcdTimeout) - defer cancel() - if recursive { - if !strings.HasSuffix(path, "/") { - path = path + "/" - } - r, err := e.Client.Get(ctx, path, etcdcv3.WithPrefix()) - if err != nil { - return nil, err - } - if r.Count == 0 { - path = strings.TrimSuffix(path, "/") - r, err = e.Client.Get(ctx, path) - if err != nil { - return nil, err - } - if r.Count == 0 { - return nil, errKeyNotFound - } - } - return r, nil - } - - r, err := e.Client.Get(ctx, path) - if err != nil { - return nil, err - } - if r.Count == 0 { - return nil, errKeyNotFound - } - return r, nil -} - -func (e *Etcd) loopNodes(kv []*mvccpb.KeyValue, nameParts []string, star bool, qType uint16) (sx []msg.Service, err error) { - bx := make(map[msg.Service]struct{}) -Nodes: - for _, n := range kv { - if star { - s := string(n.Key) - keyParts := strings.Split(s, "/") - for i, n := range nameParts { - if i > len(keyParts)-1 { - // name is longer than key - continue Nodes - } - if n == "*" || n == "any" { - continue - } - if keyParts[i] != n { - continue Nodes - } - } - } - serv := new(msg.Service) - if err := json.Unmarshal(n.Value, serv); err != nil { - return nil, fmt.Errorf("%s: %s", n.Key, err.Error()) - } - serv.Key = string(n.Key) - if _, ok := bx[*serv]; ok { - continue - } - bx[*serv] = struct{}{} - - serv.TTL = e.TTL(n, serv) - if serv.Priority == 0 { - serv.Priority = priority - } - - if shouldInclude(serv, qType) { - sx = append(sx, *serv) - } - } - return sx, nil -} - -// TTL returns the smaller of the etcd TTL and the service's -// TTL. If neither of these are set (have a zero value), a default is used. -func (e *Etcd) TTL(kv *mvccpb.KeyValue, serv *msg.Service) uint32 { - etcdTTL := uint32(kv.Lease) - - if etcdTTL == 0 && serv.TTL == 0 { - return ttl - } - if etcdTTL == 0 { - return serv.TTL - } - if serv.TTL == 0 { - return etcdTTL - } - if etcdTTL < serv.TTL { - return etcdTTL - } - return serv.TTL -} - -// shouldInclude returns true if the service should be included in a list of records, given the qType. For all the -// currently supported lookup types, the only one to allow for an empty Host field in the service are TXT records -// which resolve directly. If a TXT record is being resolved by CNAME, then we expect the Host field to have a -// value while the TXT field will be empty. -func shouldInclude(serv *msg.Service, qType uint16) bool { - return (qType == dns.TypeTXT && serv.Text != "") || serv.Host != "" -} - -// OnShutdown shuts down etcd client when caddy instance restart -func (e *Etcd) OnShutdown() error { - if e.Client != nil { - e.Client.Close() - } - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/etcd/handler.go b/vendor/github.com/coredns/coredns/plugin/etcd/handler.go deleted file mode 100644 index 72222dd2..00000000 --- a/vendor/github.com/coredns/coredns/plugin/etcd/handler.go +++ /dev/null @@ -1,82 +0,0 @@ -package etcd - -import ( - "context" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// ServeDNS implements the plugin.Handler interface. -func (e *Etcd) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - opt := plugin.Options{} - state := request.Request{W: w, Req: r} - - zone := plugin.Zones(e.Zones).Matches(state.Name()) - if zone == "" { - return plugin.NextOrFailure(e.Name(), e.Next, ctx, w, r) - } - - var ( - records, extra []dns.RR - truncated bool - err error - ) - - switch state.QType() { - case dns.TypeA: - records, truncated, err = plugin.A(ctx, e, zone, state, nil, opt) - case dns.TypeAAAA: - records, truncated, err = plugin.AAAA(ctx, e, zone, state, nil, opt) - case dns.TypeTXT: - records, truncated, err = plugin.TXT(ctx, e, zone, state, nil, opt) - case dns.TypeCNAME: - records, err = plugin.CNAME(ctx, e, zone, state, opt) - case dns.TypePTR: - records, err = plugin.PTR(ctx, e, zone, state, opt) - case dns.TypeMX: - records, extra, err = plugin.MX(ctx, e, zone, state, opt) - case dns.TypeSRV: - records, extra, err = plugin.SRV(ctx, e, zone, state, opt) - case dns.TypeSOA: - records, err = plugin.SOA(ctx, e, zone, state, opt) - case dns.TypeNS: - if state.Name() == zone { - records, extra, err = plugin.NS(ctx, e, zone, state, opt) - break - } - fallthrough - default: - // Do a fake A lookup, so we can distinguish between NODATA and NXDOMAIN - _, _, err = plugin.A(ctx, e, zone, state, nil, opt) - } - if err != nil && e.IsNameError(err) { - if e.Fall.Through(state.Name()) { - return plugin.NextOrFailure(e.Name(), e.Next, ctx, w, r) - } - // Make err nil when returning here, so we don't log spam for NXDOMAIN. - return plugin.BackendError(ctx, e, zone, dns.RcodeNameError, state, nil /* err */, opt) - } - if err != nil { - return plugin.BackendError(ctx, e, zone, dns.RcodeServerFailure, state, err, opt) - } - - if len(records) == 0 { - return plugin.BackendError(ctx, e, zone, dns.RcodeSuccess, state, err, opt) - } - - m := new(dns.Msg) - m.SetReply(r) - m.Truncated = truncated - m.Authoritative = true - m.Answer = records - m.Extra = extra - - w.WriteMsg(m) - return dns.RcodeSuccess, nil -} - -// Name implements the Handler interface. -func (e *Etcd) Name() string { return "etcd" } diff --git a/vendor/github.com/coredns/coredns/plugin/etcd/msg/path.go b/vendor/github.com/coredns/coredns/plugin/etcd/msg/path.go deleted file mode 100644 index 2c6cbff0..00000000 --- a/vendor/github.com/coredns/coredns/plugin/etcd/msg/path.go +++ /dev/null @@ -1,51 +0,0 @@ -package msg - -import ( - "path" - "strings" - - "github.com/coredns/coredns/plugin/pkg/dnsutil" - - "github.com/miekg/dns" -) - -// Path converts a domainname to an etcd path. If s looks like service.staging.skydns.local., -// the resulting key will be /skydns/local/skydns/staging/service . -func Path(s, prefix string) string { - l := dns.SplitDomainName(s) - for i, j := 0, len(l)-1; i < j; i, j = i+1, j-1 { - l[i], l[j] = l[j], l[i] - } - return path.Join(append([]string{"/" + prefix + "/"}, l...)...) -} - -// Domain is the opposite of Path. -func Domain(s string) string { - l := strings.Split(s, "/") - if l[len(l)-1] == "" { - l = l[:len(l)-1] - } - // start with 1, to strip /skydns - for i, j := 1, len(l)-1; i < j; i, j = i+1, j-1 { - l[i], l[j] = l[j], l[i] - } - return dnsutil.Join(l[1 : len(l)-1]...) -} - -// PathWithWildcard acts as Path, but if a name contains wildcards (* or any), the name will be -// chopped of before the (first) wildcard, and we do a higher level search and -// later find the matching names. So service.*.skydns.local, will look for all -// services under skydns.local and will later check for names that match -// service.*.skydns.local. If a wildcard is found the returned bool is true. -func PathWithWildcard(s, prefix string) (string, bool) { - l := dns.SplitDomainName(s) - for i, j := 0, len(l)-1; i < j; i, j = i+1, j-1 { - l[i], l[j] = l[j], l[i] - } - for i, k := range l { - if k == "*" || k == "any" { - return path.Join(append([]string{"/" + prefix + "/"}, l[:i]...)...), true - } - } - return path.Join(append([]string{"/" + prefix + "/"}, l...)...), false -} diff --git a/vendor/github.com/coredns/coredns/plugin/etcd/msg/service.go b/vendor/github.com/coredns/coredns/plugin/etcd/msg/service.go deleted file mode 100644 index 759a8621..00000000 --- a/vendor/github.com/coredns/coredns/plugin/etcd/msg/service.go +++ /dev/null @@ -1,176 +0,0 @@ -// Package msg defines the Service structure which is used for service discovery. -package msg - -import ( - "net" - "strings" - - "github.com/miekg/dns" -) - -// Service defines a discoverable service in etcd. It is the rdata from a SRV -// record, but with a twist. Host (Target in SRV) must be a domain name, but -// if it looks like an IP address (4/6), we will treat it like an IP address. -type Service struct { - Host string `json:"host,omitempty"` - Port int `json:"port,omitempty"` - Priority int `json:"priority,omitempty"` - Weight int `json:"weight,omitempty"` - Text string `json:"text,omitempty"` - Mail bool `json:"mail,omitempty"` // Be an MX record. Priority becomes Preference. - TTL uint32 `json:"ttl,omitempty"` - - // When a SRV record with a "Host: IP-address" is added, we synthesize - // a srv.Target domain name. Normally we convert the full Key where - // the record lives to a DNS name and use this as the srv.Target. When - // TargetStrip > 0 we strip the left most TargetStrip labels from the - // DNS name. - TargetStrip int `json:"targetstrip,omitempty"` - - // Group is used to group (or *not* to group) different services - // together. Services with an identical Group are returned in the same - // answer. - Group string `json:"group,omitempty"` - - // Etcd key where we found this service and ignored from json un-/marshalling - Key string `json:"-"` -} - -// NewSRV returns a new SRV record based on the Service. -func (s *Service) NewSRV(name string, weight uint16) *dns.SRV { - host := dns.Fqdn(s.Host) - if s.TargetStrip > 0 { - host = targetStrip(host, s.TargetStrip) - } - - return &dns.SRV{Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypeSRV, Class: dns.ClassINET, Ttl: s.TTL}, - Priority: uint16(s.Priority), Weight: weight, Port: uint16(s.Port), Target: host} -} - -// NewMX returns a new MX record based on the Service. -func (s *Service) NewMX(name string) *dns.MX { - host := dns.Fqdn(s.Host) - if s.TargetStrip > 0 { - host = targetStrip(host, s.TargetStrip) - } - - return &dns.MX{Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypeMX, Class: dns.ClassINET, Ttl: s.TTL}, - Preference: uint16(s.Priority), Mx: host} -} - -// NewA returns a new A record based on the Service. -func (s *Service) NewA(name string, ip net.IP) *dns.A { - return &dns.A{Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: s.TTL}, A: ip} -} - -// NewAAAA returns a new AAAA record based on the Service. -func (s *Service) NewAAAA(name string, ip net.IP) *dns.AAAA { - return &dns.AAAA{Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: s.TTL}, AAAA: ip} -} - -// NewCNAME returns a new CNAME record based on the Service. -func (s *Service) NewCNAME(name string, target string) *dns.CNAME { - return &dns.CNAME{Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypeCNAME, Class: dns.ClassINET, Ttl: s.TTL}, Target: dns.Fqdn(target)} -} - -// NewTXT returns a new TXT record based on the Service. -func (s *Service) NewTXT(name string) *dns.TXT { - return &dns.TXT{Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypeTXT, Class: dns.ClassINET, Ttl: s.TTL}, Txt: split255(s.Text)} -} - -// NewPTR returns a new PTR record based on the Service. -func (s *Service) NewPTR(name string, target string) *dns.PTR { - return &dns.PTR{Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypePTR, Class: dns.ClassINET, Ttl: s.TTL}, Ptr: dns.Fqdn(target)} -} - -// NewNS returns a new NS record based on the Service. -func (s *Service) NewNS(name string) *dns.NS { - host := dns.Fqdn(s.Host) - if s.TargetStrip > 0 { - host = targetStrip(host, s.TargetStrip) - } - return &dns.NS{Hdr: dns.RR_Header{Name: name, Rrtype: dns.TypeNS, Class: dns.ClassINET, Ttl: s.TTL}, Ns: host} -} - -// Group checks the services in sx, it looks for a Group attribute on the shortest -// keys. If there are multiple shortest keys *and* the group attribute disagrees (and -// is not empty), we don't consider it a group. -// If a group is found, only services with *that* group (or no group) will be returned. -func Group(sx []Service) []Service { - if len(sx) == 0 { - return sx - } - - // Shortest key with group attribute sets the group for this set. - group := sx[0].Group - slashes := strings.Count(sx[0].Key, "/") - length := make([]int, len(sx)) - for i, s := range sx { - x := strings.Count(s.Key, "/") - length[i] = x - if x < slashes { - if s.Group == "" { - break - } - slashes = x - group = s.Group - } - } - - if group == "" { - return sx - } - - ret := []Service{} // with slice-tricks in sx we can prolly save this allocation (TODO) - - for i, s := range sx { - if s.Group == "" { - ret = append(ret, s) - continue - } - - // Disagreement on the same level - if length[i] == slashes && s.Group != group { - return sx - } - - if s.Group == group { - ret = append(ret, s) - } - } - return ret -} - -// Split255 splits a string into 255 byte chunks. -func split255(s string) []string { - if len(s) < 255 { - return []string{s} - } - sx := []string{} - p, i := 0, 255 - for { - if i <= len(s) { - sx = append(sx, s[p:i]) - } else { - sx = append(sx, s[p:]) - break - } - p, i = p+255, i+255 - } - - return sx -} - -// targetStrip strips "targetstrip" labels from the left side of the fully qualified name. -func targetStrip(name string, targetStrip int) string { - offset, end := 0, false - for i := 0; i < targetStrip; i++ { - offset, end = dns.NextLabel(name, offset) - } - if end { - // We overshot the name, use the original one. - offset = 0 - } - name = name[offset:] - return name -} diff --git a/vendor/github.com/coredns/coredns/plugin/etcd/msg/type.go b/vendor/github.com/coredns/coredns/plugin/etcd/msg/type.go deleted file mode 100644 index a300eac7..00000000 --- a/vendor/github.com/coredns/coredns/plugin/etcd/msg/type.go +++ /dev/null @@ -1,35 +0,0 @@ -package msg - -import ( - "net" - - "github.com/miekg/dns" -) - -// HostType returns the DNS type of what is encoded in the Service Host field. We're reusing -// dns.TypeXXX to not reinvent a new set of identifiers. -// -// dns.TypeA: the service's Host field contains an A record. -// dns.TypeAAAA: the service's Host field contains an AAAA record. -// dns.TypeCNAME: the service's Host field contains a name. -// -// Note that a service can double/triple as a TXT record or MX record. -func (s *Service) HostType() (what uint16, normalized net.IP) { - ip := net.ParseIP(s.Host) - - switch { - case ip == nil: - if len(s.Text) == 0 { - return dns.TypeCNAME, nil - } - return dns.TypeTXT, nil - - case ip.To4() != nil: - return dns.TypeA, ip.To4() - - case ip.To4() == nil: - return dns.TypeAAAA, ip.To16() - } - // This should never be reached. - return dns.TypeNone, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/etcd/setup.go b/vendor/github.com/coredns/coredns/plugin/etcd/setup.go deleted file mode 100644 index 68a1b7f4..00000000 --- a/vendor/github.com/coredns/coredns/plugin/etcd/setup.go +++ /dev/null @@ -1,126 +0,0 @@ -package etcd - -import ( - "crypto/tls" - "path/filepath" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - mwtls "github.com/coredns/coredns/plugin/pkg/tls" - "github.com/coredns/coredns/plugin/pkg/upstream" - - etcdcv3 "go.etcd.io/etcd/client/v3" -) - -func init() { plugin.Register("etcd", setup) } - -func setup(c *caddy.Controller) error { - e, err := etcdParse(c) - if err != nil { - return plugin.Error("etcd", err) - } - - c.OnShutdown(e.OnShutdown) - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - e.Next = next - return e - }) - - return nil -} - -func etcdParse(c *caddy.Controller) (*Etcd, error) { - config := dnsserver.GetConfig(c) - etc := Etcd{PathPrefix: "skydns"} - var ( - tlsConfig *tls.Config - err error - endpoints = []string{defaultEndpoint} - username string - password string - ) - - etc.Upstream = upstream.New() - - if c.Next() { - etc.Zones = plugin.OriginsFromArgsOrServerBlock(c.RemainingArgs(), c.ServerBlockKeys) - for c.NextBlock() { - switch c.Val() { - case "stubzones": - // ignored, remove later. - case "fallthrough": - etc.Fall.SetZonesFromArgs(c.RemainingArgs()) - case "debug": - /* it is a noop now */ - case "path": - if !c.NextArg() { - return &Etcd{}, c.ArgErr() - } - etc.PathPrefix = c.Val() - case "endpoint": - args := c.RemainingArgs() - if len(args) == 0 { - return &Etcd{}, c.ArgErr() - } - endpoints = args - case "upstream": - // remove soon - c.RemainingArgs() - case "tls": // cert key cacertfile - args := c.RemainingArgs() - for i := range args { - if !filepath.IsAbs(args[i]) && config.Root != "" { - args[i] = filepath.Join(config.Root, args[i]) - } - } - tlsConfig, err = mwtls.NewTLSConfigFromArgs(args...) - if err != nil { - return &Etcd{}, err - } - case "credentials": - args := c.RemainingArgs() - if len(args) == 0 { - return &Etcd{}, c.ArgErr() - } - if len(args) != 2 { - return &Etcd{}, c.Errf("credentials requires 2 arguments, username and password") - } - username, password = args[0], args[1] - default: - if c.Val() != "}" { - return &Etcd{}, c.Errf("unknown property '%s'", c.Val()) - } - } - } - client, err := newEtcdClient(endpoints, tlsConfig, username, password) - if err != nil { - return &Etcd{}, err - } - etc.Client = client - etc.endpoints = endpoints - - return &etc, nil - } - return &Etcd{}, nil -} - -func newEtcdClient(endpoints []string, cc *tls.Config, username, password string) (*etcdcv3.Client, error) { - etcdCfg := etcdcv3.Config{ - Endpoints: endpoints, - TLS: cc, - DialKeepAliveTime: etcdTimeout, - } - if username != "" && password != "" { - etcdCfg.Username = username - etcdCfg.Password = password - } - cli, err := etcdcv3.New(etcdCfg) - if err != nil { - return nil, err - } - return cli, nil -} - -const defaultEndpoint = "http://localhost:2379" diff --git a/vendor/github.com/coredns/coredns/plugin/etcd/xfr.go b/vendor/github.com/coredns/coredns/plugin/etcd/xfr.go deleted file mode 100644 index 87a4d783..00000000 --- a/vendor/github.com/coredns/coredns/plugin/etcd/xfr.go +++ /dev/null @@ -1,17 +0,0 @@ -package etcd - -import ( - "time" - - "github.com/coredns/coredns/request" -) - -// Serial returns the serial number to use. -func (e *Etcd) Serial(state request.Request) uint32 { - return uint32(time.Now().Unix()) -} - -// MinTTL returns the minimal TTL. -func (e *Etcd) MinTTL(state request.Request) uint32 { - return 30 -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/README.md b/vendor/github.com/coredns/coredns/plugin/file/README.md deleted file mode 100644 index d1bd4253..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/README.md +++ /dev/null @@ -1,112 +0,0 @@ -# file - -## Name - -*file* - enables serving zone data from an RFC 1035-style master file. - -## Description - -The *file* plugin is used for an "old-style" DNS server. It serves from a preloaded file that exists -on disk contained RFC 1035 styled data. If the zone file contains signatures (i.e., is signed using -DNSSEC), correct DNSSEC answers are returned. Only NSEC is supported! If you use this setup *you* -are responsible for re-signing the zonefile. - -## Syntax - -~~~ -file DBFILE [ZONES...] -~~~ - -* **DBFILE** the database file to read and parse. If the path is relative, the path from the *root* - plugin will be prepended to it. -* **ZONES** zones it should be authoritative for. If empty, the zones from the configuration block - are used. - -If you want to round-robin A and AAAA responses look at the *loadbalance* plugin. - -~~~ -file DBFILE [ZONES... ] { - reload DURATION -} -~~~ - -* `reload` interval to perform a reload of the zone if the SOA version changes. Default is one minute. - Value of `0` means to not scan for changes and reload. For example, `30s` checks the zonefile every 30 seconds - and reloads the zone when serial changes. - -If you need outgoing zone transfers, take a look at the *transfer* plugin. - -## Examples - -Load the `example.org` zone from `db.example.org` and allow transfers to the internet, but send -notifies to 10.240.1.1 - -~~~ corefile -example.org { - file db.example.org - transfer { - to * 10.240.1.1 - } -} -~~~ - -Where `db.example.org` would contain RRSets () in the -(text) presentation format from RFC 1035: - -~~~ -$ORIGIN example.org. -@ 3600 IN SOA sns.dns.icann.org. noc.dns.icann.org. 2017042745 7200 3600 1209600 3600 - 3600 IN NS a.iana-servers.net. - 3600 IN NS b.iana-servers.net. - -www IN A 127.0.0.1 - IN AAAA ::1 -~~~ - - -Or use a single zone file for multiple zones: - -~~~ corefile -. { - file example.org.signed example.org example.net - transfer example.org example.net { - to * 10.240.1.1 - } -} -~~~ - -Note that if you have a configuration like the following you may run into a problem of the origin -not being correctly recognized: - -~~~ corefile -. { - file db.example.org -} -~~~ - -We omit the origin for the file `db.example.org`, so this references the zone in the server block, -which, in this case, is the root zone. Any contents of `db.example.org` will then read with that -origin set; this may or may not do what you want. -It's better to be explicit here and specify the correct origin. This can be done in two ways: - -~~~ corefile -. { - file db.example.org example.org -} -~~~ - -Or - -~~~ corefile -example.org { - file db.example.org -} -~~~ - -## See Also - -See the *loadbalance* plugin if you need simple record shuffling. And the *transfer* plugin for zone -transfers. Lastly the *root* plugin can help you specify the location of the zone files. - -See [RFC 1035](https://www.rfc-editor.org/rfc/rfc1035.txt) for more info on how to structure zone -files. diff --git a/vendor/github.com/coredns/coredns/plugin/file/closest.go b/vendor/github.com/coredns/coredns/plugin/file/closest.go deleted file mode 100644 index 5059194e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/closest.go +++ /dev/null @@ -1,23 +0,0 @@ -package file - -import ( - "github.com/coredns/coredns/plugin/file/tree" - - "github.com/miekg/dns" -) - -// ClosestEncloser returns the closest encloser for qname. -func (z *Zone) ClosestEncloser(qname string) (*tree.Elem, bool) { - offset, end := dns.NextLabel(qname, 0) - for !end { - elem, _ := z.Tree.Search(qname) - if elem != nil { - return elem, true - } - qname = qname[offset:] - - offset, end = dns.NextLabel(qname, offset) - } - - return z.Tree.Search(z.origin) -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/dname.go b/vendor/github.com/coredns/coredns/plugin/file/dname.go deleted file mode 100644 index 58351a35..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/dname.go +++ /dev/null @@ -1,44 +0,0 @@ -package file - -import ( - "github.com/coredns/coredns/plugin/pkg/dnsutil" - - "github.com/miekg/dns" -) - -// substituteDNAME performs the DNAME substitution defined by RFC 6672, -// assuming the QTYPE of the query is not DNAME. It returns an empty -// string if there is no match. -func substituteDNAME(qname, owner, target string) string { - if dns.IsSubDomain(owner, qname) && qname != owner { - labels := dns.SplitDomainName(qname) - labels = append(labels[0:len(labels)-dns.CountLabel(owner)], dns.SplitDomainName(target)...) - - return dnsutil.Join(labels...) - } - - return "" -} - -// synthesizeCNAME returns a CNAME RR pointing to the resulting name of -// the DNAME substitution. The owner name of the CNAME is the QNAME of -// the query and the TTL is the same as the corresponding DNAME RR. -// -// It returns nil if the DNAME substitution has no match. -func synthesizeCNAME(qname string, d *dns.DNAME) *dns.CNAME { - target := substituteDNAME(qname, d.Header().Name, d.Target) - if target == "" { - return nil - } - - r := new(dns.CNAME) - r.Hdr = dns.RR_Header{ - Name: qname, - Rrtype: dns.TypeCNAME, - Class: dns.ClassINET, - Ttl: d.Header().Ttl, - } - r.Target = target - - return r -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/example_org.go b/vendor/github.com/coredns/coredns/plugin/file/example_org.go deleted file mode 100644 index eba18e0e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/example_org.go +++ /dev/null @@ -1,113 +0,0 @@ -package file - -// exampleOrgSigned is a fake signed example.org zone with two delegations, -// one signed (with DSs) and one "normal". -const exampleOrgSigned = ` -example.org. 1800 IN SOA a.iana-servers.net. devnull.example.org. ( - 1282630057 ; serial - 14400 ; refresh (4 hours) - 3600 ; retry (1 hour) - 604800 ; expire (1 week) - 14400 ; minimum (4 hours) - ) - 1800 RRSIG SOA 13 2 1800 ( - 20161129153240 20161030153240 49035 example.org. - GVnMpFmN+6PDdgCtlYDEYBsnBNDgYmEJNvos - Bk9+PNTPNWNst+BXCpDadTeqRwrr1RHEAQ7j - YWzNwqn81pN+IA== ) - 1800 NS a.iana-servers.net. - 1800 NS b.iana-servers.net. - 1800 RRSIG NS 13 2 1800 ( - 20161129153240 20161030153240 49035 example.org. - llrHoIuwjnbo28LOt4p5zWAs98XGqrXicKVI - Qxyaf/ORM8boJvW2XrKr3nj6Y8FKMhzd287D - 5PBzVCL6MZyjQg== ) - 14400 NSEC a.example.org. NS SOA RRSIG NSEC DNSKEY - 14400 RRSIG NSEC 13 2 14400 ( - 20161129153240 20161030153240 49035 example.org. - BQROf1swrmYi3GqpP5M/h5vTB8jmJ/RFnlaX - 7fjxvV7aMvXCsr3ekWeB2S7L6wWFihDYcKJg - 9BxVPqxzBKeaqg== ) - 1800 DNSKEY 256 3 13 ( - UNTqlHbC51EbXuY0rshW19Iz8SkCuGVS+L0e - bQj53dvtNlaKfWmtTauC797FoyVLbQwoMy/P - G68SXgLCx8g+9g== - ) ; ZSK; alg = ECDSAP256SHA256; key id = 49035 - 1800 RRSIG DNSKEY 13 2 1800 ( - 20161129153240 20161030153240 49035 example.org. - LnLHyqYJaCMOt7EHB4GZxzAzWLwEGCTFiEhC - jj1X1VuQSjJcN42Zd3yF+jihSW6huknrig0Z - Mqv0FM6mJ/qPKg== ) -a.delegated.example.org. 1800 IN A 139.162.196.78 - 1800 TXT "obscured" - 1800 AAAA 2a01:7e00::f03c:91ff:fef1:6735 -archive.example.org. 1800 IN CNAME a.example.org. - 1800 RRSIG CNAME 13 3 1800 ( - 20161129153240 20161030153240 49035 example.org. - SDFW1z/PN9knzH8BwBvmWK0qdIwMVtGrMgRw - 7lgy4utRrdrRdCSLZy3xpkmkh1wehuGc4R0S - 05Z3DPhB0Fg5BA== ) - 14400 NSEC delegated.example.org. CNAME RRSIG NSEC - 14400 RRSIG NSEC 13 3 14400 ( - 20161129153240 20161030153240 49035 example.org. - DQqLSVNl8F6v1K09wRU6/M6hbHy2VUddnOwn - JusJjMlrAOmoOctCZ/N/BwqCXXBA+d9yFGdH - knYumXp+BVPBAQ== ) -www.example.org. 1800 IN CNAME a.example.org. - 1800 RRSIG CNAME 13 3 1800 ( - 20161129153240 20161030153240 49035 example.org. - adzujOxCV0uBV4OayPGfR11iWBLiiSAnZB1R - slmhBFaDKOKSNYijGtiVPeaF+EuZs63pzd4y - 6Nm2Iq9cQhAwAA== ) - 14400 NSEC example.org. CNAME RRSIG NSEC - 14400 RRSIG NSEC 13 3 14400 ( - 20161129153240 20161030153240 49035 example.org. - jy3f96GZGBaRuQQjuqsoP1YN8ObZF37o+WkV - PL7TruzI7iNl0AjrUDy9FplP8Mqk/HWyvlPe - N3cU+W8NYlfDDQ== ) -a.example.org. 1800 IN A 139.162.196.78 - 1800 RRSIG A 13 3 1800 ( - 20161129153240 20161030153240 49035 example.org. - 41jFz0Dr8tZBN4Kv25S5dD4vTmviFiLx7xSA - qMIuLFm0qibKL07perKpxqgLqM0H1wreT4xz - I9Y4Dgp1nsOuMA== ) - 1800 AAAA 2a01:7e00::f03c:91ff:fef1:6735 - 1800 RRSIG AAAA 13 3 1800 ( - 20161129153240 20161030153240 49035 example.org. - brHizDxYCxCHrSKIu+J+XQbodRcb7KNRdN4q - VOWw8wHqeBsFNRzvFF6jwPQYphGP7kZh1KAb - VuY5ZVVhM2kHjw== ) - 14400 NSEC archive.example.org. A AAAA RRSIG NSEC - 14400 RRSIG NSEC 13 3 14400 ( - 20161129153240 20161030153240 49035 example.org. - zIenVlg5ScLr157EWigrTGUgrv7W/1s49Fic - i2k+OVjZfT50zw+q5X6DPKkzfAiUhIuqs53r - hZUzZwV/1Wew9Q== ) -delegated.example.org. 1800 IN NS a.delegated.example.org. - 1800 IN NS ns-ext.nlnetlabs.nl. - 1800 DS 10056 5 1 ( - EE72CABD1927759CDDA92A10DBF431504B9E - 1F13 ) - 1800 DS 10056 5 2 ( - E4B05F87725FA86D9A64F1E53C3D0E625094 - 6599DFE639C45955B0ED416CDDFA ) - 1800 RRSIG DS 13 3 1800 ( - 20161129153240 20161030153240 49035 example.org. - rlNNzcUmtbjLSl02ZzQGUbWX75yCUx0Mug1j - HtKVqRq1hpPE2S3863tIWSlz+W9wz4o19OI4 - jbznKKqk+DGKog== ) - 14400 NSEC sub.example.org. NS DS RRSIG NSEC - 14400 RRSIG NSEC 13 3 14400 ( - 20161129153240 20161030153240 49035 example.org. - lNQ5kRTB26yvZU5bFn84LYFCjwWTmBcRCDbD - cqWZvCSw4LFOcqbz1/wJKIRjIXIqnWIrfIHe - fZ9QD5xZsrPgUQ== ) -sub.example.org. 1800 IN NS sub1.example.net. - 1800 IN NS sub2.example.net. - 14400 NSEC www.example.org. NS RRSIG NSEC - 14400 RRSIG NSEC 13 3 14400 ( - 20161129153240 20161030153240 49035 example.org. - VYjahdV+TTkA3RBdnUI0hwXDm6U5k/weeZZr - ix1znORpOELbeLBMJW56cnaG+LGwOQfw9qqj - bOuULDst84s4+g== ) -` diff --git a/vendor/github.com/coredns/coredns/plugin/file/file.go b/vendor/github.com/coredns/coredns/plugin/file/file.go deleted file mode 100644 index 468b80a9..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/file.go +++ /dev/null @@ -1,167 +0,0 @@ -// Package file implements a file backend. -package file - -import ( - "context" - "fmt" - "io" - - "github.com/coredns/coredns/plugin" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/transfer" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -var log = clog.NewWithPlugin("file") - -type ( - // File is the plugin that reads zone data from disk. - File struct { - Next plugin.Handler - Zones - transfer *transfer.Transfer - } - - // Zones maps zone names to a *Zone. - Zones struct { - Z map[string]*Zone // A map mapping zone (origin) to the Zone's data - Names []string // All the keys from the map Z as a string slice. - } -) - -// ServeDNS implements the plugin.Handle interface. -func (f File) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - - qname := state.Name() - // TODO(miek): match the qname better in the map - zone := plugin.Zones(f.Zones.Names).Matches(qname) - if zone == "" { - return plugin.NextOrFailure(f.Name(), f.Next, ctx, w, r) - } - - z, ok := f.Zones.Z[zone] - if !ok || z == nil { - return dns.RcodeServerFailure, nil - } - - // If transfer is not loaded, we'll see these, answer with refused (no transfer allowed). - if state.QType() == dns.TypeAXFR || state.QType() == dns.TypeIXFR { - return dns.RcodeRefused, nil - } - - // This is only for when we are a secondary zones. - if r.Opcode == dns.OpcodeNotify { - if z.isNotify(state) { - m := new(dns.Msg) - m.SetReply(r) - m.Authoritative = true - w.WriteMsg(m) - - log.Infof("Notify from %s for %s: checking transfer", state.IP(), zone) - ok, err := z.shouldTransfer() - if ok { - z.TransferIn() - } else { - log.Infof("Notify from %s for %s: no SOA serial increase seen", state.IP(), zone) - } - if err != nil { - log.Warningf("Notify from %s for %s: failed primary check: %s", state.IP(), zone, err) - } - return dns.RcodeSuccess, nil - } - log.Infof("Dropping notify from %s for %s", state.IP(), zone) - return dns.RcodeSuccess, nil - } - - z.RLock() - exp := z.Expired - z.RUnlock() - if exp { - log.Errorf("Zone %s is expired", zone) - return dns.RcodeServerFailure, nil - } - - answer, ns, extra, result := z.Lookup(ctx, state, qname) - - m := new(dns.Msg) - m.SetReply(r) - m.Authoritative = true - m.Answer, m.Ns, m.Extra = answer, ns, extra - - switch result { - case Success: - case NoData: - case NameError: - m.Rcode = dns.RcodeNameError - case Delegation: - m.Authoritative = false - case ServerFailure: - // If the result is SERVFAIL and the answer is non-empty, then the SERVFAIL came from an - // external CNAME lookup and the answer contains the CNAME with no target record. We should - // write the CNAME record to the client instead of sending an empty SERVFAIL response. - if len(m.Answer) == 0 { - return dns.RcodeServerFailure, nil - } - // The rcode in the response should be the rcode received from the target lookup. RFC 6604 section 3 - m.Rcode = dns.RcodeServerFailure - } - - w.WriteMsg(m) - return dns.RcodeSuccess, nil -} - -// Name implements the Handler interface. -func (f File) Name() string { return "file" } - -type serialErr struct { - err string - zone string - origin string - serial int64 -} - -func (s *serialErr) Error() string { - return fmt.Sprintf("%s for origin %s in file %s, with %d SOA serial", s.err, s.origin, s.zone, s.serial) -} - -// Parse parses the zone in filename and returns a new Zone or an error. -// If serial >= 0 it will reload the zone, if the SOA hasn't changed -// it returns an error indicating nothing was read. -func Parse(f io.Reader, origin, fileName string, serial int64) (*Zone, error) { - zp := dns.NewZoneParser(f, dns.Fqdn(origin), fileName) - zp.SetIncludeAllowed(true) - z := NewZone(origin, fileName) - seenSOA := false - for rr, ok := zp.Next(); ok; rr, ok = zp.Next() { - if !seenSOA { - if s, ok := rr.(*dns.SOA); ok { - seenSOA = true - - // -1 is valid serial is we failed to load the file on startup. - - if serial >= 0 && s.Serial == uint32(serial) { // same serial - return nil, &serialErr{err: "no change in SOA serial", origin: origin, zone: fileName, serial: serial} - } - } - } - - if err := z.Insert(rr); err != nil { - return nil, err - } - } - if !seenSOA { - return nil, fmt.Errorf("file %q has no SOA record for origin %s", fileName, origin) - } - if zp.Err() != nil { - return nil, fmt.Errorf("failed to parse file %q for origin %s with error %v", fileName, origin, zp.Err()) - } - - if err := zp.Err(); err != nil { - return nil, err - } - - return z, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/fuzz.go b/vendor/github.com/coredns/coredns/plugin/file/fuzz.go deleted file mode 100644 index 9c59ab8d..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/fuzz.go +++ /dev/null @@ -1,50 +0,0 @@ -//go:build gofuzz - -package file - -import ( - "strings" - - "github.com/coredns/coredns/plugin/pkg/fuzz" - "github.com/coredns/coredns/plugin/test" -) - -// Fuzz fuzzes file. -func Fuzz(data []byte) int { - name := "miek.nl." - zone, _ := Parse(strings.NewReader(fuzzMiekNL), name, "stdin", 0) - f := File{Next: test.ErrorHandler(), Zones: Zones{Z: map[string]*Zone{name: zone}, Names: []string{name}}} - - return fuzz.Do(f, data) -} - -const fuzzMiekNL = ` -$TTL 30M -$ORIGIN miek.nl. -@ IN SOA linode.atoom.net. miek.miek.nl. ( - 1282630057 ; Serial - 4H ; Refresh - 1H ; Retry - 7D ; Expire - 4H ) ; Negative Cache TTL - IN NS linode.atoom.net. - IN NS ns-ext.nlnetlabs.nl. - IN NS omval.tednet.nl. - IN NS ext.ns.whyscream.net. - - IN MX 1 aspmx.l.google.com. - IN MX 5 alt1.aspmx.l.google.com. - IN MX 5 alt2.aspmx.l.google.com. - IN MX 10 aspmx2.googlemail.com. - IN MX 10 aspmx3.googlemail.com. - - IN A 139.162.196.78 - IN AAAA 2a01:7e00::f03c:91ff:fef1:6735 - -a IN A 139.162.196.78 - IN AAAA 2a01:7e00::f03c:91ff:fef1:6735 -www IN CNAME a -archive IN CNAME a - -srv IN SRV 10 10 8080 a.miek.nl. -mx IN MX 10 a.miek.nl.` diff --git a/vendor/github.com/coredns/coredns/plugin/file/lookup.go b/vendor/github.com/coredns/coredns/plugin/file/lookup.go deleted file mode 100644 index 3f692993..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/lookup.go +++ /dev/null @@ -1,435 +0,0 @@ -package file - -import ( - "context" - - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin/file/rrutil" - "github.com/coredns/coredns/plugin/file/tree" - "github.com/coredns/coredns/plugin/metadata" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Result is the result of a Lookup -type Result int - -const ( - // Success is a successful lookup. - Success Result = iota - // NameError indicates a nameerror - NameError - // Delegation indicates the lookup resulted in a delegation. - Delegation - // NoData indicates the lookup resulted in a NODATA. - NoData - // ServerFailure indicates a server failure during the lookup. - ServerFailure -) - -// Lookup looks up qname and qtype in the zone. When do is true DNSSEC records are included. -// Three sets of records are returned, one for the answer, one for authority and one for the additional section. -func (z *Zone) Lookup(ctx context.Context, state request.Request, qname string) ([]dns.RR, []dns.RR, []dns.RR, Result) { - qtype := state.QType() - do := state.Do() - - // If z is a secondary zone we might not have transferred it, meaning we have - // all zone context setup, except the actual record. This means (for one thing) the apex - // is empty and we don't have a SOA record. - z.RLock() - ap := z.Apex - tr := z.Tree - z.RUnlock() - if ap.SOA == nil { - return nil, nil, nil, ServerFailure - } - - if qname == z.origin { - switch qtype { - case dns.TypeSOA: - return ap.soa(do), ap.ns(do), nil, Success - case dns.TypeNS: - nsrrs := ap.ns(do) - glue := tr.Glue(nsrrs, do) // technically this isn't glue - return nsrrs, nil, glue, Success - } - } - - var ( - found, shot bool - parts string - i int - elem, wildElem *tree.Elem - ) - - loop, _ := ctx.Value(dnsserver.LoopKey{}).(int) - if loop > 8 { - // We're back here for the 9th time; we have a loop and need to bail out. - // Note the answer we're returning will be incomplete (more cnames to be followed) or - // illegal (wildcard cname with multiple identical records). For now it's more important - // to protect ourselves then to give the client a valid answer. We return with an error - // to let the server handle what to do. - return nil, nil, nil, ServerFailure - } - - // Lookup: - // * Per label from the right, look if it exists. We do this to find potential - // delegation records. - // * If the per-label search finds nothing, we will look for the wildcard at the - // level. If found we keep it around. If we don't find the complete name we will - // use the wildcard. - // - // Main for-loop handles delegation and finding or not finding the qname. - // If found we check if it is a CNAME/DNAME and do CNAME processing - // We also check if we have type and do a nodata response. - // - // If not found, we check the potential wildcard, and use that for further processing. - // If not found and no wildcard we will process this as an NXDOMAIN response. - for { - parts, shot = z.nameFromRight(qname, i) - // We overshot the name, break and check if we previously found something. - if shot { - break - } - - elem, found = tr.Search(parts) - if !found { - // Apex will always be found, when we are here we can search for a wildcard - // and save the result of that search. So when nothing match, but we have a - // wildcard we should expand the wildcard. - - wildcard := replaceWithAsteriskLabel(parts) - if wild, found := tr.Search(wildcard); found { - wildElem = wild - } - - // Keep on searching, because maybe we hit an empty-non-terminal (which aren't - // stored in the tree. Only when we have match the full qname (and possible wildcard - // we can be confident that we didn't find anything. - i++ - continue - } - - // If we see DNAME records, we should return those. - if dnamerrs := elem.Type(dns.TypeDNAME); dnamerrs != nil { - // Only one DNAME is allowed per name. We just pick the first one to synthesize from. - dname := dnamerrs[0] - if cname := synthesizeCNAME(state.Name(), dname.(*dns.DNAME)); cname != nil { - var ( - answer, ns, extra []dns.RR - rcode Result - ) - - // We don't need to chase CNAME chain for synthesized CNAME - if qtype == dns.TypeCNAME { - answer = []dns.RR{cname} - ns = ap.ns(do) - extra = nil - rcode = Success - } else { - ctx = context.WithValue(ctx, dnsserver.LoopKey{}, loop+1) - answer, ns, extra, rcode = z.externalLookup(ctx, state, elem, []dns.RR{cname}) - } - - if do { - sigs := elem.Type(dns.TypeRRSIG) - sigs = rrutil.SubTypeSignature(sigs, dns.TypeDNAME) - dnamerrs = append(dnamerrs, sigs...) - } - - // The relevant DNAME RR should be included in the answer section, - // if the DNAME is being employed as a substitution instruction. - answer = append(dnamerrs, answer...) - - return answer, ns, extra, rcode - } - // The domain name that owns a DNAME record is allowed to have other RR types - // at that domain name, except those have restrictions on what they can coexist - // with (e.g. another DNAME). So there is nothing special left here. - } - - // If we see NS records, it means the name as been delegated, and we should return the delegation. - if nsrrs := elem.Type(dns.TypeNS); nsrrs != nil { - // If the query is specifically for DS and the qname matches the delegated name, we should - // return the DS in the answer section and leave the rest empty, i.e. just continue the loop - // and continue searching. - if qtype == dns.TypeDS && elem.Name() == qname { - i++ - continue - } - - glue := tr.Glue(nsrrs, do) - if do { - dss := typeFromElem(elem, dns.TypeDS, do) - nsrrs = append(nsrrs, dss...) - } - - return nil, nsrrs, glue, Delegation - } - - i++ - } - - // What does found and !shot mean - do we ever hit it? - if found && !shot { - return nil, nil, nil, ServerFailure - } - - // Found entire name. - if found && shot { - if rrs := elem.Type(dns.TypeCNAME); len(rrs) > 0 && qtype != dns.TypeCNAME { - ctx = context.WithValue(ctx, dnsserver.LoopKey{}, loop+1) - return z.externalLookup(ctx, state, elem, rrs) - } - - rrs := elem.Type(qtype) - - // NODATA - if len(rrs) == 0 { - ret := ap.soa(do) - if do { - nsec := typeFromElem(elem, dns.TypeNSEC, do) - ret = append(ret, nsec...) - } - return nil, ret, nil, NoData - } - - // Additional section processing for MX, SRV. Check response and see if any of the names are in bailiwick - - // if so add IP addresses to the additional section. - additional := z.additionalProcessing(rrs, do) - - if do { - sigs := elem.Type(dns.TypeRRSIG) - sigs = rrutil.SubTypeSignature(sigs, qtype) - rrs = append(rrs, sigs...) - } - - return rrs, ap.ns(do), additional, Success - } - - // Haven't found the original name. - - // Found wildcard. - if wildElem != nil { - // set metadata value for the wildcard record that synthesized the result - metadata.SetValueFunc(ctx, "zone/wildcard", func() string { - return wildElem.Name() - }) - - if rrs := wildElem.TypeForWildcard(dns.TypeCNAME, qname); len(rrs) > 0 && qtype != dns.TypeCNAME { - ctx = context.WithValue(ctx, dnsserver.LoopKey{}, loop+1) - return z.externalLookup(ctx, state, wildElem, rrs) - } - - rrs := wildElem.TypeForWildcard(qtype, qname) - - // NODATA response. - if len(rrs) == 0 { - ret := ap.soa(do) - if do { - nsec := typeFromElem(wildElem, dns.TypeNSEC, do) - ret = append(ret, nsec...) - } - return nil, ret, nil, NoData - } - - auth := ap.ns(do) - if do { - // An NSEC is needed to say no longer name exists under this wildcard. - if deny, found := tr.Prev(qname); found { - nsec := typeFromElem(deny, dns.TypeNSEC, do) - auth = append(auth, nsec...) - } - - sigs := wildElem.TypeForWildcard(dns.TypeRRSIG, qname) - sigs = rrutil.SubTypeSignature(sigs, qtype) - rrs = append(rrs, sigs...) - } - return rrs, auth, nil, Success - } - - rcode := NameError - - // Hacky way to get around empty-non-terminals. If a longer name does exist, but this qname, does not, it - // must be an empty-non-terminal. If so, we do the proper NXDOMAIN handling, but set the rcode to be success. - if x, found := tr.Next(qname); found { - if dns.IsSubDomain(qname, x.Name()) { - rcode = Success - } - } - - ret := ap.soa(do) - if do { - deny, found := tr.Prev(qname) - if !found { - goto Out - } - nsec := typeFromElem(deny, dns.TypeNSEC, do) - ret = append(ret, nsec...) - - if rcode != NameError { - goto Out - } - - ce, found := z.ClosestEncloser(qname) - - // wildcard denial only for NXDOMAIN - if found { - // wildcard denial - wildcard := "*." + ce.Name() - if ss, found := tr.Prev(wildcard); found { - // Only add this nsec if it is different than the one already added - if ss.Name() != deny.Name() { - nsec := typeFromElem(ss, dns.TypeNSEC, do) - ret = append(ret, nsec...) - } - } - } - } -Out: - return nil, ret, nil, rcode -} - -// typeFromElem returns the type tp from e and adds signatures (if they exist) and do is true. -func typeFromElem(elem *tree.Elem, tp uint16, do bool) []dns.RR { - rrs := elem.Type(tp) - if do { - sigs := elem.Type(dns.TypeRRSIG) - sigs = rrutil.SubTypeSignature(sigs, tp) - rrs = append(rrs, sigs...) - } - return rrs -} - -func (a Apex) soa(do bool) []dns.RR { - if do { - ret := append([]dns.RR{a.SOA}, a.SIGSOA...) - return ret - } - return []dns.RR{a.SOA} -} - -func (a Apex) ns(do bool) []dns.RR { - if do { - ret := append(a.NS, a.SIGNS...) - return ret - } - return a.NS -} - -// externalLookup adds signatures and tries to resolve CNAMEs that point to external names. -func (z *Zone) externalLookup(ctx context.Context, state request.Request, elem *tree.Elem, rrs []dns.RR) ([]dns.RR, []dns.RR, []dns.RR, Result) { - qtype := state.QType() - do := state.Do() - - if do { - sigs := elem.Type(dns.TypeRRSIG) - sigs = rrutil.SubTypeSignature(sigs, dns.TypeCNAME) - rrs = append(rrs, sigs...) - } - - targetName := rrs[0].(*dns.CNAME).Target - elem, _ = z.Tree.Search(targetName) - if elem == nil { - lookupRRs, result := z.doLookup(ctx, state, targetName, qtype) - rrs = append(rrs, lookupRRs...) - return rrs, z.Apex.ns(do), nil, result - } - - i := 0 - -Redo: - cname := elem.Type(dns.TypeCNAME) - if len(cname) > 0 { - rrs = append(rrs, cname...) - - if do { - sigs := elem.Type(dns.TypeRRSIG) - sigs = rrutil.SubTypeSignature(sigs, dns.TypeCNAME) - rrs = append(rrs, sigs...) - } - targetName := cname[0].(*dns.CNAME).Target - elem, _ = z.Tree.Search(targetName) - if elem == nil { - lookupRRs, result := z.doLookup(ctx, state, targetName, qtype) - rrs = append(rrs, lookupRRs...) - return rrs, z.Apex.ns(do), nil, result - } - - i++ - if i > 8 { - return rrs, z.Apex.ns(do), nil, Success - } - - goto Redo - } - - targets := elem.Type(qtype) - if len(targets) > 0 { - rrs = append(rrs, targets...) - - if do { - sigs := elem.Type(dns.TypeRRSIG) - sigs = rrutil.SubTypeSignature(sigs, qtype) - rrs = append(rrs, sigs...) - } - } - - return rrs, z.Apex.ns(do), nil, Success -} - -func (z *Zone) doLookup(ctx context.Context, state request.Request, target string, qtype uint16) ([]dns.RR, Result) { - m, e := z.Upstream.Lookup(ctx, state, target, qtype) - if e != nil { - return nil, ServerFailure - } - if m == nil { - return nil, Success - } - if m.Rcode == dns.RcodeNameError { - return m.Answer, NameError - } - if m.Rcode == dns.RcodeServerFailure { - return m.Answer, ServerFailure - } - if m.Rcode == dns.RcodeSuccess && len(m.Answer) == 0 { - return m.Answer, NoData - } - return m.Answer, Success -} - -// additionalProcessing checks the current answer section and retrieves A or AAAA records -// (and possible SIGs) to need to be put in the additional section. -func (z *Zone) additionalProcessing(answer []dns.RR, do bool) (extra []dns.RR) { - for _, rr := range answer { - name := "" - switch x := rr.(type) { - case *dns.SRV: - name = x.Target - case *dns.MX: - name = x.Mx - } - if len(name) == 0 || !dns.IsSubDomain(z.origin, name) { - continue - } - - elem, _ := z.Tree.Search(name) - if elem == nil { - continue - } - - sigs := elem.Type(dns.TypeRRSIG) - for _, addr := range []uint16{dns.TypeA, dns.TypeAAAA} { - if a := elem.Type(addr); a != nil { - extra = append(extra, a...) - if do { - sig := rrutil.SubTypeSignature(sigs, addr) - extra = append(extra, sig...) - } - } - } - } - - return extra -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/notify.go b/vendor/github.com/coredns/coredns/plugin/file/notify.go deleted file mode 100644 index 7d4e35cc..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/notify.go +++ /dev/null @@ -1,33 +0,0 @@ -package file - -import ( - "net" - - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// isNotify checks if state is a notify message and if so, will *also* check if it -// is from one of the configured masters. If not it will not be a valid notify -// message. If the zone z is not a secondary zone the message will also be ignored. -func (z *Zone) isNotify(state request.Request) bool { - if state.Req.Opcode != dns.OpcodeNotify { - return false - } - if len(z.TransferFrom) == 0 { - return false - } - // If remote IP matches we accept. - remote := state.IP() - for _, f := range z.TransferFrom { - from, _, err := net.SplitHostPort(f) - if err != nil { - continue - } - if from == remote { - return true - } - } - return false -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/reload.go b/vendor/github.com/coredns/coredns/plugin/file/reload.go deleted file mode 100644 index cdb50f43..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/reload.go +++ /dev/null @@ -1,69 +0,0 @@ -package file - -import ( - "os" - "path/filepath" - "time" - - "github.com/coredns/coredns/plugin/transfer" -) - -// Reload reloads a zone when it is changed on disk. If z.ReloadInterval is zero, no reloading will be done. -func (z *Zone) Reload(t *transfer.Transfer) error { - if z.ReloadInterval == 0 { - return nil - } - tick := time.NewTicker(z.ReloadInterval) - - go func() { - for { - select { - case <-tick.C: - zFile := z.File() - reader, err := os.Open(filepath.Clean(zFile)) - if err != nil { - log.Errorf("Failed to open zone %q in %q: %v", z.origin, zFile, err) - continue - } - - serial := z.SOASerialIfDefined() - zone, err := Parse(reader, z.origin, zFile, serial) - reader.Close() - if err != nil { - if _, ok := err.(*serialErr); !ok { - log.Errorf("Parsing zone %q: %v", z.origin, err) - } - continue - } - - // copy elements we need - z.Lock() - z.Apex = zone.Apex - z.Tree = zone.Tree - z.Unlock() - - log.Infof("Successfully reloaded zone %q in %q with %d SOA serial", z.origin, zFile, z.Apex.SOA.Serial) - if t != nil { - if err := t.Notify(z.origin); err != nil { - log.Warningf("Failed sending notifies: %s", err) - } - } - - case <-z.reloadShutdown: - tick.Stop() - return - } - } - }() - return nil -} - -// SOASerialIfDefined returns the SOA's serial if the zone has a SOA record in the Apex, or -1 otherwise. -func (z *Zone) SOASerialIfDefined() int64 { - z.RLock() - defer z.RUnlock() - if z.Apex.SOA != nil { - return int64(z.Apex.SOA.Serial) - } - return -1 -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/rrutil/util.go b/vendor/github.com/coredns/coredns/plugin/file/rrutil/util.go deleted file mode 100644 index 564b82cd..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/rrutil/util.go +++ /dev/null @@ -1,18 +0,0 @@ -// Package rrutil provides function to find certain RRs in slices. -package rrutil - -import "github.com/miekg/dns" - -// SubTypeSignature returns the RRSIG for the subtype. -func SubTypeSignature(rrs []dns.RR, subtype uint16) []dns.RR { - sigs := []dns.RR{} - // there may be multiple keys that have signed this subtype - for _, sig := range rrs { - if s, ok := sig.(*dns.RRSIG); ok { - if s.TypeCovered == subtype { - sigs = append(sigs, s) - } - } - } - return sigs -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/secondary.go b/vendor/github.com/coredns/coredns/plugin/file/secondary.go deleted file mode 100644 index 932916bb..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/secondary.go +++ /dev/null @@ -1,198 +0,0 @@ -package file - -import ( - "math/rand" - "time" - - "github.com/miekg/dns" -) - -// TransferIn retrieves the zone from the masters, parses it and sets it live. -func (z *Zone) TransferIn() error { - if len(z.TransferFrom) == 0 { - return nil - } - m := new(dns.Msg) - m.SetAxfr(z.origin) - - z1 := z.CopyWithoutApex() - var ( - Err error - tr string - ) - -Transfer: - for _, tr = range z.TransferFrom { - t := new(dns.Transfer) - c, err := t.In(m, tr) - if err != nil { - log.Errorf("Failed to setup transfer `%s' with `%q': %v", z.origin, tr, err) - Err = err - continue Transfer - } - for env := range c { - if env.Error != nil { - log.Errorf("Failed to transfer `%s' from %q: %v", z.origin, tr, env.Error) - Err = env.Error - continue Transfer - } - for _, rr := range env.RR { - if err := z1.Insert(rr); err != nil { - log.Errorf("Failed to parse transfer `%s' from: %q: %v", z.origin, tr, err) - Err = err - continue Transfer - } - } - } - Err = nil - break - } - if Err != nil { - return Err - } - - z.Lock() - z.Tree = z1.Tree - z.Apex = z1.Apex - z.Expired = false - z.Unlock() - log.Infof("Transferred: %s from %s", z.origin, tr) - return nil -} - -// shouldTransfer checks the primaries of zone, retrieves the SOA record, checks the current serial -// and the remote serial and will return true if the remote one is higher than the locally configured one. -func (z *Zone) shouldTransfer() (bool, error) { - c := new(dns.Client) - c.Net = "tcp" // do this query over TCP to minimize spoofing - m := new(dns.Msg) - m.SetQuestion(z.origin, dns.TypeSOA) - - var Err error - serial := -1 - -Transfer: - for _, tr := range z.TransferFrom { - Err = nil - ret, _, err := c.Exchange(m, tr) - if err != nil || ret.Rcode != dns.RcodeSuccess { - Err = err - continue - } - for _, a := range ret.Answer { - if a.Header().Rrtype == dns.TypeSOA { - serial = int(a.(*dns.SOA).Serial) - break Transfer - } - } - } - if serial == -1 { - return false, Err - } - if z.Apex.SOA == nil { - return true, Err - } - return less(z.Apex.SOA.Serial, uint32(serial)), Err -} - -// less returns true of a is smaller than b when taking RFC 1982 serial arithmetic into account. -func less(a, b uint32) bool { - if a < b { - return (b - a) <= MaxSerialIncrement - } - return (a - b) > MaxSerialIncrement -} - -// Update updates the secondary zone according to its SOA. It will run for the life time of the server -// and uses the SOA parameters. Every refresh it will check for a new SOA number. If that fails (for all -// server) it will retry every retry interval. If the zone failed to transfer before the expire, the zone -// will be marked expired. -func (z *Zone) Update() error { - // If we don't have a SOA, we don't have a zone, wait for it to appear. - for z.Apex.SOA == nil { - time.Sleep(1 * time.Second) - } - retryActive := false - -Restart: - refresh := time.Second * time.Duration(z.Apex.SOA.Refresh) - retry := time.Second * time.Duration(z.Apex.SOA.Retry) - expire := time.Second * time.Duration(z.Apex.SOA.Expire) - - refreshTicker := time.NewTicker(refresh) - retryTicker := time.NewTicker(retry) - expireTicker := time.NewTicker(expire) - - for { - select { - case <-expireTicker.C: - if !retryActive { - break - } - z.Expired = true - - case <-retryTicker.C: - if !retryActive { - break - } - - time.Sleep(jitter(2000)) // 2s randomize - - ok, err := z.shouldTransfer() - if err != nil { - log.Warningf("Failed retry check %s", err) - continue - } - - if ok { - if err := z.TransferIn(); err != nil { - // transfer failed, leave retryActive true - break - } - } - - // no errors, stop timers and restart - retryActive = false - refreshTicker.Stop() - retryTicker.Stop() - expireTicker.Stop() - goto Restart - - case <-refreshTicker.C: - - time.Sleep(jitter(5000)) // 5s randomize - - ok, err := z.shouldTransfer() - if err != nil { - log.Warningf("Failed refresh check %s", err) - retryActive = true - continue - } - - if ok { - if err := z.TransferIn(); err != nil { - // transfer failed - retryActive = true - break - } - } - - // no errors, stop timers and restart - retryActive = false - refreshTicker.Stop() - retryTicker.Stop() - expireTicker.Stop() - goto Restart - } - } -} - -// jitter returns a random duration between [0,n) * time.Millisecond -func jitter(n int) time.Duration { - r := rand.Intn(n) - return time.Duration(r) * time.Millisecond -} - -// MaxSerialIncrement is the maximum difference between two serial numbers. If the difference between -// two serials is greater than this number, the smaller one is considered greater. -const MaxSerialIncrement uint32 = 2147483647 diff --git a/vendor/github.com/coredns/coredns/plugin/file/setup.go b/vendor/github.com/coredns/coredns/plugin/file/setup.go deleted file mode 100644 index 73a2a233..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/setup.go +++ /dev/null @@ -1,153 +0,0 @@ -package file - -import ( - "errors" - "os" - "path/filepath" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/upstream" - "github.com/coredns/coredns/plugin/transfer" -) - -func init() { plugin.Register("file", setup) } - -func setup(c *caddy.Controller) error { - zones, err := fileParse(c) - if err != nil { - return plugin.Error("file", err) - } - - f := File{Zones: zones} - // get the transfer plugin, so we can send notifies and send notifies on startup as well. - c.OnStartup(func() error { - t := dnsserver.GetConfig(c).Handler("transfer") - if t == nil { - return nil - } - f.transfer = t.(*transfer.Transfer) // if found this must be OK. - go func() { - for _, n := range zones.Names { - f.transfer.Notify(n) - } - }() - return nil - }) - - c.OnRestartFailed(func() error { - t := dnsserver.GetConfig(c).Handler("transfer") - if t == nil { - return nil - } - go func() { - for _, n := range zones.Names { - f.transfer.Notify(n) - } - }() - return nil - }) - - for _, n := range zones.Names { - z := zones.Z[n] - c.OnShutdown(z.OnShutdown) - c.OnStartup(func() error { - z.StartupOnce.Do(func() { z.Reload(f.transfer) }) - return nil - }) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - f.Next = next - return f - }) - - return nil -} - -func fileParse(c *caddy.Controller) (Zones, error) { - z := make(map[string]*Zone) - names := []string{} - - config := dnsserver.GetConfig(c) - - var openErr error - reload := 1 * time.Minute - - for c.Next() { - // file db.file [zones...] - if !c.NextArg() { - return Zones{}, c.ArgErr() - } - fileName := c.Val() - - origins := plugin.OriginsFromArgsOrServerBlock(c.RemainingArgs(), c.ServerBlockKeys) - if !filepath.IsAbs(fileName) && config.Root != "" { - fileName = filepath.Join(config.Root, fileName) - } - - reader, err := os.Open(filepath.Clean(fileName)) - if err != nil { - openErr = err - } - - err = func() error { - defer reader.Close() - - for i := range origins { - z[origins[i]] = NewZone(origins[i], fileName) - if openErr == nil { - reader.Seek(0, 0) - zone, err := Parse(reader, origins[i], fileName, 0) - if err != nil { - return err - } - z[origins[i]] = zone - } - names = append(names, origins[i]) - } - return nil - }() - - if err != nil { - return Zones{}, err - } - - for c.NextBlock() { - switch c.Val() { - case "reload": - t := c.RemainingArgs() - if len(t) < 1 { - return Zones{}, errors.New("reload duration value is expected") - } - d, err := time.ParseDuration(t[0]) - if err != nil { - return Zones{}, plugin.Error("file", err) - } - reload = d - case "upstream": - // remove soon - c.RemainingArgs() - - default: - return Zones{}, c.Errf("unknown property '%s'", c.Val()) - } - } - - for i := range origins { - z[origins[i]].ReloadInterval = reload - z[origins[i]].Upstream = upstream.New() - } - } - - if openErr != nil { - if reload == 0 { - // reload hasn't been set make this a fatal error - return Zones{}, plugin.Error("file", openErr) - } - log.Warningf("Failed to open %q: trying again in %s", openErr, reload) - } - return Zones{Z: z, Names: names}, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/shutdown.go b/vendor/github.com/coredns/coredns/plugin/file/shutdown.go deleted file mode 100644 index 9aa59894..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/shutdown.go +++ /dev/null @@ -1,9 +0,0 @@ -package file - -// OnShutdown shuts down any running go-routines for this zone. -func (z *Zone) OnShutdown() error { - if 0 < z.ReloadInterval { - z.reloadShutdown <- true - } - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/tree/all.go b/vendor/github.com/coredns/coredns/plugin/file/tree/all.go deleted file mode 100644 index e1fc5b39..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/tree/all.go +++ /dev/null @@ -1,21 +0,0 @@ -package tree - -// All traverses tree and returns all elements. -func (t *Tree) All() []*Elem { - if t.Root == nil { - return nil - } - found := t.Root.all(nil) - return found -} - -func (n *Node) all(found []*Elem) []*Elem { - if n.Left != nil { - found = n.Left.all(found) - } - found = append(found, n.Elem) - if n.Right != nil { - found = n.Right.all(found) - } - return found -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/tree/auth_walk.go b/vendor/github.com/coredns/coredns/plugin/file/tree/auth_walk.go deleted file mode 100644 index 1f436716..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/tree/auth_walk.go +++ /dev/null @@ -1,58 +0,0 @@ -package tree - -import ( - "github.com/miekg/dns" -) - -// AuthWalk performs fn on all authoritative values stored in the tree in -// pre-order depth first. If a non-nil error is returned the AuthWalk was interrupted -// by an fn returning that error. If fn alters stored values' sort -// relationships, future tree operation behaviors are undefined. -// -// The fn function will be called with 3 arguments, the current element, a map containing all -// the RRs for this element and a boolean if this name is considered authoritative. -func (t *Tree) AuthWalk(fn func(*Elem, map[uint16][]dns.RR, bool) error) error { - if t.Root == nil { - return nil - } - return t.Root.authwalk(make(map[string]struct{}), fn) -} - -func (n *Node) authwalk(ns map[string]struct{}, fn func(*Elem, map[uint16][]dns.RR, bool) error) error { - if n.Left != nil { - if err := n.Left.authwalk(ns, fn); err != nil { - return err - } - } - - // Check if the current name is a subdomain of *any* of the delegated names we've seen, if so, skip this name. - // The ordering of the tree and how we walk if guarantees we see parents first. - if n.Elem.Type(dns.TypeNS) != nil { - ns[n.Elem.Name()] = struct{}{} - } - - auth := true - i := 0 - for { - j, end := dns.NextLabel(n.Elem.Name(), i) - if end { - break - } - if _, ok := ns[n.Elem.Name()[j:]]; ok { - auth = false - break - } - i++ - } - - if err := fn(n.Elem, n.Elem.m, auth); err != nil { - return err - } - - if n.Right != nil { - if err := n.Right.authwalk(ns, fn); err != nil { - return err - } - } - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/tree/elem.go b/vendor/github.com/coredns/coredns/plugin/file/tree/elem.go deleted file mode 100644 index c1909649..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/tree/elem.go +++ /dev/null @@ -1,101 +0,0 @@ -package tree - -import "github.com/miekg/dns" - -// Elem is an element in the tree. -type Elem struct { - m map[uint16][]dns.RR - name string // owner name -} - -// newElem returns a new elem. -func newElem(rr dns.RR) *Elem { - e := Elem{m: make(map[uint16][]dns.RR)} - e.m[rr.Header().Rrtype] = []dns.RR{rr} - return &e -} - -// Types returns the types of the records in e. The returned list is not sorted. -func (e *Elem) Types() []uint16 { - t := make([]uint16, len(e.m)) - i := 0 - for ty := range e.m { - t[i] = ty - i++ - } - return t -} - -// Type returns the RRs with type qtype from e. -func (e *Elem) Type(qtype uint16) []dns.RR { return e.m[qtype] } - -// TypeForWildcard returns the RRs with type qtype from e. The ownername returned is set to qname. -func (e *Elem) TypeForWildcard(qtype uint16, qname string) []dns.RR { - rrs := e.m[qtype] - - if rrs == nil { - return nil - } - - copied := make([]dns.RR, len(rrs)) - for i := range rrs { - copied[i] = dns.Copy(rrs[i]) - copied[i].Header().Name = qname - } - return copied -} - -// All returns all RRs from e, regardless of type. -func (e *Elem) All() []dns.RR { - list := []dns.RR{} - for _, rrs := range e.m { - list = append(list, rrs...) - } - return list -} - -// Name returns the name for this node. -func (e *Elem) Name() string { - if e.name != "" { - return e.name - } - for _, rrs := range e.m { - e.name = rrs[0].Header().Name - return e.name - } - return "" -} - -// Empty returns true is e does not contain any RRs, i.e. is an empty-non-terminal. -func (e *Elem) Empty() bool { return len(e.m) == 0 } - -// Insert inserts rr into e. If rr is equal to existing RRs, the RR will be added anyway. -func (e *Elem) Insert(rr dns.RR) { - t := rr.Header().Rrtype - if e.m == nil { - e.m = make(map[uint16][]dns.RR) - e.m[t] = []dns.RR{rr} - return - } - rrs, ok := e.m[t] - if !ok { - e.m[t] = []dns.RR{rr} - return - } - - rrs = append(rrs, rr) - e.m[t] = rrs -} - -// Delete removes all RRs of type rr.Header().Rrtype from e. -func (e *Elem) Delete(rr dns.RR) { - if e.m == nil { - return - } - - t := rr.Header().Rrtype - delete(e.m, t) -} - -// Less is a tree helper function that calls less. -func Less(a *Elem, name string) int { return less(name, a.Name()) } diff --git a/vendor/github.com/coredns/coredns/plugin/file/tree/glue.go b/vendor/github.com/coredns/coredns/plugin/file/tree/glue.go deleted file mode 100644 index 937ae548..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/tree/glue.go +++ /dev/null @@ -1,44 +0,0 @@ -package tree - -import ( - "github.com/coredns/coredns/plugin/file/rrutil" - - "github.com/miekg/dns" -) - -// Glue returns any potential glue records for nsrrs. -func (t *Tree) Glue(nsrrs []dns.RR, do bool) []dns.RR { - glue := []dns.RR{} - for _, rr := range nsrrs { - if ns, ok := rr.(*dns.NS); ok && dns.IsSubDomain(ns.Header().Name, ns.Ns) { - glue = append(glue, t.searchGlue(ns.Ns, do)...) - } - } - return glue -} - -// searchGlue looks up A and AAAA for name. -func (t *Tree) searchGlue(name string, do bool) []dns.RR { - glue := []dns.RR{} - - // A - if elem, found := t.Search(name); found { - glue = append(glue, elem.Type(dns.TypeA)...) - if do { - sigs := elem.Type(dns.TypeRRSIG) - sigs = rrutil.SubTypeSignature(sigs, dns.TypeA) - glue = append(glue, sigs...) - } - } - - // AAAA - if elem, found := t.Search(name); found { - glue = append(glue, elem.Type(dns.TypeAAAA)...) - if do { - sigs := elem.Type(dns.TypeRRSIG) - sigs = rrutil.SubTypeSignature(sigs, dns.TypeAAAA) - glue = append(glue, sigs...) - } - } - return glue -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/tree/less.go b/vendor/github.com/coredns/coredns/plugin/file/tree/less.go deleted file mode 100644 index 7421cf08..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/tree/less.go +++ /dev/null @@ -1,59 +0,0 @@ -package tree - -import ( - "bytes" - - "github.com/miekg/dns" -) - -// less returns <0 when a is less than b, 0 when they are equal and -// >0 when a is larger than b. -// The function orders names in DNSSEC canonical order: RFC 4034s section-6.1 -// -// See https://bert-hubert.blogspot.co.uk/2015/10/how-to-do-fast-canonical-ordering-of.html -// for a blog article on this implementation, although here we still go label by label. -// -// The values of a and b are *not* lowercased before the comparison! -func less(a, b string) int { - i := 1 - aj := len(a) - bj := len(b) - for { - ai, oka := dns.PrevLabel(a, i) - bi, okb := dns.PrevLabel(b, i) - if oka && okb { - return 0 - } - - // sadly this []byte will allocate... TODO(miek): check if this is needed - // for a name, otherwise compare the strings. - ab := []byte(a[ai:aj]) - bb := []byte(b[bi:bj]) - doDDD(ab) - doDDD(bb) - - res := bytes.Compare(ab, bb) - if res != 0 { - return res - } - - i++ - aj, bj = ai, bi - } -} - -func doDDD(b []byte) { - lb := len(b) - for i := 0; i < lb; i++ { - if i+3 < lb && b[i] == '\\' && isDigit(b[i+1]) && isDigit(b[i+2]) && isDigit(b[i+3]) { - b[i] = dddToByte(b[i:]) - for j := i + 1; j < lb-3; j++ { - b[j] = b[j+3] - } - lb -= 3 - } - } -} - -func isDigit(b byte) bool { return b >= '0' && b <= '9' } -func dddToByte(s []byte) byte { return (s[1]-'0')*100 + (s[2]-'0')*10 + (s[3] - '0') } diff --git a/vendor/github.com/coredns/coredns/plugin/file/tree/print.go b/vendor/github.com/coredns/coredns/plugin/file/tree/print.go deleted file mode 100644 index b2df70e1..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/tree/print.go +++ /dev/null @@ -1,62 +0,0 @@ -package tree - -import "fmt" - -// Print prints a Tree. Main use is to aid in debugging. -func (t *Tree) Print() { - if t.Root == nil { - fmt.Println("") - } - t.Root.print() -} - -func (n *Node) print() { - q := newQueue() - q.push(n) - - nodesInCurrentLevel := 1 - nodesInNextLevel := 0 - - for !q.empty() { - do := q.pop() - nodesInCurrentLevel-- - - if do != nil { - fmt.Print(do.Elem.Name(), " ") - q.push(do.Left) - q.push(do.Right) - nodesInNextLevel += 2 - } - if nodesInCurrentLevel == 0 { - fmt.Println() - nodesInCurrentLevel = nodesInNextLevel - nodesInNextLevel = 0 - } - } - fmt.Println() -} - -type queue []*Node - -// newQueue returns a new queue. -func newQueue() queue { - q := queue([]*Node{}) - return q -} - -// push pushes n to the end of the queue. -func (q *queue) push(n *Node) { - *q = append(*q, n) -} - -// pop pops the first element off the queue. -func (q *queue) pop() *Node { - n := (*q)[0] - *q = (*q)[1:] - return n -} - -// empty returns true when the queue contains zero nodes. -func (q *queue) empty() bool { - return len(*q) == 0 -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/tree/tree.go b/vendor/github.com/coredns/coredns/plugin/file/tree/tree.go deleted file mode 100644 index a6caafe1..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/tree/tree.go +++ /dev/null @@ -1,453 +0,0 @@ -// Copyright ©2012 The bíogo Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found at the end of this file. - -// Package tree implements Left-Leaning Red Black trees as described by Robert Sedgewick. -// -// More details relating to the implementation are available at the following locations: -// -// http://www.cs.princeton.edu/~rs/talks/LLRB/LLRB.pdf -// http://www.cs.princeton.edu/~rs/talks/LLRB/Java/RedBlackBST.java -// http://www.teachsolaisgames.com/articles/balanced_left_leaning.html -// -// Heavily modified by Miek Gieben for use in DNS zones. -package tree - -import "github.com/miekg/dns" - -const ( - td234 = iota - bu23 -) - -// Operation mode of the LLRB tree. -const mode = bu23 - -func init() { - if mode != td234 && mode != bu23 { - panic("tree: unknown mode") - } -} - -// A Color represents the color of a Node. -type Color bool - -const ( - // Red as false give us the defined behaviour that new nodes are red. Although this - // is incorrect for the root node, that is resolved on the first insertion. - red Color = false - black Color = true -) - -// A Node represents a node in the LLRB tree. -type Node struct { - Elem *Elem - Left, Right *Node - Color Color -} - -// A Tree manages the root node of an LLRB tree. Public methods are exposed through this type. -type Tree struct { - Root *Node // Root node of the tree. - Count int // Number of elements stored. -} - -// Helper methods - -// color returns the effect color of a Node. A nil node returns black. -func (n *Node) color() Color { - if n == nil { - return black - } - return n.Color -} - -// (a,c)b -rotL-> ((a,)b,)c -func (n *Node) rotateLeft() (root *Node) { - // Assumes: n has two children. - root = n.Right - n.Right = root.Left - root.Left = n - root.Color = n.Color - n.Color = red - return -} - -// (a,c)b -rotR-> (,(,c)b)a -func (n *Node) rotateRight() (root *Node) { - // Assumes: n has two children. - root = n.Left - n.Left = root.Right - root.Right = n - root.Color = n.Color - n.Color = red - return -} - -// (aR,cR)bB -flipC-> (aB,cB)bR | (aB,cB)bR -flipC-> (aR,cR)bB -func (n *Node) flipColors() { - // Assumes: n has two children. - n.Color = !n.Color - n.Left.Color = !n.Left.Color - n.Right.Color = !n.Right.Color -} - -// fixUp ensures that black link balance is correct, that red nodes lean left, -// and that 4 nodes are split in the case of BU23 and properly balanced in TD234. -func (n *Node) fixUp() *Node { - if n.Right.color() == red { - if mode == td234 && n.Right.Left.color() == red { - n.Right = n.Right.rotateRight() - } - n = n.rotateLeft() - } - if n.Left.color() == red && n.Left.Left.color() == red { - n = n.rotateRight() - } - if mode == bu23 && n.Left.color() == red && n.Right.color() == red { - n.flipColors() - } - return n -} - -func (n *Node) moveRedLeft() *Node { - n.flipColors() - if n.Right.Left.color() == red { - n.Right = n.Right.rotateRight() - n = n.rotateLeft() - n.flipColors() - if mode == td234 && n.Right.Right.color() == red { - n.Right = n.Right.rotateLeft() - } - } - return n -} - -func (n *Node) moveRedRight() *Node { - n.flipColors() - if n.Left.Left.color() == red { - n = n.rotateRight() - n.flipColors() - } - return n -} - -// Len returns the number of elements stored in the Tree. -func (t *Tree) Len() int { - return t.Count -} - -// Search returns the first match of qname in the Tree. -func (t *Tree) Search(qname string) (*Elem, bool) { - if t.Root == nil { - return nil, false - } - n, res := t.Root.search(qname) - if n == nil { - return nil, res - } - return n.Elem, res -} - -// search searches the tree for qname and type. -func (n *Node) search(qname string) (*Node, bool) { - for n != nil { - switch c := Less(n.Elem, qname); { - case c == 0: - return n, true - case c < 0: - n = n.Left - default: - n = n.Right - } - } - - return n, false -} - -// Insert inserts rr into the Tree at the first match found -// with e or when a nil node is reached. -func (t *Tree) Insert(rr dns.RR) { - var d int - t.Root, d = t.Root.insert(rr) - t.Count += d - t.Root.Color = black -} - -// insert inserts rr in to the tree. -func (n *Node) insert(rr dns.RR) (root *Node, d int) { - if n == nil { - return &Node{Elem: newElem(rr)}, 1 - } else if n.Elem == nil { - n.Elem = newElem(rr) - return n, 1 - } - - if mode == td234 { - if n.Left.color() == red && n.Right.color() == red { - n.flipColors() - } - } - - switch c := Less(n.Elem, rr.Header().Name); { - case c == 0: - n.Elem.Insert(rr) - case c < 0: - n.Left, d = n.Left.insert(rr) - default: - n.Right, d = n.Right.insert(rr) - } - - if n.Right.color() == red && n.Left.color() == black { - n = n.rotateLeft() - } - if n.Left.color() == red && n.Left.Left.color() == red { - n = n.rotateRight() - } - - if mode == bu23 { - if n.Left.color() == red && n.Right.color() == red { - n.flipColors() - } - } - - root = n - - return -} - -// DeleteMin deletes the node with the minimum value in the tree. -func (t *Tree) DeleteMin() { - if t.Root == nil { - return - } - var d int - t.Root, d = t.Root.deleteMin() - t.Count += d - if t.Root == nil { - return - } - t.Root.Color = black -} - -func (n *Node) deleteMin() (root *Node, d int) { - if n.Left == nil { - return nil, -1 - } - if n.Left.color() == black && n.Left.Left.color() == black { - n = n.moveRedLeft() - } - n.Left, d = n.Left.deleteMin() - - root = n.fixUp() - - return -} - -// DeleteMax deletes the node with the maximum value in the tree. -func (t *Tree) DeleteMax() { - if t.Root == nil { - return - } - var d int - t.Root, d = t.Root.deleteMax() - t.Count += d - if t.Root == nil { - return - } - t.Root.Color = black -} - -func (n *Node) deleteMax() (root *Node, d int) { - if n.Left != nil && n.Left.color() == red { - n = n.rotateRight() - } - if n.Right == nil { - return nil, -1 - } - if n.Right.color() == black && n.Right.Left.color() == black { - n = n.moveRedRight() - } - n.Right, d = n.Right.deleteMax() - - root = n.fixUp() - - return -} - -// Delete removes all RRs of type rr.Header().Rrtype from e. If after the deletion of rr the node is empty the -// entire node is deleted. -func (t *Tree) Delete(rr dns.RR) { - if t.Root == nil { - return - } - - el, _ := t.Search(rr.Header().Name) - if el == nil { - return - } - el.Delete(rr) - if el.Empty() { - t.deleteNode(rr) - } -} - -// DeleteNode deletes the node that matches rr according to Less(). -func (t *Tree) deleteNode(rr dns.RR) { - if t.Root == nil { - return - } - var d int - t.Root, d = t.Root.delete(rr) - t.Count += d - if t.Root == nil { - return - } - t.Root.Color = black -} - -func (n *Node) delete(rr dns.RR) (root *Node, d int) { - if Less(n.Elem, rr.Header().Name) < 0 { - if n.Left != nil { - if n.Left.color() == black && n.Left.Left.color() == black { - n = n.moveRedLeft() - } - n.Left, d = n.Left.delete(rr) - } - } else { - if n.Left.color() == red { - n = n.rotateRight() - } - if n.Right == nil && Less(n.Elem, rr.Header().Name) == 0 { - return nil, -1 - } - if n.Right != nil { - if n.Right.color() == black && n.Right.Left.color() == black { - n = n.moveRedRight() - } - if Less(n.Elem, rr.Header().Name) == 0 { - n.Elem = n.Right.min().Elem - n.Right, d = n.Right.deleteMin() - } else { - n.Right, d = n.Right.delete(rr) - } - } - } - - root = n.fixUp() - return -} - -// Min returns the minimum value stored in the tree. -func (t *Tree) Min() *Elem { - if t.Root == nil { - return nil - } - return t.Root.min().Elem -} - -func (n *Node) min() *Node { - for ; n.Left != nil; n = n.Left { - } - return n -} - -// Max returns the maximum value stored in the tree. -func (t *Tree) Max() *Elem { - if t.Root == nil { - return nil - } - return t.Root.max().Elem -} - -func (n *Node) max() *Node { - for ; n.Right != nil; n = n.Right { - } - return n -} - -// Prev returns the greatest value equal to or less than the qname according to Less(). -func (t *Tree) Prev(qname string) (*Elem, bool) { - if t.Root == nil { - return nil, false - } - - n := t.Root.floor(qname) - if n == nil { - return nil, false - } - return n.Elem, true -} - -func (n *Node) floor(qname string) *Node { - if n == nil { - return nil - } - switch c := Less(n.Elem, qname); { - case c == 0: - return n - case c <= 0: - return n.Left.floor(qname) - default: - if r := n.Right.floor(qname); r != nil { - return r - } - } - return n -} - -// Next returns the smallest value equal to or greater than the qname according to Less(). -func (t *Tree) Next(qname string) (*Elem, bool) { - if t.Root == nil { - return nil, false - } - n := t.Root.ceil(qname) - if n == nil { - return nil, false - } - return n.Elem, true -} - -func (n *Node) ceil(qname string) *Node { - if n == nil { - return nil - } - switch c := Less(n.Elem, qname); { - case c == 0: - return n - case c > 0: - return n.Right.ceil(qname) - default: - if l := n.Left.ceil(qname); l != nil { - return l - } - } - return n -} - -/* -Copyright ©2012 The bíogo Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are met: - -* Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. -* Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. -* Neither the name of the bíogo project nor the names of its authors and - contributors may be used to endorse or promote products derived from this - software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER -CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, -OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -*/ diff --git a/vendor/github.com/coredns/coredns/plugin/file/tree/walk.go b/vendor/github.com/coredns/coredns/plugin/file/tree/walk.go deleted file mode 100644 index e315eb03..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/tree/walk.go +++ /dev/null @@ -1,33 +0,0 @@ -package tree - -import "github.com/miekg/dns" - -// Walk performs fn on all authoritative values stored in the tree in -// in-order depth first. If a non-nil error is returned the Walk was interrupted -// by an fn returning that error. If fn alters stored values' sort -// relationships, future tree operation behaviors are undefined. -func (t *Tree) Walk(fn func(*Elem, map[uint16][]dns.RR) error) error { - if t.Root == nil { - return nil - } - return t.Root.walk(fn) -} - -func (n *Node) walk(fn func(*Elem, map[uint16][]dns.RR) error) error { - if n.Left != nil { - if err := n.Left.walk(fn); err != nil { - return err - } - } - - if err := fn(n.Elem, n.Elem.m); err != nil { - return err - } - - if n.Right != nil { - if err := n.Right.walk(fn); err != nil { - return err - } - } - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/wildcard.go b/vendor/github.com/coredns/coredns/plugin/file/wildcard.go deleted file mode 100644 index 7e8e806a..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/wildcard.go +++ /dev/null @@ -1,13 +0,0 @@ -package file - -import "github.com/miekg/dns" - -// replaceWithAsteriskLabel replaces the left most label with '*'. -func replaceWithAsteriskLabel(qname string) (wildcard string) { - i, shot := dns.NextLabel(qname, 0) - if shot { - return "" - } - - return "*." + qname[i:] -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/xfr.go b/vendor/github.com/coredns/coredns/plugin/file/xfr.go deleted file mode 100644 index 28c3a3a9..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/xfr.go +++ /dev/null @@ -1,45 +0,0 @@ -package file - -import ( - "github.com/coredns/coredns/plugin/file/tree" - "github.com/coredns/coredns/plugin/transfer" - - "github.com/miekg/dns" -) - -// Transfer implements the transfer.Transfer interface. -func (f File) Transfer(zone string, serial uint32) (<-chan []dns.RR, error) { - z, ok := f.Zones.Z[zone] - if !ok || z == nil { - return nil, transfer.ErrNotAuthoritative - } - return z.Transfer(serial) -} - -// Transfer transfers a zone with serial in the returned channel and implements IXFR fallback, by just -// sending a single SOA record. -func (z *Zone) Transfer(serial uint32) (<-chan []dns.RR, error) { - // get soa and apex - apex, err := z.ApexIfDefined() - if err != nil { - return nil, err - } - - ch := make(chan []dns.RR) - go func() { - if serial != 0 && apex[0].(*dns.SOA).Serial == serial { // ixfr fallback, only send SOA - ch <- []dns.RR{apex[0]} - - close(ch) - return - } - - ch <- apex - z.Walk(func(e *tree.Elem, _ map[uint16][]dns.RR) error { ch <- e.All(); return nil }) - ch <- []dns.RR{apex[0]} - - close(ch) - }() - - return ch, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/file/zone.go b/vendor/github.com/coredns/coredns/plugin/file/zone.go deleted file mode 100644 index aa5f3cac..00000000 --- a/vendor/github.com/coredns/coredns/plugin/file/zone.go +++ /dev/null @@ -1,178 +0,0 @@ -package file - -import ( - "fmt" - "path/filepath" - "strings" - "sync" - "time" - - "github.com/coredns/coredns/plugin/file/tree" - "github.com/coredns/coredns/plugin/pkg/upstream" - - "github.com/miekg/dns" -) - -// Zone is a structure that contains all data related to a DNS zone. -type Zone struct { - origin string - origLen int - file string - *tree.Tree - Apex - Expired bool - - sync.RWMutex - - StartupOnce sync.Once - TransferFrom []string - - ReloadInterval time.Duration - reloadShutdown chan bool - - Upstream *upstream.Upstream // Upstream for looking up external names during the resolution process. -} - -// Apex contains the apex records of a zone: SOA, NS and their potential signatures. -type Apex struct { - SOA *dns.SOA - NS []dns.RR - SIGSOA []dns.RR - SIGNS []dns.RR -} - -// NewZone returns a new zone. -func NewZone(name, file string) *Zone { - return &Zone{ - origin: dns.Fqdn(name), - origLen: dns.CountLabel(dns.Fqdn(name)), - file: filepath.Clean(file), - Tree: &tree.Tree{}, - reloadShutdown: make(chan bool), - } -} - -// Copy copies a zone. -func (z *Zone) Copy() *Zone { - z1 := NewZone(z.origin, z.file) - z1.TransferFrom = z.TransferFrom - z1.Expired = z.Expired - - z1.Apex = z.Apex - return z1 -} - -// CopyWithoutApex copies zone z without the Apex records. -func (z *Zone) CopyWithoutApex() *Zone { - z1 := NewZone(z.origin, z.file) - z1.TransferFrom = z.TransferFrom - z1.Expired = z.Expired - - return z1 -} - -// Insert inserts r into z. -func (z *Zone) Insert(r dns.RR) error { - r.Header().Name = strings.ToLower(r.Header().Name) - - switch h := r.Header().Rrtype; h { - case dns.TypeNS: - r.(*dns.NS).Ns = strings.ToLower(r.(*dns.NS).Ns) - - if r.Header().Name == z.origin { - z.Apex.NS = append(z.Apex.NS, r) - return nil - } - case dns.TypeSOA: - r.(*dns.SOA).Ns = strings.ToLower(r.(*dns.SOA).Ns) - r.(*dns.SOA).Mbox = strings.ToLower(r.(*dns.SOA).Mbox) - - z.Apex.SOA = r.(*dns.SOA) - return nil - case dns.TypeNSEC3, dns.TypeNSEC3PARAM: - return fmt.Errorf("NSEC3 zone is not supported, dropping RR: %s for zone: %s", r.Header().Name, z.origin) - case dns.TypeRRSIG: - x := r.(*dns.RRSIG) - switch x.TypeCovered { - case dns.TypeSOA: - z.Apex.SIGSOA = append(z.Apex.SIGSOA, x) - return nil - case dns.TypeNS: - if r.Header().Name == z.origin { - z.Apex.SIGNS = append(z.Apex.SIGNS, x) - return nil - } - } - case dns.TypeCNAME: - r.(*dns.CNAME).Target = strings.ToLower(r.(*dns.CNAME).Target) - case dns.TypeMX: - r.(*dns.MX).Mx = strings.ToLower(r.(*dns.MX).Mx) - case dns.TypeSRV: - r.(*dns.SRV).Target = strings.ToLower(r.(*dns.SRV).Target) - } - - z.Tree.Insert(r) - return nil -} - -// File retrieves the file path in a safe way. -func (z *Zone) File() string { - z.RLock() - defer z.RUnlock() - return z.file -} - -// SetFile updates the file path in a safe way. -func (z *Zone) SetFile(path string) { - z.Lock() - z.file = path - z.Unlock() -} - -// ApexIfDefined returns the apex nodes from z. The SOA record is the first record, if it does not exist, an error is returned. -func (z *Zone) ApexIfDefined() ([]dns.RR, error) { - z.RLock() - defer z.RUnlock() - if z.Apex.SOA == nil { - return nil, fmt.Errorf("no SOA") - } - - rrs := []dns.RR{z.Apex.SOA} - - if len(z.Apex.SIGSOA) > 0 { - rrs = append(rrs, z.Apex.SIGSOA...) - } - if len(z.Apex.NS) > 0 { - rrs = append(rrs, z.Apex.NS...) - } - if len(z.Apex.SIGNS) > 0 { - rrs = append(rrs, z.Apex.SIGNS...) - } - - return rrs, nil -} - -// NameFromRight returns the labels from the right, staring with the -// origin and then i labels extra. When we are overshooting the name -// the returned boolean is set to true. -func (z *Zone) nameFromRight(qname string, i int) (string, bool) { - if i <= 0 { - return z.origin, false - } - - for j := 1; j <= z.origLen; j++ { - if _, shot := dns.PrevLabel(qname, j); shot { - return qname, shot - } - } - - k := 0 - var shot bool - for j := 1; j <= i; j++ { - k, shot = dns.PrevLabel(qname, j+z.origLen) - if shot { - return qname, shot - } - } - return qname[k:], false -} diff --git a/vendor/github.com/coredns/coredns/plugin/forward/README.md b/vendor/github.com/coredns/coredns/plugin/forward/README.md deleted file mode 100644 index 33f4e60f..00000000 --- a/vendor/github.com/coredns/coredns/plugin/forward/README.md +++ /dev/null @@ -1,292 +0,0 @@ -# forward - -## Name - -*forward* - facilitates proxying DNS messages to upstream resolvers. - -## Description - -The *forward* plugin re-uses already opened sockets to the upstreams. It supports UDP, TCP and -DNS-over-TLS and uses in band health checking. - -When it detects an error a health check is performed. This checks runs in a loop, performing each -check at a *0.5s* interval for as long as the upstream reports unhealthy. Once healthy we stop -health checking (until the next error). The health checks use a recursive DNS query (`. IN NS`) -to get upstream health. Any response that is not a network error (REFUSED, NOTIMPL, SERVFAIL, etc) -is taken as a healthy upstream. The health check uses the same protocol as specified in **TO**. If -`max_fails` is set to 0, no checking is performed and upstreams will always be considered healthy. - -When *all* upstreams are down it assumes health checking as a mechanism has failed and will try to -connect to a random upstream (which may or may not work). - -## Syntax - -In its most basic form, a simple forwarder uses this syntax: - -~~~ -forward FROM TO... -~~~ - -* **FROM** is the base domain to match for the request to be forwarded. Domains using CIDR notation - that expand to multiple reverse zones are not fully supported; only the first expanded zone is used. -* **TO...** are the destination endpoints to forward to. The **TO** syntax allows you to specify - a protocol, `tls://9.9.9.9` or `dns://` (or no protocol) for plain DNS. The number of upstreams is - limited to 15. - -Multiple upstreams are randomized (see `policy`) on first use. When a healthy proxy returns an error -during the exchange the next upstream in the list is tried. - -Extra knobs are available with an expanded syntax: - -~~~ -forward FROM TO... { - except IGNORED_NAMES... - force_tcp - prefer_udp - expire DURATION - max_fails INTEGER - tls CERT KEY CA - tls_servername NAME - policy random|round_robin|sequential - health_check DURATION [no_rec] [domain FQDN] - max_concurrent MAX - next RCODE_1 [RCODE_2] [RCODE_3...] - failfast_all_unhealthy_upstreams -} -~~~ - -* **FROM** and **TO...** as above. -* **IGNORED_NAMES** in `except` is a space-separated list of domains to exclude from forwarding. - Requests that match none of these names will be passed through. -* `force_tcp`, use TCP even when the request comes in over UDP. -* `prefer_udp`, try first using UDP even when the request comes in over TCP. If response is truncated - (TC flag set in response) then do another attempt over TCP. In case if both `force_tcp` and - `prefer_udp` options specified the `force_tcp` takes precedence. -* `max_fails` is the number of subsequent failed health checks that are needed before considering - an upstream to be down. If 0, the upstream will never be marked as down (nor health checked). - Default is 2. -* `expire` **DURATION**, expire (cached) connections after this time, the default is 10s. -* `tls` **CERT** **KEY** **CA** define the TLS properties for TLS connection. From 0 to 3 arguments can be - provided with the meaning as described below - - * `tls` - no client authentication is used, and the system CAs are used to verify the server certificate - * `tls` **CA** - no client authentication is used, and the file CA is used to verify the server certificate - * `tls` **CERT** **KEY** - client authentication is used with the specified cert/key pair. - The server certificate is verified with the system CAs - * `tls` **CERT** **KEY** **CA** - client authentication is used with the specified cert/key pair. - The server certificate is verified using the specified CA file - -* `tls_servername` **NAME** allows you to set a server name in the TLS configuration; for instance 9.9.9.9 - needs this to be set to `dns.quad9.net`. Multiple upstreams are still allowed in this scenario, - but they have to use the same `tls_servername`. E.g. mixing 9.9.9.9 (QuadDNS) with 1.1.1.1 - (Cloudflare) will not work. Using TLS forwarding but not setting `tls_servername` results in anyone - being able to man-in-the-middle your connection to the DNS server you are forwarding to. Because of this, - it is strongly recommended to set this value when using TLS forwarding. -* `policy` specifies the policy to use for selecting upstream servers. The default is `random`. - * `random` is a policy that implements random upstream selection. - * `round_robin` is a policy that selects hosts based on round robin ordering. - * `sequential` is a policy that selects hosts based on sequential ordering. -* `health_check` configure the behaviour of health checking of the upstream servers - * `` - use a different duration for health checking, the default duration is 0.5s. - * `no_rec` - optional argument that sets the RecursionDesired-flag of the dns-query used in health checking to `false`. - The flag is default `true`. - * `domain FQDN` - set the domain name used for health checks to **FQDN**. - If not configured, the domain name used for health checks is `.`. -* `max_concurrent` **MAX** will limit the number of concurrent queries to **MAX**. Any new query that would - raise the number of concurrent queries above the **MAX** will result in a REFUSED response. This - response does not count as a health failure. When choosing a value for **MAX**, pick a number - at least greater than the expected *upstream query rate* * *latency* of the upstream servers. - As an upper bound for **MAX**, consider that each concurrent query will use about 2kb of memory. -* `next` If the `RCODE` (i.e. `NXDOMAIN`) is returned by the remote then execute the next plugin. If no next plugin is defined, or the next plugin is not a `forward` plugin, this setting is ignored -* `failfast_all_unhealthy_upstreams` - determines the handling of requests when all upstream servers are unhealthy and unresponsive to health checks. Enabling this option will immediately return SERVFAIL responses for all requests. By default, requests are sent to a random upstream. - -Also note the TLS config is "global" for the whole forwarding proxy if you need a different -`tls_servername` for different upstreams you're out of luck. - -On each endpoint, the timeouts for communication are set as follows: - -* The dial timeout by default is 30s, and can decrease automatically down to 1s based on early results. -* The read timeout is static at 2s. - -## Metadata - -The forward plugin will publish the following metadata, if the *metadata* -plugin is also enabled: - -* `forward/upstream`: the upstream used to forward the request - -## Metrics - -If monitoring is enabled (via the *prometheus* plugin) then the following metric are exported: - -* `coredns_forward_healthcheck_broken_total{}` - count of when all upstreams are unhealthy, - and we are randomly (this always uses the `random` policy) spraying to an upstream. -* `coredns_forward_max_concurrent_rejects_total{}` - count of queries rejected because the - number of concurrent queries were at maximum. -* `coredns_proxy_request_duration_seconds{proxy_name="forward", to, rcode}` - histogram per upstream, RCODE -* `coredns_proxy_healthcheck_failures_total{proxy_name="forward", to, rcode}`- count of failed health checks per upstream. -* `coredns_proxy_conn_cache_hits_total{proxy_name="forward", to, proto}`- count of connection cache hits per upstream and protocol. -* `coredns_proxy_conn_cache_misses_total{proxy_name="forward", to, proto}` - count of connection cache misses per upstream and protocol. - -Where `to` is one of the upstream servers (**TO** from the config), `rcode` is the returned RCODE -from the upstream, `proto` is the transport protocol like `udp`, `tcp`, `tcp-tls`. - -The following metrics have recently been deprecated: -* `coredns_forward_healthcheck_failures_total{to, rcode}` - * Can be replaced with `coredns_proxy_healthcheck_failures_total{proxy_name="forward", to, rcode}` -* `coredns_forward_requests_total{to}` - * Can be replaced with `sum(coredns_proxy_request_duration_seconds_count{proxy_name="forward", to})` -* `coredns_forward_responses_total{to, rcode}` - * Can be replaced with `coredns_proxy_request_duration_seconds_count{proxy_name="forward", to, rcode}` -* `coredns_forward_request_duration_seconds{to, rcode}` - * Can be replaced with `coredns_proxy_request_duration_seconds{proxy_name="forward", to, rcode}` - -## Examples - -Proxy all requests within `example.org.` to a nameserver running on a different port: - -~~~ corefile -example.org { - forward . 127.0.0.1:9005 -} -~~~ - -Send all requests within `lab.example.local.` to `10.20.0.1`, all requests within `example.local.` (and not in -`lab.example.local.`) to `10.0.0.1`, all others requests to the servers defined in `/etc/resolv.conf`, and -caches results. Note that a CoreDNS server configured with multiple _forward_ plugins in a server block will evaluate those -forward plugins in the order they are listed when serving a request. Therefore, subdomains should be -placed before parent domains otherwise subdomain requests will be forwarded to the parent domain's upstream. -Accordingly, in this example `lab.example.local` is before `example.local`, and `example.local` is before `.`. - -~~~ corefile -. { - cache - forward lab.example.local 10.20.0.1 - forward example.local 10.0.0.1 - forward . /etc/resolv.conf -} -~~~ - -The example above is almost equivalent to the following example, except that example below defines three separate plugin -chains (and thus 3 separate instances of _cache_). - -~~~ corefile -lab.example.local { - cache - forward . 10.20.0.1 -} -example.local { - cache - forward . 10.0.0.1 -} -. { - cache - forward . /etc/resolv.conf -} -~~~ - -Load balance all requests between three resolvers, one of which has a IPv6 address. - -~~~ corefile -. { - forward . 10.0.0.10:53 10.0.0.11:1053 [2003::1]:53 -} -~~~ - -Forward everything except requests to `example.org` - -~~~ corefile -. { - forward . 10.0.0.10:1234 { - except example.org - } -} -~~~ - -Proxy everything except `example.org` using the host's `resolv.conf`'s nameservers: - -~~~ corefile -. { - forward . /etc/resolv.conf { - except example.org - } -} -~~~ - -Proxy all requests to 9.9.9.9 using the DNS-over-TLS (DoT) protocol, and cache every answer for up to 30 -seconds. Note the `tls_servername` is mandatory if you want a working setup, as 9.9.9.9 can't be -used in the TLS negotiation. Also set the health check duration to 5s to not completely swamp the -service with health checks. - -~~~ corefile -. { - forward . tls://9.9.9.9 { - tls_servername dns.quad9.net - health_check 5s - } - cache 30 -} -~~~ - -Or configure other domain name for health check requests - -~~~ corefile -. { - forward . tls://9.9.9.9 { - tls_servername dns.quad9.net - health_check 5s domain example.org - } - cache 30 -} -~~~ - -Or with multiple upstreams from the same provider - -~~~ corefile -. { - forward . tls://1.1.1.1 tls://1.0.0.1 { - tls_servername cloudflare-dns.com - health_check 5s - } - cache 30 -} -~~~ - -Or when you have multiple DoT upstreams with different `tls_servername`s, you can do the following: - -~~~ corefile -. { - forward . 127.0.0.1:5301 127.0.0.1:5302 -} - -.:5301 { - forward . tls://8.8.8.8 tls://8.8.4.4 { - tls_servername dns.google - } -} - -.:5302 { - forward . tls://1.1.1.1 tls://1.0.0.1 { - tls_servername cloudflare-dns.com - } -} -~~~ - -The following would try 1.2.3.4 first. If the response is `NXDOMAIN`, try 5.6.7.8. If the response from 5.6.7.8 is `NXDOMAIN`, try 9.0.1.2. - -~~~ corefile -. { - forward . 1.2.3.4 { - next NXDOMAIN - } - forward . 5.6.7.8 { - next NXDOMAIN - } - forward . 9.0.1.2 { - } -} -~~~ - -## See Also - -[RFC 7858](https://tools.ietf.org/html/rfc7858) for DNS over TLS. diff --git a/vendor/github.com/coredns/coredns/plugin/forward/dnstap.go b/vendor/github.com/coredns/coredns/plugin/forward/dnstap.go deleted file mode 100644 index 8195bb49..00000000 --- a/vendor/github.com/coredns/coredns/plugin/forward/dnstap.go +++ /dev/null @@ -1,66 +0,0 @@ -package forward - -import ( - "context" - "net" - "strconv" - "time" - - "github.com/coredns/coredns/plugin/dnstap/msg" - "github.com/coredns/coredns/plugin/pkg/proxy" - "github.com/coredns/coredns/request" - - tap "github.com/dnstap/golang-dnstap" - "github.com/miekg/dns" -) - -// toDnstap will send the forward and received message to the dnstap plugin. -func toDnstap(ctx context.Context, f *Forward, host string, state request.Request, opts proxy.Options, reply *dns.Msg, start time.Time) { - h, p, _ := net.SplitHostPort(host) // this is preparsed and can't err here - port, _ := strconv.ParseUint(p, 10, 32) // same here - ip := net.ParseIP(h) - - var ta net.Addr = &net.UDPAddr{IP: ip, Port: int(port)} - t := state.Proto() - switch { - case opts.ForceTCP: - t = "tcp" - case opts.PreferUDP: - t = "udp" - } - - if t == "tcp" { - ta = &net.TCPAddr{IP: ip, Port: int(port)} - } - - for _, t := range f.tapPlugins { - // Query - q := new(tap.Message) - msg.SetQueryTime(q, start) - // Forwarder dnstap messages are from the perspective of the downstream server - // (upstream is the forward server) - msg.SetQueryAddress(q, state.W.RemoteAddr()) - msg.SetResponseAddress(q, ta) - if t.IncludeRawMessage { - buf, _ := state.Req.Pack() - q.QueryMessage = buf - } - msg.SetType(q, tap.Message_FORWARDER_QUERY) - t.TapMessageWithMetadata(ctx, q, state) - - // Response - if reply != nil { - r := new(tap.Message) - if t.IncludeRawMessage { - buf, _ := reply.Pack() - r.ResponseMessage = buf - } - msg.SetQueryTime(r, start) - msg.SetQueryAddress(r, state.W.RemoteAddr()) - msg.SetResponseAddress(r, ta) - msg.SetResponseTime(r, time.Now()) - msg.SetType(r, tap.Message_FORWARDER_RESPONSE) - t.TapMessageWithMetadata(ctx, r, state) - } - } -} diff --git a/vendor/github.com/coredns/coredns/plugin/forward/forward.go b/vendor/github.com/coredns/coredns/plugin/forward/forward.go deleted file mode 100644 index 3ea25516..00000000 --- a/vendor/github.com/coredns/coredns/plugin/forward/forward.go +++ /dev/null @@ -1,275 +0,0 @@ -// Package forward implements a forwarding proxy. It caches an upstream net.Conn for some time, so if the same -// client returns the upstream's Conn will be precached. Depending on how you benchmark this looks to be -// 50% faster than just opening a new connection for every client. It works with UDP and TCP and uses -// inband healthchecking. -package forward - -import ( - "context" - "crypto/tls" - "errors" - "sync/atomic" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/debug" - "github.com/coredns/coredns/plugin/dnstap" - "github.com/coredns/coredns/plugin/metadata" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/pkg/proxy" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" - ot "github.com/opentracing/opentracing-go" - otext "github.com/opentracing/opentracing-go/ext" -) - -var log = clog.NewWithPlugin("forward") - -const ( - defaultExpire = 10 * time.Second - hcInterval = 500 * time.Millisecond -) - -// Forward represents a plugin instance that can proxy requests to another (DNS) server. It has a list -// of proxies each representing one upstream proxy. -type Forward struct { - concurrent int64 // atomic counters need to be first in struct for proper alignment - - proxies []*proxy.Proxy - p Policy - hcInterval time.Duration - - from string - ignored []string - - nextAlternateRcodes []int - - tlsConfig *tls.Config - tlsServerName string - maxfails uint32 - expire time.Duration - maxConcurrent int64 - failfastUnhealthyUpstreams bool - - opts proxy.Options // also here for testing - - // ErrLimitExceeded indicates that a query was rejected because the number of concurrent queries has exceeded - // the maximum allowed (maxConcurrent) - ErrLimitExceeded error - - tapPlugins []*dnstap.Dnstap // when dnstap plugins are loaded, we use to this to send messages out. - - Next plugin.Handler -} - -// New returns a new Forward. -func New() *Forward { - f := &Forward{maxfails: 2, tlsConfig: new(tls.Config), expire: defaultExpire, p: new(random), from: ".", hcInterval: hcInterval, opts: proxy.Options{ForceTCP: false, PreferUDP: false, HCRecursionDesired: true, HCDomain: "."}} - return f -} - -// SetProxy appends p to the proxy list and starts healthchecking. -func (f *Forward) SetProxy(p *proxy.Proxy) { - f.proxies = append(f.proxies, p) - p.Start(f.hcInterval) -} - -// SetTapPlugin appends one or more dnstap plugins to the tap plugin list. -func (f *Forward) SetTapPlugin(tapPlugin *dnstap.Dnstap) { - f.tapPlugins = append(f.tapPlugins, tapPlugin) - if nextPlugin, ok := tapPlugin.Next.(*dnstap.Dnstap); ok { - f.SetTapPlugin(nextPlugin) - } -} - -// Len returns the number of configured proxies. -func (f *Forward) Len() int { return len(f.proxies) } - -// Name implements plugin.Handler. -func (f *Forward) Name() string { return "forward" } - -// ServeDNS implements plugin.Handler. -func (f *Forward) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - if !f.match(state) { - return plugin.NextOrFailure(f.Name(), f.Next, ctx, w, r) - } - - if f.maxConcurrent > 0 { - count := atomic.AddInt64(&(f.concurrent), 1) - defer atomic.AddInt64(&(f.concurrent), -1) - if count > f.maxConcurrent { - maxConcurrentRejectCount.Add(1) - return dns.RcodeRefused, f.ErrLimitExceeded - } - } - - fails := 0 - var span, child ot.Span - var upstreamErr error - span = ot.SpanFromContext(ctx) - i := 0 - list := f.List() - deadline := time.Now().Add(defaultTimeout) - start := time.Now() - for time.Now().Before(deadline) && ctx.Err() == nil { - if i >= len(list) { - // reached the end of list, reset to begin - i = 0 - fails = 0 - } - - proxy := list[i] - i++ - if proxy.Down(f.maxfails) { - fails++ - if fails < len(f.proxies) { - continue - } - - healthcheckBrokenCount.Add(1) - // All upstreams are dead, return servfail if all upstreams are down - if f.failfastUnhealthyUpstreams { - break - } - // assume healthcheck is completely broken and randomly - // select an upstream to connect to. - r := new(random) - proxy = r.List(f.proxies)[0] - } - - if span != nil { - child = span.Tracer().StartSpan("connect", ot.ChildOf(span.Context())) - otext.PeerAddress.Set(child, proxy.Addr()) - ctx = ot.ContextWithSpan(ctx, child) - } - - metadata.SetValueFunc(ctx, "forward/upstream", func() string { - return proxy.Addr() - }) - - var ( - ret *dns.Msg - err error - ) - opts := f.opts - - for { - ret, err = proxy.Connect(ctx, state, opts) - - if err == ErrCachedClosed { // Remote side closed conn, can only happen with TCP. - continue - } - // Retry with TCP if truncated and prefer_udp configured. - if ret != nil && ret.Truncated && !opts.ForceTCP && opts.PreferUDP { - opts.ForceTCP = true - continue - } - break - } - - if child != nil { - child.Finish() - } - - if len(f.tapPlugins) != 0 { - toDnstap(ctx, f, proxy.Addr(), state, opts, ret, start) - } - - upstreamErr = err - - if err != nil { - // Kick off health check to see if *our* upstream is broken. - if f.maxfails != 0 { - proxy.Healthcheck() - } - - if fails < len(f.proxies) { - continue - } - break - } - - // Check if the reply is correct; if not return FormErr. - if !state.Match(ret) { - debug.Hexdumpf(ret, "Wrong reply for id: %d, %s %d", ret.Id, state.QName(), state.QType()) - - formerr := new(dns.Msg) - formerr.SetRcode(state.Req, dns.RcodeFormatError) - w.WriteMsg(formerr) - return 0, nil - } - - // Check if we have an alternate Rcode defined, check if we match on the code - for _, alternateRcode := range f.nextAlternateRcodes { - if alternateRcode == ret.Rcode && f.Next != nil { // In case we do not have a Next handler, just continue normally - if _, ok := f.Next.(*Forward); ok { // Only continue if the next forwarder is also a Forworder - return plugin.NextOrFailure(f.Name(), f.Next, ctx, w, r) - } - } - } - - w.WriteMsg(ret) - return 0, nil - } - - if upstreamErr != nil { - return dns.RcodeServerFailure, upstreamErr - } - - return dns.RcodeServerFailure, ErrNoHealthy -} - -func (f *Forward) match(state request.Request) bool { - if !plugin.Name(f.from).Matches(state.Name()) || !f.isAllowedDomain(state.Name()) { - return false - } - - return true -} - -func (f *Forward) isAllowedDomain(name string) bool { - if dns.Name(name) == dns.Name(f.from) { - return true - } - - for _, ignore := range f.ignored { - if plugin.Name(ignore).Matches(name) { - return false - } - } - return true -} - -// ForceTCP returns if TCP is forced to be used even when the request comes in over UDP. -func (f *Forward) ForceTCP() bool { return f.opts.ForceTCP } - -// PreferUDP returns if UDP is preferred to be used even when the request comes in over TCP. -func (f *Forward) PreferUDP() bool { return f.opts.PreferUDP } - -// List returns a set of proxies to be used for this client depending on the policy in f. -func (f *Forward) List() []*proxy.Proxy { return f.p.List(f.proxies) } - -var ( - // ErrNoHealthy means no healthy proxies left. - ErrNoHealthy = errors.New("no healthy proxies") - // ErrNoForward means no forwarder defined. - ErrNoForward = errors.New("no forwarder defined") - // ErrCachedClosed means cached connection was closed by peer. - ErrCachedClosed = errors.New("cached connection was closed by peer") -) - -// Options holds various Options that can be set. -type Options struct { - // ForceTCP use TCP protocol for upstream DNS request. Has precedence over PreferUDP flag - ForceTCP bool - // PreferUDP use UDP protocol for upstream DNS request. - PreferUDP bool - // HCRecursionDesired sets recursion desired flag for Proxy healthcheck requests - HCRecursionDesired bool - // HCDomain sets domain for Proxy healthcheck requests - HCDomain string -} - -var defaultTimeout = 5 * time.Second diff --git a/vendor/github.com/coredns/coredns/plugin/forward/fuzz.go b/vendor/github.com/coredns/coredns/plugin/forward/fuzz.go deleted file mode 100644 index 4367f651..00000000 --- a/vendor/github.com/coredns/coredns/plugin/forward/fuzz.go +++ /dev/null @@ -1,35 +0,0 @@ -//go:build gofuzz - -package forward - -import ( - "github.com/coredns/coredns/plugin/pkg/dnstest" - "github.com/coredns/coredns/plugin/pkg/fuzz" - "github.com/coredns/coredns/plugin/pkg/proxy" - - "github.com/miekg/dns" -) - -var f *Forward - -// abuse init to setup an environment to test against. This start another server to that will -// reflect responses. -func init() { - f = New() - s := dnstest.NewServer(r{}.reflectHandler) - f.SetProxy(proxy.NewProxy("FuzzForwardPlugin1", s.Addr, "tcp")) - f.SetProxy(proxy.NewProxy("FuzzForwardPlugin2", s.Addr, "udp")) -} - -// Fuzz fuzzes forward. -func Fuzz(data []byte) int { - return fuzz.Do(f, data) -} - -type r struct{} - -func (r r) reflectHandler(w dns.ResponseWriter, req *dns.Msg) { - m := new(dns.Msg) - m.SetReply(req) - w.WriteMsg(m) -} diff --git a/vendor/github.com/coredns/coredns/plugin/forward/metrics.go b/vendor/github.com/coredns/coredns/plugin/forward/metrics.go deleted file mode 100644 index 246dc650..00000000 --- a/vendor/github.com/coredns/coredns/plugin/forward/metrics.go +++ /dev/null @@ -1,25 +0,0 @@ -package forward - -import ( - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -// Variables declared for monitoring. -var ( - healthcheckBrokenCount = promauto.NewCounter(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "forward", - Name: "healthcheck_broken_total", - Help: "Counter of the number of complete failures of the healthchecks.", - }) - - maxConcurrentRejectCount = promauto.NewCounter(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "forward", - Name: "max_concurrent_rejects_total", - Help: "Counter of the number of queries rejected because the concurrent queries were at maximum.", - }) -) diff --git a/vendor/github.com/coredns/coredns/plugin/forward/policy.go b/vendor/github.com/coredns/coredns/plugin/forward/policy.go deleted file mode 100644 index 7bd1f316..00000000 --- a/vendor/github.com/coredns/coredns/plugin/forward/policy.go +++ /dev/null @@ -1,69 +0,0 @@ -package forward - -import ( - "sync/atomic" - "time" - - "github.com/coredns/coredns/plugin/pkg/proxy" - "github.com/coredns/coredns/plugin/pkg/rand" -) - -// Policy defines a policy we use for selecting upstreams. -type Policy interface { - List([]*proxy.Proxy) []*proxy.Proxy - String() string -} - -// random is a policy that implements random upstream selection. -type random struct{} - -func (r *random) String() string { return "random" } - -func (r *random) List(p []*proxy.Proxy) []*proxy.Proxy { - switch len(p) { - case 1: - return p - case 2: - if rn.Int()%2 == 0 { - return []*proxy.Proxy{p[1], p[0]} // swap - } - return p - } - - perms := rn.Perm(len(p)) - rnd := make([]*proxy.Proxy, len(p)) - - for i, p1 := range perms { - rnd[i] = p[p1] - } - return rnd -} - -// roundRobin is a policy that selects hosts based on round robin ordering. -type roundRobin struct { - robin uint32 -} - -func (r *roundRobin) String() string { return "round_robin" } - -func (r *roundRobin) List(p []*proxy.Proxy) []*proxy.Proxy { - poolLen := uint32(len(p)) - i := atomic.AddUint32(&r.robin, 1) % poolLen - - robin := []*proxy.Proxy{p[i]} - robin = append(robin, p[:i]...) - robin = append(robin, p[i+1:]...) - - return robin -} - -// sequential is a policy that selects hosts based on sequential ordering. -type sequential struct{} - -func (r *sequential) String() string { return "sequential" } - -func (r *sequential) List(p []*proxy.Proxy) []*proxy.Proxy { - return p -} - -var rn = rand.New(time.Now().UnixNano()) diff --git a/vendor/github.com/coredns/coredns/plugin/forward/setup.go b/vendor/github.com/coredns/coredns/plugin/forward/setup.go deleted file mode 100644 index be5b12f9..00000000 --- a/vendor/github.com/coredns/coredns/plugin/forward/setup.go +++ /dev/null @@ -1,322 +0,0 @@ -package forward - -import ( - "crypto/tls" - "errors" - "fmt" - "path/filepath" - "strconv" - "strings" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/dnstap" - "github.com/coredns/coredns/plugin/pkg/parse" - "github.com/coredns/coredns/plugin/pkg/proxy" - pkgtls "github.com/coredns/coredns/plugin/pkg/tls" - "github.com/coredns/coredns/plugin/pkg/transport" - - "github.com/miekg/dns" -) - -func init() { - plugin.Register("forward", setup) -} - -func setup(c *caddy.Controller) error { - fs, err := parseForward(c) - if err != nil { - return plugin.Error("forward", err) - } - for i := range fs { - f := fs[i] - if f.Len() > max { - return plugin.Error("forward", fmt.Errorf("more than %d TOs configured: %d", max, f.Len())) - } - - if i == len(fs)-1 { - // last forward: point next to next plugin - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - f.Next = next - return f - }) - } else { - // middle forward: point next to next forward - nextForward := fs[i+1] - dnsserver.GetConfig(c).AddPlugin(func(plugin.Handler) plugin.Handler { - f.Next = nextForward - return f - }) - } - - c.OnStartup(func() error { - return f.OnStartup() - }) - c.OnStartup(func() error { - if taph := dnsserver.GetConfig(c).Handler("dnstap"); taph != nil { - f.SetTapPlugin(taph.(*dnstap.Dnstap)) - } - return nil - }) - - c.OnShutdown(func() error { - return f.OnShutdown() - }) - } - - return nil -} - -// OnStartup starts a goroutines for all proxies. -func (f *Forward) OnStartup() (err error) { - for _, p := range f.proxies { - p.Start(f.hcInterval) - } - return nil -} - -// OnShutdown stops all configured proxies. -func (f *Forward) OnShutdown() error { - for _, p := range f.proxies { - p.Stop() - } - return nil -} - -func parseForward(c *caddy.Controller) ([]*Forward, error) { - var fs = []*Forward{} - for c.Next() { - f, err := parseStanza(c) - if err != nil { - return nil, err - } - fs = append(fs, f) - } - return fs, nil -} - -func parseStanza(c *caddy.Controller) (*Forward, error) { - f := New() - - if !c.Args(&f.from) { - return f, c.ArgErr() - } - origFrom := f.from - zones := plugin.Host(f.from).NormalizeExact() - if len(zones) == 0 { - return f, fmt.Errorf("unable to normalize '%s'", f.from) - } - f.from = zones[0] // there can only be one here, won't work with non-octet reverse - - if len(zones) > 1 { - log.Warningf("Unsupported CIDR notation: '%s' expands to multiple zones. Using only '%s'.", origFrom, f.from) - } - - to := c.RemainingArgs() - if len(to) == 0 { - return f, c.ArgErr() - } - - toHosts, err := parse.HostPortOrFile(to...) - if err != nil { - return f, err - } - - transports := make([]string, len(toHosts)) - allowedTrans := map[string]bool{"dns": true, "tls": true} - for i, host := range toHosts { - trans, h := parse.Transport(host) - - if !allowedTrans[trans] { - return f, fmt.Errorf("'%s' is not supported as a destination protocol in forward: %s", trans, host) - } - p := proxy.NewProxy("forward", h, trans) - f.proxies = append(f.proxies, p) - transports[i] = trans - } - - for c.NextBlock() { - if err := parseBlock(c, f); err != nil { - return f, err - } - } - - if f.tlsServerName != "" { - f.tlsConfig.ServerName = f.tlsServerName - } - - // Initialize ClientSessionCache in tls.Config. This may speed up a TLS handshake - // in upcoming connections to the same TLS server. - f.tlsConfig.ClientSessionCache = tls.NewLRUClientSessionCache(len(f.proxies)) - - for i := range f.proxies { - // Only set this for proxies that need it. - if transports[i] == transport.TLS { - f.proxies[i].SetTLSConfig(f.tlsConfig) - } - f.proxies[i].SetExpire(f.expire) - f.proxies[i].GetHealthchecker().SetRecursionDesired(f.opts.HCRecursionDesired) - // when TLS is used, checks are set to tcp-tls - if f.opts.ForceTCP && transports[i] != transport.TLS { - f.proxies[i].GetHealthchecker().SetTCPTransport() - } - f.proxies[i].GetHealthchecker().SetDomain(f.opts.HCDomain) - } - - return f, nil -} - -func parseBlock(c *caddy.Controller, f *Forward) error { - config := dnsserver.GetConfig(c) - switch c.Val() { - case "except": - ignore := c.RemainingArgs() - if len(ignore) == 0 { - return c.ArgErr() - } - for i := 0; i < len(ignore); i++ { - f.ignored = append(f.ignored, plugin.Host(ignore[i]).NormalizeExact()...) - } - case "max_fails": - if !c.NextArg() { - return c.ArgErr() - } - n, err := strconv.ParseUint(c.Val(), 10, 32) - if err != nil { - return err - } - f.maxfails = uint32(n) - case "health_check": - if !c.NextArg() { - return c.ArgErr() - } - dur, err := time.ParseDuration(c.Val()) - if err != nil { - return err - } - if dur < 0 { - return fmt.Errorf("health_check can't be negative: %d", dur) - } - f.hcInterval = dur - f.opts.HCDomain = "." - - for c.NextArg() { - switch hcOpts := c.Val(); hcOpts { - case "no_rec": - f.opts.HCRecursionDesired = false - case "domain": - if !c.NextArg() { - return c.ArgErr() - } - hcDomain := c.Val() - if _, ok := dns.IsDomainName(hcDomain); !ok { - return fmt.Errorf("health_check: invalid domain name %s", hcDomain) - } - f.opts.HCDomain = plugin.Name(hcDomain).Normalize() - default: - return fmt.Errorf("health_check: unknown option %s", hcOpts) - } - } - - case "force_tcp": - if c.NextArg() { - return c.ArgErr() - } - f.opts.ForceTCP = true - case "prefer_udp": - if c.NextArg() { - return c.ArgErr() - } - f.opts.PreferUDP = true - case "tls": - args := c.RemainingArgs() - if len(args) > 3 { - return c.ArgErr() - } - - for i := range args { - if !filepath.IsAbs(args[i]) && config.Root != "" { - args[i] = filepath.Join(config.Root, args[i]) - } - } - tlsConfig, err := pkgtls.NewTLSConfigFromArgs(args...) - if err != nil { - return err - } - f.tlsConfig = tlsConfig - case "tls_servername": - if !c.NextArg() { - return c.ArgErr() - } - f.tlsServerName = c.Val() - case "expire": - if !c.NextArg() { - return c.ArgErr() - } - dur, err := time.ParseDuration(c.Val()) - if err != nil { - return err - } - if dur < 0 { - return fmt.Errorf("expire can't be negative: %s", dur) - } - f.expire = dur - case "policy": - if !c.NextArg() { - return c.ArgErr() - } - switch x := c.Val(); x { - case "random": - f.p = &random{} - case "round_robin": - f.p = &roundRobin{} - case "sequential": - f.p = &sequential{} - default: - return c.Errf("unknown policy '%s'", x) - } - case "max_concurrent": - if !c.NextArg() { - return c.ArgErr() - } - n, err := strconv.Atoi(c.Val()) - if err != nil { - return err - } - if n < 0 { - return fmt.Errorf("max_concurrent can't be negative: %d", n) - } - f.ErrLimitExceeded = errors.New("concurrent queries exceeded maximum " + c.Val()) - f.maxConcurrent = int64(n) - case "next": - args := c.RemainingArgs() - if len(args) == 0 { - return c.ArgErr() - } - - for _, rcode := range args { - var rc int - var ok bool - - if rc, ok = dns.StringToRcode[strings.ToUpper(rcode)]; !ok { - return fmt.Errorf("%s is not a valid rcode", rcode) - } - - f.nextAlternateRcodes = append(f.nextAlternateRcodes, rc) - } - case "failfast_all_unhealthy_upstreams": - args := c.RemainingArgs() - if len(args) != 0 { - return c.ArgErr() - } - f.failfastUnhealthyUpstreams = true - default: - return c.Errf("unknown property '%s'", c.Val()) - } - - return nil -} - -const max = 15 // Maximum number of upstreams. diff --git a/vendor/github.com/coredns/coredns/plugin/geoip/README.md b/vendor/github.com/coredns/coredns/plugin/geoip/README.md deleted file mode 100644 index febad8ad..00000000 --- a/vendor/github.com/coredns/coredns/plugin/geoip/README.md +++ /dev/null @@ -1,117 +0,0 @@ -# geoip - -## Name - -*geoip* - Lookup maxmind geoip2 databases using the client IP, then add associated geoip data to the context request. - -## Description - -The *geoip* plugin add geo location data associated with the client IP, it allows you to configure a [geoIP2 maxmind database](https://dev.maxmind.com/geoip/docs/databases) to add the geo location data associated with the IP address. - -The data is added leveraging the *metadata* plugin, values can then be retrieved using it as well, for example: - -```go -import ( - "strconv" - "github.com/coredns/coredns/plugin/metadata" -) -// ... -if getLongitude := metadata.ValueFunc(ctx, "geoip/longitude"); getLongitude != nil { - if longitude, err := strconv.ParseFloat(getLongitude(), 64); err == nil { - // Do something useful with longitude. - } -} else { - // The metadata label geoip/longitude for some reason, was not set. -} -// ... -``` - -## Databases - -The supported databases use city schema such as `City` and `Enterprise`. Other databases types with different schemas are not supported yet. - -You can download a [free and public City database](https://dev.maxmind.com/geoip/geolite2-free-geolocation-data). - -## Syntax - -```text -geoip [DBFILE] -``` - -or - -```text -geoip [DBFILE] { - [edns-subnet] -} -``` - -* **DBFILE** the mmdb database file path. We recommend updating your mmdb database periodically for more accurate results. -* `edns-subnet`: Optional. Use [EDNS0 subnet](https://en.wikipedia.org/wiki/EDNS_Client_Subnet) (if present) for Geo IP instead of the source IP of the DNS request. This helps identifying the closest source IP address through intermediary DNS resolvers, and it also makes GeoIP testing easy: `dig +subnet=1.2.3.4 @dns-server.example.com www.geo-aware.com`. - - **NOTE:** due to security reasons, recursive DNS resolvers may mask a few bits off of the clients' IP address, which can cause inaccuracies in GeoIP resolution. - - There is no defined mask size in the standards, but there are examples: [RFC 7871's example](https://datatracker.ietf.org/doc/html/rfc7871#section-13) conceals the last 72 bits of an IPv6 source address, and NS1 Help Center [mentions](https://help.ns1.com/hc/en-us/articles/360020256573-About-the-EDNS-Client-Subnet-ECS-DNS-extension) that ECS-enabled DNS resolvers send only the first three octets (eg. /24) of the source IPv4 address. - -## Examples - -The following configuration configures the `City` database, and looks up geolocation based on EDNS0 subnet if present. - -```txt -. { - geoip /opt/geoip2/db/GeoLite2-City.mmdb { - edns-subnet - } - metadata # Note that metadata plugin must be enabled as well. -} -``` - -The *view* plugin can use *geoip* metadata as selection criteria to provide GSLB functionality. -In this example, clients from the city "Exampleshire" will receive answers for `example.com` from the zone defined in -`example.com.exampleshire-db`. All other clients will receive answers from the zone defined in `example.com.db`. -Note that the order of the two `example.com` server blocks below is important; the default viewless server block -must be last. - -```txt -example.com { - view exampleshire { - expr metadata('geoip/city/name') == 'Exampleshire' - } - geoip /opt/geoip2/db/GeoLite2-City.mmdb - metadata - file example.com.exampleshire-db -} - -example.com { - file example.com.db -} -``` - -## Metadata Labels - -A limited set of fields will be exported as labels, all values are stored using strings **regardless of their underlying value type**, and therefore you may have to convert it back to its original type, note that numeric values are always represented in base 10. - -| Label | Type | Example | Description -| :----------------------------------- | :-------- | :-------------- | :------------------ -| `geoip/city/name` | `string` | `Cambridge` | Then city name in English language. -| `geoip/country/code` | `string` | `GB` | Country [ISO 3166-1](https://en.wikipedia.org/wiki/ISO_3166-1) code. -| `geoip/country/name` | `string` | `United Kingdom` | The country name in English language. -| `geoip/country/is_in_european_union` | `bool` | `false` | Either `true` or `false`. -| `geoip/continent/code` | `string` | `EU` | See [Continent codes](#ContinentCodes). -| `geoip/continent/name` | `string` | `Europe` | The continent name in English language. -| `geoip/latitude` | `float64` | `52.2242` | Base 10, max available precision. -| `geoip/longitude` | `float64` | `0.1315` | Base 10, max available precision. -| `geoip/timezone` | `string` | `Europe/London` | The timezone. -| `geoip/postalcode` | `string` | `CB4` | The postal code. - -## Continent Codes - -| Value | Continent (EN) | -| :---- | :------------- | -| AF | Africa | -| AN | Antarctica | -| AS | Asia | -| EU | Europe | -| NA | North America | -| OC | Oceania | -| SA | South America | diff --git a/vendor/github.com/coredns/coredns/plugin/geoip/city.go b/vendor/github.com/coredns/coredns/plugin/geoip/city.go deleted file mode 100644 index 2e5d9f7e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/geoip/city.go +++ /dev/null @@ -1,58 +0,0 @@ -package geoip - -import ( - "context" - "strconv" - - "github.com/coredns/coredns/plugin/metadata" - - "github.com/oschwald/geoip2-golang" -) - -const defaultLang = "en" - -func (g GeoIP) setCityMetadata(ctx context.Context, data *geoip2.City) { - // Set labels for city, country and continent names. - cityName := data.City.Names[defaultLang] - metadata.SetValueFunc(ctx, pluginName+"/city/name", func() string { - return cityName - }) - countryName := data.Country.Names[defaultLang] - metadata.SetValueFunc(ctx, pluginName+"/country/name", func() string { - return countryName - }) - continentName := data.Continent.Names[defaultLang] - metadata.SetValueFunc(ctx, pluginName+"/continent/name", func() string { - return continentName - }) - - countryCode := data.Country.IsoCode - metadata.SetValueFunc(ctx, pluginName+"/country/code", func() string { - return countryCode - }) - isInEurope := strconv.FormatBool(data.Country.IsInEuropeanUnion) - metadata.SetValueFunc(ctx, pluginName+"/country/is_in_european_union", func() string { - return isInEurope - }) - continentCode := data.Continent.Code - metadata.SetValueFunc(ctx, pluginName+"/continent/code", func() string { - return continentCode - }) - - latitude := strconv.FormatFloat(data.Location.Latitude, 'f', -1, 64) - metadata.SetValueFunc(ctx, pluginName+"/latitude", func() string { - return latitude - }) - longitude := strconv.FormatFloat(data.Location.Longitude, 'f', -1, 64) - metadata.SetValueFunc(ctx, pluginName+"/longitude", func() string { - return longitude - }) - timeZone := data.Location.TimeZone - metadata.SetValueFunc(ctx, pluginName+"/timezone", func() string { - return timeZone - }) - postalCode := data.Postal.Code - metadata.SetValueFunc(ctx, pluginName+"/postalcode", func() string { - return postalCode - }) -} diff --git a/vendor/github.com/coredns/coredns/plugin/geoip/geoip.go b/vendor/github.com/coredns/coredns/plugin/geoip/geoip.go deleted file mode 100644 index 3451c82a..00000000 --- a/vendor/github.com/coredns/coredns/plugin/geoip/geoip.go +++ /dev/null @@ -1,107 +0,0 @@ -// Package geoip implements a max mind database plugin. -package geoip - -import ( - "context" - "fmt" - "net" - "path/filepath" - - "github.com/coredns/coredns/plugin" - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" - "github.com/oschwald/geoip2-golang" -) - -var log = clog.NewWithPlugin(pluginName) - -// GeoIP is a plugin that add geo location data to the request context by looking up a maxmind -// geoIP2 database, and which data can be later consumed by other middlewares. -type GeoIP struct { - Next plugin.Handler - db db - edns0 bool -} - -type db struct { - *geoip2.Reader - // provides defines the schemas that can be obtained by querying this database, by using - // bitwise operations. - provides int -} - -const ( - city = 1 << iota -) - -var probingIP = net.ParseIP("127.0.0.1") - -func newGeoIP(dbPath string, edns0 bool) (*GeoIP, error) { - reader, err := geoip2.Open(dbPath) - if err != nil { - return nil, fmt.Errorf("failed to open database file: %v", err) - } - db := db{Reader: reader} - schemas := []struct { - provides int - name string - validate func() error - }{ - {name: "city", provides: city, validate: func() error { _, err := reader.City(probingIP); return err }}, - } - // Query the database to figure out the database type. - for _, schema := range schemas { - if err := schema.validate(); err != nil { - // If we get an InvalidMethodError then we know this database does not provide that schema. - if _, ok := err.(geoip2.InvalidMethodError); !ok { - return nil, fmt.Errorf("unexpected failure looking up database %q schema %q: %v", filepath.Base(dbPath), schema.name, err) - } - } else { - db.provides |= schema.provides - } - } - - if db.provides&city == 0 { - return nil, fmt.Errorf("database does not provide city schema") - } - - return &GeoIP{db: db, edns0: edns0}, nil -} - -// ServeDNS implements the plugin.Handler interface. -func (g GeoIP) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - return plugin.NextOrFailure(pluginName, g.Next, ctx, w, r) -} - -// Metadata implements the metadata.Provider Interface in the metadata plugin, and is used to store -// the data associated with the source IP of every request. -func (g GeoIP) Metadata(ctx context.Context, state request.Request) context.Context { - srcIP := net.ParseIP(state.IP()) - - if g.edns0 { - if o := state.Req.IsEdns0(); o != nil { - for _, s := range o.Option { - if e, ok := s.(*dns.EDNS0_SUBNET); ok { - srcIP = e.Address - break - } - } - } - } - - switch { - case g.db.provides&city == city: - data, err := g.db.City(srcIP) - if err != nil { - log.Debugf("Setting up metadata failed due to database lookup error: %v", err) - return ctx - } - g.setCityMetadata(ctx, data) - } - return ctx -} - -// Name implements the Handler interface. -func (g GeoIP) Name() string { return pluginName } diff --git a/vendor/github.com/coredns/coredns/plugin/geoip/setup.go b/vendor/github.com/coredns/coredns/plugin/geoip/setup.go deleted file mode 100644 index 7f6e16f3..00000000 --- a/vendor/github.com/coredns/coredns/plugin/geoip/setup.go +++ /dev/null @@ -1,57 +0,0 @@ -package geoip - -import ( - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" -) - -const pluginName = "geoip" - -func init() { plugin.Register(pluginName, setup) } - -func setup(c *caddy.Controller) error { - geoip, err := geoipParse(c) - if err != nil { - return plugin.Error(pluginName, err) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - geoip.Next = next - return geoip - }) - - return nil -} - -func geoipParse(c *caddy.Controller) (*GeoIP, error) { - var dbPath string - var edns0 bool - - for c.Next() { - if !c.NextArg() { - return nil, c.ArgErr() - } - if dbPath != "" { - return nil, c.Errf("configuring multiple databases is not supported") - } - dbPath = c.Val() - // There shouldn't be any more arguments. - if len(c.RemainingArgs()) != 0 { - return nil, c.ArgErr() - } - - for c.NextBlock() { - if c.Val() != "edns-subnet" { - return nil, c.Errf("unknown property %q", c.Val()) - } - edns0 = true - } - } - - geoIP, err := newGeoIP(dbPath, edns0) - if err != nil { - return geoIP, c.Err(err.Error()) - } - return geoIP, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/grpc/README.md b/vendor/github.com/coredns/coredns/plugin/grpc/README.md deleted file mode 100644 index c2e8b34e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/grpc/README.md +++ /dev/null @@ -1,143 +0,0 @@ -# grpc - -## Name - -*grpc* - facilitates proxying DNS messages to upstream resolvers via gRPC protocol. - -## Description - -The *grpc* plugin supports gRPC and TLS. - -This plugin can only be used once per Server Block. - -## Syntax - -In its most basic form: - -~~~ -grpc FROM TO... -~~~ - -* **FROM** is the base domain to match for the request to be proxied. -* **TO...** are the destination endpoints to proxy to. The number of upstreams is - limited to 15. - -Multiple upstreams are randomized (see `policy`) on first use. When a proxy returns an error -the next upstream in the list is tried. - -Extra knobs are available with an expanded syntax: - -~~~ -grpc FROM TO... { - except IGNORED_NAMES... - tls CERT KEY CA - tls_servername NAME - policy random|round_robin|sequential -} -~~~ - -* **FROM** and **TO...** as above. -* **IGNORED_NAMES** in `except` is a space-separated list of domains to exclude from proxying. - Requests that match none of these names will be passed through. -* `tls` **CERT** **KEY** **CA** define the TLS properties for TLS connection. From 0 to 3 arguments can be - provided with the meaning as described below - - * `tls` - no client authentication is used, and the system CAs are used to verify the server certificate - * `tls` **CA** - no client authentication is used, and the file CA is used to verify the server certificate - * `tls` **CERT** **KEY** - client authentication is used with the specified cert/key pair. - The server certificate is verified with the system CAs - * `tls` **CERT** **KEY** **CA** - client authentication is used with the specified cert/key pair. - The server certificate is verified using the specified CA file - -* `tls_servername` **NAME** allows you to set a server name in the TLS configuration; for instance 9.9.9.9 - needs this to be set to `dns.quad9.net`. Multiple upstreams are still allowed in this scenario, - but they have to use the same `tls_servername`. E.g. mixing 9.9.9.9 (QuadDNS) with 1.1.1.1 - (Cloudflare) will not work. -* `policy` specifies the policy to use for selecting upstream servers. The default is `random`. - -Also note the TLS config is "global" for the whole grpc proxy if you need a different -`tls-name` for different upstreams you're out of luck. - -## Metrics - -If monitoring is enabled (via the *prometheus* plugin) then the following metric are exported: - -* `coredns_grpc_request_duration_seconds{to}` - duration per upstream interaction. -* `coredns_grpc_requests_total{to}` - query count per upstream. -* `coredns_grpc_responses_total{to, rcode}` - count of RCODEs per upstream. - and we are randomly (this always uses the `random` policy) spraying to an upstream. - -## Examples - -Proxy all requests within `example.org.` to a nameserver running on a different port: - -~~~ corefile -example.org { - grpc . 127.0.0.1:9005 -} -~~~ - -Load balance all requests between three resolvers, one of which has a IPv6 address. - -~~~ corefile -. { - grpc . 10.0.0.10:53 10.0.0.11:1053 [2003::1]:53 -} -~~~ - -Forward everything except requests to `example.org` - -~~~ corefile -. { - grpc . 10.0.0.10:1234 { - except example.org - } -} -~~~ - -Proxy everything except `example.org` using the host's `resolv.conf`'s nameservers: - -~~~ corefile -. { - grpc . /etc/resolv.conf { - except example.org - } -} -~~~ - -Proxy all requests to 9.9.9.9 using the TLS protocol, and cache every answer for up to 30 -seconds. Note the `tls_servername` is mandatory if you want a working setup, as 9.9.9.9 can't be -used in the TLS negotiation. - -~~~ corefile -. { - grpc . 9.9.9.9 { - tls_servername dns.quad9.net - } - cache 30 -} -~~~ - -Or with multiple upstreams from the same provider - -~~~ corefile -. { - grpc . 1.1.1.1 1.0.0.1 { - tls_servername cloudflare-dns.com - } - cache 30 -} -~~~ - -Forward requests to a local upstream listening on a Unix domain socket. - -~~~ corefile -. { - grpc . unix:///path/to/grpc.sock -} -~~~ - -## Bugs - -The TLS config is global for the whole grpc proxy if you need a different `tls_servername` for -different upstreams you're out of luck. \ No newline at end of file diff --git a/vendor/github.com/coredns/coredns/plugin/grpc/grpc.go b/vendor/github.com/coredns/coredns/plugin/grpc/grpc.go deleted file mode 100644 index c2911edd..00000000 --- a/vendor/github.com/coredns/coredns/plugin/grpc/grpc.go +++ /dev/null @@ -1,143 +0,0 @@ -package grpc - -import ( - "context" - "crypto/tls" - "errors" - "time" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/debug" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" - ot "github.com/opentracing/opentracing-go" -) - -// GRPC represents a plugin instance that can proxy requests to another (DNS) server via gRPC protocol. -// It has a list of proxies each representing one upstream proxy. -type GRPC struct { - proxies []*Proxy - p Policy - - from string - ignored []string - - tlsConfig *tls.Config - tlsServerName string - - Next plugin.Handler -} - -// ServeDNS implements the plugin.Handler interface. -func (g *GRPC) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - if !g.match(state) { - return plugin.NextOrFailure(g.Name(), g.Next, ctx, w, r) - } - - var ( - span, child ot.Span - ret *dns.Msg - err error - i int - ) - span = ot.SpanFromContext(ctx) - list := g.list() - deadline := time.Now().Add(defaultTimeout) - - for time.Now().Before(deadline) { - if i >= len(list) { - // reached the end of list without any answer - if ret != nil { - // write empty response and finish - w.WriteMsg(ret) - } - break - } - - proxy := list[i] - i++ - - if span != nil { - child = span.Tracer().StartSpan("query", ot.ChildOf(span.Context())) - ctx = ot.ContextWithSpan(ctx, child) - } - - ret, err = proxy.query(ctx, r) - if err != nil { - // Continue with the next proxy - continue - } - - if child != nil { - child.Finish() - } - - // Check if the reply is correct; if not return FormErr. - if !state.Match(ret) { - debug.Hexdumpf(ret, "Wrong reply for id: %d, %s %d", ret.Id, state.QName(), state.QType()) - - formerr := new(dns.Msg) - formerr.SetRcode(state.Req, dns.RcodeFormatError) - w.WriteMsg(formerr) - return 0, nil - } - - w.WriteMsg(ret) - return 0, nil - } - - // SERVFAIL if all healthy proxys returned errors. - if err != nil { - // just return the last error received - return dns.RcodeServerFailure, err - } - - return dns.RcodeServerFailure, ErrNoHealthy -} - -// NewGRPC returns a new GRPC. -func newGRPC() *GRPC { - g := &GRPC{ - p: new(random), - } - return g -} - -// Name implements the Handler interface. -func (g *GRPC) Name() string { return "grpc" } - -// Len returns the number of configured proxies. -func (g *GRPC) len() int { return len(g.proxies) } - -func (g *GRPC) match(state request.Request) bool { - if !plugin.Name(g.from).Matches(state.Name()) || !g.isAllowedDomain(state.Name()) { - return false - } - - return true -} - -func (g *GRPC) isAllowedDomain(name string) bool { - if dns.Name(name) == dns.Name(g.from) { - return true - } - - for _, ignore := range g.ignored { - if plugin.Name(ignore).Matches(name) { - return false - } - } - return true -} - -// List returns a set of proxies to be used for this client depending on the policy in p. -func (g *GRPC) list() []*Proxy { return g.p.List(g.proxies) } - -const defaultTimeout = 5 * time.Second - -var ( - // ErrNoHealthy means no healthy proxies left. - ErrNoHealthy = errors.New("no healthy gRPC proxies") -) diff --git a/vendor/github.com/coredns/coredns/plugin/grpc/metrics.go b/vendor/github.com/coredns/coredns/plugin/grpc/metrics.go deleted file mode 100644 index 0e8760ac..00000000 --- a/vendor/github.com/coredns/coredns/plugin/grpc/metrics.go +++ /dev/null @@ -1,32 +0,0 @@ -package grpc - -import ( - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -// Variables declared for monitoring. -var ( - RequestCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "grpc", - Name: "requests_total", - Help: "Counter of requests made per upstream.", - }, []string{"to"}) - RcodeCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "grpc", - Name: "responses_total", - Help: "Counter of requests made per upstream.", - }, []string{"rcode", "to"}) - RequestDuration = promauto.NewHistogramVec(prometheus.HistogramOpts{ - Namespace: plugin.Namespace, - Subsystem: "grpc", - Name: "request_duration_seconds", - Buckets: plugin.TimeBuckets, - NativeHistogramBucketFactor: plugin.NativeHistogramBucketFactor, - Help: "Histogram of the time each request took.", - }, []string{"to"}) -) diff --git a/vendor/github.com/coredns/coredns/plugin/grpc/policy.go b/vendor/github.com/coredns/coredns/plugin/grpc/policy.go deleted file mode 100644 index 686b2ebb..00000000 --- a/vendor/github.com/coredns/coredns/plugin/grpc/policy.go +++ /dev/null @@ -1,68 +0,0 @@ -package grpc - -import ( - "sync/atomic" - "time" - - "github.com/coredns/coredns/plugin/pkg/rand" -) - -// Policy defines a policy we use for selecting upstreams. -type Policy interface { - List([]*Proxy) []*Proxy - String() string -} - -// random is a policy that implements random upstream selection. -type random struct{} - -func (r *random) String() string { return "random" } - -func (r *random) List(p []*Proxy) []*Proxy { - switch len(p) { - case 1: - return p - case 2: - if rn.Int()%2 == 0 { - return []*Proxy{p[1], p[0]} // swap - } - return p - } - - perms := rn.Perm(len(p)) - rnd := make([]*Proxy, len(p)) - - for i, p1 := range perms { - rnd[i] = p[p1] - } - return rnd -} - -// roundRobin is a policy that selects hosts based on round robin ordering. -type roundRobin struct { - robin uint32 -} - -func (r *roundRobin) String() string { return "round_robin" } - -func (r *roundRobin) List(p []*Proxy) []*Proxy { - poolLen := uint32(len(p)) - i := atomic.AddUint32(&r.robin, 1) % poolLen - - robin := []*Proxy{p[i]} - robin = append(robin, p[:i]...) - robin = append(robin, p[i+1:]...) - - return robin -} - -// sequential is a policy that selects hosts based on sequential ordering. -type sequential struct{} - -func (r *sequential) String() string { return "sequential" } - -func (r *sequential) List(p []*Proxy) []*Proxy { - return p -} - -var rn = rand.New(time.Now().UnixNano()) diff --git a/vendor/github.com/coredns/coredns/plugin/grpc/proxy.go b/vendor/github.com/coredns/coredns/plugin/grpc/proxy.go deleted file mode 100644 index f8322680..00000000 --- a/vendor/github.com/coredns/coredns/plugin/grpc/proxy.go +++ /dev/null @@ -1,82 +0,0 @@ -package grpc - -import ( - "context" - "crypto/tls" - "strconv" - "time" - - "github.com/coredns/coredns/pb" - - "github.com/miekg/dns" - "google.golang.org/grpc" - "google.golang.org/grpc/codes" - "google.golang.org/grpc/credentials" - "google.golang.org/grpc/credentials/insecure" - "google.golang.org/grpc/status" -) - -// Proxy defines an upstream host. -type Proxy struct { - addr string - - // connection - client pb.DnsServiceClient - dialOpts []grpc.DialOption -} - -// newProxy returns a new proxy. -func newProxy(addr string, tlsConfig *tls.Config) (*Proxy, error) { - p := &Proxy{ - addr: addr, - } - - if tlsConfig != nil { - p.dialOpts = append(p.dialOpts, grpc.WithTransportCredentials(credentials.NewTLS(tlsConfig))) - } else { - p.dialOpts = append(p.dialOpts, grpc.WithTransportCredentials(insecure.NewCredentials())) - } - - conn, err := grpc.NewClient(p.addr, p.dialOpts...) - if err != nil { - return nil, err - } - p.client = pb.NewDnsServiceClient(conn) - - return p, nil -} - -// query sends the request and waits for a response. -func (p *Proxy) query(ctx context.Context, req *dns.Msg) (*dns.Msg, error) { - start := time.Now() - - msg, err := req.Pack() - if err != nil { - return nil, err - } - - reply, err := p.client.Query(ctx, &pb.DnsPacket{Msg: msg}) - if err != nil { - // if not found message, return empty message with NXDomain code - if status.Code(err) == codes.NotFound { - m := new(dns.Msg).SetRcode(req, dns.RcodeNameError) - return m, nil - } - return nil, err - } - ret := new(dns.Msg) - if err := ret.Unpack(reply.Msg); err != nil { - return nil, err - } - - rc, ok := dns.RcodeToString[ret.Rcode] - if !ok { - rc = strconv.Itoa(ret.Rcode) - } - - RequestCount.WithLabelValues(p.addr).Add(1) - RcodeCount.WithLabelValues(rc, p.addr).Add(1) - RequestDuration.WithLabelValues(p.addr).Observe(time.Since(start).Seconds()) - - return ret, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/grpc/setup.go b/vendor/github.com/coredns/coredns/plugin/grpc/setup.go deleted file mode 100644 index d1c67625..00000000 --- a/vendor/github.com/coredns/coredns/plugin/grpc/setup.go +++ /dev/null @@ -1,153 +0,0 @@ -package grpc - -import ( - "crypto/tls" - "fmt" - "path/filepath" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/parse" - pkgtls "github.com/coredns/coredns/plugin/pkg/tls" -) - -func init() { plugin.Register("grpc", setup) } - -func setup(c *caddy.Controller) error { - g, err := parseGRPC(c) - if err != nil { - return plugin.Error("grpc", err) - } - - if g.len() > max { - return plugin.Error("grpc", fmt.Errorf("more than %d TOs configured: %d", max, g.len())) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - g.Next = next // Set the Next field, so the plugin chaining works. - return g - }) - - return nil -} - -func parseGRPC(c *caddy.Controller) (*GRPC, error) { - var ( - g *GRPC - err error - i int - ) - for c.Next() { - if i > 0 { - return nil, plugin.ErrOnce - } - i++ - g, err = parseStanza(c) - if err != nil { - return nil, err - } - } - return g, nil -} - -func parseStanza(c *caddy.Controller) (*GRPC, error) { - g := newGRPC() - - if !c.Args(&g.from) { - return g, c.ArgErr() - } - normalized := plugin.Host(g.from).NormalizeExact() - if len(normalized) == 0 { - return g, fmt.Errorf("unable to normalize '%s'", g.from) - } - g.from = normalized[0] // only the first is used. - - to := c.RemainingArgs() - if len(to) == 0 { - return g, c.ArgErr() - } - - toHosts, err := parse.HostPortOrFile(to...) - if err != nil { - return g, err - } - - for c.NextBlock() { - if err := parseBlock(c, g); err != nil { - return g, err - } - } - - if g.tlsServerName != "" { - if g.tlsConfig == nil { - g.tlsConfig = new(tls.Config) - } - g.tlsConfig.ServerName = g.tlsServerName - } - for _, host := range toHosts { - pr, err := newProxy(host, g.tlsConfig) - if err != nil { - return nil, err - } - g.proxies = append(g.proxies, pr) - } - - return g, nil -} - -func parseBlock(c *caddy.Controller, g *GRPC) error { - switch c.Val() { - case "except": - ignore := c.RemainingArgs() - if len(ignore) == 0 { - return c.ArgErr() - } - for i := 0; i < len(ignore); i++ { - g.ignored = append(g.ignored, plugin.Host(ignore[i]).NormalizeExact()...) - } - case "tls": - args := c.RemainingArgs() - if len(args) > 3 { - return c.ArgErr() - } - - for i := range args { - if !filepath.IsAbs(args[i]) && dnsserver.GetConfig(c).Root != "" { - args[i] = filepath.Join(dnsserver.GetConfig(c).Root, args[i]) - } - } - tlsConfig, err := pkgtls.NewTLSConfigFromArgs(args...) - if err != nil { - return err - } - g.tlsConfig = tlsConfig - case "tls_servername": - if !c.NextArg() { - return c.ArgErr() - } - g.tlsServerName = c.Val() - case "policy": - if !c.NextArg() { - return c.ArgErr() - } - switch x := c.Val(); x { - case "random": - g.p = &random{} - case "round_robin": - g.p = &roundRobin{} - case "sequential": - g.p = &sequential{} - default: - return c.Errf("unknown policy '%s'", x) - } - default: - if c.Val() != "}" { - return c.Errf("unknown property '%s'", c.Val()) - } - } - - return nil -} - -const max = 15 // Maximum number of upstreams. diff --git a/vendor/github.com/coredns/coredns/plugin/header/README.md b/vendor/github.com/coredns/coredns/plugin/header/README.md deleted file mode 100644 index 9a855c72..00000000 --- a/vendor/github.com/coredns/coredns/plugin/header/README.md +++ /dev/null @@ -1,63 +0,0 @@ -# header - -## Name - -*header* - modifies the header for queries and responses. - -## Description - -*header* ensures that the flags are in the desired state for queries and responses. -The modifications are made transparently for the client and subsequent plugins. - -## Syntax - -~~~ -header { - [SELECTOR] ACTION FLAGS... - [SELECTOR] ACTION FLAGS... -} -~~~ - -* **SELECTOR** defines if the action should be applied on `query` or `response`. In future CoreDNS version the selector will be mandatory. For backwards compatibility the action will be applied on `response` if the selector is undefined. - -* **ACTION** defines the state for DNS message header flags. Actions are evaluated in the order they are defined so last one has the - most precedence. Allowed values are: - * `set` - * `clear` -* **FLAGS** are the DNS header flags that will be modified. Current supported flags include: - * `aa` - Authoritative(Answer) - * `ra` - RecursionAvailable - * `rd` - RecursionDesired - -## Examples - -Make sure recursive available `ra` flag is set in all the responses: - -~~~ corefile -. { - header { - response set ra - } -} -~~~ - -Make sure "recursion available" `ra` and "authoritative answer" `aa` flags are set and "recursion desired" is cleared in all responses: - -~~~ corefile -. { - header { - response set ra aa - response clear rd - } -} -~~~ - -Make sure "recursion desired" `rd` is set for all subsequent plugins:: - -~~~ corefile -. { - header { - query set rd - } -} -~~~ diff --git a/vendor/github.com/coredns/coredns/plugin/header/handler.go b/vendor/github.com/coredns/coredns/plugin/header/handler.go deleted file mode 100644 index e11eb03c..00000000 --- a/vendor/github.com/coredns/coredns/plugin/header/handler.go +++ /dev/null @@ -1,27 +0,0 @@ -package header - -import ( - "context" - - "github.com/coredns/coredns/plugin" - - "github.com/miekg/dns" -) - -// Header modifies flags of dns.MsgHdr in queries and / or responses -type Header struct { - QueryRules []Rule - ResponseRules []Rule - Next plugin.Handler -} - -// ServeDNS implements the plugin.Handler interface. -func (h Header) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - applyRules(r, h.QueryRules) - - wr := ResponseHeaderWriter{ResponseWriter: w, Rules: h.ResponseRules} - return plugin.NextOrFailure(h.Name(), h.Next, ctx, &wr, r) -} - -// Name implements the plugin.Handler interface. -func (h Header) Name() string { return "header" } diff --git a/vendor/github.com/coredns/coredns/plugin/header/header.go b/vendor/github.com/coredns/coredns/plugin/header/header.go deleted file mode 100644 index 830587d0..00000000 --- a/vendor/github.com/coredns/coredns/plugin/header/header.go +++ /dev/null @@ -1,95 +0,0 @@ -package header - -import ( - "fmt" - "strings" - - clog "github.com/coredns/coredns/plugin/pkg/log" - - "github.com/miekg/dns" -) - -// Supported flags -const ( - authoritative = "aa" - recursionAvailable = "ra" - recursionDesired = "rd" -) - -var log = clog.NewWithPlugin("header") - -// ResponseHeaderWriter is a response writer that allows modifying dns.MsgHdr -type ResponseHeaderWriter struct { - dns.ResponseWriter - Rules []Rule -} - -// WriteMsg implements the dns.ResponseWriter interface. -func (r *ResponseHeaderWriter) WriteMsg(res *dns.Msg) error { - applyRules(res, r.Rules) - return r.ResponseWriter.WriteMsg(res) -} - -// Write implements the dns.ResponseWriter interface. -func (r *ResponseHeaderWriter) Write(buf []byte) (int, error) { - log.Warning("ResponseHeaderWriter called with Write: not ensuring headers") - n, err := r.ResponseWriter.Write(buf) - return n, err -} - -// Rule is used to set/clear Flag in dns.MsgHdr -type Rule struct { - Flag string - State bool -} - -func newRules(key string, args []string) ([]Rule, error) { - if key == "" { - return nil, fmt.Errorf("no flag action provided") - } - - if len(args) < 1 { - return nil, fmt.Errorf("invalid length for flags, at least one should be provided") - } - - var state bool - action := strings.ToLower(key) - switch action { - case "set": - state = true - case "clear": - state = false - default: - return nil, fmt.Errorf("unknown flag action=%s, should be set or clear", action) - } - - var rules []Rule - for _, arg := range args { - flag := strings.ToLower(arg) - switch flag { - case authoritative: - case recursionAvailable: - case recursionDesired: - default: - return nil, fmt.Errorf("unknown/unsupported flag=%s", flag) - } - rule := Rule{Flag: flag, State: state} - rules = append(rules, rule) - } - - return rules, nil -} - -func applyRules(res *dns.Msg, rules []Rule) { - // handle all supported flags - for _, rule := range rules { - switch rule.Flag { - case authoritative: - res.Authoritative = rule.State - case recursionAvailable: - res.RecursionAvailable = rule.State - case recursionDesired: - res.RecursionDesired = rule.State - } - } -} diff --git a/vendor/github.com/coredns/coredns/plugin/header/setup.go b/vendor/github.com/coredns/coredns/plugin/header/setup.go deleted file mode 100644 index 3d6facf0..00000000 --- a/vendor/github.com/coredns/coredns/plugin/header/setup.go +++ /dev/null @@ -1,74 +0,0 @@ -package header - -import ( - "fmt" - "strings" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("header", setup) } - -func setup(c *caddy.Controller) error { - queryRules, responseRules, err := parse(c) - if err != nil { - return plugin.Error("header", err) - } - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - return Header{ - QueryRules: queryRules, - ResponseRules: responseRules, - Next: next, - } - }) - - return nil -} - -func parse(c *caddy.Controller) ([]Rule, []Rule, error) { - for c.Next() { - var queryRules []Rule - var responseRules []Rule - - for c.NextBlock() { - selector := strings.ToLower(c.Val()) - - var action string - if selector == "set" || selector == "clear" { - log.Warningf("The selector for header rule in line %d isn't explicit defined. "+ - "Assume rule applies for selector 'response'. This syntax is deprecated. "+ - "In future versions of CoreDNS the selector must be explicit defined.", - c.Line()) - - action = selector - selector = "response" - } else if selector == "query" || selector == "response" { - if c.NextArg() { - action = c.Val() - } - } else { - return nil, nil, fmt.Errorf("setting up rule: invalid selector=%s should be query or response", selector) - } - - args := c.RemainingArgs() - rules, err := newRules(action, args) - if err != nil { - return nil, nil, fmt.Errorf("setting up rule: %w", err) - } - - if selector == "response" { - responseRules = append(responseRules, rules...) - } else { - queryRules = append(queryRules, rules...) - } - } - - if len(queryRules) > 0 || len(responseRules) > 0 { - return queryRules, responseRules, nil - } - } - return nil, nil, c.ArgErr() -} diff --git a/vendor/github.com/coredns/coredns/plugin/health/README.md b/vendor/github.com/coredns/coredns/plugin/health/README.md deleted file mode 100644 index b18d2ec3..00000000 --- a/vendor/github.com/coredns/coredns/plugin/health/README.md +++ /dev/null @@ -1,80 +0,0 @@ -# health - -## Name - -*health* - enables a health check endpoint. - -## Description - -Enabled process wide health endpoint. When CoreDNS is up and running this returns a 200 OK HTTP -status code. The health is exported, by default, on port 8080/health. - -## Syntax - -~~~ -health [ADDRESS] -~~~ - -Optionally takes an address; the default is `:8080`. The health path is fixed to `/health`. The -health endpoint returns a 200 response code and the word "OK" when this server is healthy. - -An extra option can be set with this extended syntax: - -~~~ -health [ADDRESS] { - lameduck DURATION -} -~~~ - -* Where `lameduck` will delay shutdown for **DURATION**. /health will still answer 200 OK. - Note: The *ready* plugin will not answer OK while CoreDNS is in lame duck mode prior to shutdown. - -If you have multiple Server Blocks, *health* can only be enabled in one of them (as it is process -wide). If you really need multiple endpoints, you must run health endpoints on different ports: - -~~~ corefile -com { - whoami - health :8080 -} - -net { - erratic - health :8081 -} -~~~ - -Doing this is supported but both endpoints ":8080" and ":8081" will export the exact same health. - -## Metrics - -If monitoring is enabled (via the *prometheus* plugin) then the following metrics are exported: - - * `coredns_health_request_duration_seconds{}` - The *health* plugin performs a self health check - once per second on the `/health` endpoint. This metric is the duration to process that request. - As this is a local operation it should be fast. A (large) increase in this - duration indicates the CoreDNS process is having trouble keeping up with its query load. - * `coredns_health_request_failures_total{}` - The number of times the self health check failed. - -Note that these metrics *do not* have a `server` label, because being overloaded is a symptom of -the running process, *not* a specific server. - -## Examples - -Run another health endpoint on http://localhost:8091. - -~~~ corefile -. { - health localhost:8091 -} -~~~ - -Set a lame duck duration of 1 second: - -~~~ corefile -. { - health localhost:8092 { - lameduck 1s - } -} -~~~ diff --git a/vendor/github.com/coredns/coredns/plugin/health/health.go b/vendor/github.com/coredns/coredns/plugin/health/health.go deleted file mode 100644 index 980cf2bc..00000000 --- a/vendor/github.com/coredns/coredns/plugin/health/health.go +++ /dev/null @@ -1,99 +0,0 @@ -// Package health implements an HTTP handler that responds to health checks. -package health - -import ( - "context" - "io" - "net" - "net/http" - "net/url" - "time" - - clog "github.com/coredns/coredns/plugin/pkg/log" - "github.com/coredns/coredns/plugin/pkg/reuseport" -) - -var log = clog.NewWithPlugin("health") - -// Health implements healthchecks by exporting a HTTP endpoint. -type health struct { - Addr string - lameduck time.Duration - healthURI *url.URL - - ln net.Listener - nlSetup bool - mux *http.ServeMux - - stop context.CancelFunc -} - -func (h *health) OnStartup() error { - if h.Addr == "" { - h.Addr = ":8080" - } - - var err error - h.healthURI, err = url.Parse("http://" + h.Addr) - if err != nil { - return err - } - - h.healthURI.Path = "/health" - if h.healthURI.Host == "" { - // while we can listen on multiple network interfaces, we need to pick one to poll - h.healthURI.Host = "localhost" - } - - ln, err := reuseport.Listen("tcp", h.Addr) - if err != nil { - return err - } - - h.ln = ln - h.mux = http.NewServeMux() - h.nlSetup = true - - h.mux.HandleFunc(h.healthURI.Path, func(w http.ResponseWriter, r *http.Request) { - // We're always healthy. - w.WriteHeader(http.StatusOK) - io.WriteString(w, http.StatusText(http.StatusOK)) - }) - - ctx := context.Background() - ctx, h.stop = context.WithCancel(ctx) - - go func() { http.Serve(h.ln, h.mux) }() - go func() { h.overloaded(ctx) }() - - return nil -} - -func (h *health) OnFinalShutdown() error { - if !h.nlSetup { - return nil - } - - if h.lameduck > 0 { - log.Infof("Going into lameduck mode for %s", h.lameduck) - time.Sleep(h.lameduck) - } - - h.stop() - - h.ln.Close() - h.nlSetup = false - return nil -} - -func (h *health) OnReload() error { - if !h.nlSetup { - return nil - } - - h.stop() - - h.ln.Close() - h.nlSetup = false - return nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/health/overloaded.go b/vendor/github.com/coredns/coredns/plugin/health/overloaded.go deleted file mode 100644 index f8b3256b..00000000 --- a/vendor/github.com/coredns/coredns/plugin/health/overloaded.go +++ /dev/null @@ -1,84 +0,0 @@ -package health - -import ( - "context" - "net" - "net/http" - "time" - - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -// overloaded queries the health end point and updates a metrics showing how long it took. -func (h *health) overloaded(ctx context.Context) { - bypassProxy := &http.Transport{ - Proxy: nil, - DialContext: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - }).DialContext, - ForceAttemptHTTP2: true, - MaxIdleConns: 100, - IdleConnTimeout: 90 * time.Second, - TLSHandshakeTimeout: 10 * time.Second, - ExpectContinueTimeout: 1 * time.Second, - } - timeout := 3 * time.Second - client := http.Client{ - Timeout: timeout, - Transport: bypassProxy, - } - - req, _ := http.NewRequestWithContext(ctx, http.MethodGet, h.healthURI.String(), nil) - tick := time.NewTicker(1 * time.Second) - defer tick.Stop() - - for { - select { - case <-tick.C: - start := time.Now() - resp, err := client.Do(req) - if err != nil && ctx.Err() == context.Canceled { - // request was cancelled by parent goroutine - return - } - if err != nil { - HealthDuration.Observe(time.Since(start).Seconds()) - HealthFailures.Inc() - log.Warningf("Local health request to %q failed: %s", req.URL.String(), err) - continue - } - resp.Body.Close() - elapsed := time.Since(start) - HealthDuration.Observe(elapsed.Seconds()) - if elapsed > time.Second { // 1s is pretty random, but a *local* scrape taking that long isn't good - log.Warningf("Local health request to %q took more than 1s: %s", req.URL.String(), elapsed) - } - - case <-ctx.Done(): - return - } - } -} - -var ( - // HealthDuration is the metric used for exporting how fast we can retrieve the /health endpoint. - HealthDuration = promauto.NewHistogram(prometheus.HistogramOpts{ - Namespace: plugin.Namespace, - Subsystem: "health", - Name: "request_duration_seconds", - Buckets: plugin.SlimTimeBuckets, - NativeHistogramBucketFactor: plugin.NativeHistogramBucketFactor, - Help: "Histogram of the time (in seconds) each request took.", - }) - // HealthFailures is the metric used to count how many times the health request failed - HealthFailures = promauto.NewCounter(prometheus.CounterOpts{ - Namespace: plugin.Namespace, - Subsystem: "health", - Name: "request_failures_total", - Help: "The number of times the health check failed.", - }) -) diff --git a/vendor/github.com/coredns/coredns/plugin/health/setup.go b/vendor/github.com/coredns/coredns/plugin/health/setup.go deleted file mode 100644 index e9163ad4..00000000 --- a/vendor/github.com/coredns/coredns/plugin/health/setup.go +++ /dev/null @@ -1,66 +0,0 @@ -package health - -import ( - "fmt" - "net" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/plugin" -) - -func init() { plugin.Register("health", setup) } - -func setup(c *caddy.Controller) error { - addr, lame, err := parse(c) - if err != nil { - return plugin.Error("health", err) - } - - h := &health{Addr: addr, lameduck: lame} - - c.OnStartup(h.OnStartup) - c.OnRestart(h.OnReload) - c.OnFinalShutdown(h.OnFinalShutdown) - c.OnRestartFailed(h.OnStartup) - - // Don't do AddPlugin, as health is not *really* a plugin just a separate webserver running. - return nil -} - -func parse(c *caddy.Controller) (string, time.Duration, error) { - addr := "" - dur := time.Duration(0) - for c.Next() { - args := c.RemainingArgs() - - switch len(args) { - case 0: - case 1: - addr = args[0] - if _, _, e := net.SplitHostPort(addr); e != nil { - return "", 0, e - } - default: - return "", 0, c.ArgErr() - } - - for c.NextBlock() { - switch c.Val() { - case "lameduck": - args := c.RemainingArgs() - if len(args) != 1 { - return "", 0, c.ArgErr() - } - l, err := time.ParseDuration(args[0]) - if err != nil { - return "", 0, fmt.Errorf("unable to parse lameduck duration value: '%v' : %v", args[0], err) - } - dur = l - default: - return "", 0, c.ArgErr() - } - } - } - return addr, dur, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/hosts/README.md b/vendor/github.com/coredns/coredns/plugin/hosts/README.md deleted file mode 100644 index dde6259a..00000000 --- a/vendor/github.com/coredns/coredns/plugin/hosts/README.md +++ /dev/null @@ -1,125 +0,0 @@ -# hosts - -## Name - -*hosts* - enables serving zone data from a `/etc/hosts` style file. - -## Description - -The *hosts* plugin is useful for serving zones from a `/etc/hosts` file. It serves from a preloaded -file that exists on disk. It checks the file for changes and updates the zones accordingly. This -plugin only supports A, AAAA, and PTR records. The hosts plugin can be used with readily -available hosts files that block access to advertising servers. - -The plugin reloads the content of the hosts file every 5 seconds. Upon reload, CoreDNS will use the -new definitions. Should the file be deleted, any inlined content will continue to be served. When -the file is restored, it will then again be used. - -If you want to pass the request to the rest of the plugin chain if there is no match in the *hosts* -plugin, you must specify the `fallthrough` option. - -This plugin can only be used once per Server Block. - -## The hosts file - -Commonly the entries are of the form `IP_address canonical_hostname [aliases...]` as explained by -the hosts(5) man page. - -Examples: - -~~~ -# The following lines are desirable for IPv4 capable hosts -127.0.0.1 localhost -192.168.1.10 example.com example - -# The following lines are desirable for IPv6 capable hosts -::1 localhost ip6-localhost ip6-loopback -fdfc:a744:27b5:3b0e::1 example.com example -~~~ - -### PTR records - -PTR records for reverse lookups are generated automatically by CoreDNS (based on the hosts file -entries) and cannot be created manually. - -## Syntax - -~~~ -hosts [FILE [ZONES...]] { - [INLINE] - ttl SECONDS - no_reverse - reload DURATION - fallthrough [ZONES...] -} -~~~ - -* **FILE** the hosts file to read and parse. If the path is relative the path from the *root* - plugin will be prepended to it. Defaults to /etc/hosts if omitted. We scan the file for changes - every 5 seconds. -* **ZONES** zones it should be authoritative for. If empty, the zones from the configuration block - are used. -* **INLINE** the hosts file contents inlined in Corefile. If there are any lines before fallthrough - then all of them will be treated as the additional content for hosts file. The specified hosts - file path will still be read but entries will be overridden. -* `ttl` change the DNS TTL of the records generated (forward and reverse). The default is 3600 seconds (1 hour). -* `reload` change the period between each hostsfile reload. A time of zero seconds disables the - feature. Examples of valid durations: "300ms", "1.5h" or "2h45m". See Go's - [time](https://godoc.org/time). package. -* `no_reverse` disable the automatic generation of the `in-addr.arpa` or `ip6.arpa` entries for the hosts -* `fallthrough` If zone matches and no record can be generated, pass request to the next plugin. - If **[ZONES...]** is omitted, then fallthrough happens for all zones for which the plugin - is authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then only - queries for those zones will be subject to fallthrough. - -## Metrics - -If monitoring is enabled (via the *prometheus* plugin) then the following metrics are exported: - -- `coredns_hosts_entries{}` - The combined number of entries in hosts and Corefile. -- `coredns_hosts_reload_timestamp_seconds{}` - The timestamp of the last reload of hosts file. - -## Examples - -Load `/etc/hosts` file. - -~~~ corefile -. { - hosts -} -~~~ - -Load `example.hosts` file in the current directory. - -~~~ -. { - hosts example.hosts -} -~~~ - -Load example.hosts file and only serve example.org and example.net from it and fall through to the -next plugin if query doesn't match. - -~~~ -. { - hosts example.hosts example.org example.net { - fallthrough - } -} -~~~ - -Load hosts file inlined in Corefile. - -~~~ -example.hosts example.org { - hosts { - 10.0.0.1 example.org - fallthrough - } - whoami -} -~~~ - -## See also - -The form of the entries in the `/etc/hosts` file are based on IETF [RFC 952](https://tools.ietf.org/html/rfc952) which was updated by IETF [RFC 1123](https://tools.ietf.org/html/rfc1123). diff --git a/vendor/github.com/coredns/coredns/plugin/hosts/hosts.go b/vendor/github.com/coredns/coredns/plugin/hosts/hosts.go deleted file mode 100644 index 5c644e75..00000000 --- a/vendor/github.com/coredns/coredns/plugin/hosts/hosts.go +++ /dev/null @@ -1,122 +0,0 @@ -package hosts - -import ( - "context" - "net" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/dnsutil" - "github.com/coredns/coredns/plugin/pkg/fall" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Hosts is the plugin handler -type Hosts struct { - Next plugin.Handler - *Hostsfile - - Fall fall.F -} - -// ServeDNS implements the plugin.Handle interface. -func (h Hosts) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - qname := state.Name() - - answers := []dns.RR{} - - zone := plugin.Zones(h.Origins).Matches(qname) - if zone == "" { - // PTR zones don't need to be specified in Origins. - if state.QType() != dns.TypePTR { - // if this doesn't match we need to fall through regardless of h.Fallthrough - return plugin.NextOrFailure(h.Name(), h.Next, ctx, w, r) - } - } - - switch state.QType() { - case dns.TypePTR: - names := h.LookupStaticAddr(dnsutil.ExtractAddressFromReverse(qname)) - if len(names) == 0 { - // If this doesn't match we need to fall through regardless of h.Fallthrough - return plugin.NextOrFailure(h.Name(), h.Next, ctx, w, r) - } - answers = h.ptr(qname, h.options.ttl, names) - case dns.TypeA: - ips := h.LookupStaticHostV4(qname) - answers = a(qname, h.options.ttl, ips) - case dns.TypeAAAA: - ips := h.LookupStaticHostV6(qname) - answers = aaaa(qname, h.options.ttl, ips) - } - - // Only on NXDOMAIN we will fallthrough. - if len(answers) == 0 && !h.otherRecordsExist(qname) { - if h.Fall.Through(qname) { - return plugin.NextOrFailure(h.Name(), h.Next, ctx, w, r) - } - - // We want to send an NXDOMAIN, but because of /etc/hosts' setup we don't have a SOA, so we make it SERVFAIL - // to at least give an answer back to signals we're having problems resolving this. - return dns.RcodeServerFailure, nil - } - - m := new(dns.Msg) - m.SetReply(r) - m.Authoritative = true - m.Answer = answers - - w.WriteMsg(m) - return dns.RcodeSuccess, nil -} - -func (h Hosts) otherRecordsExist(qname string) bool { - if len(h.LookupStaticHostV4(qname)) > 0 { - return true - } - if len(h.LookupStaticHostV6(qname)) > 0 { - return true - } - return false -} - -// Name implements the plugin.Handle interface. -func (h Hosts) Name() string { return "hosts" } - -// a takes a slice of net.IPs and returns a slice of A RRs. -func a(zone string, ttl uint32, ips []net.IP) []dns.RR { - answers := make([]dns.RR, len(ips)) - for i, ip := range ips { - r := new(dns.A) - r.Hdr = dns.RR_Header{Name: zone, Rrtype: dns.TypeA, Class: dns.ClassINET, Ttl: ttl} - r.A = ip - answers[i] = r - } - return answers -} - -// aaaa takes a slice of net.IPs and returns a slice of AAAA RRs. -func aaaa(zone string, ttl uint32, ips []net.IP) []dns.RR { - answers := make([]dns.RR, len(ips)) - for i, ip := range ips { - r := new(dns.AAAA) - r.Hdr = dns.RR_Header{Name: zone, Rrtype: dns.TypeAAAA, Class: dns.ClassINET, Ttl: ttl} - r.AAAA = ip - answers[i] = r - } - return answers -} - -// ptr takes a slice of host names and filters out the ones that aren't in Origins, if specified, and returns a slice of PTR RRs. -func (h *Hosts) ptr(zone string, ttl uint32, names []string) []dns.RR { - answers := make([]dns.RR, len(names)) - for i, n := range names { - r := new(dns.PTR) - r.Hdr = dns.RR_Header{Name: zone, Rrtype: dns.TypePTR, Class: dns.ClassINET, Ttl: ttl} - r.Ptr = dns.Fqdn(n) - answers[i] = r - } - return answers -} diff --git a/vendor/github.com/coredns/coredns/plugin/hosts/hostsfile.go b/vendor/github.com/coredns/coredns/plugin/hosts/hostsfile.go deleted file mode 100644 index 04747ef8..00000000 --- a/vendor/github.com/coredns/coredns/plugin/hosts/hostsfile.go +++ /dev/null @@ -1,259 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// This file is a modified version of net/hosts.go from the golang repo - -package hosts - -import ( - "bufio" - "bytes" - "io" - "net" - "os" - "strings" - "sync" - "time" - - "github.com/coredns/coredns/plugin" -) - -// parseIP calls discards any v6 zone info, before calling net.ParseIP. -func parseIP(addr string) net.IP { - if i := strings.Index(addr, "%"); i >= 0 { - // discard ipv6 zone - addr = addr[0:i] - } - - return net.ParseIP(addr) -} - -type options struct { - // automatically generate IP to Hostname PTR entries - // for host entries we parse - autoReverse bool - - // The TTL of the record we generate - ttl uint32 - - // The time between two reload of the configuration - reload time.Duration -} - -func newOptions() *options { - return &options{ - autoReverse: true, - ttl: 3600, - reload: 5 * time.Second, - } -} - -// Map contains the IPv4/IPv6 and reverse mapping. -type Map struct { - // Key for the list of literal IP addresses must be a FQDN lowercased host name. - name4 map[string][]net.IP - name6 map[string][]net.IP - - // Key for the list of host names must be a literal IP address - // including IPv6 address without zone identifier. - // We don't support old-classful IP address notation. - addr map[string][]string -} - -func newMap() *Map { - return &Map{ - name4: make(map[string][]net.IP), - name6: make(map[string][]net.IP), - addr: make(map[string][]string), - } -} - -// Len returns the total number of addresses in the hostmap, this includes V4/V6 and any reverse addresses. -func (h *Map) Len() int { - l := 0 - for _, v4 := range h.name4 { - l += len(v4) - } - for _, v6 := range h.name6 { - l += len(v6) - } - for _, a := range h.addr { - l += len(a) - } - return l -} - -// Hostsfile contains known host entries. -type Hostsfile struct { - sync.RWMutex - - // list of zones we are authoritative for - Origins []string - - // hosts maps for lookups - hmap *Map - - // inline saves the hosts file that is inlined in a Corefile. - inline *Map - - // path to the hosts file - path string - - // mtime and size are only read and modified by a single goroutine - mtime time.Time - size int64 - - options *options -} - -// readHosts determines if the cached data needs to be updated based on the size and modification time of the hostsfile. -func (h *Hostsfile) readHosts() { - file, err := os.Open(h.path) - if err != nil { - // We already log a warning if the file doesn't exist or can't be opened on setup. No need to return the error here. - return - } - defer file.Close() - - stat, err := file.Stat() - if err != nil { - return - } - h.RLock() - size := h.size - h.RUnlock() - - if h.mtime.Equal(stat.ModTime()) && size == stat.Size() { - return - } - - newMap := h.parse(file) - log.Debugf("Parsed hosts file into %d entries", newMap.Len()) - - h.Lock() - - h.hmap = newMap - // Update the data cache. - h.mtime = stat.ModTime() - h.size = stat.Size() - - hostsEntries.WithLabelValues(h.path).Set(float64(h.inline.Len() + h.hmap.Len())) - hostsReloadTime.Set(float64(stat.ModTime().UnixNano()) / 1e9) - h.Unlock() -} - -func (h *Hostsfile) initInline(inline []string) { - if len(inline) == 0 { - return - } - - h.inline = h.parse(strings.NewReader(strings.Join(inline, "\n"))) -} - -// Parse reads the hostsfile and populates the byName and addr maps. -func (h *Hostsfile) parse(r io.Reader) *Map { - hmap := newMap() - - scanner := bufio.NewScanner(r) - for scanner.Scan() { - line := scanner.Bytes() - if i := bytes.Index(line, []byte{'#'}); i >= 0 { - // Discard comments. - line = line[0:i] - } - f := bytes.Fields(line) - if len(f) < 2 { - continue - } - addr := parseIP(string(f[0])) - if addr == nil { - continue - } - - family := 0 - if addr.To4() != nil { - family = 1 - } else { - family = 2 - } - - for i := 1; i < len(f); i++ { - name := plugin.Name(string(f[i])).Normalize() - if plugin.Zones(h.Origins).Matches(name) == "" { - // name is not in Origins - continue - } - switch family { - case 1: - hmap.name4[name] = append(hmap.name4[name], addr) - case 2: - hmap.name6[name] = append(hmap.name6[name], addr) - default: - continue - } - if !h.options.autoReverse { - continue - } - hmap.addr[addr.String()] = append(hmap.addr[addr.String()], name) - } - } - - return hmap -} - -// lookupStaticHost looks up the IP addresses for the given host from the hosts file. -func (h *Hostsfile) lookupStaticHost(m map[string][]net.IP, host string) []net.IP { - h.RLock() - defer h.RUnlock() - - if len(m) == 0 { - return nil - } - - ips, ok := m[host] - if !ok { - return nil - } - ipsCp := make([]net.IP, len(ips)) - copy(ipsCp, ips) - return ipsCp -} - -// LookupStaticHostV4 looks up the IPv4 addresses for the given host from the hosts file. -func (h *Hostsfile) LookupStaticHostV4(host string) []net.IP { - host = strings.ToLower(host) - ip1 := h.lookupStaticHost(h.hmap.name4, host) - ip2 := h.lookupStaticHost(h.inline.name4, host) - return append(ip1, ip2...) -} - -// LookupStaticHostV6 looks up the IPv6 addresses for the given host from the hosts file. -func (h *Hostsfile) LookupStaticHostV6(host string) []net.IP { - host = strings.ToLower(host) - ip1 := h.lookupStaticHost(h.hmap.name6, host) - ip2 := h.lookupStaticHost(h.inline.name6, host) - return append(ip1, ip2...) -} - -// LookupStaticAddr looks up the hosts for the given address from the hosts file. -func (h *Hostsfile) LookupStaticAddr(addr string) []string { - addr = parseIP(addr).String() - if addr == "" { - return nil - } - - h.RLock() - defer h.RUnlock() - hosts1 := h.hmap.addr[addr] - hosts2 := h.inline.addr[addr] - - if len(hosts1) == 0 && len(hosts2) == 0 { - return nil - } - - hostsCp := make([]string, len(hosts1)+len(hosts2)) - copy(hostsCp, hosts1) - copy(hostsCp[len(hosts1):], hosts2) - return hostsCp -} diff --git a/vendor/github.com/coredns/coredns/plugin/hosts/metrics.go b/vendor/github.com/coredns/coredns/plugin/hosts/metrics.go deleted file mode 100644 index d3999e1e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/hosts/metrics.go +++ /dev/null @@ -1,25 +0,0 @@ -package hosts - -import ( - "github.com/coredns/coredns/plugin" - - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -var ( - // hostsEntries is the combined number of entries in hosts and Corefile. - hostsEntries = promauto.NewGaugeVec(prometheus.GaugeOpts{ - Namespace: plugin.Namespace, - Subsystem: "hosts", - Name: "entries", - Help: "The combined number of entries in hosts and Corefile.", - }, []string{"hostsfile"}) - // hostsReloadTime is the timestamp of the last reload of hosts file. - hostsReloadTime = promauto.NewGauge(prometheus.GaugeOpts{ - Namespace: plugin.Namespace, - Subsystem: "hosts", - Name: "reload_timestamp_seconds", - Help: "The timestamp of the last reload of hosts file.", - }) -) diff --git a/vendor/github.com/coredns/coredns/plugin/hosts/setup.go b/vendor/github.com/coredns/coredns/plugin/hosts/setup.go deleted file mode 100644 index 128a365e..00000000 --- a/vendor/github.com/coredns/coredns/plugin/hosts/setup.go +++ /dev/null @@ -1,158 +0,0 @@ -package hosts - -import ( - "os" - "path/filepath" - "strconv" - "strings" - "time" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - clog "github.com/coredns/coredns/plugin/pkg/log" -) - -var log = clog.NewWithPlugin("hosts") - -func init() { plugin.Register("hosts", setup) } - -func periodicHostsUpdate(h *Hosts) chan bool { - parseChan := make(chan bool) - - if h.options.reload == 0 { - return parseChan - } - - go func() { - ticker := time.NewTicker(h.options.reload) - defer ticker.Stop() - for { - select { - case <-parseChan: - return - case <-ticker.C: - h.readHosts() - } - } - }() - return parseChan -} - -func setup(c *caddy.Controller) error { - h, err := hostsParse(c) - if err != nil { - return plugin.Error("hosts", err) - } - - parseChan := periodicHostsUpdate(&h) - - c.OnStartup(func() error { - h.readHosts() - return nil - }) - - c.OnShutdown(func() error { - close(parseChan) - return nil - }) - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - h.Next = next - return h - }) - - return nil -} - -func hostsParse(c *caddy.Controller) (Hosts, error) { - config := dnsserver.GetConfig(c) - - h := Hosts{ - Hostsfile: &Hostsfile{ - path: "/etc/hosts", - hmap: newMap(), - inline: newMap(), - options: newOptions(), - }, - } - - inline := []string{} - i := 0 - for c.Next() { - if i > 0 { - return h, plugin.ErrOnce - } - i++ - - args := c.RemainingArgs() - - if len(args) >= 1 { - h.path = args[0] - args = args[1:] - - if !filepath.IsAbs(h.path) && config.Root != "" { - h.path = filepath.Join(config.Root, h.path) - } - s, err := os.Stat(h.path) - if err != nil { - if os.IsNotExist(err) { - log.Warningf("File does not exist: %s", h.path) - } else { - return h, c.Errf("unable to access hosts file '%s': %v", h.path, err) - } - } - if s != nil && s.IsDir() { - log.Warningf("Hosts file %q is a directory", h.path) - } - } - - h.Origins = plugin.OriginsFromArgsOrServerBlock(args, c.ServerBlockKeys) - - for c.NextBlock() { - switch c.Val() { - case "fallthrough": - h.Fall.SetZonesFromArgs(c.RemainingArgs()) - case "no_reverse": - h.options.autoReverse = false - case "ttl": - remaining := c.RemainingArgs() - if len(remaining) < 1 { - return h, c.Errf("ttl needs a time in second") - } - ttl, err := strconv.Atoi(remaining[0]) - if err != nil { - return h, c.Errf("ttl needs a number of second") - } - if ttl <= 0 || ttl > 65535 { - return h, c.Errf("ttl provided is invalid") - } - h.options.ttl = uint32(ttl) - case "reload": - remaining := c.RemainingArgs() - if len(remaining) != 1 { - return h, c.Errf("reload needs a duration (zero seconds to disable)") - } - reload, err := time.ParseDuration(remaining[0]) - if err != nil { - return h, c.Errf("invalid duration for reload '%s'", remaining[0]) - } - if reload < 0 { - return h, c.Errf("invalid negative duration for reload '%s'", remaining[0]) - } - h.options.reload = reload - default: - if len(h.Fall.Zones) == 0 { - line := strings.Join(append([]string{c.Val()}, c.RemainingArgs()...), " ") - inline = append(inline, line) - continue - } - return h, c.Errf("unknown property '%s'", c.Val()) - } - } - } - - h.initInline(inline) - - return h, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/k8s_external/README.md b/vendor/github.com/coredns/coredns/plugin/k8s_external/README.md deleted file mode 100644 index 893a1315..00000000 --- a/vendor/github.com/coredns/coredns/plugin/k8s_external/README.md +++ /dev/null @@ -1,132 +0,0 @@ -# k8s_external - -## Name - -*k8s_external* - resolves load balancer, external IPs from outside Kubernetes clusters and if enabled headless services. - -## Description - -This plugin allows an additional zone to resolve the external IP address(es) of a Kubernetes -service and headless services. This plugin is only useful if the *kubernetes* plugin is also loaded. - -The plugin uses an external zone to resolve in-cluster IP addresses. It only handles queries for A, -AAAA, SRV, and PTR records; To make it a proper DNS zone, it handles SOA and NS queries for the apex of the zone. - -By default the apex of the zone will look like the following (assuming the zone used is `example.org`): - -~~~ dns -example.org. 5 IN SOA ns1.dns.example.org. hostmaster.example.org. ( - 12345 ; serial - 14400 ; refresh (4 hours) - 3600 ; retry (1 hour) - 604800 ; expire (1 week) - 5 ; minimum (4 hours) - ) -example.org 5 IN NS ns1.dns.example.org. - -ns1.dns.example.org. 5 IN A .... -ns1.dns.example.org. 5 IN AAAA .... -~~~ - -Note that we use the `dns` subdomain for the records DNS needs (see the `apex` directive). Also -note the SOA's serial number is static. The IP addresses of the nameserver records are those of the -CoreDNS service. - -The *k8s_external* plugin handles the subdomain `dns` and the apex of the zone itself; all other -queries are resolved to addresses in the cluster. - -## Syntax - -~~~ -k8s_external [ZONE...] -~~~ - -* **ZONES** zones *k8s_external* should be authoritative for. - -If you want to change the apex domain or use a different TTL for the returned records you can use -this extended syntax. - -~~~ -k8s_external [ZONE...] { - apex APEX - ttl TTL -} -~~~ - -* **APEX** is the name (DNS label) to use for the apex records; it defaults to `dns`. -* `ttl` allows you to set a custom **TTL** for responses. The default is 5 (seconds). - -If you want to enable headless service resolution, you can do so by adding `headless` option. - -~~~ -k8s_external [ZONE...] { - headless -} -~~~ - -* if there is a headless service with external IPs set, external IPs will be resolved - -If the queried domain does not exist, you can fall through to next plugin by adding the `fallthrough` option. - -~~~ -k8s_external [ZONE...] { - fallthrough [ZONE...] -} -~~~ - -## Examples - -Enable names under `example.org` to be resolved to in-cluster DNS addresses. - -~~~ -. { - kubernetes cluster.local - k8s_external example.org -} -~~~ - -With the Corefile above, the following Service will get an `A` record for `test.default.example.org` with the IP address `192.168.200.123`. - -~~~ -apiVersion: v1 -kind: Service -metadata: - name: test - namespace: default -spec: - clusterIP: None - externalIPs: - - 192.168.200.123 - type: ClusterIP -~~~ - -The *k8s_external* plugin can be used in conjunction with the *transfer* plugin to enable -zone transfers. Notifies are not supported. - - ~~~ - . { - transfer example.org { - to * - } - kubernetes cluster.local - k8s_external example.org - } - ~~~ - -With the `fallthrough` option, if the queried domain does not exist, it will be passed to the next plugin that matches the zone. - -~~~ -. { - kubernetes cluster.local - k8s_external example.org { - fallthrough - } - forward . 8.8.8.8 -} -~~~ - -# See Also - -For some background see [resolve external IP address](https://github.com/kubernetes/dns/issues/242). -And [A records for services with Load Balancer IP](https://github.com/coredns/coredns/issues/1851). - diff --git a/vendor/github.com/coredns/coredns/plugin/k8s_external/apex.go b/vendor/github.com/coredns/coredns/plugin/k8s_external/apex.go deleted file mode 100644 index e575e5ea..00000000 --- a/vendor/github.com/coredns/coredns/plugin/k8s_external/apex.go +++ /dev/null @@ -1,112 +0,0 @@ -package external - -import ( - "github.com/coredns/coredns/plugin/pkg/dnsutil" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// serveApex serves request that hit the zone' apex. A reply is written back to the client. -func (e *External) serveApex(state request.Request) (int, error) { - m := new(dns.Msg) - m.SetReply(state.Req) - m.Authoritative = true - switch state.QType() { - case dns.TypeSOA: - m.Answer = []dns.RR{e.soa(state)} - case dns.TypeNS: - m.Answer = []dns.RR{e.ns(state)} - - addr := e.externalAddrFunc(state, e.headless) - for _, rr := range addr { - rr.Header().Ttl = e.ttl - rr.Header().Name = dnsutil.Join("ns1", e.apex, state.QName()) - m.Extra = append(m.Extra, rr) - } - default: - m.Ns = []dns.RR{e.soa(state)} - } - - state.W.WriteMsg(m) - return 0, nil -} - -// serveSubApex serves requests that hit the zones fake 'dns' subdomain where our nameservers live. -func (e *External) serveSubApex(state request.Request) (int, error) { - base, _ := dnsutil.TrimZone(state.Name(), state.Zone) - - m := new(dns.Msg) - m.SetReply(state.Req) - m.Authoritative = true - - // base is either dns. of ns1.dns (or another name), if it's longer return nxdomain - switch labels := dns.CountLabel(base); labels { - default: - m.SetRcode(m, dns.RcodeNameError) - m.Ns = []dns.RR{e.soa(state)} - state.W.WriteMsg(m) - return 0, nil - case 2: - nl, _ := dns.NextLabel(base, 0) - ns := base[:nl] - if ns != "ns1." { - // nxdomain - m.SetRcode(m, dns.RcodeNameError) - m.Ns = []dns.RR{e.soa(state)} - state.W.WriteMsg(m) - return 0, nil - } - - addr := e.externalAddrFunc(state, e.headless) - for _, rr := range addr { - rr.Header().Ttl = e.ttl - rr.Header().Name = state.QName() - switch state.QType() { - case dns.TypeA: - if rr.Header().Rrtype == dns.TypeA { - m.Answer = append(m.Answer, rr) - } - case dns.TypeAAAA: - if rr.Header().Rrtype == dns.TypeAAAA { - m.Answer = append(m.Answer, rr) - } - } - } - - if len(m.Answer) == 0 { - m.Ns = []dns.RR{e.soa(state)} - } - - state.W.WriteMsg(m) - return 0, nil - - case 1: - // nodata for the dns empty non-terminal - m.Ns = []dns.RR{e.soa(state)} - state.W.WriteMsg(m) - return 0, nil - } -} - -func (e *External) soa(state request.Request) *dns.SOA { - header := dns.RR_Header{Name: state.Zone, Rrtype: dns.TypeSOA, Ttl: e.ttl, Class: dns.ClassINET} - - soa := &dns.SOA{Hdr: header, - Mbox: dnsutil.Join(e.hostmaster, e.apex, state.Zone), - Ns: dnsutil.Join("ns1", e.apex, state.Zone), - Serial: e.externalSerialFunc(state.Zone), - Refresh: 7200, - Retry: 1800, - Expire: 86400, - Minttl: e.ttl, - } - return soa -} - -func (e *External) ns(state request.Request) *dns.NS { - header := dns.RR_Header{Name: state.Zone, Rrtype: dns.TypeNS, Ttl: e.ttl, Class: dns.ClassINET} - ns := &dns.NS{Hdr: header, Ns: dnsutil.Join("ns1", e.apex, state.Zone)} - - return ns -} diff --git a/vendor/github.com/coredns/coredns/plugin/k8s_external/external.go b/vendor/github.com/coredns/coredns/plugin/k8s_external/external.go deleted file mode 100644 index 442119bd..00000000 --- a/vendor/github.com/coredns/coredns/plugin/k8s_external/external.go +++ /dev/null @@ -1,126 +0,0 @@ -/* -Package external implements external names for kubernetes clusters. - -This plugin only handles three qtypes (except the apex queries, because those are handled -differently). We support A, AAAA and SRV request, for all other types we return NODATA or -NXDOMAIN depending on the state of the cluster. - -A plugin willing to provide these services must implement the Externaler interface, although it -likely only makes sense for the *kubernetes* plugin. -*/ -package external - -import ( - "context" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/etcd/msg" - "github.com/coredns/coredns/plugin/pkg/fall" - "github.com/coredns/coredns/plugin/pkg/upstream" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Externaler defines the interface that a plugin should implement in order to be used by External. -type Externaler interface { - // External returns a slice of msg.Services that are looked up in the backend and match - // the request. - External(request.Request, bool) ([]msg.Service, int) - // ExternalAddress should return a string slice of addresses for the nameserving endpoint. - ExternalAddress(state request.Request, headless bool) []dns.RR - // ExternalServices returns all services in the given zone as a slice of msg.Service and if enabled, headless services as a map of services. - ExternalServices(zone string, headless bool) ([]msg.Service, map[string][]msg.Service) - // ExternalSerial gets the current serial. - ExternalSerial(string) uint32 -} - -// External serves records for External IPs and Loadbalance IPs of Services in Kubernetes clusters. -type External struct { - Next plugin.Handler - Zones []string - Fall fall.F - - hostmaster string - apex string - ttl uint32 - headless bool - - upstream *upstream.Upstream - - externalFunc func(request.Request, bool) ([]msg.Service, int) - externalAddrFunc func(request.Request, bool) []dns.RR - externalSerialFunc func(string) uint32 - externalServicesFunc func(string, bool) ([]msg.Service, map[string][]msg.Service) -} - -// New returns a new and initialized *External. -func New() *External { - e := &External{hostmaster: "hostmaster", ttl: 5, apex: "dns"} - return e -} - -// ServeDNS implements the plugin.Handle interface. -func (e *External) ServeDNS(ctx context.Context, w dns.ResponseWriter, r *dns.Msg) (int, error) { - state := request.Request{W: w, Req: r} - - zone := plugin.Zones(e.Zones).Matches(state.Name()) - if zone == "" { - return plugin.NextOrFailure(e.Name(), e.Next, ctx, w, r) - } - - state.Zone = zone - for _, z := range e.Zones { - // TODO(miek): save this in the External struct. - if state.Name() == z { // apex query - ret, err := e.serveApex(state) - return ret, err - } - if dns.IsSubDomain(e.apex+"."+z, state.Name()) { - // dns subdomain test for ns. and dns. queries - ret, err := e.serveSubApex(state) - return ret, err - } - } - - svc, rcode := e.externalFunc(state, e.headless) - - m := new(dns.Msg) - m.SetReply(state.Req) - m.Authoritative = true - - if len(svc) == 0 { - if e.Fall.Through(state.Name()) && rcode == dns.RcodeNameError { - return plugin.NextOrFailure(e.Name(), e.Next, ctx, w, r) - } - - m.Rcode = rcode - m.Ns = []dns.RR{e.soa(state)} - w.WriteMsg(m) - return 0, nil - } - - switch state.QType() { - case dns.TypeA: - m.Answer, m.Truncated = e.a(ctx, svc, state) - case dns.TypeAAAA: - m.Answer, m.Truncated = e.aaaa(ctx, svc, state) - case dns.TypeSRV: - m.Answer, m.Extra = e.srv(ctx, svc, state) - case dns.TypePTR: - m.Answer = e.ptr(svc, state) - default: - m.Ns = []dns.RR{e.soa(state)} - } - - // If we did have records, but queried for the wrong qtype return a nodata response. - if len(m.Answer) == 0 { - m.Ns = []dns.RR{e.soa(state)} - } - - w.WriteMsg(m) - return 0, nil -} - -// Name implements the Handler interface. -func (e *External) Name() string { return "k8s_external" } diff --git a/vendor/github.com/coredns/coredns/plugin/k8s_external/msg_to_dns.go b/vendor/github.com/coredns/coredns/plugin/k8s_external/msg_to_dns.go deleted file mode 100644 index 6975718b..00000000 --- a/vendor/github.com/coredns/coredns/plugin/k8s_external/msg_to_dns.go +++ /dev/null @@ -1,190 +0,0 @@ -package external - -import ( - "context" - "math" - - "github.com/coredns/coredns/plugin/etcd/msg" - "github.com/coredns/coredns/plugin/pkg/dnsutil" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -func (e *External) a(ctx context.Context, services []msg.Service, state request.Request) (records []dns.RR, truncated bool) { - dup := make(map[string]struct{}) - - for _, s := range services { - what, ip := s.HostType() - - switch what { - case dns.TypeCNAME: - rr := s.NewCNAME(state.QName(), s.Host) - records = append(records, rr) - if resp, err := e.upstream.Lookup(ctx, state, dns.Fqdn(s.Host), dns.TypeA); err == nil { - records = append(records, resp.Answer...) - if resp.Truncated { - truncated = true - } - } - - case dns.TypeA: - if _, ok := dup[s.Host]; !ok { - dup[s.Host] = struct{}{} - rr := s.NewA(state.QName(), ip) - rr.Hdr.Ttl = e.ttl - records = append(records, rr) - } - - case dns.TypeAAAA: - // nada - } - } - return records, truncated -} - -func (e *External) aaaa(ctx context.Context, services []msg.Service, state request.Request) (records []dns.RR, truncated bool) { - dup := make(map[string]struct{}) - - for _, s := range services { - what, ip := s.HostType() - - switch what { - case dns.TypeCNAME: - rr := s.NewCNAME(state.QName(), s.Host) - records = append(records, rr) - if resp, err := e.upstream.Lookup(ctx, state, dns.Fqdn(s.Host), dns.TypeAAAA); err == nil { - records = append(records, resp.Answer...) - if resp.Truncated { - truncated = true - } - } - - case dns.TypeA: - // nada - - case dns.TypeAAAA: - if _, ok := dup[s.Host]; !ok { - dup[s.Host] = struct{}{} - rr := s.NewAAAA(state.QName(), ip) - rr.Hdr.Ttl = e.ttl - records = append(records, rr) - } - } - } - return records, truncated -} - -func (e *External) ptr(services []msg.Service, state request.Request) (records []dns.RR) { - dup := make(map[string]struct{}) - for _, s := range services { - if _, ok := dup[s.Host]; !ok { - dup[s.Host] = struct{}{} - rr := s.NewPTR(state.QName(), dnsutil.Join(s.Host, e.Zones[0])) - rr.Hdr.Ttl = e.ttl - records = append(records, rr) - } - } - return records -} - -func (e *External) srv(ctx context.Context, services []msg.Service, state request.Request) (records, extra []dns.RR) { - dup := make(map[item]struct{}) - - // Looping twice to get the right weight vs priority. This might break because we may drop duplicate SRV records latter on. - w := make(map[int]int) - for _, s := range services { - weight := 100 - if s.Weight != 0 { - weight = s.Weight - } - if _, ok := w[s.Priority]; !ok { - w[s.Priority] = weight - continue - } - w[s.Priority] += weight - } - for _, s := range services { - // Don't add the entry if the port is -1 (invalid). The kubernetes plugin uses port -1 when a service/endpoint - // does not have any declared ports. - if s.Port == -1 { - continue - } - w1 := 100.0 / float64(w[s.Priority]) - if s.Weight == 0 { - w1 *= 100 - } else { - w1 *= float64(s.Weight) - } - weight := uint16(math.Floor(w1)) - // weight should be at least 1 - if weight == 0 { - weight = 1 - } - - what, ip := s.HostType() - - switch what { - case dns.TypeCNAME: - addr := dns.Fqdn(s.Host) - srv := s.NewSRV(state.QName(), weight) - if ok := isDuplicate(dup, srv.Target, "", srv.Port); !ok { - records = append(records, srv) - } - if ok := isDuplicate(dup, srv.Target, addr, 0); !ok { - if resp, err := e.upstream.Lookup(ctx, state, addr, dns.TypeA); err == nil { - extra = append(extra, resp.Answer...) - } - if resp, err := e.upstream.Lookup(ctx, state, addr, dns.TypeAAAA); err == nil { - extra = append(extra, resp.Answer...) - } - } - case dns.TypeA, dns.TypeAAAA: - addr := s.Host - s.Host = msg.Domain(s.Key) - srv := s.NewSRV(state.QName(), weight) - - if ok := isDuplicate(dup, srv.Target, "", srv.Port); !ok { - records = append(records, srv) - } - - if ok := isDuplicate(dup, srv.Target, addr, 0); !ok { - hdr := dns.RR_Header{Name: srv.Target, Rrtype: what, Class: dns.ClassINET, Ttl: e.ttl} - - switch what { - case dns.TypeA: - extra = append(extra, &dns.A{Hdr: hdr, A: ip}) - case dns.TypeAAAA: - extra = append(extra, &dns.AAAA{Hdr: hdr, AAAA: ip}) - } - } - } - } - return records, extra -} - -// not sure if this is even needed. - -// item holds records. -type item struct { - name string // name of the record (either owner or something else unique). - port uint16 // port of the record (used for address records, A and AAAA). - addr string // address of the record (A and AAAA). -} - -// isDuplicate uses m to see if the combo (name, addr, port) already exists. If it does -// not exist already IsDuplicate will also add the record to the map. -func isDuplicate(m map[item]struct{}, name, addr string, port uint16) bool { - if addr != "" { - _, ok := m[item{name, 0, addr}] - if !ok { - m[item{name, 0, addr}] = struct{}{} - } - return ok - } - _, ok := m[item{name, port, ""}] - if !ok { - m[item{name, port, ""}] = struct{}{} - } - return ok -} diff --git a/vendor/github.com/coredns/coredns/plugin/k8s_external/setup.go b/vendor/github.com/coredns/coredns/plugin/k8s_external/setup.go deleted file mode 100644 index f42f7de2..00000000 --- a/vendor/github.com/coredns/coredns/plugin/k8s_external/setup.go +++ /dev/null @@ -1,88 +0,0 @@ -package external - -import ( - "errors" - "strconv" - - "github.com/coredns/caddy" - "github.com/coredns/coredns/core/dnsserver" - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/pkg/upstream" -) - -const pluginName = "k8s_external" - -func init() { plugin.Register(pluginName, setup) } - -func setup(c *caddy.Controller) error { - e, err := parse(c) - if err != nil { - return plugin.Error("k8s_external", err) - } - - // Do this in OnStartup, so all plugins have been initialized. - c.OnStartup(func() error { - m := dnsserver.GetConfig(c).Handler("kubernetes") - if m == nil { - return plugin.Error(pluginName, errors.New("kubernetes plugin not loaded")) - } - - x, ok := m.(Externaler) - if !ok { - return plugin.Error(pluginName, errors.New("kubernetes plugin does not implement the Externaler interface")) - } - - e.externalFunc = x.External - e.externalAddrFunc = x.ExternalAddress - e.externalServicesFunc = x.ExternalServices - e.externalSerialFunc = x.ExternalSerial - return nil - }) - - e.upstream = upstream.New() - - dnsserver.GetConfig(c).AddPlugin(func(next plugin.Handler) plugin.Handler { - e.Next = next - return e - }) - - return nil -} - -func parse(c *caddy.Controller) (*External, error) { - e := New() - - for c.Next() { // external - e.Zones = plugin.OriginsFromArgsOrServerBlock(c.RemainingArgs(), c.ServerBlockKeys) - for c.NextBlock() { - switch c.Val() { - case "ttl": - args := c.RemainingArgs() - if len(args) == 0 { - return nil, c.ArgErr() - } - t, err := strconv.Atoi(args[0]) - if err != nil { - return nil, err - } - if t < 0 || t > 3600 { - return nil, c.Errf("ttl must be in range [0, 3600]: %d", t) - } - e.ttl = uint32(t) - case "apex": - args := c.RemainingArgs() - if len(args) == 0 { - return nil, c.ArgErr() - } - e.apex = args[0] - case "headless": - e.headless = true - case "fallthrough": - e.Fall.SetZonesFromArgs(c.RemainingArgs()) - default: - return nil, c.Errf("unknown property '%s'", c.Val()) - } - } - } - return e, nil -} diff --git a/vendor/github.com/coredns/coredns/plugin/k8s_external/transfer.go b/vendor/github.com/coredns/coredns/plugin/k8s_external/transfer.go deleted file mode 100644 index 781f19f2..00000000 --- a/vendor/github.com/coredns/coredns/plugin/k8s_external/transfer.go +++ /dev/null @@ -1,150 +0,0 @@ -package external - -import ( - "context" - "strings" - - "github.com/coredns/coredns/plugin" - "github.com/coredns/coredns/plugin/etcd/msg" - "github.com/coredns/coredns/plugin/kubernetes" - "github.com/coredns/coredns/plugin/transfer" - "github.com/coredns/coredns/request" - - "github.com/miekg/dns" -) - -// Transfer implements transfer.Transferer -func (e *External) Transfer(zone string, serial uint32) (<-chan []dns.RR, error) { - z := plugin.Zones(e.Zones).Matches(zone) - if z != zone { - return nil, transfer.ErrNotAuthoritative - } - - ctx := context.Background() - ch := make(chan []dns.RR, 2) - if zone == "." { - zone = "" - } - state := request.Request{Zone: zone} - - // SOA - soa := e.soa(state) - ch <- []dns.RR{soa} - if serial != 0 && serial >= soa.Serial { - close(ch) - return ch, nil - } - - go func() { - // Add NS - nsName := "ns1." + e.apex + "." + zone - nsHdr := dns.RR_Header{Name: zone, Rrtype: dns.TypeNS, Ttl: e.ttl, Class: dns.ClassINET} - ch <- []dns.RR{&dns.NS{Hdr: nsHdr, Ns: nsName}} - - // Add Nameserver A/AAAA records - nsRecords := e.externalAddrFunc(state, e.headless) - for i := range nsRecords { - // externalAddrFunc returns incomplete header names, correct here - nsRecords[i].Header().Name = nsName - nsRecords[i].Header().Ttl = e.ttl - ch <- []dns.RR{nsRecords[i]} - } - - svcs, headlessSvcs := e.externalServicesFunc(zone, e.headless) - srvSeen := make(map[string]struct{}) - - for i := range svcs { - name := msg.Domain(svcs[i].Key) - - if svcs[i].TargetStrip == 0 { - // Add Service A/AAAA records - s := request.Request{Req: &dns.Msg{Question: []dns.Question{{Name: name}}}} - as, _ := e.a(ctx, []msg.Service{svcs[i]}, s) - if len(as) > 0 { - ch <- as - } - aaaas, _ := e.aaaa(ctx, []msg.Service{svcs[i]}, s) - if len(aaaas) > 0 { - ch <- aaaas - } - // Add bare SRV record, ensuring uniqueness - recs, _ := e.srv(ctx, []msg.Service{svcs[i]}, s) - for _, srv := range recs { - if !nameSeen(srvSeen, srv) { - ch <- []dns.RR{srv} - } - } - continue - } - // Add full SRV record, ensuring uniqueness - s := request.Request{Req: &dns.Msg{Question: []dns.Question{{Name: name}}}} - recs, _ := e.srv(ctx, []msg.Service{svcs[i]}, s) - for _, srv := range recs { - if !nameSeen(srvSeen, srv) { - ch <- []dns.RR{srv} - } - } - } - for key, svcs := range headlessSvcs { - // we have to strip the leading key because it's either port.protocol or endpoint - name := msg.Domain(key[:strings.LastIndex(key, "/")]) - switchKey := key[strings.LastIndex(key, "/")+1:] - switch switchKey { - case kubernetes.Endpoint: - // headless.namespace.example.com records - s := request.Request{Req: &dns.Msg{Question: []dns.Question{{Name: name}}}} - as, _ := e.a(ctx, svcs, s) - if len(as) > 0 { - ch <- as - } - aaaas, _ := e.aaaa(ctx, svcs, s) - if len(aaaas) > 0 { - ch <- aaaas - } - // Add bare SRV record, ensuring uniqueness - recs, _ := e.srv(ctx, svcs, s) - ch <- recs - for _, srv := range recs { - ch <- []dns.RR{srv} - } - - for i := range svcs { - // endpoint.headless.namespace.example.com record - s := request.Request{Req: &dns.Msg{Question: []dns.Question{{Name: msg.Domain(svcs[i].Key)}}}} - - as, _ := e.a(ctx, []msg.Service{svcs[i]}, s) - if len(as) > 0 { - ch <- as - } - aaaas, _ := e.aaaa(ctx, []msg.Service{svcs[i]}, s) - if len(aaaas) > 0 { - ch <- aaaas - } - // Add bare SRV record, ensuring uniqueness - recs, _ := e.srv(ctx, []msg.Service{svcs[i]}, s) - ch <- recs - for _, srv := range recs { - ch <- []dns.RR{srv} - } - } - - case kubernetes.PortProtocol: - s := request.Request{Req: &dns.Msg{Question: []dns.Question{{Name: name}}}} - recs, _ := e.srv(ctx, svcs, s) - ch <- recs - } - } - ch <- []dns.RR{soa} - close(ch) - }() - - return ch, nil -} - -func nameSeen(namesSeen map[string]struct{}, rr dns.RR) bool { - if _, duplicate := namesSeen[rr.Header().Name]; duplicate { - return true - } - namesSeen[rr.Header().Name] = struct{}{} - return false -} diff --git a/vendor/github.com/coredns/coredns/plugin/kubernetes/README.md b/vendor/github.com/coredns/coredns/plugin/kubernetes/README.md deleted file mode 100644 index eb5cac03..00000000 --- a/vendor/github.com/coredns/coredns/plugin/kubernetes/README.md +++ /dev/null @@ -1,249 +0,0 @@ -# kubernetes - -## Name - -*kubernetes* - enables reading zone data from a Kubernetes cluster. - -## Description - -This plugin implements the [Kubernetes DNS-Based Service Discovery -Specification](https://github.com/kubernetes/dns/blob/master/docs/specification.md). - -CoreDNS running the kubernetes plugin can be used as a replacement for kube-dns in a kubernetes -cluster. See the [deployment](https://github.com/coredns/deployment) repository for details on [how -to deploy CoreDNS in Kubernetes](https://github.com/coredns/deployment/tree/master/kubernetes). - -[stubDomains and upstreamNameservers](https://kubernetes.io/blog/2017/04/configuring-private-dns-zones-upstream-nameservers-kubernetes/) -are implemented via the *forward* plugin. See the examples below. - -This plugin can only be used once per Server Block. - -## Syntax - -~~~ -kubernetes [ZONES...] -~~~ - -With only the plugin specified, the *kubernetes* plugin will default to the zone specified in -the server's block. It will handle all queries in that zone and connect to Kubernetes in-cluster. It -will not provide PTR records for services or A records for pods. If **ZONES** is used it specifies -all the zones the plugin should be authoritative for. - -``` -kubernetes [ZONES...] { - endpoint URL - tls CERT KEY CACERT - kubeconfig KUBECONFIG [CONTEXT] - namespaces NAMESPACE... - labels EXPRESSION - pods POD-MODE - endpoint_pod_names - ttl TTL - noendpoints - fallthrough [ZONES...] - ignore empty_service -} -``` - -* `endpoint` specifies the **URL** for a remote k8s API endpoint. - If omitted, it will connect to k8s in-cluster using the cluster service account. -* `tls` **CERT** **KEY** **CACERT** are the TLS cert, key and the CA cert file names for remote k8s connection. - This option is ignored if connecting in-cluster (i.e. endpoint is not specified). -* `kubeconfig` **KUBECONFIG [CONTEXT]** authenticates the connection to a remote k8s cluster using a kubeconfig file. - **[CONTEXT]** is optional, if not set, then the current context specified in kubeconfig will be used. - It supports TLS, username and password, or token-based authentication. - This option is ignored if connecting in-cluster (i.e., the endpoint is not specified). -* `namespaces` **NAMESPACE [NAMESPACE...]** only exposes the k8s namespaces listed. - If this option is omitted all namespaces are exposed -* `namespace_labels` **EXPRESSION** only expose the records for Kubernetes namespaces that match this label selector. - The label selector syntax is described in the - [Kubernetes User Guide - Labels](https://kubernetes.io/docs/user-guide/labels/). An example that - only exposes namespaces labeled as "istio-injection=enabled", would use: - `labels istio-injection=enabled`. -* `labels` **EXPRESSION** only exposes the records for Kubernetes objects that match this label selector. - The label selector syntax is described in the - [Kubernetes User Guide - Labels](https://kubernetes.io/docs/user-guide/labels/). An example that - only exposes objects labeled as "application=nginx" in the "staging" or "qa" environments, would - use: `labels environment in (staging, qa),application=nginx`. -* `pods` **POD-MODE** sets the mode for handling IP-based pod A records, e.g. - `1-2-3-4.ns.pod.cluster.local. in A 1.2.3.4`. - This option is provided to facilitate use of SSL certs when connecting directly to pods. Valid - values for **POD-MODE**: - - * `disabled`: Default. Do not process pod requests, always returning `NXDOMAIN` - * `insecure`: Always return an A record with IP from request (without checking k8s). This option - is vulnerable to abuse if used maliciously in conjunction with wildcard SSL certs. This - option is provided for backward compatibility with kube-dns. - * `verified`: Return an A record if there exists a pod in same namespace with matching IP. This - option requires substantially more memory than in insecure mode, since it will maintain a watch - on all pods. - -* `endpoint_pod_names` uses the pod name of the pod targeted by the endpoint as - the endpoint name in A records, e.g., - `endpoint-name.my-service.namespace.svc.cluster.local. in A 1.2.3.4` - By default, the endpoint-name name selection is as follows: Use the hostname - of the endpoint, or if hostname is not set, use the dashed form of the endpoint - IP address (e.g., `1-2-3-4.my-service.namespace.svc.cluster.local.`) - If this directive is included, then name selection for endpoints changes as - follows: Use the hostname of the endpoint, or if hostname is not set, use the - pod name of the pod targeted by the endpoint. If there is no pod targeted by - the endpoint or pod name is longer than 63, use the dashed IP address form. -* `ttl` allows you to set a custom TTL for responses. The default is 5 seconds. The minimum TTL allowed is - 0 seconds, and the maximum is capped at 3600 seconds. Setting TTL to 0 will prevent records from being cached. -* `noendpoints` will turn off the serving of endpoint records by disabling the watch on endpoints. - All endpoint queries and headless service queries will result in an NXDOMAIN. -* `fallthrough` **[ZONES...]** If a query for a record in the zones for which the plugin is authoritative - results in NXDOMAIN, normally that is what the response will be. However, if you specify this option, - the query will instead be passed on down the plugin chain, which can include another plugin to handle - the query. If **[ZONES...]** is omitted, then fallthrough happens for all zones for which the plugin - is authoritative. If specific zones are listed (for example `in-addr.arpa` and `ip6.arpa`), then only - queries for those zones will be subject to fallthrough. -* `ignore empty_service` returns NXDOMAIN for services without any ready endpoint addresses (e.g., ready pods). - This allows the querying pod to continue searching for the service in the search path. - The search path could, for example, include another Kubernetes cluster. - -Enabling zone transfer is done by using the *transfer* plugin. - -## Startup - -When CoreDNS starts with the *kubernetes* plugin enabled, it will delay serving DNS for up to 5 seconds -until it can connect to the Kubernetes API and synchronize all object watches. If this cannot happen within -5 seconds, then CoreDNS will start serving DNS while the *kubernetes* plugin continues to try to connect -and synchronize all object watches. CoreDNS will answer SERVFAIL to any request made for a Kubernetes record -that has not yet been synchronized. - -## Monitoring Kubernetes Endpoints - -The *kubernetes* plugin watches Endpoints via the `discovery.EndpointSlices` API. - -## Ready - -This plugin reports readiness to the ready plugin. This will happen after it has synced to the -Kubernetes API. - -## PTR Records - -This plugin creates PTR records for every Pod selected by a Service. If a given Pod is selected by more than -one Service a separate PTR record will exist for each Service selecting it. - -## Examples - -Handle all queries in the `cluster.local` zone. Connect to Kubernetes in-cluster. Also handle all -`in-addr.arpa` `PTR` requests for `10.0.0.0/17` . Verify the existence of pods when answering pod -requests. - -~~~ txt -10.0.0.0/17 cluster.local { - kubernetes { - pods verified - } -} -~~~ - -Or you can selectively expose some namespaces: - -~~~ txt -kubernetes cluster.local { - namespaces test staging -} -~~~ - -Connect to Kubernetes with CoreDNS running outside the cluster: - -~~~ txt -kubernetes cluster.local { - endpoint https://k8s-endpoint:8443 - tls cert key cacert -} -~~~ - -## stubDomains and upstreamNameservers - -Here we use the *forward* plugin to implement a stubDomain that forwards `example.local` to the nameserver `10.100.0.10:53`. -Also configured is an upstreamNameserver `8.8.8.8:53` that will be used for resolving names that do not fall in `cluster.local` -or `example.local`. - -~~~ txt -cluster.local:53 { - kubernetes cluster.local -} -example.local { - forward . 10.100.0.10:53 -} - -. { - forward . 8.8.8.8:53 -} -~~~ - -The configuration above represents the following Kube-DNS stubDomains and upstreamNameservers configuration. - -~~~ txt -stubDomains: | - {“example.local”: [“10.100.0.10:53”]} -upstreamNameservers: | - [“8.8.8.8:53”] -~~~ - -## AutoPath - -The *kubernetes* plugin can be used in conjunction with the *autopath* plugin. Using this -feature enables server-side domain search path completion in Kubernetes clusters. Note: `pods` must -be set to `verified` for this to function properly. Furthermore, the remote IP address in the DNS -packet received by CoreDNS must be the IP address of the Pod that sent the request. - - cluster.local { - autopath @kubernetes - kubernetes { - pods verified - } - } - -## Metadata - -The kubernetes plugin will publish the following metadata, if the *metadata* -plugin is also enabled: - - * `kubernetes/endpoint`: the endpoint name in the query - * `kubernetes/kind`: the resource kind (pod or svc) in the query - * `kubernetes/namespace`: the namespace in the query - * `kubernetes/port-name`: the port name in an SRV query - * `kubernetes/protocol`: the protocol in an SRV query - * `kubernetes/service`: the service name in the query - * `kubernetes/client-namespace`: the client pod's namespace (see requirements below) - * `kubernetes/client-pod-name`: the client pod's name (see requirements below) - * `kubernetes/client-label/